Fortinet Patent Applications

APPLICATION-BASED NETWORK PACKET FORWARDING

Granted: August 9, 2018
Application Number: 20180227229
Methods and systems for detecting an application associated with a given IP flow and differentially forwarding packets based on determined application are provided. According to one embodiment, an initial Internet Protocol (IP) packet of an IP flow is received by a network device. An application with which the initial IP packet is associated is determined by the network device. Based on the determined application, a forwarding rule to be applied to the initial IP packet is identified by…

SYSTEM AND METHOD OF DISCOVERING PATHS IN A NETWORK

Granted: August 9, 2018
Application Number: 20180227181
Systems and methods for discovering, testing, and optimizing paths in a network are provided. According to one embodiment, configuration data of a first and second packet forwarding device is obtained by a first and second agent associated with the first and second packet forwarding devices, respectively. Existence of multiple of equal cost links coupling the first and second packet forwarding devices is discovered by a network controller based on the configuration data. For each equal…

LINK LAYER PATH LATENCY PROTOCOL TO MONITOR PER-HOP PATH LATENCY

Granted: August 2, 2018
Application Number: 20180219757
Methods and systems for implementing a link layer path latency protocol (LLPLP) to monitor per-hop path latency are provided. According to one embodiment, a LLPLP message of a first type, including multiple hop records corresponding to multiple hops in a unique set of hops derived from all possible paths between a start node and an end node within the private network, is sent to a source node specified by a first hop record of the multiple hop records. Receipt of the LLPLP message by a…

DETECTION OF UNWANTED ELECTRONIC DEVICES TO PROVIDE, AMONG OTHER THINGS, INTERNET OF THINGS (IoT) SECURITY

Granted: July 5, 2018
Application Number: 20180191775
Systems and methods for detection of undesired/unwanted electronic devices are provided. According to one embodiment, a spectral signature of an electronic device is received by a sensing device configured to detect presence of an unwanted electronic device in proximity to an electronic device environment. The received spectral signature is matched against multiple stored spectral signatures of one or more electronic devices associated with the electronic device environment. When the…

FACILITATING ENFORCEMENT OF SECURITY POLICIES BY AND ON BEHALF OF A PERIMETER NETWORK SECURITY DEVICE BY PROVIDING ENHANCED VISIBILITY INTO INTERIOR TRAFFIC FLOWS

Granted: July 5, 2018
Application Number: 20180191681
Systems and methods for managing network traffic by a perimeter network security device based on internal network traffic or configuration information are provided. According to one embodiment, a network security appliance of a private network receives internal network information collected by multiple Layer 2/3 network devices of the private network. The Layer 2/3 network devices switch/route internal network traffic among multiple internal host devices without the network traffic…

POLARITY RECOGNITION AND SWAPPING FOR DC POWERED DEVICES

Granted: July 5, 2018
Application Number: 20180191157
A system for recognizing and swapping polarity for DC powered devices that includes a polarity detection module that is configured to identify polarity of DC power input, and further configured to send an output to a controller based on identification of polarity of the DC power input. The system includes a power switch array that is operatively coupled with the controller, and wherein the controller, based on the output, can set one or more switches of the power switch array for…

PROACTIVE NETWORK SECURITY ASSESMENT BASED ON BENIGN VARIANTS OF KNOWN THREATS

Granted: July 5, 2018
Application Number: 20180190146
Systems and methods for performing a proactive assessment of the network security of a private network are provided. According to one embodiment, one or more computer systems of a private network and one or more users of the private network are caused to react to a benign variant of a network security threat by deploying the benign variant of the network security threat within the private network. The benign variant of the network security threat is created by leaving in tact symptoms…

RANSOMWARE DETECTION AND DAMAGE MITIGATION

Granted: July 5, 2018
Application Number: 20180189490
Systems and methods for file encrypting malware detection are provided. According to one embodiment, a monitoring module is installed within active processes running on a computer system by a kernel mode driver. Performance of a directory traversal operation on a directory of the computer system is detected by a monitoring module of a first process of the multiple active processes in which a parameter of the traversal operation includes a wildcard character. When a number of…

DNS-ENABLED COMMUNICATION BETWEEN HETEROGENEOUS DEVICES

Granted: June 14, 2018
Application Number: 20180167359
Methods and systems for an IPv4-IPv6 proxy mode for DNS servers are provided. According to one embodiment, a DNS query is received by a network device from a dual-stack client. A determination is made the network device whether a first record type containing an Internet Protocol (IP) address for a server associated with the query exists within a DNS database of the network device. If the first record type exists for the server, then communication is enabled between the client and the…

MANAGEMENT OF CERTIFICATE AUTHORITY (CA) CERTIFICATES

Granted: June 7, 2018
Application Number: 20180159848
Systems and methods for automatically installing CA certificates received from a network security appliance by a client security manager to make the CA certificate become a trusted CA certificate to a client machine are provided. In one embodiment, a client security manager establishes a connection with a network security appliance through a network, wherein the client security manager is configured for managing security of a client at the client side and the network security appliance…

TELECOMMUNICATION TERMINAL

Granted: May 24, 2018
Application Number: 20180145734
A telecommunication terminal that integrated with a wireless access point is provided. According to one embodiment, a telecommunication terminal includes a local area network (LAN) port, a processor, an Internet Protocol (IP) phone unit, a wireless access point unit and a housing. The LAN port is connectable to an enterprise computer network via an Ethernet cable. The processor runs a host operating system (OS). The IP phone unit is implemented as an application that is loaded and run…

DATA LEAK PROTECTION

Granted: May 10, 2018
Application Number: 20180131674
Methods and systems for Data Leak Prevention (DLP) in an enterprise network are provided. According to one embodiment, a network security device maintains a filter database containing multiple filtering rules. Each filtering rule specifies a watermark value, a set of network services for which the filtering rule is active and an action to be taken. Network traffic directed to a destination residing outside of an enterprise network, associated with a particular network service and…

CLOUD BASED LOGGING SERVICE

Granted: May 3, 2018
Application Number: 20180124021
Methods and systems are provided for facilitating access to a cloud-based logging service. According to one embodiment, access to a cloud-based logging service is integrated within a network security appliance by automatically configuring access settings for the logging service and creating an account for the security appliance with the logging service. A log is created within the logging service by making use of the automatically configured access settings and the account. A request is…

FILTERING HIDDEN DATA EMBEDDED IN MEDIA FILES

Granted: May 3, 2018
Application Number: 20180124017
Systems and methods for filtering unsafe content by a network security device are provided. According to one embodiment, a network security device captures network traffic and extracts a media file from the network traffic. The network security device then determines the presence of a hidden data item embedded in the media file in a machine-readable form. When such a hidden data item is identified, the network security device performs one or more actions on the media file based on a…

SECURITY INFORMATION AND EVENT MANAGEMENT

Granted: May 3, 2018
Application Number: 20180124014
Systems and methods are described for conducting work flows by an SIEM device to carry out a complex task automatically. According to one embodiment, an SIEM device may receive a work flow template defining at an abstract level multiple security tasks that are performed by one or more security devices. The SIEM device starts a work flow instance by deriving the work flow instance from the work flow template and scheduling the security tasks to be performed by the one or more security…

STAND-BY CONTROLLER ASSISTED FAILOVER

Granted: May 3, 2018
Application Number: 20180123872
Methods and systems for standby controller aided failover are provided. According to one embodiment, an active control channel and an active data channel are established by an active controller with a managed device via a management protocol. A standby control channel and a standby data channel are established by a standby controller with the managed device via the management protocol. A keep-alive message is periodically sent by the standby controller to the active controller. When a…

MALWARE DETECTION AND CLASSIFICATION BASED ON MEMORY SEMANTIC ANALYSIS

Granted: April 26, 2018
Application Number: 20180114018
Systems and methods for malware detection and classification based on semantic analysis of memory dumps of malware are provided. According to one embodiment, a malware detector running within a computer system causes a sample file to be executed within a target process that is monitored by a process monitor of the malware detector. One or more memory dumps associated with the sample file are captured by the process monitor. A determination regarding whether the sample file represents…

SYSTEM AND METHOD FOR SOFTWARE DEFINED BEHAVIORAL DDOS ATTACK MITIGATION

Granted: March 29, 2018
Application Number: 20180091548
Systems and methods for software defined behavioral DDoS attack mitigation are provided. According to one embodiment, a method is provided for mitigating DDoS attacks. A DDoS attack mitigation appliance of multiple mitigation appliances controlled by a DDoS attack mitigation central controller receives DDoS attack mitigation policies through a network connecting the controller and the mitigation appliance. A DDoS attack is mitigated by the mitigation appliance based on the received…

CALCULATING CONSECUTIVE MATCHES USING PARALLEL COMPUTING

Granted: March 29, 2018
Application Number: 20180089401
Methods and systems for determining consecutive matches are provided. According to one embodiment, a class definition and a data stream are received by a network security device. The data stream is partitioned into multiple data blocks each containing N data segments. Each data block is processed in parallel to compute: (i) a value (F) indicating whether every data segment value meets the class definition; (ii) a value (L) indicating a number of consecutive data segment values meeting…

AUTOMATED CONFIGURATION OF ENDPOINT SECURITY MANAGEMENT

Granted: March 22, 2018
Application Number: 20180084060
Systems and methods for managing configuration of a client security application based on a network environment in which the client device is operating are provided. According to one embodiment, a network connection state of a client device with respect to a private network is determined by a client security application running on the client device. The client security application, then selects a configuration based on the determined network connection state. Finally, the client security…