Systems and methods for providing I-SID translation in SPB networks
Granted: December 29, 2020
Patent Number:
10880215
Systems, methods, and apparatuses are disclosed herein for providing an Individual Service Instance identifier (“I-SID”) translation service for accessing services on different networks. Packets designated for specific services via an I-SID Tag may be received at an edge network device and a lookup may be performed to locate the service on another network via the I-SID corresponding to the service, the I-SID being mapped at another network. The I-SID may be updated with the…
Plug-in network device
Granted: December 1, 2020
Patent Number:
10856361
A plug-in network device is disclosed. The plug-in network device can be used in association with a network management system and an infrastructure network device. The plug-in network device includes two antenna arrays, one of which is up-facing and one of which is front-facing. The plug-in network device can achieve wireless communication with the infrastructure network device via the up-facing antenna array and provide network services to wireless stations through the front-facing…
Wireless device authentication and service access
Granted: December 1, 2020
Patent Number:
10855668
Authenticating a client device coupled to an authenticator network device for a network. A service request is received from the client device at the authenticator network device. User credentials, including a user ID, a user key, and a nonce for a user are received at the authenticator network device. A token is generated using the received user credentials. The service request is modified to include the token and a user ID parameter that is the user ID to generate a modified service…
Traffic deduplication in a visibility network
Granted: December 1, 2020
Patent Number:
10855562
Techniques for implementing traffic deduplication in a visibility network are provided. According to one embodiment, a packet broker of the visibility network can receive a control or data packet replicated from a core network. The packet broker can then apply a first stage deduplication process in which the packet broker attempts to deduplicate the control or data packet based on one or more interfaces of the core network from which the control or data packet originated, and apply a…
Dynamic firewalls and forensic gateways
Granted: November 24, 2020
Patent Number:
10848465
A security event that is associated with one or more communication devices is detected. For example, the security event may be an unexpected change in data being sent from a communication device outside an enterprise. In response to detecting the security event, a Virtual Service Network (VSN) is created that isolates one or more communication devices that may pose a security risk. A corrective action to mitigate the security event is then implemented. For example, the corrective action…
Zero configuration networking on a subnetted network
Granted: November 10, 2020
Patent Number:
10833948
Methods and apparatus are described for implementing service discovery protocols on subnetted zero configuration networks. A process for managing service advertisement across a plurality of subnets may comprise: collecting service advertisements on a local network level by designated network devices; sending listings of services from each of the designated devices to a master network device; sending a table of services for the plurality of subnets from the master device to all of the…
Assigning network device subnets to perform network activities using network device information
Granted: October 20, 2020
Patent Number:
10810095
Techniques and systems for performing a network activity within a network. The technique includes assigning one or a plurality of network devices subnets with network devices for performing network activities. Network devices within the assigned network device subnets can be assigned to act as a primary network device and a backup network device. The primary network device can perform the network activity. The backup network devices can monitor the primary network device and continue…
Automated mirroring and remote switch port analyzer (RSPAN) functions using fabric attach (FA) signaling
Granted: October 13, 2020
Patent Number:
10805390
A method and apparatus for automated mirroring is presented. A network device running as a Fabric Attach (FA) server configured to mirror traffic to a Remote Switch Port Analyzer (RSPAN) Virtual Local Area Network (VLAN), issues an FA Type Length Value (TLV) on its uplink to the FA server. The TLV includes a request to associate said RSPAN VLAN with a Service Identifier (I-SID) used to carry mirror traffic in a network. The network device sends the mirrored traffic on the RSPAN VLAN on…
Routing method and system for a wireless network
Granted: October 6, 2020
Patent Number:
10798634
A method and system for selecting a route in a wireless network for the transmission of a data packet between wireless nodes in the network using a modified link-state routing algorithm. A subset of nodes called portal nodes within the network are elected to do the broadcasting for the entire network. A wireless node identifies a unicast route back to its root portal node, and sends a link-state register message to this portal node. These link-state register messages received by each…
Auto-attach signaling used as wireless local area network (WLAN) selection criterion
Granted: September 22, 2020
Patent Number:
10785187
Implementing auto attach for a shortest path bridging (SPB) network comprises determining, on an access point, that an auto attach device communicating in a SPB network is enabled for auto attach, and an advertisement is transmitted to a mobile station. The access point acts a proxy between the mobile station and the auto-attach device by communicably coupling the auto attach device and the mobile station via the access point. A virtual local area network (VLAN) identification and…
Network service access characteristics specific client steering
Granted: September 15, 2020
Patent Number:
10778784
Systems and methods for steering clients based on network service access characteristics. Systems can include a network service access characteristics specific network device client steering system and a network service access characteristics specific radio client steering system. Methods can include steering clients to network devices in accessing network services based on network service access characteristics and steering clients to radios in accessing network services based on…
Airtime-based packet scheduling for wireless networks
Granted: September 8, 2020
Patent Number:
10772081
Airtime usage may be used as a factor in controlling network traffic flow to and from client devices via a wireless network interface. Received packets or other data are assigned to a quality of service profile. Additionally, a cost value for communicating the received data is determined at least in part based on an actual or estimated airtime usage for the received packet. The cost value is used to allocate wireless network airtime to data. The allocation of wireless network airtime may…
Electronic device credential management
Granted: September 8, 2020
Patent Number:
10771967
A unique pre-shared key plug-in is installed on a Chromebook device. Identification data associated with the Chromebook device is received, from the unique pre-shared key plug-in through a Chromebook client management system API. A unique pre-shared key is assigned to the Chromebook device using the identification data. The unique pre-shared key is sent to the Chromebook device. The Chromebook device is configured to seamlessly authenticate for a wireless network using the unique…
Techniques for exchanging control and configuration information in a network visibility system
Granted: September 8, 2020
Patent Number:
10771475
Techniques for exchanging control and configuration information in a network visibility system are provided. In one embodiment, a control plane component of the network visibility system can receive one or more first messages from a data plane component of the network visibility system, where the one or more first messages define one or more forwarding resources available on the data plane component. The control plane component can further retrieve configuration information stored on the…
IoT device management using multi-protocol infrastructure network devices
Granted: August 18, 2020
Patent Number:
10750560
Techniques for managing IoT devices through multi-protocol infrastructure network devices are disclosed. A system utilizing such techniques can include a multi-protocol infrastructure network device and a WAN based IoT device management system and various network device based engines. A method utilizing such techniques can include management according to WAN based IoT device policies and LAN based IoT device policies.
Configuration of rules in a network visibility system
Granted: August 18, 2020
Patent Number:
10750387
Aspects of the present disclosure enable a router controller to maintain a default rules table indicating allocation of internet protocol (IP) addresses (of general packet radio service (GPRS) tunneling protocol (GTP) packets) to respective output ports. In an embodiment, the router controller receives information indicating the respective tunnel endpoint IP addresses of a control session and a data session. The router controller is configured to determine whether such IP addresses of…
Single band dual concurrent network device
Granted: August 4, 2020
Patent Number:
10734738
A network device comprising, a first radio module configured to transmit and receive first radio signals in a first frequency band, a first antenna array configured to transmit and receive the first radio signals for the first radio module in the first frequency band, a second radio module configured to transmit and receive second radio signals in the first frequency band, a second antenna array configured to transmit and receive the second radio signals for the second radio module in…
Device and related method for dynamic traffic mirroring
Granted: August 4, 2020
Patent Number:
10735511
A function is provided in a network system for the dynamic mirroring of network traffic for a variety of purposes including the identification of characteristics of the traffic. Multiple criteria are established for when, what and where to mirror the traffic. The criteria include what frames of traffic to mirror, what portions of the selected frames to mirror, one or more portals through which to minor the selected frames, a destination for the mirroring and the establishment of a mirror…
Private simultaneous authentication of equals
Granted: August 4, 2020
Patent Number:
10735405
Systems and methods for performing network-side Simultaneous Authentication of Equals (SAE) to allow an end user device to access a network. A passphrase is assigned to an end user device for use in authenticating the end user device for a network using SAE. An identification of the end user device is determined during an authentication process. The passphrase assigned to the end user device is determined at a network side using the identification of the end user device. A shared secret…
Layer 7 application classification
Granted: August 4, 2020
Patent Number:
10735351
Maintaining layer 7 state as a client device roams between network devices during a session. Data packets used in executing a layer 7 application are received at a first network device that a client device is coupled to during a session. Data packets received by the first network device are stored in a layer 7 application buffer that is sent to a second network device that a client device roams to during a session. A layer 7 application buffer is used to classify a layer 7 application…
