Optimization of MU-MIMO beamforming in a Wi-Fi communication network based on mobility profiles
Granted: May 11, 2021
Patent Number:
11006422
An access point associated on Wi-Fi portion of the communication network selectively groups stations according to a mobility profile. The mobility profile includes factors that characterize at least an amount of movement and current location for a station. Each station is assigned to a beamforming group of similar mobility profiles. A type of beamforming transmission is selected for each beamforming group based on mobility profiles of associated stations. The type of beamforming…
DNS-enabled communication between heterogeneous devices
Granted: April 27, 2021
Patent Number:
10992641
Methods and systems for an IPv4-IPv6 proxy mode for DNS servers are provided. According to one embodiment, a DNS query is received by a network device from a dual-stack client. A determination is made the network device whether a first record type containing an Internet Protocol (IP) address for a server associated with the query exists within a DNS database of the network device. If the first record type exists for the server, then communication is enabled between the client and the…
Application-specific airtime fairness in WLANS (wireless local access networks) based on time sensitivity of applications
Granted: April 20, 2021
Patent Number:
10986642
Network packets are pre-processed and stored in network queues based on time sensitivity and other factors. More specifically, a specific application associated with a specific session of the network packets locally at the access point is determined. An ATR is adjusted based on a priority of the application with respect to time sensitivity. Other factors include throughput capability of a wireless device.
Generating design verification test cases using a restricted randomization process based on variable dependencies
Granted: April 20, 2021
Patent Number:
10984158
Systems and methods for generating design verification test cases using a restricted randomization process are provided. According to one embodiment, a processor of a hardware design verification system receives a set of restrictions and defines a scenario involving the values that is to be excluded from the test case. The processor also receives pre-assigned values for one or more variables. For each variable other than the one or more variables, the processor assigns a first random…
Automatic virtual private network (VPN) establishment
Granted: April 13, 2021
Patent Number:
10979395
Systems and methods for automatic VPN establishment are provided. According to one embodiment, a P1 message is received by a hub network device (ND) a remote device (RD) of a spoke. P1 specifies VPN connection attributes corresponding to a lowest ENC/AUTH suite supported by RD. A VPN tunnel entry is automatically created by ND based on the VPN connection attributes. A P2 message is transmitted by ND specifying ENC/AUTH attributes based on corresponding ENC/AUTH of the VPN connection…
Reliable call hand-off from cellular networks to Wi-Fi networks
Granted: March 30, 2021
Patent Number:
10966131
Reliable call hand-offs from a cellular network to a Wi-Fi network. A hand-off controller detects a hand-off condition (e.g., hand-off request, potential/predicted hand-off request) and, in response, initiates a test call. For example, a telephone call made through a smart phone, using a cellular network (e.g., Verizon, AT&T or Sprint) can be handed over to a hot spot at a Starbucks. In response to detecting an available data network, transmission quality for VOIP conditions is…
Dynamic service-based load balancing in a software-defined wide area network (SD-WAN)
Granted: March 16, 2021
Patent Number:
10951529
Systems and methods for dynamic service-based load balancing in an SD-WAN are provided. According to one embodiment, a routing protocol daemon of an SDN controller within a spoke network receives a dynamically assigned subnet and associated attributes for a client device newly registered with the hub network. The routing protocol daemon tags the subnet with a route tag using a route map based on the received attributes meeting network administrator-defined match criteria for…
Accelerating computer network policy search
Granted: March 9, 2021
Patent Number:
10944724
Systems and methods for accelerating computer network policy searching are provided. According to one embodiment, a packet is received by a policy search engine (PSE) of a packet processing device. A set of candidate policies are identified from among multiple policies of the packet processing device by screening the multiple policies by a speculation unit of the PSE based on metadata associated with the received packet. Finally, a matching policy for the received packet is identified by…
Programmable, policy-based efficient wireless sniffing networks in WIPS (wireless intrusion prevention systems)
Granted: March 9, 2021
Patent Number:
10944650
A plurality of sniffing policies describing deep packet inspection processes performed on network traffic at sniffing access points from the plurality of access points is received. Network traffic levels are monitored at the plurality of access points and a level of sniffed traffic backhauled over the Wi-Fi network for analysis. A change can be detected in network traffic affecting a sniffing policy. Responsive to exceeding a certain level of sniffed traffic being backhauled, an amount…
User and IoT (internet of things) apparatus tracking in a log management system
Granted: March 2, 2021
Patent Number:
10938926
Network identity to User Identity and location mapping information can be found in various logs (such as Active Directory logs, DHCP logs, VPN logs, and WLAN authentication logs) and certain files such as router Layer 2 or 3 forwarding tables. For a large organization, this mapping can be dynamic. Accurate user identity and location information is crucial to assessing the security risk associated with a host and take corrective action. This invention discloses a distributed in-memory…
Evaluating trustworthiness of data transmitted via unencrypted wireless mobile communications
Granted: February 23, 2021
Patent Number:
10932127
Systems and methods for making local decisions regarding the trustworthiness of V2V communications are provided. According to one embodiment, a vehicle information packet is received by a vehicle connectivity subsystem of a connected car and is indicative of an attribute of a source from which the packet was received. The source purportedly represents a neighboring vehicle in proximity to the connected car. A trustworthiness value for the packet is determined based on the source and…
Deriving test profiles based on security and network telemetry information extracted from the target network environment
Granted: February 9, 2021
Patent Number:
10917325
Systems and methods for deriving test profiles for validating network devices based on security and network telemetry information extracted from the target network environment is provided. According to one embodiment, security and network telemetry information are extracted by a test generator during a monitoring period from one or more network devices running within a target network environment. Performance related parameters and data associated with the performance related parameters…
Embedding artificial intelligence for balancing access point processing load in IPV6 enabled networks
Granted: February 2, 2021
Patent Number:
10912015
Responsive to a CPU load of a specific access point surpassing a high CPU threshold value, each of the wireless stations is disassociated from the specific access point. A second access point within range of the disassociated wireless stations is identified. A current CPU load is determined for the second access point and determining RSSI values for the wireless station with respect to the second access points relative to other available access points. Responsive to a current CPU load…
Spectral efficient selection of station clusters for concurrent data transmissions in high efficiency WLANs (wireless local access networks) using unsupervised machine learning models
Granted: February 2, 2021
Patent Number:
10912003
For data packets are received from a plurality of sessions and associated with a plurality of transmitting Wi-Fi stations on the Wi-Fi network. The received data packets contend for access for transmission on the data communication network. Transmitting stations are grouped together when resource units are no longer available. Grouping can implement artificial intelligence such as K-means clustering.
Automatically syncing GTP roaming firewall device policies over a data communication network for network security over mobile devices roaming data services on a carrier network
Granted: February 2, 2021
Patent Number:
10911935
A GTP firewall device registers with a cloud-based GTP GSN objects server to receive IR.21 records for each of a plurality of carriers for which roaming data services are authorized for roaming mobile devices of the plurality of carriers. The cloud-based GTP GSN objects server distributes IR.21 records and updates to the plurality of carriers. The GTP firewall device receives substantially real-time updates to the IP addresses for IR.21 records of carriers from the cloud-based GTP GSN…
Check valve for preventing air backflow in a modular cooling system
Granted: January 5, 2021
Patent Number:
10888018
A cooling system for electrical and electronic devices for hot swapping of a fan module without affecting cooling efficiency due to air backflow, preventing stalling of newly installed exhaust device due to reverse rotation. A check valve assembly having an inlet side frame member, an outlet side frame member, and one or more non-symmetrical valve flaps, each flap having a movable part and a fixed part. The outlet side frame allows the flaps to open under suction pressure on side of the…
Over-the-air (OTA) Wi-Fi offloading
Granted: January 5, 2021
Patent Number:
10887795
Systems and methods for OTA Wi-Fi offloading are provided. According to one embodiment, a first AP of a private network provides connectivity between one or more wireless client devices and a wired network portion of the private network. The first AP is coupled to a switch via a first wired link. The first AP determines whether the traffic being transmitted on the first wired link exceeds a configurable or predefined threshold. When the determination is affirmative, the first AP offloads…
Blocking communication between rogue devices on wireless local access networks (WLANS)
Granted: December 29, 2020
Patent Number:
10880749
Techniques which prevent rogue devices from continued access to a wireless communication system. A control element directs access points as to which mobile stations to service. Each access point maintains a record of the mobile stations it is servicing. At the direction of the control element, one or more access points send ACK (acknowledgement) messages when hearing messages from a rogue device. When the rogue device sends a message, it expects an ACK message in response, but those…
Logical network abstraction for network access control
Granted: December 22, 2020
Patent Number:
10873607
Systems and methods for NAC access policy creation and reconfiguration of access points to enforce same are provided. According to one embodiment, access policies are decoupled from underlying implementation details of access points by: (i) maintaining by a NAC device an access point model that maps logical networks to corresponding enforcement action implementations for the access points; and (ii) representing the access policies in a form of a current state of a particular endpoint…
Mitigation of NTP amplification and reflection based DDoS attacks
Granted: December 15, 2020
Patent Number:
10868828
Systems and methods for mitigating DDoS attacks utilizing NTP are provided. According to one embodiment, a tracking table is maintained by a network security device protecting a private network. The tracking table contains information regarding NTP requests originated by clients of the private network and observed by the network security device. An NTP request sent from a client to an NTP server external to the private network is intercepted by the network security device. An NTP request…
