Patents by Inventor Alberto Rodriguez Natal

Alberto Rodriguez Natal has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 12155556
    Abstract: Techniques for automating traffic optimizations for egress traffic of an application orchestration system that is being sent over a network to a remote service. In examples, the techniques may include receiving, at a controller of the network, an egress traffic definition associated with egress traffic of an application hosted on the application orchestration system, the egress traffic definition indicating that the egress traffic is to be sent to the remote service. Based at least in part on the egress traffic definition, the controller may determine a networking path through the network or outside of the network that is optimized for sending the egress traffic to the remote service. The controller may also cause the egress traffic to be sent to the remote service via the optimized networking path.
    Type: Grant
    Filed: August 18, 2022
    Date of Patent: November 26, 2024
    Assignee: Cisco Technology, Inc.
    Inventors: Alberto Rodriguez Natal, Saswat Praharaj, Lorand Jakab, Fabio R. Maino, Pradeep Kumar Kathail
  • Publication number: 20240380699
    Abstract: Techniques for obtaining application network metadata from a service registry so that a network routing policy may be derived for traffic associated with the application are described herein. The techniques may include receiving, at a service registry, network metadata associated with traffic of an application hosted by a scalable application service platform. The techniques may also include obtaining, by a controller of a network and from the service registry, the network metadata associated with the traffic of the application. Based at least in part on the network metadata, the controller may determine a routing policy that is optimized for sending the traffic through the network. Additionally, the controller may send an indication of the routing policy to a node of the network or otherwise provision the network such that the traffic of the application is sent through the network according to the routing policy.
    Type: Application
    Filed: June 20, 2024
    Publication date: November 14, 2024
    Inventors: Alberto Rodriguez-Natal, Steven William Wood, Ding Bai, Fabio R. Maino, Ramanathan Lakshmikanthan
  • Publication number: 20240380697
    Abstract: Techniques for steering overlay network traffic along specific paths through an underlay network. The techniques may include determining a path through an underlay network that is optimized for sending a packet from a first node of an overlay network to a second node of the overlay network. The techniques may also include determining a destination address for sending the packet along the path from the first node to the second node, the destination address including a micro segment identifier (uSID) corresponding with an underlay node that is disposed along the path through the underlay network and trailing bits representing a portion of an address that corresponds with the second node. The techniques may also include causing the packet to be modified to include the destination address such that the packet is sent from the first node to the second node along the path.
    Type: Application
    Filed: July 25, 2024
    Publication date: November 14, 2024
    Inventors: Bruce McDougall, Jeff Byzek, Alberto Rodriguez-Natal, Saswat Praharaj, Fabio R. Maino, Steven William Wood
  • Patent number: 12137093
    Abstract: In one embodiment, an apparatus of a LISP environment includes one or more processors and computer-readable non-transitory storage media coupled to the one or more processors. The computer-readable non-transitory storage media include instructions that, when executed by the one or more processors, cause the one or more processors to perform operations including receiving an attestation token from a first component of the LISP environment. The operations also include encoding the attestation token using a LISP message format. The operations further include distributing the encoded attestation token with a LISP signaling message to a third component of the LISP environment.
    Type: Grant
    Filed: July 22, 2022
    Date of Patent: November 5, 2024
    Assignee: CISCO TECHNOLOGY, INC.
    Inventors: Clarence Filsfils, Marc Portoles Comeras, David Delano Ward, Alberto Rodriguez Natal
  • Publication number: 20240364602
    Abstract: Provided is an infrastructure for enforcing target service level parameters in a network. In one example, a network service level agreement (SLA) registry obtains one or more input service level parameters for at least one service offered by an application. Based on the one or more input service level parameters, the network SLA registry provides one or more target service level parameters to a plurality of network controllers. Each network controller of the plurality of network controllers is configured to enforce the one or more target service level parameters in a respective network domain configured to carry network traffic associated with the application.
    Type: Application
    Filed: July 10, 2024
    Publication date: October 31, 2024
    Inventors: Fabio R. Maino, Saswat Praharaj, Alberto Rodriguez-Natal, Pradeep K. Kathail
  • Patent number: 12120027
    Abstract: Techniques for steering overlay network traffic along specific paths through an underlay network. The techniques may include determining a path through an underlay network that is optimized for sending a packet from a first node of an overlay network to a second node of the overlay network. The techniques may also include determining a destination address for sending the packet along the path from the first node to the second node, the destination address including a micro segment identifier (uSID) corresponding with an underlay node that is disposed along the path through the underlay network and trailing bits representing a portion of an address that corresponds with the second node. The techniques may also include causing the packet to be modified to include the destination address such that the packet is sent from the first node to the second node along the path.
    Type: Grant
    Filed: November 22, 2022
    Date of Patent: October 15, 2024
    Assignee: Cisco Technology, Inc.
    Inventors: Bruce Mcdougall, Jeff Byzek, Alberto Rodriguez-Natal, Saswat Praharaj, Fabio R. Maino, Steven William Wood
  • Publication number: 20240340220
    Abstract: Techniques for enabling a network access provider to make automatic Software as a Service (SaaS) optimization decisions. Among other things, the techniques may include determining a SaaS application that is being accessed by client endpoints via flows through a network access provider. The techniques may also include determining, based at least in part on a policy associated with the network access provider, whether to enable network optimizations for traffic through the network access provider to the SaaS application. Based at least in part on a determination that the network optimizations are to be enabled for the traffic to the SaaS application, the techniques may include installing a service definition associated with the SaaS application in a service policy database of the network access provider.
    Type: Application
    Filed: January 25, 2024
    Publication date: October 10, 2024
    Inventors: Darren Russell Dukes, Jeevan Sharma, Fabio R. Maino, Alberto Rodriguez-Natal
  • Patent number: 12107740
    Abstract: Provided is an infrastructure for enforcing target service level parameters in a network. In one example, a network service level agreement (SLA) registry obtains one or more input service level parameters for at least one service offered by an application. Based on the one or more input service level parameters, the network SLA registry provides one or more target service level parameters to a plurality of network controllers. Each network controller of the plurality of network controllers is configured to enforce the one or more target service level parameters in a respective network domain configured to carry network traffic associated with the application.
    Type: Grant
    Filed: January 30, 2023
    Date of Patent: October 1, 2024
    Assignee: CISCO TECHNOLOGY, INC.
    Inventors: Fabio R. Maino, Saswat Praharaj, Alberto Rodriguez-Natal, Pradeep K. Kathail
  • Publication number: 20240291734
    Abstract: Systems, methods, and computer-readable media for locally applying endpoint-specific policies to an endpoint in a network environment. A network device local to one or more endpoints in a network environment can receive from a centralized network controller one or more network-wide endpoint policies. A first endpoint of the one or more endpoints can be configured to inject policy metadata into first data traffic. Policy metadata injected into the first traffic data can be received from the first endpoint. The network device can determine one or more first endpoint-specific polices for the first endpoint by evaluation the first policy metadata with respect to the one or more network-wide endpoint policies. As follows, the one or more first endpoint-specific policies can be applied to control data traffic associated with the first endpoint.
    Type: Application
    Filed: April 29, 2024
    Publication date: August 29, 2024
    Inventors: Alberto Rodriguez Natal, Hendrikus G.P. Bosch, Fabio Maino, Lars Olaf Stefan Olofsson, Jeffrey Napper, Anubhav Gupta
  • Patent number: 12068965
    Abstract: Techniques for obtaining application network metadata from a service registry so that a network routing policy may be derived for traffic associated with the application are described herein. The techniques may include receiving, at a service registry, network metadata associated with traffic of an application hosted by a scalable application service platform. The techniques may also include obtaining, by a controller of a network and from the service registry, the network metadata associated with the traffic of the application. Based at least in part on the network metadata, the controller may determine a routing policy that is optimized for sending the traffic through the network. Additionally, the controller may send an indication of the routing policy to a node of the network or otherwise provision the network such that the traffic of the application is sent through the network according to the routing policy.
    Type: Grant
    Filed: October 5, 2021
    Date of Patent: August 20, 2024
    Assignee: Cisco Technology, Inc.
    Inventors: Alberto Rodriguez-Natal, Steven William Wood, Ding Bai, Fabio R. Maino, Ramanathan Lakshmikanthan
  • Patent number: 12063149
    Abstract: Systems, methods, and computer-readable media for locally applying endpoint-specific policies to an endpoint in a network environment. A network device local to one or more endpoints in a network environment can receive from a centralized network controller one or more network-wide endpoint policies. A first endpoint of the one or more endpoints can be configured to inject policy metadata into first data traffic. Policy metadata injected into the first traffic data can be received from the first endpoint. The network device can determine one or more first endpoint-specific polices for the first endpoint by evaluation the first policy metadata with respect to the one or more network-wide endpoint policies. As follows, the one or more first endpoint-specific policies can be applied to control data traffic associated with the first endpoint.
    Type: Grant
    Filed: July 17, 2023
    Date of Patent: August 13, 2024
    Assignee: Cisco Technology, Inc.
    Inventors: Alberto Rodriguez Natal, Hendrikus G. P. Bosch, Fabio Maino, Lars Olaf Stefan Olofsson, Jeffrey Napper, Anubhav Gupta
  • Publication number: 20240259278
    Abstract: Provided is an infrastructure for enforcing target service level parameters in a network. In one example, a network service level agreement (SLA) registry obtains one or more input service level parameters for at least one service offered by an application. Based on the one or more input service level parameters, the network SLA registry provides one or more target service level parameters to a plurality of network controllers. Each network controller of the plurality of network controllers is configured to enforce the one or more target service level parameters in a respective network domain configured to carry network traffic associated with the application.
    Type: Application
    Filed: January 30, 2023
    Publication date: August 1, 2024
    Inventors: Fabio R. Maino, Saswat Praharaj, Alberto Rodriguez-Natal, Pradeep K. Kathail
  • Patent number: 12052273
    Abstract: Techniques for providing network traffic security in a virtualized environment are described. A threat aware controller uses a threat feed provided by a threat intelligence service to establish a threat detection engine on virtual switches. The threat aware controller and threat detection engine work together to detect any anomalous or malicious behavior of network traffic on the virtual switch and established virtual network functions to quickly detect, verify, and isolate network threats.
    Type: Grant
    Filed: December 15, 2022
    Date of Patent: July 30, 2024
    Assignee: Cisco Technology, Inc.
    Inventors: Balaji Sundararajan, Alberto Rodriguez Natal, Yegappan Lakshmanan, Fabio R. Maino, Anand Oswal
  • Publication number: 20240214319
    Abstract: Techniques for signaling, to a network controller, a connection state of a proxy for use by the network controller to correlate proxied-connections with application pairs for traffic optimization. In some examples, the techniques may include receiving, at a controller of a network, control plane information associated with a proxy that manages a proxied flow through the network. Based on the control plane information, the controller may determine that application traffic is flowing across the proxied flow between a first application and a second application. In this way, based at least in part on a policy associated with at least one of the first application or the second application, the controller may reconfigure a network element of the network for optimizing the application traffic flowing across the proxied flow.
    Type: Application
    Filed: May 25, 2023
    Publication date: June 27, 2024
    Inventors: Alberto Rodriguez Natal, John A. Joyce, Saswat Praharaj, Timothy James Swanson, Lorand Jakab, Fabio R. Maino, Pradeep Kumar Kathail
  • Patent number: 12021654
    Abstract: Techniques are described for extending a cellular quality of service bearer through an enterprise fabric network. In one example, a method obtaining, by a first switch of a network, a packet to be delivered to a client connected to the network via a cellular access point; identifying quality of service (QoS) bearer information associated with the packet, wherein the QoS bearer information is associated with a radio access bearer for the client and the QoS bearer information comprises a bearer indicator and a QoS class identifier; providing a fabric tunnel encapsulation for the packet, wherein the bearer indicator and the QoS class identifier are included within the fabric tunnel encapsulation of the packet; and forwarding the packet within the fabric tunnel encapsulation toward a second switch of the network via a fabric tunnel, wherein the cellular access point is connected to the network via the second switch.
    Type: Grant
    Filed: October 30, 2023
    Date of Patent: June 25, 2024
    Assignee: CISCO TECHNOLOGY, INC.
    Inventors: Srinath Gundavelli, Sangram Kishore Lakkaraju, Alberto Rodriguez Natal, Fabio R. Maino, Timothy Peter Stammers
  • Publication number: 20240205094
    Abstract: An application monitoring system for collecting, utilizing, and/or exchanging state information (e.g., application state and network state), configuration information, and/or other information to make network optimizations for applications orchestrated by an application orchestration system. The application monitoring system may include an application orchestrator discovery component that is configured to determine a presence of an application orchestration system for orchestrating applications. The application monitoring system may also include one or more application watch components for monitoring, among other things, application state, application configuration, and/or application replicas. The application monitoring system may further include a network state propagation component configured to provide network state information to the orchestration system.
    Type: Application
    Filed: February 29, 2024
    Publication date: June 20, 2024
    Inventors: Alberto Rodriguez-Natal, Saswat Praharaj, Lorand Jakab, Fabio R. Maino, Pradeep Kumar Kathail, Vivek Agarwal, Ram Dular Singh
  • Patent number: 12009998
    Abstract: Techniques for informing a network of an application's service-level agreement (SLA) objective(s) so the network can ensure the SLA is met end-to-end, thereby allowing core network support of deterministic SLA and application-based routing without using network-based application recognition (NBAR) and/or compromising user privacy. The techniques may include receiving a first connection request to establish a network-domain connection between different network domains that meets or exceeds a service level objective. Based on the first connection request, the network-domain connection may be established between the different network domains to meet or exceed the service-level objective. In some examples, a second connection request may be received to establish a tunnel between a source application and a destination application, which are disposed in the different network domains.
    Type: Grant
    Filed: May 25, 2023
    Date of Patent: June 11, 2024
    Assignee: Cisco Technology, Inc.
    Inventors: Saswat Praharaj, Fabio R. Maino, Alberto Rodriguez Natal, Pradeep Kumar Kathail, Bruce McDougall
  • Patent number: 12010001
    Abstract: Techniques for extending network elements to inspect, extract, and complement tracing information added to L7 flows by application distributed tracing systems. The techniques may include receiving a Layer-7 (L7) message of an L7 flow associated with a distributed application and determining that the L7 message includes tracing information. In some examples, the tracing information may be mapped to a marking that is to be included in a Layer 3 (L3) or Layer-4 (L4) packet carrying the L7 message, and the L3 or L4 packet including the marking may be sent to an L3 or L4 network element. In some examples, the L3 or L4 network element may be configured to utilize the marking to determine a network decision for the L3 or L4 packet.
    Type: Grant
    Filed: August 15, 2023
    Date of Patent: June 11, 2024
    Assignee: Cisco Technology, Inc.
    Inventors: Alberto Rodriguez-Natal, Edward Albert Warnicke, Saswat Praharaj, Fabio R. Maino
  • Patent number: 12003385
    Abstract: Techniques for dynamic routing based on application load are described herein. The techniques may include receiving load information associated with resources of an application orchestration system that are allocated to host an application, the resources associated with different geographical regions. Based at least in part on the load information, a network controller may determine that first resources of the application orchestration system are less constrained than second resources of the application orchestration system, the first resources associated with a first geographical region and the second resources associated with a second geographical region. Based at least in part on the first resources being less constrained than the second resources, application traffic may be routed through the network to the application hosted by the first resources in the first geographical region.
    Type: Grant
    Filed: October 18, 2021
    Date of Patent: June 4, 2024
    Assignee: Cisco Technology, Inc.
    Inventors: Steven William Wood, Ding Bai, Ramanathan Lakshmikanthan, Alberto Rodriguez-Natal, Fabio R. Maino
  • Publication number: 20240171512
    Abstract: Techniques for steering overlay network traffic along specific paths through an underlay network. The techniques may include determining a path through an underlay network that is optimized for sending a packet from a first node of an overlay network to a second node of the overlay network. The techniques may also include determining a destination address for sending the packet along the path from the first node to the second node, the destination address including a micro segment identifier (uSID) corresponding with an underlay node that is disposed along the path through the underlay network and trailing bits representing a portion of an address that corresponds with the second node. The techniques may also include causing the packet to be modified to include the destination address such that the packet is sent from the first node to the second node along the path.
    Type: Application
    Filed: November 22, 2022
    Publication date: May 23, 2024
    Inventors: Bruce Mcdougall, Jeff Byzek, Alberto Rodriguez-Natal, Saswat Praharaj, Fabio R. Maino, Steven William Wood