-
公开(公告)号:US11632366B1
公开(公告)日:2023-04-18
申请号:US16582548
申请日:2019-09-25
申请人: F5 Networks, Inc.
发明人: Yaniv Shemesh , Mark Ernest Quevedo
摘要: Technology related to multi-device authentication is disclosed. In one example, a method can include receiving a request from a requesting client device to access a secured server. A command can be sent to an authenticating device to capture environmental information in proximity to the authenticating device. The captured environmental information can be used to verify the requesting client device and the authenticating device are near each other. The received request can be forwarded to the secured server in response to verifying the requesting client device and the authenticating device are near each other.
-
公开(公告)号:US11539740B1
公开(公告)日:2022-12-27
申请号:US16266742
申请日:2019-02-04
申请人: F5 Networks, Inc.
发明人: Peter Finkelshtein , Vadim Krishtal
IPC分类号: H04L29/06 , H04L9/40 , H04L41/28 , H04L41/0631
摘要: Methods, non-transitory computer readable media, and network traffic manager apparatus that assists with protecting a CPU during a DDOS attack includes monitoring network traffic data from plurality of client devices. Each of the plurality of client devices are classified as a valid device or a potential attacker device based on the monitoring. Next a determination of when CPU utilization of a network traffic manager apparatus is greater than a stored threshold value is made. The CPU utilization of the network traffic manager increases as a number of the plurality of client devices classified as the potential attacker device increases. One or more network actions are performed on the plurality of client devices classified as the potential attacker device to protect the CPU when the determination indicates the CPU utilization is greater than the stored threshold value.
-
公开(公告)号:US11349981B1
公开(公告)日:2022-05-31
申请号:US17084064
申请日:2020-10-29
申请人: F5 Networks, Inc.
发明人: Nat Thirasuttakorn , Daniel Wright
摘要: The technology discloses intercepting a request to initiate a call configured to utilize one of plurality of call initiation techniques. Next, it is determined when the one of the call initiation techniques in the intercepted request is in a subset of the plurality of call initiation techniques configured to integrate at least a part of media control negotiation and call establishment. One or more fields of the intercepted request is modified to disable the one of the plurality of call initiation techniques that is configured to integrate at least a part of media control negotiation and call establishment when the determination indicates the one of the plurality of call initiation techniques is in the subset. A permission is provided to the first mobile device to initiate the call with the second mobile device using a sequential call establishment and media control negotiation technique.
-
公开(公告)号:US20220103445A1
公开(公告)日:2022-03-31
申请号:US17490639
申请日:2021-09-30
申请人: F5 Networks, Inc.
摘要: Technology related to scheduling services on a platform including configurable computing resources is disclosed. In one example, a method includes scheduling a service to execute on a first computing node based on an availability of general-purpose computing resources at the first computing node. The first computing node can be selected from a plurality of computing nodes. Network traffic transiting the first computing node can be analyzed during the execution of the service to determine a hardware accelerator of a second computing node is capable of assisting the execution of the service. The service can be scheduled to execute on the second computing node and the hardware accelerator of the second computing node can be used to assist with the execution of the service.
-
公开(公告)号:US11122067B2
公开(公告)日:2021-09-14
申请号:US16534126
申请日:2019-08-07
申请人: F5 Networks, Inc.
发明人: Shlomo Yona , Ron Talmor , Itsik Mantin , Yaniv Shemesh
IPC分类号: H04L29/06
摘要: Methods, non-transitory computer readable media, anomaly detection apparatuses, and network traffic management systems that generate, based on the application of one or more models and for a first flow associated with a received first set of network traffic, one or more likelihood scores and at least one flow score based on the likelihood scores. One or more of the one or more models are associated with one or more browsing patterns for a web application to which the first set of network traffic is directed. A determination is made when the flow score exceeds a threshold. A mitigation action is initiated, based on a stored policy, with respect to the first set of network traffic, when the determining indicates that the flow score exceeds the established threshold.
-
公开(公告)号:US20210258248A1
公开(公告)日:2021-08-19
申请号:US16794390
申请日:2020-02-19
申请人: F5 Networks, Inc.
IPC分类号: H04L12/725 , H04L12/771
摘要: Technology related to processing network packets in a subscriber-aware manner is disclosed. In one example, a method includes selecting one or more subscribers to move from a first network processing node to a second network processing node. In response to the selection, subscriber data associated with the one or more subscribers can be programmed at the second network processing node. After the subscriber data associated with the one or more subscribers is programmed on the second network processing node, a software defined network (SDN) switch can be reprogrammed to forward network traffic having network addresses associated with the one or more subscribers to the second network processing node instead of the first network processing node.
-
公开(公告)号:US11019022B1
公开(公告)日:2021-05-25
申请号:US16774520
申请日:2020-01-28
申请人: F5 Networks, Inc.
摘要: Technology related to processing network packets with returnable values is disclosed. In one example, a method includes intercepting a Domain Name System (DNS) request including returnable request values in respective request packet fields. A hash function can be used to characterize or modify the intercepted returnable request values. The intercepted DNS request can be forwarded to a DNS server. A DNS response including returnable response values in respective response packet fields can be received. The returnable response values and the hash function can be used to determine whether the DNS response is legitimate. A legitimate DNS response can be forwarded to a client.
-
公开(公告)号:US10904323B2
公开(公告)日:2021-01-26
申请号:US16004279
申请日:2018-06-08
申请人: F5 Networks, Inc.
摘要: The disclosed technology includes accessing a first network application programming interface exposed by a first cloud provider of the plurality of cloud providers to identify a first pricing profile, the first pricing profile associated with the first Cloud provider. Upon identifying the first pricing profile, accessing a second network application programming interface exposed by a second cloud provider of the plurality of cloud providers to identify a second pricing profile, the second pricing profile associated with the second Cloud provider. A load balancing decision is determined comparing the identified first pricing profile with the identified second pricing profile. Next, the determined load balancing decision is executed on a monitored computing-traffic.
-
公开(公告)号:US10855701B2
公开(公告)日:2020-12-01
申请号:US16181042
申请日:2018-11-05
申请人: F5 Networks, Inc.
IPC分类号: H04L29/06
摘要: Network traffic management apparatuses, systems, methods, and computer-readable media for automatically detecting attack signatures and generating attack signature identifications, involving: collecting a stable dataset during a stable time; determining whether a cyber-attack is detected; when a cyber-attack is detected, periodically generating attack signatures and updating an enforcer with the attack signatures, the attack signatures representing dynamic rules to be enforced; validating the dynamic rules via a long-time validation mechanism, validating involving considering behavior of each dynamic rule after the cyber-attack and during a new cyber-attack and ranking each dynamic rule using the stable dataset, thereby generating persistent rules having a dynamic rule; exporting the persistent rules to a security enforcer; introducing the persistent rules to a persistent rule revocater; determining whether export of an unrevoked persistent rule is requested; and if requested, exporting the unrevoked persistent rule of the persistent rules through a mitigator and collecting statistics.
-
公开(公告)号:US10834110B1
公开(公告)日:2020-11-10
申请号:US15382668
申请日:2016-12-18
申请人: F5 Networks, Inc.
发明人: Sergei Edelstein , Michael Kapelevich , Shlomo Yona , Ron Talmor
IPC分类号: H04L29/06
摘要: A method, non-transitory computer readable medium, and device includes monitoring a session layer and transport layer network traffic data received from a plurality of client computing devices and plurality of servers. A plurality of network traffic anomaly threshold values and a plurality of server health anomaly threshold values for the monitored session layer and the transport layer network traffic data are estimated. Whether a plurality of current network traffic anomaly values and a plurality of current server health anomaly values for the monitored network traffic data exceeds each of the corresponding estimated plurality of network traffic anomaly threshold values and the estimated plurality of server health anomaly threshold values, and whether the current plurality of network traffic anomaly values and the current plurality of server health anomaly values are not a false anomaly is determined. A mitigation action is initiated based on the determination.
-
-
-
-
-
-
-
-
-
搜索结果
492 条记录 (耗时 0.03 秒)
