公开(公告)号：US20250071180A1

公开(公告)日：2025-02-27

申请号：US18816911

申请日：2024-08-27

Applicant: Cisco Technology, Inc.

Inventor： Jerome Henry ,  Bart A. Brinckman ,  Vincent E. Parla ,  Srinath Gundavelli ,  Shree N. Murthy ,  Matthew S. MacPherson

IPC: H04L67/306 ,  H04L67/14

Abstract: Profile-based association method for enterprise networks may be provided. A computing device may configure a first profile and a second profile. Next, the client device may be configured with a set of network profiles associated with a plurality of networks. A user of the client device may be queried for a profile choice for one of the plurality of networks. Then the client device may associate with the one of the plurality of networks according to the profile choice provide by the user.

公开(公告)号：US20240388581A1

公开(公告)日：2024-11-21

申请号：US18789099

申请日：2024-07-30

Applicant: Cisco Technology, Inc.

Inventor： Shree N. Murthy ,  Stephen Michael Orr

IPC: H04L9/40

Abstract: Methods are provided that support media access control (MAC) address rotation (RCM) by generating a passcode for associating a user defined network by one or more endpoint devices instead of using MAC addresses for their respective device identity. In these methods, a computing device obtains a registration request for establishing a user defined network (UDN) and generates a unique UDN identifier and a unique passcode associated with the unique UDN identifier. The unique passcode enables an authentication of one or more endpoint devices to connect to the UDN. The authentication is independent of the MAC address of a respective endpoint device. The computing device provides the UDN identifier and the unique passcode such that the UDN identifier and the unique passcode are for connecting the one or more endpoint devices to the UDN.

公开(公告)号：US20240171457A1

公开(公告)日：2024-05-23

申请号：US18426498

申请日：2024-01-30

Applicant: Cisco Technology, Inc.

Inventor： Shyamsundar N. Maniyar ,  Sanjay Kumar Hooda ,  Shree N. Murthy ,  Sonal Prem Kumar Chhabria ,  Akshay Dorwat

IPC: H04L41/0813 ,  H04L12/46 ,  H04L67/306

CPC classification number: H04L41/0813 ,  H04L12/4641 ,  H04L67/306 ,  H04L2212/00

Abstract: In one embodiment, dynamic user private networks are virtually segmented within a shared virtual network. A network control system maintains the dynamic logical segmentation of the shared virtual network. User entities (e.g., user devices and/or services) are communicatively coupled to respective personal virtual networks via endpoints of access devices. Each of these endpoints is associated with a corresponding user private network. Responsive in real-time to automated processing of a received electronic particular user request, the network control system automatically modifies the dynamic logical segmentation of the shared virtual network to move a particular user entity on the shared virtual network to newly being on the first dynamic user private network without being disconnected from the shared virtual network. One embodiment uses different user private network identifiers (UPN-IDs) associated with endpoints and received packets to identify their respective user private network.

公开(公告)号：US11909591B2

公开(公告)日：2024-02-20

申请号：US18322236

申请日：2023-05-23

Applicant: Cisco Technology, Inc.

Inventor： Shyamsundar N. Maniyar ,  Sanjay Kumar Hooda ,  Shree N. Murthy ,  Sonal Prem Kumar Chhabria ,  Akshay Dorwat

IPC: H04L41/0813 ,  H04L12/46 ,  H04L67/306

CPC classification number: H04L41/0813 ,  H04L12/4641 ,  H04L67/306 ,  H04L2212/00

Abstract: In one embodiment, dynamic user private networks are virtually segmented within a shared virtual network. A network control system maintains the dynamic logical segmentation of the shared virtual network. User entities (e.g., user devices and/or services) are communicatively coupled to respective personal virtual networks via endpoints of access devices. Each of these endpoints is associated with a corresponding user private network. Responsive in real-time to automated processing of a received electronic particular user request, the network control system automatically modifies the dynamic logical segmentation of the shared virtual network to move a particular user entity on the shared virtual network to newly being on the first dynamic user private network without being disconnected from the shared virtual network. One embodiment uses different user private network identifiers (UPN-IDs) associated with endpoints and received packets to identify their respective user private network.

公开(公告)号：US11284462B2

公开(公告)日：2022-03-22

申请号：US16717384

申请日：2019-12-17

Applicant: Cisco Technology, Inc.

Inventor： Louis Gwyn Samuel ,  Srinath Gundavelli ,  Oliver James Bull ,  Mark Grayson ,  Sangram Kishore Lakkaraju ,  Shree N. Murthy

IPC: H04L12/46 ,  H04W76/16 ,  H04W76/12 ,  H04W76/11 ,  H04W8/08 ,  H04W60/00 ,  H04W80/02

Abstract: Techniques are described for integrating cellular access within an enterprise fabric. In one example, a method includes obtaining, by a cellular termination function via a cellular access point, a request from a client for data plane connectivity via a network, wherein the cellular access point is registered within the network and is in communication with a first switch of the network; obtaining, by the cellular termination function, cellular policy information and enterprise policy information for the client; obtaining, by the cellular termination function, an Internet Protocol (IP) address for the client; and establishing data plane connectivity for the client with the network via the cellular access point, the first switch of the network, and a second switch of the network based, at least in part, on the IP address for the client, wherein the second switch connects the network with one or more data networks.

公开(公告)号：US12081534B2

公开(公告)日：2024-09-03

申请号：US17444021

申请日：2021-07-29

Applicant: Cisco Technology, Inc.

Inventor： Domenico Ficara ,  Roberto Muccifora ,  Amine Choukir ,  Shree N. Murthy ,  Bart A. Brinckman ,  Mirko Raca

IPC: H04L9/40

CPC classification number: H04L63/0815 ,  H04L63/0876 ,  H04L63/101 ,  H04L63/104

Abstract: Aspects described herein include a method of automated grouping of client devices for a user-defined network (UDN). The method includes receiving, from a client device an authentication request to join an access provider network. The authentication request includes a unique identifier of the client device for a federation-based network. The method further includes transmitting the unique identifier to a UDN cloud, transmitting the authentication request to an identity provider, and receiving, responsive to the identity provider authenticating the authentication request, a list of one or more UDNs from the UDN cloud that are associated with the unique identifier. The method further includes joining the client device with one or more other client devices present on the access provider network listing a same UDN.

公开(公告)号：US11855841B2

公开(公告)日：2023-12-26

申请号：US17722798

申请日：2022-04-18

Applicant: Cisco Technology, Inc.

Inventor： Rajesh S. Pazhyannur ,  Anand Oswal ,  Arun G. Khanna ,  Kedar K. Gaonkar ,  Shree N. Murthy ,  Sudhir Jain

IPC: H04W12/06 ,  H04L41/0806 ,  H04W76/10 ,  H04W4/029 ,  H04W84/12

CPC classification number: H04L41/0806 ,  H04W4/029 ,  H04W76/10 ,  H04W84/12

Abstract: Certain embodiments disclose systems and methods for creating a user private network (UPN) based on 11ay technology. Methods of the present disclosure include creating a personal basic service set (PBSS) having a service device and one or more 11ay devices, the service device configured to wirelessly communicate with the one or more 11ay devices in the PBSS, creating a UPN having an access point located in communicative proximity with the service device, and associating at least one 11ay device of the one or more 11ay devices with the UPN, wherein the at least one 11ay device is configured to establish a wireless connection with the one or more 11ay devices using the service device when within a coverage area of the PBSS, and to establish a wireless connection with the one or more 11ay devices using the access point when outside the coverage area of the PBSS.

公开(公告)号：US20230300024A1

公开(公告)日：2023-09-21

申请号：US18322236

申请日：2023-05-23

Applicant: Cisco Technology, Inc.

Inventor： Shyamsundar N. Maniyar ,  Sanjay Kumar Hooda ,  Shree N. Murthy ,  Sonal Prem Kumar Chhabria ,  Akshay Dorwat

IPC: H04L41/0813 ,  H04L12/46 ,  H04L67/306

CPC classification number: H04L41/0813 ,  H04L12/4641 ,  H04L67/306 ,  H04L2212/00

Abstract: In one embodiment, dynamic user private networks are virtually segmented within a shared virtual network. A network control system maintains the dynamic logical segmentation of the shared virtual network. User entities (e.g., user devices and/or services) are communicatively coupled to respective personal virtual networks via endpoints of access devices. Each of these endpoints is associated with a corresponding user private network. Responsive in real-time to automated processing of a received electronic particular user request, the network control system automatically modifies the dynamic logical segmentation of the shared virtual network to move a particular user entity on the shared virtual network to newly being on the first dynamic user private network without being disconnected from the shared virtual network. One embodiment uses different user private network identifiers (UPN-IDs) associated with endpoints and received packets to identify their respective user private network.

公开(公告)号：US11653191B2

公开(公告)日：2023-05-16

申请号：US17459113

申请日：2021-08-27

Applicant: Cisco Technology, Inc.

Inventor： Srinath Gundavelli ,  Indermeet Singh Gandhi ,  Shree N. Murthy

IPC: H04W4/90 ,  H04M7/00 ,  H04W16/26 ,  H04W76/16 ,  H04W76/50 ,  H04W4/021 ,  H04W4/029 ,  H04W4/06 ,  G08B25/10 ,  H04W84/12 ,  H04W84/04

CPC classification number: H04W4/90 ,  G08B25/10 ,  H04M7/006 ,  H04W4/021 ,  H04W4/029 ,  H04W4/06 ,  H04W16/26 ,  H04W76/16 ,  H04W76/50 ,  H04W84/042 ,  H04W84/12

Abstract: Methods for extending cell broadcast notifications to various access technologies and enterprise communication infrastructure. A method includes obtaining, by a controller, a cellular broadcast message of a public warning system and identifying, by the controller, at least one network entity, from among a plurality of network entities operating in a private radio network, based on the at least one network entity being within a location area specified in the cellular broadcast message. The method further includes providing, by the controller to the at least one network entity, the cellular broadcast message.

公开(公告)号：US11489875B2

公开(公告)日：2022-11-01

申请号：US16774950

申请日：2020-01-28

Applicant: Cisco Technology, Inc.

Inventor： Antonio Trifilo ,  Maria Carpen Amarie ,  Thomas Vegas ,  Anirban Karmakar ,  Shree N. Murthy

IPC: G06F13/00 ,  H04L9/40 ,  H04L47/70 ,  H04L61/4511

Abstract: The use of device context in applying security policies is provided by receiving a Domain Name Service (DNS) query for a network resource from a user device (UD) at a DNS analysis server, the DNS query including a functional label describing a context of the UD; analyzing the DNS query to determine whether the UD is permitted to access the network resource based on the functional label; and in response to the functional label indicating that the UD is not permitted to access the network resource, transmitting a block page to the UD. The functional label can be added to the DNS query by a Mobile Device Management application on the UD, a router associated with the UD, or an enterprise server. Contexts for previously blocked DNS queries can be aggregated to identify UDs sharing at least one value with the previously blocked DNS queries as security compromised devices.