NAT route distribution based on tag information in an SDWAN overlay network
Granted: January 14, 2025
Patent Number:
12199942
A process can include determining a plurality of Network Address Translation (NAT) routes associated with respective edge routers included in a same virtual private network (VPN) for communicating with a software-defined wide area network (SDWAN). A process can include identifying a first subset of the plurality of NAT routes as mapped to a first public NAT address included in a NAT pool associated with the VPN. A process can include tagging each NAT route of the first subset with a tag…
Liquid cooling distribution in a modular electronic system
Granted: January 14, 2025
Patent Number:
12200906
A network communications device includes a chassis, a plurality of modules removably inserted into a plurality of slots in the chassis. A coolant is delivered to a first group of the plurality of modules with a first flow control valve in a first cooling loop and the coolant is delivered to a second group of the plurality of modules with a second flow control valve in a second cooling loop. The network communication device further includes a plurality of sensors for monitoring a…
Network environment health monitoring
Granted: January 14, 2025
Patent Number:
12200475
Network environment health monitoring is provided by receiving an alert indicating that a first station (STA) is experiencing a connection with a first Access Point (AP) below a quality threshold; identifying a set of APs connected to a shared network with the first AP within one hop of the first AP; aggregating signal metrics for the first STA from the first AP and each AP of the set of APs; identifying a cause for the connection performing below the quality threshold based on the…
Supporting captions for devices without native captions capability
Granted: January 14, 2025
Patent Number:
12200168
A call is conducted with a first device of a user, the first device lacking captions capability. A second device of the user is identified for receiving captions for the call from among a plurality of second devices of the user based on one or more from a group of distances of the second devices to a location of the first device, display quality of the second devices, status of the second devices, and user preferences for the second devices. An identified second device is joined to the…
Next gen zero trust network access (ZTNA) and virtual private network (VPN) including cloud secure access service edge (SASE)
Granted: January 14, 2025
Patent Number:
12200080
Techniques for leveraging the MASQUE protocol to provide remote clients with full application access to private enterprise resources are described herein. One or more network nodes may be configured to execute a MASQUE proxy service to provide a remote client device with full access to an enterprise/private application resource executing on an application node and hosted in an enterprise/application network, behind the MASQUE proxy service. In some examples, the MASQUE proxy service may…
Secure access app connectors
Granted: January 14, 2025
Patent Number:
12200068
Techniques for creating in/out App Connectors for secure access solutions without the need for STUN, TURN, and/or a long-lived control plane component. The techniques may include, among other things, establishing, by an App Connector associated with a workload hosted by an enterprise network, a pool of idle sessions between the App Connector and a termination node associated with the enterprise network. The techniques may also include determining, by the App Connector, that a first idle…
Cryptographic binding of native application and external browser sessions
Granted: January 14, 2025
Patent Number:
12199970
Systems and methods are provided for receiving information associated with a final single sign-on page from a native browser, extracting a public key from the information associated with the final single sign-on page, generating a single sign-on token to bind a browser session and a native application session, associating the single sign-on token with the public key extracted from the information associated with the final single sign-on page, and encrypting the single sign-on token with…
Network enclave attestation for network and compute devices
Granted: January 14, 2025
Patent Number:
12199969
An enclave manager of a network enclave obtains a request to retrieve configuration information and state information corresponding to compute devices and network devices comprising a network enclave. The request specifies a set of parameters of the configuration information and the state information usable to generate a response to the request. The enclave manager evaluates the compute devices, the network devices, and network connections among these devices within the network enclave…
Enhanced multi-factor authentication based on physical and logical proximity to trusted devices and users
Granted: January 14, 2025
Patent Number:
12199968
This disclosure describes techniques for performing enhanced authentication of a device based on physical proximity of the device to one or more other authenticated devices. An example method includes performing a first authentication of a first device or a first user and connecting the first device to a protected resource. Based on determining that the first device is within a threshold distance of a second, authenticated, device, a reauthentication interval is selected. Based on…
Upstream approach for secure cryptography key dist
Granted: January 14, 2025
Patent Number:
12199963
A Software-Defined Networking (SDN)-based “upstream” approach is a controller-based solution that provides secure key distribution and management for multi-site data centers. The approach uses an SDN Multi-Site Controller (MSC) that acts as an intermediary between SDN controllers at sites in a multi-site data center and manages the distribution of keys to sites. The approach is not dependent upon any particular routing protocol, such as the Border Gateway Protocol (BGP), and is well…
Queue protection using a shared global memory reserve
Granted: January 14, 2025
Patent Number:
12199886
The subject technology relates to the management of a shared buffer memory in a network switch. Systems, methods, and machine readable media are provided for receiving a data packet at a first network queue from among a plurality of network queues, determining if a fill level of a queue in a shared buffer of the network switch exceeds a dynamic queue threshold, and in an event that the fill level of the shared buffer exceeds the dynamic queue threshold, determining if a fill level of the…
Modular power controller
Granted: January 7, 2025
Patent Number:
12189448
In one embodiment, a power control block includes a power input for receiving pulse power from a power source, a power output coupled to a transmission line connector, a pulse power module operable to receive the pulse power and transmit the pulse power to the power output, a Power over Ethernet (PoE) module operable to receive the pulse power and transmit PoE to the power output, and a power controller for selecting the pulse power module to deliver the pulse power to the power output…
Performance tracing for mobile network environments
Granted: January 7, 2025
Patent Number:
12192096
Provided herein are techniques to facilitate multi-level performance tracing for a mobile network environment. In one instance, a method may include obtaining, by a mobile network, a trigger from an enterprise to initiate an underlay-level trace for a wireless device of the enterprise, wherein the trigger includes a correlation identifier that correlates the underlay-level trace with an enterprise-level trace for the wireless device and providing the underlay-level trace for a session of…
Pairing disaggregated network elements
Granted: January 7, 2025
Patent Number:
12192090
Techniques are described herein for pairing disaggregated network elements. In one example, a pairing manager obtains an indication to prioritize high availability when pairing disaggregated network elements. The disaggregated network elements include first disaggregated network elements and second disaggregated network elements. The pairing manager obtains, from one or more of the disaggregated network elements, topology information of the disaggregated network elements. Based on the…
System and method of assigning reputation scores to hosts
Granted: January 7, 2025
Patent Number:
12192078
A method provides for receiving network traffic from a host having a host IP address and operating in a data center, and analyzing a malware tracker for IP addresses of hosts having been infected by a malware to yield an analysis. When the analysis indicates that the host IP address has been used to communicate with an external host infected by the malware to yield an indication, the method includes assigning a reputation score, based on the indication, to the host. The method can…
Methods for implementing time-travelling networks using extensions to graph databases
Granted: January 7, 2025
Patent Number:
12192062
Methods are presented herein for a reduced state machine that describes nodes and relationship dynamics representing real network elements (networking devices and software processes) in a computer/data network, and abstracted logical items. Logical states of networking features of the network elements are reflected in the graph, while configuration data is stored for completeness. A method called a “Versioner Algorithm” is provided to record the temporal history of a node and its…
Software defined access fabric without subnet restriction to a virtual network
Granted: January 7, 2025
Patent Number:
12192057
Systems, methods, and computer-readable storage media are provided for provisioning a common subnet across a number of subscribers and their respective virtual networks using dynamically generated network policies that provide isolation between the subscribers. The dynamic generation of the network policies is performed when a host (e.g. client) is detected (via a switch) as the host joins the computing network via virtual networks. This ability to configure a common subnet for all the…
Interrupt cognizant RF tuning
Granted: January 7, 2025
Patent Number:
12192053
The disclosed technology relates to determining a period in which a non-urgent RRM update should be deferred. The method may comprise applying a first update to an existing configuration of the plurality of wireless access points in the network based on an analysis of telemetry received from the plurality of wireless access points received over a period spanning at least two busy periods. The method may further comprise applying a second update that modifies the first preferred network…
Differential differencing transimpedance amplifier for coherent applications
Granted: January 7, 2025
Patent Number:
12191915
Techniques for implementing a differential differencing TIA for coherent applications are disclosed. A method includes receiving first and second optical signals from a 90 degree optical hybrid that receives a coherent optical signal, wherein the first and second optical signals each include one pair of sum and difference signals output by the 90 degree optical hybrid, generating, based on the first optical signal and from a first photo diode, a first differential signal, generating,…
Multi-modal data storage volume regulation
Granted: January 7, 2025
Patent Number:
12189577
A network storage volume stores a first entry in a first-mode storage bucket and a second entry in a second-mode storage bucket, the first-mode storage bucket having first bucket metadata, and the second-mode storage bucket having second bucket metadata. At least one bucket to be purged from the buckets of the network storage volume are selected based at least in part on bucket metadata of the plurality of buckets, where the buckets include the first-mode storage bucket and the…
