Patent application number | Description | Published |
20130073743 | Services controlled session based flow interceptor - In one embodiment, a method includes receiving session information at a traffic interceptor in communication with a plurality of service devices, the session information transmitted from one of the service devices and identifying flows associated with a session and the service device associated with the session, storing the session information at the traffic interceptor, and transmitting traffic received at the traffic interceptor to the service device selected based on the session information. An apparatus is also disclosed. | 03-21-2013 |
20140237137 | SYSTEM FOR DISTRIBUTING FLOW TO DISTRIBUTED SERVICE NODES USING A UNIFIED APPLICATION IDENTIFIER - In one embodiment, a method includes obtaining a flow, identifying an application associated with the flow, and identifying a first unique application identifier (UAID) for the application. The first UAID uniquely identifies the application. The method also includes adding the first UAID to the flow, and routing the flow through a network after adding the first UAID to the flow. | 08-21-2014 |
20160080195 | METHODS AND SYSTEMS FOR SERIAL DEVICE REPLACEMENT WITHIN A BRANCH ROUTING ARCHITECTURE - A method includes deploying in series a plurality of configurable devices in a network configured to communicate with one another via a protocol for exchanging state information wherein at least one of the plurality of configurable devices is in an active state and at least one of the plurality of devices is in a standby state, detecting, by the at least one of the plurality of configurable devices in a standby state, a failure of a configurable device in an active state via a protocol and switching the at least one configurable device in a standby state to an active state. | 03-17-2016 |
20160080211 | METHODS AND SYSTEMS FOR CONTROLLER-BASED DATA FORWARDING RULES WITHOUT ROUTING PROTOCOLS - A method includes determining a plurality of network segments comprising a network, determining a manner in which the plurality of segments are connected, determining network segments and how segments are connected, at least in part, without a routing protocol, discovering a plurality of external network segments via a hub device associated with the network and utilizing the plurality of network segments comprising the network, the manner in which the plurality of segments are connected and the plurality of external network segments. | 03-17-2016 |
20160080212 | METHODS AND SYSTEMS FOR MULTI-TENANT CONTROLLER BASED MAPPING OF DEVICE IDENTITY TO NETWORK LEVEL IDENTITY - A method includes executing at a controller a horizontally scalable service Identity Definitions Manager (IDM) Service, mapping active directory (AD) domains to WAN network elements DNS ROLE and LDAP ROLE, instructing a plurality of network elements associated with a tenant to discover a plurality of AD domains and AD servers in an enterprise using the DNS ROLE, receiving from the plurality of network elements running DNS ROLE information indicative of changes to network attributes selected from the group consisting of AD domains, additions and subtractions of AD servers and changes in an IP address of AD servers and transmitting the received AD domains and AD servers to a tenant administrator and requesting credentials to communicate with added AD servers using LDAP. | 03-17-2016 |
20160080221 | METHODS AND SYSTEMS FOR CONTROLLER-BASED NETWORK TOPOLOGY IDENTIFICATION, SIMULATION AND LOAD TESTING - A method includes receiving information describing an addition of a first site comprising at least one application to an existing network wherein the information is selected from the group consisting of type of site, planned connectivity to the site and planned policies for the site and estimating an impact on the operation of the at least one application and associated network traffic using statistical analysis of monitored data collected from a second site similar to the first site. | 03-17-2016 |
20160080230 | METHODS AND SYSTEMS FOR DETECTION OF ASYMMETRIC NETWORK DATA TRAFFIC AND ASSOCIATED NETWORK DEVICES - A method includes monitoring a plurality of network devices to collect network performance data comprising data flow records of each device on the network and to create a network topology database, accessing the network topology database comprising information on an entry and exit point of each device, the manner in which the devices are connected and a plurality of data flow records on a single data flow from multiple devices on the network and utilizing the network topology database to perform an asymmetric detection algorithm to identify one or more data flows that exited a device via a first path and returned to the device via a different second path. | 03-17-2016 |
20160080250 | METHODS AND SYSTEMS FOR BUSINESS INTENT DRIVEN POLICY BASED NETWORK TRAFFIC CHARACTERIZATION, MONITORING AND CONTROL - A method includes determining a network requirement for at least one application, dynamically determining a link suitable for data transmission in accordance with a policy based at least in part on a current network condition to meet the network requirement and routing one or more application network data flows associated with the at least one application over the link. | 03-17-2016 |
20160080251 | METHODS AND SYSTEMS FOR DYNAMIC PATH SELECTION AND DATA FLOW FORWARDING - A method includes detecting a data flow and an associated originating interface on a network, determining a first link over which to forward the data flow, transmitting the data flow over the determined link, receiving a return data flow and moving a forward direction of the return data flow to a new path if the return data flow arrived via a link other than the first link, wherein all packets following a first packet on the flow are forwarded on the same path as the first packet. | 03-17-2016 |
20160080252 | METHODS AND SYSTEMS FOR APPLICATION SESSION MODELING AND PREDICTION OF GRANULAR BANDWIDTH REQUIREMENTS - A method includes receiving from a networked spoke device information describing network flows to and from an application, analyzing the information to characterize the application in at least one dimension selected from the group consisting of bi-directional bandwidth usage, network response times, application response times, a number of idle and active application sessions and a maximum number of concurrent application sessions and transmitting the dimensions to at least one networked spoke device as traffic profile information. | 03-17-2016 |
20160080268 | METHODS AND SYSTEMS FOR HUB HIGH AVAILABILITY AND NETWORK LOAD AND SCALING - A method includes receiving at a branch device an assigned first hub device and an assigned second hub device associated with a data center, establishing a VPN data tunnel to the assigned first and second hub devices, designating the first hub device as a primary device, designating the second hub device as a secondary device and switching traffic destined for the primary device to the secondary device based, at least in part, on a cost of a link. | 03-17-2016 |
20160080280 | METHODS AND SYSTEMS FOR APPLICATION PERFORMANCE PROFILES, LINK CAPACITY MEASUREMENT, TRAFFIC QUARANTINE AND PERFORMANCE CONTROLS - A method includes issuing a tuned request on a specified active link having an ingress shaper and an egress shaper to a server utilizing a link capacity to an extent in both a forward path and a return path, determining a link capacity for the active link, monitoring the active link and dropping any traffic traveling via the active link when a limit of at least one of the ingress shaper and the egress shaper is exceeded. | 03-17-2016 |
20160080285 | METHODS AND SYSTEMS FOR APPLICATION AND POLICY BASED NETWORK TRAFFIC ISOLATION AND DATA TRANSFER - A method includes allocating an identifier to each of a plurality of policies each comprising a network-isolation identifier associated with a VXWAN directive and transmitting each of the plurality of policies to one or more devices in a network. | 03-17-2016 |