公开(公告)号：US20190303123A1

公开(公告)日：2019-10-03

申请号：US16370780

申请日：2019-03-29

Applicant: Barracuda Networks, Inc.

Inventor： Mathew LEVAC ,  Fleming SHI

IPC: G06F8/61 ,  G06F8/71 ,  G06F21/53 ,  G06F16/2455 ,  G06F11/30 ,  G06F11/34

Abstract: A new approach is proposed that contemplates systems and methods to support a sandboxed application plug-in distribution framework. An installation package containing a monitoring plug-in, a display plug-in, and/or third part components is received by a first application running on a first computing device. The first application installs the display plug-in and saves the monitoring plug-in to a centralized database. The first application sends an instruction to a second application running on a second computing device to retrieve the monitoring plug-in from the database and install the monitoring plug-in on the second computing device. Upon receiving a user request, the display plug-in of the first application sends a query to the monitor plug-in of the second application. In response to the query, the monitoring plug-in sends the requested monitored data collected by the second application to the display plug-in, which then formats and presents the monitored data to the user.

公开(公告)号：US20190222606A1

公开(公告)日：2019-07-18

申请号：US16363596

申请日：2019-03-25

Applicant: Barracuda Networks, Inc.

Inventor： Marco SCHWEIGHAUSER ,  Lior GAVISH ,  Itay BLEIER ,  Asaf CIDON

IPC: H04L29/06 ,  G06F9/54 ,  G06N5/02 ,  H04L12/58

Abstract: A new approach is proposed that contemplates systems and methods to support email account takeover detection and remediation by utilizing an artificial intelligence (AI) engine/classifier that detects and remediates such attacks in real time. The AI engine is configured to continuously monitor and identify communication patterns of a user on an electronic messaging system of an entity via application programming interface (API) calls. The AI engine is then configured to collect and utilize a variety of features and/or signals from an email sent from an internal email account of the entity. The AI engine combines these signals to automatically detect whether the email account has been compromised by an external attacker and alert the individual user of the account and/or a system administrator accordingly in real time. The AI engine further enables the parties to remediate the effects of the compromised email account by performing one or more remediating actions.

公开(公告)号：US20190028499A1

公开(公告)日：2019-01-24

申请号：US15693353

申请日：2017-08-31

Applicant: BARRACUDA NETWORKS, INC.

Inventor： Asaf Cidon ,  Lior Gavish ,  Michael Perone

IPC: H04L29/06 ,  G06F9/54 ,  G06F21/53 ,  G06N5/04 ,  G06N99/00

Abstract: A new approach is proposed to support anti-fraud user training and protection by identifying and training individuals within an entity who are at high risk of being targeted in an impersonating attack. An AI engine automatically collects historical electronic messages of each individual in the entity on an electronic messaging system via an application programming interface (API) call. The AI engine then analyzes contents the collected historical electronic messages and calculates a security score for each individual via AI-based classification. The AI engine identifies high-risk individuals within the entity based on their security scores and launches simulated impersonating attacks against these individuals to test their security awareness. The AI engine then collects and analyzes responses to the simulated attacks by those high-risk individuals in real time to identify issues in the responses and to take corresponding actions to prevent the high-risk individuals from suffering damages in case of real attacks.

公开(公告)号：US20180137300A1

公开(公告)日：2018-05-17

申请号：US15814250

申请日：2017-11-15

Applicant: BARRACUDA NETWORKS, INC.

Inventor： Fleming Shi ,  Luo Wang

IPC: G06F21/62 ,  H04L29/06 ,  G06F17/30

CPC classification number: G06F21/6218 ,  G06F16/93 ,  G06F21/554 ,  G06F21/6209 ,  G06F2221/2115 ,  H04L63/0428 ,  H04L63/083 ,  H04L63/105 ,  H04L63/20

Abstract: A new approach is proposed that contemplates systems and methods to support safe preview and immediate delivery of a document from a document producer to an end user while protecting the user from accidentally opening the original document if it has been tampered with by an email attacker. First, the original document is submitted to a safe preview server cluster, where a passcode is generated for the document and the document is processed for policy assessments of possible security threats. The document is then encrypted with the generated passcode and provided to the user together with results of the policy assessments and a preview of content of the document for preview upon request. Based on the user's choice, the user can retrieve the passcode from the server and decrypt the document with the passcode wherein the original document is deleted from the safe preview server cluster once it is downloaded.

公开(公告)号：US20160360337A1

公开(公告)日：2016-12-08

申请号：US15172051

申请日：2016-06-02

Applicant: BARRACUDA NETWORKS, INC.

Inventor： Thorfinn Clark ,  Dominic Tham

IPC: H04W4/00 ,  H04W12/08 ,  H04L12/58 ,  H04W12/06 ,  H04L29/08 ,  H04L29/06

CPC classification number: H04W4/50 ,  H04L12/1859 ,  H04L51/04 ,  H04L51/14 ,  H04L67/10 ,  H04L67/26 ,  H04L67/42 ,  H04W4/14

Abstract: A new approach is proposed to support automated dynamic reconfiguration of a mobile device of a client from using a primary document service to a secondary document service by the same service provider based on pushed data received via the mobile device. When the client logs in to his/her account at the primary cloud-based document service by default and later receives an invite sent by another client via the secondary document appliance, a document app on the client's mobile device would automatically reconfigure itself to use the secondary document appliance for a specific set of operations on a document as required by the invite instead. The client may then access the secondary document appliance to view the document, sign it, and complete the entire process within the document app. Following the client's completion of the operations, the document app is automatically reconfigured back to use its primary cloud-based document service.

Abstract translation: 提出了一种新方法，以支持客户端的移动设备的自动动态重新配置，基于通过移动设备接收到的推送数据，由同一服务提供商使用主文档服务到次要文档服务。 当客户端默认情况下，在主要的基于云的文档服务器上登录到他/她的帐户，然后通过次要文档设备接收另一个客户端发送的邀请，客户端移动设备上的文档应用程序将自动重新配置以使用 辅助文档设备用于根据邀请的要求对文档进行特定操作。 然后，客户端可以访问辅助文档设备来查看文档，签名并完成文档应用程序中的整个过程。 在客户完成操作之后，文档应用程序将自动重新配置为使用其主要的基于云的文档服务。

公开(公告)号：US20160309395A1

公开(公告)日：2016-10-20

申请号：US15130923

申请日：2016-04-15

Applicant: BARRACUDA NETWORKS, INC.

Inventor： Michael Perone ,  Fleming Shi

IPC: H04W48/08 ,  H04W8/00 ,  H04W76/02 ,  H04L12/46

CPC classification number: H04W76/10 ,  H04L12/4641 ,  H04W48/12 ,  H04W76/11 ,  H04W88/16

Abstract: A device includes a database, a controller, and a PVN router. The database is configured to store network settings information and tracks devices connected to a network. The controller is configured to control access of devices to one another after establishing a connection to the network. The PVN router is configured to receive a provisioning request from a requesting to connect to the network. The PVN router is further configured to transmit a provisioning response to the requesting device based on instantiation of a PVN template received from the database. The PVN template is generated based on the network settings information and further based on the control access determined by the controller. The provisioning response establishes a connection between the requesting device and the network. The requesting device is inaccessible by a subset of devices already connected in the network after the connection is established and vice versa.

Abstract translation: 设备包括数据库，控制器和PVN路由器。 数据库被配置为存储网络设置信息并跟踪连接到网络的设备。 控制器被配置为在建立到网络的连接之后控制设备彼此的访问。 PVN路由器被配置为从请求连接到网络接收供应请求。 PVN路由器还被配置为基于从数据库接收的PVN模板的实例来向请求设备发送供应响应。 基于网络设置信息生成PVN模板，并且还基于由控制器确定的控制访问。 供应响应建立请求设备和网络之间的连接。 在建立连接之后，已经连接在网络中的设备的子集不可访问请求设备，反之亦然。

公开(公告)号：US09472069B2

公开(公告)日：2016-10-18

申请号：US13666879

申请日：2012-11-01

Applicant: BARRACUDA NETWORKS, INC.

Inventor： Steven Goddard Roskowski

IPC: H04N7/18 ,  G08B13/196 ,  H04N5/76 ,  H04N5/232

CPC classification number: H04N7/18 ,  G08B13/196 ,  G08B13/19602 ,  G08B13/19665 ,  G08B13/19667 ,  H04L1/1685 ,  H04L2001/125 ,  H04N5/23206 ,  H04N5/76 ,  H04N7/181

Abstract: A single Point of Recordation Terminal (PORT) is disclosed. The PORT is configured to detect one or more events of interest, generate one or more representations of the event and establish the timing relationship among the multiple representations of the event of interest. The PORT is further configured to associate a unique ID of the PORT with the representations, encrypt and upload the representations to the cloud.

Abstract translation: 一个单点记录终端（PORT）被披露。 该端口被配置为检测一个或多个感兴趣的事件，生成事件的一个或多个表示并且建立感兴趣事件的多个表示之间的时序关系。 该端口还被配置为将PORT的唯一ID与表示相关联，加密并将表示上传到云。

公开(公告)号：US20160246995A1

公开(公告)日：2016-08-25

申请号：US15017490

申请日：2016-02-05

Applicant: BARRACUDA NETWORKS, INC.

Inventor： Jason D. Dictos ,  Andy Blyler

IPC: G06F21/62 ,  H04L29/06

CPC classification number: G06F21/6245 ,  G06F21/6236 ,  H04L63/0272 ,  H04L63/102 ,  H04L67/1095

Abstract: A new approach is proposed that contemplates systems and methods to support authorized access by a second client to files stored on a local content appliances (CA), wherein each content appliance is a storage device/host configured to locally maintain entire or parts of files owned and maintained by a first user. First, a first client agent is configured to establish a region including at least one local CA and to provide authoritative copies of one or more of its files and/or their parts containing sensitive information of the first client to be stored and maintained on the CA in the region instead of uploading them to a cloud storage. The first client agent uploads only metadata of the files to the cloud storage wherein the metadata includes information on storage location and access permission of the files and/or their parts. A second client agent is configured to retrieve the metadata of the files from the cloud storage and to request access to the authoritative copies of the files and/or their parts directly from the local CA in the region based on the retrieved metadata.

Abstract translation: 提出了一种新方法，其中考虑了系统和方法来支持第二客户端对存储在本地内容设备（CA）上的文件的授权访问，其中每个内容设备是被配置为在本地维护整个或部分所有文件的存储设备/主机 并由第一个用户维护。 首先，第一客户端代理被配置为建立包括至少一个本地CA的区域并提供其文件中的一个或多个的权威副本和/或其部分，其中包含要存储和维护在CA上的第一客户端的敏感信息 而不是将其上传到云端存储。 第一客户端代理仅将文件的元数据上传到云存储，其中元数据包括关于文件和/或其部分的存储位置和访问许可的信息。 第二客户端代理被配置为从云存储检索文件的元数据，并且基于检索到的元数据，直接从区域中的本地CA请求访问文件和/或其部分的授权副本。

公开(公告)号：US09152466B2

公开(公告)日：2015-10-06

申请号：US13928092

申请日：2013-06-26

Applicant: BARRACUDA NETWORKS, INC.

Inventor： Jason Dictos ,  Kyle John Hendricks ,  Aaron Kluck

IPC: G06F3/00 ,  G06F9/46 ,  G06F9/50 ,  G06F17/30

CPC classification number: G06F9/5027 ,  G06F17/30224

Abstract: A cloud file event server transmits file events necessary to synchronize a file system of a file share client. A tree queue director circuit receives file events and stores each one into a tree data structure which represents the hierarchical paths of files within the file share client. An event normalization circuit sorts the file events stored at each node into sequential order and moots file events which do not have to be performed because a later file event makes them inconsequential. A thread scheduling circuit assigns a resource to perform file events at a first node in a hierarchical path before assigning one or more resources to a second node which is a child of the first node until interrupted by the tree queue director circuit or until all file events in the tree data structure have been performed.

Abstract translation: 云文件事件服务器传输文件共享客户端文件系统同步所需的文件事件。 树队列指导电路接收文件事件并将每个文件事件存储到表示文件共享客户端中的文件的分层路径的树数据结构中。 事件归一化电路将存储在每个节点处的文件事件按顺序排序，并且不需要执行文件事件，因为稍后的文件事件使它们无关紧要。 线程调度电路在将一个或多个资源分配给作为第一节点的子节点的第二节点之前分配资源以执行分层路径中的第一节点处的文件事件，直到由树队列指导器电路中断，或直到所有文件事件 在树数据结构中已经执行了。

公开(公告)号：US20150106385A1

公开(公告)日：2015-04-16

申请号：US14053429

申请日：2013-10-14

Applicant: BARRACUDA NETWORKS, INC.

Inventor： Thorfinn Clark ,  Chris Hawkins

IPC: G06F17/30 ,  H04L12/24

CPC classification number: H04L41/22 ,  G06F16/353 ,  G06F17/241 ,  G06Q10/10

Abstract: Documents are scored and displayed with annotations for best practices, and variances from normal ranges of clauses and clause groups. Custom rules developed for an industry or for an enterprise further distinguish which documents need further review or approval by senior staff because of higher risks or commitments than standard terms and conditions. A display provides the document transformed with annotations about the scores or rules triggered by each group of clauses and accepts comments and approval or objections to acceptance of the document. The absence of best practices clauses for the category is noted for reference.

Abstract translation: 记录文档并显示注释，以获得最佳做法，以及与正常范围的子句和子句组的差异。 为行业或企业制定的习惯规则进一步区分哪些文件需要高级职员进一步审查或批准，因为比标准条款和条件更高的风险或承诺。 显示器提供转换了关于由每组条款触发的分数或规则的注释的文档，并接受对文档的接受的意见和批准或反对。 该类别的最佳做法条款没有被注明参考。