Airtime efficiency of virtual cell by optimizing multicast/broadcast transmissions in wireless networks
Granted: July 23, 2019
Patent Number:
10362630
Airtime efficiency is improved in virtual cell by optimizing multicast and/or broadcast transmissions in wireless networks with an optimal set of access points, as a subset of total access points involved in a traditional transmission. An optimal set comprising singleton access points and a minimum number of non-singleton access points covering the maximum number of stations with the fewest number of access points by including a non-singleton access point covering a highest number of…
Managing wireless client connections via near field communication
Granted: July 23, 2019
Patent Number:
10362608
Systems and methods for automatically obtaining WiFi profile data from an NFC device are provided. According to one embodiment, a client security application obtains a WiFi profile of a WiFi network via a near-field communication (NFC) device of the WiFi client device and establishes a WiFi connection with the WiFi network using the WiFi profile.
Emulating virtual port control of airtime fairness using per station enhanced distributed channel access (EDCA) parameters
Granted: July 23, 2019
Patent Number:
10362600
A technique for emulating virtual port control of airtime fairness for wireless stations using per station Enhanced Distributed Channel Access (EDCA) parameters. Specific parameters are received for each of a plurality of stations connected to the access point. An EDCA field of a beacon that stores a general EDCA parameter is set to an empty state. The beacon is broadcast to a plurality stations on the wireless communication network and within range of an access point. The beacon…
Security information and event management
Granted: July 16, 2019
Patent Number:
10356044
Systems and methods are described for conducting work flows by an SIEM device to carry out a complex task automatically. According to one embodiment, an SIEM device may receive a work flow template defining at an abstract level multiple security tasks that are performed by one or more security devices. The SIEM device starts a work flow instance by deriving the work flow instance from the work flow template and scheduling the security tasks to be performed by the one or more security…
System and method of subnetting a virtual network identifier
Granted: July 16, 2019
Patent Number:
10355930
A method and apparatus that determines a plurality of matching policies for a segment of a dynamic virtualized network is described. A device retrieves a virtual network identifier of the segment, where the virtual network identifier includes a plurality of bits and a plurality of subnets and each of the plurality of subnets is a different subset of the plurality of bits. In addition, the dynamic virtualized network is a virtualized layer 2 network that is overlaid on a layer 3 physical…
Pattern matching for data leak prevention
Granted: July 16, 2019
Patent Number:
10354088
Systems and methods for preprocessing data to facilitate DLP pattern matching are provided. An input string is received by a Data Leak Prevention (DLP) system. The input string is converted by the DLP system into a fixed string pattern. The conversion is performed based on one or more of multiple class definitions, including a digit class, a letter class and a symbol class. A determination is then made by the DLP system regarding whether the input string contains potential sensitive data…
Multitier wireless data distribution
Granted: July 2, 2019
Patent Number:
10341920
Data distribution between mobile stations and external data paths is assigned to a new set of devices, distribution points. Each distribution point is independently coupled to mobile stations, also assigned to access points. Control elements operate to control the distribution points separately from the access points. Each access point maintains a substantially stateless link with each distribution point for which the two share a mobile station. Access points might exchange data with any…
Facilitating in-network content caching with a centrally coordinated data plane
Granted: July 2, 2019
Patent Number:
10341453
Facilitating content caching in a local network by using software-defined network (SDN) controller to centrally coordinate data plane behavior. One or more packets forwarded from a component of the plurality of network components is received because no flow has been installed at the component to instruct on how to handle the one or more packets. Responsive to a deep packet inspection identifying a request for external content, a caching server is queried on the local network to determine…
Cloud-based security policy configuration
Granted: June 18, 2019
Patent Number:
10326801
Systems and methods for configuring security policies based on security parameters stored in a public or private cloud infrastructure are provided. According to one embodiment, security parameters associated with a first network appliance of an enterprise, physically located at a first site, are shared by the first network appliance with multiple network appliances of the enterprise by logging into an shared enterprise cloud account. The shared parameters are retrieved by a second…
Aggregated beacons for per station control of multiple stations across multiple access points in a wireless communication network
Granted: June 18, 2019
Patent Number:
10327186
A technique for providing per station control of multiple stations in a wireless network across multiple access points. A look-up table that assigns a station connected to the access point and at least one communication parameter to each of a plurality of persistent, uniquely-assigned BSSIDs (Basic Service Set Identifiers) is stored. An access point responds to messages addressed one of the plurality of persistent, uniquely-assigned BSSIDs and ignores messages addressed to other BSSIDs.…
Management of certificate authority (CA) certificates
Granted: June 18, 2019
Patent Number:
10326756
Systems and methods for automatically installing CA certificates received from a network security appliance by a client security manager to make the CA certificate become a trusted CA certificate to a client machine are provided. In one embodiment, a client security manager establishes a connection with a network security appliance through a network, wherein the client security manager is configured for managing security of a client at the client side and the network security appliance…
Mobile hotspot managed by access controller
Granted: June 18, 2019
Patent Number:
10326737
Systems and methods are described for a mobile hotspot that can be managed by an access controller. According to an embodiment, a WAN connection is established by a mobile hotspot through a telecommunication data network via a wireless WAN module. When in a first mode, the mobile hotspot: (i) sets up a secure tunnel through the WAN connection with an AC of the enterprise that manages APs of a wireless network of an enterprise; (ii) broadcasts an SSID that is also broadcast by the APs;…
Automatic channel layering in a Wi-Fi communication system
Granted: June 4, 2019
Patent Number:
10313945
Deploying multiple access points on multiple wireless communication channels to optimize coverage area. Additional channels provide additional communication capability which multiple AP's, and their associated stations, can collectively use. An additional set of AP's can be disposed in the additional communication channel, with multiple communication channels possibly physically intersecting. The system control element collects information from devices in the wireless communication…
Packet processor steering in wi-fi access points with multiple wi-fi protocol interfaces
Granted: June 4, 2019
Patent Number:
10313929
Network packet are steered to a particular processor of multiple available processors on an access point. Multiple WLAN interfaces can include at least one WLAN interface dedicated to network packets in compliance with IEEE 802.11ac and at least one WLAN interface dedicated to network packets in compliance with IEEE 802.11bgn. Responsive to a determination of a single station destination, a packet distribution index is determined for the network packet with respect to each of the…
Document classification by a hybrid classifier
Granted: June 4, 2019
Patent Number:
10313348
Systems and methods for classifying URLs by a hybrid classifier are provided. According to one embodiment, a hybrid classifier receives a candidate URL. A naïve Bayes classifier of the hybrid classifier classifies the candidate URL to generate a first classification of the candidate URL and a sublink classifier of the hybrid classifier classifies the candidate URL to generate a second classification of the candidate URL. The hybrid classifier determines a classification of the candidate…
Financial information exchange (FIX) protocol based load balancing
Granted: May 21, 2019
Patent Number:
10296973
Methods and systems for efficiently allocating a Financial Information eXchange (FIX) protocol based trading session/transaction a server by means of a load balancer are provided. According to one embodiment, a FIX packet of a FIX session is received at a load balancer fronting multiple servers of a high frequency trading (HFT) platform. A customer of the HFT platform is identified based on a SenderCompID field of the FIX packet. A customer weighting factor is determined based on a…
Filtering of metadata signatures
Granted: May 14, 2019
Patent Number:
10291632
Systems and methods for high performance IDS/IPS with efficient metadata filtering are provided. According to one embodiment, a signature database of an IDS/IPS is configured with multiple metadata signatures. A pre-match engine identifies a candidate packet of network traffic received by the IDS/IPS for full-feature match processing by: (i) categorizing the metadata signatures based on characteristics thereof; and (ii) processing and filtering a first set of the metadata signatures that…
Automatically deployed wireless network
Granted: May 7, 2019
Patent Number:
10285093
Systems and methods for an automatically deployed wireless network are provided. According to one embodiment, an access point controller (AC) determines the existence of a network anomaly at a position of a wireless network that is managed by the AC. Responsive thereto, the AC causes an unmanned vehicle that carries a movable access point (AP) to carry the movable AP to the position or proximate thereto and causes the movable AP to provide wireless network service to an area encompassing…
Detecting and preventing flooding attacks in a network environment
Granted: May 7, 2019
Patent Number:
10284594
A method for processing network traffic data includes receiving a packet, and determining whether the packet is a previously dropped packet that is being retransmitted. A method for processing network traffic content includes receiving a plurality of headers, the plurality of headers having respective first field values, and determining whether the first field values of the respective headers form a first prescribed pattern. A method for processing network traffic content includes…
Seamless mobility in wireless networks
Granted: April 30, 2019
Patent Number:
10278105
AP's associated with a communication network and any wireless devices desiring contact, operated according to a protocol in which each wireless device selects AP's with which to communicate. A system coordinator causes the AP's to operate so as to guide each wireless device to an AP selected by the system coordinator. This has the effect that, notwithstanding that the protocol involves having the wireless device make the selection of AP, functionally, the AP's make the selection for it.…
