GLOBAL VISIBILITY FOR VIRTUAL PRIVATE NETWORK (VPN) CONDITIONS FOR ROUTING OPTIMIZATIONS
Granted: August 29, 2024
Application Number:
20240291760
A local spoke is configured with a hub that serves at least one remote spoke equipped with a plurality of IPSEC endpoint interfaces for routing traffic according to a routing table of the hub. A first routing path is received to the at least one remote spoke for dynamic VPN with a first IPSEC endpoint selected by the hub based on a Reply message without consideration of first link quality of the remote spoke relative to other available links. In another embodiment, an ADVPN shortcut is…
AUTOMATIC DETECTION OF MALWARE FAMILIES AND VARIANTS WITHOUT THE PRESENCE OF MALWARE FILES BASED ON STRUCTURE PRESENTATION
Granted: August 29, 2024
Application Number:
20240289453
A string sample is received from a file in real-time and the string sample is converted to a Tetra code and used to search a database of Tetra code samples, organized by family and then by variant. It is determined whether the real-time Tetra code fits any family mask, and if not a new family mask is created. It is also determined whether real-time Tetra code fits any variant mask within the family mask, and if not, a new variant mask is created. The real-time Tetra code is stored in the…
SYSTEMS AND METHODS FOR RAPID NATURAL LANGUAGE BASED MESSAGE CATEGORIZATION
Granted: August 1, 2024
Application Number:
20240256654
Systems, devices, and methods are disclosed in relation to a system for natural language based message categorization designed to identify text from a particular topic from a potentially inexhaustible set of potential topics. In one of many possible implementations, a vector space model is first used to translate text into a vector representation. This vector is used to determine if the text can be recreated by swapping words and phrases from a training corpus of documents. This is done…
SYSTEMS AND METHODS FOR SECURE, SCALABLE ZERO TRUST SECURITY PROCESSING
Granted: July 18, 2024
Application Number:
20240244086
Various approaches for providing scalable network access processing. In some cases, approaches discussed relate to systems and methods for providing scalable zero trust network access control.
SYSTEMS AND METHODS FOR SECURITY POLICY ORGANIZATION USING A DUAL BITMAP
Granted: July 18, 2024
Application Number:
20240244085
Systems, devices, and methods for correlating security policies to received packets are provided. In one example, a network device, maintains information regarding multiple security policies within a dual bitmap based search tree including a first bitmap and a second bitmap formatted as information embedded in a node structure. A packet is received by the network. A first field of the packet is compared with a first range, corresponding to a first bit location in the first bitmap in…
RESOLVING THE DISPARATE IMPACT OF SECURITY EXPLOITS TO RESOURCES WITHIN A RESOURCE GROUP
Granted: July 18, 2024
Application Number:
20240244069
Systems, methods, and apparatuses enable one or more security microservices to resolve the disparate impact of security exploits to resources within a resource group. When a resource group is determined to be impacted by a security exploit, the one or more security microservices determines whether the members of the resource group are disparately impacted. In response, the one or more security microservices splits the resource group into an impacted resource group and a non-impacted…
SYSTEMS AND METHODS FOR ENHANCING EFFICIENCY IN CALL DISTRIBUTION
Granted: July 11, 2024
Application Number:
20240236659
Various approaches for call distribution in a communication network are discussed. In some embodiments, systems and methods for enhancing call distribution efficiency are discussed that include selective encryption application.
SYSTEMS AND METHODS FOR DYNAMIC NETWORK BAITING
Granted: July 11, 2024
Application Number:
20240236125
Various embodiments provide systems and methods systems and methods for dynamically attracting malicious network behavior.
SYSTEMS AND METHODS FOR REDUCING FRAME LOSS IN A NETWORK PROCESSING SYSTEM
Granted: July 11, 2024
Application Number:
20240236039
Various embodiments provide multi-path traffic filtering devices and methods for using such.
BANDWIDTH SELECTION IN WI-FI 7 ACCESS POINTS
Granted: July 4, 2024
Application Number:
20240224311
A threshold usage of the primary channel transmission bandwidth is detected exceeding a predetermined value, triggering a second mode. Responsive to reaching the threshold usage detection, a puncturing pattern is activated to transmit data frames over the remaining channel transmission bandwidth while continuing to transmit management frames over the primary channel transmission bandwidth. Responsive to reaching the threshold usage detection, data packets are separated using RU…
ALLOCATION OF MULTI RESOURCE UNITS TO WI-FI STATIONS
Granted: July 4, 2024
Application Number:
20240224310
A size of a data packet being transmitted downlink to a specific Wi-Fi 7 client is determined from real-time data traffic. A number of small tones and large tones needed in combination for the data packet transmission, either alone or in combination, is calculated. The combination of small RU tones and large RU tones is allocated to the specific wireless client for use in downlink. The data packet is transmitted downlink to the Wi-Fi 7 client across the combination of small and large RU…
SIMULTANEOUS SHARING OF SPECTRAL BANDWIDTH BETWEEN MULTIPLE BSSS USING BANDWIDTH PUNCURING
Granted: July 4, 2024
Application Number:
20240224057
BSS (basic service set) sharing is enabled on the Wi-Fi 7 access point, wherein the Wi-Fi 7 access point is wirelessly connected to a plurality of stations over the common wireless channel. A puncturing pattern is determined to share spectrum of the common wireless channel between the multiple BSSs. All shared BSSs are advertised in beacons with an EHT field comprising the puncturing pattern and broadcast over the common wireless channel. At least two stations of the plurality of…
INTEGRATING 5G NETWORK SECURITY SERVICES WITH OTHER TYPES OF WIRELESS LOCAL ACCESS NETWORK (WLAN) SECURITY ON PRIVATE NETWORKS
Granted: July 4, 2024
Application Number:
20240224044
Security policies over a 5G private network are integrated with security policies over other wireless channels, such as a Wi-Fi private network, on a common private network. Security policies are set up for 5G, Wi-Fi, and wireless network combinations. An authenticated private cellular device connected to the private cellular network is detected as collocated with a second device connected to the second type of network. Responsive to the indication, adjusting the second device security…
PRIORITY ACCESS FOR WI-FI 7 WIRELESS LOCAL AREA NETWORKS (WLANS)
Granted: June 27, 2024
Application Number:
20240215080
Groups of Wi-Fi 7 stations are created including identifying Wi-Fi 7 stations accessing the channel for multimedia traffic and creating a group of stations accessing the channel for multimedia traffic. Responsive to reaching the threshold usage for channel usage, a high usage priority mode is activated to prioritize multimedia traffic. In high usage priority mode, notifying the group of Wi-Fi 7 stations of EDCA channel contention parameters using broadcast, management action frame,…
MACHINE LEARNING DYNAMIC RADIO SIGNAL STRENGTH INDICATOR (RSSI) THRESHOLD FOR MANAGING CONNECTIONS WITH WI-FI 6E CLIENTS
Granted: June 27, 2024
Application Number:
20240214913
A dynamic radio signal strength indicator (RSSI) connection threshold is determined, with machine learning, based on previous Wi-Fi 6E connection data for the Wi-Fi 6E access point. An authentication request frame (or other type of frame) is received from a Wi-Fi 6E client that received a beacon. The authentication request or other management frame includes an RSSI measurement characterizing signal strength between the Wi-Fi 6E client and the Wi-Fi 6E access point. It is determining…
INTELLIGENT WI-FI 6GHZ ACCESS POINT ASSOCIATIONS USING REDUCED NEIGHBOR REPORT ANNOUNCEMENTS
Granted: June 27, 2024
Application Number:
20240214870
Responsive to receiving a probe request at a first 6 GHz access point from a first 6 GHz station, while usage is above a threshold, a Wi-Fi controller with an AI neuron finds a best serving 6 GHz access point, from the plurality of 6 GHz access points, for the first 6 GHz station to be a second 6 GHz station, based in part on resource usage. A modified reduced neighbor report (RNR) is constructed for the first 6 GHz access point including adjusting a standard RNR report to steer the…
PROACTIVE MITIGATION OF WI-FI 6E ROGUE CLIENTS CONNECTING TO WI-FI 6E ACCESS POINTS IN WIRELESS NETWORKS
Granted: June 27, 2024
Application Number:
20240214815
A list is received from the Wi-Fi controller of rogue Wi-Fi 6E access points identified by BSSID within a vicinity of the Wi-Fi 6E access points based on RSSI measurements sent to the Wi-Fi controller. A rogue Wi-Fi 6E access point of the Wi-Fi controller list from the periodic beacon scanning. In response, prior to connection of any station to the rogue Wi-Fi 6E access point, broadcasts spoofed beacons on behalf of the rogue Wi-Fi 6E access point, using SSID and BSSID over the current…
MITIGATION OF ROGUE WI-FI 6E COMPATIBLE ACCESS POINTS
Granted: June 27, 2024
Application Number:
20240214813
A rogue Wi-Fi 6E access points are identified by on-wire data traffic of authorized Wi-Fi 6E access points. Data traffic is monitored across all access points for the rogue Wi-Fi 6E access points according to an SSID/BSSID scan table. In response, modified CSA values are sent from spoofed action frames that have a source BSSID of the rogue access points rather than the authenticated access point that transmits.
SYSTEMS AND METHODS FOR INTERNAL SECURE NETWORK RESOLUTION
Granted: June 20, 2024
Application Number:
20240205189
Systems, devices, and methods are discussed for limiting exposure of internal network operations beyond the boundary of a secure network.
INTRUSION PROTECTION SYSTEM (IPS) FOR HASH-BASED STRING DETECTION WITHOUT MEMORY LOOKUP TABLE
Granted: June 20, 2024
Application Number:
20240205247
A CRC rule is generated for each CRC parity check circuit from a bank of CRC parity check circuits for mapping a fixed-length CRC output to a signature, each of the CRC parity check circuits servicing a specific string length. The selected CRC parity circuit outputs a fixed-length parity-check data for the specific data packet, and the string mapper maps the fixed-length parity-check data for the specific data packet to one of the string identifiers associated with the group of…
