Fortinet Patent Applications

INTENT-BASED ORCHESTRATION OF INDEPENDENT AUTOMATIONS

Granted: March 28, 2024
Application Number: 20240103911
Systems and methods for intent-based orchestration of independent automations are provided. Examples described herein alleviate the complexities and technical challenges associated with deploying, provisioning, configuring, and managing configurable endpoints, including network devices, network security systems, cloud-based security services (e.g., provided by or representing a Secure Access Service Edge (SASE) platform), and other infrastructure, on behalf of numerous customers (or…

DETECTING MALICIOUS BEHAVIOR IN A NETWORK USING SECURITY ANALYTICS BY ANALYZING PROCESS INTERACTION RATIOS

Granted: February 29, 2024
Application Number: 20240070267
Systems and methods for detecting malicious behavior in a network by analyzing process interaction ratios (PIRs) are provided. According to one embodiment, information regarding historical process activity is maintained. The historical process activity includes information regarding various processes hosted by computing devices of a private network. Information regarding process activity within the private network is received for a current observation period. For each process, for each…

SYSTEMS AND METHODS FOR FINE GRAINED FORWARD TESTING FOR A ZTNA ENVIRONMENT

Granted: February 8, 2024
Application Number: 20240048564
Systems, devices, and methods are discussed for forward testing rule sets at a granularity that is less than all activity on the network. In some cases, the granularity is that of an individual application.

SYSTEMS AND METHODS FOR FINE GRAINED FORWARD TESTING FOR A ZTNA ENVIRONMENT

Granted: February 8, 2024
Application Number: 20240048564
Systems, devices, and methods are discussed for forward testing rule sets at a granularity that is less than all activity on the network. In some cases, the granularity is that of an individual application.

SYSTEMS AND METHODS FOR SECURITY ENHANCED DOMAIN CATEGORIZATION

Granted: January 11, 2024
Application Number: 20240015181
Systems, devices, and methods are discussed for mitigating security threats due to web-domain characteristic changes.

SYSTEMS AND METHODS FOR PREVENTING DATA LEAKS OVER RTP OR SIP

Granted: January 11, 2024
Application Number: 20240015139
Systems, devices, and methods are discussed for avoiding data thefts in real-time transactions.

SYSTEMS AND METHODS FOR SECURITY ENHANCED DOMAIN CATEGORIZATION

Granted: January 11, 2024
Application Number: 20240015181
Systems, devices, and methods are discussed for mitigating security threats due to web-domain characteristic changes.

SYSTEMS AND METHODS FOR PREVENTING DATA LEAKS OVER RTP OR SIP

Granted: January 11, 2024
Application Number: 20240015139
Systems, devices, and methods are discussed for avoiding data thefts in real-time transactions.

SYSTEMS AND METHODS FOR CLOUD BASED ROOT SERVICE APPLICATION ACROSS MULTIPLE COOPERATIVE SECURITY FABRICS

Granted: January 4, 2024
Application Number: 20240007438
Systems, devices, and methods are discussed for treating a number of network security devices in a cooperative security fabric using a cloud based root.

SYSTEMS AND METHODS FOR CONTROLLING ACCESS TO AN UNADVERTISED CLOUD-BASED RESOURCE

Granted: October 12, 2023
Application Number: 20230328107
Systems, devices, and methods are discussed for context protected access to an unadvertised cloud-based resource.

SYSTEMS AND METHODS FOR CONTEXT BASED ACCESS CONTROL IN A BRIDGE SERVER

Granted: October 12, 2023
Application Number: 20230328106
Systems, devices, and methods are discussed for context protected access to an air-gapped network resource via a bridge server.

SYSTEMS AND METHODS FOR SECURITY POLICY ORGANIZATION USING A DUAL BITMAP

Granted: September 7, 2023
Application Number: 20230283638
Systems, devices, and methods are discussed for classifying a number of security policies in relation to criteria for applying those security policies to yield a dual bitmap scheme representing a correlation between security policies and one or more criteria.

SYSTEMS AND METHODS FOR SECURITY POLICY APPLICATION BASED UPON A DUAL BITMAP SCHEME

Granted: September 7, 2023
Application Number: 20230283590
Systems, devices, and methods are discussed for identifying security policies applicable to a received information packet based upon a dual bitmap scheme accounting for bit position mergers and/or policies common to multiple bit positions.

SYSTEMS AND METHODS FOR AUTOMATED SD-WAN PERFORMANCE RULE FORMATION

Granted: September 7, 2023
Application Number: 20230283533
Systems, devices, and methods are discussed for defining and monitoring network communication performance in an SD-WAN environment.

MANAGEMENT OF INTERNET OF THINGS (IOT) BY SECURITY FABRIC

Granted: August 24, 2023
Application Number: 20230269224
The present invention relates to a method for managing IoT devices by a security fabric. A method is provided for managing IoT devices comprises collecting, by analyzing tier, data of Internet of Things (IoT) devices from a plurality of data sources, abstracting, by analyzing tier, profiled element baselines (PEBs) of IoT devices from the data, wherein each PEB includes characteristics of IoT devices; retrieving, by executing tier, the PEBs from the analyzing tier, wherein the executing…

SYSTEMS AND METHODS FOR ENHANCED KEY SECURITY IN AN SD-WAN NETWORK ENVIRONMENT

Granted: August 17, 2023
Application Number: 20230261859
Systems, devices, and methods are discussed for leveraging SD-WAN's property of redundant independent paths to enable out of band key exchange using the collection of available paths, dynamically managing link failures to keep the separation whenever possible, and/or signaling availability of quantum-safe data transfer to SD-WAN to enable quantum-safety to be used in SD-WAN policy decisions.

SYSTEMS AND METHODS FOR CONTAINER SERVER PROTECTION

Granted: August 3, 2023
Application Number: 20230247055
Systems, devices, and methods are discussed for enhancing security in a container server environment.

DYNAMIC LEAF DETERMINATION FOR TREE CREATIONS FOR HIGH-SPEED NETWORK POLICY SEARCH DURING DATA PACKET SCANNING

Granted: July 27, 2023
Application Number: 20230239213
During high-speed network policy searching for data packets, an upper limit and a lower limit for a policy count are predefined for a ratio of the policy count to the sum of the policy count and the range count. A policy tree builder generates a policy tree image from a set of recursive operations on the raw policy set including an on-the-fly determination of whether a specific node is a leaf based on a leaf policy count limit, wherein for a selected dimension, the specific node is…

MACHINE LEARNING FOR VISUAL SIMILARITY-BASED PHISHING DETECTION

Granted: July 20, 2023
Application Number: 20230231879
In one embodiment, a similarity index is calculated from characteristics of a suspected phishing web page to a database of known phishing web pages. The characteristics derive from both HTML tags of the suspected phishing web page and a screenshot of the suspected phishing web page. With machine learning using the similarity index as an input, a probability is estimated that the suspected web page comprises a known phishing web page from the database of known phishing web pages. A known…

SYSTEMS AND METHODS FOR PROACTIVELY UPGRADING LOW QUALITY ACCESS CREDENTIALS

Granted: June 8, 2023
Application Number: 20230179586
Systems, devices, and methods are discussed for proactively addressing low quality access credentials in a network environment.