公开(公告)号：US20230254379A1

公开(公告)日：2023-08-10

申请号：US17667890

申请日：2022-02-09

Applicant: Cisco Technology, Inc.

Inventor： Carlos M. Pignataro ,  Nagendra Kumar Nainar ,  David John Zacks ,  John Matthew Swartz ,  Akram Ismail Sheriff

IPC: H04L67/141

CPC classification number: H04L67/141

Abstract: Presented herein are techniques to facilitate infrastructure and policy orchestration in a shared workspace network environment. In one example, a method may include obtaining, by a service broker, a reservation request from a consumer network for a consumer, wherein the reservation request seeks a reservation to reserve, at least in part, at least one workspace device for the consumer for a workspace for a particular day and a particular time period; based on determining that the at least one workspace device is available, providing a response to the consumer network that includes a first indicator for identifying the reservation of the workspace and at least one second indicator identifying the at least one workspace device; and upon receiving a session request from the consumer network that includes the second indicator, establishing a management tunnel to interconnect the consumer network and the at least one workspace device via the service broker.

公开(公告)号：US11665079B1

公开(公告)日：2023-05-30

申请号：US17744853

申请日：2022-05-16

Applicant: Cisco Technology, Inc.

Inventor： David John Zacks ,  Carlos M. Pignataro ,  Nagendra Kumar Nainar ,  Hans F. Ashlock ,  Thomas Szigeti ,  Prapanch Ramamoorthy

IPC: G06F15/173 ,  H04L43/12 ,  H04L43/06

CPC classification number: H04L43/12 ,  H04L43/06

Abstract: A method comprising: at a management entity configured to communicate with a network: upon detecting a performance problem on a network path in the network, generating a trigger probe having a correlation identifier, the trigger probe configured to transit the network path and, on one or more designated network nodes of the network path, trigger (i) capturing a full device state, including a control plane state and a data plane state, and (ii) exporting a report of the full device state with the correlation identifier; sending the trigger probe along the network path; receiving, from each of the one or more designated network nodes, the report that includes the correlation identifier and the full device state; and correlating each report to the performance problem based on the correlation identifier in each report, to diagnose a root cause of the performance problem using the full device state in each report.

公开(公告)号：US20230066759A1

公开(公告)日：2023-03-02

申请号：US17463738

申请日：2021-09-01

Applicant: Cisco Technology, Inc.

Inventor： Nassim Benoussaid ,  David John Zacks ,  Zizhen Gao ,  Carlos M. Pignataro ,  Dmitry Goloubev

IPC: G06N20/00

Abstract: Techniques are provided for segmentation of data points after a dimension reduction. A proxy model is then trained based on results of the segmentation. The proxy model provides low latency high throughput labeling of additional data points, without the need to reduce dimensions of the additional data points. A second segmentation is performed with results of the second segmentation compared to that of the first segmentation. When results of the comparison meet certain criterion, configuration parameters of the segmentation are modified. For example, in some embodiments, a user interface is provided that displays shapley values indicating a mapping from the high dimension data to the segmented data. Input is then received that modifies the configuration parameters.

公开(公告)号：US20220321483A1

公开(公告)日：2022-10-06

申请号：US17216879

申请日：2021-03-30

Applicant: Cisco Technology, Inc.

Inventor： David John Zacks ,  Thomas Szigeti ,  Walter T. Hulick, JR.

IPC: H04L12/851 ,  H04L12/833 ,  H04L29/06

Abstract: Methods and apparatuses for prioritizing transactions are disclosed. An example method of an application performance monitor (APM) comprises intercepting a first packet being transmitted in a network that is monitored by the APM; determining that the first packet is associated with a transaction of the web application that is to be provided with an alternate level of service; modifying a field in the first packet to include metadata interpretable by at least one network device in the network to cause the at least one network device to provide the alternate level of service; and injecting the first packet into the network. The APM may cause network devices to prioritize a specific transaction of an application based on importance.

公开(公告)号：US20220318350A1

公开(公告)日：2022-10-06

申请号：US17390610

申请日：2021-07-30

Applicant: Cisco Technology, Inc.

Inventor： Walter Theodore Hulick, JR. ,  David John Zacks ,  Thomas Szigeti

IPC: G06F21/32 ,  G06F9/54 ,  G06F21/52 ,  G06F21/31 ,  G06F21/55

Abstract: According to one or more embodiments of the disclosure, the techniques herein are directed toward a dynamic transaction-aware web application authentication using call intercepts. In one embodiment, a method comprises: intercepting, by a monitoring process, calls made for transactions within an executing application; determining, by the monitoring process, whether a particular intercepted call triggers an enhanced user authentication requirement for a particular transaction; initiating, by the monitoring process in response to the particular intercepted call triggering the enhanced user authentication requirement, a corresponding challenge to adequately authenticate a user for the particular transaction; and allowing, by the monitoring process, the particular intercepted call to proceed for the particular transaction in response to an adequately authenticated user for the particular transaction.

公开(公告)号：US20220217056A1

公开(公告)日：2022-07-07

申请号：US17704449

申请日：2022-03-25

Applicant: Cisco Technology, Inc.

Inventor： Qihong Shao ,  David John Zacks ,  Xinjun Zhang

IPC: H04L41/14 ,  H04L41/147 ,  H04L43/06 ,  H04L41/12 ,  H04L43/045 ,  H04L41/5067 ,  H04L43/0817 ,  H04L43/55

Abstract: A method, computer system, and computer program product are provided for peer risk benchmarking. Customer data for a first network is obtained, wherein the customer data comprises a role of one or more network devices in the first network and a plurality of risk reports corresponding to the one or more network devices, and wherein each risk report is associated with a particular dimension of a plurality of dimensions of risk for the one or more network devices. A network profile image is generated by processing the plurality of risk reports. A generative adversarial network generates a synthetic network profile image from the network profile image, wherein the synthetic network profile image does not include the customer data. A second network is evaluated using the synthetic network profile image to identify differences between the first network and the second network.

公开(公告)号：US20220116290A1

公开(公告)日：2022-04-14

申请号：US17502965

申请日：2021-10-15

Applicant: Cisco Technology, Inc.

Inventor： Thomas Szigeti ,  David John Zacks ,  Mark Montanez ,  Prakash Kaligotla

IPC: H04L43/04 ,  H04L41/0604 ,  H04L41/12 ,  H04L41/0686 ,  H04L41/0631

Abstract: Systems, methods, and computer-readable for determining performance metrics of a network include obtaining, from a network assurance system, one or more network performance metrics, the network performance metrics corresponding to execution of one or more applications in a network domain. An Application Performance Management (APM) system provides one or more applications performance metrics, the applications performance metrics corresponding to execution of the one or more applications in an applications domain. The one or more network performance metrics are integrated with the one or more applications performance metrics to determine integrated performance metrics for the one or more applications across the network domain and the applications domain.

公开(公告)号：US20210160164A1

公开(公告)日：2021-05-27

申请号：US17164600

申请日：2021-02-01

Applicant: Cisco Technology, Inc.

Inventor： David John Zacks ,  Thomas Szigeti ,  Hanoch Haim ,  Anoop Vetteth

IPC: H04L12/26 ,  H04L12/947

Abstract: A method relates to providing arbitrary and custom application traffic generation on network devices. The method includes identifying, via a network controller, an application associated with a network to yield an identified application, spinning up, by the network controller, a traffic generator in a container on a network device, wherein the traffic generator is configured to emulate traffic associated with the network device and the identified application and monitoring performance of at least one of the identified application in the network and the traffic generator on the network device.

公开(公告)号：US10938706B1

公开(公告)日：2021-03-02

申请号：US16575015

申请日：2019-09-18

Applicant: Cisco Technology, Inc.

Inventor： David John Zacks ,  Thomas Szigeti ,  Hanoch Haim ,  Anoop Vetteth

IPC: H04L12/00 ,  H04L12/26 ,  H04L12/947

Abstract: A method relates to providing arbitrary and custom application traffic generation on network devices. The method includes identifying, via a network controller, an application associated with a network to yield an identified application, spinning up, by the network controller, a traffic generator in a container on a network device, wherein the traffic generator is configured to emulate traffic associated with the network device and the identified application and monitoring performance of at least one of the identified application in the network and the traffic generator on the network device.

公开(公告)号：US10938685B2

公开(公告)日：2021-03-02

申请号：US16043779

申请日：2018-07-24

Applicant: Cisco Technology, Inc.

Inventor： Atri Indiresan ,  Linda Tin-Wen Cheng ,  Melvin Tsai ,  Peter Geoffrey Jones ,  Da-Yuan Tung ,  David John Zacks

IPC: H04L12/26 ,  H04L12/741 ,  H04L29/06 ,  H04L12/46

Abstract: Presented herein is an exemplified system and method that provides visibility, for traffic analytics, into secured encapsulated packet (e.g., secure VXLAN-GPE packet, a secure metadata-GPE packet or other GPE standards). The exemplified system and method facilitate encryption of traffic in a granular manner that also facilitate the monitoring of said secure traffic in a fabric network in an end-to-end manner throughout the network. Such monitoring can be beneficially used for analytics, performance analysis, and network debugging/troubleshooting.