-
公开(公告)号:US11316858B2
公开(公告)日:2022-04-26
申请号:US16859173
申请日:2020-04-27
Applicant: Juniper Networks, Inc.
Abstract: A device may include one or more processors to establish a media access control security (MACsec) key agreement (MKA) session between a first network device and a second network device via a MACsec link; establish a fast heartbeat session via the MACsec communication link, between a first packet processing engine of the first network device and a second packet processing engine of the second network device, to permit the first packet processing engine and the second packet processing engine to exchange fast heartbeat messages via the fast heartbeat session and the MACsec communication link; determine, based on the fast heartbeat session, that the MKA session has ended; and/or perform an action based on the MKA session ending.
-
公开(公告)号:US12041052B2
公开(公告)日:2024-07-16
申请号:US18327408
申请日:2023-06-01
Applicant: Juniper Networks, Inc.
Inventor: Nikhil Gavraskar , Veena Choudhary , Sachin Mutalik Desai
IPC: H04L9/40
CPC classification number: H04L63/10 , H04L63/065
Abstract: A network device may communicate with another network device via a media access control security (MACsec) key agreement (MKA) communication link, wherein an MKA session has been established between the network device and the other network device. The network device may determine that the other network device is unavailable. The network device may cause, based on determining that the other network device is unavailable, an MKA state of the network device to be placed in a paused state. The network device may receive, after causing the MKA state of the network device to be placed in the paused state, a packet from the other network device via the MKA communication link. The network device may determine, based on the packet, that the MKA session has not ended. The network device may continue, based on the MKA session having not ended, the MKA session by reactivating the MKA state.
-
公开(公告)号:US20230079217A1
公开(公告)日:2023-03-16
申请号:US18057781
申请日:2022-11-22
Applicant: Juniper Networks, Inc.
Inventor: Baba Syed Mazaz Hussain , Sachin Mutalik Desai
IPC: H04L9/08 , H04L69/324 , H04L65/1069 , H04L43/10
Abstract: A network device may establish a media access control security (MACsec) key agreement (MKA) session with another network device via a MACsec communication link; establish a fast heartbeat session via the MACsec communication link, between a first packet processing engine of the network device and a second packet processing engine of the other network device, where the fast heartbeat session is to permit the first packet processing engine and the second packet processing engine to exchange fast heartbeat messages via the fast heartbeat session and the MACsec communication link; place an MKA protocol of the MKA session in a pause state until the first packet processing engine detects a rekey event; determine that a key for the MKA session is to be regenerated based on detection of the rekey event; and perform an action based on the rekey event for the MKA session.
-
公开(公告)号:US11711367B2
公开(公告)日:2023-07-25
申请号:US16824028
申请日:2020-03-19
Applicant: Juniper Networks, Inc.
Inventor: Nikhil Gavraskar , Veena Choudhary , Sachin Mutalik Desai
IPC: H04L9/40
CPC classification number: H04L63/10 , H04L63/065
Abstract: A network device may communicate with another network device via a media access control security (MACsec) key agreement (MKA) communication link, wherein an MKA session has been established between the network device and the other network device. The network device may determine that the other network device is unavailable. The network device may cause, based on determining that the other network device is unavailable, an MKA state of the network device to be placed in a paused state. The network device may receive, after causing the MKA state of the network device to be placed in the paused state, a packet from the other network device via the MKA communication link. The network device may determine, based on the packet, that the MKA session has not ended. The network device may continue, based on the MKA session having not ended, the MKA session by reactivating the MKA state.
-
Patent Agency Ranking
5.发明申请公开(公告)号:US20200259834A1
公开(公告)日:2020-08-13
申请号:US16859173
申请日:2020-04-27
Applicant: Juniper Networks, Inc.
Abstract: A device may include one or more processors to establish a media access control security (MACsec) key agreement (MKA) session between a first network device and a second network device via a MACsec link; establish a fast heartbeat session via the MACsec communication link, between a first packet processing engine of the first network device and a second packet processing engine of the second network device, to permit the first packet processing engine and the second packet processing engine to exchange fast heartbeat messages via the fast heartbeat session and the MACsec communication link; determine, based on the fast heartbeat session, that the MKA session has ended; and/or perform an action based on the MKA session ending.
-
公开(公告)号:US10469461B1
公开(公告)日:2019-11-05
申请号:US15730356
申请日:2017-10-11
Applicant: Juniper Networks, Inc.
Inventor: Avinash Kumar Singh , Sachin Mutalik Desai , Vaibhav Agarwal , Mohit Joshi
IPC: H04L29/06 , G06F9/455 , H04L12/813
Abstract: A device may receive a packet from a first endpoint that is destined for a second endpoint. The first endpoint may be hosted on the device. The device may determine whether a secure session exists between the first endpoint and the second endpoint. The secure session may permit encrypted traffic to be exchanged between the first endpoint and the second endpoint. The device may process the packet using a set of rules after determining whether the secure session exists between the first endpoint and the second endpoint. The device may encrypt the packet using security information associated with the secure session after determining that the secure session exists, or establishing the secure session when the secure session does not exist. The device may provide the packet toward the second endpoint after encrypting the packet.
-
公开(公告)号:US11895228B2
公开(公告)日:2024-02-06
申请号:US18057781
申请日:2022-11-22
Applicant: Juniper Networks, Inc.
Inventor: Baba Syed Mazaz Hussain , Sachin Mutalik Desai
IPC: H04L9/08 , H04L65/1069 , H04L69/324 , H04L43/10
CPC classification number: H04L9/0838 , H04L9/0891 , H04L43/10 , H04L65/1069 , H04L69/324
Abstract: A network device may establish a media access control security (MACsec) key agreement (MKA) session with another network device via a MACsec communication link; establish a fast heartbeat session via the MACsec communication link, between a first packet processing engine of the network device and a second packet processing engine of the other network device, where the fast heartbeat session is to permit the first packet processing engine and the second packet processing engine to exchange fast heartbeat messages via the fast heartbeat session and the MACsec communication link; place an MKA protocol of the MKA session in a pause state until the first packet processing engine detects a rekey event; determine that a key for the MKA session is to be regenerated based on detection of the rekey event; and perform an action based on the rekey event for the MKA session.
-
公开(公告)号:US11539513B1
公开(公告)日:2022-12-27
申请号:US15891089
申请日:2018-02-07
Applicant: Juniper Networks, Inc.
Inventor: Baba Syed Mazaz Hussain , Sachin Mutalik Desai
IPC: H04L29/06 , H04L9/08 , H04L65/1069 , H04L69/324 , H04L43/10
Abstract: A network device may establish a media access control security (MACsec) key agreement (MKA) session with another network device via a MACsec communication link; establish a fast heartbeat session via the MACsec communication link, between a first packet processing engine of the network device and a second packet processing engine of the other network device, where the fast heartbeat session is to permit the first packet processing engine and the second packet processing engine to exchange fast heartbeat messages via the fast heartbeat session and the MACsec communication link; place an MKA protocol of the MKA session in a pause state until the first packet processing engine detects a rekey event; determine that a key for the MKA session is to be regenerated based on detection of the rekey event; and perform an action based on the rekey event for the MKA session.
-
公开(公告)号:US11115391B2
公开(公告)日:2021-09-07
申请号:US16668807
申请日:2019-10-30
Applicant: Juniper Networks, Inc.
Inventor: Avinash Kumar Singh , Sachin Mutalik Desai , Vaibhav Agarwal , Mohit Joshi
IPC: H04L29/06 , G06F9/455 , H04L12/813
Abstract: A device may receive a packet from a first endpoint that is destined for a second endpoint. The first endpoint may be hosted on the device. The device may determine whether a secure session exists between the first endpoint and the second endpoint. The secure session may permit encrypted traffic to be exchanged between the first endpoint and the second endpoint. The device may process the packet using a set of rules after determining whether the secure session exists between the first endpoint and the second endpoint. The device may encrypt the packet using security information associated with the secure session after determining that the secure session exists, or establishing the secure session when the secure session does not exist. The device may provide the packet toward the second endpoint after encrypting the packet.
-
-
-
-
-
-
-
-
Search Results
9
records
(took 0.012 seconds)
