-
公开(公告)号:US10237286B2
公开(公告)日:2019-03-19
申请号:US15010441
申请日:2016-01-29
摘要: Content Delivery Network (CDN) protection systems and methods, performed by a cloud node in a distributed security system include receiving traffic between one or more origin servers and the CDN; monitoring the traffic based on policy; detecting one or more of malware and data leakage in the traffic based on the policy; and blocking the traffic responsive to the detecting the one or more of the malware and the data leakage in the traffic, prior to the traffic entering the CDN.
-
公开(公告)号:US20170223029A1
公开(公告)日:2017-08-03
申请号:US15010441
申请日:2016-01-29
CPC分类号: H04L63/1416 , H04L63/1425 , H04L63/1458 , H04L67/10
摘要: Content Delivery Network (CDN) protection systems and methods, performed by a cloud node in a distributed security system include receiving traffic between one or more origin servers and the CDN; monitoring the traffic based on policy; detecting one or more of malware and data leakage in the traffic based on the policy; and blocking the traffic responsive to the detecting the one or more of the malware and the data leakage in the traffic, prior to the traffic entering the CDN.
-
公开(公告)号:US20160036855A1
公开(公告)日:2016-02-04
申请号:US14448012
申请日:2014-07-31
CPC分类号: H04L63/20 , H04L63/0281 , H04L63/08 , H04L63/083 , H04L67/146 , H04L67/2809
摘要: A cloud-based method, a system, and a cloud-based security system include receiving a request from a user for a cloud application at a proxy server; determining whether the user is authenticated based on a presence of cookies in the request; if the cookies are present, un-transforming the cookies by the proxy server and forwarding the request with the un-transformed cookies to the cloud application; and, if the cookies are not present, forwarding the request to the cloud application by the proxy server for authentication and transforming the cookies subsequent to the authentication prior to sending the cookies to the user.
摘要翻译: 基于云的方法,系统和基于云的安全系统包括从代理服务器接收来自用户的云应用的请求; 基于所述请求中是否存在cookie来确定所述用户是否被认证; 如果存在cookie,则由代理服务器取消转换cookie,并将未转换的cookie转发到云应用程序; 如果不存在cookie,则由代理服务器将请求转发给云应用程序进行身份验证,并在将Cookie发送给用户之前转换认证后的Cookie。
-
公开(公告)号:US20110013508A1
公开(公告)日:2011-01-20
申请号:US12889209
申请日:2010-09-23
申请人: Raj Tuplur , Bharani Chadalavada , Manoj Apte , Rajagopalan Sivaramakrishnan , Sriram Raghunathan , Umesh Krishnaswamy
发明人: Raj Tuplur , Bharani Chadalavada , Manoj Apte , Rajagopalan Sivaramakrishnan , Sriram Raghunathan , Umesh Krishnaswamy
IPC分类号: H04L12/26
摘要: State information is synchronized between a plurality of routing engines in a multi-chassis router according to a synchronization gradient. An example multi-chassis router is described that includes a primary routing engine and a standby routing engine in each chassis. According to the synchronization gradient, the primary routing engine of a control node updates state information on the standby routing engine of the control node prior to updating the primary routing engines of the other chassis. The primary routing engines of the other chassis update state information in respective standby routing engines prior to updating state information in consumers. If a primary routing engine fails, the corresponding standby routing engine assumes control of the primary routing engine's duties. Upon assuming control, a standby routing engine resumes updating state information without having to resend state information or interrupt packet forwarding.
摘要翻译: 根据同步梯度,状态信息在多机架路由器中的多个路由引擎之间同步。 描述了一种示例性多机架路由器,其包括每个机架中的主路由引擎和备用路由引擎。 根据同步梯度,控制节点的主路由引擎在更新另一机箱的主路由引擎之前更新控制节点的备用路由引擎上的状态信息。 另一个机箱的主要路由引擎在更新消费者中的状态信息之前,在相应的备用路由引擎中更新状态信息。 如果主路由引擎发生故障,则相应的备用路由引擎将控制主路由引擎的任务。 在进行控制时,备用路由引擎恢复更新状态信息,而不必重新发送状态信息或中断分组转发。
-
公开(公告)号:US09912638B2
公开(公告)日:2018-03-06
申请号:US14597623
申请日:2015-01-15
申请人: Kailash Kailash , Chakkaravarthy Periyasamy Balaiah , Sushil Pangeni , Amit Sinha , Samuel John Crank , Manoj Apte , Sridhar Narasimhan
发明人: Kailash Kailash , Chakkaravarthy Periyasamy Balaiah , Sushil Pangeni , Amit Sinha , Samuel John Crank , Manoj Apte , Sridhar Narasimhan
CPC分类号: H04L63/0209 , H04L41/0213 , H04L41/069 , H04L41/5096 , H04L43/0817 , H04L61/2514 , H04L63/1416 , H04L63/1425 , H04L63/1433
摘要: Systems and methods of integrating log data from a cloud system with an internal management system are described, wherein the cloud system is located externally from a secure network which contains the internal management system. The systems and methods include receiving log data from a cloud system through a secure connection between the secure network and the cloud system; buffering the received log data; filtering the buffered, received log data; and transmitting the filtered, buffered, received log data to the internal management system in a format associated with the internal management system.
-
公开(公告)号:US09531758B2
公开(公告)日:2016-12-27
申请号:US14712154
申请日:2015-05-14
申请人: Srikanth Devarajan , Sridhar Narasimhan , Amit Sinha , Manoj Apte
发明人: Srikanth Devarajan , Sridhar Narasimhan , Amit Sinha , Manoj Apte
CPC分类号: H04L63/20 , G06F17/30289 , G06F21/51 , G06F21/56 , H04L61/2007 , H04L63/0281 , H04L63/08 , H04L63/105 , H04L67/02
摘要: A cloud-based secure Web gateway, a cloud-based secure Web method, and a network deliver a secure Web gateway (SWG) as a cloud-based service to organizations and provide dynamic user identification and policy enforcement therein. As a cloud-based service, the SWG systems and methods provide scalability and capability of accommodating multiple organizations therein with proper isolation therebetween. There are two basic requirements for the cloud-based SWG: (i) Having some means of forwarding traffic from the organization or its users to the SWG nodes, and (ii) Being able to authenticate the organization and users for policy enforcement and access logging. The SWG systems and methods dynamically associate traffic to users regardless of the source (device, location, encryption, application type, etc.), and once traffic is tagged to a user/organization, various polices can be enforced and audit logs of user access can be maintained.
-
公开(公告)号:US20160261564A1
公开(公告)日:2016-09-08
申请号:US15158153
申请日:2016-05-18
申请人: Patrick FOXHOVEN , John A. CHANAK , William FEHRING , Denzil WESSELS , Purvi DESAI , Manoj APTE , Sudhindra P. HERLE
发明人: Patrick FOXHOVEN , John A. CHANAK , William FEHRING , Denzil WESSELS , Purvi DESAI , Manoj APTE , Sudhindra P. HERLE
CPC分类号: H04L63/0272 , G06F16/285 , H04L61/1511 , H04L63/0281 , H04L63/08 , H04L63/10 , H04L63/20 , H04L67/1021 , H04L67/42
摘要: A virtual private access method implemented by a cloud system, includes receiving a request to access resources from a user device, wherein the resources are located in one of a public cloud and an enterprise network and the user device is remote therefrom on the Internet; forwarding the request to a central authority for a policy look up and for a determination of connection information to make an associated secure connection through the cloud system to the resources; receiving the connection information from the central authority responsive to an authorized policy look up; and creating secure tunnels between the user device and the resources based on the connection information.
摘要翻译: 由云系统实现的虚拟专用接入方法包括从用户设备接收访问资源的请求,其中所述资源位于公有云和企业网络之一,并且所述用户设备在因特网上远离所述用户设备; 将请求转发到中央机构进行策略查找和确定连接信息,以通过云系统与资源建立相关联的安全连接; 响应于授权策略查询从中央机构接收连接信息; 以及基于所述连接信息在所述用户设备和所述资源之间创建安全隧道。
-
公开(公告)号:US09118689B1
公开(公告)日:2015-08-25
申请号:US13446856
申请日:2012-04-13
申请人: Manoj Apte , Sridhar Narasimhan , Purvi Desai
发明人: Manoj Apte , Sridhar Narasimhan , Purvi Desai
IPC分类号: H04L29/06
CPC分类号: H04L63/1441 , H04L51/12 , H04L63/045 , H04L63/08 , H04L63/104 , H04L63/1408 , H04L63/1425 , H04L63/145 , H04L63/308 , H04W12/06
摘要: A cloud based security method and processing node includes monitoring data traffic between a user and an external network, wherein the monitoring is performed by a processing node comprising a first server in a cloud based system, detecting a security incident, if an archiving rule exists based on the security incident, providing a notification to a second server within an organization's domain, wherein the user is part of the organization, and wherein the notification includes private data associated with the security incident based on the archiving rule, and storing non-private data in the cloud based system based on the archiving rule.
摘要翻译: 基于云的安全方法和处理节点包括监视用户和外部网络之间的数据流量,其中所述监视由包括基于云的系统中的第一服务器的处理节点执行,检测安全事件,如果存在归档规则 在所述安全事件上,向组织的域内的第二服务器提供通知,其中所述用户是所述组织的一部分,并且其中所述通知包括基于归档规则与所述安全事件相关联的专用数据,以及存储非私有数据 在基于云的系统中基于归档规则。
-
9.发明授权Dynamic user identification and policy enforcement in cloud-based secure web gateways 有权基于云的安全网关的动态用户识别和策略实施公开(公告)号:US09065800B2
公开(公告)日:2015-06-23
申请号:US13728631
申请日:2012-12-27
申请人: Srikanth Devarajan , Sridhar Narasimhan , Amit Sinha , Manoj Apte
发明人: Srikanth Devarajan , Sridhar Narasimhan , Amit Sinha , Manoj Apte
CPC分类号: H04L63/0227 , G06F21/51 , G06F21/56 , H04L63/168
摘要: A cloud-based secure Web gateway, a cloud-based secure Web method, and a network deliver a secure Web gateway (SWG) as a cloud-based service to organizations and provide dynamic user identification and policy enforcement therein. As a cloud-based service, the SWG systems and methods provide scalability and capability of accommodating multiple organizations therein with proper isolation therebetween. There are two basic requirements for the cloud-based SWG: (i) Having some means of forwarding traffic from the organization or its users to the SWG nodes, and (ii) Being able to authenticate the organization and users for policy enforcement and access logging. The SWG systems and methods dynamically associate traffic to users regardless of the source (device, location, encryption, application type, etc.), and once traffic is tagged to a user/organization, various polices can be enforced and audit logs of user access can be maintained.
摘要翻译: 基于云的安全Web网关,基于云的安全Web方法和网络向组织提供作为基于云的服务的安全Web网关(SWG),并在其中提供动态用户标识和策略实施。 作为基于云的服务,SWG系统和方法提供了可扩展性和容纳多个组织的能力,其间具有适当的隔离。 基于云的SWG有两个基本要求:(i)具有将流量从组织或其用户转发到SWG节点的方法,以及(ii)能够对组织和用户进行身份验证以进行策略执行和访问日志记录 。 无论源(设备,位置,加密,应用程序类型等),SWG系统和方法都会将流量动态地关联到用户,一旦流量被标记给用户/组织,就可以执行各种策略并审核用户访问日志 可以维护。
-
10.发明申请SYSTEMS AND METHODS FOR INTEGRATING CLOUD SERVICES WITH INFORMATION MANAGEMENT SYSTEMS 有权用信息管理系统集成云服务的系统和方法公开(公告)号:US20150163199A1
公开(公告)日:2015-06-11
申请号:US14597623
申请日:2015-01-15
申请人: Kailash Kailash , Chakkaravarthy Periyasamy Balaiah , Sushil Pangeni , Amit Sinha , Samuel John Crank , Manoj Apte , Sridhar Narasimhan
发明人: Kailash Kailash , Chakkaravarthy Periyasamy Balaiah , Sushil Pangeni , Amit Sinha , Samuel John Crank , Manoj Apte , Sridhar Narasimhan
IPC分类号: H04L29/06
CPC分类号: H04L63/0209 , H04L41/0213 , H04L41/069 , H04L41/5096 , H04L43/0817 , H04L61/2514 , H04L63/1416 , H04L63/1425 , H04L63/1433
摘要: Systems and methods of integrating log data from a cloud system with an internal management system are described, wherein the cloud system is located externally from a secure network which contains the internal management system. The systems and methods include receiving log data from a cloud system through a secure connection between the secure network and the cloud system; buffering the received log data; filtering the buffered, received log data; and transmitting the filtered, buffered, received log data to the internal management system in a format associated with the internal management system.
摘要翻译: 描述了将来自云系统的日志数据与内部管理系统集成的系统和方法,其中云系统位于包含内部管理系统的安全网络的外部。 系统和方法包括通过安全网络和云系统之间的安全连接从云系统接收日志数据; 缓存接收到的日志数据; 过滤缓冲的接收到的日志数据; 以及以与内部管理系统相关联的格式将经过滤的缓冲的接收到的日志数据发送到内部管理系统。
-
-
-
-
-
-
-
-
-
搜索结果
26 条记录 (耗时 0.02 秒)
