NGFW (next generation firewall) security inspection over multiple sessions of message session relay protocol (MSRP) on a data communication network
Granted: January 3, 2023
Patent Number:
11546769
One or more MSRP data packets are received from a first MSRP session and creates a first log entry. One or more MSRP data packets are also received from a second MSRP session and create a second log entry. A correlation between the first and second MSRP sessions based on MDNs can be detected, and mapped correlating information to malicious activity. The mapping includes reconstructing MSRP messages sent from a source and encapsulated in a data field of the packets, including MDNs, and…
Automatic establishment of network tunnels by an SDWAN controller based on group and role assignments of network devices
Granted: January 3, 2023
Patent Number:
11546303
Systems and methods are described for automatically building up a VPN to facilitate full-mesh communication within a private network of an organization based on group and role settings of participating network devices. According to one embodiment, configuration information, including a group setting, indicating a group with which the particular network device is associated, and a role setting, specifying a role of the particular network device within the group as either a hub or an edge,…
Automatic establishment of network tunnels by an SDWAN controller based on group and role assignments of network devices
Granted: January 3, 2023
Patent Number:
11546302
Systems and methods for automatically building up a VPN to facilitate full-mesh communication within an enterprise based on group and role settings of the participating network devices are provided. An SDWAN controller associated with a private network receives configuration information related to group setting and role setting for various network devices of the private network. The group setting indicates a group with which a network device is associated and the role setting specifies a…
FQDN (Fully Qualified Domain Name) routes optimization in SDWAN (Software-Defined Wide Area Networking)
Granted: January 3, 2023
Patent Number:
11546291
A DNS (Domain Name Server) proxy is configured as a DNS server for clients on the enterprise network to send two or more DNS queries to collect each available IP addresses on a SDWAN member link. IP address collection can be responsive to receiving a DNS request from a client for assigning a FQDN (Fully Qualified Domain Name). Service quality can be evaluated for the service on each member link of the IP addresses. An IP address is assigned to the client based on the service quality…
Machine-learning based approach for malware sample clustering
Granted: January 3, 2023
Patent Number:
11544575
Systems and methods for a machine learning based approach for identification of malware using static analysis and a machine-learning based automatic clustering of malware are provided. According to various embodiments of the present disclosure, a processing resource of a computer system receives a potential malware sample. A plurality of feature vectors is extracted from the potential malware sample and is converted into an input vector. A byte sequence is generated by walking a…
AI-ARRP (artificial intelligence enabled automatic radio resource provisioning) for steering wireless stations on 6 GHz spectrum channels on wireless data communication networks
Granted: December 27, 2022
Patent Number:
11540142
Muted 6 GHz stations on the Wi-Fi network within the plurality of stations on a first access point within the plurality of access points are assigned to a first access point from the plurality of access points associated with a list of non-overlapping 6 GHz channels, responsive to an RSSI value between the at least one 6 GHz station and the first access point. To do so, a channel switch announcement is unicast to the at least one muted 6 GHz station. The channel switch announcement is…
Scalable multiple layer machine learning model for classification of Wi-Fi issues on a data communication network
Granted: December 27, 2022
Patent Number:
11539599
Multi-level machine learning models can be generated from the captured log events. Outcomes are predicted for input events in real-time. The captured log events are received and parsed to expose event outcome data. A first data set is generated by determining whether an outcome associated with the event outcome data was a success or a failure. Responsive to a failed event outcome, a second data set is generated by categorizing the failed event outcome, to train multiple level SVMs for…
Secure link aggregation
Granted: December 20, 2022
Patent Number:
11533617
Systems and methods are for securing link aggregation are provided. According to an embodiment, a network device in a secure domain discovers device information associated with a peer network device in an untrusted domain that is connected through a first link directly connecting a first interface of the network device to a first interface of the peer network device, and authenticates the peer while allowing at least some network traffic to continue to be transmitted through the first…
Adaptive resource provisioning for a multi-tenant distributed event data store
Granted: December 20, 2022
Patent Number:
11531570
Systems and methods for adaptively provisioning a distributed event data store of a multi-tenant architecture are provided. According to one embodiment, a managed security service provider (MSSP) maintains a distributed event data store on behalf of each tenant of the MSSP. For each tenant, the MSSP periodically determines a provisioning status for a current active partition of the distributed event data store of the tenant. Further, when the determining indicates an under-provisioning…
Systems and methods for hierarchical facial image clustering
Granted: November 29, 2022
Patent Number:
11514719
Various systems and methods for for clustering facial images in, for example, surveillance systems.
Mitigation of DDoS attacks on mobile networks using DDoS detection engine deployed in relation to an evolve node B
Granted: November 15, 2022
Patent Number:
11503471
Systems and methods for inspection of traffic between UE and the core network to mitigate DDoS attacks on mobile networks are provided. According to one embodiment, the method involves parsing SCTP packets and monitoring header anomalies to block anomalous packet floods. According to another embodiment, a memory table maintains requesting S1AP-IDs which have sent certain monitored commands and then blocking those which are sending these messages at abnormally high rates. According to yet…
Internet of things (IoT) device identification on corporate networks via adaptive feature set to balance computational complexity and model bias
Granted: November 8, 2022
Patent Number:
11496394
Systems and methods for efficient kernel space packet processing and IoT device classification are provided. According to one embodiment, a computer system performs IoT device detection processing. Packet header information is received for multiple packets. Based on the packet header information, multiple Transmission Control Protocol (TCP) or User Datagram Protocol (UDP) flows between a given source device of multiple devices and a given destination device of the multiple devices are…
Network traffic metering credit distribution in network device having multiple processing units
Granted: October 25, 2022
Patent Number:
11483241
Systems and methods for network traffic metering credit distribution and packet processing in a network device having multiple processing units are provided. According to an embodiment, management of multiple meters is distributed among multiple processing units of a network device. Each meter is implemented in a form of a master entry and a slave entry. Responsive to receipt by one of the processing units of a packet subject to rate-limiting by a meter, an action to be taken on the…
Selectively disabling anti-replay protection by a network security device
Granted: October 18, 2022
Patent Number:
11477241
Systems and methods for selectively disabling anti-replay security checks based on a defined network policy that can override the globally-defined defaults for specific network sessions are provided. A network security device protecting a private network receives a packet associated with a network traffic flow between a source computing device and an internal destination computing device. The network security device identifies an anti-replay policy associated with the network traffic…
Remote monitoring of a security operations center (SOC)
Granted: October 18, 2022
Patent Number:
11477240
Systems and methods for remote monitoring of a Security Operations Center (SOC) via a mobile application are provided. According to one embodiment, a management service retrieves information regarding multiple network elements that are associated with an enterprise network and extracts parameters of the monitored network elements from the retrieved information. The management service prioritizes the monitored network elements by determining a severity level associated with…
Cloud-based orchestration of incident response using multi-feed security event classifications with machine learning
Granted: October 18, 2022
Patent Number:
11477214
Systems and methods for performing multi-feed classification of security events to facilitate automated IR orchestration are provided. According to one embodiment a cloud-based security service protecting a private network provides a plurality of data feeds, wherein each data feed of the plurality of data feeds independently classify a given security event and produce a classification result. In response to an event associated with a process of an endpoint device that is part of the…
Gamified network security training using dedicated virtual environments simulating a deployed network topology of network security products
Granted: October 18, 2022
Patent Number:
11475790
Systems and methods are described for providing training to attendees of a network security training session through use of gamification. A virtual environment is created containing a network topology simulating a deployed network of network security devices for which teams of the attendees are to receive training. A 3D game interface is presented on a display of a computer system of an attendee. Based on a leaderboard server's game state, a problem-solving objective for the training…
Device integration for a network access control server based on device mappings and testing verification
Granted: October 11, 2022
Patent Number:
11470083
Systems and methods for facilitating self-service device integration for a NAC server is provided. According to one embodiment, a database is maintained by a NAC server. The database includes mappings of system object identifiers to corresponding implementation details of associated devices. A system object identifier of a device that is to be modeled within the NAC server based on implementation details of another device is received. A list of candidate devices is retrieved from the…
Restricting broadcast and multicast traffic in a wireless network to a VLAN
Granted: October 4, 2022
Patent Number:
11463425
Traffic broadcast to a VLAN is restricted. To do so, a plurality of stations are associated with a BSSID (basic service set identifier). A first VLAN is configured by sending a first group key to each station from the plurality of stations that is a member of the first VLAN, wherein each VLAN is associated with a unique group key. One or more frames addressed to the first VLAN are received. The one or more frames are encrypted with the first group key to prevent stations without the…
Airtime fairness in WLANs (wireless local access networks) based on dynamic updates to ATF (airtime fairness) tokens
Granted: October 4, 2022
Patent Number:
11464046
Responsive to the number of stations exceeding a first threshold number, the transmitting stations are prioritized relative to the station based on a station type. Responsive to the number of stations exceeding a second threshold number, the transmitting stations are prioritized relative to the station based on a station RSSI value. The station is assigned to the run queue with an ATF token responsive to being prioritized within the first or second thresholds permitting transmission of…
