公开(公告)号：US12068965B2

公开(公告)日：2024-08-20

申请号：US17494441

申请日：2021-10-05

Applicant: Cisco Technology, Inc.

Inventor： Alberto Rodriguez-Natal ,  Steven William Wood ,  Ding Bai ,  Fabio R. Maino ,  Ramanathan Lakshmikanthan

IPC: H04L47/20 ,  H04L47/24

CPC classification number: H04L47/20 ,  H04L47/24

Abstract: Techniques for obtaining application network metadata from a service registry so that a network routing policy may be derived for traffic associated with the application are described herein. The techniques may include receiving, at a service registry, network metadata associated with traffic of an application hosted by a scalable application service platform. The techniques may also include obtaining, by a controller of a network and from the service registry, the network metadata associated with the traffic of the application. Based at least in part on the network metadata, the controller may determine a routing policy that is optimized for sending the traffic through the network. Additionally, the controller may send an indication of the routing policy to a node of the network or otherwise provision the network such that the traffic of the application is sent through the network according to the routing policy.

公开(公告)号：US20240259278A1

公开(公告)日：2024-08-01

申请号：US18161162

申请日：2023-01-30

Applicant: Cisco Technology, Inc.

Inventor： Fabio R. Maino ,  Saswat Praharaj ,  Alberto Rodriguez-Natal ,  Pradeep K. Kathail

IPC: H04L41/5019 ,  H04L41/046

CPC classification number: H04L41/5019 ,  H04L41/046

Abstract: Provided is an infrastructure for enforcing target service level parameters in a network. In one example, a network service level agreement (SLA) registry obtains one or more input service level parameters for at least one service offered by an application. Based on the one or more input service level parameters, the network SLA registry provides one or more target service level parameters to a plurality of network controllers. Each network controller of the plurality of network controllers is configured to enforce the one or more target service level parameters in a respective network domain configured to carry network traffic associated with the application.

公开(公告)号：US20240114041A1

公开(公告)日：2024-04-04

申请号：US18523501

申请日：2023-11-29

Applicant: Cisco Technology, Inc.

Inventor： Nikolaos Sapountzis ,  Madhuri Kolli ,  Fabio R. Maino ,  Daniela Alvim Seabra de Oliveira

IPC: H04L9/40 ,  G06F40/30 ,  H04L67/306

CPC classification number: H04L63/1416 ,  G06F40/30 ,  H04L63/1433 ,  H04L63/1483 ,  H04L67/306

Abstract: In one embodiment, a method comprises training at least one model based at least in part on interactions between one or more users and electronic messages sent to addresses associated with the one or more users, receiving a first electronic message sent to a first address associated with a first user, analyzing the first electronic message to generate first feature data, determining one or more characteristics of the first user to generate second feature data, inputting, to the at least one model, the first feature data and the second feature data, and receiving, as output of the at least one model, data indicating whether to output, to the first user, a warning regarding the first electronic message.

公开(公告)号：US11943150B2

公开(公告)日：2024-03-26

申请号：US17147724

申请日：2021-01-13

Applicant: Cisco Technology, Inc.

Inventor： Lorand Jakab ,  Alberto Rodriguez Natal ,  Fabio R. Maino ,  John G. Apostolopoulos

IPC: H04L47/783 ,  G06F9/54

CPC classification number: H04L47/783 ,  G06F9/547

Abstract: Techniques for tracking compute capacity of a scalable application service platform to perform dynamic bandwidth allocation for data flows associated with applications hosted by the service platform are disclosed. Some of the techniques may include allocating a first amount of bandwidth of a physical underlay of a network for data flows associated with an application. The techniques may also include receiving, from a scalable application service hosting the application, an indication of an amount of computing resources of the scalable application service that are allocated to host the application. Based at least in part on the indications, a second amount of bandwidth of the physical underlay to allocate for the data flows may be determined. The techniques may also include allocating the second amount of bandwidth of the physical underlay of the network for the data flows associated with the application.

公开(公告)号：US20230300059A1

公开(公告)日：2023-09-21

申请号：US17890756

申请日：2022-08-18

Applicant: Cisco Technology, Inc.

Inventor： Alberto Rodriguez Natal ,  Saswat Praharaj ,  Lorand Jakab ,  Fabio R. Maino ,  Pradeep Kumar Kathail

IPC: H04L45/121 ,  H04L45/745 ,  H04L45/00

CPC classification number: H04L45/121 ,  H04L45/745 ,  H04L45/566

Abstract: Techniques for automating traffic optimizations for egress traffic of an application orchestration system that is being sent over a network to a remote service. In examples, the techniques may include receiving, at a controller of the network, an egress traffic definition associated with egress traffic of an application hosted on the application orchestration system, the egress traffic definition indicating that the egress traffic is to be sent to the remote service. Based at least in part on the egress traffic definition, the controller may determine a networking path through the network or outside of the network that is optimized for sending the egress traffic to the remote service. The controller may also cause the egress traffic to be sent to the remote service via the optimized networking path.

公开(公告)号：US20220286517A1

公开(公告)日：2022-09-08

申请号：US17503660

申请日：2021-10-18

Applicant: Cisco Technology, Inc.

Inventor： Steven William Wood ,  Ding Bai ,  Ramanathan Lakshmikanthan ,  Alberto Rodriguez-Natal ,  Fabio R. Maino

IPC: H04L29/08

Abstract: Techniques for dynamic routing based on application load are described herein. The techniques may include receiving load information associated with resources of an application orchestration system that are allocated to host an application, the resources associated with different geographical regions. Based at least in part on the load information, a network controller may determine that first resources of the application orchestration system are less constrained than second resources of the application orchestration system, the first resources associated with a first geographical region and the second resources associated with a second geographical region. Based at least in part on the first resources being less constrained than the second resources, application traffic may be routed through the network to the application hosted by the first resources in the first geographical region.

公开(公告)号：US11363073B2

公开(公告)日：2022-06-14

申请号：US17034100

申请日：2020-09-28

Applicant: Cisco Technology, Inc.

Inventor： Fabio R. Maino ,  Vina Ermagan ,  Alberto Rodriguez Natal

IPC: H04L29/06 ,  H04L12/46 ,  H04L9/40

Abstract: An ingress network element obtains data from a source endpoint associated with the ingress network element. The data identifies a destination endpoint remote from the ingress network element. The ingress network element provides a map request identifying the destination endpoint to a mapping server. The ingress network element obtains a map reply including a network address of an egress network element associated with the destination endpoint and a security association. The ingress network element encrypts the data for the destination endpoint with the security association according to a cryptographic policy based on the source endpoint, the destination endpoint, and the availability of cryptographic resources on the network. The ingress network element provides the encrypted data to the egress network element.

公开(公告)号：US20220116337A1

公开(公告)日：2022-04-14

申请号：US17147724

申请日：2021-01-13

Applicant: Cisco Technology, Inc.

Inventor： Lorand Jakab ,  Alberto Rodriguez Natal ,  Fabio R. Maino ,  John G. Apostolopoulos

IPC: H04L12/911 ,  G06F9/54

Abstract: Techniques for tracking compute capacity of a scalable application service platform to perform dynamic bandwidth allocation for data flows associated with applications hosted by the service platform are disclosed. Some of the techniques may include allocating a first amount of bandwidth of a physical underlay of a network for data flows associated with an application. The techniques may also include receiving, from a scalable application service hosting the application, an indication of an amount of computing resources of the scalable application service that are allocated to host the application. Based at least in part on the indications, a second amount of bandwidth of the physical underlay to allocate for the data flows may be determined. The techniques may also include allocating the second amount of bandwidth of the physical underlay of the network for the data flows associated with the application.

公开(公告)号：US20210219261A1

公开(公告)日：2021-07-15

申请号：US16743258

申请日：2020-01-15

Applicant: Cisco Technology, Inc.

Inventor： Srinath Gundavelli ,  Sangram Kishore Lakkaraju ,  Louis Gwyn Samuel ,  Timothy Peter Stammers ,  Alberto Rodriguez Natal ,  Fabio R. Maino

IPC: H04W68/00 ,  H04W52/02

Abstract: In one example, a control plane entity obtains an indication that a User Equipment (UE) has entered an idle mode. The control plane entity sets a routing locator corresponding to the UE to cause the control plane entity to trigger a paging request toward the UE to prompt the UE to transition from the idle mode when a first network node obtains a downlink packet destined for the UE. The control plane entity obtains a notification that the first network node has obtained the downlink packet and initiates the paging request toward the UE. The control plane entity updates the routing locator corresponding to the UE to cause the first network node to transmit further downlink packets destined for the UE toward a second network node configured to handle traffic on behalf of the UE.

公开(公告)号：US20210014285A1

公开(公告)日：2021-01-14

申请号：US17034100

申请日：2020-09-28

Applicant: Cisco Technology, Inc.

Inventor： Fabio R. Maino ,  Vina Ermagan ,  Alberto Rodriguez Natal

IPC: H04L29/06 ,  H04L12/46

Abstract: An ingress network element obtains data from a source endpoint associated with the ingress network element. The data identifies a destination endpoint remote from the ingress network element. The ingress network element provides a map request identifying the destination endpoint to a mapping server. The ingress network element obtains a map reply including a network address of an egress network element associated with the destination endpoint and a security association. The ingress network element encrypts the data for the destination endpoint with the security association according to a cryptographic policy based on the source endpoint, the destination endpoint, and the availability of cryptographic resources on the network. The ingress network element provides the encrypted data to the egress network element.