Methods and apparatus relating to the use of real and/or virtual beacons
Granted: July 23, 2024
Patent Number:
12047863
Methods and apparatus relating to use of actual and/or virtual beacons are described. Virtual beacons are virtual in that an actual beacon need not be transmitted but a rather a virtual beacon transmitter at a desired location maybe considered to transmit virtual beacons. In some embodiments a set of beacon transmitter information for one or more beacons is supplied to devices in a communications system. The beacon transmitter information indicates transmission power and location of…
Systems and methods for avoiding offloading traffic flows associated with malicious data
Granted: July 23, 2024
Patent Number:
12047410
In some implementations, a security device may receive a traffic flow. The security device may determine an amount of a padding included in the traffic flow. The security device may determine whether the amount of the padding included in the traffic flow satisfies a padding threshold. The security device may perform, based on the amount of the padding satisfying the padding threshold, offloading for the traffic flow. The security device may inspect, based on the amount of the padding…
Apparatus, system, and method for determining traffic load distributions in connection with routes of hierarchical Forwarding Information Bases
Granted: July 23, 2024
Patent Number:
12047297
A disclosed method may include (1) identifying a route installed in a Forwarding Information Base (FIB) of a network device included in a network, (2) identifying a plurality of active paths that lead from the network device to a destination device of the route installed in the FIB, (3) determining a load distribution of the plurality of active paths by calculating a plurality of traffic loads that represent amounts of traffic that traverse from the network device to the destination…
Automatic application-based multipath routing for an SD-WAN service
Granted: July 23, 2024
Patent Number:
12047279
Example network devices, systems, and methods are disclosed. In an example, a network device includes memory configured to store information associated with one or more service level agreements (SLAs) for applications in a software-defined wide area network (SD-WAN) and an application-based multipath routing (AMR) module including processing circuitry. The AMR module is configured to identify, based on criteria, one or more of the applications for AMR, wherein each criterion of the…
Point-to-multipoint layer-2 network extension over layer-3 network
Granted: July 23, 2024
Patent Number:
12047277
Techniques are disclosed for session-based routing of multipoint Open Systems Interconnection (OSI) Model Layer-2 (L2) frames of an L2 network extended over Layer-3 (L3) networks. In one example, L2 networks connect a source device to an ingress router and receiver devices to egress routers. An L3 network connects the ingress and egress routers. The ingress router receives, from the source device, a multipoint L2 frame destined for the receiver devices. The ingress router forms, for each…
Utilizing a centralized controller for traffic engineering segment routing inter-autonomous systems
Granted: July 23, 2024
Patent Number:
12047272
A device receives border gateway protocol (BGP) data associated with links provided in a segment routing network. The segment routing network includes a first autonomous system (AS) with first network devices interconnected by a first portion of the links, a second AS with second network devices interconnected by a second portion of the links, and an inter-AS link provided between one of the first network devices and one of the second network devices. The device filters prefixes of the…
Proactive and on-demand destination next hop information sharing mechanism between a forwarding plane and a service plane
Granted: July 16, 2024
Patent Number:
12040984
A first packet forwarding plane (PFE) of a network device may receive a packet and may perform a first lookup for the packet. The first PFE may provide the packet to a service plane based on the first lookup. The service plane may apply a service to the packet and may provide the packet to the first PFE. The first PFE may perform a second lookup. The first PFE may provide the packet to a second PFE of the network device based on the second lookup and may store flow information associated…
Location metrics for monitoring or control of wireless networks
Granted: July 16, 2024
Patent Number:
12041510
This disclosure describes a system including a plurality of access point (AP) devices configured to provide a wireless network at a site; and a network management system (NMS) including a memory storing client-side data collected by a plurality of client devices associated with the wireless network and storing location data associated with each of the plurality of client devices generated by a location engine in response to location requests issued by each of the plurality of client…
Inline security key exchange
Granted: July 16, 2024
Patent Number:
12041162
Techniques are disclosed for inline security key exchanges between network devices. An example network device includes one or more processors and memory coupled to the one or more processors. The memory stores instructions that, upon execution, cause one or more processors to obtain a first payload key and obtain a path key. The instructions cause the one or more processors to encrypt a first payload of a first packet using the first payload key and insert the first payload key into…
Continuing a media access control security (MACSEC) key agreement (MKA) session upon a network device becoming temporarily unavailable
Granted: July 16, 2024
Patent Number:
12041052
A network device may communicate with another network device via a media access control security (MACsec) key agreement (MKA) communication link, wherein an MKA session has been established between the network device and the other network device. The network device may determine that the other network device is unavailable. The network device may cause, based on determining that the other network device is unavailable, an MKA state of the network device to be placed in a paused state.…
Conversational assistant for obtaining network information
Granted: July 16, 2024
Patent Number:
12040934
This disclosure describes a network management system (NMS) configured to determine a particular network device of a plurality of network devices based on a first user input in a conversational assistant. The one or more processors are further configured to identify a set of actionable insights for the particular network device based on network data received from the plurality of network devices and determine a set of views of a dashboard based at least on the set of actionable insights,…
Intent-based telemetry collection service with supported telemetry protocol in a virtualized computing infrastructure
Granted: July 16, 2024
Patent Number:
12039355
A telemetry service can receive telemetry collection requirements that are expressed as an “intent” that defines how telemetry is to be collected. A telemetry intent compiler can receive the telemetry intent and translate the high level intent into abstract telemetry configuration parameters that provide a generic description of desired telemetry data. The telemetry service can determine, from the telemetry intent, a set of devices from which to collect telemetry data. For each…
Programmable model-driven license management and enforcement in a multi-tenant system
Granted: July 9, 2024
Patent Number:
12032662
A device may receive license data identifying device licenses and organization licenses associated with an organization of users of a multi-tenant system, and may identify, in the license data, entitlements for licenses associated with the organization. The device may combine the entitlements to generate combined entitlements, and may determine an entitlement count of the combined entitlements. The device may add quantities of new entitlements to the entitlement count, and may identify,…
Control of roaming in a wireless network using a variable mobility threshold
Granted: July 9, 2024
Patent Number:
12035408
A network management system (NMS) is configured to control roaming in a wireless network using a variable mobility threshold. For a first wireless device associated with a current location, the NMS obtains at least one performance metric of a first wireless signal received by the first wireless device at the current location from a first AP of a plurality of APs, compares the at least one parameter of the first wireless signal to at least one performance metric of a second wireless…
Processing channel state information (CSI) to determine characteristics of a space between wireless access points
Granted: July 9, 2024
Patent Number:
12035160
A computing system includes a storage device and processing circuitry having access to the storage device. The processing circuitry is configured to receive a sequence of channel state information (CSI) samples, and calculate, based on the sequence of CSI samples, frequency domain information including a set of frequency domain values for each frequency band of a plurality of frequency bands. The processing circuitry is further configured to select a set of frequency bands of the…
Retrieving operational command response text from network devices
Granted: July 9, 2024
Patent Number:
12034793
In general, techniques are described for retrieving operational command response text from network devices. A collector network device comprising an interface and a processor may be configured to perform the techniques. The interface may receive, via a messaging bus between the network management system and a webserver, a first command to request management data stored by a managed network device, and send, in response to the first command, a second command to direct the managed network…
Virtual network routers for cloud native software-defined network architectures
Granted: July 9, 2024
Patent Number:
12034652
In general, techniques are described for a creating a virtual network router within a software defined network (SDN) architecture. A network controller for the SDN architecture system may include processing circuitry that is configured to execute a configuration node and a control node. The configuration node may process a request by which to create a virtual network router (VNR), where the virtual network router may cause the network controller to interconnect a first virtual network…
Multi-hop physical layer data collection protocol
Granted: July 9, 2024
Patent Number:
12034638
Disclosed embodiments utilize a layer three and/or layer four protocol to collect physical layer properties along a multi-hop network path between a source node and a destination node. The use of a layer three or layer four protocol provides an ability to span multiple links or networks between the source node and destination node, while also collecting the physical layer properties. Once physical layer properties along a network path can be understood, decisions relating to the…
Using and processing per slice segment identifiers in a network employing segment routing
Granted: July 9, 2024
Patent Number:
12034635
The same prefix segment identifier (SID) may be configured and/or used for either (A) more than one prefix within an interior gateway protocol (IGP) domain, or (B) one prefix with more than one path computation algorithm within the IGP domain by: (a) receiving, by a node in the IGP domain, an IGP advertisement including both (1) a prefix SID and a segment routing global block (SRGB) slice identifier; (b) determining whether or not the SRGB slice identified by the SRGB slice identifier is…
Diagnostics reporting for wide area network assurance system
Granted: July 9, 2024
Patent Number:
12034588
Techniques are disclosed for reporting diagnostics data by a first network device to a cloud-based Wide Area Network (WAN) assurance system, responsive to the first network device detecting a communication issue with the cloud-based WAN assurance system. For example, the first network device detects an issue with sending telemetry data to the cloud-based WAN assurance system via a first communication path. In response, the first network device determines a second network device that has…
