Patents by Inventor Pauline Shuen

Pauline Shuen has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 9369304
    Abstract: In one embodiment, a subnet-scoped multicast packet is received on an interface of a forwarding device that is connected to a host device of a subnet of a forwarding domain. The received subnet-scoped multicast packet is transmitted from one or more other interfaces of the forwarding device that are connected to one or more other host devices of the subnet. The received subnet-scoped multicast packet is also encapsulated with an additional header. The encapsulated subnet-scoped multicast packet is forwarded from the forwarding device to an intermediate router which routes the encapsulated subnet-scoped multicast packet to one or more other forwarding devices configured to decapsulate the encapsulated subnet-scoped multicast packet and transmit the decapsulated subnet-scoped multicast packet to one or more connected host devices of an additional portion of the subnet.
    Type: Grant
    Filed: March 11, 2014
    Date of Patent: June 14, 2016
    Assignee: CISCO TECHNOLOGY, INC.
    Inventors: Navindra Yadav, James Rivers, Gnanaprakasam Pandian, Pauline Shuen, Scott Emery
  • Patent number: 9264895
    Abstract: A detection-based defense to a wireless network. Elements of the infrastructure, e.g., access points or scanning-only access points, detect intruders by detecting spoofed frames, such as from rogue access points. Access points include a signature, such as a message integrity check, with their management frames in a manner that enables neighboring access points to be able to validate the management frames, and to detect spoofed frames. When a neighboring access point receives a management frame, obtains a key for the access point sending the frame, and validates the management frame using the key.
    Type: Grant
    Filed: August 12, 2013
    Date of Patent: February 16, 2016
    Assignee: Cisco Technology, Inc.
    Inventors: Mark Krischer, Nancy Cam-Winget, Sheausong Yang, Ajit Sanzgiri, Timothy Olson, Pauline Shuen
  • Publication number: 20140192806
    Abstract: In one embodiment, a subnet-scoped multicast packet is received on an interface of a forwarding device that is connected to a host device of a subnet of a forwarding domain. The received subnet-scoped multicast packet is transmitted from one or more other interfaces of the forwarding device that are connected to one or more other host devices of the subnet. The received subnet-scoped multicast packet is also encapsulated with an additional header. The encapsulated subnet-scoped multicast packet is forwarded from the forwarding device to an intermediate router which routes the encapsulated subnet-scoped multicast packet to one or more other forwarding devices configured to decapsulate the encapsulated subnet-scoped multicast packet and transmit the decapsulated subnet-scoped multicast packet to one or more connected host devices of an additional portion of the subnet.
    Type: Application
    Filed: March 11, 2014
    Publication date: July 10, 2014
    Applicant: Cisco Technology, Inc
    Inventors: Navindra Yadav, James Rivers, Guanaprakasam Pandian, Pauline Shuen, Scott Emery
  • Patent number: 8705528
    Abstract: In one embodiment, a subnet-scoped multicast packet is received on an interface of a forwarding device that is connected to a host device of a subnet of a forwarding domain. The received subnet-scoped multicast packet is transmitted from one or more other interfaces of the forwarding device that are connected to one or more other host devices of the subnet. The received subnet-scoped multicast packet is also encapsulated with an additional header. The encapsulated subnet-scoped multicast packet is forwarded from the forwarding device to an intermediate router which routes the encapsulated subnet-scoped multicast packet to one or more other forwarding devices configured to decapsulate the encapsulated subnet-scoped multicast packet and transmit the decapsulated subnet-scoped multicast packet to one or more connected host devices of an additional portion of the subnet.
    Type: Grant
    Filed: April 25, 2012
    Date of Patent: April 22, 2014
    Assignee: Cisco Technology, Inc.
    Inventors: Navindra Yadav, James Rivers, Gnanaprakasam Pandian, Pauline Shuen, Scott Emery
  • Patent number: 8687523
    Abstract: Various systems and methods for integrating ring-protocol-compatible devices into network configurations that also include non-ring-protocol-compatible devices are disclosed. One such method, which can be performed by a network node that supports a ring protocol, involves generating a ring protocol packet and sending that ring protocol packet to a neighboring node. The ring protocol packet includes information, and the presence of this information within the packet causes a network device that receives the ring protocol packet to drop the ring protocol packet unless the network device supports a ring protocol. The information can include a reserved address (e.g., in the destination address field of the packet) as well as a ring protocol identifier.
    Type: Grant
    Filed: January 13, 2012
    Date of Patent: April 1, 2014
    Assignee: Cisco Technology, Inc.
    Inventors: Lionel Florit, Robert W. Klessig, Francois E. Tallet, Pauline Shuen
  • Patent number: 8661518
    Abstract: Embodiments of an N-Port ID virtualization (NPIV) proxy module, NPIV proxy switching system, and methods are generally described herein. Other embodiments may be described and claimed. In some embodiments, login requests are distributed over a plurality of available N-ports to allow servers to be functionally coupled to F-ports of a plurality of fiber-channel (FC) switches. Fiber-channel identifiers (FCIDs) are assigned to the servers in response to the logon requests to provide single end-host operations for each of the servers.
    Type: Grant
    Filed: June 13, 2007
    Date of Patent: February 25, 2014
    Assignee: Cisco Technology, Inc.
    Inventors: Krishna Doddapaneni, Chaitanya Kodeboyina, J.R. Rivers, Pauline Shuen
  • Publication number: 20130333012
    Abstract: A detection-based defense to a wireless network. Elements of the infrastructure, e.g., access points or scanning-only access points, detect intruders by detecting spoofed frames, such as from rogue access points. Access points include a signature, such as a message integrity check, with their management frames in a manner that enables neighboring access points to be able to validate the management frames, and to detect spoofed frames. When a neighboring access point receives a management frame, obtains a key for the access point sending the frame, and validates the management frame using the key.
    Type: Application
    Filed: August 12, 2013
    Publication date: December 12, 2013
    Applicant: Cisco Technology, Inc.
    Inventors: Mark KRISCHER, Nancy CAM-WINGET, Sheausong YANG, Ajit SANZGIRI, Timothy OLSON, Pauline SHUEN
  • Patent number: 8533832
    Abstract: A detection-based defense to a wireless network. Elements of the infrastructure, e.g., access points or scanning-only access points, detect intruders by detecting spoofed frames, such as from rogue access points. Access points include a signature, such as a message integrity check, with their management frames in a manner that enables neighboring access points to be able to validate the management frames, and to detect spoofed frames. When a neighboring access point receives a management frame, obtains a key for the access point sending the frame, and validates the management frame using the key.
    Type: Grant
    Filed: April 25, 2012
    Date of Patent: September 10, 2013
    Assignee: Cisco Technology, Inc.
    Inventors: Nancy Cam Winget, Mark Krischer, Sheausong Yang, Ajit Sanzgiri, Timothy Olson, Pauline Shuen
  • Patent number: 8274919
    Abstract: Various systems and methods for implementing virtual ports within ring networks are disclosed. For example, one method involves allocating a logical port that corresponds to a first port and a second port and instantiating a spanning tree protocol instance. The first port and the second port are both assigned to a first ring network. The spanning tree protocol instance selectively blocks the logical port; however, the spanning tree protocol instance is unable to block the first port independently of blocking the second port. Events (e.g., link failures and recoveries) that occur within the ring network are communicated to spanning tree by transitioning the state of the logical port in response to receiving a ring protocol control packet. The spanning tree protocol instance initiates a bridge protocol data unit (BPDU) exchange from the logical port in response to a transition in the state of the logical port.
    Type: Grant
    Filed: September 2, 2005
    Date of Patent: September 25, 2012
    Assignee: Cisco Technology, Inc.
    Inventors: Lionel Florit, Robert W. Klessig, Pauline Shuen, Francois E. Tallet
  • Publication number: 20120207160
    Abstract: In one embodiment, a subnet-scoped multicast packet is received on an interface of a forwarding device that is connected to a host device of a subnet of a forwarding domain. The received subnet-scoped multicast packet is transmitted from one or more other interfaces of the forwarding device that are connected to one or more other host devices of the subnet. The received subnet-scoped multicast packet is also encapsulated with an additional header. The encapsulated subnet-scoped multicast packet is forwarded from the forwarding device to an intermediate router which routes the encapsulated subnet-scoped multicast packet to one or more other forwarding devices configured to decapsulate the encapsulated subnet-scoped multicast packet and transmit the decapsulated subnet-scoped multicast packet to one or more connected host devices of an additional portion of the subnet.
    Type: Application
    Filed: April 25, 2012
    Publication date: August 16, 2012
    Applicant: CISCO TECHNOLOGY, INC.
    Inventors: Navindra Yadav, James Rivers, Gnanaprakasam Pandian, Pauline Shuen, Scott Emery
  • Publication number: 20120210395
    Abstract: A detection-based defense to a wireless network. Elements of the infrastructure, e.g., access points or scanning-only access points, detect intruders by detecting spoofed frames, such as from rogue access points. Access points include a signature, such as a message integrity check, with their management frames in a manner that enables neighboring access points to be able to validate the management frames, and to detect spoofed frames. When a neighboring access point receives a management frame, obtains a key for the access point sending the frame, and validates the management frame using the key.
    Type: Application
    Filed: April 25, 2012
    Publication date: August 16, 2012
    Inventors: Nancy CAM WINGET, Mark KRISHCER, Sheausong YANG, Ajit SANZGIRI, Timothy OLSON, Pauline SHUEN
  • Patent number: 8208463
    Abstract: In one embodiment, receiving a data packet in a data forwarding domain, encapsulating a header to the received data packet, and routing the encapsulated data packet in the data forwarding domain over a distribution tree are provided.
    Type: Grant
    Filed: October 24, 2006
    Date of Patent: June 26, 2012
    Assignee: Cisco Technology, Inc.
    Inventors: Navindra Yadav, James Rivers, Gnanaprakasam Pandian, Pauline Shuen, Scott Emery
  • Patent number: 8191144
    Abstract: A detection-based defense to a wireless network. Elements of the infrastructure, e.g., access points or scanning-only access points, detect intruders by detecting spoofed frames, such as from rogue access points. Access points include a signature, such as a message integrity check, with their management frames in a manner that enables neighboring access points to be able to validate the management frames, and to detect spoofed frames. When a neighboring access point receives a management frame, obtains a key for the access point sending the frame, and validates the management frame using the key.
    Type: Grant
    Filed: April 27, 2009
    Date of Patent: May 29, 2012
    Assignee: Cisco Technology, Inc.
    Inventors: Nancy Cam Winget, Mark Krishcer, Sheausong Yang, Ajit Sanzgiri, Timothy Olson, Pauline Shuen
  • Publication number: 20120113798
    Abstract: Various systems and methods for integrating ring-protocol-compatible devices into network configurations that also include non-ring-protocol-compatible devices are disclosed. One such method, which can be performed by a network node that supports a ring protocol, involves generating a ring protocol packet and sending that ring protocol packet to a neighboring node. The ring protocol packet includes information, and the presence of this information within the packet causes a network device that receives the ring protocol packet to drop the ring protocol packet unless the network device supports a ring protocol. The information can include a reserved address (e.g., in the destination address field of the packet) as well as a ring protocol identifier.
    Type: Application
    Filed: January 13, 2012
    Publication date: May 10, 2012
    Inventors: Lionel Florit, Robert W. Klessig, Francois E. Tallet, Pauline Shuen
  • Patent number: 8111634
    Abstract: Various systems and methods for integrating ring-protocol-compatible devices into network configurations that also include non-ring-protocol-compatible devices are disclosed. One such method, which can be performed by a network node that supports a ring protocol, involves generating a ring protocol packet and sending that ring protocol packet to a neighboring node. The ring protocol packet includes information, and the presence of this information within the packet causes a network device that receives the ring protocol packet to drop the ring protocol packet unless the network device supports a ring protocol. The information can include a reserved address (e.g., in the destination address field of the packet) as well as a ring protocol identifier.
    Type: Grant
    Filed: August 15, 2006
    Date of Patent: February 7, 2012
    Assignee: Cisco Technology, Inc.
    Inventors: Lionel Florit, Robert W. Klessig, Francois E. Tallet, Pauline Shuen
  • Patent number: 8073936
    Abstract: Various systems and methods are disclosed for providing support for responding to location protocol queries within a network node. One such method involves associating a location with a network identity by associating a network port with a network identity and also associating the network port with the location. The association between the network port and the network identity is created in response to a network identity, which can include an IP address, being assigned to a device coupled to the network port by an identity protocol such as DHCP. The packet is sent in response to detecting a request for the device's location. The method can be performed by various devices, including a first hop node coupled to the device, a location server, and an identity server.
    Type: Grant
    Filed: June 8, 2006
    Date of Patent: December 6, 2011
    Assignee: Cisco Technology, Inc.
    Inventors: Pradeep S. Sudame, Shree N. Murthy, Jie Cheng Jiang, Pauline Shuen
  • Patent number: 7881296
    Abstract: This invention provides for an apparatus and method to isolate ports on layer 2 switches on the same VLAN to restrict traffic flow. The apparatus comprises a switch having said plurality of ports, each port configured as a protected port or a non-protected port. An address table memory stores an address table having a destination address and port number pair. A forwarding map generator generates a forwarding map which is responsive to a destination address of a data packet. The method for isolating ports on a layer 2 switch comprises configuring each of the ports on the layer 2 switch as a protected port or a non-protected port. A destination address on an data packet is matched with a physical address on said layer 2 switch and a forwarding map is generated for the data packet based upon the destination address on the data packet.
    Type: Grant
    Filed: July 26, 2006
    Date of Patent: February 1, 2011
    Assignee: Cisco Technology, Inc.
    Inventors: Monica Joshi, Pauline Shuen
  • Patent number: 7822027
    Abstract: In one embodiment, detecting data traffic from a host device in a data forwarding domain, injecting a host route associated with the detected data traffic, and updating a forwarding table associated with the host route are provided.
    Type: Grant
    Filed: October 5, 2006
    Date of Patent: October 26, 2010
    Assignee: Cisco Technology, Inc.
    Inventors: Navindra Yadav, Gnanaprakasam Pandian, James Rivers, Scott Emery, Pauline Shuen, Murali Duvvury
  • Patent number: 7778205
    Abstract: Various systems and methods for implementing virtual ports within ring networks are disclosed. For example, one method involves allocating a logical port that corresponds to a first port and a second port and instantiating a spanning tree protocol instance. The first port and the second port are both assigned to a first ring network. The spanning tree protocol instance selectively blocks the logical port; however, the spanning tree protocol instance is unable to block the first port independently of blocking the second port. Events (e.g., link failures and recoveries) that occur within the ring network are communicated to spanning tree by transitioning the state of the logical port in response to receiving a ring protocol control packet. The spanning tree protocol instance initiates a bridge protocol data unit (BPDU) exchange from the logical port in response to a transition in the state of the logical port.
    Type: Grant
    Filed: August 30, 2005
    Date of Patent: August 17, 2010
    Assignee: Cisco Technology, Inc.
    Inventors: Lionel Florit, Robert W. Klessig, Pauline Shuen, Francois E. Tallet
  • Patent number: 7688716
    Abstract: One embodiment in accordance with the invention is a method that includes detecting a failure in a ring network and transmitting a multicast message across the ring network that includes information regarding the failure. Additionally, a new ring master of the ring network is designated. Furthermore, a ring port coupled to the failure is blocked.
    Type: Grant
    Filed: May 2, 2005
    Date of Patent: March 30, 2010
    Assignee: Cisco Technology, Inc.
    Inventors: Moni Pande, Jie Cheng Jiang, Navindra Yadav, Gnanaprakasam Pandian, Pauline Shuen