Patents by Inventor Deepak Swaminathan

Deepak Swaminathan has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Publication number: 20250106227
    Abstract: Techniques are presented for detecting and remediating security events. One method includes ingesting signals and telemetry from various tools like Software as a Service (SaaS), Endpoint Detection and Response (EDR), Mobile Device Management (MDM), and Secure Access Service Edge (SASE). Live session graphs are created for users, mapping all application token sessions. The system collects data from multiple sources to construct detailed graphs that represent user sessions, application usage, device employment, and third-party application tokens. This helps identify both legitimate and suspicious sessions, reducing false positives and enhancing effectiveness. Session graphs are analyzed to detect security threats, identify suspicious activities, and determine appropriate responses. Further, remediation tools are provided to address security events manually or automatically through established policies.
    Type: Application
    Filed: September 17, 2024
    Publication date: March 27, 2025
    Inventors: Kartik Kumar Chatnalli Deshpande Sridhar, Abhay Sudhakar Kulkarni, Deepak Swaminathan
  • Publication number: 20250106261
    Abstract: Methods, systems, and computer programs are presented for stitching a meta session with an underlying trail fragmented across multiple distributed sessions. One method includes receiving telemetry signals from entities in a session environment that includes at least one identity of a user engaged with applications via respective meta sessions. An underlying trail for each meta session is determined, where the underlying trail is fragmented across two or more sessions with two or more entities. For a first meta session with a first application for the identity of the user, several operations are performed, including correlating a signal hierarchy based on the telemetry signals; constructing, based on the correlated signal hierarchy, a session hierarchy underlying the first meta session distributed across the one or more entities; determining a posture of the first meta session based on the constructed session hierarchy; and enforcing a security policy based on the determined posture.
    Type: Application
    Filed: September 17, 2024
    Publication date: March 27, 2025
    Inventors: Kartik Kumar Chatnalli Deshpande Sridhar, Abhay Sudhakar Kulkarni, Deepak Swaminathan
  • Publication number: 20200304368
    Abstract: In some implementations, a method is provided. The method includes receiving, by an agent of a first container of a network device from a second container of the network device, a request for a forwarding engine of the network device to perform an operation. The first container and the second container are located on a control plane of the network device. The first container comprises a set of drivers to support multiple types of forwarding engines. The first container further comprises an operating system. The method also includes providing the request to the operating system. The operating system uses a first driver of the set of drivers to communicate with the forwarding engine. The method further includes performing the operation requested by the second container. The method further includes providing a result of the operation to the second container in response to determining that the result should be provided to the second container.
    Type: Application
    Filed: March 20, 2019
    Publication date: September 24, 2020
    Inventors: Aparna Karanjkar, Ashwin Deepak Swaminathan, Vidya Kirupanidhi, Simon Francis Capper
  • Patent number: 9836317
    Abstract: A controller device is connected to a group of virtual machines and one or more network devices in a network. The controller device is configured to store policies relating to when to start up and when to shut down the virtual machines based on users logging into the network, users logging out of the network, users attempting to access the plurality of virtual machines, and/or particular types of traffic in the network; receive network activity data from a network device of the one or more network devices in the network; identify, based on the network activity data and the policies, a virtual machine, of the group of virtual machines, to start up or shut down; and cause the virtual machine to start up or shut down.
    Type: Grant
    Filed: November 2, 2015
    Date of Patent: December 5, 2017
    Assignee: Juniper Networks, Inc.
    Inventor: Deepak Swaminathan
  • Patent number: 9548920
    Abstract: A method is provided in one example embodiment and includes determining an action to be performed with respect to a packet corresponding to a new flow received at a network device and determining whether a new entry comprising an indication of the determined action can be added to a flow table of the network device. The determination of whether a new entry can be added to the flow table is made with reference to reservation information specified in a port profile associated with the new flow. Responsive to a determination that the new entry can be added, the new entry is added to the flow table. In one embodiment, determining whether the new entry can be added comprises determining whether an existing entry can be aged out based on the reservation information specified in the associated port profile.
    Type: Grant
    Filed: October 15, 2012
    Date of Patent: January 17, 2017
    Assignee: CISCO TECHNOLOGY, INC.
    Inventors: Maithili Narasimha, Ashwin Deepak Swaminathan, Naga Venkata Kiran K. Chunduri, Srinivas Sardar
  • Publication number: 20160070584
    Abstract: A controller device is connected to a group of virtual machines and one or more network devices in a network. The controller device is configured to store policies relating to when to start up and when to shut down the virtual machines based on users logging into the network, users logging out of the network, users attempting to access the plurality of virtual machines, and/or particular types of traffic in the network; receive network activity data from a network device of the one or more network devices in the network; identify, based on the network activity data and the policies, a virtual machine, of the group of virtual machines, to start up or shut down; and cause the virtual machine to start up or shut down.
    Type: Application
    Filed: November 2, 2015
    Publication date: March 10, 2016
    Inventor: Deepak SWAMINATHAN
  • Patent number: 9176758
    Abstract: A controller device is connected to a group of virtual machines and one or more network devices in a network. The controller device is configured to store policies relating to when to start up and when to shut down the virtual machines based on users logging into the network, users logging out of the network, users attempting to access the plurality of virtual machines, and/or particular types of traffic in the network; receive network activity data from a network device of the one or more network devices in the network; identify, based on the network activity data and the policies, a virtual machine, of the group of virtual machines, to start up or shut down; and cause the virtual machine to start up or shut down.
    Type: Grant
    Filed: February 12, 2015
    Date of Patent: November 3, 2015
    Assignee: Juniper Networks, Inc.
    Inventor: Deepak Swaminathan
  • Publication number: 20150160980
    Abstract: A controller device is connected to a group of virtual machines and one or more network devices in a network. The controller device is configured to store policies relating to when to start up and when to shut down the virtual machines based on users logging into the network, users logging out of the network, users attempting to access the plurality of virtual machines, and/or particular types of traffic in the network; receive network activity data from a network device of the one or more network devices in the network; identify, based on the network activity data and the policies, a virtual machine, of the group of virtual machines, to start up or shut down; and cause the virtual machine to start up or shut down.
    Type: Application
    Filed: February 12, 2015
    Publication date: June 11, 2015
    Inventor: Deepak SWAMINATHAN
  • Patent number: 8959513
    Abstract: A controller device is connected to a group of virtual machines and one or more network devices in a network. The controller device is configured to store policies relating to when to start up and when to shut down the virtual machines based on users logging into the network, users logging out of the network, users attempting to access the plurality of virtual machines, and/or particular types of traffic in the network; receive network activity data from a network device of the one or more network devices in the network; identify, based on the network activity data and the policies, a virtual machine, of the group of virtual machines, to start up or shut down; and cause the virtual machine to start up or shut down.
    Type: Grant
    Filed: September 27, 2012
    Date of Patent: February 17, 2015
    Assignee: Juniper Networks, Inc.
    Inventor: Deepak Swaminathan
  • Patent number: 8751650
    Abstract: In one embodiment, a method includes identifying common access control list (ACL) parameters and variable ACL parameters among a plurality of tenants in a network, mapping parameter values for the variable ACL parameters to the tenants, generating a multi-tenant access control list for the tenants, storing the multi-tenant access control list and mapping at a network device, and applying the multi-tenant access control list to ports at the network device. The multi-tenant access control list includes the common ACL parameters and variable ACL parameters.
    Type: Grant
    Filed: May 10, 2012
    Date of Patent: June 10, 2014
    Assignee: Cisco Technology, Inc.
    Inventors: Anuraag Mittal, Maithili Narasimha, Ashwin Deepak Swaminathan, Badhri Madabusi Vijayaraghavan
  • Publication number: 20140108632
    Abstract: A method is provided in one example embodiment and includes determining an action to be performed with respect to a packet corresponding to a new flow received at a network device and determining whether a new entry comprising an indication of the determined action can be added to a flow table of the network device. The determination of whether a new entry can be added to the flow table is made with reference to reservation information specified in a port profile associated with the new flow. Responsive to a determination that the new entry can be added, the new entry is added to the flow table. In one embodiment, determining whether the new entry can be added comprises determining whether an existing entry can be aged out based on the reservation information specified in the associated port profile.
    Type: Application
    Filed: October 15, 2012
    Publication date: April 17, 2014
    Inventors: Maithili Narasimha, Ashwin Deepak Swaminathan, Naga Venkata Kiran K. Chunduri, Srinivas Sardar
  • Patent number: 8599854
    Abstract: Techniques are described for identifying destinations in a virtual network by defining virtual entities such as a port profile as the destination for network policies, such as redirect or span to be a logical set of ports (i.e., ports belonging to a port-profile or a port group) where the members of the set of ports may be added/removed dynamically without requiring any changes to the network policy. Further, a network administrator (or other user) may predefine the destinations for a network policy even before some or all of the destinations are active on a given virtualized system. In such cases, the network policies may go into effect when the required entities become available.
    Type: Grant
    Filed: April 16, 2010
    Date of Patent: December 3, 2013
    Assignee: Cisco Technology, Inc.
    Inventors: Udayakumar Srinivasan, Srinivas Sardar, Joseph Michaelsamy Swaminathan, Ashwin Deepak Swaminathan
  • Publication number: 20130304917
    Abstract: In one embodiment, a method includes identifying common access control list (ACL) parameters and variable ACL parameters among a plurality of tenants in a network, mapping parameter values for the variable ACL parameters to the tenants, generating a multi-tenant access control list for the tenants, storing the multi-tenant access control list and mapping at a network device, and applying the multi-tenant access control list to ports at the network device. The multi-tenant access control list includes the common ACL parameters and variable ACL parameters.
    Type: Application
    Filed: May 10, 2012
    Publication date: November 14, 2013
    Applicant: CISCO TECHNOLOGY, INC.
    Inventors: Anuraag Mittal, Maithili Narasimha, Ashwin Deepak Swaminathan, Badhri Madabusi Vijayaraghavan
  • Publication number: 20110255538
    Abstract: Techniques are described for identifying destinations in a virtual network by defining virtual entities such as a port profile as the destination for network policies, such as redirect or span to be a logical set of ports (i.e., ports belonging to a port-profile or a port group) where the members of the set of ports may be added/removed dynamically without requiring any changes to the network policy. Further, a network administrator (or other user) may predefine the destinations for a network policy even before some or all of the destinations are active on a given virtualized system. In such cases, the network policies may go into effect when the required entities become available.
    Type: Application
    Filed: April 16, 2010
    Publication date: October 20, 2011
    Inventors: UDAYAKUMAR SRINIVASAN, Srinivas Sardar, Joseph Michaelsamy Swaminathan, Ashwin Deepak Swaminathan