US 11,936,663 B2
System for monitoring and managing datacenters
Navindra Yadav, Cupertino, CA (US); Abhishek Ranjan Singh, Pleasanton, CA (US); Shashidhar Gandham, Fremont, CA (US); Ellen Christine Scheib, Mountain View, CA (US); Omid Madani, San Carlos, CA (US); Ali Parandehgheibi, Sunnyvale, CA (US); Jackson Ngoc Ki Pang, Sunnyvale, CA (US); Vimalkumar Jeyakumar, Los Altos, CA (US); Michael Standish Watts, Los Altos, CA (US); Hoang Viet Nguyen, Pleasanton, CA (US); Khawar Deen, Sunnyvale, CA (US); Rohit Chandra Prasad, Sunnyvale, CA (US); Sunil Kumar Gupta, Milpitas, CA (US); Supreeth Hosur Nagesh Rao, Cupertino, CA (US); Anubhav Gupta, Fremont, CA (US); Ashutosh Kulshreshtha, Cupertino, CA (US); Roberto Fernando Spadaro, Milpitas, CA (US); Hai Trong Vu, San Jose, CA (US); Varun Sagar Malhotra, Sunnyvale, CA (US); Shih-Chun Chang, San Jose, CA (US); Bharathwaj Sankara Viswanathan, Mountain View, CA (US); Fnu Rachita Agasthy, Sunnyvale, CA (US); and Duane Thomas Barlow, Fremont, CA (US)
Assigned to Cisco Technology, Inc., San Jose, CA (US)
Filed by Cisco Technology, Inc., San Jose, CA (US)
Filed on Nov. 9, 2022, as Appl. No. 18/054,069.
Application 18/054,069 is a continuation of application No. 16/899,190, filed on Jun. 11, 2020, granted, now 11,528,283.
Application 16/899,190 is a continuation of application No. 16/179,027, filed on Nov. 2, 2018, granted, now 10,686,804, issued on Jun. 16, 2020.
Application 16/179,027 is a continuation of application No. 15/134,100, filed on Apr. 20, 2016, granted, now 10,142,353, issued on Nov. 27, 2018.
Claims priority of provisional application 62/171,899, filed on Jun. 5, 2015.
Prior Publication US 2023/0118563 A1, Apr. 20, 2023
This patent is subject to a terminal disclaimer.
Int. Cl. H04L 9/40 (2022.01); H04L 43/04 (2022.01); H04L 43/0894 (2022.01); H04L 43/062 (2022.01)
CPC H04L 63/1408 (2013.01) [H04L 43/04 (2013.01); H04L 43/0894 (2013.01); H04L 63/02 (2013.01); H04L 63/1425 (2013.01); H04L 43/062 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A system comprising:
one or more processors; and
memory storing instructions which, when executed by the one or more processors, cause the one or more processors to:
obtain network data from sensor processes executing in a data center, the network data being at least partly based on operation system states associated with an operating system in the data center;
store connection data describing a connection between endpoints associated with one or more packets transmitted in the data center;
determine a status of the data center based on the network data and the connection data;
detect, based at least partly on the status of the data center, an indication of an attack within the data center; and
in response to the indication of the attack, modify a security policy based on the status of the data center.