Patents by Inventor Akshay KATREKAR
Akshay KATREKAR has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20230421509Abstract: Some embodiments provide a method for a first data compute node (DCN) operating in a public datacenter. The method receives an encryption rule from a centralized network controller. The method determines that the network encryption rule requires encryption of packets between second and third DCNs operating in the public datacenter. The method requests a first key from a secure key storage. Upon receipt of the first key, the method uses the first key and additional parameters to generate second and third keys. The method distributes the second key to the second DCN and the third key to the third DCN in the public datacenter.Type: ApplicationFiled: September 9, 2023Publication date: December 28, 2023Inventors: Ganesan Chandrashekhar, Mukesh Hira, Su Wang, Akshay Katrekar
-
Patent number: 11831610Abstract: A system and method for using private native security groups and private native firewall policy rules for a private cloud computing environment and a public cloud computing environment uses a public cloud gateway for routing data traffic between at least a cloud network created in the public cloud computing environment and the private cloud computing environment. For each of some private native firewall policy rules that has any of newly created private native security groups as one of source and destination, a cloud native security group (CNSG) rule object with an CNSG outbound rule object and an CNSG inbound rule object for the public cloud is created and at least one of the CNSG outbound rule object and the CNSG inbound rule object is updated so that the private native firewall policy rule can be used in the cloud network.Type: GrantFiled: July 26, 2020Date of Patent: November 28, 2023Assignee: VMWARE, INC.Inventors: Vaibhav Kulkarni, Ganesan Chandrashekhar, Mukesh Hira, Akshay Katrekar, Prashant Mane, Rompicherla Sai Pavan Kumar, Sachin Kalkur, Amey Borkar
-
Patent number: 11792138Abstract: Some embodiments provide a method for a first data compute node (DCN) operating in a public datacenter. The method receives an encryption rule from a centralized network controller. The method determines that the network encryption rule requires encryption of packets between second and third DCNs operating in the public datacenter. The method requests a first key from a secure key storage. Upon receipt of the first key, the method uses the first key and additional parameters to generate second and third keys. The method distributes the second key to the second DCN and the third key to the third DCN in the public datacenter.Type: GrantFiled: May 4, 2021Date of Patent: October 17, 2023Assignee: NICIRA, INC.Inventors: Jia Yu, Su Wang, Akshay Katrekar, Mukesh Hira, Saurabh Shah
-
Patent number: 11689522Abstract: System and computer-implemented method for secure hybrid cloud connectivity between an application in a public cloud service and an on-premises service supported by an on-premises appliance includes launching a public cloud gateway appliance in the public cloud service. The public cloud gateway appliance is configured with security information associated with the on-premises appliance. The on-premises appliance is provided with contact information associated with the public cloud gateway appliance. A communication channel is established, using an outbound port, from the on-premises appliance to the public cloud gateway appliance that is secured based on the security information associated with the on-premises appliance and the contact information associated with the public cloud gateway appliance.Type: GrantFiled: September 2, 2020Date of Patent: June 27, 2023Assignee: VMWARE, INC.Inventors: Vaibhav Kulkarni, Mukesh Hira, Akshay Katrekar, Suyash Vishwas Gogte, Prem Shankar Sharma, Nikolay Semenov, Saqib Raza
-
Patent number: 11528222Abstract: The disclosure provides an approach for decentralizing control plane operations in a network environment that includes transport nodes configured to implement a logical overlay network. A method includes transmitting a global list of transport nodes to each of the plurality of transport nodes from a management plane, the global list including an ordered list of the plurality of transport nodes. The method also includes transmitting a neighbor index value to each of the plurality of transport nodes, where the transport nodes each compute a corresponding list of neighbor transport nodes based on the neighbor index value and the global list of transport nodes. The method also includes, based on determining an update to a state of the logical overlay network has occurred by a first transport node, transmitting an update message from the first transport node to each transport node in the first transport node's list of neighbor transport nodes.Type: GrantFiled: January 22, 2021Date of Patent: December 13, 2022Assignee: VMWARE, INC.Inventors: Maheedhar Nallapareddy, Akshay Katrekar, Aarti Lolage, Nikhil Rajguru, Shyam Ramachandran, Tanmay Kumar
-
Patent number: 11496392Abstract: A system provisions global logical entities that facilitate the operation of logical networks that span two or more datacenters. These global logical entities include global logical switches that provide L2 switching as well as global routers that provide L3 routing among network nodes in multiple datacenters. The global logical entities operate along side local logical entities that are for operating logical networks that are local within a datacenter.Type: GrantFiled: June 1, 2020Date of Patent: November 8, 2022Assignee: NICIRA, INC.Inventors: Vivek Agarwal, Ganesan Chandrashekhar, Abhishek Goliya, Akshay Katrekar
-
Publication number: 20220006805Abstract: System and computer-implemented method for secure hybrid cloud connectivity between an application in a public cloud service and an on-premises service supported by an on-premises appliance includes launching a public cloud gateway appliance in the public cloud service. The public cloud gateway appliance is configured with security information associated with the on-premises appliance. The on-premises appliance is provided with contact information associated with the public cloud gateway appliance. A communication channel is established, using an outbound port, from the on-premises appliance to the public cloud gateway appliance that is secured based on the security information associated with the on-premises appliance and the contact information associated with the public cloud gateway appliance.Type: ApplicationFiled: September 2, 2020Publication date: January 6, 2022Inventors: VAIBHAV KULKARNI, MUKESH HIRA, AKSHAY KATREKAR, SUYASH VISHWAS GOGTE, PREM SHANKAR SHARMA, NIKOLAY SEMENOV, SAQIB RAZA
-
Publication number: 20210385194Abstract: A system and method for using private native security groups and private native firewall policy rules for a private cloud computing environment and a public cloud computing environment uses a public cloud gateway for routing data traffic between at least a cloud network created in the public cloud computing environment and the private cloud computing environment. For each of some private native firewall policy rules that has any of newly created private native security groups as one of source and destination, a cloud native security group (CNSG) rule object with an CNSG outbound rule object and an CNSG inbound rule object for the public cloud is created and at least one of the CNSG outbound rule object and the CNSG inbound rule object is updated so that the private native firewall policy rule can be used in the cloud network.Type: ApplicationFiled: July 26, 2020Publication date: December 9, 2021Inventors: VAIBHAV KULKARNI, GANESAN CHANDRASHEKHAR, MUKESH HIRA, AKSHAY KATREKAR, PRASHANT MANE, ROMPICHERLA SAI PAVAN KUMAR, SACHIN KALKUR, AMEY BORKAR
-
Publication number: 20210258268Abstract: Some embodiments provide a method for a first data compute node (DCN) operating in a public datacenter. The method receives an encryption rule from a centralized network controller. The method determines that the network encryption rule requires encryption of packets between second and third DCNs operating in the public datacenter. The method requests a first key from a secure key storage. Upon receipt of the first key, the method uses the first key and additional parameters to generate second and third keys. The method distributes the second key to the second DCN and the third key to the third DCN in the public datacenter.Type: ApplicationFiled: May 4, 2021Publication date: August 19, 2021Inventors: Jia Yu, Su Wang, Akshay Katrekar, Mukesh Hira, Saurabh Shah
-
Publication number: 20210152467Abstract: The disclosure provides an approach for decentralizing control plane operations in a network environment that includes transport nodes configured to implement a logical overlay network. A method includes transmitting a global list of transport nodes to each of the plurality of transport nodes from a management plane, the global list including an ordered list of the plurality of transport nodes. The method also includes transmitting a neighbor index value to each of the plurality of transport nodes, where the transport nodes each compute a corresponding list of neighbor transport nodes based on the neighbor index value and the global list of transport nodes. The method also includes, based on determining an update to a state of the logical overlay network has occurred by a first transport node, transmitting an update message from the first transport node to each transport node in the first transport node's list of neighbor transport nodes.Type: ApplicationFiled: January 22, 2021Publication date: May 20, 2021Inventors: Maheedhar Nallapareddy, Akshay Katrekar, Aarti Lolage, Nikhil Rajguru, Shyam Ramachandran, Tanmay Kumar
-
Patent number: 10979416Abstract: A system and method for managing a trusted connection within a public cloud comprises transmitting a first token and a second token from a cloud service manager to a public cloud controller, initializing a public cloud manager in response to receipt of the first token and the second token, and generate a cloud certificate, and transmitting the cloud certificate and the second token from the public cloud manager to a management plane. The method further comprises establishing a trusted connection between the public cloud controller and the management plane in response to receipt of the cloud certificate and the second token by the management plane.Type: GrantFiled: May 9, 2018Date of Patent: April 13, 2021Assignee: Nicira, Inc.Inventors: Vaibhav Kulkarni, Narendra Sharma, Aditya Gokhale, Ganesan Chandrashekhar, Vivek Agarwal, Akshay Katrekar, Rompicherla Sai Pavan Kumar
-
Patent number: 10931572Abstract: The disclosure provides an approach for decentralizing control plane operations in a network environment that includes transport nodes configured to implement a logical overlay network. A method includes transmitting a global list of transport nodes to each of the plurality of transport nodes from a management plane, the global list including an ordered list of the plurality of transport nodes. The method also includes transmitting a neighbor index value to each of the plurality of transport nodes, where the transport nodes each compute a corresponding list of neighbor transport nodes based on the neighbor index value and the global list of transport nodes. The method also includes, based on determining an update to a state of the logical overlay network has occurred by a first transport node, transmitting an update message from the first transport node to each transport node in the first transport node's list of neighbor transport nodes.Type: GrantFiled: January 22, 2019Date of Patent: February 23, 2021Assignee: VMware, Inc.Inventors: Maheedhar Nallapareddy, Akshay Katrekar, Aarti Lolage, Nikhil Rajguru, Shyam Ramachandran, Tanmay Kumar
-
Patent number: 10897453Abstract: The present disclosure generally relates to deploying a proxy control plane and/or north-south data plane in a control virtual private cloud of a logical network implemented on a software-defined datacenter. The control virtual private cloud is shared by a plurality of compute virtual private clouds of the network. In some embodiments, a proxy control plane is deployed on the control virtual private cloud and disseminates policies directly to endpoints of the logical network. In some embodiments, a north-south data plane is deployed on the control virtual private cloud and directly manages north-south network traffic from endpoints of the logical network. In some embodiments, a proxy control plane and a north-south network data plane are deployed on the control virtual private cloud.Type: GrantFiled: January 26, 2018Date of Patent: January 19, 2021Assignee: Nicira, Inc.Inventors: Mukesh Hira, Ganesan Chandrashekhar, Su Wang, Akshay Katrekar, Vivek Agarwal
-
Patent number: 10805330Abstract: Some embodiments provide a method for a public cloud manager that interacts with a management system of a public datacenter. The method receives a notification from a network controller that a second data compute node is compromised. The second data compute node operates on a host machine in the public datacenter and executes a forwarding element managed by network controller. The method interacts with application programming interfaces (APIs) of the public datacenter to quarantine the data compute node.Type: GrantFiled: June 20, 2019Date of Patent: October 13, 2020Assignee: NICIRA, INC.Inventors: Akshay Katrekar, Ganesan Chandrashekhar, Mukesh Hira, Su Wang, Vaibhav Kulkarni
-
Publication number: 20200296035Abstract: A system provisions global logical entities that facilitate the operation of logical networks that span two or more datacenters. These global logical entities include global logical switches that provide L2 switching as well as global routers that provide L3 routing among network nodes in multiple datacenters. The global logical entities operate along side local logical entities that are for operating logical networks that are local within a datacenter.Type: ApplicationFiled: June 1, 2020Publication date: September 17, 2020Inventors: Vivek Agarwal, Ganesan Chandrashekhar, Abhishek Goliya, Akshay Katrekar
-
Publication number: 20200236039Abstract: The disclosure provides an approach for decentralizing control plane operations in a network environment that includes transport nodes configured to implement a logical overlay network. A method includes transmitting a global list of transport nodes to each of the plurality of transport nodes from a management plane, the global list including an ordered list of the plurality of transport nodes. The method also includes transmitting a neighbor index value to each of the plurality of transport nodes, where the transport nodes each compute a corresponding list of neighbor transport nodes based on the neighbor index value and the global list of transport nodes. The method also includes, based on determining an update to a state of the logical overlay network has occurred by a first transport node, transmitting an update message from the first transport node to each transport node in the first transport node's list of neighbor transport nodes.Type: ApplicationFiled: January 22, 2019Publication date: July 23, 2020Inventors: Maheedhar NALLAPAREDDY, Akshay KATREKAR, Aarti LOLAGE, Nikhil RAJGURU, Shyam RAMACHANDRAN, Tanmay KUMAR
-
Patent number: 10693806Abstract: Virtual computing instances are provisioned with network resource allocation constraints, which may include hard constraints that must be met in order for the virtual computing instances to be created in a host server. Network resources from multiple hosts may be pooled in a virtual switch, and a cloud management system (CMS) may ensure that a network bandwidth reservation for a new virtual computing instance can be accommodated by network bandwidth in the pool that is reserved for communication endpoint traffic. In addition to such CMS-level constraint enforcement, techniques disclosed herein may also enforce network bandwidths constraints at the host level to guarantee that network bandwidth reservation requirements for communication endpoint(s) of a new virtual computing instance can be satisfied by a particular host before creating the virtual computing instance in that host.Type: GrantFiled: March 11, 2015Date of Patent: June 23, 2020Assignee: VMware, Inc.Inventors: Chi-Hsiang Su, Akshay Katrekar, Guolin Yang
-
Patent number: 10673752Abstract: A system provisions global logical entities that facilitate the operation of logical networks that span two or more datacenters. These global logical entities include global logical switches that provide L2 switching as well as global routers that provide L3 routing among network nodes in multiple datacenters. The global logical entities operate along side local logical entities that are for operating logical networks that are local within a datacenter.Type: GrantFiled: March 2, 2019Date of Patent: June 2, 2020Assignee: NICIRA, INC.Inventors: Vivek Agarwal, Ganesan Chandrashekhar, Abhishek Goliya, Akshay Katrekar
-
Patent number: 10630600Abstract: An approach for an adaptive network input-output control for optimizing allocation of network transmission resources to data flows is provided. In an embodiment, a method comprises: determining, based on, at least in part, default data communications policy, one or more default settings for optimizing allocation of one or more network transmission resources to one or more data flows. The default settings are transmitted to a switch to cause the switch to implement the default settings with respect to the data flows. Upon detecting that stats information about network traffic has been received, one or more updated settings for reallocating at least one of the network transmission resources to at least one of the data flows are determined. The updated settings are transmitted to the switch to cause the switch to implement the updated settings with respect to the at least one of the data flows.Type: GrantFiled: October 11, 2017Date of Patent: April 21, 2020Assignee: NICIRA, INC.Inventors: Nilesh Nipane, Akshay Katrekar, Jobin John, Maheedhar Nallapareddy
-
Publication number: 20190306185Abstract: Some embodiments provide a method for a public cloud manager that interacts with a management system of a public datacenter. The method receives a notification from a network controller that a second data compute node is compromised. The second data compute node operates on a host machine in the public datacenter and executes a forwarding element managed by network controller. The method interacts with application programming interfaces (APIs) of the public datacenter to quarantine the data compute node.Type: ApplicationFiled: June 20, 2019Publication date: October 3, 2019Inventors: Akshay Katrekar, Ganesan Chandrashekhar, Mukesh Hira, Su Wang, Vaibhav Kulkarni