Automatic tagging of cloud resources for implementing security policies
Granted: March 29, 2022
Patent Number:
11290527
Systems and methods for automatically tagging cloud resources that are spread across multiple cloud platforms are provided. According to one embodiment, information regarding each cloud provider of multiple cloud providers associated with a cloud environment used by a private network is received by a cloud-tagging orchestrator service of the private network. For each cloud resource of a plurality of cloud resources hosted by the cloud providers on behalf of the private network: (i)…
Mitigating malware impact by utilizing sandbox insights
Granted: March 15, 2022
Patent Number:
11277438
Systems and methods for mitigating the impact of malware by reversing malware related modifications in a computing device are provided. According to an embodiment, a sandbox service running within a network security platform protecting an enterprise network receives a file containing malware and associated contextual information from an endpoint security solution running on an endpoint device, which has been infected by the malware. The sandbox service captures information regarding a…
Automated testing of network security policies against a desired set of security controls
Granted: March 1, 2022
Patent Number:
11265347
Systems and methods for automated testing of network security controls are provided. According to one embodiment, information regarding multiple desired security controls for a protected network are received by a network device. Network traffic configured to validate an extent of conformance by the protected network with the desired security controls is generated by the network device. The generated network traffic is transmitted by the network device onto the protected network. An…
Fan vibration damping devices, systems and/or methods
Granted: February 22, 2022
Patent Number:
11255347
Vibration damping devices and methods utilizing the same for damping vibrations in a fan. A vibration damping device for a fan, the fan having an inlet side of a frame and an exhaust side of the frame and the frame retains a fan mechanism. The vibration damping device includes a mass mT which may include either: a block with a total mass mT; or a finger guard and at least one resilient attachment member having a first spring characteristic, wherein resilient attachment member is…
Conditional hardware acceleration of secure forward error correction (FEC) processing
Granted: February 15, 2022
Patent Number:
11251906
It is determined whether hardware acceleration is available for the incoming data packet. Responsive to hardware acceleration availability, and based on the received FEC conditions, it is determined, for a session associated with the incoming data packet, whether to hardware decrypt the incoming data packet before decoding the incoming data packet or to hardware decrypt after decoding the incoming data packet.
System and methods for detection of cryptoware
Granted: February 8, 2022
Patent Number:
11244051
A computer implemented method for protecting data stored in at least one file from being overwritten by malicious code, comprises: monitoring at least one file stored in a storage device location to detect a request to perform an overwrite operation at least a portion of data of the at least one file; redirecting the overwrite operation to a memory location designated as safe for being overwritten; analyzing the overwrite operation at the memory location to identify an association with…
Providing secure data replication among nodes of a hierarchical multitenant security orchestration and automated response (SOAR) architecture
Granted: February 1, 2022
Patent Number:
11240110
Systems and methods for facilitating secure and reliable communications among nodes of different tiers of a multi-tenant SOAR deployment are provided. According to one embodiment, data flow propagation within a hierarchy of nodes of the SOAR deployment is controlled. Responsive to creation of a record by a node: (i) when there exists a parent node in the hierarchy, setting a PID of the record to a TID of the parent node; otherwise, to a TID of the node; (ii) when there exists a child…
Selectively processing packets based on their classification by a counting bloom filter as a first packet or a subsequent packet of a transport protocol connection
Granted: January 11, 2022
Patent Number:
11223562
Systems and methods for selectively processing packets based on their classification by a CBF are provided. According to one embodiment, a network device receives a packet, extracts n-tuple values from the header of the packet that are indicative of a particular transport protocol connection with which the packet is associated, determines whether the particular transport protocol connection represents an active transport protocol connection represented within the CBF by searching the CBF…
Endpoint network traffic analysis
Granted: January 11, 2022
Patent Number:
11223639
Systems and methods for an agent-based approach that facilitates endpoint network traffic analysis are provided. According to an embodiment, an agent running on an endpoint device associated with an enterprise network collects network communication metadata from the endpoint device responsive to receiving callbacks from a kernel-level tracing facility implemented within an OS of the endpoint device and locally stores the collected network communication metadata. Further, the agent…
Inception of suspicious network traffic for enhanced network security
Granted: January 11, 2022
Patent Number:
11223635
Systems and methods are described for inception of suspicious network traffic to allow detection of the beginning of common attacks by network security devices, such as NGFWs, UTM appliances and IPS appliances. According to one embodiment, inception engine running on network security appliance protecting a private network monitors a session between an external computing device and a server device associated with the private network. In response to receipt of suspicious traffic from…
Intrusion detection in a wireless network using location information of wireless devices
Granted: December 28, 2021
Patent Number:
11212681
Systems and methods for detecting and/or preventing intrusions in a wireless network based on location information of wireless devices are provided. According to one embodiment, a database is maintained by a wireless network security system that includes historical location information and a media access control (MAC) address for multiple wireless devices observed by wireless access points (APs) of a wireless network of an enterprise. Information regarding one or more probe signals…
Control maturity assessment in security operations environments
Granted: December 28, 2021
Patent Number:
11212316
Method and system embodiments for assessing control maturity in security operations environments are described. According to some embodiments, the method facilitates a nonintrusive, automated means to configure and detect security controls installed in an Information Technology (IT) environment. The system verifies that these controls function as expected over a specified period of time and then maps each security control to a cell in a matrix of operational functions crossed with asset…
Artificial intelligence (AI) management of roaming service provider agreements for offloading voice calls from cellular networks to Wi-Fi hotspots
Granted: November 23, 2021
Patent Number:
11184823
Requests for roaming service agreements intended for an ANQP server to initiate offloading an ongoing voice call from a cellular network associated with a SP for the station to the Wi-Fi network are received. A connection is made if the SP matches a list of SP providers for which the AP has a roaming service agreement. Responsive to not matching the list of SP providers, the SP miss and location data of the station is stored. Statistics concerning stored AP misses and identifying a…
Separating broadcast and multicast wireless traffic in WLANs (wireless local access networks) for quarantine stations
Granted: November 23, 2021
Patent Number:
11184741
Quarantine stations are steered to a hidden virtual access point for quarantining multicast and broadcast traffic from other traffic on an access point, or other device. The hidden virtual access point can be spawned, with the same configurations as a non-quarantine virtual access point, for on demand traffic containment. The data stream transmitted over Wi-Fi to the quarantine client using a different GTK key generated under virtual access point of hidden SSID for encryption of the…
Detection and mitigation of time-delay based network attacks
Granted: November 23, 2021
Patent Number:
11184372
Systems and methods are described for mitigation of time-delay based network attacks that seek to avoid detection by email security solutions employing sandboxing. According to one embodiment, a potentially malicious link associated with a communication is received from a computer system by a sandbox device. A link evasion technique, in which a first file to which the potentially malicious link points to at a first time is replaced with a second file on or before a second time, is…
Systems and methods for real-time configurable load determination
Granted: November 9, 2021
Patent Number:
11171969
Systems and methods are described herein generally relating to network security, and in particular, embodiments described generally relate to real-time configurable load determination. For example, a method is disclosed, which calls for receiving a request to perform a security service, performing the security service on data included with the request; calculating a service load associated with and during the performing the security service, and transmitting a response to the request,…
Alternative network communication for access point troubleshooting and monitoring
Granted: October 26, 2021
Patent Number:
11159963
The present description provides methods, computer program products, and systems for alternative network communication for access point troubleshooting and monitoring. When a station has difficulty initiating or maintaining a connection with an access point, or even when performance is suboptimal, alternative network communication is initiated. The issue can be handled by reporting to a troubled access point for self-correction, or by uploading interrogation commands or code for active…
Determining on-net/off-net status of a client device
Granted: October 19, 2021
Patent Number:
11153350
Systems and methods are described for determining an on-net/off-set status of a client device. An endpoint security program running on the client device maintains an enterprise public Internet Protocol (IP) list containing one or more ranges of public IP addresses associated with an enterprise network. Further, the endpoint security program sends a request to a cloud-based service for information regarding a public IP address of the client device. In response to the request, the endpoint…
True transparent proxy to support multiple HTTP/S web applications on same IP and port on a data communication network
Granted: October 19, 2021
Patent Number:
11153280
A true transparent proxy for a web application firewall is provided. Granular network security policies are applied on a per web application basis using unique SSL inspection certificates for web applications sharing a common IP address.
Active path detection for on-demand network links in a software-defined wide area network (SDWAN)
Granted: October 5, 2021
Patent Number:
11140059
Systems and methods are described for active path detection for on-demand network links in an SDWAN. According to one embodiment, on establishment of an on-demand network link between a first spoke device and a second spoke device of an SDWAN, the first spoke creates a health check object and periodically measures a metric representing a latency between the first and second spokes. Responsive to receipt of a packet via the on-demand network link, the first spoke determines whether the…
