Patents by Inventor Sunil Cherukuri

Sunil Cherukuri has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Publication number: 20180267990
    Abstract: One embodiment includes identifying a common file associated with a first software container deployed on a host; adding a single copy of the common file to a common file pool maintained by the host, removing the common file from the first container and replacing it with a pointer to the copy of the common file in the shared file pool, and removing the common file from the first container and replacing it with a pointer to the copy of the common file in the shared file pool; identifying at least one unique file associated with the first container; and moving the unique file to the common file pool maintained by the host and removing the unique file from the first container and replacing it with a pointer to the copy of the unique file in the shared file pool.
    Type: Application
    Filed: March 16, 2017
    Publication date: September 20, 2018
    Applicant: CISCO TECHNOLOGY, INC.
    Inventors: Sunil Cherukuri, Xiao Hu Gao, Alexander B. Altman
  • Publication number: 20180167450
    Abstract: Disclosed are systems, methods, and computer-readable storage media for adaptive load balancing for application chains. A load-balancer can receive a data packet for a connection/transaction to be routed through an application chain. The load-balancer can select, based on an application path table, a first end-to-end application path through the application chain. The application path table can identify two or more end-to-end application paths through the application chain along with a corresponding performance status for each end-to-end application path through the application chain. The performance status for an application path can indicate a performance level of the end-to-end application path determined based on performance of previous data packets for previous connections transmitted through the application chain according to the end-to-end application path.
    Type: Application
    Filed: December 9, 2016
    Publication date: June 14, 2018
    Inventors: Sunil Cherukuri, Xiao Hu Gao, Alexander B. Altman
  • Patent number: 9979622
    Abstract: In one embodiment, a cloud network provides cloud services to the one or more clients, where data usage of each client is monitored on a per client basis. If the data usage of any client is above a first predetermined threshold, then a WAN optimization platform is automatically implemented within the cloud network for the client having the data usage determined to be above the first predetermined threshold.
    Type: Grant
    Filed: July 30, 2013
    Date of Patent: May 22, 2018
    Assignee: Cisco Technology, Inc.
    Inventors: Haseeb Niazi, Sunil Cherukuri, Mohammed Khalid
  • Publication number: 20180062944
    Abstract: A method is described and in one embodiment includes intercepting an API call destined for an application executing on a host server; accessing a Service Level Agreement (“SLA”) profile for the application, wherein the SLA indicates performance guarantees for the application; determining resource utilization for the host server and resource utilization for the current application and other applications running on that server; comparing the performance guarantees with the host server and application resource utilization to determine whether performance guarantees can be met if the API call is forwarded to the application based on the host server resource utilization; and, if it determined that the performance guarantees cannot be met if the API call is forwarded to the application, refraining from forwarding the API call to the application.
    Type: Application
    Filed: September 1, 2016
    Publication date: March 1, 2018
    Applicant: CISCO TECHNOLOGY, INC.
    Inventors: Alexander B. Altman, Sunil Cherukuri, Xiao Hu Gao
  • Patent number: 9444789
    Abstract: An example method includes receiving a request for a cloud capability set during an Internet Key Exchange negotiation associated with a virtual private network (VPN) tunnel between a subscriber and a cloud, wherein the cloud capability set comprises one or more cloud capabilities, mapping the request to one or more cryptographic modules that can support the cloud capability set, and offloading the VPN tunnel to the one or more cryptographic modules. The request can be an Internet Security Association and Key Management Protocol (ISAKMP) packet listing the one or more cloud capabilities in a private payload. The method may further include splitting the VPN tunnel between the cryptographic modules if no single cryptographic module can support substantially all the cloud capabilities in the cloud capability set. In some embodiments, the request is compared with a service catalog comprising authorized cloud capabilities.
    Type: Grant
    Filed: August 27, 2014
    Date of Patent: September 13, 2016
    Assignee: CISCO TECHNOLOGY, INC.
    Inventors: Sunil Cherukuri, Mohamed Khalid, Brian Cinque
  • Patent number: 9313171
    Abstract: A device and method are provided to provide multi-exit firewall capabilities for cloud server or cloud service deployments without prior knowledge of reachability information of a client device where the client device may belong to one of several networks accessing the cloud server or cloud service. The reachability information may be derived based on flow of data to and from the client device in response to a data transfer initiation request. A firewall connection table may be updated to record routability to the client device comprising the derived reachability information. The recorded reachability information in the connection table may be used for the data transfer with the client device instead of a default route in a routing table.
    Type: Grant
    Filed: November 19, 2013
    Date of Patent: April 12, 2016
    Assignee: Cisco Technology, Inc.
    Inventors: Sunil Cherukuri, Xiao Hu Gao, Goran Saradzic
  • Patent number: 9210223
    Abstract: In one embodiment, a first network device receives a priority message from a second network device, wherein the priority message conforms to a connection establishment protocol and indicates a priority associated with the second network device. The first network device obtains the priority from the priority message and stores the priority. The first network device allocates resources for at least one of control or data plane processing to the second network device in accordance with the priority.
    Type: Grant
    Filed: August 23, 2014
    Date of Patent: December 8, 2015
    Assignee: Cisco Technology, Inc.
    Inventors: Mohamed Khalid, Sunil Cherukuri, Haseeb Sarwar Niazi, Muhammad Afaq Khan
  • Publication number: 20150143501
    Abstract: A device and method are provided to provide multi-exit firewall capabilities for cloud server or cloud service deployments without prior knowledge of reachability information of a client device where the client device may belong to one of several networks accessing the cloud server or cloud service. The reachability information may be derived based on flow of data to and from the client device in response to a data transfer initiation request. A firewall connection table may be updated to record routability to the client device comprising the derived reachability information. The recorded reachability information in the connection table may be used for the data transfer with the client device instead of a default route in a routing table.
    Type: Application
    Filed: November 19, 2013
    Publication date: May 21, 2015
    Applicant: Cisco Technology, Inc.
    Inventors: Sunil Cherukuri, Xiao Hu Gao, Goran Saradzic
  • Publication number: 20150039744
    Abstract: In one embodiment, a cloud network provides cloud services to the one or more clients, where data usage of each client is monitored on a per client basis. If the data usage of any client is above a first predetermined threshold, then a WAN optimization platform is automatically implemented within the cloud network for the client having the data usage determined to be above the first predetermined threshold.
    Type: Application
    Filed: July 30, 2013
    Publication date: February 5, 2015
    Applicant: Cisco Technology, Inc.
    Inventors: Haseeb Niazi, Sunil Cherukuri, Mohammed Khalid
  • Publication number: 20140372761
    Abstract: An example method includes receiving a request for a cloud capability set during an Internet Key Exchange negotiation associated with a virtual private network (VPN) tunnel between a subscriber and a cloud, wherein the cloud capability set comprises one or more cloud capabilities, mapping the request to one or more cryptographic modules that can support the cloud capability set, and offloading the VPN tunnel to the one or more cryptographic modules. The request can be an Internet Security Association and Key Management Protocol (ISAKMP) packet listing the one or more cloud capabilities in a private payload. The method may further include splitting the VPN tunnel between the cryptographic modules if no single cryptographic module can support substantially all the cloud capabilities in the cloud capability set. In some embodiments, the request is compared with a service catalog comprising authorized cloud capabilities.
    Type: Application
    Filed: August 27, 2014
    Publication date: December 18, 2014
    Applicant: CISCO TECHNOLOGY, INC.
    Inventors: Sunil Cherukuri, Mohamed Khalid, Brian Cinque
  • Publication number: 20140365672
    Abstract: In one embodiment, a first network device receives a priority message from a second network device, wherein the priority message conforms to a connection establishment protocol and indicates a priority associated with the second network device. The first network device obtains the priority from the priority message and stores the priority. The first network device allocates resources for at least one of control or data plane processing to the second network device in accordance with the priority.
    Type: Application
    Filed: August 23, 2014
    Publication date: December 11, 2014
    Inventors: Mohamed KHALID, Sunil CHERUKURI, Haseeb Sarwar NIAZI, Muhammad Afaq Khan
  • Patent number: 8862883
    Abstract: An example method includes receiving a request for a cloud capability set during an Internet Key Exchange negotiation associated with a virtual private network (VPN) tunnel between a subscriber and a cloud, wherein the cloud capability set comprises one or more cloud capabilities, mapping the request to one or more cryptographic modules that can support the cloud capability set, and offloading the VPN tunnel to the one or more cryptographic modules. The request can be an Internet Security Association and Key Management Protocol (ISAKMP) packet listing the one or more cloud capabilities in a private payload. The method may further include splitting the VPN tunnel between the cryptographic modules if no single cryptographic module can support substantially all the cloud capabilities in the cloud capability set. In some embodiments, the request is compared with a service catalog comprising authorized cloud capabilities.
    Type: Grant
    Filed: May 16, 2012
    Date of Patent: October 14, 2014
    Assignee: Cisco Technology, Inc.
    Inventors: Sunil Cherukuri, Mohamed Khalid, Brian Cinque
  • Patent number: 8850521
    Abstract: In one embodiment, a first network device receives a priority message from a second network device, wherein the priority message conforms to a connection establishment protocol and indicates a priority associated with the second network device. The first network device obtains the priority from the priority message and stores the priority. The first network device allocates resources for at least one of control or data plane processing to the second network device in accordance with the priority.
    Type: Grant
    Filed: August 4, 2009
    Date of Patent: September 30, 2014
    Assignee: Cisco Technology, Inc.
    Inventors: Mohamed Khalid, Sunil Cherukuri, Haseeb Sarwar Niazi, Muhammad Afaq Khan
  • Patent number: 8650618
    Abstract: Apparatus, methods, and other embodiments associated with providing service insertion architecture (SIA) differentiated services in a virtual private network (VPN) environment are described. Embodiments may provision an authentication, authorization, and accounting (AAA) server with user-to-SIA service-context mapping information. With the AAA server provisioned, embodiments may acquire, in an IPSec VPN hub, during IPSec tunnel user authentication, from the AAA server, the user-to-SIA service-context mapping information. With the mapping information available, embodiments may dynamically map an SIA service to an IPSec VPN tunnel user based on the service information acquired from the Service Broker or Pseudo-Service Broker.
    Type: Grant
    Filed: July 22, 2009
    Date of Patent: February 11, 2014
    Assignee: Cisco Technology, Inc.
    Inventors: Rajiv Asati, Mohamed Khalid, Sunil Cherukuri, Kenneth A. Durazzo, Shree Murthy
  • Publication number: 20130311778
    Abstract: An example method includes receiving a request for a cloud capability set during an Internet Key Exchange negotiation associated with a virtual private network (VPN) tunnel between a subscriber and a cloud, wherein the cloud capability set comprises one or more cloud capabilities, mapping the request to one or more cryptographic modules that can support the cloud capability set, and offloading the VPN tunnel to the one or more cryptographic modules. The request can be an Internet Security Association and Key Management Protocol (ISAKMP) packet listing the one or more cloud capabilities in a private payload. The method may further include splitting the VPN tunnel between the cryptographic modules if no single cryptographic module can support substantially all the cloud capabilities in the cloud capability set. In some embodiments, the request is compared with a service catalog comprising authorized cloud capabilities.
    Type: Application
    Filed: May 16, 2012
    Publication date: November 21, 2013
    Inventors: Sunil Cherukuri, Mohamed Khalid, Brian Cinque
  • Patent number: 7976346
    Abstract: An interface comprising a docking site having a first electrical connector adapted to interconnect a bus, and having at least one first retainer portion; and an adapter comprising: at least one second retainer portion, wherein the at least one second retainer portion and the at least one first retainer portion are adapted to releasably engage; a second electrical connector, wherein the second electrical connector and the first electrical connector are adapted to engage and interconnect; at least one port adapted to accept at least one modular connector having at least one electrical contact; and at least one electrical interconnect adapted to interconnect the at least one electrical contact with the second electrical connector.
    Type: Grant
    Filed: March 6, 2009
    Date of Patent: July 12, 2011
    Assignee: Cisco Technology, Inc.
    Inventors: Jason Guy, Aamer Akhter, Sunil Cherukuri, Haseeb Niazi, Robert Payment
  • Publication number: 20110035796
    Abstract: In one embodiment, a first network device receives a priority message from a second network device, wherein the priority message conforms to a connection establishment protocol and indicates a priority associated with the second network device. The first network device obtains the priority from the priority message and stores the priority. The first network device allocates resources for at least one of control or data plane processing to the second network device in accordance with the priority.
    Type: Application
    Filed: August 4, 2009
    Publication date: February 10, 2011
    Inventors: Mohamed Khalid, Sunil Cherukuri, Haseeb Sarwar Niazi, Muhammad Afaq Khan
  • Publication number: 20110023090
    Abstract: Apparatus, methods, and other embodiments associated with providing service insertion architecture (SIA) differentiated services in a virtual private network (VPN) environment are described. Embodiments may provision an authentication, authorization, and accounting (AAA) server with user-to-SIA service-context mapping information. With the AAA server provisioned, embodiments may acquire, in an IPSec VPN hub, during IPSec tunnel user authentication, from the AAA server, the user-to-SIA service-context mapping information. With the mapping information available, embodiments may dynamically map an SIA service to an IPSec VPN tunnel user based on the service information acquired from the Service Broker or Pseudo-Service Broker.
    Type: Application
    Filed: July 22, 2009
    Publication date: January 27, 2011
    Applicant: CISCO TECHNOLOGY, INC
    Inventors: Rajiv ASATI, Mohamed KHALID, Sunil CHERUKURI, Kenneth A. DURAZZO, Shree MURTHY
  • Publication number: 20100256823
    Abstract: In an example embodiment, a method includes determining the network activity associated with a predetermined area of a building and determining a desired environmental service for the area in response to the activity.
    Type: Application
    Filed: April 4, 2009
    Publication date: October 7, 2010
    Applicant: Cisco Technology, Inc.
    Inventors: Sunil Cherukuri, Mohamed Khalid
  • Publication number: 20100227493
    Abstract: An interface comprising a docking site having a first electrical connector adapted to interconnect a bus, and having at least one first retainer portion; and an adapter comprising: at least one second retainer portion, wherein the at least one second retainer portion and the at least one first retainer portion are adapted to releasably engage; a second electrical connector, wherein the second electrical connector and the first electrical connector are adapted to engage and interconnect; at least one port adapted to accept at least one modular connector having at least one electrical contact; and at least one electrical interconnect adapted to interconnect the at least one electrical contact with the second electrical connector.
    Type: Application
    Filed: March 6, 2009
    Publication date: September 9, 2010
    Applicant: CISCO TECHNOLOGY, INC.
    Inventors: Jason Guy, Aamer Akhter, Sunil Cherukuri, Haseeb Niazi, Robert Payment