Patents by Inventor Sandeep Hebbani

Sandeep Hebbani has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 10291533
    Abstract: A packet forwarding network may include switches that forward network traffic between end hosts and network tap devices that forward copied network traffic to an analysis network formed from client switches that are controlled by a controller. Network analysis devices and network service devices may be coupled to the client switches at interfaces of the analysis network. The controller may receive one or more network policies from a network administrator. A network policy may identify ingress interfaces, egress interfaces, matching rules, packet manipulation services to be performed. The controller may control the client switches to generate network paths that forward network packets that match the matching rules from the ingress interfaces to the egress interfaces through service devices that perform the services of the list. The controller may generate network paths for network policies based on network topology information and/or current network conditions maintained at the controller.
    Type: Grant
    Filed: March 18, 2015
    Date of Patent: May 14, 2019
    Assignee: Big Switch Networks, Inc.
    Inventors: Munish Mehta, Robert Edward Adams, Rao Sandeep Hebbani Raghavendra, Srinivasan Ramasubramanian
  • Patent number: 9787567
    Abstract: A packet forwarding network may include switches that forward network traffic between end hosts and network tap devices that forward copied network traffic to an analysis network formed from client switches that are controlled by a controller. Network analysis devices and network service devices may be coupled to the client switches at interfaces of the analysis network. The controller may receive one or more network policies from a network administrator. A network policy may identify ingress interfaces, egress interfaces, matching rules, packet manipulation services to be performed. The controller may control the client switches to generate network paths that forward network packets that match the matching rules from the ingress interfaces to the egress interfaces through service devices that perform the services of the list. The controller may generate network paths for network policies based on network topology information and/or current network conditions maintained at the controller.
    Type: Grant
    Filed: January 30, 2013
    Date of Patent: October 10, 2017
    Assignee: Big Switch Networks, Inc.
    Inventors: Munish Mehta, Robert Edward Adams, Rao Sandeep Hebbani Raghavendra, Srinivasan Ramasubramanian
  • Patent number: 8856317
    Abstract: In one embodiment, a method includes receiving at one of a plurality of servers, a request from a client for a secure communication session, storing context information associated with the secure communication session at a virtual context server in communication with the servers, and establishing the secure communication session between one of the servers and the client. The context information includes a session identifier, a secret, and a session state. The stored context information is available to the servers to allow the secure communication session to move between the servers. An apparatus for secure data transfer in a virtual environment is also disclosed.
    Type: Grant
    Filed: July 15, 2010
    Date of Patent: October 7, 2014
    Assignee: Cisco Technology, Inc.
    Inventors: Matthew Robertson, Rao Sandeep Hebbani Raghavendra, Qingqing Li
  • Patent number: 8271775
    Abstract: Systems, methods, and other embodiments associated with layer two (L2) encryption for data center interconnectivity are described. One example system includes a receive logic to receive an unencrypted L2 switched frame (UL2SF). The UL2SF may include a payload and an L2 header. The example system may also include an encryption logic to selectively encrypt the UL2SF into an encrypted frame if the UL2SF is to be sent through an L2 virtual private network (L2VPN) requiring encryption. The example system may also include a delivery logic that adds a header to the encrypted frame. The header may include data to identify a decryption function to decrypt the encrypted frame and routing information for the encrypted frame. The delivery logic may also provide the encrypted frame to the L2VPN, where the providing includes selectively sending the encrypted frame as one of, a point to point packet, and a multipoint packet.
    Type: Grant
    Filed: December 17, 2008
    Date of Patent: September 18, 2012
    Assignee: Cisco Technology, Inc.
    Inventors: Sudhakar Shenoy, Khalil Jabr, Sridar Kandaswamy, Madhusudanan Manohar, Sandeep Hebbani
  • Publication number: 20120016977
    Abstract: In one embodiment, a method includes receiving at one of a plurality of servers, a request from a client for a secure communication session, storing context information associated with the secure communication session at a virtual context server in communication with the servers, and establishing the secure communication session between one of the servers and the client. The context information includes a session identifier, a secret, and a session state. The stored context information is available to the servers to allow the secure communication session to move between the servers. An apparatus for secure data transfer in a virtual environment is also disclosed.
    Type: Application
    Filed: July 15, 2010
    Publication date: January 19, 2012
    Applicant: CISCO TECHNOLOGY, INC.
    Inventors: Matthew Robertson, Rao Sandeep Hebbani Raghavendra, Qingqing Li
  • Patent number: 7940765
    Abstract: Disclosed are, inter alia, methods, apparatus, data structures, computer-readable media, and mechanisms for limiting unauthorized multicast sources. One or more access control lists are typically configured in a switching device to a state that denies forwarding of multicast packets with a particular host as its source. In response to a received multicast application admission-control message identifying the particular host, the one or more access control lists in the switching device are updated to allow multicast messages sent from the particular host to be forwarded. In one system, the received multicast application admission-control message is an Internet Group Management Protocol (IGMP) message.
    Type: Grant
    Filed: November 14, 2004
    Date of Patent: May 10, 2011
    Assignee: Cisco Technology, Inc.
    Inventors: Sandeep Hebbani Raghavendra Rao, Shyamasundar S. Kaluve, Senthilkumar Krishnamurthy, Venkateshwar Rao Pullela, Ashwin Sampath
  • Publication number: 20100153701
    Abstract: Systems, methods, and other embodiments associated with layer two (L2) encryption for data center interconnectivity are described. One example system includes a receive logic to receive an unencrypted L2 switched frame (UL2SF). The UL2SF may include a payload and an L2 header. The example system may also include an encryption logic to selectively encrypt the UL2SF into an encrypted frame if the UL2SF is to be sent through an L2 virtual private network (L2VPN) requiring encryption. The example system may also include a delivery logic that adds a header to the encrypted frame. The header may include data to identify a decryption function to decrypt the encrypted frame and routing information for the encrypted frame. The delivery logic may also provide the encrypted frame to the L2VPN, where the providing includes selectively sending the encrypted frame as one of, a point to point packet, and a multipoint packet.
    Type: Application
    Filed: December 17, 2008
    Publication date: June 17, 2010
    Inventors: Sudhakar Shenoy, Khalil Jabr, Sridar Kandaswamy, Madhusudanan Manohar, Sandeep Hebbani
  • Publication number: 20060164984
    Abstract: Disclosed are, inter alia, methods, apparatus, data structures, computer-readable media, and mechanisms for limiting unauthorized multicast sources. One or more access control lists are typically configured in a switching device to a state that denies forwarding of multicast packets with a particular host as its source. In response to a received multicast application admission-control message identifying the particular host, the one or more access control lists in the switching device are updated to allow multicast messages sent from the particular host to be forwarded. In one system, the received multicast application admission-control message is an Internet Group Management Protocol (IGMP) message.
    Type: Application
    Filed: November 14, 2004
    Publication date: July 27, 2006
    Applicant: CISCO TECHNOLOGY, INC.
    Inventors: Sandeep Hebbani Rao, Shyamasundar Kaluve, Senthilkumar Krishnamurthy, Venkateshwar Pullela, Ashwin Sampath