Patents by Inventor Satish Kondalam

Satish Kondalam has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 12192057
    Abstract: Systems, methods, and computer-readable storage media are provided for provisioning a common subnet across a number of subscribers and their respective virtual networks using dynamically generated network policies that provide isolation between the subscribers. The dynamic generation of the network policies is performed when a host (e.g. client) is detected (via a switch) as the host joins the computing network via virtual networks. This ability to configure a common subnet for all the subscriber virtual networks allows these subscribers to more easily access external shared services coming from a headquarter site while keeping the separation and segmentation of multiple subscriber virtual networks within a single subnet. This allows the Enterprise fabric to be more simple and convenient to deploy without making security compromises.
    Type: Grant
    Filed: May 29, 2024
    Date of Patent: January 7, 2025
    Assignee: Cisco Technology, Inc.
    Inventors: Sanjay Kumar Hooda, Muninder Singh Sambi, Victor Moreno, Prakash C. Jain, Tarunesh Ahuja, Satish Kondalam
  • Patent number: 12107734
    Abstract: Systems, methods, and computer-readable storage media are provided for provisioning a common subnet across a number of subscribers and their respective virtual networks using dynamically generated network policies that provide isolation between the subscribers. The dynamic generation of the network policies is performed when a host (e.g. client) is detected (via a switch) as the host joins the computing network via virtual networks. This ability to configure a common subnet for all the subscriber virtual networks allows these subscribers to more easily access external shared services coming from a headquarter site while keeping the separation and segmentation of multiple subscriber virtual networks within a single subnet. This allows the Enterprise fabric to be more simple and convenient to deploy without making security compromises.
    Type: Grant
    Filed: July 27, 2023
    Date of Patent: October 1, 2024
    Assignee: Cisco Technology, Inc.
    Inventors: Sanjay Kumar Hooda, Muninder Singh Sambi, Victor Moreno, Prakash C. Jain, Tarunesh Ahuja, Satish Kondalam
  • Publication number: 20240314036
    Abstract: Systems, methods, and computer-readable storage media are provided for provisioning a common subnet across a number of subscribers and their respective virtual networks using dynamically generated network policies that provide isolation between the subscribers. The dynamic generation of the network policies is performed when a host (e.g. client) is detected (via a switch) as the host joins the computing network via virtual networks. This ability to configure a common subnet for all the subscriber virtual networks allows these subscribers to more easily access external shared services coming from a headquarter site while keeping the separation and segmentation of multiple subscriber virtual networks within a single subnet. This allows the Enterprise fabric to be more simple and convenient to deploy without making security compromises.
    Type: Application
    Filed: May 29, 2024
    Publication date: September 19, 2024
    Inventors: Sanjay Kumar Hooda, Muninder Singh Sambi, Victor Moreno, Prakash C. Jain, Tarunesh Ahuja, Satish Kondalam
  • Patent number: 12028250
    Abstract: Systems, methods, and computer-readable media for communicating policy changes in a Locator/ID Separation Protocol (LISP) based network deployment include receiving, at a first routing device, a first notification from a map server, the first notification indicating a change in a policy for LISP based communication between at least a first endpoint device and at least a second endpoint device, the first endpoint device being connected to a network fabric through the first routing device and the second endpoint device being connected to the network fabric through a second routing device. The first routing device forwards a second notification to the second routing device if one or more entries of a first map cache implemented by the first routing device are affected by the policy change, the second notification indicating a set of one or more endpoints connected to the second routing device that are affected by the policy change.
    Type: Grant
    Filed: May 24, 2023
    Date of Patent: July 2, 2024
    Assignee: Cisco Technology, Inc.
    Inventors: Prakash C. Jain, Sanjay Kumar Hooda, Satish Kondalam, Raja Janardanan, Aaditya Vadnere, Shivangi Sharma
  • Patent number: 12021699
    Abstract: Systems, methods, and computer-readable storage media are provided for provisioning a common subnet across a number of subscribers and their respective virtual networks using dynamically generated network policies that provide isolation between the subscribers. The dynamic generation of the network policies is performed when a host (e.g. client) is detected (via a switch) as the host joins the computing network via virtual networks. This ability to configure a common subnet for all the subscriber virtual networks allows these subscribers to more easily access external shared services coming from a headquarter site while keeping the separation and segmentation of multiple subscriber virtual networks within a single subnet. This allows the Enterprise fabric to be more simple and convenient to deploy without making security compromises.
    Type: Grant
    Filed: April 21, 2023
    Date of Patent: June 25, 2024
    Assignee: Cisco Technology, Inc.
    Inventors: Sanjay Kumar Hooda, Muninder Singh Sambi, Victor Moreno, Prakash C. Jain, Tarunesh Ahuja, Satish Kondalam
  • Publication number: 20240039839
    Abstract: Systems, methods, and computer-readable media for discovering silent hosts in a software-defined network and directing traffic to the silent hosts in a scalable and targeted manner include determining interfaces of a fabric device that are connected to respective one or more endpoints, where the fabric device is configured to connect the endpoints to a network fabric of the software-defined network. At least a first interface is identified, where an address of a first endpoint connected to the first interface is not available at the fabric device. A first notification is transmitted to a control plane of the software-defined network based on identifying the first interface, where the control plane may create a flood list which includes the fabric device. Traffic intended for the first endpoint from the network fabric is received by the fabric device can be based on the flood list.
    Type: Application
    Filed: October 13, 2023
    Publication date: February 1, 2024
    Inventors: Satish Kondalam, Sanjay Kumar Hooda, Prakash C. Jain, Vikram Vikas Pendharkar
  • Publication number: 20240007353
    Abstract: Systems, methods, and computer-readable storage media are provided for provisioning a common subnet across a number of subscribers and their respective virtual networks using dynamically generated network policies that provide isolation between the subscribers. The dynamic generation of the network policies is performed when a host (e.g. client) is detected (via a switch) as the host joins the computing network via virtual networks. This ability to configure a common subnet for all the subscriber virtual networks allows these subscribers to more easily access external shared services coming from a headquarter site while keeping the separation and segmentation of multiple subscriber virtual networks within a single subnet. This allows the Enterprise fabric to be more simple and convenient to deploy without making security compromises.
    Type: Application
    Filed: July 27, 2023
    Publication date: January 4, 2024
    Inventors: Sanjay Kumar Hooda, Muninder Singh Sambi, Victor Moreno, Prakash C. Jain, Tarunesh Ahuja, Satish Kondalam
  • Patent number: 11799767
    Abstract: Systems, methods, and computer-readable media for discovering silent hosts in a software-defined network and directing traffic to the silent hosts in a scalable and targeted manner include determining interfaces of a fabric device that are connected to respective one or more endpoints, where the fabric device is configured to connect the endpoints to a network fabric of the software-defined network. At least a first interface is identified, where an address of a first endpoint connected to the first interface is not available at the fabric device. A first notification is transmitted to a control plane of the software-defined network based on identifying the first interface, where the control plane may create a flood list which includes the fabric device. Traffic intended for the first endpoint from the network fabric is received by the fabric device can be based on the flood list.
    Type: Grant
    Filed: March 1, 2022
    Date of Patent: October 24, 2023
    Assignee: Cisco Technology, Inc.
    Inventors: Satish Kondalam, Sanjay Kumar Hooda, Prakash C. Jain, Vikram Vikas Pendharkar
  • Publication number: 20230308391
    Abstract: Systems, methods, and computer-readable media for communicating policy changes in a Locator/ID Separation Protocol (LISP) based network deployment include receiving, at a first routing device, a first notification from a map server, the first notification indicating a change in a policy for LISP based communication between at least a first endpoint device and at least a second endpoint device, the first endpoint device being connected to a network fabric through the first routing device and the second endpoint device being connected to the network fabric through a second routing device. The first routing device forwards a second notification to the second routing device if one or more entries of a first map cache implemented by the first routing device are affected by the policy change, the second notification indicating a set of one or more endpoints connected to the second routing device that are affected by the policy change.
    Type: Application
    Filed: May 24, 2023
    Publication date: September 28, 2023
    Inventors: Prakash C. Jain, Sanjay Kumar Hooda, Satish Kondalam, Raja Janardanan, Aaditya Vadnere, Shivangi Sharma
  • Publication number: 20230269139
    Abstract: Systems, methods, and computer-readable storage media are provided for provisioning a common subnet across a number of subscribers and their respective virtual networks using dynamically generated network policies that provide isolation between the subscribers. The dynamic generation of the network policies is performed when a host (e.g. client) is detected (via a switch) as the host joins the computing network via virtual networks. This ability to configure a common subnet for all the subscriber virtual networks allows these subscribers to more easily access external shared services coming from a headquarter site while keeping the separation and segmentation of multiple subscriber virtual networks within a single subnet. This allows the Enterprise fabric to be more simple and convenient to deploy without making security compromises.
    Type: Application
    Filed: April 21, 2023
    Publication date: August 24, 2023
    Inventors: Sanjay Kumar Hooda, Muninder Singh Sambi, Victor Moreno, Prakash C. Jain, Tarunesh Ahuja, Satish Kondalam
  • Patent number: 11706139
    Abstract: Systems, methods, and computer-readable media for communicating policy changes in a Locator/ID Separation Protocol (LISP) based network deployment include receiving, at a first routing device, a first notification from a map server, the first notification indicating a change in a policy for LISP based communication between at least a first endpoint device and at least a second endpoint device, the first endpoint device being connected to a network fabric through the first routing device and the second endpoint device being connected to the network fabric through a second routing device. The first routing device forwards a second notification to the second routing device if one or more entries of a first map cache implemented by the first routing device are affected by the policy change, the second notification indicating a set of one or more endpoints connected to the second routing device that are affected by the policy change.
    Type: Grant
    Filed: September 15, 2021
    Date of Patent: July 18, 2023
    Assignee: Cisco Technology, Inc.
    Inventors: Prakash C. Jain, Sanjay Kumar Hooda, Satish Kondalam, Raja Janardanan, Aaditya Vadnere, Shivangi Sharma
  • Patent number: 11658876
    Abstract: Systems, methods, and computer-readable storage media are provided for provisioning a common subnet across a number of subscribers and their respective virtual networks using dynamically generated network policies that provide isolation between the subscribers. The dynamic generation of the network policies is performed when a host (e.g. client) is detected (via a switch) as the host joins the computing network via virtual networks. This ability to configure a common subnet for all the subscriber virtual networks allows these subscribers to more easily access external shared services coming from a headquarter site while keeping the separation and segmentation of multiple subscriber virtual networks within a single subnet. This allows the Enterprise fabric to be more simple and convenient to deploy without making security compromises.
    Type: Grant
    Filed: July 16, 2021
    Date of Patent: May 23, 2023
    Assignee: Cisco Technology, Inc.
    Inventors: Sanjay Kumar Hooda, Muninder Singh Sambi, Victor Moreno, Prakash C. Jain, Tarunesh Ahuja, Satish Kondalam
  • Patent number: 11516184
    Abstract: Systems, methods, and computer-readable media for preserving source host context when firewall policies are applied to traffic in an enterprise network fabric. A data packet to a destination host from a source host can be received at a first border node instance in an enterprise network fabric as part of network traffic. The data packet can include a context associated with the source host. Further, the data packet can be sent to a firewall of the enterprise network fabric and can be received at a second border node instance after the firewall applies a firewall policy to the data packet. The data packet can then be selectively encapsulated with the context associated with the source host at the second border node instance for applying one or more policies to control transmission of the network traffic through the enterprise network fabric.
    Type: Grant
    Filed: September 5, 2019
    Date of Patent: November 29, 2022
    Assignee: Cisco Technology, Inc.
    Inventors: Prakash C. Jain, Sanjay Kumar Hooda, Satish Kondalam
  • Publication number: 20220191135
    Abstract: Systems, methods, and computer-readable media for discovering silent hosts in a software-defined network and directing traffic to the silent hosts in a scalable and targeted manner include determining interfaces of a fabric device that are connected to respective one or more endpoints, where the fabric device is configured to connect the endpoints to a network fabric of the software-defined network. At least a first interface is identified, where an address of a first endpoint connected to the first interface is not available at the fabric device. A first notification is transmitted to a control plane of the software-defined network based on identifying the first interface, where the control plane may create a flood list which includes the fabric device. Traffic intended for the first endpoint from the network fabric is received by the fabric device can be based on the flood list.
    Type: Application
    Filed: March 1, 2022
    Publication date: June 16, 2022
    Inventors: Satish Kondalam, Sanjay Kumar Hooda, Prakash C. Jain, Vikram Vikas Pendharkar
  • Patent number: 11316782
    Abstract: Systems, methods, and computer-readable media for discovering silent hosts in a software-defined network and directing traffic to the silent hosts in a scalable and targeted manner include determining interfaces of a fabric device that are connected to respective one or more endpoints, where the fabric device is configured to connect the endpoints to a network fabric of the software-defined network. At least a first interface is identified, where an address of a first endpoint connected to the first interface is not available at the fabric device. A first notification is transmitted to a control plane of the software-defined network based on identifying the first interface, where the control plane may create a flood list which includes the fabric device. Traffic intended for the first endpoint from the network fabric is received by the fabric device can be based on the flood list.
    Type: Grant
    Filed: May 1, 2020
    Date of Patent: April 26, 2022
    Assignee: CISCO TECHNOLOGY, INC.
    Inventors: Satish Kondalam, Sanjay Kumar Hooda, Prakash C. Jain, Vikram Vikas Pendharkar
  • Publication number: 20220006738
    Abstract: Systems, methods, and computer-readable media for communicating policy changes in a Locator/ID Separation Protocol (LISP) based network deployment include receiving, at a first routing device, a first notification from a map server, the first notification indicating a change in a policy for LISP based communication between at least a first endpoint device and at least a second endpoint device, the first endpoint device being connected to a network fabric through the first routing device and the second endpoint device being connected to the network fabric through a second routing device. The first routing device forwards a second notification to the second routing device if one or more entries of a first map cache implemented by the first routing device are affected by the policy change, the second notification indicating a set of one or more endpoints connected to the second routing device that are affected by the policy change.
    Type: Application
    Filed: September 15, 2021
    Publication date: January 6, 2022
    Inventors: Prakash C. Jain, Sanjay Kumar Hooda, Satish Kondalam, Raja Janardanan, Aaditya Vadnere, Shivangi Sharma
  • Publication number: 20210344565
    Abstract: Systems, methods, and computer-readable storage media are provided for provisioning a common subnet across a number of subscribers and their respective virtual networks using dynamically generated network policies that provide isolation between the subscribers. The dynamic generation of the network policies is performed when a host (e.g. client) is detected (via a switch) as the host joins the computing network via virtual networks. This ability to configure a common subnet for all the subscriber virtual networks allows these subscribers to more easily access external shared services coming from a headquarter site while keeping the separation and segmentation of multiple subscriber virtual networks within a single subnet. This allows the Enterprise fabric to be more simple and convenient to deploy without making security compromises.
    Type: Application
    Filed: July 16, 2021
    Publication date: November 4, 2021
    Inventors: Sanjay Kumar Hooda, Muninder Singh Sambi, Victor Moreno, Prakash C. Jain, Tarunesh Ahuja, Satish Kondalam
  • Publication number: 20210344595
    Abstract: Systems, methods, and computer-readable media for communicating policy changes in a Locator/ID Separation Protocol (LISP) based network deployment include receiving, at a first routing device, a first notification from a map server, the first notification indicating a change in a policy for LISP based communication between at least a first endpoint device and at least a second endpoint device, the first endpoint device being connected to a network fabric through the first routing device and the second endpoint device being connected to the network fabric through a second routing device. The first routing device forwards a second notification to the second routing device if one or more entries of a first map cache implemented by the first routing device are affected by the policy change, the second notification indicating a set of one or more endpoints connected to the second routing device that are affected by the policy change.
    Type: Application
    Filed: May 1, 2020
    Publication date: November 4, 2021
    Inventors: Prakash C. Jain, Sanjay Kumar Hooda, Satish Kondalam, Raja Janardanan, Aaditya Vadnere, Shivangi Sharma
  • Publication number: 20210344591
    Abstract: Systems, methods, and computer-readable media for discovering silent hosts in a software-defined network and directing traffic to the silent hosts in a scalable and targeted manner include determining interfaces of a fabric device that are connected to respective one or more endpoints, where the fabric device is configured to connect the endpoints to a network fabric of the software-defined network. At least a first interface is identified, where an address of a first endpoint connected to the first interface is not available at the fabric device. A first notification is transmitted to a control plane of the software-defined network based on identifying the first interface, where the control plane may create a flood list which includes the fabric device. Traffic intended for the first endpoint from the network fabric is received by the fabric device can be based on the flood list.
    Type: Application
    Filed: May 1, 2020
    Publication date: November 4, 2021
    Inventors: Satish Kondalam, Sanjay Kumar Hooda, Prakash C. Jain, Vikram Vikas Pendharkar
  • Patent number: 11165702
    Abstract: Systems, methods, and computer-readable media for communicating policy changes in a Locator/ID Separation Protocol (LISP) based network deployment include receiving, at a first routing device, a first notification from a map server, the first notification indicating a change in a policy for LISP based communication between at least a first endpoint device and at least a second endpoint device, the first endpoint device being connected to a network fabric through the first routing device and the second endpoint device being connected to the network fabric through a second routing device. The first routing device forwards a second notification to the second routing device if one or more entries of a first map cache implemented by the first routing device are affected by the policy change, the second notification indicating a set of one or more endpoints connected to the second routing device that are affected by the policy change.
    Type: Grant
    Filed: May 1, 2020
    Date of Patent: November 2, 2021
    Assignee: CISCO TECHNOLOGY, INC.
    Inventors: Prakash C. Jain, Sanjay Kumar Hooda, Satish Kondalam, Raja Janardanan, Aaditya Vadnere, Shivangi Sharma