IPsec load balancing in a session-aware load balanced cluster (SLBC) network device
Granted: April 23, 2024
Patent Number:
11968237
A processing blade is assigned from the plurality of processing blades to a session of data packets. The load balancing engine manages a session table and an IPsec routing table by updating the session table with a particular security engine card assigned to the session and by updating the IPsec routing table for storing a remote IP address for a particular session. Outbound raw data packets of a particular session are parsed for matching cleartext tuple information prior to IPsec…
Early malware detection in on-the-fly security sandboxes using recursive neural networks (RNNs)to capture relationships in behavior sequences on data communication networks
Granted: April 23, 2024
Patent Number:
11968228
A file copy is executed in a virtual runtime environment that tracks behavior using RNN taking runtime behavior of at least a first time into account with current runtime behavior at a second time. This is responsive to not finding a known signature for suspicious activity during virus scanning. A behavior sequence is identified on-the-fly during file copy execution that is indicative of malware, prior to completing the execution, the behavior sequence involving at least two actions…
Capturing and correlating multiple sources of debugging information relating to a network resource via a browser extension
Granted: April 23, 2024
Patent Number:
11968095
Systems and methods for capturing and correlating multiple sources of debugging information relating to a network resource and a client device via a browser extension are provided. A browser extension integrated within a browser running on a client device, receives a request to initiate capturing of debugging information relating to a potential bug associated with a network resource with which an end user is interacting via the browser, and in response to the first request, starts…
Systems and methods for internal secure network resolution
Granted: April 9, 2024
Patent Number:
11956211
Systems, devices, and methods are discussed for limiting exposure of internal network operations beyond the boundary of a secure network.
Cloud-based orchestration of incident response using multi-feed security event classifications
Granted: March 12, 2024
Patent Number:
11930022
Systems and methods for performing multi-feed classification of security events to facilitate automated IR orchestration are provided. According to one embodiment a cloud-based security service protecting a private network provides a plurality of data feeds, wherein each data feed of the plurality of data feeds independently classify a given security event and produce a classification result. In response to an event associated with a process of an endpoint device that is part of the…
Dynamic elimination of old IPv6 addresses from WLAN/BYOD/IOT devices INDHCPv6 stateless mode after transitioning between VLANs
Granted: March 12, 2024
Patent Number:
11929850
A Wi-Fi controller identifies a mismatch between a first prefix of a first IPv6 address for a data packet corresponding to a first VLAN on which the data packet was sent from the station to the access point, and a prefix of a second IPv6 address for a second VLAN from which the data packet was transmitted from the access point to the Wi-Fi controller. Responsive to the VLAN mismatch identification, the Wi-Fi controller transmits an RA to the station with a preferred lifetime of 0,…
Machine learning systems and methods for regression based active learning
Granted: March 12, 2024
Patent Number:
11928593
Among a great deal of other disclosure and scope, systems and methods are enclosed that enable for highly efficient labeling of data. For example, in some of many cases, a novel methodology for ranking vectors most useful to label next is disclosed. In such an example, a neural network is trained to predict this ranking methodology upon being given a set of heuristics from which to assess the given problem space. A user can continue the cycle of identifying a set of candidate vectors to…
Intent-based orchestration of independent automations
Granted: March 12, 2024
Patent Number:
11928499
Systems and methods for intent-based orchestration of independent automation are described.
Systems and methods for automated SD-WAN performance rule formation
Granted: March 5, 2024
Patent Number:
11924062
Systems, devices, and methods are discussed for defining and monitoring network communication performance in an SD-WAN environment.
Leveraging user-behavior analytics for improved security event classification
Granted: March 5, 2024
Patent Number:
11924235
Systems and methods for improving security event classification by leveraging user-behavior analytics are provided. According to an embodiment, a UEBA-based security event classification service of a cloud-based security platform maintains information regarding historical user behavior of various users of an enterprise network. An endpoint protection platform running on an endpoint device that is part of the enterprise network performs an initial classification of the event, based on…
Real-time minimal vector labeling scheme for supervised machine learning
Granted: March 5, 2024
Patent Number:
11921820
Systems and methods are described for training a machine learning model using intelligently selected multiclass vectors. According to an embodiment, a set of un-labeled feature vectors are received. The set of feature vectors are grouped into clusters within a vector space having fewer dimensions than the first set of feature vectors by applying a homomorphic dimensionality reduction algorithm to the set of feature vectors and performing centroid-based clustering. An optimal set of…
Systems and methods for using a network access device to secure a network prior to requesting access to the network by the network access device
Granted: February 27, 2024
Patent Number:
11916902
Various approaches for securing networks against access from off network devices. In some cases, embodiments discussed relate to systems and methods for identifying potential threats included in a remote network by a network access device prior to requesting access to a known secure network via the remote network.
Systems and methods for four dimensional network session authorization
Granted: February 20, 2024
Patent Number:
11909826
Various embodiments provide systems and methods for automatically defining and enforcing network sessions based upon at least four dimensions of segmentation.
Mitigating malware impact by utilizing sandbox insights
Granted: February 20, 2024
Patent Number:
11909761
Systems and methods for mitigating the impact of malware by reversing malware related modifications in a computing device are provided. According to an embodiment, a sandbox service running within a network security platform protecting an enterprise network receives a file containing malware and associated contextual information from an endpoint security solution running on an endpoint device, which has been infected by the malware. The sandbox service captures information regarding a…
Dynamic retrieval of region code for network devices on data communication networks
Granted: February 20, 2024
Patent Number:
11907069
In network devices, during manufacturing, input for designation of a region code to be a non-specific region code is stored in a BIOS memory of the network device, and a specific region code is stored off the BIOS. During boot up, the BIOS is checked for a specific region code to regulate wireless transmissions at a physical location of operation. Responsive to receiving the non-specific region code from BIOS, the specific region code is requested from a region code server based on a…
Generating and managing message correction and retraction history from a chat server
Granted: February 13, 2024
Patent Number:
11902230
Changes on a chat client, such as one or more edits or retractions, and is characterized relative to an original chat string, and uploaded to a chat server for storage. The chat server combines the message change with at least a second change to the specific chat string uploaded from a different chat client. Responsive to a regeneration of the chat string on the chat client, the chat daemon downloads the combined message change from the chat server. The edits and retractions originating…
Generating and managing message correction and retraction history from a chat server
Granted: February 13, 2024
Patent Number:
11902230
Changes on a chat client, such as one or more edits or retractions, and is characterized relative to an original chat string, and uploaded to a chat server for storage. The chat server combines the message change with at least a second change to the specific chat string uploaded from a different chat client. Responsive to a regeneration of the chat string on the chat client, the chat daemon downloads the combined message change from the chat server. The edits and retractions originating…
Systems and methods for generating soar playbooks
Granted: February 6, 2024
Patent Number:
11894981
Various approaches are discussed for generation of SOAR playbooks using a variety playbook sources.
Systems and methods for hierarchical facial image clustering
Granted: January 23, 2024
Patent Number:
11881053
Various systems and methods for for clustering facial images in, for example, surveillance systems.
Artificially intelligent WLAN uplink monitoring for steering wireless stations to selective access points on wireless data communication networks
Granted: January 23, 2024
Patent Number:
11882467
Specific clients are assigned to a second access point based balancing an Ethernet uplink load status of the specific access point relative to the uplink load status of access points across a WLAN system, wherein the RSSI strength of the specific client relative to a first access point is higher than the RSSI strength of the specific client relative to the second access point.
