Patents by Inventor Farzad Ghannadian
Farzad Ghannadian has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11921610Abstract: Some embodiments provide a novel method for collecting and reporting attributes of data flows associated with machines executing on a plurality of host computers to an analysis appliance. Some embodiments collect, each time a request for a new data message flow is initiated, a set of contextual attributes (i.e., context data) associated with the requested new data message flow. The method, in some embodiments, generates a correlation data set and provides the correlation data set to be included in flow data regarding the requested data message flow to be used by the analysis appliance to correlate context data and flow data received as separate data sets from multiple host computers.Type: GrantFiled: May 2, 2022Date of Patent: March 5, 2024Assignee: VMware LLCInventors: Laxmikant Vithal Gunda, Arnold Poon, Farzad Ghannadian
-
Publication number: 20240031225Abstract: Some embodiments provide a method for one of multiple shared API processing services in a container cluster that implements a network policy manager shared between multiple tenants. The method receives a configuration request from a particular tenant to modify a logical network configuration for the particular tenant. Configuration requests from the plurality of tenants are balanced across the plurality of shared API processing services. Based on the received configuration request, the method posts a logical network configuration change to a configuration queue in the cluster. The configuration queue is dedicated to the logical network of the particular tenant. Services are instantiated separately in the container cluster for each tenant to distribute configuration changes from the respective configuration queues for the tenants to datacenters that implement the tenant logical networks such that configuration changes for one tenant do not slow down processing of configuration changes for other tenants.Type: ApplicationFiled: July 20, 2022Publication date: January 25, 2024Inventors: Amarnath Palavalli, Suresh Muppala, Farzad Ghannadian, Sukhdev Singh, Pavlush Margarian
-
Publication number: 20240031229Abstract: Some embodiments provide a method for a management service executing within a container cluster to manage logical networks for multiple tenants. Each tenant logical network is distributed across a respective set of datacenters. The method determines that a particular datacenter of a particular tenant requires a complete synchronization of the logical network for the particular tenant. Based on the determination, the method instantiates an on-demand service to manage streaming logical network configuration data for the particular datacenter from a database in the container cluster that stores logical network configurations for each of the multiple tenants.Type: ApplicationFiled: July 20, 2022Publication date: January 25, 2024Inventors: Amarnath Palavalli, Suresh Muppala, Farzad Ghannadian, Sukhdev Singh, Pavlush Margarian
-
Publication number: 20240004689Abstract: Some embodiments provide a novel method for collecting and reporting attributes of data flows associated with machines executing on a plurality of host computers to an analysis appliance and providing visual representations of the data to a user. Some embodiments provide a visual representation of the collected data that allows a user to select a set of machines and flows and initiate recommendation generation based on the selected machines and flows. The recommendation generation, in some embodiments, includes identifying flows for which rules have not been defined and filtering the identified rules to remove flows for which rules should not be defined. Some embodiments use the identified rues to identify services and groups associated with the rules and generate recommendations for rules, groups and services based on the identified flows, groups and services. The recommendations, in some embodiments, are implemented as a single PATCH API.Type: ApplicationFiled: June 19, 2023Publication date: January 4, 2024Inventors: Sunitha Krishna, Kausum Kumar, Rajiv Mordani, Ashish Shendure, Ashish Patel, Farzad Ghannadian
-
Patent number: 11765174Abstract: Techniques for providing application-independent access control in a cloud-services computing environment are provided. In one embodiment, a method for providing application-independent access control is provided. The method includes obtaining a user identity for accessing the cloud-services computing environment and receiving a user request to perform a task using an application. The method further includes collecting process-related data for performing the task using the application and obtaining one or more network routing addresses. The method further includes determining, based on the user identity, the process-related data, and the one or more network routing addresses, whether the task is to be performed. If that the task is to be performed, the task is caused to be performed using the application; and if the task is not to be performed, the user request is denied.Type: GrantFiled: December 7, 2018Date of Patent: September 19, 2023Assignee: VMware, Inc.Inventors: Arijit Chanda, Venkat Rajagopalan, Rajiv Mordani, Arnold Poon, Rajiv Krishnamurthy, Farzad Ghannadian, Sirisha Myneni
-
Publication number: 20230262114Abstract: The disclosure provides an approach for workload labeling and identification of known or custom applications. Embodiments include determining a plurality of sets of features comprising a respective set of features for each respective workload of a first subset of a plurality of workloads. Embodiments include identifying a group of workloads based on similarities among the plurality of sets of features. Embodiments include receiving label data from a user comprising a label for the group of workloads. Embodiments include associating the label with each workload of the group of workloads to produce a training data set. Embodiments include using the training data set to train a model to output labels for input workloads. Embodiments include determining a label for a given workload of the plurality of workloads by inputting features of the given workload to the model.Type: ApplicationFiled: April 26, 2023Publication date: August 17, 2023Inventors: Alok TIAGI, Farzad GHANNADIAN, Karen HAYRAPETYAN, Laxmikant Vithal GUNDA, Sunitha KRISHNA, Ashot ASLANYAN, Anirban SENGUPTA
-
Patent number: 11693688Abstract: Some embodiments provide a novel method for collecting and reporting attributes of data flows associated with machines executing on a plurality of host computers to an analysis appliance and providing visual representations of the data to a user. Some embodiments provide a visual representation of the collected data that allows a user to select a set of machines and flows and initiate recommendation generation based on the selected machines and flows. The recommendation generation, in some embodiments, includes identifying flows for which rules have not been defined and filtering the identified rules to remove flows for which rules should not be defined. Some embodiments use the identified rues to identify services and groups associated with the rules and generate recommendations for rules, groups and services based on the identified flows, groups and services. The recommendations, in some embodiments, are implemented as a single PATCH API.Type: GrantFiled: May 23, 2022Date of Patent: July 4, 2023Assignee: VMWARE, INC.Inventors: Sunitha Krishna, Kausum Kumar, Rajiv Mordani, Ashish Shendure, Ashish Patel, Farzad Ghannadian
-
Patent number: 11659026Abstract: The disclosure provides an approach for workload labeling and identification of known or custom applications. Embodiments include determining a plurality of sets of features comprising a respective set of features for each respective workload of a first subset of a plurality of workloads. Embodiments include identifying a group of workloads based on similarities among the plurality of sets of features. Embodiments include receiving label data from a user comprising a label for the group of workloads. Embodiments include associating the label with each workload of the group of workloads to produce a training data set. Embodiments include using the training data set to train a model to output labels for input workloads. Embodiments include determining a label for a given workload of the plurality of workloads by inputting features of the given workload to the model.Type: GrantFiled: April 22, 2020Date of Patent: May 23, 2023Assignee: VMWARE, INC.Inventors: Alok Tiagi, Farzad Ghannadian, Karen Hayrapetyan, Laxmikant Vithal Gunda, Sunitha Krishna, Ashot Aslanyan, Anirban Sengupta
-
Publication number: 20220365806Abstract: Some embodiments provide a novel method for collecting and reporting attributes of data flows associated with machines executing on a plurality of host computers to an analysis appliance and providing visual representations of the data to a user. Some embodiments provide a visual representation of the collected data that allows a user to select a set of machines and flows and initiate recommendation generation based on the selected machines and flows. The recommendation generation, in some embodiments, includes identifying flows for which rules have not been defined and filtering the identified rules to remove flows for which rules should not be defined. Some embodiments use the identified rues to identify services and groups associated with the rules and generate recommendations for rules, groups and services based on the identified flows, groups and services. The recommendations, in some embodiments, are implemented as a single PATCH API.Type: ApplicationFiled: May 23, 2022Publication date: November 17, 2022Inventors: Sunitha Krishna, Kausum Kumar, Rajiv Mordani, Ashish Shendure, Ashish Patel, Farzad Ghannadian
-
Publication number: 20220261330Abstract: Some embodiments provide a novel method for collecting and reporting attributes of data flows associated with machines executing on a plurality of host computers to an analysis appliance. Some embodiments collect, each time a request for a new data message flow is initiated, a set of contextual attributes (i.e., context data) associated with the requested new data message flow. The method, in some embodiments, generates a correlation data set and provides the correlation data set to be included in flow data regarding the requested data message flow to be used by the analysis appliance to correlate context data and flow data received as separate data sets from multiple host computers.Type: ApplicationFiled: May 2, 2022Publication date: August 18, 2022Inventors: Laxmikant Vithal Gunda, Arnold Poon, Farzad Ghannadian
-
Patent number: 11349876Abstract: Some embodiments provide a novel method for collecting and reporting attributes of data flows associated with machines executing on a plurality of host computers to an analysis appliance and providing visual representations of the data to a user. Some embodiments provide a visual representation of the collected data that allows a user to select a set of machines and flows and initiate recommendation generation based on the selected machines and flows. The recommendation generation, in some embodiments, includes identifying flows for which rules have not been defined and filtering the identified rules to remove flows for which rules should not be defined. Some embodiments use the identified rues to identify services and groups associated with the rules and generate recommendations for rules, groups and services based on the identified flows, groups and services. The recommendations, in some embodiments, are implemented as a single PATCH API.Type: GrantFiled: August 28, 2019Date of Patent: May 31, 2022Assignee: VMWARE, INC.Inventors: Sunitha Krishna, Kausum Kumar, Rajiv Mordani, Radha Popuri, Kavya Kambi Ravi, Ankur Saran, Farzad Ghannadian
-
Patent number: 11340931Abstract: Some embodiments provide a novel method for collecting and reporting attributes of data flows associated with machines executing on a plurality of host computers to an analysis appliance and providing visual representations of the data to a user. Some embodiments provide a visual representation of the collected data that allows a user to select a set of machines and flows and initiate recommendation generation based on the selected machines and flows. The recommendation generation, in some embodiments, includes identifying flows for which rules have not been defined and filtering the identified rules to remove flows for which rules should not be defined. Some embodiments use the identified rues to identify services and groups associated with the rules and generate recommendations for rules, groups and services based on the identified flows, groups and services. The recommendations, in some embodiments, are implemented as a single PATCH API.Type: GrantFiled: August 28, 2019Date of Patent: May 24, 2022Assignee: VMWARE, INC.Inventors: Sunitha Krishna, Kausum Kumar, Rajiv Mordani, Ashish Shendure, Ashish Patel, Farzad Ghannadian
-
Patent number: 11343283Abstract: Some embodiments provide a method for a network management and control system that manages a virtual infrastructure deployed across a set of datacenters. Based on input from a top-level user of the virtual infrastructure, the method deploys a first logical network within the virtual infrastructure and defines one or more second-level users of the virtual infrastructure. The method receives input from a second-level user of the virtual infrastructure to define a second logical network and connect the second logical network to the first logical network. The first and second logical networks use a same data model and the second-level users are restricted from viewing configuration of the first logical network.Type: GrantFiled: November 24, 2020Date of Patent: May 24, 2022Assignee: VMWARE, INC.Inventors: Sachin Mohan Vaidya, Shailesh Makhijani, Mayur Dhas, Rushikesh Wagh, Nikhil Bokare, Vaibhav Bhandari, Alka Pendharkar, Disha Chopra, Pavlush Margarian, Farzad Ghannadian, Shrinivas Sharad Parashar
-
Patent number: 11321213Abstract: Some embodiments provide a novel method for collecting and reporting attributes of data flows associated with machines executing on a plurality of host computers to an analysis appliance. Some embodiments collect, each time a request for a new data message flow is initiated, a set of contextual attributes (i.e., context data) associated with the requested new data message flow. The method, in some embodiments, generates a correlation data set and provides the correlation data set to be included in flow data regarding the requested data message flow to be used by the analysis appliance to correlate context data and flow data received as separate data sets from multiple host computers.Type: GrantFiled: January 16, 2020Date of Patent: May 3, 2022Assignee: VMWARE, INC.Inventors: Laxmikant Vithal Gunda, Arnold Poon, Farzad Ghannadian
-
Patent number: 11296960Abstract: Some embodiments provide a method for monitoring a distributed application. The method receives a request to perform data collection for the distributed application. The method identifies data compute nodes (DCNs) that implement the distributed application. The method sends commands to host machines on which the identified DCNs operate to detect events related to the DCNs and provide data regarding the detected events. The method uses the data regarding the detected events to generate a user interface (UI) display of the topology of the distributed application.Type: GrantFiled: March 8, 2018Date of Patent: April 5, 2022Assignee: NICIRA, INC.Inventors: Bin Wang, Margaret Petrus, Farzad Ghannadian, Rajiv Krishnamurthy
-
Publication number: 20220103429Abstract: Some embodiments provide a method for a network management and control system that manages a virtual infrastructure deployed across a set of datacenters. Based on input from a top-level user of the virtual infrastructure, the method deploys a first logical network within the virtual infrastructure and defines one or more second-level users of the virtual infrastructure. The method receives input from a second-level user of the virtual infrastructure to define a second logical network and connect the second logical network to the first logical network. The first and second logical networks use a same data model and the second-level users are restricted from viewing configuration of the first logical network.Type: ApplicationFiled: November 24, 2020Publication date: March 31, 2022Inventors: Sachin Mohan Vaidya, Shailesh Makhijani, Mayur Dhas, Rushikesh Wagh, Nikhil Bokare, Vaibhav Bhandari, Alka Pendharkar, Disha Chopra, Pavlush Margarian, Farzad Ghannadian, Shrinivas Sharad Parashar
-
Patent number: 11252061Abstract: In one set of embodiments, a host system can perform a random walk along a graph representing network traffic in a virtual network, where the virtual network comprises a plurality of virtual machines (VMs) running on a plurality of host systems including the host system, and where the random walk starts from a node of the graph corresponding to a VM running on the host system. The host system can further construct, based on the random walk, a local neighborhood of VMs associated with the VM and determine, based on the local neighborhood, whether the VM is a localized VM. Upon determining that the VM is not a localized VM, the host system can transmit a random walk data entry identifying the VM and the local neighborhood to a server communicatively coupled with the plurality of host systems.Type: GrantFiled: November 5, 2020Date of Patent: February 15, 2022Assignee: VMWARE INC.Inventors: Kamalika Das, Arnold Koon-Chee Poon, Farzad Ghannadian
-
Publication number: 20210365308Abstract: Some embodiments provide a simplified mechanism to deploy and control a multi-segmented application by using application-based manifests that express how application segments of the multi-segment application are to be defined or modified, and how the communication profiles between these segments. In some embodiments, these manifests are application specific. Also, in some embodiments, deployment managers in a software defined datacenter (SDDC) provide these manifests as templates to administrators, who can use these templates to express their intent when they are deploying multi-segment applications in the datacenter. Application-based manifests can also be used to control previously deployed multi-segmented applications in the SDDC. Using such manifests would enable the administrators to be able to manage fine grained micro-segmentation rules based on endpoint and network attributes.Type: ApplicationFiled: August 9, 2021Publication date: November 25, 2021Inventors: Sirisha Myneni, Arijit Chanda, Laxmikant Vithal Gunda, Arnold Koon-Chee Poon, Farzad Ghannadian, Kausum Kumar
-
Patent number: 11184327Abstract: Some embodiments of the invention provide a novel architecture for providing context-aware middlebox services at the edge of a physical datacenter. In some embodiments, the middlebox service engines run in an edge host (e.g., an NSX Edge) that provides routing services and connectivity to external networks (e.g., networks external to an NSX-T deployment). Some embodiments use a novel architecture for capturing contextual attributes on host computers that execute one or more machines and providing the captured contextual attributes to context-aware middlebox service engines providing the context-aware middlebox services. In some embodiments, a context header insertion processor uses contextual attributes to generate a header including data regarding the contextual attributes (a “context header”) that is used to encapsulate a data message that is processed by the SFE and sent to the context-aware middlebox service engine.Type: GrantFiled: July 5, 2018Date of Patent: November 23, 2021Assignee: VMWARE, INC.Inventors: Tori Chen, Sirisha Myneni, Arijit Chanda, Arnold Poon, Farzad Ghannadian, Venkat Rajagopalan
-
Publication number: 20210336899Abstract: The disclosure provides an approach for workload labeling and identification of known or custom applications. Embodiments include determining a plurality of sets of features comprising a respective set of features for each respective workload of a first subset of a plurality of workloads. Embodiments include identifying a group of workloads based on similarities among the plurality of sets of features. Embodiments include receiving label data from a user comprising a label for the group of workloads. Embodiments include associating the label with each workload of the group of workloads to produce a training data set. Embodiments include using the training data set to train a model to output labels for input workloads. Embodiments include determining a label for a given workload of the plurality of workloads by inputting features of the given workload to the model.Type: ApplicationFiled: April 22, 2020Publication date: October 28, 2021Inventors: Alok TIAGI, Farzad GHANNADIAN, Karen HAYRAPETYAN, Laxmikant Vithal GUNDA, Sunitha KRISHNA, Ashot ASLANYAN, Anirban SENGUPTA