Patents by Inventor Aravind Srinivasan

Aravind Srinivasan has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Publication number: 20210409453
    Abstract: Some embodiments of the invention provide a novel method for specifying firewall rules. In some embodiments, the method provides the ability to specify for a particular firewall rule, a set of network nodes (also called a set of enforcement points below) at which the particular firewall should be enforced. To provide this ability, the method of some embodiments adds an extra tuple (referred to below as the AppliedTo tuple) to a firewall rule. This added AppliedTo tuple lists the set of enforcement points at which the firewall rule has to be applied (i.e., enforced).
    Type: Application
    Filed: September 13, 2021
    Publication date: December 30, 2021
    Inventors: Kaushal Bansal, Uday Masurekar, Aravind Srinivasan, Shadab Shah, Serge Maskalik
  • Publication number: 20210398024
    Abstract: A device may receive a data input that is associated with an event. The device may parse the data input to identify an input value that is associated with the event. The device may determine a probability that the input value corresponds to a feature of the event based on a configuration of the input value. The device may classify the input value as being associated with an element of the event based on the probability. The device may determine a rule profile of the input value based on the feature and the element. The device may determine a profile score associated with the data input based on the rule profile. The device may ingest, based on the profile score, the data input into a data structure. The device may determine a validation score based on a random factorization analysis of the rule profile and the input value.
    Type: Application
    Filed: June 22, 2020
    Publication date: December 23, 2021
    Inventors: Sureshkumar PARGUNARAJAN, Haripriya SRINIVASAN, Tharani DHANASEKARAN, Arunselvan SIVAMANI, Aravind Raja M BALASUBRAMANIAN, Arun SANDARARAMAN, Uday Kumar RAMAMOORTHY
  • Patent number: 11140220
    Abstract: Systems and methods are described for load balancing requests in a distributed system using consistent hashing. Specifically, systems and methods are described for using “the power of k choices” when placing new servers on a consistent hash ring used to load balance requests. Rather than placing each new server at a fixed point determined by a hashing algorithm, a load balancer can identify multiple potential points on the hash ring for the new server. The load balancer can then compare these points to determine a preferred location, and place the server at the preferred location. Techniques described herein can substantially improve placement of servers, which in turn results in better load balancing.
    Type: Grant
    Filed: December 11, 2020
    Date of Patent: October 5, 2021
    Assignee: Amazon Technologies, Inc.
    Inventors: Benjamin Ray Coleman, Anshumali Shrivastava, Aravind Srinivasan
  • Patent number: 11122085
    Abstract: Some embodiments of the invention provide a novel method for specifying firewall rules. In some embodiments, the method provides the ability to specify for a particular firewall rule, a set of network nodes (also called a set of enforcement points below) at which the particular firewall should be enforced. To provide this ability, the method of some embodiments adds an extra tuple (referred to below as the AppliedTo tuple) to a firewall rule. This added AppliedTo tuple lists the set of enforcement points at which the firewall rule has to be applied (i.e., enforced).
    Type: Grant
    Filed: March 9, 2019
    Date of Patent: September 14, 2021
    Assignee: NICIRA, INC.
    Inventors: Kaushal Bansal, Uday Masurekar, Aravind Srinivasan, Shadab Shah, Serge Maskalik
  • Publication number: 20210224264
    Abstract: A method and system is provided for mapping a term to a vector representation in a semantic space. Provided techniques allow for efficient and accurate determination of vector representations for query terms that are terms of emerging interest or are otherwise not included in a set of terms for which vector representations are pre-calculated.
    Type: Application
    Filed: January 19, 2021
    Publication date: July 22, 2021
    Inventors: Rakesh BARVE, Akash ANAND, Arjun PURANIK, Murali ARAVAMUDAN, Venkataramanan SOUNDARARAJAN, Aravind SRINIVASAN
  • Patent number: 11005963
    Abstract: Connectivity between data centers in a hybrid cloud system is optimized by pre-loading a wide area network (WAN) optimization appliance in a first data center with data to initialize at least one WAN optimization of application. The first data center is managed by a first organization and a second data center managed by a second organization, the first organization being a tenant in the second data center. The described technique includes receiving application packets having the application data generated by an application executing in the first data center at the WAN optimization appliance from a first gateway in the first data center, and performing the at least one WAN optimization on the application packets using the pre-loaded data to initialize the at least one WAN optimization.
    Type: Grant
    Filed: August 28, 2015
    Date of Patent: May 11, 2021
    Assignee: VMware, Inc.
    Inventors: Serge Maskalik, Govind Haridas, Weiqing Wu, Aravind Srinivasan, Sachin Thakkar
  • Publication number: 20210084125
    Abstract: Described herein are systems, methods, and software to manage the encapsulation of layer two communications across computing sites. In one example, a gateway at a first computing site may receive an encapsulated packet from a second gateway at a second computing site. After receiving the encapsulated packet, the gateway decapsulates the encapsulated packet and determines that the decapsulated packet satisfies MSS criteria. The gateway further, in response to determining that the decapsulated packet satisfies the MSS criteria, modifies an MSS option associated with the decapsulated packet to a maximum value and forwards the decapsulated packet to a destination virtual node in the first computing site.
    Type: Application
    Filed: December 20, 2019
    Publication date: March 18, 2021
    Inventors: Todd A. Sabin, Uday Suresh Masurekar, Weiqing Wu, Aravind Srinivasan
  • Patent number: 10757170
    Abstract: Conditional address translation is performed in a multi-tenant cloud infrastructure to effectively support tenant-assigned addresses. For each tenant, the multi-tenant cloud infrastructure deploys both a private network used to communicate between the tenant and the cloud and a tenant-facing gateway to manage the private network. The multi-tenant cloud infrastructure also includes an externally-facing gateway used to communicate between the multi-tenant cloud and a public network. The tenant-facing gateways are configured to bypass address translation—providing consistent addressing across each private network irrespective of the physical location of resources linked by the private network. By contrast, the public-facing gateway is configured to translate source addresses in outgoing packets to addresses that are unique within the public network.
    Type: Grant
    Filed: March 23, 2015
    Date of Patent: August 25, 2020
    Assignee: VMware, Inc.
    Inventors: Sachin Thakkar, Debashis Basak, Serge Maskalik, Weiqing Wu, Aravind Srinivasan
  • Publication number: 20200244550
    Abstract: One or more examples provide techniques for providing a multi-site wide area network in a cloud computing system. In an example, a method of providing a multi-site wide area network (WAN) in a cloud computing system includes: creating a plurality of sites; creating a compute profile in each of the plurality of sites, each compute profile having a compute cluster of virtual machines (VMs); creating a service mesh having the compute profile of each of the plurality of sites; and deploying an application to the service mesh.
    Type: Application
    Filed: May 17, 2019
    Publication date: July 30, 2020
    Inventors: SERGE MASKALIK, Sachin Thakkar, Abhinav Vijay Bhagwat, Uday Masurekar, Weiqing Wu, Narendra Kumar Basur Shankarappa, Hemanth Kumar Pannem, Aravind Srinivasan
  • Patent number: 10721098
    Abstract: Connectivity between data centers in a hybrid cloud system having a first data center managed by a first organization and a second data center managed by a second organization, the first organization being a tenant in the second data center, is optimized. According to the described technique, a path-optimized connection is established through a wide area network (WAN) between a first gateway of a first data center and a second gateway of a second data center for an application executing in the first data center based on performance of paths across a set of Internet Protocol (IP) flows. Application packets received from the application at the first gateway are forwarded to a WAN optimization appliance in the first data center. WAN optimized application packets received from the WAN optimization appliance at the first gateway are then sent to the second gateway over the path-optimized connection.
    Type: Grant
    Filed: August 28, 2015
    Date of Patent: July 21, 2020
    Assignee: VMware, Inc.
    Inventors: Serge Maskalik, Weiqing Wu, Aravind Srinivasan, Sachin Thakkar, Debashis Basak
  • Patent number: 10608993
    Abstract: Some embodiments provide a central firewall management system that can be used to manage different firewall devices from a single management interface. This management interface provides a uniform interface for defining different firewall rule sets and deploying these rules sets on different firewall devices (e.g., port-linked firewall engines, firewall service VMs, network-perimeter firewall devices, etc.). Also, this interface allows the location and/or behavior of the firewall rule sets to be dynamically modified. The management interface in some embodiments also provides controls for filtering and debugging firewall rules.
    Type: Grant
    Filed: October 5, 2017
    Date of Patent: March 31, 2020
    Assignee: NICIRA, INC.
    Inventors: Kaushal Bansal, Uday Masurekar, Serge Maskalik, Shadab Shah, Aravind Srinivasan, Minjal Agarwal
  • Patent number: 10579488
    Abstract: One or more embodiments provide techniques for migrating virtual machines (VMs) from a private data center to a cloud data center. A hybrid cloud manager determines a scope of migration from the private data center to the cloud data center. The hybrid cloud manager groups each VM included in the scope of migration into one or more clusters. The hybrid cloud manager defines one or more migration phases. Each migration phase comprises a subset of the one or more clusters. The hybrid cloud manager generates a migration schedule based on at least the one or more migration phases. The hybrid cloud manager migrates the VMs from the private data center to the cloud data center in accordance with the migration schedule.
    Type: Grant
    Filed: September 25, 2017
    Date of Patent: March 3, 2020
    Assignee: VMare, Inc.
    Inventors: Narendra Kumar Basur Shankarappa, Serge Maskalik, Uday Masurekar, Anand Pritam, Aravind Srinivasan, Bob Sheehan, Abhijeet Deshpande, Sachin Thakkar, Hemanth Kumar Pannem
  • Patent number: 10567281
    Abstract: Techniques for stateful connection optimization over stretched networks are disclosed. In one embodiment, hypervisor filtering modules in a cloud computing system are configured to modify packets sent by virtual computing instances (e.g., virtual machines (VMs)) in the cloud to local destinations in the cloud such that those packets have the destination Media Access Control (MAC) address of a local router that is also in the cloud. Doing so prevents tromboning traffic flows in which packets sent by virtual computing instances in the cloud to location destinations are routed to a stretched network's default gateway that is not in the cloud.
    Type: Grant
    Filed: August 29, 2017
    Date of Patent: February 18, 2020
    Assignee: VMware, Inc.
    Inventors: Weiqing Wu, Aravind Srinivasan, Leon Cui, Todd Sabin, Serge Maskalik, Sachin Thakkar
  • Patent number: 10530650
    Abstract: A method is provide for managing a migration of a virtual machine from a private data center managed by a first organization to a public cloud computing system by a second organization and where the first organization is a tenant. The configurations of physical infrastructure of the private data center that underlies the virtual machine are determined, along with a corresponding match preference indicating a level of criticality for some corresponding configuration at the public cloud system. The configurations and match preferences generated as part of a migration package. The public cloud computing system instantiates a corresponding VM based on the determined configurations and corresponding match preferences.
    Type: Grant
    Filed: March 7, 2015
    Date of Patent: January 7, 2020
    Assignee: VMware, Inc.
    Inventors: Sachin Thakkar, Debashis Basak, Serge Maskalik, Aravind Srinivasan, Abhinav Vijay Bhagwat
  • Patent number: 10419340
    Abstract: Techniques for stateful connection optimization over stretched networks are disclosed. Such stretched networks may extend across both a data center and a cloud. In one embodiment, configuration changes are made to cloud layer 2 (L2) concentrators used by extended networks and a cloud router such that the L2 concentrators block packets with the cloud router's source MAC address and block address resolution protocol (ARP) requests for a gateway IP address from/to cloud networks that are part of the extended networks. Further, the cloud router is configured with the same gateway IP address as that of a default gateway router in the data center and responds to ARP requests for the gateway IP address with its own MAC address. In addition, specific prefix routes (e.g., /32 routes) for virtual computing instances on route optimized networks in the cloud are injected into the cloud router and propagating to a data center router.
    Type: Grant
    Filed: August 29, 2017
    Date of Patent: September 17, 2019
    Assignee: VMware, Inc.
    Inventors: Weiqing Wu, Aravind Srinivasan, Serge Maskalik, Todd Sabin, Sachin Thakkar
  • Patent number: 10404593
    Abstract: Techniques for stateful connection optimization over stretched networks are disclosed. In one embodiment, traffic of virtual machines (VMs) that are live-migrated from a data center to a cloud is temporarily tromboned back to the data center to preserve active sessions. In such a case, a stretched network is created that includes a network in the data center and two stub networks in the cloud, one of which is route optimized such that traffic does not trombone back to the data center and the other which is not so optimized. A VM that is live migrated to the cloud is first attached to the unoptimized network so that traffic tromboning occurs. Thereafter, when the VM is powered off (e.g., during a reboot), in a maintenance mode, or in a quiet period, the VM is switched to the route optimized network.
    Type: Grant
    Filed: August 29, 2017
    Date of Patent: September 3, 2019
    Assignee: VMware, Inc.
    Inventors: Sachin Thakkar, Serge Maskalik, Aravind Srinivasan, Weiqing Wu, Narendra Kumar Basur Shankarappa
  • Patent number: 10375170
    Abstract: Techniques for upgrading virtual appliances in a hybrid cloud computing system are provided. In one embodiment, virtual appliances are upgraded by deploying the upgraded appliances in both a data center and a cloud, configuring the upgraded appliances to have the same IP addresses as original appliances, and disconnecting the original appliances from networks to which they are connected and connecting the upgraded appliances to those networks via the same ports previously used by the original appliances. In another embodiment, upgraded appliances are deployed in the data center and the cloud, but configured with new IP addresses that are different from those of the original appliances, and connections are switched from those of the original appliances to new connections with the new IP addresses. Embodiments disclosed herein permit virtual appliances to be upgraded or replaced with relatively little downtime so as to help minimize disruptions to existing traffic flows.
    Type: Grant
    Filed: August 29, 2017
    Date of Patent: August 6, 2019
    Assignee: VMware, Inc.
    Inventors: Narendra Kumar Basur Shankarappa, Aravind Srinivasan, Sachin Thakkar, Serge Maskalik, Govind Haridas
  • Publication number: 20190207983
    Abstract: Some embodiments of the invention provide a novel method for specifying firewall rules. In some embodiments, the method provides the ability to specify for a particular firewall rule, a set of network nodes (also called a set of enforcement points below) at which the particular firewall should be enforced. To provide this ability, the method of some embodiments adds an extra tuple (referred to below as the AppliedTo tuple) to a firewall rule. This added AppliedTo tuple lists the set of enforcement points at which the firewall rule has to be applied (i.e., enforced).
    Type: Application
    Filed: March 9, 2019
    Publication date: July 4, 2019
    Inventors: Kaushal Bansal, Uday Masurekar, Aravind Srinivasan, Shadab Shah, Serge Maskalik
  • Patent number: 10341296
    Abstract: Techniques for automatic firewall configuration in a virtual network environment are described. In one example embodiment, firewall rules are configured using virtual machine (VM) inventory objects. The firewall rules are then transformed by replacing the VM inventory objects in the configured firewall rules with associated Internet protocol (IP) addresses using an IP address management table (IPAM) table and a network address translation (NAT) table. The transformed firewall rules are then sent to a firewall engine for filtering communication from and to VMs running on a first machine on one or more computing networks and communication from and to VMs running on a second machine on one or more computing networks at a firewall according to the transformed firewall rules.
    Type: Grant
    Filed: September 13, 2013
    Date of Patent: July 2, 2019
    Assignee: VMWARE, INC.
    Inventors: Abhinav Vijay Bhagwat, Aravind Srinivasan, Amit Ratnapal Sangodkar
  • Patent number: 10333889
    Abstract: A centralized namespace controller allocates addresses in a distributed cloud infrastructure on-demand. Upon receiving a request to allocate addresses for a network to be provisioned by a cloud computing system included in the distributed cloud infrastructure, the centralized namespace controller allocates a network address that is unique within the distributed cloud infrastructure. Further, the centralized namespace controller allocates a range of virtual network interface cards (NIC) addresses that are unique within the network. The centralized namespace controller then allocates addresses from the range of virtual NIC addresses on an as-requested basis—when a virtual NIC is being created by the first cloud computing system on the network.
    Type: Grant
    Filed: November 20, 2017
    Date of Patent: June 25, 2019
    Assignee: VMware, Inc.
    Inventors: Sachin Thakkar, Debashis Basak, Serge Maskalik, Weiqing Wu, Aravind Srinivasan