Quantum cryptography in an internet key exchange procedure
Granted: March 11, 2025
Patent Number:
12250302
In some implementations, a first network device may communicate, with a second network device, one or more internet key exchange (IKE) messages to exchange a first identifier associated with the first network device and a second identifier associated with the second network device, and to indicate that a post-quantum preshared key (PPK) is to be used as a shared key for an IKE security association (SA) between the first network device and the second network device. The first network…
Scalable multi-tenant underlay network supporting multi-tenant overlay network
Granted: March 11, 2025
Patent Number:
12250147
Techniques are disclosed for scalable virtualization of tenants and subtenants on a virtualized computing infrastructure. In one example, a first controller for the virtualized computing infrastructure configures underlay network segments in the virtualized computing infrastructure by configuring respective Virtual Extensible Local Area Network (VXLAN) segments of a plurality of VXLAN segments of a VXLAN in a switch fabric comprising network switches. Each VXLAN segment provides underlay…
Intent-driven configuration of a cloud-native router
Granted: March 11, 2025
Patent Number:
12250117
In general, techniques are described for leveraging a configuration framework for an orchestration platform to configure software that implements a control plane for a containerized network router in a cloud-native SDN architecture. In an example, a method comprises receiving, by a server executing a containerized routing protocol process, configuration data generated from a Network Resource configuration object managed by a custom resource controller; configuring, by the server, the…
Multi-layer statistical wireless terminal location determination
Granted: March 11, 2025
Patent Number:
12248081
Disclosed are embodiments for determining a location of a wireless terminal. The wireless terminal measures signal strength of a plurality of wireless transmitters. Based on this information, a plurality of location probability surfaces are generated. Each location probability surface indicates a plurality of probabilities that the wireless terminal is in each of a corresponding plurality of geographic regions. These probability surfaces are then averaged to determine a composite…
Containerized router with a disjoint data plane
Granted: March 4, 2025
Patent Number:
12245130
In general, this disclosure describes techniques for a containerized router operating within a cloud native orchestration framework. In an example, a computing device comprises processing circuitry; a containerized set of workloads; a containerized routing protocol process configured to execute on the processing circuitry and configured to receive routing information; a kernel network stack executing on the processing circuitry and configured to forward packets based on first routing…
Rerouting network traffic based on detecting offline connection
Granted: March 4, 2025
Patent Number:
12244642
In some examples, a system includes a router device and a first adapter device in communication with the router device. The first adapter device includes processing circuitry configured to: communicate with the router device, wherein the router device is incapable of communicating in accordance with the MACsec protocol. The processing circuitry is further configured to establish an encrypted connection in accordance with the MACsec protocol between the first adapter device and a remote…
Self-learning egress traffic controller
Granted: March 4, 2025
Patent Number:
12244566
An example network system includes processing circuitry and one or more memories coupled to the processing circuitry. The one or more memories are configured to store instructions which, when executed by the processing circuitry, cause the network system to receive connection data related to an egress connection of an application service of an application. The instructions cause the network system to analyze the connection data to determine that the egress connection is an anomalous…
Securing multiprotocol label switching (MPLS) payloads
Granted: March 4, 2025
Patent Number:
12244493
In some implementations, an egress network device of a multiprotocol label switching (MPLS) network may exchange Internet key exchange (IKE) messages with an ingress network device of the MPLS network to establish a security association between the egress network device and the ingress network device. The egress network device may receive an MPLS packet that includes an MPLS header, a secure MPLS data header, and an MPLS payload. The egress network device may process the MPLS header to…
Adaptive location-based SD-WAN policies
Granted: March 4, 2025
Patent Number:
12244463
An example method includes receiving, by an SD-WAN system, WAN link characterization data for a plurality of WAN links of the SD-WAN system over a time period; and for each site of a plurality of sites of the SD-WAN system, generating, by the SD-WAN system, a local policy for the site, wherein generating the local policy is based on a machine learning model trained with the WAN link characterization data for the plurality of WAN links, and providing the local policy to an SD-WAN edge…
Cloud-based management of hardware compliance data for access point devices
Granted: February 25, 2025
Patent Number:
12238565
A plurality of access point (AP) devices configured to provide a wireless network at a site within a geographic region and a management system (NMS) configured to manage the plurality of APs are described. An AP device sends, to the NMS, a message including version information of hardware compliance data currently stored at the AP device. The NMS determines, based on the version information, whether the first version of the hardware compliance data stored at the AP device is in…
Self-correcting service level agreement enforcer
Granted: February 25, 2025
Patent Number:
12238069
Example systems, methods, and storage media are described. An example network system includes processing circuitry and one or more memories coupled to the processing circuitry. The one or more memories are configured to store instructions which, when executed by the processing circuitry, cause the network system to obtain telemetry data. The instructions cause the network system to determine, based on the telemetry data, that an application running on server processing circuitry does not…
Logical port administrative states
Granted: February 25, 2025
Patent Number:
12237999
In some implementations, a network device may identify a triggering event associated with a logical port. The logical port may be associated with a subscriber group that is associated with a user plane subscriber access device. The network device may assign, based at least in part on the triggering event, a logical port administrative state to the logical port.
Dynamic creation of overlay network slices using border gateway protocol flow specifications
Granted: February 25, 2025
Patent Number:
12237974
A network device may receive a border gateway protocol (BGP) flow specification route associated with creation of an overlay network slice in a network, and may create a new routing instance based on the BGP flow specification route. The network device may associate interfaces defined by the BGP flow specification route with virtual private network (VPN) members, and may determine VPN parameters based on the BGP flow specification route. The network device may advertise the VPN…
Toolless mounting of electronic devices
Granted: February 18, 2025
Patent Number:
12228241
A mounting bracket for mounting an electronic device to the T-bar of a drop ceiling provides for self-locking snap-action securing of the mounting bracket to a flange of the T-bar, suspending the mounting bracket from the T-bar. The mounting bracket also provides for self-locking snap-action attachment of the mounted device to the bracket, suspending the device from the suspended mounting bracket. A split adapter allows vertical offsetting of the device from the ceiling, reducing…
Associating sets of data corresponding to a client device
Granted: February 18, 2025
Patent Number:
12232013
A network management system includes a memory storing a set of access point (AP) data, wherein the set of AP data corresponds to a communication between a client device and an AP device. Additionally, the network management system includes processing circuitry configured to: receive the set of AP data corresponding to the client device; and receive a set of remote server data, wherein the set of remote server data comprises information corresponding to a communication between the client…
Network slices for time sensitive networking
Granted: February 18, 2025
Patent Number:
12231920
An example network system includes In one example, a network system includes a service orchestrator for managing a mobile network. The service orchestrator is configured to: receive, from a centralized network controller (CNC) for a time sensitive networking (TSN) application, TSN configuration data for a TSN flow between two end station devices for the TSN application; generate, based on the TSN configuration data, an intent to create a network slice in the mobile network to transport…
Edge device for telemetry flow data collection
Granted: February 18, 2025
Patent Number:
12231340
A device comprises processing circuitry configured to configure an edge device to collect telemetry flow data output by a plurality of network devices and to generate processed telemetry flow data based on the collected telemetry flow data. The processing circuitry is further configured to receive the processed telemetry flow data from the edge device and store an indication of the processed telemetry flow data.
Standby access gateway function signaling for a dynamic host configuration protocol
Granted: February 18, 2025
Patent Number:
12231328
In some implementations, a first access gateway function (AGF) may receive, from a second AGF, a communication indicating at least one of a subscriber identity, session information, subscriber context, or session transport information associated with an active session between the second AGF and a client device. The first AGF device may detect that the second AGF device is associated with a failure. The first AGF device may transmit, to a first core network device, a request to switch a…
Adaptable software defined wide area network application-specific probing
Granted: February 18, 2025
Patent Number:
12231320
Systems, devices and techniques for an adaptive application-specific probing scheme are disclosed. An example network device includes memory configured to store a network address and probe protocol usable for probing a first network device associated with a source of an application, and one or more processors configured to determine a network address and probe protocol usable for probing the first network device, wherein the first network device comprises a server that is responsive to…
Edge controller with network performance parameter support
Granted: February 18, 2025
Patent Number:
12231290
A method includes receiving a plurality of configurations comprising a first configuration for provisioning a first set of network services at a first resource of an edge device and a second configuration for provisioning a second set of network services at the first resource, a first configuration group identifier identifying a configuration group for the first configuration, and a first network performance parameter for the configuration group. The method further includes determining a…
