Patents by Inventor Kevin M. Worth

Kevin M. Worth has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Publication number: 20220329526
    Abstract: A system for facilitating data transmission in a switch is provided. During operation, the system can obtain one or more sets of configuration parameters for a plurality of traffic policing filters of the switch. A respective traffic policing filter can correspond to a token bucket. A number of tokens in the token bucket can indicate whether to forward a packet associated with the traffic policing filter. The system can determine the token allocation frequencies for the plurality of traffic policing filters based on the one or more sets of configuration parameters. The system can then select a sampling interval from the token allocation frequencies based on a selection policy and determine a performance rate for the plurality of traffic policing filters based on the sampling interval.
    Type: Application
    Filed: April 9, 2021
    Publication date: October 13, 2022
    Inventors: Shen Li, Kevin M. Worth, Christian Elton Cleveland, Matthew Lee Deter
  • Patent number: 11456958
    Abstract: A system for facilitating data transmission in a switch is provided. During operation, the system can obtain one or more sets of configuration parameters for a plurality of traffic policing filters of the switch. A respective traffic policing filter can correspond to a token bucket. A number of tokens in the token bucket can indicate whether to forward a packet associated with the traffic policing filter. The system can determine the token allocation frequencies for the plurality of traffic policing filters based on the one or more sets of configuration parameters. The system can then select a sampling interval from the token allocation frequencies based on a selection policy and determine a performance rate for the plurality of traffic policing filters based on the sampling interval.
    Type: Grant
    Filed: April 9, 2021
    Date of Patent: September 27, 2022
    Assignee: Hewlett Packard Enterprise Development LP
    Inventors: Shen Li, Kevin M. Worth, Christian Elton Cleveland, Matthew Lee Deter
  • Patent number: 11206264
    Abstract: Systems and methods are provided for minimizing traffic leaks during replacement of an access control list for a network interface. The method includes adding a blocking access control entry to an access control list for a network interface of a network switch, wherein the blocking entry causes the network interface to block traffic from passing through the network interface; removing one or more current access control entries from the access control list, except for the blocking entry, after adding the blocking entry to the access control list; adding one or more new access control entries to the access control list, without removing the blocking entry, after removing the one or more current access control entries from the access control list; and removing the blocking entry from the access control list after adding the one or more new access control entries to the access control list.
    Type: Grant
    Filed: November 30, 2018
    Date of Patent: December 21, 2021
    Assignee: Hewlett Packard Enterprise Development LP
    Inventors: Matthew Lee Deter, Christian E. Cleveland, Lisa Pinio, Kevin M. Worth
  • Publication number: 20210328890
    Abstract: Methods and system for supporting multiple management interfaces using a network analytics engine. The network analytics engine can run on a core switch for performing data collection and monitoring of network traffic through the switch. The switch can receive a first list including a first set of network packet parameters for monitoring network traffic using certain monitoring criteria. Then, the switch can receive a second list including a second set of network packet parameters for monitoring network traffic in accordance using different monitoring criteria. The switch can generate a concatenated list including the first list and the single list to form a single set of packet parameters. Concatenation may be consistent with a determined sequential order and priorities assigned to the lists. The switch can be programmed with the concatenated list such that network monitoring is accomplished using both monitoring criteria, while only implemented a single concatenated list.
    Type: Application
    Filed: July 1, 2021
    Publication date: October 21, 2021
    Inventors: Shen Li, Kevin M. Worth, Lisa Pinio
  • Patent number: 11082311
    Abstract: Methods and system for supporting multiple management interfaces using a network analytics engine. The network analytics engine can run on a core switch for performing data collection and monitoring of network traffic through the switch. The switch can receive a first list including a first set of network packet parameters for monitoring network traffic using certain monitoring criteria. Then, the switch can receive a second list including a second set of network packet parameters for monitoring network traffic in accordance using different monitoring criteria. The switch can generate a concatenated list including the first list and the single list to form a single set of packet parameters. Concatenation may be consistent with a determined sequential order and priorities assigned to the lists. The switch can be programmed with the concatenated list such that network monitoring is accomplished using both monitoring criteria, while only implemented a single concatenated list.
    Type: Grant
    Filed: June 6, 2019
    Date of Patent: August 3, 2021
    Assignee: Hewlett Packard Enterprise Development LP
    Inventors: Shen Li, Kevin M. Worth, Lisa Pinio
  • Publication number: 20200389376
    Abstract: Methods and system for supporting multiple management interfaces using a network analytics engine. The network analytics engine can run on a core switch for performing data collection and monitoring of network traffic through the switch. The switch can receive a first list including a first set of network packet parameters for monitoring network traffic using certain monitoring criteria. Then, the switch can receive a second list including a second set of network packet parameters for monitoring network traffic in accordance using different monitoring criteria. The switch can generate a concatenated list including the first list and the single list to form a single set of packet parameters. Concatenation may be consistent with a determined sequential order and priorities assigned to the lists. The switch can be programmed with the concatenated list such that network monitoring is accomplished using both monitoring criteria, while only implemented a single concatenated list.
    Type: Application
    Filed: June 6, 2019
    Publication date: December 10, 2020
    Inventors: SHEN LI, KEVIN M. WORTH, LISA PINIO
  • Publication number: 20200177594
    Abstract: Systems and methods are provided for minimizing traffic leaks during replacement of an access control list for a network interface. The method includes adding a blocking access control entry to an access control list for a network interface of a network switch, wherein the blocking entry causes the network interface to block traffic from passing through the network interface; removing one or more current access control entries from the access control list, except for the blocking entry, after adding the blocking entry to the access control list; adding one or more new access control entries to the access control list, without removing the blocking entry, after removing the one or more current access control entries from the access control list; and removing the blocking entry from the access control list after adding the one or more new access control entries to the access control list.
    Type: Application
    Filed: November 30, 2018
    Publication date: June 4, 2020
    Inventors: MATTHEW LEE DETER, CHRISTIAN E. CLEVELAND, LISA PINIO, KEVIN M. WORTH
  • Publication number: 20170302577
    Abstract: In some examples, a method includes determining a hash value for a received data packet, determining whether the determined hash value matches a hash value for an entry in a hash-to-port mapping table, determining whether a port mapping age associated with the matched entry satisfies an age criteria, and assigning a forwarding port for the received data packet based on the determination of whether the port mapping age associated with the matched entry satisfies the age criteria.
    Type: Application
    Filed: April 30, 2015
    Publication date: October 19, 2017
    Inventors: Kevin M. WORTH, Shawn E. REYNOLDS, Jay G. SCHUDEL
  • Patent number: 9521154
    Abstract: Methods, media, and computing devices for network security can include receiving flow sampled network traffic from multiple network devices with a network monitoring computing device for network traffic among multiple computing devices, comparing source ports and destination ports in the flow sampled network traffic to a list of approved ports with the network monitoring computing device, and detecting suspicious network activity for flow sampled network traffic having a source port and a destination port exceptional to the list of approved ports with the network monitoring computing device. Alternatively, a suspicious network activity list can be maintained for flow sampled network traffic having source and destination ports exceptional to the list of approved ports. Alternatively, a network administrator can be alerted when a port is added to the suspicious network activity list in response to a total number of ports in the suspicious network activity list exceeding a threshold number.
    Type: Grant
    Filed: August 3, 2011
    Date of Patent: December 13, 2016
    Assignee: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP
    Inventor: Kevin M. Worth
  • Publication number: 20130318238
    Abstract: Sampling network traffic includes: loading a packet sampling module into a processor-based network device coupled to a network; determining with the packet sampling module if a network packet addressed to or from the network device is selected for sampling; and transmitting data from the network packet over the network to a monitoring device external to the network device if the network packet is selected for sampling.
    Type: Application
    Filed: March 11, 2011
    Publication date: November 28, 2013
    Inventors: Matthew Richard Thomas Hall, Reinoud Jelmer Jeroen Koornstra, Kevin M. Worth
  • Publication number: 20130036469
    Abstract: Methods, media, and computing devices for network security can include receiving flow sampled network traffic from multiple network devices with a network monitoring computing device for network traffic among multiple computing devices, comparing source ports and destination ports in the flow sampled network traffic to a list of approved ports with the network monitoring computing device, and detecting suspicious network activity for flow sampled network traffic having a source port and a destination port exceptional to the list of approved ports with the network monitoring computing device. Alternatively, a suspicious network activity list can be maintained for flow sampled network traffic having source and destination ports exceptional to the list of approved ports. Alternatively, a network administrator can be alerted when a port is added to the suspicious network activity list in response to a total number of ports in the suspicious network activity list exceeding a threshold number.
    Type: Application
    Filed: August 3, 2011
    Publication date: February 7, 2013
    Inventor: Kevin M. Worth