公开(公告)号：US20170237572A1

公开(公告)日：2017-08-17

申请号：US15586213

申请日：2017-05-03

Applicant: BARRACUDA NETWORKS, INC.

Inventor： Fleming SHI ,  Luo WANG

IPC: H04L9/32 ,  H04L9/30 ,  H04L9/14 ,  H04L29/06 ,  H04L9/06

CPC classification number: H04L9/3263 ,  H04L9/0643 ,  H04L9/14 ,  H04L9/302 ,  H04L63/0218 ,  H04L63/0227 ,  H04L63/0815 ,  H04L63/0823 ,  H04L63/105 ,  H04L63/107 ,  H04L67/1002 ,  H04L67/1036

Abstract: A new approach is proposed that contemplates systems and methods to support bulk authentication of a device associated with a user to all cloud-based services the device intends to access in one transaction instead of authenticating the device against each of the services individually. First, the device generates and transmits to one or more authentication service clusters an authentication request that includes its identification and authentication credentials in order to access to a plurality of services. Upon receiving the authentication request, the authentication service cluster(s) authenticate the device for all of the services to be accessed based on the information in the authentication request. Once the device is authenticated, the authentication service cluster(s) then retrieve entitlement information of the services to be accessed by the device, and identify the service clusters/nodes that the device will connect to for the services with the fastest response time.

公开(公告)号：US09465598B2

公开(公告)日：2016-10-11

申请号：US13920682

申请日：2013-06-18

Applicant: Barracuda Networks, Inc.

Inventor： Steve Frank

IPC: G06F9/445

CPC classification number: G06F8/61 ,  G06F8/63

Abstract: A system for branding and deploying backup software includes a branding interface, a branding database, and an installer-generating server. The branding interface receives branding data from a partner associated with a partner machine. The branding database stores the received branding data. The installer-generating server generates a generic full installer capable of installing a software program and generates a branded installation shell in response to a request from the partner and using the stored branding data. The branded installation shell, when executed by the partner machine, retrieves the generic full installer from the installer-generating server. The branded installation shell causes the generic full installer to install in a branded location on the partner machine to make it appear as if the partner generated the software program installed by the generic full installer. Related apparatus, systems, techniques, and articles are also described.

Abstract translation: 用于品牌和部署备份软件的系统包括品牌界面，品牌数据库和安装程序生成服务器。 品牌界面从与伙伴机器相关联的合作伙伴接收品牌数据。 品牌数据库存储接收到的品牌数据。 安装程序生成服务器生成可以安装软件程序的通用完整安装程序，并响应于来自合作伙伴的请求并使用存储的品牌数据生成品牌安装shell。 品牌安装shell由伙伴机器执行时，从安装程序生成服务器检索通用的完整安装程序。 品牌安装外壳使通用的完整安装程序安装在合作伙伴机器上的品牌位置，使其看起来像合作伙伴生成由通用完全安装程序安装的软件程序。 还描述了相关装置，系统，技术和制品。

公开(公告)号：US20160246972A1

公开(公告)日：2016-08-25

申请号：US15147277

申请日：2016-05-05

Applicant: BARRACUDA NETWORKS, INC.

Inventor： Asaf Cidon ,  Israel Cidon ,  Lior Gavish ,  Prabandham Madan Gopal ,  Chandrashekhar Shetty

IPC: G06F21/60 ,  G06F21/62 ,  H04L29/06

CPC classification number: G06F21/602 ,  G06F17/30091 ,  G06F17/30194 ,  G06F21/62 ,  G06F21/6209 ,  G06F21/6218 ,  H04L63/0428

Abstract: An approach is proposed that contemplates systems, methods, and computer-readable storage mediums to support receiving, from a computerized system, a first encrypted file entity key and signed access metadata, wherein the first encrypted file entity key is created by encrypting a file entity key using a first encryption key, the signed access metadata is signed by the file entity key and the encrypted file entity is created by encrypting a file entity using the file entity key. The approach then determines whether to facilitate the decryption of the encrypted file entity by the computerized system and sends a second encrypted file entity key to the computerized system if it is determined to facilitate the decryption. The approach prevents the computerized system to decrypt the encrypted file entity if it is determined not to facilitate the decryption of the encrypted file entity by the computerized system.

Abstract translation: 提出了一种考虑系统，方法和计算机可读存储介质以支持从计算机系统接收第一加密文件实体密钥和签名的访问元数据的方法，其中通过加密文件实体来创建第一加密文件实体密钥 密钥使用第一加密密钥，签名的访问元数据由文件实体密钥签名，并且通过使用文件实体密钥加密文件实体来创建加密的文件实体。 该方法然后确定是否便利计算机化系统对加密文件实体进行解密，并且如果确定促进解密，则将第二加密文件实体密钥发送到计算机化系统。 如果确定不方便计算机化系统对加密文件实体的解密，则该方法防止计算机化系统解密加密文件实体。

公开(公告)号：US20150085636A1

公开(公告)日：2015-03-26

申请号：US14539875

申请日：2014-11-12

Applicant: BARRACUDA NETWORKS, INC.

Inventor： Klaus M. GHERI

IPC: H04W24/04 ,  H04W4/14

CPC classification number: H04W24/04 ,  H04W4/14

Abstract: A wireless mobile device coupled to a communications network is configured to transmit a Short Message Service (SMS) message to a network control device when the network control device is not accessible via a TCP/IP network. Said network control device is configured to parse and extract an instruction label from the SMS message received, retrieve a sequence of commands predefined and stored on the network control device based on the extracted instruction label, execute the sequence of commands on the network control device, and provide a status report back to the wireless mobile device following execution of the sequence of commands on the network control device.

Abstract translation: 耦合到通信网络的无线移动设备被配置为当网络控制设备不能经由TCP / IP网络访问时，向网络控制设备发送短消息服务（SMS）消息。 所述网络控制设备被配置为从所接收的SMS消息中解析和提取指令标签，基于所提取的指令标签检索预定义并存储在网络控制设备上的命令序列，执行网络控制设备上的命令序列， 并且在网络控制设备上执行命令序列之后向无线移动设备提供状态报告。

公开(公告)号：US20140259145A1

公开(公告)日：2014-09-11

申请号：US13955428

申请日：2013-07-31

Applicant: Barracuda Networks, Inc.

Inventor： Neeraj Khandelwal ,  Chandra Sekar Inguva Venkata ,  Anirudha Kamatgi ,  Chandradip Bhattacharya

IPC: H04L29/06

CPC classification number: H04L63/1458 ,  G06F21/31 ,  G06F2221/2133 ,  H04L63/0227

Abstract: An apparatus discerns clients by the requests made to a web application server through a web application firewall, which injects client side code into the responses with a randomized challenge that needs a unique answer to be returned in the cookie. The client side code generates cookies, which identify a browser to the web application server, or the web application firewall in subsequent requests if made by a normally configured browser and a fail threshold is checked for subsequent requests originating from such a browser. Each browser is thus fingerprinted and if the expected answer failures exceed a threshold, the client is marked as suspicious and a subsequent Turing test is enforced to these suspicious clients, failing which, a subsequent defined action is taken.

Abstract translation: 一种设备通过Web应用程序防火墙向Web应用程序服务器发出的请求来识别客户端，Web应用程序防火墙将客户端代码注入到需要在cookie中返回的唯一答案的随机挑战中。 如果通过正常配置的浏览器进行的客户端代码生成Cookie，以识别Web应用程序服务器的浏览器或后续请求中的Web应用程序防火墙，并检查从这样的浏览器发出的后续请求的失败阈值。 因此，每个浏览器都是指纹的，如果预期的答案失败超过阈值，则客户端被标记为可疑，并且对这些可疑客户端执行后续的图灵测试，否则，将采取后续定义的动作。

公开(公告)号：US20140258720A1

公开(公告)日：2014-09-11

申请号：US14203974

申请日：2014-03-11

Applicant: Barracuda Networks, Inc.

Inventor： William BLACK ,  Kelly PRICE

IPC: G06F21/62

CPC classification number: G06F21/6218 ,  G06F21/52

Abstract: A new approach is proposed that contemplates systems and methods to support encryption and decryption of files including data and source code associated with a software application running in a virtual environment on a per-file basis outside of a kernel of an operating system. The proposed approach utilizes metadata of the files associated with the software application to determine the files to be encrypted and decrypted and to monitor various properties of the files including the sizes of the unencrypted files for accurate reporting of information about the files. Under such an approach, the source code of the applications are encrypted and decrypted transparently at the file level without modifying or altering any of the source code of the application, the kernel and libraries of the operating system, and/or any components which are proprietary to the virtual environment.

Abstract translation: 提出了一种新的方法，其考虑了系统和方法来支持文件的加密和解密，包括与在操作系统的内核之外的每个文件的虚拟环境中运行的软件应用程序相关联的数据和源代码。 所提出的方法利用与软件应用程序相关联的文件的元数据来确定要加密和解密的文件，并且监视文件的各种属性，包括用于准确地报告关于文件的信息的未加密文件的大小。 在这种方法下，应用程序的源代码在文件级别被透明地加密和解密，而无需修改或更改应用程序的任何源代码，操作系统的内核和库，以及/或专有的任何组件 到虚拟环境。

公开(公告)号：US20140104420A1

公开(公告)日：2014-04-17

申请号：US13666875

申请日：2012-11-01

Applicant: BARRACUDA NETWORKS, INC.

Inventor： STEVEN GADDARD ROSKOWSKI

IPC: H04N7/18

CPC classification number: H04N7/18 ,  G08B13/196 ,  G08B13/19602 ,  G08B13/19665 ,  G08B13/19667 ,  H04L1/1685 ,  H04L2001/125 ,  H04N5/23206 ,  H04N5/76 ,  H04N7/181

Abstract: A system for providing video intelligence as a service to a plurality of small and medium sized enterprises to distributed video recordation equipment, comprising an apparatus and computer-implemented method. An apparatus comprises a point of recordation terminal apparatus coupled to a public network. A method for operating a system for video intelligence in a public network in a secure manner.

Abstract translation: 一种用于向多个中小型企业提供视频智能作为分发视频记录设备的系统，包括装置和计算机实现的方法。 一种装置包括耦合到公共网络的记录终端装置的点。 一种用于以安全的方式在公共网络中操作用于视频智能的系统的方法。

公开(公告)号：US20140101442A1

公开(公告)日：2014-04-10

申请号：US14103782

申请日：2013-12-11

Applicant: BARRACUDA NETWORKS, INC.

Inventor： Stephen Pao ,  Fleming Shi

IPC: H04L9/32

CPC classification number: H04L9/3268 ,  G06F21/44 ,  G06F21/85 ,  G06F2221/2119 ,  G06F2221/2129 ,  H04L9/0891 ,  H04L63/0823 ,  H04L63/1483 ,  H04L63/166 ,  H04L63/20

Abstract: Network security administrators are enabled to revoke certificates with their customizable certificate authority reputation policy store which is informed by an independent certificate authority reputation server when a CA is deprecated or has fraudulent certificate generation. The custom policy store overrides trusted root certificate stores accessible to an operating system web networking layer or to a third party browser. Importing revocation lists or updating browsers or operating system is made redundant. The apparatus protects an endpoint from a man-in-the-middle attack when a certificate authority has lost control over certificates used in TLS.

Abstract translation: 启用网络安全管理员可以使用可自定义的证书颁发机构信誉策略存储区撤销证书，当存在CA不推荐使用或产生欺诈性证书时，它将由独立的证书颁发机构信誉服务器通知。 自定义策略存储覆盖操作系统Web网络层或第三方浏览器可访问的受信任的根证书存储。 导入撤销列表或更新浏览器或操作系统是多余的。 当证书颁发机构已经失去对TLS中使用的证书的控制时，该设备保护端点免受中间人攻击。

公开(公告)号：US20130222587A1

公开(公告)日：2013-08-29

申请号：US13855710

申请日：2013-04-03

Applicant: Barracuda Networks, Inc

Inventor： Steven Goddard Roskowski

IPC: H04N7/18

CPC classification number: H04N7/18 ,  H04L61/2038 ,  H04L61/2092 ,  H04L63/0428 ,  H04L67/26 ,  H04L67/2842 ,  H04L67/2895 ,  H04L2001/125

Abstract: Apparatus and method for an Internet camera to determine local addressing and connect to a remote server to receive commands, connect through HTTP client protocol, and upload a reference to a video sequence cached at a point of recordation.

Abstract translation: 用于互联网摄像机的设备和方法，用于确定本地寻址并连接到远程服务器以接收命令，通过HTTP客户端协议进行连接，并且上传对在记录点缓存的视频序列的引用。

公开(公告)号：US20240354554A1

公开(公告)日：2024-10-24

申请号：US18425932

申请日：2024-01-29

Applicant: Barracuda Networks, Inc.

Inventor： Christopher L. Sawtelle

IPC: G06N3/0455 ,  G06N3/09

CPC classification number: G06N3/0455 ,  G06N3/09

Abstract: A new approach is proposed to support efficient model and object labeling correction for supervised learning using large language models (LLMs). An LLM engine accepts and collates one or more of a plurality of elements of an incorrect classification/prediction/labeling of an object by a supervised learning system in order to complete preparatory work that a human analyst would perform upon receiving the incorrect classification of the object. Using these elements, the LLM engine analyzes and generates a suggestion/identification on how the plurality of elements are related. In some embodiments, the LLM engine annotates the document with the suggestion/identification and to generate a document in, for a non-limiting example, static HTML format, wherein the document can be inserted into a labeling interface for the human analyst to correct the labeling of the object and/or one more models used by the supervised learning system to classify the object.