公开(公告)号：US20240073097A1

公开(公告)日：2024-02-29

申请号：US17955812

申请日：2022-09-29

Applicant: Cisco Technology, Inc.

Inventor： Piotr Jerzy Kupisiewicz ,  Olaf Meller ,  Michael Chomicz ,  Radoslaw Konrad Ruchala ,  Manoj Kumar ,  David Pryor

IPC: H04L41/12 ,  G06F16/901 ,  H04L41/0859 ,  H04L41/22

CPC classification number: H04L41/12 ,  G06F16/9024 ,  H04L41/0859 ,  H04L41/22

Abstract: Methods are presented herein for a reduced state machine that describes nodes and relationship dynamics representing real network elements (networking devices and software processes) in a computer/data network, and abstracted logical items. Logical states of networking features of the network elements are reflected in the graph, while configuration data is stored for completeness. A method called a “Versioner Algorithm” is provided to record the temporal history of a node and its state over time within the node's metadata itself, while recorded relationships represent logical relations between observed nodes. A method is also provided to time-travel back to observe a historical view of the network. Further still, a method is provided to a difference of two historical topologies and return that data in human-readable or machine consumable form.

公开(公告)号：US12192062B2

公开(公告)日：2025-01-07

申请号：US17955812

申请日：2022-09-29

Applicant: Cisco Technology, Inc.

Inventor： Piotr Jerzy Kupisiewicz ,  Olaf Meller ,  Michael Chomicz ,  Radoslaw Konrad Ruchala ,  Manoj Kumar ,  David Pryor

IPC: H04L41/12 ,  G06F16/901 ,  H04L41/0859 ,  H04L41/22

Abstract: Methods are presented herein for a reduced state machine that describes nodes and relationship dynamics representing real network elements (networking devices and software processes) in a computer/data network, and abstracted logical items. Logical states of networking features of the network elements are reflected in the graph, while configuration data is stored for completeness. A method called a “Versioner Algorithm” is provided to record the temporal history of a node and its state over time within the node's metadata itself, while recorded relationships represent logical relations between observed nodes. A method is also provided to time-travel back to observe a historical view of the network. Further still, a method is provided to a difference of two historical topologies and return that data in human-readable or machine consumable form.

公开(公告)号：US20240305640A1

公开(公告)日：2024-09-12

申请号：US18127990

申请日：2023-03-29

Applicant: Cisco Technology, Inc.

Inventor： Jay Kemper Johnston ,  Michael Chomicz ,  David Alexander Pryor ,  Radoslaw Konrad Ruchala ,  Jan Stanislaw Krupa

IPC: H04L9/40 ,  H04L41/22

CPC classification number: H04L63/101 ,  H04L41/22 ,  H04L63/20

Abstract: Techniques and architecture are described for abstracting a real physical twin network wherein security policies are mapped as an overlay on a graphical representation of the network topology. The techniques include receiving, at a computing device, a first security policy) for a first network device. The computing device processes the first security policy to generate a plurality of first access control entries. The computing device creates first graph nodes corresponding to the first access control entries. Based at least in part on a processing order of the first security policy on the first network device, the computing device links the first graph nodes into a graph. The computing device displays the graph on a display, wherein the graph is displayed as an overlay on a network topology graph that includes the first network device.