公开(公告)号：US11356295B2

公开(公告)日：2022-06-07

申请号：US17208202

申请日：2021-03-22

Applicant: VMware, Inc.

Inventor： Suman Aluvala ,  Sivasubramaniam Sivakumar ,  Ben Joseph

IPC: G06F15/16 ,  H04L12/46 ,  G06F9/54 ,  H04L67/56

Abstract: Examples described herein include systems and methods for creating a per-app virtual private network (“VPN”) using hooking, even though an isolated process is used for networking functions. The isolated process can include networking functions of the WebView class for ANDROID. The application can start an HTTP proxy server to receive local HTTP requests. Then, the application can trigger a broadcast to the isolated process, causing the isolated process to route its HTTP requests to the HTTP proxy of the application. The application can then hook HTTP requests and send them to a virtual private network (“VPN”) tunnel server. This can allow an application to securely connect to enterprise files or data even though the networking functions occur in the isolated process.

公开(公告)号：US11089606B1

公开(公告)日：2021-08-10

申请号：US16907324

申请日：2020-06-22

Applicant: VMWARE, INC.

Inventor： Rohit Pradeep Shetty ,  Suman Aluvala ,  Ramani Panchapakesan

IPC: H04W72/10 ,  H04W84/18 ,  H04W24/08 ,  H04W84/00

Abstract: Described herein are methods and systems for dynamically optimizing a Flying Ad-Hoc Network (“FANET”). A server that manages the FANET can receive information relating to the network activity of user devices connected to the FANET. Examples of the type of information included can include the user devices' locations, network connection quality, and network traffic volume dedicated to a Unified Endpoint Management (“UEM”) system of an enterprise. The server can analyze the network activity information based on a set of rules to prioritize the user devices connected to the FANET. The server can instruct unmanned aerial vehicles (“UAVs”) in the FANET to reposition themselves to provide the best connection for higher priority user devices.

公开(公告)号：US11070388B2

公开(公告)日：2021-07-20

申请号：US17027871

申请日：2020-09-22

Applicant: VMware, Inc.

Inventor： Ramani Panchapakesan ,  Suman Aluvala

IPC: H04L12/28

Abstract: Disclosed are various examples for dynamically generating and implementing scenario profiles for a network of devices, including IoT devices. A managed device can receive a dynamically generated scenario profile that defines tasks to be performed by the device for a given scenario. The device can also receive a scenario message that is broadcasted to all managed devices in a network and identifies an occurrence of a given scenario. If the device determines that the device is an intended recipient of the scenario message, the device can identify the scenario profile associated with the given scenario and perform the tasks defined by the scenario profile. The scenario profile can be modified and/or updated based on event data associated with the device.

公开(公告)号：US20210185012A1

公开(公告)日：2021-06-17

申请号：US16788325

申请日：2020-02-12

Applicant: VMWARE, INC.

Inventor： Arjun Kochhar ,  Suman Aluvala ,  Amit Yadav ,  Aman Srivastava

IPC: H04L29/06 ,  H04W12/00 ,  G06N20/00

Abstract: Disclosed are various examples for securing enterprise resources using a virtual private network. A client device can send a first unique device identifier for the client device to a remote management service upon enrollment. When a virtual private network application is first executed, the client device can send a second unique device identifier to the remote management service, where the remote management service is configured to store the second unique device identifier in association with the first unique universal identifier. During subsequent executions of the virtual private network application, the virtual private network service can authenticate the client device by comparing the first unique device identifier and the second unique device identifier to a device identifier received from the remote management service. A machine learning routine can be employed to identify anomalies as the virtual private network application is executed.

公开(公告)号：US10785196B2

公开(公告)日：2020-09-22

申请号：US15913942

申请日：2018-03-07

Applicant: VMWARE, INC.

Inventor： Ramani Panchapakesan ,  Suman Aluvala ,  Niranjan Paramashivaiah ,  Mahesh Kavatage ,  Pavan Rajkumar Rangain ,  Craig Farley Newell

IPC: H04L29/00 ,  H04L29/06 ,  H04L9/08

Abstract: Disclosed are various examples for establishing encrypted channels or tunnels within a TCP or other communication session between a tunnel endpoint and tunnel client on a client device. A tunnel endpoint on the client device can determine an encryption key based upon whether a client device is in compliance with encryption policies of the enterprise.

公开(公告)号：US11805182B2

公开(公告)日：2023-10-31

申请号：US17581232

申请日：2022-01-21

Applicant: VMware, Inc.

Inventor： Suman Aluvala ,  Ramani Panchapakesan ,  Pushkal Maheshwari ,  Mahesh Ashok Kavatage ,  Pavan Rajkumar Rangain ,  Erich Peter Stuntebeck

IPC: H04L67/306 ,  H04L67/55 ,  H04L9/40 ,  H04L67/00

CPC classification number: H04L67/34 ,  H04L63/0823 ,  H04L63/123 ,  H04L67/306 ,  H04L67/55

Abstract: A first server can generate user profiles and receive requests from user devices for enrollment in a first server-managed system that includes user groups. The first server can provide a unique key to a user device during an enrolment process based on a user group the user device is assigned to. The first server can include an enrollment notification for the user device in a first notification transmitted to a messaging service. The messaging service can transmit a second notification to the user device, and the user device can request a user profile from a second server based on second server access information included in the second notification. The second server can use the unique key to access user profile information which it transmits to the user device based on the request. The user device can access the user profile from the profile information using the unique key.

公开(公告)号：US11706202B2

公开(公告)日：2023-07-18

申请号：US17157367

申请日：2021-01-25

Applicant: VMware, Inc.

Inventor： Suman Aluvala ,  Ramani Panchapakesan ,  Rajneesh Kesavan ,  Arjun Kochhar

IPC: G06F21/64 ,  H04L9/40 ,  H04L9/32 ,  H04L9/08

CPC classification number: H04L63/0485 ,  G06F21/64 ,  H04L9/0894 ,  H04L9/3247 ,  H04L9/3263 ,  H04L9/3268 ,  H04L63/123 ,  H04L2209/80

Abstract: Examples described herein include systems and methods for performing distributed encryption across multiple devices. An example method can include a first device discovering a second device that shares a network. The device can identify data to be sent to a server and calculate a checksum for that data. The device can then split the data into multiple portions and send a portion to the second device, along with a certificate associated with the server for encrypting the data. The first device can encrypt the portion of data it retained. The first device can receive an encrypted version of the second portion of the data sent to the second device. The first device can merge these two portions and send the merged encrypted data to the server, along with the checksum value. The server can decrypt the data and confirm that it reflects the original set of data.

公开(公告)号：US11538483B2

公开(公告)日：2022-12-27

申请号：US16829193

申请日：2020-03-25

Applicant: VMware, Inc.

Inventor： Rohit Pradeep Shetty ,  Suman Aluvala

IPC: G10L15/32 ,  G10L15/22 ,  G06Q10/10 ,  H04L9/40 ,  H04L67/306

Abstract: Disclosed are various aspects of postponing or migrating tasks from a first assistant device to another assistant device. In some examples, an assistant device can facilitate task completion. Tasks can be recommended for postponement based upon the complexity of the task, a historical user profile, or the location of the assistant device.

公开(公告)号：US11272043B2

公开(公告)日：2022-03-08

申请号：US16815037

申请日：2020-03-11

Applicant: VMWARE, INC.

Inventor： Suman Aluvala ,  Craig Farley Newell ,  Amit Kumar Yadav ,  Pavan Rajkumar Rangain ,  Rohit Pradeep Shetty

IPC: H04L29/06 ,  H04L69/22 ,  H04L69/16 ,  H04L69/326 ,  H04L12/46 ,  H04W88/18

Abstract: The technology disclosed herein enables packet handling based on user information included in packet headers. In a particular embodiment, a method provides, in a gateway to a network environment, establishing a first connection with a first connection endpoint outside of the network environment. The method further provides identifying first user information associated with the first connection and adding the first user information to a packet header of one or more first packets associated with the first connection. Also, the method provides transferring the one or more first packets into the network environment.

公开(公告)号：US11233876B2

公开(公告)日：2022-01-25

申请号：US16802601

申请日：2020-02-27

Applicant: VMWARE, INC.

Inventor： Suman Aluvala ,  Ramani Panchapakesan ,  Pushkal Maheshwari ,  Mahesh Ashok Kavatage ,  Pavan Rajkumar Rangain ,  Erich Peter Stuntebeck

IPC: H04L29/08 ,  H04L29/06

Abstract: A first server can generate user profiles and receive requests from user devices for enrollment in a first server-managed system that includes user groups. The first server can provide a unique key to a user device during an enrolment process based on a user group the user device is assigned to. The first server can include an enrollment notification for the user device in a first notification transmitted to a messaging service. The messaging service can transmit a second notification to the user device, and the user device can request a user profile from a second server based on second server access information included in the second notification. The second server can use the unique key to access user profile information which it transmits to the user device based on the request. The user device can access the user profile from the profile information using the unique key.