Patents by Inventor Pauline Shuen
Pauline Shuen has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 9369304Abstract: In one embodiment, a subnet-scoped multicast packet is received on an interface of a forwarding device that is connected to a host device of a subnet of a forwarding domain. The received subnet-scoped multicast packet is transmitted from one or more other interfaces of the forwarding device that are connected to one or more other host devices of the subnet. The received subnet-scoped multicast packet is also encapsulated with an additional header. The encapsulated subnet-scoped multicast packet is forwarded from the forwarding device to an intermediate router which routes the encapsulated subnet-scoped multicast packet to one or more other forwarding devices configured to decapsulate the encapsulated subnet-scoped multicast packet and transmit the decapsulated subnet-scoped multicast packet to one or more connected host devices of an additional portion of the subnet.Type: GrantFiled: March 11, 2014Date of Patent: June 14, 2016Assignee: CISCO TECHNOLOGY, INC.Inventors: Navindra Yadav, James Rivers, Gnanaprakasam Pandian, Pauline Shuen, Scott Emery
-
Patent number: 9264895Abstract: A detection-based defense to a wireless network. Elements of the infrastructure, e.g., access points or scanning-only access points, detect intruders by detecting spoofed frames, such as from rogue access points. Access points include a signature, such as a message integrity check, with their management frames in a manner that enables neighboring access points to be able to validate the management frames, and to detect spoofed frames. When a neighboring access point receives a management frame, obtains a key for the access point sending the frame, and validates the management frame using the key.Type: GrantFiled: August 12, 2013Date of Patent: February 16, 2016Assignee: Cisco Technology, Inc.Inventors: Mark Krischer, Nancy Cam-Winget, Sheausong Yang, Ajit Sanzgiri, Timothy Olson, Pauline Shuen
-
Publication number: 20140192806Abstract: In one embodiment, a subnet-scoped multicast packet is received on an interface of a forwarding device that is connected to a host device of a subnet of a forwarding domain. The received subnet-scoped multicast packet is transmitted from one or more other interfaces of the forwarding device that are connected to one or more other host devices of the subnet. The received subnet-scoped multicast packet is also encapsulated with an additional header. The encapsulated subnet-scoped multicast packet is forwarded from the forwarding device to an intermediate router which routes the encapsulated subnet-scoped multicast packet to one or more other forwarding devices configured to decapsulate the encapsulated subnet-scoped multicast packet and transmit the decapsulated subnet-scoped multicast packet to one or more connected host devices of an additional portion of the subnet.Type: ApplicationFiled: March 11, 2014Publication date: July 10, 2014Applicant: Cisco Technology, IncInventors: Navindra Yadav, James Rivers, Guanaprakasam Pandian, Pauline Shuen, Scott Emery
-
Patent number: 8705528Abstract: In one embodiment, a subnet-scoped multicast packet is received on an interface of a forwarding device that is connected to a host device of a subnet of a forwarding domain. The received subnet-scoped multicast packet is transmitted from one or more other interfaces of the forwarding device that are connected to one or more other host devices of the subnet. The received subnet-scoped multicast packet is also encapsulated with an additional header. The encapsulated subnet-scoped multicast packet is forwarded from the forwarding device to an intermediate router which routes the encapsulated subnet-scoped multicast packet to one or more other forwarding devices configured to decapsulate the encapsulated subnet-scoped multicast packet and transmit the decapsulated subnet-scoped multicast packet to one or more connected host devices of an additional portion of the subnet.Type: GrantFiled: April 25, 2012Date of Patent: April 22, 2014Assignee: Cisco Technology, Inc.Inventors: Navindra Yadav, James Rivers, Gnanaprakasam Pandian, Pauline Shuen, Scott Emery
-
Patent number: 8687523Abstract: Various systems and methods for integrating ring-protocol-compatible devices into network configurations that also include non-ring-protocol-compatible devices are disclosed. One such method, which can be performed by a network node that supports a ring protocol, involves generating a ring protocol packet and sending that ring protocol packet to a neighboring node. The ring protocol packet includes information, and the presence of this information within the packet causes a network device that receives the ring protocol packet to drop the ring protocol packet unless the network device supports a ring protocol. The information can include a reserved address (e.g., in the destination address field of the packet) as well as a ring protocol identifier.Type: GrantFiled: January 13, 2012Date of Patent: April 1, 2014Assignee: Cisco Technology, Inc.Inventors: Lionel Florit, Robert W. Klessig, Francois E. Tallet, Pauline Shuen
-
Patent number: 8661518Abstract: Embodiments of an N-Port ID virtualization (NPIV) proxy module, NPIV proxy switching system, and methods are generally described herein. Other embodiments may be described and claimed. In some embodiments, login requests are distributed over a plurality of available N-ports to allow servers to be functionally coupled to F-ports of a plurality of fiber-channel (FC) switches. Fiber-channel identifiers (FCIDs) are assigned to the servers in response to the logon requests to provide single end-host operations for each of the servers.Type: GrantFiled: June 13, 2007Date of Patent: February 25, 2014Assignee: Cisco Technology, Inc.Inventors: Krishna Doddapaneni, Chaitanya Kodeboyina, J.R. Rivers, Pauline Shuen
-
Publication number: 20130333012Abstract: A detection-based defense to a wireless network. Elements of the infrastructure, e.g., access points or scanning-only access points, detect intruders by detecting spoofed frames, such as from rogue access points. Access points include a signature, such as a message integrity check, with their management frames in a manner that enables neighboring access points to be able to validate the management frames, and to detect spoofed frames. When a neighboring access point receives a management frame, obtains a key for the access point sending the frame, and validates the management frame using the key.Type: ApplicationFiled: August 12, 2013Publication date: December 12, 2013Applicant: Cisco Technology, Inc.Inventors: Mark KRISCHER, Nancy CAM-WINGET, Sheausong YANG, Ajit SANZGIRI, Timothy OLSON, Pauline SHUEN
-
Patent number: 8533832Abstract: A detection-based defense to a wireless network. Elements of the infrastructure, e.g., access points or scanning-only access points, detect intruders by detecting spoofed frames, such as from rogue access points. Access points include a signature, such as a message integrity check, with their management frames in a manner that enables neighboring access points to be able to validate the management frames, and to detect spoofed frames. When a neighboring access point receives a management frame, obtains a key for the access point sending the frame, and validates the management frame using the key.Type: GrantFiled: April 25, 2012Date of Patent: September 10, 2013Assignee: Cisco Technology, Inc.Inventors: Nancy Cam Winget, Mark Krischer, Sheausong Yang, Ajit Sanzgiri, Timothy Olson, Pauline Shuen
-
Patent number: 8274919Abstract: Various systems and methods for implementing virtual ports within ring networks are disclosed. For example, one method involves allocating a logical port that corresponds to a first port and a second port and instantiating a spanning tree protocol instance. The first port and the second port are both assigned to a first ring network. The spanning tree protocol instance selectively blocks the logical port; however, the spanning tree protocol instance is unable to block the first port independently of blocking the second port. Events (e.g., link failures and recoveries) that occur within the ring network are communicated to spanning tree by transitioning the state of the logical port in response to receiving a ring protocol control packet. The spanning tree protocol instance initiates a bridge protocol data unit (BPDU) exchange from the logical port in response to a transition in the state of the logical port.Type: GrantFiled: September 2, 2005Date of Patent: September 25, 2012Assignee: Cisco Technology, Inc.Inventors: Lionel Florit, Robert W. Klessig, Pauline Shuen, Francois E. Tallet
-
Publication number: 20120210395Abstract: A detection-based defense to a wireless network. Elements of the infrastructure, e.g., access points or scanning-only access points, detect intruders by detecting spoofed frames, such as from rogue access points. Access points include a signature, such as a message integrity check, with their management frames in a manner that enables neighboring access points to be able to validate the management frames, and to detect spoofed frames. When a neighboring access point receives a management frame, obtains a key for the access point sending the frame, and validates the management frame using the key.Type: ApplicationFiled: April 25, 2012Publication date: August 16, 2012Inventors: Nancy CAM WINGET, Mark KRISHCER, Sheausong YANG, Ajit SANZGIRI, Timothy OLSON, Pauline SHUEN
-
Publication number: 20120207160Abstract: In one embodiment, a subnet-scoped multicast packet is received on an interface of a forwarding device that is connected to a host device of a subnet of a forwarding domain. The received subnet-scoped multicast packet is transmitted from one or more other interfaces of the forwarding device that are connected to one or more other host devices of the subnet. The received subnet-scoped multicast packet is also encapsulated with an additional header. The encapsulated subnet-scoped multicast packet is forwarded from the forwarding device to an intermediate router which routes the encapsulated subnet-scoped multicast packet to one or more other forwarding devices configured to decapsulate the encapsulated subnet-scoped multicast packet and transmit the decapsulated subnet-scoped multicast packet to one or more connected host devices of an additional portion of the subnet.Type: ApplicationFiled: April 25, 2012Publication date: August 16, 2012Applicant: CISCO TECHNOLOGY, INC.Inventors: Navindra Yadav, James Rivers, Gnanaprakasam Pandian, Pauline Shuen, Scott Emery
-
Patent number: 8208463Abstract: In one embodiment, receiving a data packet in a data forwarding domain, encapsulating a header to the received data packet, and routing the encapsulated data packet in the data forwarding domain over a distribution tree are provided.Type: GrantFiled: October 24, 2006Date of Patent: June 26, 2012Assignee: Cisco Technology, Inc.Inventors: Navindra Yadav, James Rivers, Gnanaprakasam Pandian, Pauline Shuen, Scott Emery
-
Patent number: 8191144Abstract: A detection-based defense to a wireless network. Elements of the infrastructure, e.g., access points or scanning-only access points, detect intruders by detecting spoofed frames, such as from rogue access points. Access points include a signature, such as a message integrity check, with their management frames in a manner that enables neighboring access points to be able to validate the management frames, and to detect spoofed frames. When a neighboring access point receives a management frame, obtains a key for the access point sending the frame, and validates the management frame using the key.Type: GrantFiled: April 27, 2009Date of Patent: May 29, 2012Assignee: Cisco Technology, Inc.Inventors: Nancy Cam Winget, Mark Krishcer, Sheausong Yang, Ajit Sanzgiri, Timothy Olson, Pauline Shuen
-
Publication number: 20120113798Abstract: Various systems and methods for integrating ring-protocol-compatible devices into network configurations that also include non-ring-protocol-compatible devices are disclosed. One such method, which can be performed by a network node that supports a ring protocol, involves generating a ring protocol packet and sending that ring protocol packet to a neighboring node. The ring protocol packet includes information, and the presence of this information within the packet causes a network device that receives the ring protocol packet to drop the ring protocol packet unless the network device supports a ring protocol. The information can include a reserved address (e.g., in the destination address field of the packet) as well as a ring protocol identifier.Type: ApplicationFiled: January 13, 2012Publication date: May 10, 2012Inventors: Lionel Florit, Robert W. Klessig, Francois E. Tallet, Pauline Shuen
-
Patent number: 8111634Abstract: Various systems and methods for integrating ring-protocol-compatible devices into network configurations that also include non-ring-protocol-compatible devices are disclosed. One such method, which can be performed by a network node that supports a ring protocol, involves generating a ring protocol packet and sending that ring protocol packet to a neighboring node. The ring protocol packet includes information, and the presence of this information within the packet causes a network device that receives the ring protocol packet to drop the ring protocol packet unless the network device supports a ring protocol. The information can include a reserved address (e.g., in the destination address field of the packet) as well as a ring protocol identifier.Type: GrantFiled: August 15, 2006Date of Patent: February 7, 2012Assignee: Cisco Technology, Inc.Inventors: Lionel Florit, Robert W. Klessig, Francois E. Tallet, Pauline Shuen
-
Patent number: 8073936Abstract: Various systems and methods are disclosed for providing support for responding to location protocol queries within a network node. One such method involves associating a location with a network identity by associating a network port with a network identity and also associating the network port with the location. The association between the network port and the network identity is created in response to a network identity, which can include an IP address, being assigned to a device coupled to the network port by an identity protocol such as DHCP. The packet is sent in response to detecting a request for the device's location. The method can be performed by various devices, including a first hop node coupled to the device, a location server, and an identity server.Type: GrantFiled: June 8, 2006Date of Patent: December 6, 2011Assignee: Cisco Technology, Inc.Inventors: Pradeep S. Sudame, Shree N. Murthy, Jie Cheng Jiang, Pauline Shuen
-
Patent number: 7881296Abstract: This invention provides for an apparatus and method to isolate ports on layer 2 switches on the same VLAN to restrict traffic flow. The apparatus comprises a switch having said plurality of ports, each port configured as a protected port or a non-protected port. An address table memory stores an address table having a destination address and port number pair. A forwarding map generator generates a forwarding map which is responsive to a destination address of a data packet. The method for isolating ports on a layer 2 switch comprises configuring each of the ports on the layer 2 switch as a protected port or a non-protected port. A destination address on an data packet is matched with a physical address on said layer 2 switch and a forwarding map is generated for the data packet based upon the destination address on the data packet.Type: GrantFiled: July 26, 2006Date of Patent: February 1, 2011Assignee: Cisco Technology, Inc.Inventors: Monica Joshi, Pauline Shuen
-
Patent number: 7822027Abstract: In one embodiment, detecting data traffic from a host device in a data forwarding domain, injecting a host route associated with the detected data traffic, and updating a forwarding table associated with the host route are provided.Type: GrantFiled: October 5, 2006Date of Patent: October 26, 2010Assignee: Cisco Technology, Inc.Inventors: Navindra Yadav, Gnanaprakasam Pandian, James Rivers, Scott Emery, Pauline Shuen, Murali Duvvury
-
Patent number: 7778205Abstract: Various systems and methods for implementing virtual ports within ring networks are disclosed. For example, one method involves allocating a logical port that corresponds to a first port and a second port and instantiating a spanning tree protocol instance. The first port and the second port are both assigned to a first ring network. The spanning tree protocol instance selectively blocks the logical port; however, the spanning tree protocol instance is unable to block the first port independently of blocking the second port. Events (e.g., link failures and recoveries) that occur within the ring network are communicated to spanning tree by transitioning the state of the logical port in response to receiving a ring protocol control packet. The spanning tree protocol instance initiates a bridge protocol data unit (BPDU) exchange from the logical port in response to a transition in the state of the logical port.Type: GrantFiled: August 30, 2005Date of Patent: August 17, 2010Assignee: Cisco Technology, Inc.Inventors: Lionel Florit, Robert W. Klessig, Pauline Shuen, Francois E. Tallet
-
Patent number: 7688716Abstract: One embodiment in accordance with the invention is a method that includes detecting a failure in a ring network and transmitting a multicast message across the ring network that includes information regarding the failure. Additionally, a new ring master of the ring network is designated. Furthermore, a ring port coupled to the failure is blocked.Type: GrantFiled: May 2, 2005Date of Patent: March 30, 2010Assignee: Cisco Technology, Inc.Inventors: Moni Pande, Jie Cheng Jiang, Navindra Yadav, Gnanaprakasam Pandian, Pauline Shuen