Patents by Inventor Radha Popuri
Radha Popuri has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20240152379Abstract: Some embodiments provide a method for generating microsegmentation recommendations, performed by a network monitoring service implemented in a public cloud to monitor data flows for a group of datacenters. The method receives a selection of a set of logical network compute nodes (LNCNs) located at a particular datacenter for which to generate recommended rules. The method analyzes flows collected by the network monitoring service in order to generate a set of recommended rules relating to the set of LNCNs. The method provides the set of rules to a local manager at the particular datacenter for the local manager to configure network elements at the particular datacenter to enforce the set of rules. The rules use compute node identifiers for LNCNs located at the particular datacenter and network addresses for LNCNs located at other datacenters as the local manager does not store data regarding compute nodes located at the other datacenters.Type: ApplicationFiled: May 10, 2023Publication date: May 9, 2024Inventors: Sunitha Krishna, Rajiv Mordani, Radha Popuri, Yaqi Wang, Yiwei Zhang
-
Publication number: 20240154878Abstract: Some embodiments provide a method for providing a visualization of data flows for a logical network spanning a group of datacenters. The method receives a selection of a particular datacenter in the group of datacenters for which to display a flow visualization. The method generates a flow visualization for the particular datacenter including (i) representations of data flows between pairs of logical network compute nodes located within the particular datacenter, (ii) representations of data flows between logical network compute nodes located within the particular datacenter and logical network compute nodes at other datacenters in the group of datacenters, and (iii) representations of data flows between logical network compute nodes located within the particular datacenter and endpoints external to the group of datacenters. The method displays the generated flow visualization within a graphical user interface (GUI).Type: ApplicationFiled: May 10, 2023Publication date: May 9, 2024Inventors: Sunitha Krishna, Rajiv Mordani, Radha Popuri, Bofeng Hu, Suresh Nagar, Yili Zou
-
Publication number: 20230179572Abstract: Some embodiments provide a method for modifying a set of firewall rules for implementation in a network. The method receives (i) a set of existing firewall rules and (ii) a set of flows observed in the network that do not match the firewall rules in the set. The method identifies an optimized set of modifications to the set of existing firewall rules to generate a set of modified firewall rules such that (i) the set of flows match firewall rules in the set of modified firewall rules and (ii) any flows that matched firewall rules in the set of existing firewall rules also match firewall rules in the set of modified firewall rules.Type: ApplicationFiled: December 6, 2021Publication date: June 8, 2023Inventors: Kavya Kambi Ravi, Radha Popuri, Sunitha Krishna, Margaret Petrus
-
Publication number: 20230179571Abstract: Some embodiments provide a method for modifying a firewall rule of a security policy implemented in a network. The method identifies a set of compute machines to be added to a match condition for the firewall rule. The match condition is expressed using one or more groups of compute machines. The method selects a set of groups for the identified set of compute machines from a plurality of existing groups of compute machines based on a user-specified threshold indicating tolerance for inclusion of compute machines that are not in the identified set of compute machines in the selected groups. The method uses the selected set of groups for the match condition of the firewall rule.Type: ApplicationFiled: December 6, 2021Publication date: June 8, 2023Inventors: Kavya Kambi Ravi, Radha Popuri, Sunitha Krishna, Margaret Petrus, Yiwei Zhang
-
Patent number: 11425095Abstract: A novel method for managing firewall configuration of a software defined data center is provided. Such a firewall configuration is divided into multiple sections that each contains a set of firewall rules. Each tenant of the software defined data center has a corresponding set of sections in the firewall configuration. The method allows each tenant to independently access and update/manage its own corresponding set of sections. Multiple tenants or users are allowed to make changes to the firewall configuration simultaneously.Type: GrantFiled: June 29, 2016Date of Patent: August 23, 2022Assignee: NICIRA, INC.Inventors: Radha Popuri, Igor Ganichev, Shadab Shah, Kaushal Bansal
-
Patent number: 11349876Abstract: Some embodiments provide a novel method for collecting and reporting attributes of data flows associated with machines executing on a plurality of host computers to an analysis appliance and providing visual representations of the data to a user. Some embodiments provide a visual representation of the collected data that allows a user to select a set of machines and flows and initiate recommendation generation based on the selected machines and flows. The recommendation generation, in some embodiments, includes identifying flows for which rules have not been defined and filtering the identified rules to remove flows for which rules should not be defined. Some embodiments use the identified rues to identify services and groups associated with the rules and generate recommendations for rules, groups and services based on the identified flows, groups and services. The recommendations, in some embodiments, are implemented as a single PATCH API.Type: GrantFiled: August 28, 2019Date of Patent: May 31, 2022Assignee: VMWARE, INC.Inventors: Sunitha Krishna, Kausum Kumar, Rajiv Mordani, Radha Popuri, Kavya Kambi Ravi, Ankur Saran, Farzad Ghannadian
-
Patent number: 10944722Abstract: A novel method for managing firewall configuration of a software defined data center is provided. Such a firewall configuration is divided into multiple sections that each contains a set of firewall rules. Each tenant of the software defined data center has a corresponding set of sections in the firewall configuration. The method allows each tenant to independently access and update/manage its own corresponding set of sections. Multiple tenants or users are allowed to make changes to the firewall configuration simultaneously.Type: GrantFiled: June 29, 2016Date of Patent: March 9, 2021Assignee: NICIRA, INC.Inventors: Radha Popuri, Shadab Shah, James Joseph Stabile, Sameer Kurkure, Kaushal Bansal
-
Publication number: 20210029166Abstract: Some embodiments provide a novel method for collecting and reporting attributes of data flows associated with machines executing on a plurality of host computers to an analysis appliance and providing visual representations of the data to a user. Some embodiments provide a visual representation of the collected data that allows a user to select a set of machines and flows and initiate recommendation generation based on the selected machines and flows. The recommendation generation, in some embodiments, includes identifying flows for which rules have not been defined and filtering the identified rules to remove flows for which rules should not be defined. Some embodiments use the identified rues to identify services and groups associated with the rules and generate recommendations for rules, groups and services based on the identified flows, groups and services. The recommendations, in some embodiments, are implemented as a single PATCH API.Type: ApplicationFiled: August 28, 2019Publication date: January 28, 2021Inventors: Sunitha Krishna, Kausum Kumar, Rajiv Mordani, Radha Popuri, Kavya Kambi Ravi, Ankur Saran, Farzad Ghannadian
-
Publication number: 20170318055Abstract: A novel method for managing firewall configuration of a software defined data center is provided. Such a firewall configuration is divided into multiple sections that each contains a set of firewall rules. Each tenant of the software defined data center has a corresponding set of sections in the firewall configuration. The method allows each tenant to independently access and update/manage its own corresponding set of sections. Multiple tenants or users are allowed to make changes to the firewall configuration simultaneously.Type: ApplicationFiled: June 29, 2016Publication date: November 2, 2017Inventors: Radha Popuri, Shadab Shah, James Joseph Stabile, Sameer Kurkure, Kaushal Bansal
-
Publication number: 20170317977Abstract: A novel method for managing firewall configuration of a software defined data center is provided. Such a firewall configuration is divided into multiple sections that each contains a set of firewall rules. Each tenant of the software defined data center has a corresponding set of sections in the firewall configuration. The method allows each tenant to independently access and update/manage its own corresponding set of sections. Multiple tenants or users are allowed to make changes to the firewall configuration simultaneously.Type: ApplicationFiled: June 29, 2016Publication date: November 2, 2017Inventors: Radha Popuri, Igor Ganichev, Shadab Shah, Kaushal Bansal
-
Patent number: 9363270Abstract: A user management construct, referred to as a persona, is provided to enable a flexible mechanism that grants elevated or administrative privileges to users, such as application developers. Developers may utilize the privileges bestowed by a persona to execute tasks that normally requires access by traditional information (IT) roles, such as IT administrators, to deploy applications in a cloud computing environment. The tasks may include the provisioning of virtual or physical computing resources and/or the configuration of compute, storage, and networking resources.Type: GrantFiled: June 29, 2012Date of Patent: June 7, 2016Assignee: VCE Company, LLCInventors: T.K. Lakshman, Richard Kirchhofer, Oleg Musteata, Akshaya Mahapatra, Radha Popuri
-
Publication number: 20140006617Abstract: A user management construct, referred to as a persona, is provided to enable a flexible mechanism that grants elevated or administrative privileges to users, such as application developers. Developers may utilize the privileges bestowed by a persona to execute tasks that normally requires access by traditional information (IT) roles, such as IT administrators, to deploy applications in a cloud computing environment. The tasks may include the provisioning of virtual or physical computing resources and/or the configuration of compute, storage, and networking resources.Type: ApplicationFiled: June 29, 2012Publication date: January 2, 2014Applicant: VCE COMPANY LLCInventors: T.K. Lakshman, Richard Kirchhofer, Oleg Musteata, Akshaya Mahapatra, Radha Popuri