公开(公告)号：US12206646B2

公开(公告)日：2025-01-21

申请号：US18537156

申请日：2023-12-12

Applicant: Cisco Technology, Inc.

Inventor： David Hanes ,  Gonzalo Salgueiro ,  Sebastian Jeuk ,  Robert Edgar Barton

IPC: H04L9/40 ,  H04L65/102

Abstract: Techniques for associating manufacturer usage description (MUD) security profiles for Internet-of-Things (IoT) device(s) with secure access service edge (SASE) solutions, providing for automated and scalable integration of IoT devices with SASE frameworks. A MUD controller may utilize a MUD uniform resource identifier (URI) emitted by an IoT device to fetch an associated MUD file from a MUD file server associated with a manufacturer of the IoT device. The MUD controller may determine that a security recommendation included in the MUD file is to be implemented by a cloud-based security service provided by the SASE service and cause the IoT device to establish a connection with a secure internet gateway associated with the cloud-based security service. Additionally, or alternatively, the MUD file may include SASE extensions indicating manufacturer recommended cloud-based security services. Further, cloud-based security services may be implemented if local services are unavailable.

公开(公告)号：US20250023923A1

公开(公告)日：2025-01-16

申请号：US18765415

申请日：2024-07-08

Applicant: TOYOTA JIDOSHA KABUSHIKI KAISHA

Inventor： Seigo TAKAI

IPC: H04L65/102 ,  H04L12/40 ,  H04L12/66 ,  H04L45/00

Abstract: A vehicle on-board network system includes networks, each including electronic control units and a communication bus connecting the electronic control units, and a gateway connected to the networks and configured to allow the electronic control units to communicate with each other in compliance with a CAN protocol. The gateway device includes a processing device configured to refer to a frame included in an activation request message identifying an electronic control unit that needs to be activated to determine a destination of the activation request message so as to transmit the activation request message to only a network that includes the electronic control unit that needs to be activated.

公开(公告)号：US12166663B2

公开(公告)日：2024-12-10

申请号：US18130397

申请日：2023-04-03

Applicant: Twilio Inc.

Inventor： Brian Tarricone ,  Edward Kim ,  Ameya Lokare ,  Jonas Boerjesson

IPC: H04L45/12 ,  H04L45/302 ,  H04L65/102 ,  H04L65/1104 ,  H04L67/104 ,  H04L65/1045 ,  H04L65/1069

Abstract: A system and method for selecting a client gateway device to establish a path between client devices is provided. A method includes associating a first client gateway device of a first geographic region and a second client gateway device of a second geographic region with a first communication endpoint of a first client device, and associating a third client gateway device with a second client device, wherein the third client gateway device is a gateway of the first geographic region. The method also includes receiving a communication invitation directed to the first communication endpoint from the second client device via the third client gateway device, and responsive to receiving the communication invitation, selecting one of the first client gateway device or the second client gateway device. The method further includes establishing a communication path between the second client device and the first client device via the selected client gateway device and the third client gateway device.

公开(公告)号：US20240380737A1

公开(公告)日：2024-11-14

申请号：US18195932

申请日：2023-05-10

Applicant: Charter Communications Operating, LLC

Inventor： James Brown ,  Marek Dohojda

IPC: H04L9/40 ,  H04L65/102

Abstract: At a security gateway residing within a trusted computer network, a service request is obtained from an external client and is authenticated. In response, one instance of a plurality of available application instances is identified. The instances are hosted on a plurality of hosts having a plurality of firewalls, and the firewalls and the hosts reside within the network. The firewalls have been initially defaulted to block external access to all instances. A corresponding one of the hosts, within the trusted computer network, and corresponding to the identified one of the plurality of available application instances, is instructed to open a corresponding one of the firewalls to a network address corresponding to the external client. The external client is advised of a destination identifier and port corresponding to the opening of the firewall, to facilitate the external client communicating with the corresponding one of the hosts.

公开(公告)号：US12058188B2

公开(公告)日：2024-08-06

申请号：US17308509

申请日：2021-05-05

Applicant: ARRIS Enterprises LLC

Inventor： Mark Stephen Griffiths ,  Matthew Stephen Frick

IPC: H04L65/611 ,  H04L61/251 ,  H04L61/4511 ,  H04L65/102 ,  H04L101/663

CPC classification number: H04L65/611 ,  H04L61/251 ,  H04L61/4511 ,  H04L65/102 ,  H04L2101/663

Abstract: A network address translation (NAT) gateway intercepts packets and determines whether they contain multicast domain name server (mDNS) query or response messages. Upon receiving an mDNS message, the NAT gateway performs address translation to assign a new source address and stores the original source address in a translation table. The NAT gateway then forwards the message to all adjacent networks in order to expand the reach of the packet. If the mDNS messages establish a new client-server connection, the NAT gateway brokers the connection by either acting as a proxy or continuing to perform network address translation.

公开(公告)号：US12052159B2

公开(公告)日：2024-07-30

申请号：US16021807

申请日：2018-06-28

Applicant: LiveQoS Inc.

Inventor： Miika Anttoni Klemetti ,  Benjamin Skinner

IPC: H04L45/02 ,  G06N20/00 ,  H04L41/0813 ,  H04L41/0823 ,  H04L41/5019 ,  H04L65/102 ,  H04L65/80

CPC classification number: H04L45/08 ,  G06N20/00 ,  H04L41/0813 ,  H04L41/0823 ,  H04L41/5019 ,  H04L65/102 ,  H04L65/80

Abstract: A method for configuring a data path comprising receiving, by a gateway server, a network request from a source to a destination. The network request is associated with a path quality level. A plurality of possible links between the gateway server and a destination server is determined. Each of the plurality of possible links is associated with one of a plurality of predictive models. Each of the plurality of predictive models produces an estimate of a link quality level. Utilizing the plurality of predictive models, a plurality of links between the gateway server and the destination server utilizing the plurality of possible links is selected. The plurality of selected links forms a selected path that satisfies the path quality level. A plurality of routers at both ends of the plurality of selected links are configured to fulfill the network request.

公开(公告)号：US12047425B1

公开(公告)日：2024-07-23

申请号：US18198565

申请日：2023-05-17

Applicant: Cisco Technology, Inc.

Inventor： Eduard Schornig ,  Jean-Philippe Vasseur ,  Grégory Mermoud ,  Michal Wladyslaw Garcarz ,  Pierre-André Savalle

IPC: H04L65/102 ,  H04L41/147 ,  H04L45/24

CPC classification number: H04L65/102 ,  H04L41/147 ,  H04L45/24

Abstract: In one embodiment, a device makes a determination that user application experience is degraded for a client endpoint of an online application due to a current path in a network that conveys application traffic associated with the online application. A device identifies a bypass path in the network for the application traffic. The device provisions an optimization gateway along the bypass path to forward the application traffic from the client endpoint to the online application. The device causes an endpoint agent executed by the client endpoint to send the application traffic to the optimization gateway for forwarding to the online application via the bypass path.

公开(公告)号：US11991788B2

公开(公告)日：2024-05-21

申请号：US18126126

申请日：2023-03-24

Applicant: Listat Ltd.

Inventor： Ievgen Verzun ,  Oleksandr Holub ,  Richard K. Williams

IPC: H04W88/16 ,  H04L9/40 ,  H04L12/28 ,  H04L65/102 ,  H04L65/1069 ,  H04W4/06 ,  H04W12/03 ,  H04W28/12 ,  H04W84/12 ,  H04W88/06

CPC classification number: H04W88/16 ,  H04L12/28 ,  H04L63/0428 ,  H04L63/18 ,  H04L63/30 ,  H04L65/102 ,  H04L65/1069 ,  H04W4/06 ,  H04W12/03 ,  H04W28/12 ,  H04W84/12 ,  H04W88/06

Abstract: A variety of techniques for concealing the content of a communication between a client device, such as a cell phone or laptop, and a network or cloud of media nodes are disclosed. Among the techniques are routing data packets in the communication to different gateway nodes in the cloud, sending the packets over different physical media, such as an Ethernet cable or WiFi channel, and disguising the packets by giving them different source addressees. Also disclosed are a technique for muting certain participants in a conference call and a highly secure method of storing data files.

公开(公告)号：US20240154836A1

公开(公告)日：2024-05-09

申请号：US18329280

申请日：2023-06-05

Applicant: KIP PROD P1 LP

Inventor： Amir Ansari ,  George A. Cowgill ,  Leon E. Nicholls ,  Jude P. Ramayya ,  Ramprakash Masina ,  Alvin R. McQuarters ,  Atousa Raissyan

IPC: H04L12/28 ,  G05B15/02 ,  G05B19/042 ,  G06F16/64 ,  G06F16/68 ,  G06Q30/04 ,  G08B13/196 ,  G10L15/22 ,  H04L9/40 ,  H04L12/66 ,  H04L41/0803 ,  H04L41/12 ,  H04L41/22 ,  H04L47/80 ,  H04L49/25 ,  H04L61/4552 ,  H04L65/102 ,  H04L65/1101 ,  H04L67/01 ,  H04L67/104 ,  H04L67/125 ,  H04L67/141 ,  H04L67/51 ,  H04L67/53 ,  H04W12/033 ,  H04W12/0431 ,  H04W12/065 ,  H04W12/30

CPC classification number: H04L12/2807 ,  G05B15/02 ,  G05B19/042 ,  G06F16/64 ,  G06F16/68 ,  G06Q30/04 ,  G08B13/19656 ,  G10L15/22 ,  H04L12/2803 ,  H04L12/2812 ,  H04L12/2814 ,  H04L12/2816 ,  H04L12/2818 ,  H04L12/66 ,  H04L41/0803 ,  H04L41/12 ,  H04L41/22 ,  H04L47/80 ,  H04L49/25 ,  H04L61/4552 ,  H04L63/02 ,  H04L63/08 ,  H04L63/0876 ,  H04L63/10 ,  H04L63/20 ,  H04L65/102 ,  H04L65/1101 ,  H04L67/01 ,  H04L67/104 ,  H04L67/125 ,  H04L67/141 ,  H04L67/51 ,  H04L67/53 ,  H04W12/033 ,  H04W12/0431 ,  H04W12/065 ,  H04W12/35 ,  H04N21/00

Abstract: A service management system communicates via wide area network with gateway devices located at respective user premises. The service management system remotely manages delivery of application services, which can be voice controlled, by a gateway, e.g. by selectively activating/deactivating service logic modules in the gateway. The service management system also may selectively provide secure communications and exchange of information among gateway devices and among associated endpoint devices. An exemplary service management system includes a router connected to the network and one or more computer platforms, for implementing management functions. Examples of the functions include a connection manager for controlling system communications with the gateway devices, an authentication manager for authenticating each gateway device and controlling the connection manager and a subscription manager for managing applications services and/or features offered by the gateway devices. A service manager, controlled by the subscription manager, distributes service specific configuration data to authenticated gateway devices.

公开(公告)号：US20240146696A1

公开(公告)日：2024-05-02

申请号：US18537156

申请日：2023-12-12

Applicant: Cisco Technology, Inc.

Inventor： David Hanes ,  Gonzalo Salgueiro ,  Sebastian Jeuk ,  Robert Edgar Barton

IPC: H04L9/40 ,  H04L65/102

CPC classification number: H04L63/0263 ,  H04L63/1416 ,  H04L63/1425 ,  H04L63/20 ,  H04L65/102

Abstract: Techniques for associating manufacturer usage description (MUD) security profiles for Internet-of-Things (IoT) device(s) with secure access service edge (SASE) solutions, providing for automated and scalable integration of IoT devices with SASE frameworks. A MUD controller may utilize a MUD uniform resource identifier (URI) emitted by an IoT device to fetch an associated MUD file from a MUD file server associated with a manufacturer of the IoT device. The MUD controller may determine that a security recommendation included in the MUD file is to be implemented by a cloud-based security service provided by the SASE service and cause the IoT device to establish a connection with a secure internet gateway associated with the cloud-based security service. Additionally, or alternatively, the MUD file may include SASE extensions indicating manufacturer recommended cloud-based security services. Further, cloud-based security services may be implemented if local services are unavailable.