Access point with modular internal/external antenna support
Granted: October 17, 2023
Patent Number:
11791550
An access point has a housing with at least one connector for at least one external antenna and at least one connector for at least one internal antenna. An RF controller detects whether the at least one external antenna is connected to the at least one connector for the at least one external antenna when an open circuit is closed. Responsive to detecting that the at least one external antenna is connected, a first mode in which the at least one internal antenna supports RF capabilities…
Selectively applying dynamic malware analysis to software files based on compression type in a software security system
Granted: October 17, 2023
Patent Number:
11790086
A file is received from external to the gateway device and, prior to runtime, the received file is detected as being compressed. Also before runtime, a compression type of the received file is differentiated as packed, protected, and/or archived. Identification of a specific packer, a specific protector or a specific archiver corresponding to the compression type is attempted. Responsive to successful identification, the received file is decompressed and a static type of malware analysis…
Determination of a security rating of a network element
Granted: September 26, 2023
Patent Number:
11770403
Systems and methods for a security rating framework that translates compliance requirements to corresponding desired technical configurations to facilitate generation of security ratings for network elements is provided. According to one embodiment, a host network element executes a collection of security checks on at least a first network element. The execution is performed by receiving configuration data of the first network element pertaining to each security check of the collection…
Systems and methods for network device discovery and vulnerability assessment
Granted: September 26, 2023
Patent Number:
11770402
Various embodiments are discussed that provide systems and methods for identifying possible unsecured devices on a network. In some cases, embodiments discussed relate to systems and methods for identifying possible unsecured devices; clustering the identified devices with other similar devices, and/or determining default or simplified access processes for a given cluster of the identified devices.
Dynamic service-based load balancing in a software-defined wide area network (SD-WAN)
Granted: September 19, 2023
Patent Number:
11765089
Systems and methods for dynamic service-based load balancing in an SD-WAN are provided. According to one embodiment, a subnet assigned to a client device by a hub network of the SD-WAN and one or more attributes of a path or a route to a group of clients within the subnet are received by a first process of an SD-WAN controller via a dynamic routing protocol. A tagged subnet is generated by the first process by tagging the subnet with a route tag corresponding to the one or more…
Leveraging operation, administration and maintenance protocols (OAM) to add ethernet level intelligence to software-defined wide area network (SD-WAN) functionality
Granted: September 19, 2023
Patent Number:
11765059
System and methods for enabling SD-WAN functionality to respond to Ethernet level OAM-related events are provided. According to an embodiment, a Software-Defined Network Wide Area Network (SD-WAN) module of a network device operating as both an SD-WAN node and a Maintenance Entity Group Endpoint (MEP) receives Operation, Administration and Maintenance (OAM) information via one of multiple OAM-enabled links of the network device. The SD-WAN module determines based on the OAM information,…
Joint facial feature extraction and facial image quality estimation using a deep neural network (DNN) trained with a custom-labeled training dataset and having a common DNN backbone
Granted: June 27, 2023
Patent Number:
11688200
Systems and methods for joint feature extraction and quality prediction using a shared machine learning model backbone and a customized training dataset are provided. According to an embodiment, a computer system receives a training dataset including example images each labeled with a particular category of a set of categories, and trains a deep neural network (DNN) based on the training dataset to jointly perform for an input image (i) facial feature extraction in accordance with the…
Elimination of old IPV6 addresses from WLAN stations in DHCPV6 stateful mode after transitioning between VLANs
Granted: June 20, 2023
Patent Number:
11683680
A Wi-Fi controller identifies a mismatch between a first prefix of a first IPv6 address for a data packet corresponding to a first VLAN on which the data packet was sent from the station to the access point, and a prefix of a second IPv6 address for a second VLAN from which the data packet was transmitted from the access point to the Wi-Fi controller. Responsive to the VLAN mismatch identification, the Wi-Fi controller transmits a DHCP reconfiguration packet to the station using the…
Malware identification using multiple artificial neural networks
Granted: June 20, 2023
Patent Number:
11681803
Systems and methods for malware detection using multiple neural networks are provided. According to one embodiment, for each training sample, a supervised learning process is performed, including: (i) generating multiple code blocks of assembly language instructions by disassembling machine language instructions contained within the training sample; (ii) extracting dynamic features corresponding to each of the code blocks by executing each of the code blocks within a virtual environment;…
Ethernet key
Granted: June 13, 2023
Patent Number:
11677743
A Compact computing device with peer-to-peer communication through an Ethernet interface is provided. According to one embodiment, a compact computing device includes an Ethernet interface, an Ethernet discovery agent, a memory and a micro-controller. The Ethernet interface is capable of connecting to a host though an Ethernet link. One side wall of the compact shielding case accommodates only the Ethernet interface. The Ethernet discovery agent is capable of discovering the host to…
Systems and methods for incorporating automated remediation into information technology incident solutions
Granted: June 13, 2023
Patent Number:
11677615
Various approaches for providing network maintenance and health monitoring. In some cases, some approaches include systems, methods, and/or devices that provide for receiving and cataloging network incidents and invoking automated remediation in relation to network incidents.
Intelligent selection of physical layer transmission types in 802.11AX based Wi-Fi networks
Granted: May 23, 2023
Patent Number:
11658707
A transmission type is determined for a specific station on a Wi-Fi network. A transmission type of OFDMA is selected responsive to the mobility value for the specific station meeting a mobility threshold. A transmission type of MU-MIMO is selected responsive to the similarity value for the specific station meeting a similarity threshold. A transmission type of SU-MIMO is selected responsive to the specific station not meeting the similarity threshold. The network interface transmits…
RU (resource unit)—based medium access control for suppressing airtime of quarantined stations on Wi-Fi communication networks
Granted: March 28, 2023
Patent Number:
11617123
Airtime network policies for quarantined station network policies are stored in a database for application to quarantined stations. Quarantined stations are moved from a first VLAN to a quarantine VLAN with a dedicated BSSID on the Wi-Fi communication network. An RU airtime allocation module of the access point allocates airtime RUs for suppression of some or all transmissions from the quarantined stations. The airtime RU allocation module determines an amount of RUs for access to…
Systems and methods for indicating connection relevance in a network environment
Granted: March 28, 2023
Patent Number:
11616693
Systems, devices, and methods are discussed for memory efficient network use modeling.
Managing station connectivity in microcell Wi-Fi environment on a data communication network
Granted: March 21, 2023
Patent Number:
11611933
In a microcell environment, access points with a probe-if-assigned setting configured to delay probe responses to probe requests is registered and managed by a Wi-Fi controller. Probe requests are received and forwarded from at least two of the plurality of access points from a specific station attempting to connect to the Wi-Fi communication network. A Wi-Fi assignment module receives RSSI measurements from the at least two access points with respect to the specific access point, during…
Preventing wireless connections to an unauthorized access point on a data communication network using NAV values
Granted: March 7, 2023
Patent Number:
11601813
Broadcasts of a probe request are detected from a wireless station with the MAC address for an unauthorized access point in order to begin association between the wireless station and the unauthorized access point. Responsive to the probe request detection, a spoofed probe response is transmitted including a MAC address of the unauthorized access point to the station to appear as if sent by the unauthorized access point. The probe response includes a NAV element and the MAC address of…
Adjusting behavior of an endpoint security agent based on network location
Granted: March 7, 2023
Patent Number:
11601438
Systems and methods for adjusting the behavior of an endpoint security agent based on a network location are provided. According to an embodiment, an agent of an endpoint device identifies whether a security service of a cloud-based security service is not reachable or is unresponsive. The security service is associated with a particular security function implemented by the agent. When the security service is not reachable or is unresponsive, the agent further determines whether the…
Deploying idle transceivers for rapid connection of Wi-Fi clients
Granted: February 28, 2023
Patent Number:
11595868
Responsive to receiving a probe request at an idle transceiver over a first channel from a Wi-Fi client and a determination that the Wi-Fi client is not currently associated with the access point for service, a second channel being used for client service is identified. A probe response frame is generated including a CSA (channel switch announcement) indicating the second channel and transmitted to the Wi-Fi client causing authentication over the second channel. The Wi-Fi client is then…
Detecting access points located within proximity of a computing device for troubleshooting of a network
Granted: February 21, 2023
Patent Number:
11588699
Systems and methods for detecting access points proximate to a mobile computing device to facilitate wireless network troubleshooting and management of the access points are provided. According to an embodiment, a mobile application, running on a mobile device that is operating within a physical environment, discovers a subset of wireless access points (APs) of various managed APs of a private network that are proximate to the mobile device by receiving short-range beacons originated by…
Leveraging user-behavior analytics for improved security event classification
Granted: February 21, 2023
Patent Number:
11588839
Systems and methods for improving security event classification by leveraging user-behavior analytics are provided. According to an embodiment, a UEBA-based security event classification service of a cloud-based security platform maintains information regarding historical user behavior of various users of an enterprise network. An endpoint protection platform running on an endpoint device that is part of the enterprise network performs an initial classification of the event, based on…
