Patents by Inventor Srinivas Nimmagadda

Srinivas Nimmagadda has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 12081419
    Abstract: A method of collecting health check metrics for a network is provided. The method, at a deep packet inspector on a physical host in a datacenter, receives a copy of a network packet from a load balancer. The packet includes a plurality of layers. Each layer corresponds to a communication protocol in a plurality of communication protocols. The method identifies an application referenced in the packet. The method analyzes the information in one or more layers of the packet to determine metrics for the source application. The method sends the determined metrics to the load balancer.
    Type: Grant
    Filed: July 28, 2023
    Date of Patent: September 3, 2024
    Assignee: Nicira, Inc.
    Inventors: Alok S. Tiagi, Jayant Jain, Anirban Sengupta, Srinivas Nimmagadda, Rick Lund
  • Patent number: 11979415
    Abstract: A device receives information identifying a specific host threat to a network, where the information includes a list of network addresses associated with the specific host threat. The device identifies network elements, of the network, associated with the specific host threat to the network, and determines a network control system associated with the identified network elements. The device determines a policy enforcement group of network elements, of the identified network elements, that maps to the list of network addresses associated with the specific host threat, where the network control system is associated with the policy enforcement group of network elements. The device determines a threat policy action to enforce for the specific host threat, and causes, via the network control system, the threat policy action to be enforced by the policy enforcement group of network elements.
    Type: Grant
    Filed: December 11, 2020
    Date of Patent: May 7, 2024
    Assignee: Juniper Networks, Inc.
    Inventors: Srinivas Nimmagadda, Jeffrey S. Marshall, Sunil G. Rawoorkar, Srinivasan Veeraraghavan, Prakash T. Seshadri
  • Publication number: 20240106849
    Abstract: A device receives network segment information identifying network segments associated with a network, and receives endpoint host session information identifying sessions associated with endpoint hosts communicating with the network. The device generates, based on the network segment information and the endpoint host session information, a data structure that includes information associating the network segments with the sessions associated with the endpoint hosts. The device updates the data structure based on changes in the sessions associated with the endpoint hosts and based on changes in locations of the endpoint hosts within the network segments, and identifies, based on the data structure, a particular endpoint host, of the endpoint hosts, that changed locations within the network segments. The device determines a threat policy action to enforce for the particular endpoint host, and causes the threat policy action to be enforced, by the network, for the particular endpoint host.
    Type: Application
    Filed: December 5, 2023
    Publication date: March 28, 2024
    Inventors: Prakash T. SESHADRI, Binh Phu LE, Srinivas NIMMAGADDA, Jeffrey S. MARSHALL, Kartik Krishnan S. IYYER
  • Patent number: 11888877
    Abstract: A device receives network segment information identifying network segments associated with a network, and receives endpoint host session information identifying sessions associated with endpoint hosts communicating with the network. The device generates, based on the network segment information and the endpoint host session information, a data structure that includes information associating the network segments with the sessions associated with the endpoint hosts. The device updates the data structure based on changes in the sessions associated with the endpoint hosts and based on changes in locations of the endpoint hosts within the network segments, and identifies, based on the data structure, a particular endpoint host, of the endpoint hosts, that changed locations within the network segments. The device determines a threat policy action to enforce for the particular endpoint host, and causes the threat policy action to be enforced, by the network, for the particular endpoint host.
    Type: Grant
    Filed: November 18, 2020
    Date of Patent: January 30, 2024
    Assignee: Juniper Networks, Inc.
    Inventors: Prakash T. Seshadri, Binh Phu Le, Srinivas Nimmagadda, Jeffrey S. Marshall, Kartik Krishnan S. Iyyer
  • Publication number: 20230388188
    Abstract: A device receives policy information indicating a policy to be implemented for an application hosted by multiple cloud domains, and receives, from the multiple cloud domains, different application resource tags and addresses associated with the application. The device maps the different application resource tags to a generic identifier, and associates the policy with the generic identifier and with the addresses associated with the application. The device provides, based on associating the policy with the generic identifier and with the addresses associated with the application, the policy to the multiple cloud domains to permit the multiple cloud domains to implement the policy.
    Type: Application
    Filed: August 10, 2023
    Publication date: November 30, 2023
    Inventors: Prakash T. SESHADRI, Sunil G. RAWOORKAR, Yasmin ZARINA, Srinivas NIMMAGADDA, Jeffrey S. MARSHALL, Krishnaiah GOGINENI, Kartik Krishnan S. IYYER
  • Publication number: 20230370348
    Abstract: A method of collecting health check metrics for a network is provided. The method, at a deep packet inspector on a physical host in a datacenter, receives a copy of a network packet from a load balancer. The packet includes a plurality of layers. Each layer corresponds to a communication protocol in a plurality of communication protocols. The method identifies an application referenced in the packet. The method analyzes the information in one or more layers of the packet to determine metrics for the source application. The method sends the determined metrics to the load balancer.
    Type: Application
    Filed: July 28, 2023
    Publication date: November 16, 2023
    Inventors: Alok S. Tiagi, Jayant Jain, Anirban Sengupta, Srinivas Nimmagadda, Rick Lund
  • Patent number: 11765034
    Abstract: A device receives policy information indicating a policy to be implemented for an application hosted by multiple cloud domains, and receives, from the multiple cloud domains, different application resource tags and addresses associated with the application. The device maps the different application resource tags to a generic identifier, and associates the policy with the generic identifier and with the addresses associated with the application. The device provides, based on associating the policy with the generic identifier and with the addresses associated with the application, the policy to the multiple cloud domains to permit the multiple cloud domains to implement the policy.
    Type: Grant
    Filed: September 25, 2020
    Date of Patent: September 19, 2023
    Assignee: Juniper Networks, Inc.
    Inventors: Prakash T. Seshadri, Sunil G. Rawoorkar, Yasmin Zarina, Srinivas Nimmagadda, Jeffrey S. Marshall, Krishnaiah Gogineni, Kartik Krishnan S. Iyyer
  • Patent number: 11750481
    Abstract: A method for visualizing network flows of a network is provided. The method monitors network flows between a group of machines in a network. The method associates identifiers with the monitored network flows. The method aggregates the monitored network flows into a set of groups based on the associated identifiers. The method displays a set of flow records for the each group of the set of groups.
    Type: Grant
    Filed: February 21, 2022
    Date of Patent: September 5, 2023
    Assignee: NICIRA, INC.
    Inventors: Kaushal Bansal, Uday Masurekar, Srinivas Nimmagadda, Jingmin Zhou, Abhishek Goliya, Amit Chopra, Kausum Kumar
  • Patent number: 11750482
    Abstract: A method of collecting health check metrics for a network is provided. The method, at a deep packet inspector on a physical host in a datacenter, receives a copy of a network packet from a load balancer. The packet includes a plurality of layers. Each layer corresponds to a communication protocol in a plurality of communication protocols. The method identifies an application referenced in the packet. The method analyzes the information in one or more layers of the packet to determine metrics for the source application. The method sends the determined metrics to the load balancer.
    Type: Grant
    Filed: May 28, 2021
    Date of Patent: September 5, 2023
    Assignee: NICIRA, INC.
    Inventors: Alok S. Tiagi, Jayant Jain, Anirban Sengupta, Srinivas Nimmagadda, Rick Lund
  • Patent number: 11522915
    Abstract: Some embodiments provide a method for defining an adaptable monitoring profile for a network. The defined network monitoring profile is independent of the security policy defined for the network and includes one or more log generation rules, each of which defines a logging policy for a set of data compute nodes (DCNs) that share a common attribute. A log generation rule specifies whether the network activities of a set of DCNs that share a common attribute should be logged or not. A log generation rule can also specify other logging parameters such as priority level of the logs and the required logging protocol for transmission of the logs. The logging policy of a log generation rule is associated with a set of service rules (e.g., firewall rules) through a dynamic service group, and is applied to the service rules when any of these rules is triggered.
    Type: Grant
    Filed: March 28, 2020
    Date of Patent: December 6, 2022
    Assignee: NICIRA, INC.
    Inventors: Srinivas Nimmagadda, Jayant Jain, Anirban Sengupta
  • Patent number: 11457043
    Abstract: A device may receive policy information associated with a first application group and a second application group. The device may receive network topology information associated with a network. The device may generate a first policy based on the policy information and the network topology information, and generate a second policy based on the policy information and the network topology information. The device may provide, to the virtual network device, information associated with the first policy to permit the virtual network device to implement the first policy in association with network traffic transferred between the first application group and the second application group. The device may provide, to the physical network device, information associated with the second policy to permit the physical network device to implement the second policy in association with network traffic transferred between the first application group and the second application group.
    Type: Grant
    Filed: December 31, 2019
    Date of Patent: September 27, 2022
    Assignee: Juniper Networks, Inc.
    Inventors: Srinivas Nimmagadda, Rakesh Kumar, Prakash T. Seshadri, Sriram Subramanian
  • Publication number: 20220173985
    Abstract: A method for visualizing network flows of a network is provided. The method monitors network flows between a group of machines in a network. The method associates identifiers with the monitored network flows. The method aggregates the monitored network flows into a set of groups based on the associated identifiers. The method displays a set of flow records for the each group of the set of groups.
    Type: Application
    Filed: February 21, 2022
    Publication date: June 2, 2022
    Inventors: Kaushal Bansal, Uday Masurekar, Srinivas Nimmagadda, Jingmin Zhou, Abhishek Goliya, Amit Chopra, Kausum Kumar
  • Patent number: 11258681
    Abstract: A method for visualizing network flows of a network is provided. The method monitors network flows between a group of machines in a network. The method associates identifiers with the monitored network flows. The method aggregates the monitored network flows into a set of groups based on the associated identifiers. The method displays a set of flow records for the each group of the set of groups.
    Type: Grant
    Filed: September 25, 2017
    Date of Patent: February 22, 2022
    Assignee: NICIRA, INC.
    Inventors: Kaushal Bansal, Uday Masurekar, Srinivas Nimmagadda, Jingmin Zhou, Abhishek Goliya, Amit Chopra, Kausum Kumar
  • Publication number: 20210288893
    Abstract: A method of collecting health check metrics for a network is provided. The method, at a deep packet inspector on a physical host in a datacenter, receives a copy of a network packet from a load balancer. The packet includes a plurality of layers. Each layer corresponds to a communication protocol in a plurality of communication protocols. The method identifies an application referenced in the packet. The method analyzes the information in one or more layers of the packet to determine metrics for the source application. The method sends the determined metrics to the load balancer.
    Type: Application
    Filed: May 28, 2021
    Publication date: September 16, 2021
    Inventors: Alok S. Tiagi, Jayant Jain, Anirban Sengupta, Srinivas Nimmagadda, Rick Lund
  • Patent number: 11070589
    Abstract: A device may receive information identifying a set of conditions related to controlling implementation of a set of security rules. The set of conditions may be associated with a set of security actions that a device is to perform based on whether the set of conditions is satisfied. The device may determine the set of security rules that is to be controlled by the set of conditions using information related to the set of security rules. The device may modify information related to the set of security rules to cause the implementation of the set of security rules to be controlled by the set of conditions. The modification to cause the device to process the set of security rules to dynamically implement the set of security actions based on satisfaction of the set of conditions. The device may perform an action after modifying the information.
    Type: Grant
    Filed: June 29, 2017
    Date of Patent: July 20, 2021
    Assignee: Juniper Networks, Inc.
    Inventors: Srinivas Nimmagadda, Rakesh Kumar, Prakash T. Seshadri
  • Patent number: 11025514
    Abstract: A method of collecting health check metrics for a network is provided. The method, at a deep packet inspector on a physical host in a datacenter, receives a copy of a network packet from a load balancer. The packet includes a plurality of layers. Each layer corresponds to a communication protocol in a plurality of communication protocols. The method identifies an application referenced in the packet. The method analyzes the information in one or more layers of the packet to determine metrics for the source application. The method sends the determined metrics to the load balancer.
    Type: Grant
    Filed: January 13, 2016
    Date of Patent: June 1, 2021
    Assignee: NICIRA, INC.
    Inventors: Alok S. Tiagi, Jayant Jain, Anirban Sengupta, Srinivas Nimmagadda, Rick Lund
  • Publication number: 20210099472
    Abstract: A device receives information identifying a specific host threat to a network, where the information includes a list of network addresses associated with the specific host threat. The device identifies network elements, of the network, associated with the specific host threat to the network, and determines a network control system associated with the identified network elements. The device determines a policy enforcement group of network elements, of the identified network elements, that maps to the list of network addresses associated with the specific host threat, where the network control system is associated with the policy enforcement group of network elements. The device determines a threat policy action to enforce for the specific host threat, and causes, via the network control system, the threat policy action to be enforced by the policy enforcement group of network elements.
    Type: Application
    Filed: December 11, 2020
    Publication date: April 1, 2021
    Inventors: Srinivas NIMMAGADDA, Jeffrey S. MARSHALL, Sunil G. RAWOORKAR, Srinivasan VEERARAGHAVAN, Prakash T. SESHADRI
  • Publication number: 20210075810
    Abstract: A device receives network segment information identifying network segments associated with a network, and receives endpoint host session information identifying sessions associated with endpoint hosts communicating with the network. The device generates, based on the network segment information and the endpoint host session information, a data structure that includes information associating the network segments with the sessions associated with the endpoint hosts. The device updates the data structure based on changes in the sessions associated with the endpoint hosts and based on changes in locations of the endpoint hosts within the network segments, and identifies, based on the data structure, a particular endpoint host, of the endpoint hosts, that changed locations within the network segments. The device determines a threat policy action to enforce for the particular endpoint host, and causes the threat policy action to be enforced, by the network, for the particular endpoint host.
    Type: Application
    Filed: November 18, 2020
    Publication date: March 11, 2021
    Inventors: Prakash T. Seshadri, Binh Phu Le, Srinivas Nimmagadda, Jeffrey S. Marshall, Kartik krishnan S. Iyyer
  • Patent number: 10944793
    Abstract: A device may receive first information associated with a set of security rules. The first information may identify a set of security actions a device is to implement when the set of security rules applies to traffic. The device may determine a manner in which the set of security rules is to apply using the first information. The device may determine whether the manner in which the set of security rules is to apply and an intent of a network security policy or a manner in which a set of previously defined security rules is to apply match to determine whether the set of security rules conflicts with the network security policy or whether the set of security rules and the set of previously defined security rules are related. The device may perform an action.
    Type: Grant
    Filed: June 29, 2017
    Date of Patent: March 9, 2021
    Assignee: Juniper Networks, Inc.
    Inventors: Srinivas Nimmagadda, Rakesh Kumar, Prakash T. Seshadri
  • Publication number: 20210014119
    Abstract: A device receives policy information indicating a policy to be implemented for an application hosted by multiple cloud domains, and receives, from the multiple cloud domains, different application resource tags and addresses associated with the application. The device maps the different application resource tags to a generic identifier, and associates the policy with the generic identifier and with the addresses associated with the application. The device provides, based on associating the policy with the generic identifier and with the addresses associated with the application, the policy to the multiple cloud domains to permit the multiple cloud domains to implement the policy.
    Type: Application
    Filed: September 25, 2020
    Publication date: January 14, 2021
    Inventors: Prakash T. Seshadri, Sunil G. RAWOORKAR, Yasmin ZARINA, Srinivas NIMMAGADDA, Jeffrey S. MARSHALL, Krishnaiah GOGINENI, Kartik Krishnan S. IYYER