Guest onboarding of devices onto 3GPP-based networks with use of realm-based discovery of identity providers and mutual authentication of identity federation peers
Granted: April 16, 2024
Patent Number:
11962585
A Third Generation Partnership Project (3GPP) based network, such as an enterprise private 3GPP network, is operative to provide a guest onboarding of a device using a realm-based discovery of an identity provider and a mutual authentication of identity federation peers. A secure connection may be established between the peers so that the device may be authenticated based on credentials associated with a Subscriber Identity Module (SIM) provided by its Mobile Network Operator (MNO).…
Systems and methods to dynamically reprovision network devices in a predefined area
Granted: April 16, 2024
Patent Number:
11962461
A system and a method to dynamically reprovision network devices may include a first network device configured to reprovision a second network device in accordance with a specific location of the second network device in a predefined area. The first network device may be configured to sense the second device at the specific location in the predefined area, identify reprovisioning parameters associated with the specific location, and provide the reprovisioning parameters to the second…
Systems and methods for adapting a WAN egress shaper rate
Granted: April 9, 2024
Patent Number:
11956153
In one embodiment, a method includes determining, by a first network component, a sender shaper drop value based on the following: a maximum sequence number; a minimum sequence number; and a sender sequence counter number associated with the first network component. The method also includes determining, by the first network component, a wide area network (WAN) link drop value based on the sender sequence counter number associated with the first network component and a receiver sequence…
Son function for dynamically configured RU in multi-protocol ran
Granted: April 9, 2024
Patent Number:
11956685
System, methods, and computer-readable media for switching a dynamic radio of a single RU between Radio Access Technology (RAT) protocols based on a Software-Defined RAN intelligent controller (SD-RIC). The SD-RIC efficiently assigning RAN resources by converting a radio access point to either 5G or Wi-Fi based on the load conditions and the number of users seen on the network, so that it appropriately servers the customer and end devices. To determine the load conditions may be based on…
Management of an adaptive relay method for lost-device bluetooth low energy signaling
Granted: April 9, 2024
Patent Number:
11956637
Techniques and apparatus for managing a message relaying system are described. One technique includes an access point (AP) detecting a first signal and a second signal from a computing device. A validation of the first signal is performed based on parameters of the first signal and the second signal. After the validation, information associated with the first signal is transmitted to a computing system. In another technique, the computing system may designate one of multiple APs…
Openroaming for private communication systems
Granted: April 9, 2024
Patent Number:
11956628
A method is provided that includes obtaining an access request for a device to access a visited access network, the access request including an authentication identifier for the device including an identity for the device and a realm comprising a network identifying portion; determining a re-write rule for the realm by querying a database based on an identity type of the device and the network identifying portion of the realm, the database including a plurality of re-write rules for a…
Dynamic storage sharing across network devices
Granted: April 9, 2024
Patent Number:
11956313
Techniques and systems described herein relate to shared storage systems across network devices to use unused storage space and provide backup and additional storage for devices as needed. The techniques and systems include determining availability data describing available storage locations and amounts on network devices, compiling such data at a network controller, and communicating the availability data to the network devices. The network devices then directly communicate with each…
Discovering trustworthy devices using attestation and mutual attestation
Granted: April 9, 2024
Patent Number:
11956273
Systems, methods, and computer-readable media for discovering trustworthy devices through attestation and authenticating devices through mutual attestation. A relying node in a network environment can receive attestation information from an attester node in the network environment as part of a unidirectional push of information from the attester node according to a unidirectional link layer communication scheme. A trustworthiness of the attester node can be verified by identifying a…
Encrypted data packet forwarding
Granted: April 9, 2024
Patent Number:
11956221
A method of transmitting an encrypted data packet includes, with a processor, in response to receiving the encrypted data packet, executing an extended Berkeley packet filter (eBPF) application at an express data path (XDP) hook point located within a kernel space, determining whether the encrypted data packet is to be processed via a trusted application (TA) within a trusted execution environment (TEE) based on an analysis by the eBPF application, and identifying application…
Graphical representation of security threats in a network
Granted: April 9, 2024
Patent Number:
11956208
A method includes, at a server in a network, detecting for a user device network incidents relating to one or more security threats in the network using a plurality of threat detectors over a predetermined time period, each of the network incidents including one or more behavior indicators; assigning the network incidents into one or more groups, wherein each group corresponds to a type of security threat; generating a graph for a particular group of the user device, wherein the graph…
Enhancing container workload visibility in data center environments with blade switches
Granted: April 9, 2024
Patent Number:
11956126
In one embodiment, an illustrative method herein may comprise: determining, by a network controller, physical network topology of a data center network; collecting, by the network controller, virtual machine related network topology of the data center network from a virtual machine manager for the data center network; collecting, by the network controller, virtual ethernet flow mapping information of the data center network from a blade system management software for the data center…
Monitoring interface configurations for network devices in fabrics
Granted: April 9, 2024
Patent Number:
11956123
Techniques for determining that a configuration change in configurations for a network device has occurred to result in changed configurations for the network device. The techniques include creating a policy for the network device by a network controller that manages one or more network devices. The network controller may obtain data from the network device, and update the network device policy based on the obtained data. In some examples, the network controller may compare the network…
Root cause discovery engine
Granted: April 9, 2024
Patent Number:
11954568
The disclosed technology relates identifying causes of an observed outcome. A system is configured to receive an indication of a user experience problem, wherein the user experience problem is associated with observed operations data including an observed outcome. The system generates, based on the observed operations data, a predicted outcome according to a model, determines that the observed outcome is within range of the predicted outcome, and identifies a set of candidate causes of…
System and method of providing universal mobile internet proxy printing
Granted: April 9, 2024
Patent Number:
11954378
Disclosed is a method to enable printing on legacy devices. The method includes discovering a legacy device that does not have a universal record that enables the legacy device to provide services to a mobile device through a network, appending the universal record for the legacy device, transmitting the universal record for the legacy device to a controller, receiving, at the controller and from the mobile device, a request for services which can be provided by the legacy device,…
Optical modulator
Granted: April 2, 2024
Patent Number:
11949498
An optical modulator comprises, as optical modulator components, first and second transmitter chains and a first optical time division multiplex, OTDM, generator arranged to receive time interleaved optical pulses generated by one of said optical modulator components.
Auto-configuration of hybrid cells supporting shared cell and unique cell operating modes for user equipment in virtualized radio access network architectures
Granted: April 2, 2024
Patent Number:
11950218
Presented herein are techniques to facilitate the configuration of hybrid cells to support shared cell and unique cell operating modes for user equipment. In one example, a method may include obtaining a registration request for a user equipment (UE) in which the mobile network includes a radio access network (RAN) comprising a plurality of radio units (RUs) in which each RU provides a shared cell that is shared with at least one other RU and each RU also provides a unique cell that is…
Edge offloading in a mobile network having a converged core architecture
Granted: April 2, 2024
Patent Number:
11950128
A control plane (CP) function for session management performs a procedure for establishing local traffic offloading for a user equipment (UE) in a mobile network having an Evolved Packet Core (EPC) and Fifth Generation (5G) converged core that supports communications via a Long-Term Evolution (LTE) radio access network (RAN) and a Fifth Generation (5G) RAN. Initially, a connection is established for the UE via the LTE RAN that includes a first bearer between the LTE RAN and a central…
Selective offloading of packet flows with flow state management
Granted: April 2, 2024
Patent Number:
11949659
A first packet of a packet flow is received at a classifying network device. The first packet is forwarded from the classifying network device to a firewall network device. An indication that the packet flow is to be offloaded is received at the classifying network device. Data is stored at the classifying network device indicating that the packet flow is to be offloaded. A non-control packet of the packet flow is received at the classifying network device. A determination is made that…
Stretched EPG and micro-segmentation in multisite fabrics
Granted: April 2, 2024
Patent Number:
11949602
An endpoint group (EPG) can be stretched between the sites so that endpoints at different sites can be assigned to the same stretched EPG. Because the sites can use different bridge domains when establishing the stretched EPGs, the first time a site transmits a packet to an endpoint in a different site, the site learns or discovers a path to the destination endpoint. The site can use BGP to identify the site with the host and use a multicast tunnel to reach the site. A unicast tunnel can…
Stateless address translation at an autonomous system (AS) boundary for host privacy
Granted: April 2, 2024
Patent Number:
11949593
Stateless address translation at an Autonomous System (AS) boundary for host privacy may be provided. An address associated with a host device in the AS may be received. The address may comprise a network prefix and an interface identifier (ID). Then a cypher value may be assigned to a cypher bit range in the network prefix. The cypher value may be associated with a first cypher algorithm of a plurality of cypher algorithms. Next, the address may be encoded wherein encoding the address…
