公开(公告)号：US10439990B2

公开(公告)日：2019-10-08

申请号：US16031963

申请日：2018-07-10

Applicant: BARRACUDA NETWORKS, INC.

Inventor： Fleming Shi ,  Gean Han

IPC: H04L29/06 ,  H04L12/46 ,  H04L12/66 ,  H04W84/12 ,  H04L12/911

Abstract: An approach is proposed that contemplates system and method to configure firewall rules of a VPN gateway of a protected network so that users of devices in the protected network can access Internet securely via a captive network. First, the proposed approach enables the VPN gateway to probe the captive network with an HTTP request to discover a captive portal of the captive network. After the captive portal is discovered, one or more firewall rules of the VPN gateway are added so that network traffic from the devices in the protected network are redirected to the captive portal for authentication. Once the users are authenticated and a VPN tunnel is established between the VPN gateway and a remote VPN tunnel terminal, the firewall rules previously added are removed from the VPN gateway and all network traffic from the devices in the protected network are routed over the VPN tunnel.

公开(公告)号：US11645943B2

公开(公告)日：2023-05-09

申请号：US16358503

申请日：2019-03-19

Applicant: Barracuda Networks, Inc.

Inventor： Fleming Shi

IPC: H04L9/40 ,  G09B19/00

CPC classification number: G09B19/0053 ,  H04L63/1416 ,  H04L63/1483

Abstract: An approach is proposed to support user-specific real time anti-phishing training of email recipients using real phishing attacks. When a recipient triggers an active content such as an URL link embedded in and/or opens an attachment to an email arrived at the recipient's account, the triggered active content is synchronously intercepted and examined in real time for potential malicious intent of a phishing attack. If the triggered active content is determined to be safe, the recipient is allowed to access the content. If the active content is determined to be malicious, the active content is blocked and the recipient is redirected a safe blocking mechanism. The recipient is then provided with an anti-phishing training exercise, which is specifically customized for the recipient based on the blocked active content in the payload of the email and/or the recipient's security posture and awareness.

公开(公告)号：US11356469B2

公开(公告)日：2022-06-07

申请号：US16899570

申请日：2020-06-11

Applicant: Barracuda Networks, Inc.

Inventor： Alexey Tsitkin ,  Marco Schweighauser ,  Nadia Korshun ,  Shachar Sapir ,  Fleming Shi

IPC: H04L9/40

Abstract: A new approach is proposed to support generating and presenting to a user cyber attack monetary impact estimation of a current or future cyber attack, which is used to stop monetary losses or to mitigate monetary impacts. First, both historic data and real time data on monetary impact of current and/or potential cyber attacks is continuously collected from a plurality of data pools. The collected data is then synchronized, correlated and filtered/cleansed once the data is available to create fidelity among the data from the plurality of data pools. The cyber attack monetary impact is calculated based on the correlated and cleansed data, and is presented to the user along with one or more suggested applications by the user in response to the cyber attack monetary impact, to mitigate the monetary impact of the current or future cyber attack.

公开(公告)号：US11250130B2

公开(公告)日：2022-02-15

申请号：US16549978

申请日：2019-08-23

Applicant: Barracuda Networks, Inc.

Inventor： Fleming Shi ,  Joseph Thomas Comeau

IPC: G06F21/56 ,  G06F21/62

Abstract: A new approach is proposed that contemplates systems and methods to support scanning through a file of large size without having to load the entire file into memory of single file parser or scanner. The proposed approach is configured to divide a ginormous file to be parsed and scanned into a plurality of sections following a divide and conquer scheme. The plurality sections of the file are then parsed and loaded to a plurality of file scanners each configured to scan its allocated file section of a certain file type. Each of the plurality of file scanners is then configured to extract and evaluate from its allocated section file parts that can be harmful to a user of the file and/or expose sensitive/protected information of the user. The scan results are then collected, analyzed, and report to a user with a final determination on the malicious content and sensitive data.

公开(公告)号：US10761825B2

公开(公告)日：2020-09-01

申请号：US16370780

申请日：2019-03-29

Applicant: Barracuda Networks, Inc.

Inventor： Mathew Levac ,  Fleming Shi

IPC: G06F8/61 ,  G06F8/71 ,  G06F21/53 ,  G06F11/30 ,  G06F11/34 ,  G06F16/2455 ,  G06F9/445

Abstract: A new approach is proposed that contemplates systems and methods to support a sandboxed application plug-in distribution framework. An installation package containing a monitoring plug-in, a display plug-in, and/or third part components is received by a first application running on a first computing device. The first application installs the display plug-in and saves the monitoring plug-in to a centralized database. The first application sends an instruction to a second application running on a second computing device to retrieve the monitoring plug-in from the database and install the monitoring plug-in on the second computing device. Upon receiving a user request, the display plug-in of the first application sends a query to the monitor plug-in of the second application. In response to the query, the monitoring plug-in sends the requested monitored data collected by the second application to the display plug-in, which then formats and presents the monitored data to the user.