Patents by Inventor Balaji Sundararajan
Balaji Sundararajan has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11757702Abstract: The present technology discloses methods, systems, and non-transitory computer-readable storage media for establishing a redundant path connection. An example method can include configuring a software-defined wide-area network (SDWAN) tunnel between an on-premises router and a plurality of SDWAN routers; configuring a virtual layer 2 connection between the plurality of SDWAN routers and handoff locations for a virtual cloud resource (VCR) associated with at least one VCR tag, wherein a software-defined cloud infrastructure (SDCI) underlay associated with at least one SDCI provider connects to a cloud service provider (CSP) at the handoff locations; configuring a VCR connection between at least one VCR associated with the VCR tag and the handoff locations for the at least one VCR; configuring a border gateway protocol (BGP) session between the plurality of SDWAN routers and the handoff locations; and validating the SDWAN tunnel, the virtual layer 2 connection, the VCR connection, and the BGP session.Type: GrantFiled: July 29, 2021Date of Patent: September 12, 2023Assignee: Cisco Technology, Inc.Inventors: Avinash Ashok Kumar Chiganmi, Venkatraman Venkatapathy, Giorgio Valentini, Madhuri Kolli, Karumbayiram Gunasekaran, Balaji Sundararajan
-
Patent number: 11722410Abstract: Systems, methods, and computer-readable media for interconnecting SDWANs through segment routing. A first SDWAN and a second SDWAN of a SDWAN fabric can be identified. A segment routing domain that interconnects the first SDWAN and the second SDWAN can be formed across a WAN underlay of the SDWAN fabric. Data transmission between the first SDWAN and the second SDWAN can be controlled by performing segment routing through the segment routing domain formed between the first SDWAN and the second SDWAN.Type: GrantFiled: November 29, 2022Date of Patent: August 8, 2023Assignee: Cisco Technology, Inc.Inventors: Balaji Sundararajan, Khalil A. Jabr, Anand Oswal, Vivek Agarwal, Chandramouli Balasubramanian
-
Publication number: 20230208863Abstract: Systems, methods, and computer-readable media for performing threat remediation through a switch fabric of a virtualized network environment. Data traffic passing into a virtualized network environment including a plurality of virtual machines running on a switch fabric is monitored. A network threat introduced through at a least a portion of the data traffic is identified at the switch fabric. One or more remedial measures are performed in the network environment based on the identification of the network threat in the virtualized network environment.Type: ApplicationFiled: February 17, 2023Publication date: June 29, 2023Inventors: Balaji Sundararajan, Gaurang Rajeev Mokashi, Preety Mordani, Vivek Agarwal
-
Publication number: 20230198868Abstract: Methods, systems, and non-transitory computer-readable media are provided for deploying intent-driving cloud branches. An example method can include obtaining, by one or more controllers in a software-defined network (SDN), a branch network design template for deploying a remote branch in the SDN, wherein the branch network design template defines networking settings for a plurality of services to be provisioned at the remote branch; obtaining, by the one or more controllers, a plurality of software packages for the plurality of services to be provisioned at the remote branch; and based on the branch network design template and the plurality of software packages, provisioning, by the one or more controllers, the plurality of services at the remote branch and a network connectivity of the plurality of services.Type: ApplicationFiled: February 9, 2023Publication date: June 22, 2023Inventors: Balaji Sundararajan, Ankush Verma, Bhavana Malhotra Bodas, Kaushik Pratap Biswas, Chandramouli Balasubramanian, Anirudh Ramnath Ramakrishna, Madhuri Kolli
-
Publication number: 20230188476Abstract: Route exchange in a plurality of network controller appliances on a per-tenant basis is disclosed. In one aspect, a method includes receiving, from a network management system and at a first network controller appliance, a designation of at least two tenants to be hosted on the first network controller appliance, the first network controller appliance being one of a plurality of network controller appliances in a SD-WAN; sending, from the first network controller appliance to other network controller appliances of the plurality of network controller appliances, a tenant list query message to obtain a corresponding tenant list of each of the other network controller appliances; and receiving a corresponding response from each of the other network controller appliances indicating the corresponding tenant list of each of the other network controller appliances, the corresponding response being used to update the tenant list on the first network controller appliance.Type: ApplicationFiled: February 9, 2023Publication date: June 15, 2023Inventors: Srilatha Tangirala, Nithin Bangalore Raju, Ananya Raval, Prabahar Radhakrishnan, Vivek Agarwal, Balaji Sundararajan
-
Publication number: 20230188502Abstract: In one embodiment, a method includes identifying, by a router, a first tenant. The first tenant is associated with a first tenant virtual private network (VPN). The method also includes determining, by the router, a mapping of the first tenant VPN to a first device VPN and generating, by the router, a first label representing the first device VPN. The method further includes adding, by the router, the first label to a first network packet and communicating, by the router, the first network packet with the first label to a controller.Type: ApplicationFiled: March 31, 2022Publication date: June 15, 2023Inventors: Samir Thoria, Ajeet Pal Singh Gill, Srilatha Tangirala, Balaji Sundararajan, Nithin Bangalore Raju, Vivek Agarwal
-
Publication number: 20230116947Abstract: Techniques for providing network traffic security in a virtualized environment are described. A threat aware controller uses a threat feed provided by a threat intelligence service to establish a threat detection engine on virtual switches. The threat aware controller and threat detection engine work together to detect any anomalous or malicious behavior of network traffic on the virtual switch and established virtual network functions to quickly detect, verify, and isolate network threats.Type: ApplicationFiled: December 15, 2022Publication date: April 20, 2023Inventors: Balaji SUNDARARAJAN, Alberto RODRIGUEZ NATAL, Yegappan LAKSHMANAN, Fabio R. MAINO, Anand OSWAL
-
Publication number: 20230103683Abstract: Systems, methods, and computer-readable media for interconnecting SDWANs through segment routing. A first SDWAN and a second SDWAN of a SDWAN fabric can be identified. A segment routing domain that interconnects the first SDWAN and the second SDWAN can be formed across a WAN underlay of the SDWAN fabric. Data transmission between the first SDWAN and the second SDWAN can be controlled by performing segment routing through the segment routing domain formed between the first SDWAN and the second SDWAN.Type: ApplicationFiled: November 29, 2022Publication date: April 6, 2023Inventors: Balaji Sundararajan, Khalil A. Jabr, Anand Oswal, Vivek Agarwal, Chandramouli Balasubramanian
-
Publication number: 20230077361Abstract: Systems, methods, and computer-readable media for interconnecting SDWANs through segment routing. A first SDWAN and a second SDWAN of a SDWAN fabric can be identified. A segment routing domain that interconnects the first SDWAN and the second SDWAN can be formed across a WAN underlay of the SDWAN fabric. Data transmission between the first SDWAN and the second SDWAN can be controlled by performing segment routing through the segment routing domain formed between the first SDWAN and the second SDWAN.Type: ApplicationFiled: November 21, 2022Publication date: March 16, 2023Inventors: Balaji Sundararajan, Khalil A. Jabr, Anand Oswal, Vivek Agarwal, Chandramouli Balasubramanian
-
Patent number: 11606369Abstract: Systems, methods, and computer-readable media for performing threat remediation through a switch fabric of a virtualized network environment. Data traffic passing into a virtualized network environment including a plurality of virtual machines running on a switch fabric is monitored. A network threat introduced through at a least a portion of the data traffic is identified at the switch fabric. One or more remedial measures are performed in the network environment based on the identification of the network threat in the virtualized network environment.Type: GrantFiled: March 20, 2020Date of Patent: March 14, 2023Assignee: Cisco Technology, Inc.Inventors: Balaji Sundararajan, Gaurang Rajeev Mokashi, Preety Mordani, Vivek Agarwal
-
Patent number: 11588711Abstract: Methods, systems, and non-transitory computer-readable media are provided for deploying intent-driving cloud branches. An example method can include obtaining, by one or more controllers in a software-defined network (SDN), a branch network design template for deploying a remote branch in the SDN, wherein the branch network design template defines networking settings for a plurality of services to be provisioned at the remote branch; obtaining, by the one or more controllers, a plurality of software packages for the plurality of services to be provisioned at the remote branch; and based on the branch network design template and the plurality of software packages, provisioning, by the one or more controllers, the plurality of services at the remote branch and a network connectivity of the plurality of services.Type: GrantFiled: December 14, 2020Date of Patent: February 21, 2023Assignee: Cisco Technology, Inc.Inventors: Balaji Sundararajan, Ankush Verma, Bhavana Malhotra Bodas, Kaushik Pratap Biswas, Chandramouli Balasubramanian, Anirudh Ramnath Ramakrishna, Madhuri Kolli
-
Patent number: 11588752Abstract: Route exchange in a plurality of network controller appliances on a per-tenant basis is disclosed. In one aspect, a method includes receiving, from a network management system and at a first network controller appliance, a designation of at least two tenants to be hosted on the first network controller appliance, the first network controller appliance being one of a plurality of network controller appliances in a SD-WAN; sending, from the first network controller appliance to other network controller appliances of the plurality of network controller appliances, a tenant list query message to obtain a corresponding tenant list of each of the other network controller appliances; and receiving a corresponding response from each of the other network controller appliances indicating the corresponding tenant list of each of the other network controller appliances, the corresponding response being used to update the tenant list on the first network controller appliance.Type: GrantFiled: July 29, 2021Date of Patent: February 21, 2023Assignee: Cisco Technology, Inc.Inventors: Srilatha Tangirala, Nithin Bangalore Raju, Ananya Raval, Prabahar Radhakrishnan, Vivek Agarwal, Balaji Sundararajan
-
Patent number: 11558402Abstract: Techniques for providing network traffic security in a virtualized environment are described. A threat aware controller uses a threat feed provided by a threat intelligence service to establish a threat detection engine on virtual switches. The threat aware controller and threat detection engine work together to detect any anomalous or malicious behavior of network traffic on the virtual switch and established virtual network functions to quickly detect, verify, and isolate network threats.Type: GrantFiled: October 28, 2019Date of Patent: January 17, 2023Assignee: Cisco Technology, Inc.Inventors: Balaji Sundararajan, Alberto Rodriguez Natal, Yegappan Lakshmanan, Fabio R. Maino, Anand Oswal
-
Publication number: 20220417060Abstract: The present technology pertains to receiving a tag associating at least one routing domain in an on-premises site with at least one virtual network in a cloud environment associated with a cloud service provider. The present technology also pertains to the automation of populating route and propagation tables with the cloud service provider.Type: ApplicationFiled: August 29, 2022Publication date: December 29, 2022Inventors: Balaji Sundararajan, Madhuri Kolli, Giorgio Valentini, Venkatraman Venkatapathy, Avinash Ashok Kumar Chiganmi, Vivek Agarwal
-
Publication number: 20220417332Abstract: The present technology is directed to controlling and managing resources both in Software-Defined Cloud Interconnect (SDCI) providers and cloud service providers via a single network controller and further connecting virtual networks in a branch site to virtual networks in the cloud service providers. A network controller can establish a network gateway in an SDCI provider, establish a cross-connectivity between the network gateway in the SDCI provider and one or more clouds, group one or more virtual networks in the one or more clouds and one or more virtual networks in a branch site into a tag, and establish a connection between the one or more virtual networks in the one or more clouds and the one or more virtual networks in the branch site using the tag.Type: ApplicationFiled: July 5, 2022Publication date: December 29, 2022Inventors: Avinash Ashok Kumar Chiganmi, Venkatraman Venkatapathy, Giorgio Valentini, Madhuri Kolli, Shu-Fen Lee, Balaji Sundararajan
-
Patent number: 11533257Abstract: Systems, methods, and computer-readable media for interconnecting SDWANs through segment routing. A first SDWAN and a second SDWAN of a SDWAN fabric can be identified. A segment routing domain that interconnects the first SDWAN and the second SDWAN can be formed across a WAN underlay of the SDWAN fabric. Data transmission between the first SDWAN and the second SDWAN can be controlled by performing segment routing through the segment routing domain formed between the first SDWAN and the second SDWAN.Type: GrantFiled: February 1, 2021Date of Patent: December 20, 2022Assignee: Cisco Technology, Inc.Inventors: Balaji Sundararajan, Khalil A. Jabr, Anand Oswal, Vivek Agarwal, Chandramouli Balasubramanian
-
Publication number: 20220376982Abstract: The present disclosure is directed to managing industrial internet of things end points and includes one or more processors and one or more computer-readable non-transitory storage media coupled to the one or more processors and comprising instructions that, when executed by the one or more processors, cause one or more switches to perform operations comprising: identifying a first end point using a protocol associated with the first end point, determining a classification for the identified first end point based on one or more attributes of the first end point, identifying one or more related end points having the classification in common with the first end point, segmenting the first end point with the identified one or more related end points, and applying one or more policies to the segmented first end point and the one or more related end points.Type: ApplicationFiled: August 8, 2022Publication date: November 24, 2022Inventors: Balaji Sundararajan, Vivek Agarwal, Anand Oswal, Chethan Channappa, Subhash Kodnad, Jeevan Sharma
-
Publication number: 20220377053Abstract: The present disclosure is directed to systems and methods for dynamic firewall discovery on a service plane. The method includes the steps of identifying a source data packet for transmission from a source machine at a source site to a destination machine at a destination site, wherein the source data packet corresponds to a request for connection between the source machine and the destination machine over a WAN, inspecting the source data packet at a first firewall associated with the source site, marking the source data packet with a marker to indicate inspection by the first firewall, transmitting the marked source data packet to the destination site, determining at the destination site that the source data packet has been inspected based on the marker, and forwarding the source data packet to the destination machine at the destination site, without inspection of the source data packet by a second firewall associated with the destination site.Type: ApplicationFiled: August 4, 2022Publication date: November 24, 2022Inventors: Balaji Sundararajan, Venkatesh Gota B R, Sireesha Yeruva, Chandramouli Balasubramanian, Anand Oswal
-
Patent number: 11502871Abstract: A network controller can register WAN edge routers and WAN optimizers distributed across a WAN. The controller can receive a request to establish a WAN optimized connection between first and second hosts. The controller can identify a first WAN optimizer to perform first services (e.g., de-duplication, compression, application acceleration, caching, etc.) for first traffic from the first host to the second host and first complementary services for second traffic from the second host to the first host, and a second WAN optimizer for the second traffic and second complementary services for the first traffic. The controller can establish the optimized connection comprising a first path including the first host, WAN optimizer, and router; a second path including the first router and a second router, and a third path including the second router, WAN optimizer, and host. The controller can route the first and second traffic through the optimized connection.Type: GrantFiled: September 3, 2021Date of Patent: November 15, 2022Assignee: CISCO TECHNOLOGY, INC.Inventors: Balaji Sundararajan, Vivek Agarwal, Harish A. Kapadia
-
Publication number: 20220326995Abstract: A method for allocating resources of a virtual controller is disclosed. The method comprises: allocating resources of a virtual controller to a first tenant, wherein the first tenant is allocated a first tenant quantity of guaranteed resources of the virtual controller and a second tenant is allocated a second tenant quantity of guaranteed resources of the virtual controller; determining that resources requested by the first tenant are greater than the first tenant quantity of guaranteed resources; determining that the virtual controller has unutilized resources sufficient to at least partially provide additional resources beyond the first tenant quantity of guaranteed resources to the first tenant; and temporarily provisioning the additional resources to the first tenant, wherein the additional resources are greater than the first tenant quantity of guaranteed resources.Type: ApplicationFiled: July 30, 2021Publication date: October 13, 2022Inventors: Xiaohu Wang, Ajeet Pal Singh Gill, Srilatha Tangirala, Nithin Bangalore Raju, Prabahar Radhakrishnan, Vivek Agarwal, Balaji Sundararajan