Allwyn M Sequeira

US Patent:

20100333165, Dec 30, 2010

Filed:

Jun 24, 2009

Appl. No.:

12/490773

Inventors:

Debashis BASAK - San Jose CA, US
Rohit Toshniwal - San Jose CA, US
Allwyn Sequeira - Saratoga CA, US

Assignee:

VMware, Inc. - Palo Alto CA

International Classification:

G06F 17/00

US Classification:

726 1, 726 11

Abstract:

A method is provided to control the flow of packets within a system that includes one or more computer networks comprising: policy rules are provided that set forth attribute dependent conditions for communications among machines on the one or more networks; machine attributes and corresponding machine identifiers are obtained for respective machines on the networks; and policy rules are transformed to firewall rules that include machine identifiers of machines having attributes from among the obtained machine attributes that satisfy the attribute dependent policy rules.

US Patent:

20210359945, Nov 18, 2021

Filed:

Jul 26, 2021

Appl. No.:

17/385809

Inventors:

- Palo Alto CA, US
Anirban Sengupta - Saratoga CA, US
Mohan Parthasarathy - Cupertino CA, US
Allwyn Sequeira - Saratoga CA, US
Serge Maskalik - Los Gatos CA, US
Rick Lund - Livermore CA, US

International Classification:

H04L 12/803
H04L 12/707
H04L 12/721
H04L 29/08
H04L 12/911

Abstract:

Some embodiments provide a novel method for load balancing data messages that are sent by a source compute node (SCN) to one or more different groups of destination compute nodes (DCNs). In some embodiments, the method deploys a load balancer in the source compute node's egress datapath. This load balancer receives each data message sent from the source compute node, and determines whether the data message is addressed to one of the DCN groups for which the load balancer spreads the data traffic to balance the load across (e.g., data traffic directed to) the DCNs in the group. When the received data message is not addressed to one of the load balanced DCN groups, the load balancer forwards the received data message to its addressed destination. On the other hand, when the received data message is addressed to one of load balancer's DCN groups, the load balancer identifies a DCN in the addressed DCN group that should receive the data message, and directs the data message to the identified DCN. To direct the data message to the identified DCN, the load balancer in some embodiments changes the destination address (e.g., the destination IP address, destination port, destination MAC address, etc.) in the data message from the address of the identified DCN group to the address (e.g., the destination IP address) of the identified DCN.

US Patent:

20210132980, May 6, 2021

Filed:

Nov 4, 2020

Appl. No.:

17/088951

Inventors:

- Palo Alto CA, US
Allwyn M. SEQUEIRA - Saratoga CA, US
Serge MASKALIK - Los Gatos CA, US
Debashis BASAK - Saratoga CA, US
Akshatha SATHYANARAYAN - San Jose CA, US

International Classification:

G06F 9/455
H04L 29/08

Abstract:

A method of deploying a network service (NS) across multiple data centers includes identifying virtual network functions (VNFs) associated with the NS in response to a request for or relating to the NS, generating commands to deploy VNFs based on VNF descriptors, and issuing the commands to the data centers to deploy VNFs. The data centers each have a cloud management server in which cloud computing management software is run to provision virtual infrastructure resources thereof for a plurality of tenants. The cloud computing management software of a first data center is different from the cloud computing management software of a second data center, and the commands issued to the first and second data centers are each a generic command that is not in a command format of the cloud computing management software of either the first data center or the second data center.

US Patent:

20210132981, May 6, 2021

Filed:

Nov 4, 2020

Appl. No.:

17/088958

Inventors:

- Palo Alto CA, US
Allwyn M. SEQUEIRA - Saratoga CA, US
Serge MASKALIK - Los Gatos CA, US
Debashis BASAK - Saratoga CA, US
Akshatha SATHYANARAYAN - San Jose CA, US

International Classification:

G06F 9/455
G06F 9/54
H04L 29/08

Abstract:

A method of deploying a virtual network function of a network service in a data center having a cloud management server running a cloud computing management software to provision virtual infrastructure resources of the data center to at least one tenant, includes generating at least first and second API calls to the cloud computing management software in response to external commands received at the data center to deploy a virtual network function, and executing at least the first and second API calls by the cloud computing management software to deploy the virtual network function. The cloud computing management software creates at least one virtual machine by executing the first API call and at least one virtual disk by executing the second API call.

US Patent:

20210135957, May 6, 2021

Filed:

Nov 4, 2020

Appl. No.:

17/088981

Inventors:

- Palo Alto CA, US
Allwyn M. SEQUEIRA - Saratoga CA, US
Serge MASKALIK - Los Gatos CA, US
Debashis BASAK - Saratoga CA, US
Mark Bryan WHIPPLE - Cupertino CA, US

International Classification:

H04L 12/24

Abstract:

A method of deploying a network service across multiple data centers, each having a cloud management server running a cloud computing management software to provision virtual infrastructure resources thereof for a first tenant among a plurality of tenants, includes maintaining for each data center static inventory data that indicate virtual infrastructure resources that are available thereat to the first tenant, identifying, in response to a network service request for the first tenant, a virtual network function associated with the network service, generating commands to deploy the virtual network function based on a descriptor of the virtual network function, selecting one of the data centers in which the virtual network function is to be deployed based on the descriptor of the virtual network function and the static inventory data of each data center, and issuing the commands to the selected data center to deploy the virtual network function.

US Patent:

20200220844, Jul 9, 2020

Filed:

Nov 8, 2019

Appl. No.:

16/678738

Inventors:

- Palo Alto CA, US
Rohit TOSHNIWAL - San Jose CA, US
Allwyn SEQUEIRA - Saratoga CA, US

International Classification:

H04L 29/06

Abstract:

A method is provided to control the flow of packets within a system that includes one or more computer networks comprising: policy rules are provided that set forth attribute dependent conditions for communications among machines on the one or more networks; machine attributes and corresponding machine identifiers are obtained for respective machines on the networks; and policy rules are transformed to firewall rules that include machine identifiers of machines having attributes from among the obtained machine attributes that satisfy the attribute dependent policy rules.

US Patent:

20200059403, Feb 20, 2020

Filed:

Aug 20, 2018

Appl. No.:

16/105264

Inventors:

- Palo Alto CA, US
Allwyn Sequeira - Saratoga CA, US
Serge Maskalik - Los Gatos CA, US
Debashis Basak - San Jose CA, US

International Classification:

H04L 12/24
H04L 29/08

Abstract:

An example method of provisioning a network service in a cloud computing system includes: defining, at an orchestrator, the network service to include a plurality of network functions; defining, at the orchestrator, network connectivity among the plurality of network functions; identifying a plurality of vendor device managers (VDMs) configured to provision virtual network functions that implement the plurality of network functions; and instructing, by the orchestrator, the VDMs to deploy the virtual network functions having the defined network connectivity.

US Patent:

20190361727, Nov 28, 2019

Filed:

May 20, 2019

Appl. No.:

16/417519

Inventors:

- Palo Alto CA, US
Serge MASKALIK - Los Gatos CA, US
Allwyn SEQUEIRA - Saratoga CA, US
Debashis BASAK - San Jose CA, US

International Classification:

G06F 9/455
H04L 29/08

Abstract:

Techniques disclosed herein relate to migrating virtual computing instances such as virtual machines (VMs). In one embodiment, VMs are migrated across different virtual infrastructure platforms by, among other things, translating between resource models used by virtual infrastructure managers (VIMs) that manage the different virtual infrastructure platforms. VM migrations may also be validated prior to being performed, including based on resource policies that define what is and/or is not allowed to migrate, thereby providing compliance and controls for borderless data centers. In addition, an agent-based technique may be used to migrate VMs and physical servers to virtual infrastructure, without requiring access to an underlying hypervisor layer.