Patents by Inventor Jeffrey Napper
Jeffrey Napper has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20240298180Abstract: In one embodiment, a router includes one or more processors and one or more computer-readable non-transitory storage media coupled to the one or more processors. The one or more computer-readable non-transitory storage media include instructions that, when executed by the one or more processors, cause the router to perform operations including receiving software-defined networking in a wide area network (SD-WAN) policies from a component of an SD-WAN network. The operations also include establishing a session with a mobile device and receiving information associated with the mobile device in response to establishing the session with the mobile device. The operations further include filtering the SD-WAN policies based on the information associated with the mobile device to generate SD-WAN device-specific policies and communicating the SD-WAN device-specific policies to the mobile device.Type: ApplicationFiled: May 10, 2024Publication date: September 5, 2024Inventors: Stefan Olofsson, Ijsbrand Wijnands, Hendrikus G. P. Bosch, Jeffrey Napper, Anubhav Gupta
-
Publication number: 20240291734Abstract: Systems, methods, and computer-readable media for locally applying endpoint-specific policies to an endpoint in a network environment. A network device local to one or more endpoints in a network environment can receive from a centralized network controller one or more network-wide endpoint policies. A first endpoint of the one or more endpoints can be configured to inject policy metadata into first data traffic. Policy metadata injected into the first traffic data can be received from the first endpoint. The network device can determine one or more first endpoint-specific polices for the first endpoint by evaluation the first policy metadata with respect to the one or more network-wide endpoint policies. As follows, the one or more first endpoint-specific policies can be applied to control data traffic associated with the first endpoint.Type: ApplicationFiled: April 29, 2024Publication date: August 29, 2024Inventors: Alberto Rodriguez Natal, Hendrikus G.P. Bosch, Fabio Maino, Lars Olaf Stefan Olofsson, Jeffrey Napper, Anubhav Gupta
-
Patent number: 12063149Abstract: Systems, methods, and computer-readable media for locally applying endpoint-specific policies to an endpoint in a network environment. A network device local to one or more endpoints in a network environment can receive from a centralized network controller one or more network-wide endpoint policies. A first endpoint of the one or more endpoints can be configured to inject policy metadata into first data traffic. Policy metadata injected into the first traffic data can be received from the first endpoint. The network device can determine one or more first endpoint-specific polices for the first endpoint by evaluation the first policy metadata with respect to the one or more network-wide endpoint policies. As follows, the one or more first endpoint-specific policies can be applied to control data traffic associated with the first endpoint.Type: GrantFiled: July 17, 2023Date of Patent: August 13, 2024Assignee: Cisco Technology, Inc.Inventors: Alberto Rodriguez Natal, Hendrikus G. P. Bosch, Fabio Maino, Lars Olaf Stefan Olofsson, Jeffrey Napper, Anubhav Gupta
-
Patent number: 12052569Abstract: In one embodiment, a router includes one or more processors and one or more computer-readable non-transitory storage media coupled to the one or more processors. The one or more computer-readable non-transitory storage media include instructions that, when executed by the one or more processors, cause the router to perform operations including receiving software-defined networking in a wide area network (SD-WAN) policies from a component of an SD-WAN network. The operations also include establishing a session with a mobile device and receiving information associated with the mobile device in response to establishing the session with the mobile device. The operations further include filtering the SD-WAN policies based on the information associated with the mobile device to generate SD-WAN device-specific policies and communicating the SD-WAN device-specific policies to the mobile device.Type: GrantFiled: August 16, 2021Date of Patent: July 30, 2024Assignee: CISCO TECHNOLOGY, INC.Inventors: Stefan Olofsson, Ijsbrand Wijnands, Hendrikus G. P. Bosch, Jeffrey Napper, Anubhav Gupta
-
Publication number: 20230362067Abstract: Systems, methods, and computer-readable media for locally applying endpoint-specific policies to an endpoint in a network environment. A network device local to one or more endpoints in a network environment can receive from a centralized network controller one or more network-wide endpoint policies. A first endpoint of the one or more endpoints can be configured to inject policy metadata into first data traffic. Policy metadata injected into the first traffic data can be received from the first endpoint. The network device can determine one or more first endpoint-specific polices for the first endpoint by evaluation the first policy metadata with respect to the one or more network-wide endpoint policies. As follows, the one or more first endpoint-specific policies can be applied to control data traffic associated with the first endpoint.Type: ApplicationFiled: July 17, 2023Publication date: November 9, 2023Inventors: Alberto Rodriquez Natal, Hendrikus G.P. Bosch, Fabio Maino, Lars Olaf Stefan Olofsson, Jeffrey Napper, Anubhav Gupta
-
Patent number: 11743141Abstract: Systems, methods, and computer-readable media for locally applying endpoint-specific policies to an endpoint in a network environment. A network device local to one or more endpoints in a network environment can receive from a centralized network controller one or more network-wide endpoint policies. A first endpoint of the one or more endpoints can be configured to inject policy metadata into first data traffic. Policy metadata injected into the first traffic data can be received from the first endpoint. The network device can determine one or more first endpoint-specific polices for the first endpoint by evaluation the first policy metadata with respect to the one or more network-wide endpoint policies. As follows, the one or more first endpoint-specific policies can be applied to control data traffic associated with the first endpoint.Type: GrantFiled: November 30, 2021Date of Patent: August 29, 2023Assignee: Cisco Technology, Inc.Inventors: Alberto Rodriguez Natal, Hendrikus G. P. Bosch, Fabio Maino, Lars Olaf Stefan Olofsson, Jeffrey Napper, Anubhav Gupta
-
Patent number: 11617076Abstract: The present disclosure is directed to systems and methods for clientless virtual private network (VPN) roaming with 802.1x authentication and includes one or more processors and one or more computer-readable non-transitory storage media coupled to the one or more processors and comprising instructions that, when executed by the one or more processors, cause one or more components to perform operations including, receiving, at a local proxy, an 802.1x communication including authentication information from a remote device wirelessly connected to a visited network, wherein the remote device requests access to an enterprise network; authenticating the remote device with the enterprise network using the authentication information; establishing an encrypted tunnel between the visited network and the enterprise network; and transmitting data between the remote device and the enterprise network through the encrypted tunnel.Type: GrantFiled: June 15, 2020Date of Patent: March 28, 2023Assignee: CISCO TECHNOLOGY, INC.Inventors: Jeffrey Napper, Alessandro Duminuco, Hendrikus G. P. (Peter) Bosch
-
Patent number: 11509591Abstract: An example method is provided in one example embodiment and may include receiving traffic associated with at least one of a mobile network and a Gi-Local Area Network (data-plane), wherein the traffic comprises one or more packets; determining a classification of the traffic to a service chain, wherein the service chain comprises one or more service functions associated at least one of one or more mobile network services and one or more data-plane services; routing the traffic through the service chain; and routing the traffic to a network using one of a plurality of egress interfaces, wherein each egress interface of the plurality of egress interfaces is associated with at least one of the one or more mobile network services and the one or more data-plane services.Type: GrantFiled: May 28, 2021Date of Patent: November 22, 2022Assignee: Cisco Technology, Inc.Inventors: Hendrikus G. P. Bosch, Jeffrey Napper, Alessandro Duminuco, Humberto J. La Roche, Sape Jurriën Mullender, Surendra M. Kumar, Louis Gwyn Samuel, Bart A. Brinckman, Aeneas Sean Dodd-Noble, Luca Martini
-
Patent number: 11405438Abstract: Techniques for provisioning multicast chains in a cloud-based environment are described herein. In an embodiment, an orchestration system sends a particular model of a distributed computer program application comprising one or more sources, destinations, and virtualized appliances for initiation by one or more host computers to a software-defined networking (SDN) controller. The SDN controller determines one or more locations for the virtualized appliances and generates a particular updated model of the distributed computer program application, the updated model comprising the one or more locations for the virtualized appliances. The SDN controller sends the updated model of the distributed computer program application to the orchestration system.Type: GrantFiled: May 1, 2018Date of Patent: August 2, 2022Assignee: Cisco Technology, Inc.Inventors: Hendrikus Gp Bosch, Jeffrey Napper, Andre Surcouf, Alessandro Duminuco, Subhasri Dhesikan, Sape Jurriën Mullender
-
Publication number: 20220086061Abstract: Systems, methods, and computer-readable media for locally applying endpoint-specific policies to an endpoint in a network environment. A network device local to one or more endpoints in a network environment can receive from a centralized network controller one or more network-wide endpoint policies. A first endpoint of the one or more endpoints can be configured to inject policy metadata into first data traffic. Policy metadata injected into the first traffic data can be received from the first endpoint. The network device can determine one or more first endpoint-specific polices for the first endpoint by evaluation the first policy metadata with respect to the one or more network-wide endpoint policies. As follows, the one or more first endpoint-specific policies can be applied to control data traffic associated with the first endpoint.Type: ApplicationFiled: November 30, 2021Publication date: March 17, 2022Inventors: Alberto Rodriguez Natal, Hendrikus G.P. Bosch, Fabio Maino, Lars Olaf Stefan Olofsson, Jeffrey Napper, Anubhav Gupta
-
Patent number: 11277337Abstract: In one embodiment, a method includes detecting a request to route traffic to a service associated with an application. The method also includes identifying an application identifier associated with the application and selecting, using the application identifier, a label from a plurality of labels included in a routing table. The label includes one or more routes. The method further includes routing the traffic to the service associated with the application using the label.Type: GrantFiled: January 23, 2020Date of Patent: March 15, 2022Assignee: CISCO TECHNOLOGY, INC.Inventors: Hendrikus G. P. Bosch, Stefan Olofsson, Ijsbrand Wijnands, Anubhav Gupta, Jeffrey Napper, Sape Jurriën Mullender
-
Publication number: 20210399991Abstract: An example method is provided in one example embodiment and may include receiving traffic associated with at least one of a mobile network and a Gi-Local Area Network (Gi-LAN), wherein the traffic comprises one or more packets; determining a classification of the traffic to a service chain, wherein the service chain comprises one or more service functions associated at least one of one or more mobile network services and one or more Gi-LAN services; routing the traffic through the service chain; and routing the traffic to a network using one of a plurality of egress interfaces, wherein each egress interface of the plurality of egress interfaces is associated with at least one of the one or more mobile network services and the one or more Gi-LAN services.Type: ApplicationFiled: May 28, 2021Publication date: December 23, 2021Inventors: Hendrikus G.P. BOSCH, Jeffrey NAPPER, Alessandro DUMINUCO, Humberto J. LA ROCHE, Sape Jurriën MULLENDER, Surendra M. KUMAR, Louis Gwyn SAMUEL, Bart A. BRINCKMAN, Aeneas Sean DODD-NOBLE, Luca MARTINI
-
Publication number: 20210392492Abstract: The present disclosure is directed to systems and methods for clientless virtual private network (VPN) roaming with 802.1x authentication and includes one or more processors and one or more computer-readable non-transitory storage media coupled to the one or more processors and comprising instructions that, when executed by the one or more processors, cause one or more components to perform operations including, receiving, at a local proxy, an 802.1x communication including authentication information from a remote device wirelessly connected to a visited network, wherein the remote device requests access to an enterprise network; authenticating the remote device with the enterprise network using the authentication information; establishing an encrypted tunnel between the visited network and the enterprise network; and transmitting data between the remote device and the enterprise network through the encrypted tunnel.Type: ApplicationFiled: June 15, 2020Publication date: December 16, 2021Inventors: Jeffrey Napper, Alessandro Duminuco, Hendrikus G.P. (Peter) Bosch
-
Patent number: 11201800Abstract: Systems, methods, and computer-readable media for locally applying endpoint-specific policies to an endpoint in a network environment. A network device local to one or more endpoints in a network environment can receive from a centralized network controller one or more network-wide endpoint policies. A first endpoint of the one or more endpoints can be configured to inject policy metadata into first data traffic. Policy metadata injected into the first traffic data can be received from the first endpoint. The network device can determine one or more first endpoint-specific polices for the first endpoint by evaluation the first policy metadata with respect to the one or more network-wide endpoint policies. As follows, the one or more first endpoint-specific policies can be applied to control data traffic associated with the first endpoint.Type: GrantFiled: February 5, 2020Date of Patent: December 14, 2021Assignee: CISCO TECHNOLOGY, INC.Inventors: Alberto Rodriguez Natal, Hendrikus G. P. Bosch, Fabio Maino, Lars Olaf Stefan Olofsson, Jeffrey Napper, Anubhav Gupta
-
Publication number: 20210369309Abstract: In one embodiment, a router includes one or more processors and one or more computer-readable non-transitory storage media coupled to the one or more processors. The one or more computer-readable non-transitory storage media include instructions that, when executed by the one or more processors, cause the router to perform operations including receiving software-defined networking in a wide area network (SD-WAN) policies from a component of an SD-WAN network. The operations also include establishing a session with a mobile device and receiving information associated with the mobile device in response to establishing the session with the mobile device. The operations further include filtering the SD-WAN policies based on the information associated with the mobile device to generate SD-WAN device-specific policies and communicating the SD-WAN device-specific policies to the mobile device.Type: ApplicationFiled: August 16, 2021Publication date: December 2, 2021Inventors: Stefan Olofsson, Ijsbrand Wijnands, Hendrikus G.P. Bosch, Jeffrey Napper, Anubhav Gupta
-
Patent number: 11190445Abstract: A method is provided in one example embodiment and may include determining at a parent content node that a plurality of recipient content nodes are to receive a same content; generating, based on a determination that the same content is available at the parent content node, a multi-delivery header comprising a plurality of identifiers, wherein each identifier of the plurality of identifiers indicates each recipient content node that is to receive the same content; appending the multi-delivery header to one or more packets of an Internet Protocol (IP) flow associated with the same content; and transmitting packets for the IP flow to each of the plurality of the recipient content nodes.Type: GrantFiled: August 5, 2019Date of Patent: November 30, 2021Assignee: CISCO TECHNOLOGY, INC.Inventors: Hendrikus G. P. Bosch, Sape Jurriën Mullender, Keith Burns, Jeffrey Napper, William Mark Townsley, Alessandro Duminuco, Andre Surcouf, Ijsbrand Wijnands, Humberto J. La Roche
-
Patent number: 11146620Abstract: The present disclosure involves systems and methods for (a) model distributed applications for multi-cloud deployments, (b) derive, by way of policy, executable orchestrator descriptors, (c) model underlying (cloud) services (private, public, server-less and virtual-private) as distributed applications themselves, (d) dynamically create such cloud services if these are unavailable for the distributed application, (e) manage those resources equivalent to the way distributed applications are managed; and (f) present how these techniques are stackable. As applications may be built on top of cloud services, which themselves can be built on top of other cloud services (e.g., virtual private clouds on public cloud, etc.) even cloud services themselves may be considered applications in their own right, thus supporting putting cloud services on top of other cloud services.Type: GrantFiled: February 19, 2018Date of Patent: October 12, 2021Assignee: CISCO TECHNOLOGY, INC.Inventors: Peter Bosch, Jeffrey Napper, Alessandro Duminuco, Michael Francis O'Gorman, Sean Chandler, Roman Sorokin, David Delano Ward, Baton Daullxhi, Florin Stelian Balus
-
Patent number: 11129023Abstract: In one embodiment, a router includes one or more processors and one or more computer-readable non-transitory storage media coupled to the one or more processors. The one or more computer-readable non-transitory storage media include instructions that, when executed by the one or more processors, cause the router to perform operations including receiving software-defined networking in a wide area network (SD-WAN) policies from a component of an SD-WAN network. The operations also include establishing a session with a mobile device and receiving information associated with the mobile device in response to establishing the session with the mobile device. The operations further include filtering the SD-WAN policies based on the information associated with the mobile device to generate SD-WAN device-specific policies and communicating the SD-WAN device-specific policies to the mobile device.Type: GrantFiled: September 18, 2019Date of Patent: September 21, 2021Assignee: Cisco Technology, Inc.Inventors: Stefan Olofsson, Ijsbrand Wijnands, Hendrikus G. P. Bosch, Jeffrey Napper, Anubhav Gupta
-
Patent number: 11115387Abstract: Systems, methods, and computer-readable storage media are provided for managing application traffic. A routing policy defines the data flow path between the client device (which uses a virtual private network (VPN) client) and the appropriate network-based service. Based on various factors associated with the user, the client device, and the destination (e.g. network-based service), the routing policy will direct the VPN client to communicate with either a public DNS (via the public Internet) or to a private DNS (via the private Intranet). The resulting IP addresses will be used to establish a particular route (either over a public Internet or private Intranet) between the client device and the network-based service in accordance to the routing policy.Type: GrantFiled: April 2, 2019Date of Patent: September 7, 2021Assignee: Cisco Technology, Inc.Inventors: Peter Bosch, Alessandro Duminuco, Jeffrey Napper, Sape Jurrien Mullender, David Delano Ward
-
Patent number: 11044203Abstract: An example method is provided in one example embodiment and may include receiving traffic associated with at least one of a mobile network and a Gi-Local Area Network (Gi-LAN), wherein the traffic comprises one or more packets; determining a classification of the traffic to a service chain, wherein the service chain comprises one or more service functions associated at least one of one or more mobile network services and one or more Gi-LAN services; routing the traffic through the service chain; and routing the traffic to a network using one of a plurality of egress interfaces, wherein each egress interface of the plurality of egress interfaces is associated with at least one of the one or more mobile network services and the one or more Gi-LAN services.Type: GrantFiled: June 2, 2016Date of Patent: June 22, 2021Assignee: Cisco Technology, Inc.Inventors: Hendrikus G. P. Bosch, Jeffrey Napper, Alessandro Duminuco, Humberto J. La Roche, Sape Jurriën Mullender, Surendra M. Kumar, Louis Gwyn Samuel, Bart A. Brinckman, Aeneas Sean Dodd-Noble, Luca Martini