Multicasting within a mutual subnetwork
Granted: January 28, 2025
Patent Number:
12212485
A method may include bridging in, via a fabric, a multicast data packet from a source device to a first edge device of a plurality of edge devices and flooding the multicast data packet to the plurality of edge devices within a mutual subnetwork of the fabric. The method further includes bridging out the multicast data packet from a second edge device of the plurality of edge devices to a receiving device. The source device and the receiving device are located within the mutual…
Intelligent dynamic air baffle
Granted: January 28, 2025
Patent Number:
12213276
A dynamic air baffle comprises: spaced-apart first and second plates configured to be positioned adjacent to at least one heat source to be cooled by an airflow; a heat insulator sandwiched between the first and second plates; and an air flap coupled to the first and second plates and extending into the airflow; wherein the first and second plates are configured such that a differential temperature between the first and second plates causes a differential expansion in lengths of the…
Slice resource management for reducing the negative impacts of slice quotas
Granted: January 28, 2025
Patent Number:
12213095
A mobile network is operative to perform a quota validation procedure in relation to a maximum number of user equipments (UEs) permitted in a network slice. In one illustrative example, a control plane (CP) function of the mobile network may receive, from the UE, a message which indicates a registration request for registration and includes a slice ID of the network slice. The CP function may manage a registration procedure for assigning resources of the network slice to the UE. The CP…
Observing virtual connectivity reactivity upon mobility events
Granted: January 28, 2025
Patent Number:
12213052
In one embodiment, an illustrative method herein may comprise: receiving, at a first edge device, a direct indication from a second edge device that a mobile device has moved from the first to the second edge device; determining, based on the direct indication, a first time at which the mobile device attached to the second edge device; receiving a network routing update message indicative of a routing update for the mobile device having moved to the second edge device; determining, based…
Integrated service mesh control plane management
Granted: January 28, 2025
Patent Number:
12212602
This disclosure describes an integrated management method to manage a service mesh data plane over a network fabric. The method includes determining at least one service mesh data plane policy for a microservice of a service mesh. The method further includes sending, over the network fabric, the at least one service mesh data plane policy to a virtual router associated with the microservice based at least in part on connectivity information maintained by a network fabric control plane…
Security group resolution at ingress across virtual networks
Granted: January 28, 2025
Patent Number:
12212544
Techniques and architecture are described for providing a service, e.g., a security service such as a firewall, across different virtual networks/VRFs/VPN IDs. The techniques and architecture provide modifications in enterprise computing fabrics by modifying pull-based overlay protocols such as, for example, locator/identifier separation protocol (LISP), border gateway protocol ethernet virtual private network (BGP EVPN), etc. A map request carries additional information to instruct a…
Device address rotation management protocol for a wireless local area network
Granted: January 28, 2025
Patent Number:
12212542
Techniques herein facilitate a device address rotation management protocol that may be implemented for a wireless local area network (WLAN), which can be used to influence when wireless client devices or stations may rotate their Media Access Control (MAC) addresses, how to perform such rotations, and/or the like. In one example, a method may include providing, by an access point (AP), a first communication indicating that the AP supports a MAC address rotation management protocol;…
Device address rotation authorization and verification
Granted: January 28, 2025
Patent Number:
12212541
An authorization device obtains a registration request associated with an end device, the registration request including a new randomized media access control (MAC) address associated with the end device; determines whether the end device is authorized to use the new randomized MAC address; transmits a message to the end device with a first randomly generated number when it is determined that the end device is authorized to use the new randomized MAC address; obtains integrity…
Hierarchical provisioning of network devices
Granted: January 28, 2025
Patent Number:
12212540
Automated techniques for converting network devices from a Layer 2 (L2) network into a Layer 3 (L3) network in a hierarchical manner are described herein. The network devices may be configured to boot such that their ports are in an initialization mode in which the ports are unable to transmit locally generated DHCP packets. When a network device detects that a neighbor (or “peer”) device has acquired an IP address or has been configured by a network controller, then the port on…
Inducing delay from a peer node to quantify latency-based behavior
Granted: January 28, 2025
Patent Number:
12212493
Techniques and architecture are described for inducing precise delays in a network device (network node) that has the capability to act on packets/traffic flows based on policy configurations of the network device and delays experienced by traffic in the network device. This capability may be used for testing and verification of the network device to verify that the network device meets the configured policies. Additionally, this capability may be utilized in an operational network to…
End-to-end distributed tracing with external telemetry data
Granted: January 28, 2025
Patent Number:
12212477
Techniques are described for generating an end-to-end distributed trace in connection with a cloud or datacenter environment. In one example, a server obtains target application telemetry data and external telemetry data associated with one or more correlation identifiers included in one or more network communications provided to a target application in the cloud or datacenter environment. The server aggregates the target application telemetry data and the external telemetry data based…
System and method for network policy simulation
Granted: January 28, 2025
Patent Number:
12212476
This disclosure generally relate to a method and system for network policy simulation in a distributed computing system. The present technology relates techniques that enable simulation of a new network policy with regard to its effects on the network data flow. By enabling a simulation data flow that is parallel and independent from the regular data flow, the present technology can provide optimized network security management with improved efficiency.
Network issue tracking and resolution system
Granted: January 28, 2025
Patent Number:
12212451
In one embodiment, an issue analysis service obtains telemetry data from a plurality of devices in a network across a plurality of time intervals. The service detects a failure event in which a device in the network is in a failure state. The service clusters the telemetry data obtained prior to the failure event into rounds according to time intervals in which the telemetry data was collected. Each round corresponds to a particular time interval. The service applies a machine…
Multiple input neural networks for detecting fraud
Granted: January 21, 2025
Patent Number:
12204619
Embodiments of the present invention set forth a technique for predicting fraud based on multiple inputs including user behavior biometric data along with one or more other parameters associated with the user. The technique includes receiving cursor movement data generated via a client device. The technique further includes generating a image based on the cursor movement data. The technique further includes receiving client parameters generated via the client device. The technique…
Security profile selection and configuration of network devices via ownership voucher extension
Granted: January 21, 2025
Patent Number:
12206664
Techniques and architecture are described for providing a configurable security posture for a network device using an extended ownership artifact, e.g., an ownership voucher, an ownership certificate, etc., and a security profile mechanism that scales to user needs and desires for security profiles on network devices, i.e., easily and securely customizable on thousands of nodes of a network. The configurable security posture may be achieved using the manufacturer authorized signing…
Manufacturer usage description (MUD) extensions for secure access service edge (SASE) services
Granted: January 21, 2025
Patent Number:
12206646
Techniques for associating manufacturer usage description (MUD) security profiles for Internet-of-Things (IoT) device(s) with secure access service edge (SASE) solutions, providing for automated and scalable integration of IoT devices with SASE frameworks. A MUD controller may utilize a MUD uniform resource identifier (URI) emitted by an IoT device to fetch an associated MUD file from a MUD file server associated with a manufacturer of the IoT device. The MUD controller may determine…
Path signatures for data flows
Granted: January 21, 2025
Patent Number:
12206581
This disclosure describes various methods, systems, and devices related to identifying path changes of data flows in a network. An example method includes receiving, at a node, a packet including a first signature. The method further includes generating a second signature by inputting the first signature and one or more node details into a hash function. The method includes replacing the first signature with the second signature in the packet. The packet including the second value is…
Network path detection and monitoring
Granted: January 21, 2025
Patent Number:
12206573
This disclosure describes techniques for detecting and monitoring paths in a network. The techniques include causing a source node to generate probe packets to traverse a multi-protocol label switching (MPLS) network, for instance. In some examples, the probe packets include entropy values that correspond to individual equal-cost multi-path (ECMP) paths of the network. The probe packets may be received at an SDN controller from a sink node after traversing the network. Analysis of the…
Performance measurement, telemetry, and OAM in MPLS networks using entropy labels
Granted: January 21, 2025
Patent Number:
12206572
Techniques for utilizing entropy labels of a Multiprotocol Label Switching (MPLS) label stack for performing monitoring operations (e.g., telemetry, performance measurement, OAM, etc.) without altering the MPLS label stack and/or packet path (e.g., ECMP path). The techniques may include determining, by a node of a network, to perform a monitoring operation associated with traffic that is to be sent along a path through the network. In some examples, the node may receive a packet that is…
Natural language markup for meetings
Granted: January 21, 2025
Patent Number:
12204810
A natural language markup for meetings is introduced that facilitates planning and facilitation of online meetings. Shared content is obtained during an online meeting. The shared content is shared by a first participant in the online meeting for display on devices of one or more second participants in the online meeting. A visual object is detected in the shared content and additional content is obtained based on detecting the visual object. The additional content is transmitted with…
