Role-based access control policy auto generation
Granted: February 28, 2023
Patent Number:
11595393
In some examples, an access control policy controller in a computer network may receive a request to create an access control policy that permits a role to perform one or more functions in the computer network. The access control policy controller may determine one or more operations performed on one or more objects in the computer network to perform the one or more functions based at least in part on tracking performance of the one or more functions in the computer network. The access…
Measuring metrics of a computer network
Granted: February 28, 2023
Patent Number:
11595273
A method of measuring (100) metrics of a computer network, comprising the steps of: —from a data source collecting (110) sets of data points during a sampling time period, wherein the set of data points constitute a sample, and uploading (120) each sample to a server for further processing (130), wherein from each sample, a tractile information instance is produced (131), wherein the tractile information has a type and each data source is associated (110a) with a fractile information…
Apparatus, systems, and methods for optical channel management
Granted: February 28, 2023
Patent Number:
11595146
An apparatus includes a reconfigurable optical add/drop multiplexer (ROADM) having an input port to receive a first optical signal from a second device. The ROADM also includes a first wavelength selective switch (WSS), in optical communication with the input port, to convert the first optical signal into a second optical signal, a loopback, in optical communication with the first WSS, to transmit the second optical signal, and a second WSS, in optical communication with the loopback, to…
Inter-application workload network traffic monitoring and visuailization
Granted: February 21, 2023
Patent Number:
11588708
Graphical user interfaces are generated that, when displayed, provide a visual and interactive representation of one or more aspects associated with the execution of one or more applications on a computer network. The graphical user interfaces may in include graphical depictions representation policy objects, each policy object assigned one or more tags, each tag assigned to a category or a sub-category. The tags, when taken in combination, may identify an application, and one or more…
Guided alignment of wireless device orientation
Granted: February 14, 2023
Patent Number:
11582710
Embodiments provide for guided alignment of the orientation of two wireless devices. A first wireless device is at a known position and a known orientation. A signal from a second wireless device is received via a plurality of receive elements of the first wireless device. The first wireless device measures phase differences of the signal at the plurality of receive elements, and determines locations of each of the second wireless device's transmit elements based on the differences.…
Dynamic intent assurance and programmability in computer networks
Granted: February 14, 2023
Patent Number:
11582115
In general, techniques are described for automatic intent provisioning and management in computer networks. A device comprising a processor, a memory, and an interface may perform the techniques. The processor may obtain a policy that includes high-level configuration data defining a service to be deployed within a network, the high-level configuration data including resource selector criteria that identifies one or more criteria for selecting a resource to support the service from a…
Predictive pipeline analytics for a network management system
Granted: February 14, 2023
Patent Number:
11582099
A controller device includes a memory and one or more processors coupled to the memory. The memory stores instructions that, when executed, cause the one or more processors to receive a query indicating a first time and a network service, determine a first set of configuration elements using telemetry data associated with the first time and the network service, and determine a second set of configuration elements using an intent model. The instructions further cause the one or more…
Multicast source discovery protocol (MSDP) loop avoidance
Granted: February 14, 2023
Patent Number:
11582054
The disclosure describes techniques for enhancements to the Multicast Source Discovery Protocol (MSDP) to reduce Source Active (SA) message loops in one or more multicast domains having overlapping MSDP mesh groups. In some examples, a method includes receiving, by a first MSDP speaker, from a second MSDP speaker, a SA message. The method also includes, when the second MSDP speaker is in a mesh group with the first MSDP speaker, determining whether the first MSDP speaker includes an…
Methods and apparatus for implementing an access point supporting multiple communications protocols
Granted: February 14, 2023
Patent Number:
11581626
Access points can be mounted in a variety of locations or orientations and can support multiple communications protocols. In some embodiments, an access point includes a main housing and a front housing. The main and front housing are connected by a hinge. A Wi-Fi antenna is included in the front housing in some embodiments. The access point is configured for use in either an open or closed position. When mounted in a vertical position, the front housing can be lowered into a horizontal…
Wireless signals for location determination
Granted: February 7, 2023
Patent Number:
11576144
Methods and apparatus relating to the detection of one or more devices in zones, e.g., non-overlapping areas, are described. Individual device locations are made based on RSSI information. Whether a user is determined to be in a zone or not is determined based on location determinations corresponding to the device. Thresholds used to determine whether a device is to be considered as being within a zone differs depending on whether the device is newly detected in the zone or is already…
Transmitting and storing different types of encrypted information using TCP urgent mechanism
Granted: February 7, 2023
Patent Number:
11575662
A network device decrypts a record, received from a client device, that is associated with an encrypted session between the client device and an application platform. The network device incorporates decrypted record data, from the decrypted record, into a payload field of a transmission control protocol (TCP) packet to be transmitted to another device, identifies a record header in the record, and determines, based on the record header, a record type associated with the decrypted record.…
Efficient encryption and decryption of duplicate packets communicated via a virtual private network
Granted: February 7, 2023
Patent Number:
11575653
A network device may create an encrypted packet and may duplicate the encrypted packet to create a plurality of encrypted packets that includes a first set of encrypted packets that is associated with a first receiving network device and a second set of encrypted packets that is to be associated with a second receiving network device. The network device may modify the second set of encrypted packets by replacing a first virtual destination address in the second set of the plurality of…
Supporting dynamic host configuration protocol-based customer premises equipment in fifth generation wireline and wireless convergence
Granted: February 7, 2023
Patent Number:
11575649
A device may receive, from a first network device, an authentication request that requests authentication of the device, and may provide, to the first network device, an authentication response that includes the authentication of the device. The device may provide, to the first network device and based on the authentication response, a PDU session establishment request that requests establishment of a PDU session for customer premises equipment, and may receive, from the first network…
Utilizing constraints to determine optimized network plans and to implement an optimized network plan
Granted: February 7, 2023
Patent Number:
11575581
A device receives network data associated with a network that includes network devices interconnected by links at an Internet protocol (IP) layer and an optical layer of the network. The device receives constraints associated with determining a network plan for the network, where the constraints include a constraint indicating a particular time period associated with determining potential network plans for the network. The device identifies variables and values of the variables for the…
Network controller horizontal scaling for network device configuration sessions management
Granted: February 7, 2023
Patent Number:
11575572
A first plurality of network configuration controllers of a controller may distribute, using a consistent hashing algorithm, a plurality of connection sessions with a plurality of network devices among the plurality of network configuration controllers. The controller may monitor a number of connection sessions maintained by each of the first plurality of network configuration controllers. The controller may add, based on monitoring the number of connection sessions maintained by each of…
Method for conveying AP error codes over BLE advertisements
Granted: February 7, 2023
Patent Number:
11575562
Methods and apparatus for obtaining status from an isolated AP that cannot connect to a remote management server are described. The status information is obtained from a second device and then provided, via the second device, to the remote management server. At least some of the disclosed embodiments are utilized in a system including a plurality of access points, which can provide alternate pathways to the remote management server. The remote management server determines a remedial…
Mapping of virtual routing and forwarding (VRF) instances using ethernet virtual private network (EVPN) instances
Granted: February 7, 2023
Patent Number:
11575541
Methods, systems, and devices map an arbitrary number of Virtual Routing and Forwarding (VRF) instances to an Ethernet Virtual Private Network (EVPN) instance (EVI) of a leaf and spine network. For example, a spine network device executes a primary EVI to provide an EVPN to a plurality of leaf network devices, each leaf network device executing a secondary EVI to provide a plurality of network virtualization overlays to tenants of the network. The primary EVI is associated with a primary…
Network system fault resolution via a machine learning model
Granted: January 31, 2023
Patent Number:
11570038
Disclosed are embodiments for automatically resolving faults in a complex network system. Some embodiments monitor one or more of system operational parameter values and message exchanges between network components. A machine learning model detects a fault in the complex network system, and an action is selected based on a cause of the fault. After the action is applied to the complex network system, additional monitoring is performed to either determine the fault has been resolved or…
Data collection configuration file generation
Granted: January 31, 2023
Patent Number:
11570260
A network monitoring system may receive a configuration request to generate a configuration file associated with collecting feature or debug data associated with a feature, hardware, or software associated with a network device. The network monitoring system may determine a command profile associated with the feature, hardware, or software that identifies a set of commands associated with obtaining the feature or debug data from the network device. The network monitoring system may…
Dynamic security actions for network tunnels against spoofing
Granted: January 31, 2023
Patent Number:
11570207
An example network device receives an encapsulated network packet via a network tunnel; extracts IPv6 header information from the encapsulated network packet; extracts IPv4 header information from the encapsulated network packet; determines that the encapsulated network packet is a spoofed network packet based on the IPv6 header information and the IPv4 header information; and in response to detecting the spoofed network packet, transmits a message to a Tunnel Entry Point (TEP) device,…
