Patents Assigned to Juniper Networks
-
Publication number: 20120300674Abstract: A network device provides a selector list that includes indices of child nexthops associated with the network device, where each of the child nexthops is associated with a corresponding child link provided in an aggregated bundle of child links. The network device also receives an indication of a failure of a child link in the aggregated bundle of child links, and removes, from the selector list, an index of a child nexthop associated with the failed child link. The network device further receives probabilities associated with the child links of the aggregated bundle of child links. Each of the probabilities indicates a probability of a packet exiting the network device on a child link. The network device also creates a distribution table based on the probabilities associated with the child links, and rearranges values provided in the distribution table.Type: ApplicationFiled: July 30, 2012Publication date: November 29, 2012Applicant: Juniper Networks, Inc.Inventors: Nitin Kumar, Alex Baban, Alok Khambatkone
-
Patent number: 8320369Abstract: A switching device includes multiple interfaces and a switch fabric. The switch fabric includes switch integrated circuits arranged in a number of stages. Multiple virtual switch planes may be implemented in the switch fabric. Data traffic received at the interfaces is selectively assigned to different ones of the virtual switch planes.Type: GrantFiled: June 6, 2008Date of Patent: November 27, 2012Assignee: Juniper Networks, Inc.Inventors: Philippe LaCroute, Matthew A Tucker, John D Weisbloom, Anjan Venkatramani, Jayabharat Boddu, Stefan Dyckerhoff
-
Patent number: 8318546Abstract: Thermal management is provided for a device. The device may include a substrate having a mounting area on a first surface of the substrate. The device may also include first thermal vias extending from the mounting area to at least an interior of the substrate. The device may also include at least one thermal plane substantially parallel to the first surface of the substrate, the at least one thermal plane being in thermal contact with at least one of the first thermal vias. The device may also include a heat sink attachment area, and second thermal vias extending from the heat sink attachment area to the interior of the substrate, the at least one thermal plane being in thermal contact with the second thermal vias.Type: GrantFiled: April 20, 2011Date of Patent: November 27, 2012Assignee: Juniper Networks, Inc.Inventor: David J. Lima
-
Patent number: 8321753Abstract: A method performed by an I/O unit connected to another I/O unit in a network device. The method includes receiving a packet; segmenting the packet into a group of data blocks; storing the group of data blocks in a data memory; generating data protection information for a data block of the group of data blocks; creating a control block for the data block; storing, in a control memory, a group of data items for the control block, the group of data items including information associated with a location, of the data block, within the data memory and the data protection information for the data block; performing a data integrity check on the data block, using the data protection information, to determine whether the data block contains a data error; and outputting the data block when the data integrity check indicates that the data block does not contain a data error.Type: GrantFiled: April 13, 2010Date of Patent: November 27, 2012Assignee: Juniper Networks, Inc.Inventors: Pradeep Sindhu, Srihari Vegesna
-
Patent number: 8321595Abstract: A method may include receiving a communication from a client device and identifying a port number, a protocol and a destination associated with the communication. The method may also include identifying a first application being executed by the first client device based on the port number, the protocol and the destination associated with the first communication.Type: GrantFiled: April 22, 2011Date of Patent: November 27, 2012Assignee: Juniper Networks, Inc.Inventors: Krishna Narayanaswamy, Siying Yang
-
Patent number: 8320247Abstract: A method may include receiving a data unit and identifying a state of a memory storing data units. The method may include selecting a threshold value having a first threshold unit or a second threshold unit based on the state of the memory. The method may include comparing the threshold value to a queue state using the first threshold unit if the memory is in a first state. The method may include comparing the threshold value to the queue state using the second threshold unit if the memory is in a second state.Type: GrantFiled: April 23, 2010Date of Patent: November 27, 2012Assignee: Juniper Networks, Inc.Inventors: Paul J. Giacobbe, John C. Carney
-
Patent number: 8320949Abstract: A technique for wireless load balancing involves providing a wireless infrastructure that creates a target band option and helps push clients toward that band. An example of a method according to the technique involves, by way of example but not limitation, responding only to probe requests on a first band when a client is detected on the first band and a second band. For example, using the techniques described herein, a platform that is both 802.11a and 802.11b/g compliant may attempt to connect preferentially to the 802.11b/g band of a wireless network, and be migrated toward the 802.11a band instead.Type: GrantFiled: October 13, 2011Date of Patent: November 27, 2012Assignee: Juniper Networks, Inc.Inventor: Sudheer Poorna Chandra Matta
-
Patent number: 8320379Abstract: A method of carrying out arbitration in a packet exchanger including an input buffer temporarily storing a packet having arrived at an input port, and a packet switch which switches a packet between a specific input port and a specific output port, includes the steps of (a) concurrently carrying out a first plurality of sequences in each of the sequences basic processes for at least one of the input buffer and the output port are carried out in a predetermined order, and (b) making an allowance in each of the sequences for packets to be output through output through output ports at different times from one another.Type: GrantFiled: July 30, 2010Date of Patent: November 27, 2012Assignee: Juniper Networks, Inc.Inventor: Masayuki Shinohara
-
Patent number: 8321698Abstract: A redundant power supply may obtain a rule for increasing mean time between failures (MTBF) for a first internal power supply and a second internal power supply connected to an electronic device, apply the rule to the first and second power supplies, activate the second internal power supply based on the rule to permit the second internal power supply to provide power to the electronic device, and deactivate the first internal power supply based on the rule.Type: GrantFiled: January 25, 2011Date of Patent: November 27, 2012Assignee: Juniper Networks, Inc.Inventors: Ankur Singla, Surendra Patel, Harshad Nakil
-
Patent number: 8321941Abstract: A system and method for detecting malware by modeling the behavior of malware and comparing a suspect executable with the model. The system and method extracts feature elements from malware-infected applications, groups the feature elements into feature sets, and develops rules describing a malicious probability relationship between the feature elements. Using malware-free and malware-infected applications as training data, the system and method heuristically trains the rules and creates a probability model for identifying malware. To detect malware, the system and method scans the suspect executable for feature sets and applies the results to the probability model to determine the probability that the suspect executable is malware-infected.Type: GrantFiled: April 6, 2007Date of Patent: November 27, 2012Assignee: Juniper Networks, Inc.Inventors: George Tuvell, Deepak Venugopal, Guoning Hu
-
Publication number: 20120297083Abstract: Methods and devices for processing packets are provided. The processing device may Include an input interface for receiving data units containing header information of respective packets; a first module configurable to perform packet filtering based on the received data units; a second module configurable to perform traffic analysis based on the received data units; a third module configurable to perform load balancing based on the received data units; and a fourth module configurable to perform route lookups based on the received data units.Type: ApplicationFiled: June 29, 2012Publication date: November 22, 2012Applicant: JUNIPER NETWORKS, INC.Inventors: Dennis C. FERGUSON, Rajiv PATEL, Gerald CHEUNG, Pradeep SINDHU
-
Publication number: 20120297047Abstract: A device may include a donor to maintain a pool of addresses; a group of borrowers to obtain addresses from the donor; a daemon that has registered an interest in one or more borrowers in the group of borrowers; and a library to maintain first relationships between donors and borrowers that have obtained addresses from the donors, maintain second relationships between daemons and borrowers in which the daemons have registered an interest, receive a notification regarding an incident associated with the donor, identify, in response to the notification, the group of borrowers based on the first relationships, determine that the daemon has registered an interest in the one or more borrowers in the group of borrowers based on the second relationships, and output, to the daemon, a notification regarding the incident associated with the donor.Type: ApplicationFiled: July 31, 2012Publication date: November 22, 2012Applicant: JUNIPER NETWORKS, INC.Inventors: Kaushik GHOSH, Bharani CHADALAVADA, Vinay NALLAMOTHU
-
Patent number: 8316226Abstract: Adaptive failover occurs between a Layer Three (L3) based network tunnel and a Layer Four (L4) based network tunnel. An example of a L4 based network tunnel is a Secure Sockets Layer (SSL) tunnel and an example of a L3 based network tunnel is an Internet Protocol Security (IPSec) tunnel. SSL tunnels work through most firewalls and proxies, but may introduce latency and other performance problems. IPSec tunnels provide a more efficient performance, but may not work through some firewalls and proxies. The techniques include dynamically selecting a tunneling protocol in order to achieve a more efficient network tunnel performance when possible while maintaining consistent L3 connectivity from a variety of remote network environments.Type: GrantFiled: September 14, 2005Date of Patent: November 20, 2012Assignee: Juniper Networks, Inc.Inventors: Shekhar Kshirsagar, James Wood, David W. Young, Vamsi K. Anne, Vadim Egorov, Christopher N. Thomas
-
Patent number: 8315254Abstract: A bandwidth management card includes a switch control unit and multiple ports connected to one or more line cards that are separate from the bandwidth management card. The bandwidth management card further includes at least one switch, and multiple network ports, where each of the multiple network ports is connected to a respective link to at least one external network. A first switch of the at least one switch receives instructions from the switch control unit, switches a first subset of the multiple network ports through to a first port of the multiple ports based on the received instructions, and switches a second subset of the multiple network ports through to a second port of the multiple ports based on the received first instructions.Type: GrantFiled: December 10, 2009Date of Patent: November 20, 2012Assignee: Juniper Networks, Inc.Inventors: Boris Reynov, Euan Mowat, Venkata Penmetsa, Shreeram Siddhaye, Jack Kohn, Dung Nguyen
-
Patent number: 8316435Abstract: An MPLS-aware firewall allows firewall security policies to be applied to MPLS traffic. The firewall, which may be integrated within a routing device, can be configured into multiple virtual security systems. The routing device provides a user interface by which a user specifies one or more zones to be recognized by the integrated firewall when applying stateful firewall services to the packets. The user interface allows the user to define different zones and policies for different ones of the virtual security systems. In addition, the user interface supports a syntax that allows the user to define the zones for the firewall by specifying the customer VPNs as interfaces associated with the zones. The routing device generates mapping information for the integrated firewall to map the customer VPNs to specific MPLS labels for the MPLS tunnels carrying the customer's traffic.Type: GrantFiled: November 14, 2008Date of Patent: November 20, 2012Assignee: Juniper Networks, Inc.Inventors: Kannan Varadhan, Joao Campelo F. N. Gomes
-
Patent number: 8316151Abstract: A network device may be configured to filter network traffic using multiple filters bound to different interfaces, such as different ports or other logical interfaces associated with the network device. Multiple filters may be merged to obtain a number of merged filter sets. A rank may be calculated for the merged filter sets and used to maintain a required ordering of the merged filter sets when performing a lookup.Type: GrantFiled: February 25, 2009Date of Patent: November 20, 2012Assignee: Juniper Networks, Inc.Inventor: Anand Ammundi
-
Publication number: 20120287789Abstract: A device provides a flow table. The device receives a data unit, determines a data flow associated with the data unit, determines whether the flow table includes an entry corresponding to the data flow, determines a current utilization of a group of output ports of the device, selects an output port, of the group of output ports, for the data flow based on the current utilization of the group of output ports when the flow table does not store an entry corresponding to the data flow, and stores the data unit in a queue associated with the selected output port.Type: ApplicationFiled: July 23, 2012Publication date: November 15, 2012Applicant: JUNIPER NETWORKS, INC.Inventors: Gunes AYBAY, Arthi AYYANGAR
-
Publication number: 20120290721Abstract: A network device may include logic to establish an IP session, establish a BFD session within the established IP session, transmit BFD packets within the established BFD session, and determine that the established IP session is active based upon reception of the BFD packets. In another embodiment, the logic may also determine that an IP session is active using an inactivity timer that may also trigger transmission of BFD packets.Type: ApplicationFiled: July 24, 2012Publication date: November 15, 2012Applicant: JUNIPER NETWORKS, INC.Inventors: Vitali VINOKOUR, Sanjay WADHWA, Jerome MOISAND
-
Publication number: 20120287940Abstract: A device may receive a packet, obtain data from the packet, store the data in a memory, and send a request to match a portion of the data to a set of patterns, the request identifying the portion in the memory. In addition, the device may access the portion in the memory based on the request, compare the accessed portion to the set of patterns, generate a result by comparing the accessed portion to the set of patterns, and output the result.Type: ApplicationFiled: July 20, 2012Publication date: November 15, 2012Applicant: JUNIPER NETWORKS, INC.Inventors: Krishna Narayanaswamy, Sunil Ravi
-
Patent number: 8312545Abstract: A system and method for detecting malware on a mobile platform in a mobile network. The system and method verifies that an executable is malware-free by computing the checksum of the executable and comparing that checksum with a checksum obtained from a malware-free copy of the executable. The checksum is a sum of all 32-bit values in a code section and an import section of said executable, a byte sequence at an entry point in said executable, a size descriptor of an import table, a size descriptor of said import section, a cyclic redundancy check of said executable, or a combination thereof.Type: GrantFiled: April 6, 2007Date of Patent: November 13, 2012Assignee: Juniper Networks, Inc.Inventors: George Tuvell, Deepak Venugopal, Matthew Pfefferle
