Patents by Inventor Manish TALWAR
Manish TALWAR has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11968232Abstract: In some implementations, a network device may determine, based on a routing table, a plurality of routing paths from the network device to another network device, wherein the plurality of routing paths are respectively associated with a plurality of security classifications. The network device may receive network traffic that is destined for the other network device and that is associated with a particular security classification of the plurality of security classifications. The network device may forward the network traffic based on a particular routing path, of the plurality of routing paths, that is associated with the other network device and the particular security classification.Type: GrantFiled: December 8, 2021Date of Patent: April 23, 2024Assignee: Juniper Networks, Inc.Inventors: Manish Talwar, Ronald Bonica, Ajay Kachrani
-
Publication number: 20240106744Abstract: In some implementations, an egress network device of a multiprotocol label switching (MPLS) network may exchange Internet key exchange (IKE) messages with an ingress network device of the MPLS network to establish a security association between the egress network device and the ingress network device. The egress network device may receive an MPLS packet that includes an MPLS header, a secure MPLS data header, and an MPLS payload. The egress network device may process the MPLS header to determine a label associated with a label-switched path (LSP) and a secure function indicator. The egress network device may decrypt, using a secure function identified based on the secure MPLS data header, the MPLS payload to generate a decrypted packet. The egress network device may transmit the decrypted packet towards a destination device.Type: ApplicationFiled: December 7, 2023Publication date: March 28, 2024Inventors: Tarek SAAD, Manish TALWAR, Raveendra TORVI, Ajay KACHRANI, Kireeti KOMPELLA
-
Patent number: 11882029Abstract: In some implementations, an ingress network device of a multiprotocol label switching (MPLS) network may receive a packet destined for a destination network device. The ingress network device may determine, based on the packet, a secure function to secure the packet and a label associated with a label-switched path (LSP) from the ingress network device to an egress network device of the MPLS network that is associated with the destination network device. The ingress network device may encrypt, using the secure function, the packet to generate an encrypted packet. The ingress network device may generate an MPLS packet comprising: an MPLS header that includes the label and a secure function indicator, a secure MPLS data header that includes information identifying the secure function, and an MPLS payload that includes the encrypted packet. The ingress network device may forward, based on the label, the MPLS packet.Type: GrantFiled: May 13, 2022Date of Patent: January 23, 2024Assignee: Juniper Networks, Inc.Inventors: Tarek Saad, Manish Talwar, Raveendra Torvi, Ajay Kachrani, Kireeti Kompella
-
Publication number: 20230370369Abstract: In some implementations, an ingress network device of a multiprotocol label switching (MPLS) network may receive a packet destined for a destination network device. The ingress network device may determine, based on the packet, a secure function to secure the packet and a label associated with a label-switched path (LSP) from the ingress network device to an egress network device of the MPLS network that is associated with the destination network device. The ingress network device may encrypt, using the secure function, the packet to generate an encrypted packet. The ingress network device may generate an MPLS packet comprising: an MPLS header that includes the label and a secure function indicator, a secure MPLS data header that includes information identifying the secure function, and an MPLS payload that includes the encrypted packet. The ingress network device may forward, based on the label, the MPLS packet.Type: ApplicationFiled: May 13, 2022Publication date: November 16, 2023Inventors: Tarek SAAD, Manish TALWAR, Raveendra TORVI, Ajay KACHRANI, Kireeti KOMPELLA
-
Publication number: 20230179633Abstract: In some implementations, a network device may determine, based on a routing table, a plurality of routing paths from the network device to another network device, wherein the plurality of routing paths are respectively associated with a plurality of security classifications. The network device may receive network traffic that is destined for the other network device and that is associated with a particular security classification of the plurality of security classifications. The network device may forward the network traffic based on a particular routing path, of the plurality of routing paths, that is associated with the other network device and the particular security classification.Type: ApplicationFiled: December 8, 2021Publication date: June 8, 2023Inventors: Manish TALWAR, Ronald BONICA, Ajay KACHRANI
-
Publication number: 20220286394Abstract: Disclosed embodiments utilize a layer three and/or layer four protocol to collect physical layer properties along a multi-hop network path between a source node and a destination node. The use of a layer three or layer four protocol provides an ability to span multiple links or networks between the source node and destination node, while also collecting the physical layer properties. Once physical layer properties along a network path can be understood, decisions relating to the configuration of the network path and/or whether to communicate via the network path are improved.Type: ApplicationFiled: May 24, 2022Publication date: September 8, 2022Inventors: Manish Talwar, Ajay Kachrani, Gert Grammel, Hao Wang, Tanweer Biswas
-
Patent number: 11405315Abstract: Disclosed embodiments utilize a layer three and/or layer four protocol to collect physical layer properties along a multi-hop network path between a source node and a destination node. The use of a layer three or layer four protocol provides an ability to span multiple links or networks between the source node and destination node, while also collecting the physical layer properties. Once physical layer properties along a network path can be understood, decisions relating to the configuration of the network path and/or whether to communicate via the network path are improved.Type: GrantFiled: September 25, 2020Date of Patent: August 2, 2022Assignee: Juniper Networks, Inc.Inventors: Manish Talwar, Ajay Kachrani, Gert Grammel, Hao Wang, Tanweer Biswas
-
Patent number: 11336647Abstract: Embodiments improve error detection and recovery in media access control security sessions. A MACsec session is torn down after three liveness time intervals elapse without receiving a MACsec key exchange protocol data unit (MKPDU) from a remote peer. This delay between a cessation of effective network communication over the MACsec session and the expiration of the three “liveness” intervals results in increased packet loss and an increased network convergence time as a network continues to route/forward data over the MACsec session for a period of time after the MACsec session has entered secure block mode. To solve this problem, embodiments define a new alarm, called a MACsec link alert, which is raised earlier than a MACsec session timeout generated by traditional embodiments. The MACsec link alert is raised, by at least some embodiments, after a failure to successfully receive an MKPDU from the remote peer after a single MACsec “liveness” timeout interval elapses.Type: GrantFiled: September 30, 2020Date of Patent: May 17, 2022Assignee: Juniper Networks, Inc.Inventors: Manish Talwar, Ajay Kachrani, Gert Grammel, Hao Wang, Tanweer Biswas
-
Publication number: 20220103551Abstract: Embodiments improve error detection and recovery in media access control security sessions. A MACsec session is torn down after three liveness time intervals elapse without receiving a MACsec key exchange protocol data unit (MKPDU) from a remote peer. This delay between a cessation of effective network communication over the MACsec session and the expiration of the three “liveness” intervals results in increased packet loss and an increased network convergence time as a network continues to route/forward data over the MACsec session for a period of time after the MACsec session has entered secure block mode. To solve this problem, embodiments define a new alarm, called a MACsec link alert, which is raised earlier than a MACsec session timeout generated by traditional embodiments. The MACsec link alert is raised, by at least some embodiments, after a failure to successfully receive an MKPDU from the remote peer after a single MACsec “liveness” timeout interval elapses.Type: ApplicationFiled: September 30, 2020Publication date: March 31, 2022Inventors: Manish Talwar, Ajay Kachrani, Gert Grammel, Hao Wang, Tanweer Biswas
-
Publication number: 20220103473Abstract: Disclosed embodiments utilize a layer three and/or layer four protocol to collect physical layer properties along a multi-hop network path between a source node and a destination node. The use of a layer three or layer four protocol provides an ability to span multiple links or networks between the source node and destination node, while also collecting the physical layer properties. Once physical layer properties along a network path can be understood, decisions relating to the configuration of the network path and/or whether to communicate via the network path are improved.Type: ApplicationFiled: September 25, 2020Publication date: March 31, 2022Inventors: Manish Talwar, Ajay Kachrani, Gert Grammel, Hao Wang, Tanweer Biswas
-
Patent number: 10735333Abstract: In some embodiments, an apparatus comprises an optical transponder which includes a processor, an electrical interface and an optical interface. The processor is operatively coupled to the electrical interface and the optical interface. The optical interface is configured to be operatively coupled to a plurality of optical links and the electrical interface is configured to be operatively coupled to a router such that the optical transponder is configured to be operatively coupled between the plurality of optical links and the router. The processor is configured to perform pre-forward error correction (FEC) bit error rate (BER) detection to identify a degradation of an optical link from the plurality of optical links. The processor is configured to make modifications to packets designated to be transmitted via the optical link in response to the degradation being identified such that the router is notified of the degradation of the optical link.Type: GrantFiled: February 22, 2019Date of Patent: August 4, 2020Assignee: Juniper Networks, Inc.Inventors: Ajay Kachrani, Manish Talwar, Elmer Tolentino, Rathi Kartheek, Hao Wang
-
Patent number: 10425345Abstract: In some embodiments, an apparatus comprises an optical transponder which includes a processor, an electrical interface and an optical interface. The processor is operatively coupled to the electrical interface and the optical interface. The optical interface is configured to be operatively coupled to a plurality of optical links and the electrical interface is configured to be operatively coupled to a router such that the optical transponder is configured to be operatively coupled between the plurality of optical links and the router. The processor is configured to perform pre-forward error correction (FEC) bit error rate (BER) detection to identify a degradation of an optical link from the plurality of optical links. The processor is configured to make modifications to packets designated to be transmitted via the optical link in response to the degradation being identified such that the router is notified of the degradation of the optical link.Type: GrantFiled: September 29, 2017Date of Patent: September 24, 2019Assignee: Juniper Networks, Inc.Inventors: Ajay Kachrani, Manish Talwar, Elmer Tolentino, Rathi Kartheek, Hao Wang
-
Publication number: 20190260684Abstract: In some embodiments, an apparatus comprises an optical transponder which includes a processor, an electrical interface and an optical interface. The processor is operatively coupled to the electrical interface and the optical interface. The optical interface is configured to be operatively coupled to a plurality of optical links and the electrical interface is configured to be operatively coupled to a router such that the optical transponder is configured to be operatively coupled between the plurality of optical links and the router. The processor is configured to perform pre-forward error correction (FEC) bit error rate (BER) detection to identify a degradation of an optical link from the plurality of optical links. The processor is configured to make modifications to packets designated to be transmitted via the optical link in response to the degradation being identified such that the router is notified of the degradation of the optical link.Type: ApplicationFiled: February 22, 2019Publication date: August 22, 2019Applicant: Juniper Networks, Inc.Inventors: Ajay KACHRANI, Manish TALWAR, Elmer TOLENTINO, Rathi KARTHEEK, Hao WANG
-
Patent number: 10257102Abstract: In some embodiments, an apparatus comprises an optical transponder which includes a processor, an electrical interface and an optical interface. The processor is operatively coupled to the electrical interface and the optical interface. The optical interface is configured to be operatively coupled to a plurality of optical links and the electrical interface is configured to be operatively coupled to a router such that the optical transponder is configured to be operatively coupled between the plurality of optical links and the router. The processor is configured to perform pre-forward error correction (FEC) bit error rate (BER) detection to identify a degradation of an optical link from the plurality of optical links. The processor is configured to make modifications to packets designated to be transmitted via the optical link in response to the degradation being identified such that the router is notified of the degradation of the optical link.Type: GrantFiled: September 29, 2017Date of Patent: April 9, 2019Assignee: Juniper Networks, Inc.Inventors: Ajay Kachrani, Manish Talwar, Elmer Tolentino, Rathi Kartheek, Hao Wang
-
Publication number: 20190104078Abstract: In some embodiments, an apparatus comprises an optical transponder which includes a processor, an electrical interface and an optical interface. The processor is operatively coupled to the electrical interface and the optical interface. The optical interface is configured to be operatively coupled to a plurality of optical links and the electrical interface is configured to be operatively coupled to a router such that the optical transponder is configured to be operatively coupled between the plurality of optical links and the router. The processor is configured to perform pre-forward error correction (FEC) bit error rate (BER) detection to identify a degradation of an optical link from the plurality of optical links. The processor is configured to make modifications to packets designated to be transmitted via the optical link in response to the degradation being identified such that the router is notified of the degradation of the optical link.Type: ApplicationFiled: September 29, 2017Publication date: April 4, 2019Applicant: Juniper Networks, Inc.Inventors: Ajay KACHRANI, Manish TALWAR, Elmer TOLENTINO, Rathi KARTHEEK, Hao WANG