Delayed quantum key-distribution
Granted: February 6, 2024
Patent Number:
11895234
A node may receive, from a quantum key-distribution (QKD) device, a first message that includes an identifier associated with a key. The node may send, to another node, a second message that includes the identifier and a request to perform at least one task. A node may receive, from the other node, a third message that includes information associated with performance of the at least one task by the other node and information indicating a time of performance. The node may receive, from…
Pausing a media access control security (MACsec) key agreement (MKA) protocol of an MKA session using a fast heartbeat session
Granted: February 6, 2024
Patent Number:
11895228
A network device may establish a media access control security (MACsec) key agreement (MKA) session with another network device via a MACsec communication link; establish a fast heartbeat session via the MACsec communication link, between a first packet processing engine of the network device and a second packet processing engine of the other network device, where the fast heartbeat session is to permit the first packet processing engine and the second packet processing engine to…
Data center resource monitoring with managed message load balancing with reordering consideration
Granted: February 6, 2024
Patent Number:
11895193
Techniques for resource monitoring and managed message reordering in a data center are described. In one example, a computing system comprises an ingress engine to receive a message from a network device in a data center comprising a plurality of network devices and the computing system; and in response to receiving the message from a network device in the data center, communicate the message to an appropriate collector application corresponding to the message's protocol type in…
Detecting and blocking a malicious file early in transit on a network
Granted: February 6, 2024
Patent Number:
11895129
A device may receive a malicious file associated with a network of network devices and may identify a file type and file characteristics associated with the malicious file. The device may determine one or more rules to apply to the malicious file based on the file type and the file characteristics associated with the malicious file and may apply the one or more rules to the malicious file to generate a partial file signature for the malicious file. The device may provide the partial file…
Methods and devices for blocking, detecting, and/or preventing malicious traffic
Granted: February 6, 2024
Patent Number:
11895116
A network device obtains information, associated with blacklisted domains, that includes blacklisted domain identifiers, and sinkhole server identifiers associated with the blacklisted domain identifiers. The network device obtains a set of rules that specify match criteria, associated with the blacklisted domains, that include source network addresses and/or destination network addresses for comparison to packet source network addresses and/or packet destination network addresses…
Dynamic prefix apportionment for address pool management
Granted: February 6, 2024
Patent Number:
11895086
A network device may maintain, for a user device, a pool domain into which address prefixes are allocated from a partition of an address pool management (APM) device, and may estimate, based on pool domain data, an average subscriber login rate for the pool domain by the user device. The network device may estimate, based on the pool domain data, an average response latency per apportionment alarm, and may calculate a dynamic apportionment threshold based on the average subscriber login…
Virtualized cell site routers with layer 2 forwarding
Granted: February 6, 2024
Patent Number:
11895020
In general, techniques are described for deploying virtualized cell site routers (vCSRs) capable of layer 2 (L2) forwarding to cell site servers to support management and orchestration of functional units for mobile networks executing on the cell site servers. In an example, a method comprises receiving, at a forwarding plane of a virtualized cell site router (vCSR) of a first Distributed Unit (DU) of a plurality of DU servers of a cell site for a 5G radio access network, the vCSR having…
Active assurance for virtualized services
Granted: February 6, 2024
Patent Number:
11895002
An example method includes receiving, by a computing system, a declarative testing descriptor for active testing of a virtualized service; obtaining, from an orchestration layer, metadata associated with the virtualized service, wherein the metadata specifies a unique name for a virtualized service within the namespace of a cluster managed by the orchestration layer; determining, by the computing system using the declarative testing descriptor and the metadata, an active testing…
Containing electromagnetic interference radiation in lidless semiconductor packages
Granted: February 6, 2024
Patent Number:
11894316
A semiconductor package may include a substrate, an application-specific integrated circuit (ASIC) provided on a first portion of a surface of the substrate, a memory device provided on a second portion of the surface of the substrate, and a stiffener plate provided on a third portion of the surface of the substrate. The stiffener plate may be spaced from and may surround the ASIC and the memory device. The semiconductor package may include an electromagnetic interference (EMI) absorber…
Tracking host threats in a network and enforcing threat policy actions for the host threats
Granted: January 30, 2024
Patent Number:
11888877
A device receives network segment information identifying network segments associated with a network, and receives endpoint host session information identifying sessions associated with endpoint hosts communicating with the network. The device generates, based on the network segment information and the endpoint host session information, a data structure that includes information associating the network segments with the sessions associated with the endpoint hosts. The device updates the…
Managing address spaces across network elements
Granted: January 30, 2024
Patent Number:
11888814
In general, techniques are described for managing address spaces across network elements. A network device including a processor may be configured to perform the techniques. The processor may execute a pool manager that automatically distributes a first block of network addresses to a first network element acting, for a first network, as a first address allocation server to assign the first block of network addresses. The pool manager may further automatically distribute a second block…
System and method for determining a data flow path in an overlay network
Granted: January 30, 2024
Patent Number:
11888738
This disclosure describes techniques that include collecting underlay flow data within a network and associating underlay flow data with a source and a destination virtual network to enable insights into network operation and performance. In one example, this disclosure describes a method that includes identifying, for each underlay data flow, a source overlay network and a destination overlay network associated with the underlay data flow, wherein identifying includes retrieving, from…
Label deduction with flexible-algorithm
Granted: January 30, 2024
Patent Number:
11888733
A flexible-algorithm routing method comprises: receiving, by a first router, a route advertisement including a base node label, for a second router, associated with a segment routing path without flexible-algorithm, wherein the second router participates in a flexible-algorithm; deducing, by the first router and from the base node label, a node label, for the second router, associated with a segment routing path with the flexible-algorithm; and constructing, by the first router, a label…
Policy controller for distributed virtualization infrastructure element monitoring
Granted: January 30, 2024
Patent Number:
11888714
This disclosure describes techniques for monitoring, scheduling, and performance management for virtualization infrastructures within networks. In one example, a computing system includes a plurality of different cloud-based compute clusters (e.g., different cloud projects), each comprising a set of compute nodes. Policy agents execute on the compute nodes to monitor performance and usage metrics relating to resources of the compute nodes. Policy controllers within each cluster deploy…
Confirmed commit with user specified automatic rollback configuration
Granted: January 30, 2024
Patent Number:
11888695
A network device receives a first message indicating that the network device is to operate according to a new configuration for a period of time and that the network device is to operate according to a user specified configuration upon expiration of the period of time without confirmation of the new configuration. The network device thereby causes the network device to operate according to the new configuration for the period of time, and then determines whether the network device…
Early detection of telemetry data streaming interruptions
Granted: January 30, 2024
Patent Number:
11888680
A computing device may receive, from a collector device, a request to subscribe, in a target-defined mode, to network telemetry data regarding a network element associated with the computing device. The computing device may, in response to receiving the request, provision a network telemetry sensor to operate in a working mode to collect the network telemetry data regarding the network element. The collector device may send, to the collector device, the network telemetry data collected…
Hypothesis driven diagnosis of network systems
Granted: January 30, 2024
Patent Number:
11888679
An example method includes obtaining, by one or more processors, data indicating resource dependencies between a plurality of resources in a network and event dependencies between a plurality of network events and one or more of the plurality of resources; generating a Bayesian model based on resource types of the plurality of resources and event types of the plurality of network events; receiving an indication of a fault in the network; collecting fault data and generating, based on the…
Making transmission control protocol (TCP) sessions robust in a socket replication environment
Granted: January 30, 2024
Patent Number:
11886304
A network device may execute a master application communicating with another network device via a session, and may receive, by a backup application replication layer, a replicated data object. The backup application replication layer may provide the replicated data object to a backup application, and may calculate a time delta between when the replicated data object is received and when the replicated data object arrives at the backup application. The backup application replication layer…
Malware detection based on user interactions
Granted: January 23, 2024
Patent Number:
11880458
A device may receive a file that has been downloaded, or is to be downloaded, to a user device, and that is to be subject to a malware detection procedure. The device may obtain, based on one or more file identification properties of the file, metadata identifying user interactions associated with the file. The metadata may include a first group of user interactions performed when the file was accessed on the user device or a second group of user interactions performed when the file was…
User interface for 5G radio access network (RAN) topology
Granted: January 23, 2024
Patent Number:
11882006
Techniques are disclosed for a user interface for displaying a topology representation of infrastructure of a 5G Radio Access Network (RAN), such as an Open Radio Access Network (O-RAN) 5G infrastructure. For example, a computing system displays, via a user interface, first icons, each icon of the first icons representing first components providing Level-1 functionality for the O-RAN 5G infrastructure, such as non-real-time RAN Intelligent Controllers (RICs). The computing system…
