Cisco Technology, Inc. patent applications on January 25th, 2024
Patent Applications by Cisco Technology, Inc. on January 25th, 2024
Cisco Technology, Inc.: 46 patent applications
Cisco Technology, Inc. has applied for patents in the areas of H04W12/06 (7), H04L9/40 (7), G06F21/54 (6), H04B10/40 (6), G06F2221/033 (5)
With keywords such as: based, network, device, techniques, control, data, include, flow, application, and access in patent application abstracts.
Patent Applications by Cisco Technology, Inc.
20240027561.LOW-PROFILE ANGLE OF ARRIVAL ANTENNAS_simplified_abstract_(cisco technology, inc.)
Inventor(s): Danielle N. BANE of Cleveland OH (US) for cisco technology, inc., Jonathan M. CYPHERT of Richfield OH (US) for cisco technology, inc., Sivadeep R. KALAVAKURU of Akron OH (US) for cisco technology, inc., Ashish Pasha SHEIKH of Akron OH (US) for cisco technology, inc., Matthew A. SILVERMAN of Shaker Heights OH (US) for cisco technology, inc.
IPC Code(s): G01S3/04, H01Q5/307, H01Q7/00, H01Q9/30, H01Q21/20
Abstract: the present disclosure provides a dual mode antenna, comprising: a first conductive piece; and a second conductive piece, configured to electromagnetically couple with the first conductive piece through a dielectric at a second frequency to operate as a loop antenna with the first conductive piece and configured to operate independently of the first conductive piece at a first frequency to operate as a monopole antenna. the dual mode antenna can be included in an antenna array as one of a plurality of dual mode antennas coupled to a routing substrate or a reference dual mode antenna coupled to the routing substrate along with a plurality of single mode antennas coupled to the routing substrate; wherein each antenna of the plurality of dual mode antennas, the reference dual mode antenna, and the plurality of single mode antennas is arranged evenly relative to a first neighboring antenna and a second neighboring antenna.
20240028489.ADAPTIVE APPLICATION RECOVERY_simplified_abstract_(cisco technology, inc.)
Inventor(s): Javed Asghar of Dublin CA (US) for cisco technology, inc., Rajagopalan Janakiraman of Cupertino CA (US) for cisco technology, inc., Raghu Rajendra Arur of New Delhi (IN) for cisco technology, inc.
IPC Code(s): G06F11/20, G06F11/30, H04L67/00
Abstract: this disclosure describes techniques for adaptive disaster recovery of applications running on network devices. the techniques include generating an application template and an application template clone that include application attributes usable to deploy an application stack at an application site. the techniques also include sending the application template clone to a disaster recovery site group to await deployment instructions. in some examples, an observer may determine that a health metric of the application site indicates that a disaster recovery process be triggered. a disaster recovery site of the disaster recovery site group may be selected based at least in part on a performance metric. the application stack may be deployed at the disaster recovery site utilizing the application template clone.
Inventor(s): Marisol Palmero Amador of Toledo (ES) for cisco technology, inc., Kanishka Priyadharshini Annamali of Theni (IN) for cisco technology, inc., Sebastian Jeuk of Munich (DE) for cisco technology, inc., Sayali Patil of Nashik (IN) for cisco technology, inc., Michael Francois Karl Wielpuetz of Cologne (DE) for cisco technology, inc.
IPC Code(s): G06F11/36
Abstract: a method includes receiving, at a chaos level engine, initial input parameters. the method may further include, with the chaos level engine, determining scaled input parameters based on the initial input parameters. the scaled input parameters define how the initial input parameters effect a computing environment to be tested. the method may further include, with the chaos level engine determining a chaos level for performing a chaos experiment on the computing environment based on the scaled input parameters and sending the chaos level to the computing environment for the chaos experiment. the method may further include, with the chaos level engine, receiving, from the computing environment, feedback defining an impact caused by the chaos experiment created at the computing environment and an intended level of chaos.
Inventor(s): Andrew Zawadowskiy of Hollis NH (US) for cisco technology, inc., Vincent E. Parla of North Hampton NH (US) for cisco technology, inc., Thomas Szigeti of Vancouver (CA) for cisco technology, inc., Oleg Bessonov of Littleton MA (US) for cisco technology, inc., Ashok Krishnaji Moghe of Pleasanton CA (US) for cisco technology, inc.
IPC Code(s): G06F21/51
Abstract: techniques and systems described herein relate to monitoring executions of computer instructions on computing devices based on learning and generating a control flow directed graph. the techniques and systems include determining an observation phase for a process or application on a computing device. during the observation phase, cpu telemetry is determined and used to generate a control flow directed graph. after the control flow directed graph is generated, a monitoring phase may be entered where transfers of instruction pointers are monitored based on the control flow directed graph to identify invalid transfers.
Inventor(s): Akram Sheriff of Newark CA (US) for cisco technology, inc., Timothy David Keanini of Austin TX (US) for cisco technology, inc.
IPC Code(s): G06F21/52, G06N20/00, G06F21/56
Abstract: runtime security threats are detected and analyzed for serverless functions developed for hybrid clouds or other cloud-based deployment environments. one or more serverless functions may be received and executed within a container instance executing in a controlled and monitored environment. the execution of the serverless functions is monitored, using a monitoring layer in the controlled environment to capture runtime data including container application context statistics, serverless function input and output data, and runtime parameter snapshots of the serverless functions. execution data associated with the serverless functions may be analyzed and provided to various supervised and/or unsupervised machine-learning models configured to detect and analyze runtime security threats.
Inventor(s): Andrew Zawadowskiy of Hollis NH (US) for cisco technology, inc., Vincent E. Parla of North Hampton NH (US) for cisco technology, inc., Oleg Bessonov of Littleton MA (US) for cisco technology, inc.
IPC Code(s): G06F21/54, G06F21/55
Abstract: techniques and systems described herein relate to monitoring executions of computer instructions on computing devices based on learning and generating a control flow directed graph. the techniques and systems include determining a learned control flow directed graph for executable code of an application by observing executions of transitions during an observation period and determining destinations of indirect transfers based on the learned control flow directed graph. next a disassembly of the executable code is determined based on the learned control flow directed graph, the destinations of the transfers, and the executable code.
Inventor(s): Andrew Zawadowskiy of Hollis NH (US) for cisco technology, inc., Oleg Bessonov of Littleton MA (US) for cisco technology, inc., Vincent E. Parla of North Hampton NH (US) for cisco technology, inc.
IPC Code(s): G06F21/54, G06F21/55
Abstract: techniques and systems described herein relate to monitoring executions of computer instructions on computing devices based on learning and generating a control flow directed graph. the techniques and systems include determining a learned control flow directed graph for a process executed on the computing system. a system call is identified during execution of the process as well as a predetermined number of transitions leading to the system call. a validity of the transitions leading the system call is determined based on the learned control flow directed graph and the computing system may perform an action based on the validity.
Inventor(s): Vincent E. Parla of North Hampton NH (US) for cisco technology, inc., Andrew Zawadowskiy of Hollis NH (US) for cisco technology, inc., Oleg Bessonov of Littleton MA (US) for cisco technology, inc., Thomas Szigeti of Vancouver (CA) for cisco technology, inc., Ashok Krishnaji Moghe of Pleasanton CA (US) for cisco technology, inc.
IPC Code(s): G06F21/55, G06F21/54, G06F21/53
Abstract: techniques and systems described herein relate to monitoring executions of computer instructions on computing devices based on learning and generating a control flow directed graph. the techniques and systems include determining telemetry representing execution of a process on a computing system and accessing a learned control flow diagram graph for the process. a transfer of an instruction pointer is determined based on the telemetry and a validity of the transfer is determined based on the learned control flow directed graph. if invalid, then an action to terminate the process is determined, otherwise the action may be allowed to execute when valid.
Inventor(s): Vincent E. Parla of North Hampton NH (US) for cisco technology, inc., Andrew Zawadowskiy of Hollis NH (US) for cisco technology, inc., Thomas Szigeti of Vancouver (CA) for cisco technology, inc., Oleg Bessonov of Littleton MA (US) for cisco technology, inc., Ashok Krishnaji Moghe of Pleasanton CA (US) for cisco technology, inc.
IPC Code(s): G06F21/56, G06F21/55
Abstract: techniques and systems described herein relate to monitoring executions of computer instructions on computing devices based on observing and generating a control flow directed graph. the techniques and systems include determining an observation phase for a process or application on a computing device. during the observation phase, cpu telemetry is determined and used to generate a control flow directed graph. after the control flow directed graph is generated, a monitoring phase may be entered where transfers of instruction pointers are monitored based on the control flow directed graph to identify invalid transfers. transition to the monitoring phase may be based on determining a confidence score in the observed control flow directed graph and causing the transition when the confidence score is above a threshold.
Inventor(s): Vincent E. Parla of North Hampton NH (US) for cisco technology, inc., Thomas Szigeti of Vancouver (CA) for cisco technology, inc.
IPC Code(s): G06F21/57, G06F8/41
Abstract: techniques and systems described herein relate to monitoring executions of computer instructions on computing devices based on learning and generating a control flow directed graph. the techniques and systems include receiving a report of a first anomaly based on real-time control flow graph diagram monitoring of an application at a first system and receiving a second report of a second anomaly from a second system. an exploit report may be generated by providing the first report and the second report to a machine learning model trained to output information related to an exploit based on input reports, and subsequently to provide the output information to a cloud-based reporting tool.
Inventor(s): Andrew Zawadowskiy of Hollis NH (US) for cisco technology, inc., Vincent E. Parla of North Hampton NH (US) for cisco technology, inc., Oleg Bessonov of Littleton MA (US) for cisco technology, inc.
IPC Code(s): G06F21/57, G06F8/75, G06F8/41
Abstract: techniques and systems described herein relate to monitoring executions of computer instructions on computing devices based on learning and generating a control flow directed graph. the techniques and systems include determining a learned control flow diagram for a process on a computing system and monitoring execution of the process on the computing system using the control flow diagram. an unobserved transition is determined based on the learned control flow diagram and the unobserved transition is classified as safe or unsafe based on a monitoring component analysis. an action is performed based on the safety classification and the learned control flow diagram.
Inventor(s): Vincent E. Parla of North Hampton NH (US) for cisco technology, inc., Andrew Zawadowskiy of Hollis NH (US) for cisco technology, inc.
IPC Code(s): G06F21/57, G06F8/41
Abstract: techniques and systems described herein relate to monitoring executions of computer instructions on computing devices based on learning and generating a control flow directed graph. the techniques and systems include determining a learned control flow directed graph for a program and subsequently determining valid target destinations for transitions within the program. the instructions of the program may be executed by determining a destination for a transition, performing the transition when the destination is included in the list of valid target destinations, and performing a secondary action when the destination is not included in the list of valid target destinations.
Inventor(s): Mukund Yelahanka Raghuprasad of San Jose CA (US) for cisco technology, inc., Jean-Philippe Vasseur of Saint Martin d'Uriage (FR) for cisco technology, inc., Vinay Kumar Kolar of San Jose CA (US) for cisco technology, inc.
IPC Code(s): G06V10/776, G06V10/778
Abstract: in one embodiment, a device obtains perception results generated by one or more perception models that use media data as input that is transmitted between endpoints of an online application via a network. the device computes performance measures for the one or more perception models, based in part on the perception results and on the media data. the device quantifies, based on the performance measures, quality of experience for the online application. the device causes a configuration change to be made with respect to the online application, based on the quality of experience.
20240030599.VISUAL ANTENNA AIMING_simplified_abstract_(cisco technology, inc.)
Inventor(s): Fred J. ANDERSON of Lakeville OH (US) for cisco technology, inc., Jonathan M. CYPHERT of Richfield OH (US) for cisco technology, inc., John M. SWARTZ of Lithia FL (US) for cisco technology, inc., Daniel N. JOHNSON of Louisville OH (US) for cisco technology, inc., Danielle N. BANE of Cleveland OH (US) for cisco technology, inc.
IPC Code(s): H01Q3/34, H01Q1/22, H01Q15/02
Abstract: embodiments herein describe mounting one or more lasers onto an ap to generate a laser pattern on a surface representing the coverage area of an antenna in the ap. in one embodiment, the antenna is a steerable antenna that can be electronically or mechanical steered to point to different directions (without moving the ap as a whole). the laser or lasers can be used to visualize the coverage area of the steerable antenna when pointing in different directions. advantageously, a technician can use the laser or lasers to identify a location where, if steered, the antenna would provide the desired coverage area. the technician can then steer the antenna to point in that direction to provide the desired radio frequency (rf) coverage.
Inventor(s): Robert E. Barton of Richmond (CA) for cisco technology, inc., Francesco Basile of Pisa (IT) for cisco technology, inc., Michael Freed of Pleasanton CA (US) for cisco technology, inc., Yen Chih Lee of San Jose CA (US) for cisco technology, inc., Elango Ganesan of Palo Alto CA (US) for cisco technology, inc.
IPC Code(s): H04B7/185, H04L5/00
Abstract: according to one or more embodiments of the disclosure, a device associated with a first cluster of data sources may identify an amount of data from the first cluster of data sources to be sent by the device to a satellite. the device may send, to the satellite, a request for a transmission window that indicates the amount of data to be sent by the device to the satellite. the device may receive, from the satellite, an indication of an assigned transmission window during which the device may transmit data to the satellite. the satellite may compute the assigned transmission window based on the amount of data and such that the assigned transmission window does not overlap an assigned transmission window of a neighboring device associated with a second cluster of data sources. the device may send, during the assigned transmission window, the data towards the satellite.
20240031028.LASERLESS OPTICAL TRANSCEIVER_simplified_abstract_(cisco technology, inc.)
Inventor(s): Jock T. BOVINGTON of La Mesa CA (US) for cisco technology, inc., Mark C. NOWELL of Ottawa (CA) for cisco technology, inc.
IPC Code(s): H04B10/40, H04B10/532, H04B10/2507, H04J14/02, G02B6/42
Abstract: a system includes a first device and a second device. the first device generates a source optical signal using a first optical signal and a polarization splitter-rotator. the second device modulates the source optical signal from the first device using a first data signal to produce a first modulated optical signal. the first modulated optical signal has a polarization that is orthogonal to a polarization of the source optical signal. the first device recovers the first data signal from the first modulated optical signal using at least the polarization splitter-rotator.
Inventor(s): Antonio Caballero Jambrina of Arlington MA (US) for cisco technology, inc.
IPC Code(s): H04B10/40
Abstract: in part, the disclosure relates to a method for power saving in optical transceivers during idle activity. the method may include receiving, by a first receiver a request to initiate idle mode; identifying, based on the request to initiate the idle mode, a frequency of ping times during the idle mode; initiating the idle mode and deactivating one or more functions of the digital signal processor; receiving, by the first receiver, from the first transmitter, a plurality of ping signals on a plurality of respective ping times; and terminating, responsive to a ping signal comprising a request to end idle mode, the idle mode by activating the one or more functions of the digital signal processor.
20240031033.LASERLESS OPTICAL TRANSCEIVER_simplified_abstract_(cisco technology, inc.)
Inventor(s): Jock T. BOVINGTON of La Mesa CA (US) for cisco technology, inc., Mark C. NOWELL of Ottawa (CA) for cisco technology, inc.
IPC Code(s): H04B10/50, H04B10/40, H04B10/61
Abstract: an optical module includes an optical source, a first polarization splitter-rotator, a second polarization splitter-rotator, a first port, a second port, a third port, and a fourth port. the optical source produces an optical signal. the first polarization splitter-rotator generates a first source optical signal based at least in part on the optical signal. the second polarization splitter-rotator generates a second source optical signal based at least in part on the optical signal. the first port transmits, to a first device, the first source optical signal and receives, from the first device, a first modulated optical signal. the first polarization splitter-rotator produces a second modulated optical signal. the second port transmits, to a second device, the second source optical signal and receives, from the second device, a third modulated optical signal. the second polarization splitter-rotator produces a fourth modulated optical signal.
Inventor(s): Benjamin Jacob CIZDZIEL of San Jose CA (US) for cisco technology, inc., Brian Donald HART of Sunnyvale CA (US) for cisco technology, inc., Pooya MONAJEMI of San Jose CA (US) for cisco technology, inc., Vishal Satyendra DESAI of San Jose CA (US) for cisco technology, inc.
IPC Code(s): H04L1/00, H04L47/125, H04W16/14, H04L47/2441
Abstract: an access point in a wireless network communicates wirelessly with one or more client devices over a channel that includes a plurality of subchannels. radar is detected on a first subchannel of the plurality of subchannels. it is determined to puncture the first subchannel, based on the detecting the radar on the first subchannel and based on one or more puncturing factors. the first subchannel is punctured, the puncturing comprising muting one or more subcarriers on the first subchannel.
Inventor(s): Robert Barton of Richmond (CA) for cisco technology, inc., Jerome Henry of Pittsboro NC (US) for cisco technology, inc., Thomas Szigeti of Vancouver (CA) for cisco technology, inc., Indermeet Singh Gandhi of San Jose CA (US) for cisco technology, inc.
IPC Code(s): H04L1/08, H04L45/74, H04W28/04
Abstract: a trigger to enable data traffic replication in a wireless network may be provided. a data packet comprising a differentiated service code point (dscp) field in a header may be received. a determination may be made that the data packet comprises a candidate traffic for bi-casting. in response to determining that the data packet comprises the candidate traffic for bi-casting, a flag may be set in the dscp field in the header of the data packet. the flag triggers bi-casting of the data packet. the data packet may be sent to a destination device.
Inventor(s): Chidambaram Arunachalam of Apex NC (US) for cisco technology, inc., David C. White, JR. of St. Petersburg FL (US) for cisco technology, inc.
IPC Code(s): H04L41/5074, H04L51/02, G06F40/30
Abstract: a method is provided that is performed by a computer-implemented user support bot. the method includes obtaining from a user a support request related to software and/or hardware used, or to be used, by the user; obtaining user lifecycle journey information that tracks deployment, adoption and/or use by the user of the software and/or hardware; determining a user intent for the support request based on the user lifecycle journey information when there is ambiguity as to the user intent based solely on the support request; and providing a response to the support request based on the user intent.
Inventor(s): Alfred Clarence Lindem III of Cary NC (US) for cisco technology, inc., Peter Psenak of Bratislava (SK) for cisco technology, inc., Lester C. Ginsberg of Mount Hermon CA (US) for cisco technology, inc.
IPC Code(s): H04L45/122, H04L45/00, H04L45/02
Abstract: techniques are described for providing a method and apparatus for determining source address validation of a data packet in a network in the presence of asymmetric routing. when a data packet is received by a node such as a router, a reverse path forwarding lookup is performed to determine if the data packet was received on a next-hop interface and if the reverse path forwarding fails, a shortest path first (spf) computation at the router advertising the source route will be performed using the link state database to determine whether the data packet arrived from a valid path of the network.
Inventor(s): Sambarta DASGUPTA of Sunnyvale CA (US) for cisco technology, inc., Vinay Kumar KOLAR of San Jose CA (US) for cisco technology, inc., Jean-Philippe VASSEUR of Saint Martin d’Uriage (FR) for cisco technology, inc.
IPC Code(s): H04L45/12, H04L45/302, H04L45/00
Abstract: in one embodiment, a device generates a plurality of smoothed timeseries by applying smoothing envelopes of different durations to a timeseries of a path metric for a path in a network that is used to convey traffic of an online application. the device uses the plurality of smoothed timeseries and the timeseries of the path metric to make predictions as to whether the path will provide an unacceptable user experience in the online application. the device selects a smoothing envelope of a particular duration, by comparing performance metrics for the predictions. the device uses a timeseries of the path metric smoothed using the smoothing envelope of the particular duration to make predictive routing decisions in the network for the traffic of the online application.
Inventor(s): Mukund Yelahanka Raghuprasad of San Jose CA (US) for cisco technology, inc., Jean-Philippe VASSEUR of Saint Martin d’Uriage (FR) for cisco technology, inc., Vinay Kumar KOLAR of San Jose CA (US) for cisco technology, inc.
IPC Code(s): H04L45/12, H04L45/28, H04L43/55
Abstract: in one embodiment, a device obtains quality of experience metrics for an online application whose traffic traverses a particular interface of a router located at a first site in a network. the device identifies a correlation between throughput of the particular interface and the quality of experience metrics for the online application. the device makes a determination that the correlation is a root cause of degradation of the quality of experience metrics for the online application at least in part by determining whether throughput of an interface of a remote router located at a second site in the network is correlated with the quality of experience metrics. the device configures, based on the determination, a priority queue associated with the particular interface for use by traffic of the online application.
Inventor(s): Samir Thoria of Saratoga CA (US) for cisco technology, inc., Ram Dular Singh of Cupertino CA (US) for cisco technology, inc., Praveen Raju Kariyanahalli of San Ramon CA (US) for cisco technology, inc., Laxmikantha Reddy Ponnuru of Santa Clara CA (US) for cisco technology, inc., Ramanathan Lakshmikanthan of Santa Clara CA (US) for cisco technology, inc.
IPC Code(s): H04L45/50, H04L45/00, H04L45/02, H04L12/46
Abstract: systems and methods are provided for receiving bandwidth metrics from a plurality of routers on respective link routes in a network, compiling a link database including the bandwidth metrics of each respective link route in the network, selecting a first designated link path from the link database between a first router and a second router based on an application routing policy, the application routing policy being based on a routing metric, providing a first multiprotocol label switching label based on the first designated link path to the first router of the plurality of routers in the network, and restricting network traffic of the first router to the first designated link path provided in the first multiprotocol label switching label.
Inventor(s): Laxmikantha Reddy Ponnuru of San Ramon CA (US) for cisco technology, inc., Samir Thoria of Saratoga CA (US) for cisco technology, inc., Arul Murugan Manickam of San Jose CA (US) for cisco technology, inc., Ram Dular Singh of Cupertino CA (US) for cisco technology, inc.
IPC Code(s): H04L45/7453
Abstract: a system of one embodiment that provides stateless symmetric forwarding of packets in a computer network. the system includes a memory and a processor. the system is operable to determine a cluster state of a plurality of border routers in a cluster. the system is operable to communicate the cluster state to at least one branch node in the computer network. the system is operable to generate a network level consistent hash based on the cluster state. the system is operable to route a first packet through a first border router of the plurality of border routers in the cluster using the network level consistent hash. after the first packet is sent through a first border router, the system is further operable to route a second packet through the first border router of the plurality of border routers in the cluster using the network level consistent hash.
20240031295.STORAGE AWARE CONGESTION MANAGEMENT_simplified_abstract_(cisco technology, inc.)
Inventor(s): Harsha Bharadwaj of Bangalore (IN) for cisco technology, inc., Ramesh Sivakolundu of Saratoga CA (US) for cisco technology, inc.
IPC Code(s): H04L47/193, G06F3/06, H04L47/263
Abstract: a method of congestion mitigation may include determining whether a host is sending a read command or a write command to an nvme controller, and in response to a determination that the host is sending the read command, transmitting the read command via a first transmission control protocol (tcp) connection between the host and the nvme controller. the method may further include in response to a determination that the host is sending the write command, transmitting the write command via a second tcp connection between the host and the nvme controller.
20240031328.ENTITY MATCHING ACROSS TELEMETRIES_simplified_abstract_(cisco technology, inc.)
Inventor(s): Kyrylo Shcherbin of Praha (CZ) for cisco technology, inc., Jan Stercl of Praha (CZ) for cisco technology, inc., Jan Kohout of Roudnice nad Labem (CZ) for cisco technology, inc., Martin Kopp of Komarov (CZ) for cisco technology, inc.
IPC Code(s): H04L61/4594
Abstract: this disclosure describes techniques for matching entities across a computing network using data from different telemetries. the techniques include receiving telemetry data of the computing network, the telemetry data including identifying information corresponding to an entity, associated information of the computing network, and/or timestamps. the techniques also include establishing one or more time windows based at least in part on the timestamps. a particular time window may be determined to correspond to the associated information. the techniques may include attributing the associated information to the entity. in some cases, an address book may be maintained, including mappings of the identifying information, the associated information, and/or time windows.
Inventor(s): Jerome Henry of Pittsboro NC (US) for cisco technology, inc., Robert E. Barton of Richmond (CA) for cisco technology, inc., Stephen Michael Orr of Wallkill NY (US) for cisco technology, inc.
IPC Code(s): H04L61/5038
Abstract: techniques herein facilitate a device address rotation management protocol that may be implemented for a wireless local area network (wlan), which can be used to influence when wireless client devices or stations may rotate their media access control (mac) addresses, how to perform such rotations, and/or the like. in one example, a method may include providing, by an access point (ap), a first communication indicating that the ap supports a mac address rotation management protocol; obtaining, by the ap, a second communication from a wireless station (sta) indicating that the sta intends to perform a mac address rotation; and transmitting, by the ap, a third communication to influence the mac address rotation of the sta, the third communication comprising a rotation status indicator and timing information.
Inventor(s): Prakash C. Jain of Fremont CA (US) for cisco technology, inc., Sanjay Kumar Hooda of Pleasanton CA (US) for cisco technology, inc., Satish Kumar Kondalam of Milpitas CA (US) for cisco technology, inc., Vikram Vikas Pendharkar of San Jose CA (US) for cisco technology, inc., Anoop Vetteth of Fremont CA (US) for cisco technology, inc., Solomon T. Lucas of Sunnyvale CA (US) for cisco technology, inc.
IPC Code(s): H04L9/40
Abstract: this disclosure describes techniques to operate a control plane in a network fabric. the techniques include determining a stateless rule corresponding to communication between a first segment of the network fabric and a second segment of the network fabric. the techniques further include configuring the control plane to enforce the stateless rule.
Inventor(s): Ravi Shankar Mantha of Bangalore (IN) for cisco technology, inc., Krishna Chaitanya Mahamkali of Bangalore (IN) for cisco technology, inc.
IPC Code(s): H04L9/40
Abstract: a method comprising: at a network function (nf) repository function (nrf) of a core network that includes a consumer nf and a producer nf: issuing, to the consumer nf, an access token used to access services of the producer nf based on allowed authorization attributes of the producer nf; before expiry of the access token, receiving, from the producer nf, an update message that indicates retiring authorization attributes of the allowed authorization attributes, and storing the retiring authorization attributes; before the expiry of the access token, upon receiving, from the consumer nf, an access token request for a new access token, determining not to authorize the access token request based on the retiring authorization attributes; and based on determining, sending, to the consumer nf, an access token error to enable the consumer nf to migrate service requests to a new producer nf before the expiry.
Inventor(s): David J. Zacks of Vancouver (CA) for cisco technology, inc., Carlos M. Pignataro of Cary NC (US) for cisco technology, inc., Thomas Szigeti of Vancouver (CA) for cisco technology, inc.
IPC Code(s): H04L9/40, G06F21/31
Abstract: this disclosure describes techniques for performing enhanced authentication of a device based on physical proximity of the device to one or more other authenticated devices. an example method includes performing a first authentication of a first device or a first user and connecting the first device to a protected resource. based on determining that the first device is within a threshold distance of a second, authenticated, device, a reauthentication interval is selected. based on determining that the reauthentication interval has expired, a second authentication is initiated by transmitting, to the first device or a third device associated with the first user, a request for an authentication factor.
Inventor(s): David Delano Ward of Somerset WI (US) for cisco technology, inc., Robert Stephen Rodgers of Mountain View CA (US) for cisco technology, inc., Andrew Phillips Thurber of Charlotte VT (US) for cisco technology, inc., Eric Voit of Bethesda MD (US) for cisco technology, inc., Thomas John Giuli of Mountain View CA (US) for cisco technology, inc.
IPC Code(s): H04L9/40
Abstract: an enclave manager of a network enclave obtains a request to retrieve configuration information and state information corresponding to compute devices and network devices comprising a network enclave. the request specifies a set of parameters of the configuration information and the state information usable to generate a response to the request. the enclave manager evaluates the compute devices, the network devices, and network connections among these devices within the network enclave to obtain the configuration information and the state information. based on the configuration information and the state information, the enclave manager determines whether the network enclave is trustworthy. based on the parameters of the request, the enclave manager generates a response indicating a summary that is used to identify the trustworthiness of the network enclave.
20240031365.APPLICATION IDENTIFICATION_simplified_abstract_(cisco technology, inc.)
Inventor(s): David Steven Gross of Cincinnati OH (US) for cisco technology, inc., Jennifer Lee Bammel of Dexter MI (US) for cisco technology, inc., David William Matteson of Dexter MI (US) for cisco technology, inc., Christopher Carl Cassell of Ann Arbor MI (US) for cisco technology, inc., Kyle David Mills of Ann Arbor MI (US) for cisco technology, inc.
IPC Code(s): H04L9/40
Abstract: this disclosure describes techniques for identifying an application (e.g., accessing application) that is attempting to access a resource. in some examples, access may be managed by an authentication service. when an access request is received at the authentication service from an application on a client device, the authentication service may ask the application to communicate with an identification agent on the client device. the identification agent may perform one or more tests to discover the identity of the application. in some cases, the identification agent may send the identity of the application to the authentication service. the authentication service may then allow or deny access by the accessing application to the resource based at least in part on the discovered identity.
Inventor(s): Vincent E. Parla of North Hampton NH (US) for cisco technology, inc., Thomas Szigeti of Vancouver (CA) for cisco technology, inc.
IPC Code(s): H04L9/40
Abstract: techniques and systems described herein relate to monitoring executions of computer instructions on computing devices based on learning and generating a control flow directed graph. the techniques and systems include determining a learned control flow directed graph for a process executed on the computing system. a vulnerability may be determined or identified within the process as well as a software bill of materials for the process. a code portion of the process associated with the vulnerability is determined based on the software bill of materials. a tainted control flow directed graph is generated based on the code portion and excluded from the learned control flow directed graph. the adjusted control flow directed graph may be used to prevent execution of the vulnerability.
Inventor(s): Doron Levari of Newton MA (US) for cisco technology, inc., Tariq Ahmed Farhan of Cambridge MA (US) for cisco technology, inc., Vincent E. Parla of North Hampton NH (US) for cisco technology, inc., Ido Tamir of Boston MA (US) for cisco technology, inc., Adam Bragg of Hollis NH (US) for cisco technology, inc., Jason M. Perry of Plymouth MA (US) for cisco technology, inc.
IPC Code(s): H04L9/40
Abstract: this disclosure describes techniques and mechanisms for defining dynamic security compliance in networks to proactively prevent security policy violations from being added and/or made, retroactively and continuously identify security policy violations based on data from the changing threat landscape, and provide auto-remediation of non-compliant security policies. the techniques enable automated security policies and provide improved network security against a dynamic threat landscape.
Inventor(s): Luca Della Chiesa of Cesenatico (FC) (IT) for cisco technology, inc., Christian Schmutzer of Koenigsbrunn im Weinviertel (AT) for cisco technology, inc.
IPC Code(s): H04Q11/00, H04B10/61, H04B10/073, G01H9/00
Abstract: presented herein are techniques to manage optical network infrastructure. a method includes inducing a predetermined vibration on a fiber optic cable, the predetermined vibration being sufficient to cause a change to at least one of a state of polarization and a phase of optical signals being carried by respective optical fibers in the fiber optic cable, detecting, at a first endpoint, using a first coherent optical receiver, and at a second endpoint, using a second coherent optical receiver, the change to the at least one of the state of polarization and the phase of the optical signals, and based on the detecting, determining that the first endpoint and the second endpoint are connected to, or in communication with, one another via at least one finer in the fiber optic cable.
Inventor(s): Peiman AMINI of Fremont CA (US) for cisco technology, inc., Vishal S. DESAI of San Jose CA (US) for cisco technology, inc., Ardalan ALIZADEH of Milpitas CA (US) for cisco technology, inc., Sudhir K. JAIN of Fremont CA (US) for cisco technology, inc.
IPC Code(s): H04W4/02, H04W4/33, H04L41/0893
Abstract: techniques for automated wireless deployment configuration are provided. environmental sensor data from a plurality of access points (aps) is received, and the plurality of aps are clustered into a set of clusters based on the environmental sensor data. cluster classifications are generated by classifying each cluster in the set of clusters as either an indoor cluster or an outdoor cluster based on the environmental sensor data and one or more defined environmental values. a respective label is assigned to each respective ap in the plurality of aps based on the cluster classifications, and one or more of the plurality of aps are reconfigured based on the assigned labels.
Inventor(s): Suyog Subhash Belsare of Maharashtra (IN) for cisco technology, inc., Pravin Appaji Ajagekar of Pune (IN) for cisco technology, inc., Ravi Shankar Mantha of Bangalore (IN) for cisco technology, inc.
IPC Code(s): H04W4/20, H04W28/06
Abstract: the present disclosure is directed to systems and techniques for improved signaling of subscriber information and updates thereto for one or more location-based user plane services. in one examples, the systems and techniques can include determining the existence of a converged user plane function (upf) comprising a serving gateway user plane (sgw-u) session and a packet data network (pdn) gateway user plane (pgw-u) session. in response to determining the existence of the converged upf, user equipment (ue) information can be transmitted from a serving gateway control plane (sgw-c) session to the sgw-u session of the converged upf. the ue information received at the sgw-u session can be shared to the pgw-u session of the converged upf, wherein the pgw-u session receives the ue information without communicating with a pdn gateway control plane (pgw-c) session.
Inventor(s): Ravi Shekhar of Pune (IN) for cisco technology, inc., Vimal Srivastava of Bangalore (IN) for cisco technology, inc.
IPC Code(s): H04W12/06, H04W12/08, H04W60/00
Abstract: the present disclosure provides solutions to registration and discovery of nfs in the vertical 5g networks, at the operator network, as well as handling tasks such as authentication of connecting end terminals at the operator network level. in one aspect, a method includes receiving, at network controller of an operator network and from an end terminal, a request for access to a network function (nf) of a vertical network, the request including a type of the nf in the vertical network; authenticating, at the network controller, the end terminal; upon authenticating the end terminal, identifying, at the network controller, the nf requested by the end terminal based at least on the type of the nf included in the request; and facilitating, by the network controller, access to the nf in the vertical network by the end terminal.
Inventor(s): Eugen Octavian Nicoara of Highlands Ranch CO (US) for cisco technology, inc., Nam Kim of Dunwoody GA (US) for cisco technology, inc.
IPC Code(s): H04W12/06, H04W12/0431
Abstract: providing 5g-aka user equipment (ue) authentication and, more specifically, providing 5g-aka ue authentication at an edge of a network may be provided. an authentication server function (ausf) at an edge of a network, and the ausf may request an authentication vector (av) from a unified data management (udm). the ausf may receive av from the udm and cache the av at an av cache. an authentication request may be received from an access and mobility management function (amf) and the av from the av cache may be provided to the amf.
Inventor(s): Srinath Gundavelli of San Jose CA (US) for cisco technology, inc., Indermeet Singh Gandhi of San Jose CA (US) for cisco technology, inc.
IPC Code(s): H04W12/06, H04W8/24, H04W12/0471
Abstract: presented herein are techniques to provide for the ability to utilize 3gpp-generated session keys that can be generated via a primary authentication or a secondary authentication process for a user equipment (ue) via a private wireless wide area (wwa) access network in which the keys can be leveraged to facilitate connection of the ue to a wireless local area (wla) access network. in one example, a method may include obtaining a request to authenticate a ue for connection to a wwa access network; determining that the ue is capable of a fast transition (ft) capability; authenticating the ue for connection to the wwa access in which, based on the ft capability, the authenticating includes generating a root security key for the ue; and upon determining that the ue is attempting to access the wla access network, providing the root security key for the ue to the wla access network.
Inventor(s): Srinath Gundavelli of San Jose CA (US) for cisco technology, inc., Stephen Orr of Wallkill NY (US) for cisco technology, inc., Shree Murthy of San Jose CA (US) for cisco technology, inc., Pradeep Kumar Kathail of Los Altos CA (US) for cisco technology, inc.
IPC Code(s): H04W12/06, H04W12/08, H04W12/76
Abstract: this disclosure describes techniques and mechanisms for performing user defined network (udn) service authorization based on secondary identity credentials within a wireless network. for instance, the techniques may include receiving, from a user device, a first request to access a wireless network (e.g., such as a wlan), where the first request may include primary access credentials for accessing the wlan. once primary access authentication of the user device is complete, the techniques may include receiving a second request from the user device to access a udn group within the wireless network. the second request can include secondary credentials for accessing the udn group. in response to the second request, a secondary eap dialogue may be established to authenticate the user device using the secondary credentials. once the secondary credentials are authenticated, the techniques may include granting the user device access to the udn group.
20240031830.MULTI-MODE RADIO UNIT_simplified_abstract_(cisco technology, inc.)
Inventor(s): Fred Anderson of Lakeville OH (US) for cisco technology, inc., Indermeet Singh Ghandi of San Jose CA (US) for cisco technology, inc., Shailender Photharaju of Fremont CA (US) for cisco technology, inc., Clark Carty of Brunswick OH (US) for cisco technology, inc.
IPC Code(s): H04W24/02, H04W24/08
Abstract: a multi-mode radio unit, and more specifically providing a multi-mode radio unit having a 7.2 split mode and a full gnodeb (gnb) mode may be provided. a 7.2 split mode may be executed at a multi-mode radio unit (mmru). next a metric associated with a front-haul link between the mmru and a distributed unit (du) may be monitored. the metric may be compared to a first threshold, and when the metric is above the first threshold, the mmru may be caused to switch from the 7.2 split mode to a full gnodeb (gnb) mode.
Inventor(s): Anal Srivastava of Cupertino CA (US) for cisco technology, inc., Sangram Kishore Lakkaraju of Bangalore (IN) for cisco technology, inc.
IPC Code(s): H04W36/00, H04W36/08, H04W60/00, H04W60/06, H04W68/00
Abstract: a method is provided for avoiding context transfers by a first access and mobility management function (amf) connected to a first gnb to a second amf when a user equipment (ue) in idle mode moves from the first gnb to a second gnb. the method may include provisioning the first amf and the second amf with the same tracking area identity (tai), the first amf and the second amf s being connected to a respective enterprise gnb. the method may also include configuring the 5g packet core network comprising a session management function (smf) in communications with the first amf and the second amf, to avoid transferring a ue context from the first amf to the second amf when the user equipment (ue) in the idle mode moves from a first amf to the second amf. the ue context remains with the first amf.
20240031900.NETWORK ENVIRONMENT HEALTH MONITORING_simplified_abstract_(cisco technology, inc.)
Inventor(s): Vishal S. DESAI of San Jose CA (US) for cisco technology, inc., Benjamin J. CIZDZIEL of San Jose CA (US) for cisco technology, inc., Santosh B. KULKARNI of Sunnyvale CA (US) for cisco technology, inc., Young Il CHOI of San Jose CA (US) for cisco technology, inc.
IPC Code(s): H04W36/30, H04W36/00
Abstract: network environment health monitoring is provided by receiving an alert indicating that a first station (sta) is experiencing a connection with a first access point (ap) below a quality threshold; identifying a set of aps connected to a shared network with the first ap within one hop of the first ap; aggregating signal metrics for the first sta from the first ap and each ap of the set of aps; identifying a cause for the connection performing below the quality threshold based on the signal metrics as aggregated; and performing a remediation strategy based on the cause as identified.
Cisco Technology, Inc. patent applications on January 25th, 2024
- Cisco Technology, Inc.
- G01S3/04
- H01Q5/307
- H01Q7/00
- H01Q9/30
- H01Q21/20
- Cisco technology, inc.
- G06F11/20
- G06F11/30
- H04L67/00
- G06F11/36
- G06F21/51
- G06F21/52
- G06N20/00
- G06F21/56
- G06F21/54
- G06F21/55
- G06F21/53
- G06F21/57
- G06F8/41
- G06F8/75
- G06V10/776
- G06V10/778
- H01Q3/34
- H01Q1/22
- H01Q15/02
- H04B7/185
- H04L5/00
- H04B10/40
- H04B10/532
- H04B10/2507
- H04J14/02
- G02B6/42
- H04B10/50
- H04B10/61
- H04L1/00
- H04L47/125
- H04W16/14
- H04L47/2441
- H04L1/08
- H04L45/74
- H04W28/04
- H04L41/5074
- H04L51/02
- G06F40/30
- H04L45/122
- H04L45/00
- H04L45/02
- H04L45/12
- H04L45/302
- H04L45/28
- H04L43/55
- H04L45/50
- H04L12/46
- H04L45/7453
- H04L47/193
- G06F3/06
- H04L47/263
- H04L61/4594
- H04L61/5038
- H04L9/40
- G06F21/31
- H04Q11/00
- H04B10/073
- G01H9/00
- H04W4/02
- H04W4/33
- H04L41/0893
- H04W4/20
- H04W28/06
- H04W12/06
- H04W12/08
- H04W60/00
- H04W12/0431
- H04W8/24
- H04W12/0471
- H04W12/76
- H04W24/02
- H04W24/08
- H04W36/00
- H04W36/08
- H04W60/06
- H04W68/00
- H04W36/30
- G06F2221/033