CLOUD APPLICATION CONTROL USING MAN-IN-THE-MIDDLE IDENTITY BROKERAGE
    3.
    发明申请
    CLOUD APPLICATION CONTROL USING MAN-IN-THE-MIDDLE IDENTITY BROKERAGE 有权
    使用中间身份认证的云应用控制

    公开(公告)号:US20160036855A1

    公开(公告)日:2016-02-04

    申请号:US14448012

    申请日:2014-07-31

    IPC分类号: H04L29/06 H04L29/08

    摘要: A cloud-based method, a system, and a cloud-based security system include receiving a request from a user for a cloud application at a proxy server; determining whether the user is authenticated based on a presence of cookies in the request; if the cookies are present, un-transforming the cookies by the proxy server and forwarding the request with the un-transformed cookies to the cloud application; and, if the cookies are not present, forwarding the request to the cloud application by the proxy server for authentication and transforming the cookies subsequent to the authentication prior to sending the cookies to the user.

    摘要翻译: 基于云的方法,系统和基于云的安全系统包括从代理服务器接收来自用户的云应用的请求; 基于所述请求中是否存在cookie来确定所述用户是否被认证; 如果存在cookie,则由代理服务器取消转换cookie,并将未转换的cookie转发到云应用程序; 如果不存在cookie,则由代理服务器将请求转发给云应用程序进行身份验证,并在将Cookie发送给用户之前转换认证后的Cookie。

    NON-STOP FORWARDING IN A MULTI-CHASSIS ROUTER
    4.
    发明申请
    NON-STOP FORWARDING IN A MULTI-CHASSIS ROUTER 有权
    在多重路由器路由器中不停止转发

    公开(公告)号:US20110013508A1

    公开(公告)日:2011-01-20

    申请号:US12889209

    申请日:2010-09-23

    IPC分类号: H04L12/26

    CPC分类号: H04L45/00 H04L45/58 H04L45/60

    摘要: State information is synchronized between a plurality of routing engines in a multi-chassis router according to a synchronization gradient. An example multi-chassis router is described that includes a primary routing engine and a standby routing engine in each chassis. According to the synchronization gradient, the primary routing engine of a control node updates state information on the standby routing engine of the control node prior to updating the primary routing engines of the other chassis. The primary routing engines of the other chassis update state information in respective standby routing engines prior to updating state information in consumers. If a primary routing engine fails, the corresponding standby routing engine assumes control of the primary routing engine's duties. Upon assuming control, a standby routing engine resumes updating state information without having to resend state information or interrupt packet forwarding.

    摘要翻译: 根据同步梯度,状态信息在多机架路由器中的多个路由引擎之间同步。 描述了一种示例性多机架路由器,其包括每个机架中的主路由引擎和备用路由引擎。 根据同步梯度,控制节点的主路由引擎在更新另一机箱的主路由引擎之前更新控制节点的备用路由引擎上的状态信息。 另一个机箱的主要路由引擎在更新消费者中的状态信息之前,在相应的备用路由引擎中更新状态信息。 如果主路由引擎发生故障,则相应的备用路由引擎将控制主路由引擎的任务。 在进行控制时,备用路由引擎恢复更新状态信息,而不必重新发送状态信息或中断分组转发。

    Archiving systems and methods for cloud based systems
    8.
    发明授权
    Archiving systems and methods for cloud based systems 有权
    基于云的系统的归档系统和方法

    公开(公告)号:US09118689B1

    公开(公告)日:2015-08-25

    申请号:US13446856

    申请日:2012-04-13

    IPC分类号: H04L29/06

    摘要: A cloud based security method and processing node includes monitoring data traffic between a user and an external network, wherein the monitoring is performed by a processing node comprising a first server in a cloud based system, detecting a security incident, if an archiving rule exists based on the security incident, providing a notification to a second server within an organization's domain, wherein the user is part of the organization, and wherein the notification includes private data associated with the security incident based on the archiving rule, and storing non-private data in the cloud based system based on the archiving rule.

    摘要翻译: 基于云的安全方法和处理节点包括监视用户和外部网络之间的数据流量,其中所述监视由包括基于云的系统中的第一服务器的处理节点执行,检测安全事件,如果存在归档规则 在所述安全事件上,向组织的域内的第二服务器提供通知,其中所述用户是所述组织的一部分,并且其中所述通知包括基于归档规则与所述安全事件相关联的专用数据,以及存储非私有数据 在基于云的系统中基于归档规则。

    Dynamic user identification and policy enforcement in cloud-based secure web gateways
    9.
    发明授权
    Dynamic user identification and policy enforcement in cloud-based secure web gateways 有权
    基于云的安全网关的动态用户识别和策略实施

    公开(公告)号:US09065800B2

    公开(公告)日:2015-06-23

    申请号:US13728631

    申请日:2012-12-27

    IPC分类号: H04L29/06 G06F21/51 G06F21/56

    摘要: A cloud-based secure Web gateway, a cloud-based secure Web method, and a network deliver a secure Web gateway (SWG) as a cloud-based service to organizations and provide dynamic user identification and policy enforcement therein. As a cloud-based service, the SWG systems and methods provide scalability and capability of accommodating multiple organizations therein with proper isolation therebetween. There are two basic requirements for the cloud-based SWG: (i) Having some means of forwarding traffic from the organization or its users to the SWG nodes, and (ii) Being able to authenticate the organization and users for policy enforcement and access logging. The SWG systems and methods dynamically associate traffic to users regardless of the source (device, location, encryption, application type, etc.), and once traffic is tagged to a user/organization, various polices can be enforced and audit logs of user access can be maintained.

    摘要翻译: 基于云的安全Web网关,基于云的安全Web方法和网络向组织提供作为基于云的服务的安全Web网关(SWG),并在其中提供动态用户标识和策略实施。 作为基于云的服务,SWG系统和方法提供了可扩展性和容纳多个组织的能力,其间具有适当的隔离。 基于云的SWG有两个基本要求:(i)具有将流量从组织或其用户转发到SWG节点的方法,以及(ii)能够对组织和用户进行身份验证以进行策略执行和访问日志记录 。 无论源(设备,位置,加密,应用程序类型等),SWG系统和方法都会将流量动态地关联到用户,一旦流量被标记给用户/组织,就可以执行各种策略并审核用户访问日志 可以维护。