Patents by Inventor Hari Krishna Kurmala
Hari Krishna Kurmala has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20230147408Abstract: The present disclosure discloses a system and method for dynamically modifying role based access control for a client based on the activity. Generally, a client device is granted access to a network resource based on a first reputation score assigned to the client device. The activity of the client device is monitored. Responsive to monitoring the activity of the client device, a second reputation score is determined for the client device based on the activity. The access by the client device to the network resource is then modified to be granted based on the second reputation score.Type: ApplicationFiled: January 9, 2023Publication date: May 11, 2023Inventors: Ramesh ARDELI, Hari Krishna KURMALA
-
Patent number: 11575686Abstract: The present disclosure discloses a system and method for dynamically modifying role based access control for a client based on the activity. Generally, a client device is granted access to a network resource based on a first reputation score assigned to the client device. The activity of the client device is monitored. Responsive to monitoring the activity of the client device, a second reputation score is determined for the client device based on the activity. The access by the client device to the network resource is then modified to be granted based on the second reputation score.Type: GrantFiled: August 13, 2020Date of Patent: February 7, 2023Assignee: Hewlett Packard Enterprise Development LPInventors: Ramesh Ardeli, Hari Krishna Kurmala
-
Patent number: 11528166Abstract: Systems, methods, and computer-readable media are described for establishing an optimized geo-location based hub mesh network for a group of network controllers spanning multiple regions, where the optimized mesh network includes substantially fewer connections between network controllers than conventional hub mesh networks. Geo-location information is obtained for the group of network controllers, and the network controllers are categorized into various physical regions based on the geo-location information. Then, within each region, a particular network controller is selected to serve as a primary regional hub for that region. Tunnel connections are then established between each non-hub network controller in each region and the primary regional hub for that region. In addition, tunnel connections are established between each non-hub network controller in a region and each other non-hub network controller within the same region.Type: GrantFiled: January 12, 2021Date of Patent: December 13, 2022Assignee: Hewlett Packard Enterprise Development LPInventors: Hari Krishna Kurmala, Shreekanth Chandranna
-
Publication number: 20220353147Abstract: Systems are methods are described which allow for “zero-touch” provisioning (ZTP) to be used to seamlessly bring up devices such as Gateways/Access Points/Switches or any other networking devices connected over different uplink types such as aggregated links (Static LAG, LACP), trunk ports, and the like. Provisioning is adapted specifically for trunk and/or LACP ports in order to maintain the automation and optimization benefits typically provided by ZTP. A method can include transmitting a discover message, and receiving a response message based on the discover message. Then, determining whether a pre-defined extension is included in the response message that indicates a port type and a virtual local area network (VLAN) configuration. Automatic configuration of one or more ports and a VLAN can be performed as indicated by the pre-defined extension. Thus, ZTP can be restarted in accordance with the configuration of the network device.Type: ApplicationFiled: April 29, 2021Publication date: November 3, 2022Inventors: Hari KRISHNA KURMALA, Prasanna SRIDHARAN, Dhrumil DESAI
-
Publication number: 20220224563Abstract: Systems, methods, and computer-readable media are described for establishing an optimized geo-location based hub mesh network for a group of network controllers spanning multiple regions, where the optimized mesh network includes substantially fewer connections between network controllers than conventional hub mesh networks. Geo-location information is obtained for the group of network controllers, and the network controllers are categorized into various physical regions based on the geo-location information. Then, within each region, a particular network controller is selected to serve as a primary regional hub for that region. Tunnel connections are then established between each non-hub network controller in each region and the primary regional hub for that region. In addition, tunnel connections are established between each non-hub network controller in a region and each other non-hub network controller within the same region.Type: ApplicationFiled: January 12, 2021Publication date: July 14, 2022Inventors: Hari Krishna Kurmala, Shreekanth Chandranna
-
Patent number: 11336563Abstract: Examples relates to a method for selecting headend gateway for routing subnets of branch gateways of a geographic region in a software defined wide area network (SD-WAN). In some examples, an analyzer issues a subnet to each branch gateway of a first geographic region from a pool of contiguous IP addresses, selects a first set of headend gateways suited to be assigned to the branch gateways, ranks each of the first set of headend gateways based on a parameter that includes dynamic loading of each headend gateway or link health information between each of the headend gateways and the branch gateways, and forwards the information including the ranking of headend gateways of the first set to a network orchestrator of the SD-WAN to cause the network orchestrator to assign the branch gateways to the highest ranking gateway based on information including the ranking of the first set of headend gateways.Type: GrantFiled: April 28, 2021Date of Patent: May 17, 2022Assignee: Hewlett Packard Enterprise Development LPInventors: Hari Krishna Kurmala, Shreekanth Chandranna
-
Patent number: 11108851Abstract: Disclosed is a network infrastructure device including processing circuitry and a non-transitory, computer-readable medium including instructions that, when executed by the processing circuitry, cause the network infrastructure device to perform certain actions. The actions include receiving first information indicating resource utilization of headend gateways for forwarding data of a first application, receiving second information indicating resource utilization of branch gateways for forwarding data of a second application, forwarding data of the first application across a WAN link to a first headend gateway best suited to forward data of the first application, and forwarding data of the second application across a WAN link to a second headend gateway best suited to forward data of the second application.Type: GrantFiled: April 10, 2020Date of Patent: August 31, 2021Assignee: Hewlett Packard Enterprise Development LPInventors: Hari Krishna Kurmala, Shreekanth Chandranna
-
Patent number: 10992702Abstract: In example implementations, a method is provided that is executed by a processor. A multiplexed data stream is received over a single transmission control protocol (TCP) connection that uses a SPDY protocol. The multiplexed data stream contains data packets associated with a plurality of different data streams. A plurality of sub-contexts are generated. Each one of the sub-contexts is associated with a different one of the plurality of different data streams. The data packets are demultiplexed from the multiplexed data stream into a respective one of the plurality of sub-contexts. The plurality of different data streams in the respective one of the plurality of sub-contexts are examined to detect a malware.Type: GrantFiled: January 27, 2016Date of Patent: April 27, 2021Assignee: Hewlett Packard Enterprise Development LPInventors: Ramesh Ardeli, Hari Krishna Kurmala
-
Patent number: 10993169Abstract: Methods and systems are described for intelligently steering client devices operating in an enterprise network system to an appropriate access point based on types of traffic on each client device and/or types of traffic on access points. In particular, client devices may be moved to a different access point when the wireless channel provided by a current access point fails to meet the signal strength requirements of latency sensitive traffic utilized by the client device. Client devices may be further steered to new access points based on load conditions on access points. For example, client devices with low priority traffic sessions may be steered away from access points with high traffic load levels. Accordingly, the methods and systems described herein ensure improved network access for latency sensitive access categories and/or access categories that are considered important to an enterprise system with minimal disruptions to these sessions.Type: GrantFiled: December 4, 2017Date of Patent: April 27, 2021Assignee: Hewlett Packard Enterprise Development LPInventors: Ramesh Ardeli, Hari Krishna Kurmala, Vamsi Kodavanty
-
Publication number: 20200374299Abstract: The present disclosure discloses a system and method for dynamically modifying role based access control for a client based on the activity. Generally, a client device is granted access to a network resource based on a first reputation score assigned to the client device. The activity of the client device is monitored. Responsive to monitoring the activity of the client device, a second reputation score is determined for the client device based on the activity. The access by the client device to the network resource is then modified to be granted based on the second reputation score.Type: ApplicationFiled: August 13, 2020Publication date: November 26, 2020Inventors: Ramesh Ardeli, Hari Krishna Kurmala
-
Patent number: 10771391Abstract: Examples disclosed herein relate to enforcing a policy to a packet stream based on a classification and a determination that a proxy connection is associated with the packet stream. In the example, the packet stream is received. In this example, a host value is determined for the packet stream. Also, in the example, it is determined whether the packet stream is associated with the proxy connection. Further, in the example, a classification is determined based on the host value. In this example, the policy is enforced for the packet stream based on the classification and the determination that the proxy connection is associated with the packet stream.Type: GrantFiled: November 5, 2015Date of Patent: September 8, 2020Assignee: Hewlett Packard Enterprise Development LPInventors: Ramesh Ardeli, Venkatesan Marichetty, Hari Krishna Kurmala
-
Patent number: 10757116Abstract: The present disclosure discloses a system and method for dynamically modifying role based access control for a client based on the activity. Generally, a client device is granted access to a network resource based on a first reputation score assigned to the client device. The activity of the client device is monitored. Responsive to monitoring the activity of the client device, a second reputation score is determined for the client device based on the activity. The access by the client device to the network resource is then modified to be granted based on the second reputation score.Type: GrantFiled: November 7, 2018Date of Patent: August 25, 2020Assignee: Hewlett Packard Enterprise Development LPInventors: Ramesh Ardeli, Hari Krishna Kurmala
-
Publication number: 20190075122Abstract: The present disclosure discloses a system and method for dynamically modifying role based access control for a client based on the activity. Generally, a client device is granted access to a network resource based on a first reputation score assigned to the client device. The activity of the client device is monitored. Responsive to monitoring the activity of the client device, a second reputation score is determined for the client device based on the activity. The access by the client device to the network resource is then modified to be granted based on the second reputation score.Type: ApplicationFiled: November 7, 2018Publication date: March 7, 2019Inventors: Ramesh Ardeli, Hari Krishna Kurmala
-
Publication number: 20190052649Abstract: In example implementations, a method is provided that is executed by a processor. A multiplexed data stream is received over a single transmission control protocol (TCP) connection that uses a SPDY protocol. The multiplexed data stream contains data packets associated with a plurality of different data streams. A plurality of sub-contexts are generated. Each one of the sub-contexts is associated with a different one of the plurality of different data streams. The data packets are demultiplexed from the multiplexed data stream into a respective one of the plurality of sub-contexts. The plurality of different data streams in the respective one of the plurality of sub-contexts are examined to detect a malware.Type: ApplicationFiled: January 27, 2016Publication date: February 14, 2019Inventors: Ramesh Ardeli, Hari Krishna Kurmala
-
Patent number: 10135843Abstract: The present disclosure discloses a system and method for dynamically modifying role based access control for a client based on the activity. Generally, a client device is granted access to a network resource based on a first reputation score assigned to the client device. The activity of the client device is monitored. Responsive to monitoring the activity of the client device, a second reputation score is determined for the client device based on the activity. The access by the client device to the network resource is then modified to be granted based on the second reputation score.Type: GrantFiled: November 21, 2017Date of Patent: November 20, 2018Assignee: Hewlett Packard Enterprise Development LPInventors: Ramesh Ardeli, Hari Krishna Kurmala
-
Publication number: 20180331957Abstract: Examples disclosed herein relate to enforcing a policy to a packet stream based on a classification and a determination that a proxy connection is associated with the packet stream. In the example, the packet stream is received. In this example, a host value is determined for the packet stream. Also, in the example, it is determined whether the packet stream is associated with the proxy connection. Further, in the example, a classification is determined based on the host value. In this example, the policy is enforced for the packet stream based on the classification and the determination that the proxy connection is associated with the packet stream.Type: ApplicationFiled: November 5, 2015Publication date: November 15, 2018Inventors: Ramesh ARDELI, Venkatesan MARICHETTY, Hari Krishna KURMALA
-
Publication number: 20180092024Abstract: Methods and systems are described for intelligently steering client devices operating in an enterprise network system to an appropriate access point based on types of traffic on each client device and/or types of traffic on access points. In particular, client devices may be moved to a different access point when the wireless channel provided by a current access point fails to meet the signal strength requirements of latency sensitive traffic utilized by the client device. Client devices may be further steered to new access points based on load conditions on access points. For example, client devices with low priority traffic sessions may be steered away from access points with high traffic load levels. Accordingly, the methods and systems described herein ensure improved network access for latency sensitive access categories and/or access categories that are considered important to an enterprise system with minimal disruptions to these sessions.Type: ApplicationFiled: December 4, 2017Publication date: March 29, 2018Inventors: Ramesh ARDELI, Hari Krishna KURMALA, Vamsi KODAVANTY
-
Publication number: 20180077172Abstract: The present disclosure discloses a system and method for dynamically modifying role based access control for a client based on the activity. Generally, a client device is granted access to a network resource based on a first reputation score assigned to the client device. The activity of the client device is monitored. Responsive to monitoring the activity of the client device, a second reputation score is determined for the client device based on the activity. The access by the client device to the network resource is then modified to be granted based on the second reputation score.Type: ApplicationFiled: November 21, 2017Publication date: March 15, 2018Inventors: Ramesh Ardeli, Hari Krishna Kurmala
-
Patent number: 9848005Abstract: The present disclosure discloses a system and method for dynamically modifying role based access control for a client based on the activity. Generally, a client device is granted access to a network resource based on a first reputation score assigned to the client device. The activity of the client device is monitored. Responsive to monitoring the activity of the client device, a second reputation score is determined for the client device based on the activity. The access by the client device to the network resource is then modified to be granted based on the second reputation score.Type: GrantFiled: July 29, 2014Date of Patent: December 19, 2017Assignee: ARUBA NETWORKS, INC.Inventors: Ramesh Ardeli, Hari Krishna Kurmala
-
Patent number: 9838948Abstract: Methods and systems are described for intelligently steering client devices operating in an enterprise network system to an appropriate access point based on types of traffic on each client device and/or types of traffic on access points. In particular, client devices may be moved to a different access point when the wireless channel provided by a current access point fails to meet the signal strength requirements of latency sensitive traffic utilized by the client device. Client devices may be further steered to new access points based on load conditions on access points. For example, client devices with low priority traffic sessions may be steered away from access points with high traffic load levels. Accordingly, the methods and systems described herein ensure improved network access for latency sensitive access categories and/or access categories that are considered important to an enterprise system with minimal disruptions to these sessions.Type: GrantFiled: July 29, 2014Date of Patent: December 5, 2017Assignee: ARUBA NETWORKS, INC.Inventors: Ramesh Ardeli, Hari Krishna Kurmala, Vamsi Kodavanty