公开(公告)号：AU2020290944B2

公开(公告)日：2024-12-19

申请号：AU2020290944

申请日：2020-06-11

Applicant: CISCO TECHNOLOGY INC

Inventor： SUNDARARAJAN BALAJI ,  VALLURI VAMSIDHAR ,  BALASUBRAMANIAN CHANDRAMOULI ,  OSWAL ANAND ,  SINGH RAM DULAR

IPC: H04L45/121 ,  H04L41/50 ,  H04L45/30 ,  H04L45/42 ,  H04L45/64

Abstract: In one embodiment, a method includes providing a first profile to a plurality of edge routers of the SD-WAN, the plurality of edge routers operable to interface a plurality of devices to the SD-WAN. The first profile enables the plurality of edge routers to discover which devices of the plurality of devices support a first application. The method includes receiving, from one or more of the edge routers, information indicating which devices of the plurality of devices support the first application and building a first application fabric based on the information indicating which devices of the plurality of devices support the first application.

公开(公告)号：AU2020392328A1

公开(公告)日：2022-06-09

申请号：AU2020392328

申请日：2020-11-18

Applicant: CISCO TECHNOLOGY INC

Inventor： GUPTA ANUBHAV ,  BOSCH HENDRIKUS G P ,  VALLURI VAMSIDHAR ,  OLOFSSON STEFAN

IPC: H04L41/12 ,  H04L41/14 ,  H04L45/64

Abstract: According to certain embodiments, a system comprises one or more processors and one or more computer-readable non-transitory storage media comprising instructions that, when executed by the one or more processors, cause one or more components of the system to perform operations comprising: receiving location data associated with a plurality of remote users accessing one or more existing remote access gateways that are located at one or more network locations; building a heatmap of user locations based at least in part on the received location data; and identifying, from the heatmap of user locations, at least one new network location in which to generate at least one new remote access gateway, or at least one existing network location in which to remove at least one of the existing remote access gateways.

公开(公告)号：AU2020392328B2

公开(公告)日：2024-12-19

申请号：AU2020392328

申请日：2020-11-18

Applicant: CISCO TECHNOLOGY INC

Inventor： GUPTA ANUBHAV ,  BOSCH HENDRIKUS G P ,  VALLURI VAMSIDHAR ,  OLOFSSON STEFAN

IPC: H04L41/12 ,  H04L41/14 ,  H04L45/64

Abstract: According to certain embodiments, a system comprises one or more processors and one or more computer-readable non-transitory storage media comprising instructions that, when executed by the one or more processors, cause one or more components of the system to perform operations comprising: receiving location data associated with a plurality of remote users accessing one or more existing remote access gateways that are located at one or more network locations; building a heatmap of user locations based at least in part on the received location data; and identifying, from the heatmap of user locations, at least one new network location in which to generate at least one new remote access gateway, or at least one existing network location in which to remove at least one of the existing remote access gateways.

公开(公告)号：AU2019390284B2

公开(公告)日：2024-08-01

申请号：AU2019390284

申请日：2019-11-12

Applicant: CISCO TECHNOLOGY INC

Inventor： VALLURI VAMSIDHAR ,  RADHAKRISHNAN SARAVANAN ,  OSWAL ANAND ,  PRABHU VINAY ,  EVANS SARAH ADELAIDE ,  RANGASWAMY SURAJ

IPC: H04L67/01 ,  H04L41/00

Abstract: Systems and methods provide for provisioning a dynamic intent-based firewall. A network controller can generate a master route table for network segments reachable from edge network devices managed by the controller. The controller can receive zone definition information mapping the network segments into zones and Zone-based Firewall (ZFW) policies to apply to traffic between a source and destination zone specified by each ZFW policy. The controller can evaluate a ZFW policy to determine first edge network devices that can reach first network segments mapped to the source zone specified by the ZFW policy, second edge network devices that can reach second network segments mapped to the destination zone specified by the ZFW policy, and routing information (from the route table) between the first network segments, the first and second edge network devices, and the second network segments. The controller can transmit the routing information to the edge network devices.

公开(公告)号：AU2019385802A1

公开(公告)日：2021-06-17

申请号：AU2019385802

申请日：2019-11-18

Applicant: CISCO TECHNOLOGY INC

Inventor： VALLURI VAMSIDHAR ,  PRABHU VINAY ,  EVANS SARAH ADELAIDE ,  RANGASWAMY SURAJ

IPC: H04L29/06

Abstract: Systems and methods provide for synergistic domain name system DNS security updates for an enterprise network operating under a Software Defined Wide Area Network (SD-WAN). A system may be configured to collect positive and/or negative unified threat defense (UTD) results, deploy a rules-based model that, when a threat or clearance is detected across several SD-WAN edge network devices, triggers an update to a local security blacklist/whitelist, wherein the update comprises a signature, and push the update to other devices that have not yet seen the threat or clearance.