公开(公告)号：US20140019959A1

公开(公告)日：2014-01-16

申请号：US13547148

申请日：2012-07-12

申请人： David S. Dodgson ,  Ralph Farina ,  James A. Fontana ,  Robert A. Johnson ,  David Maw ,  Anthony Narisi

发明人： David S. Dodgson ,  Ralph Farina ,  James A. Fontana ,  Robert A. Johnson ,  David Maw ,  Anthony Narisi

IPC分类号： G06F9/455

CPC分类号： G06F9/455 ,  G06F9/45558 ,  G06F21/606 ,  G06F2009/45587 ,  G06F2009/45595 ,  H04L63/0428 ,  H04L63/065 ,  H04L63/0823

摘要： Virtual machines in a network may be isolated by encrypting transmissions between the virtual machines with keys possessed only by an intended recipient. Within a network, the virtual machines may be logically organized into a number of community-of-interest (COI) groups. Each COI may use an encryption key to secure communications within the COI, such that only other virtual machines in the COI may decrypt the message. Virtual machines may be automatically provisioned with configuration information, such as the encryption keys, when the virtual machine is started. The provisioning information may be created based on a template stored on a configuration server.

摘要翻译： 可以通过使用仅由预期接收者拥有的密钥对虚拟机之间的传输进行加密来隔离网络中的虚拟机。 在网络中，虚拟机可以在逻辑上被组织成许多社区（COI）组。 每个COI可以使用加密密钥来保护COI内的通信，使得仅COI中的其他虚拟机可以解密该消息。 当虚拟机启动时，虚拟机可能会自动配置配置信息，例如加密密钥。 可以基于存储在配置服务器上的模板来创建供应信息。

公开(公告)号：US09819658B2

公开(公告)日：2017-11-14

申请号：US13547143

申请日：2012-07-12

申请人： David S. Dodgson ,  Ralph Farina ,  James A. Fontana ,  Robert A. Johnson ,  David Maw ,  Anthony Narisi

发明人： David S. Dodgson ,  Ralph Farina ,  James A. Fontana ,  Robert A. Johnson ,  David Maw ,  Anthony Narisi

IPC分类号： H04L29/06

CPC分类号： H04L63/0471 ,  H04L63/0281 ,  H04L63/104

摘要： Virtual machines in a network may be isolated by encrypting transmissions between the virtual machines with keys possessed only by an intended recipient. Within a network, the virtual machines may be logically organized into a number of community-of-interest (COI) groups. Each COI may use an encryption key to secure communications within the COI, such that only other virtual machines in the COI may decrypt the message. Virtual machines may further be isolated through a virtual gateway assigned to handle all communications between a virtual machine and a device outside of the virtual machine's COI. The virtual gateway may be a separate virtual machine for handling decrypting and encrypting messages for transmission between virtual machines and other devices.

公开(公告)号：US20140019750A1

公开(公告)日：2014-01-16

申请号：US13547143

申请日：2012-07-12

申请人： David S. Dodgson ,  Ralph Farlan ,  James A. Fontana ,  Robert A. Johnson ,  David Maw ,  Anthony Narisi

发明人： David S. Dodgson ,  Ralph Farlan ,  James A. Fontana ,  Robert A. Johnson ,  David Maw ,  Anthony Narisi

IPC分类号： H04L29/06

CPC分类号： H04L63/0471 ,  H04L63/0281 ,  H04L63/104

摘要： Virtual machines in a network may be isolated by encrypting transmissions between the virtual machines with keys possessed only by an intended recipient. Within a network, the virtual machines may be logically organized into a number of community-of-interest (COI) groups. Each COI may use an encryption key to secure communications within the COI, such that only other virtual machines in the COI may decrypt the message. Virtual machines may further be isolated through a virtual gateway assigned to handle all communications between a virtual machine and a device outside of the virtual machine's COI. The virtual gateway may be a separate virtual machine for handling decrypting and encrypting messages for transmission between virtual machines and other devices.

摘要翻译： 可以通过使用仅由预期接收者拥有的密钥对虚拟机之间的传输进行加密来隔离网络中的虚拟机。 在网络中，虚拟机可以在逻辑上被组织成许多社区（COI）组。 每个COI可以使用加密密钥来保护COI内的通信，使得仅COI中的其他虚拟机可以解密该消息。 虚拟机可以进一步通过被分配用于处理虚拟机和虚拟机的COI之外的设备之间的所有通信的虚拟网关来隔离。 虚拟网关可以是用于处理解密和加密消息以在虚拟机和其他设备之间传输的单独的虚拟机。

公开(公告)号：US20140019745A1

公开(公告)日：2014-01-16

申请号：US13547138

申请日：2012-07-12

申请人： David S. Dodgson ,  Ralph Foring ,  James A. Fontana ,  Robert A. Johnson ,  David Maw ,  Anthony Narisl

发明人： David S. Dodgson ,  Ralph Foring ,  James A. Fontana ,  Robert A. Johnson ,  David Maw ,  Anthony Narisl

IPC分类号： H04L29/06

CPC分类号： H04L63/065 ,  H04L63/0227 ,  H04L63/0428

摘要： Virtual machines in a network may be isolated by encrypting transmissions between the virtual machines with keys possessed only by an intended recipient. Within a network, the virtual machines may be logically organized into a number of community-of-interest (COI) groups. Each COI may use an encryption key to secure communications within the COI, such that only other virtual machines in the COI may decrypt the message. Security may be further enhanced by establishing a session key for use during communications between a first and a second virtual machine. The session key may be encrypted with the COI key.

摘要翻译： 可以通过使用仅由预期接收者拥有的密钥对虚拟机之间的传输进行加密来隔离网络中的虚拟机。 在网络中，虚拟机可以在逻辑上被组织成许多社区（COI）组。 每个COI可以使用加密密钥来保护COI内的通信，使得仅COI中的其他虚拟机可以解密该消息。 可以通过建立在第一和第二虚拟机之间的通信期间使用的会话密钥来进一步增强安全性。 会话密钥可以用COI密钥加密。

公开(公告)号：US20170208038A1

公开(公告)日：2017-07-20

申请号：US15001354

申请日：2016-01-20

申请人： Ted Hinaman ,  Steven J. Rajcan ,  Matthew Mohr ,  William Gunn ,  Sarah K. Inforzato ,  Robert A. Johnson ,  Gregory J. Small ,  David S. Dodgson

发明人： Ted Hinaman ,  Steven J. Rajcan ,  Matthew Mohr ,  William Gunn ,  Sarah K. Inforzato ,  Robert A. Johnson ,  Gregory J. Small ,  David S. Dodgson

IPC分类号： H04L29/06 ,  H04L12/46 ,  H04W12/06

摘要： Methods and systems for securing communications with an enterprise from a remote computing system are disclosed. One method includes initiating a secured connection with a VPN appliance associated with an enterprise using service credentials maintained in a secure applet installed on a remote computing device, and initiating communication with an authentication server within an enterprise via the secured connection. The method also includes receiving specific credentials from the authentication server, terminating the secured connection with the VPN appliance, and initiating a second secured connection with the VPN appliance using the specific credentials, the specific credentials providing access to one or more computing devices within the enterprise being within a same community of interest as the remote computing device and obfuscating one or more other computing systems within the enterprise excluded from the community of interest. The method also includes initiating communications with at least one of the one or more computing devices included in the community of interest.

公开(公告)号：US07581033B2

公开(公告)日：2009-08-25

申请号：US10729312

申请日：2003-12-05

申请人： Dwayne E. Ebersole ,  Sarah K. Inforzato ,  Robert A. Johnson ,  Anthony Narisi ,  Kathleen Wild

发明人： Dwayne E. Ebersole ,  Sarah K. Inforzato ,  Robert A. Johnson ,  Anthony Narisi ,  Kathleen Wild

IPC分类号： G06F15/16

CPC分类号： G06F15/16 ,  G06F13/385

摘要： Intelligent NIC optimizations includes system and methods for Token Table Posting, use of a Master Completion Queue, Notification Request Area (NRA) associated with completion queues, preferably in the Network Interface Card (NIC) for providing notification of request completions, and what we call Lazy Memory Deregistration which allows non-critical memory deregistration processing to occur during non-busy times. These intelligent NIC optimizations which can be applied outside the scope of VIA (e.g. iWARP and the like), but also support VIA.

摘要翻译： 智能网卡优化包括用于令牌表过帐的系统和方法，主完成队列的使用，与完成队列相关联的通知请求区域（NRA），优选地在网络接口卡（NIC）中用于提供请求完成的通知，以及所谓的 延迟内存取消注销，允许在非繁忙时间内进行非关键内存注销处理。 这些可以应用于VIA范围之外的智能NIC优化（例如iWARP等），也支持VIA。

公开(公告)号：US20090172301A1

公开(公告)日：2009-07-02

申请号：US10729312

申请日：2003-12-05

申请人： Dwayne E. Ebersole ,  Sarah K. Inforzato ,  Robert A. Johnson ,  Anthony Narisi ,  Kathleen Wild

发明人： Dwayne E. Ebersole ,  Sarah K. Inforzato ,  Robert A. Johnson ,  Anthony Narisi ,  Kathleen Wild

IPC分类号： G06F12/00 ,  G06F15/16 ,  G06F9/46

CPC分类号： G06F15/16 ,  G06F13/385

摘要： Intelligent NIC optimizations includes system and methods for Token Table Posting, use of a Master Completion Queue, Notification Request Area (NRA) associated with completion queues, preferably in the Network Interface Card (NIC) for providing notification of request completions, and what we call Lazy Memory Deregistration which allows non-critical memory deregistration processing to occur during non-busy times. These intelligent NIC optimizations which can be applied outside the scope of VIA (e.g. iWARP and the like), but also support VIA.

摘要翻译： 智能网卡优化包括用于令牌表过帐的系统和方法，主完成队列的使用，与完成队列相关联的通知请求区域（NRA），优选地在网络接口卡（NIC）中用于提供请求完成的通知，以及所谓的 延迟内存取消注销，允许在非繁忙时间内进行非关键内存注销处理。 这些可以应用于VIA范围之外的智能NIC优化（例如iWARP等），也支持VIA。

公开(公告)号：US20180309791A1

公开(公告)日：2018-10-25

申请号：US15494907

申请日：2017-04-24

申请人： Robert A. Johnson ,  Michael J. DiDomenico ,  Philippe Jolly ,  Michael C. Leap ,  Richard W. Phelps

发明人： Robert A. Johnson ,  Michael J. DiDomenico ,  Philippe Jolly ,  Michael C. Leap ,  Richard W. Phelps

IPC分类号： H04L29/06 ,  H04L29/08 ,  H04L12/24

CPC分类号： H04L63/20 ,  H04L41/0893 ,  H04L41/22 ,  H04L67/306

摘要： Methods and systems for defining a solution within an enterprise security management configuration server is disclosed. One method includes, based on network concordance data, grouping a plurality of nodes within an enterprise network into a plurality of profiles and identifying one or more channels among the plurality of profiles within a project of an enterprise security management configuration tool. The method also includes displaying the plurality of profiles in a configuration user interface, and automatically identifying one or more solutions among the plurality of profiles. The method further includes collapsing each of the one or more solutions into a single icon within the configuration user interface, each single icon representing a solution.

公开(公告)号：US20180212927A9

公开(公告)日：2018-07-26

申请号：US14042239

申请日：2013-09-30

申请人： Robert A. Johnson ,  Kathleen Wild ,  Sarah K. Inforzato ,  Ted Hinaman

发明人： Robert A. Johnson ,  Kathleen Wild ,  Sarah K. Inforzato ,  Ted Hinaman

IPC分类号： H04L29/06

CPC分类号： H04L63/02 ,  G06F21/00 ,  G06F21/53 ,  H04L9/0838 ,  H04L9/0841 ,  H04L63/0227 ,  H04L63/0236 ,  H04L63/0485 ,  H04L63/061 ,  H04L63/164 ,  H04L63/166 ,  H04L63/205 ,  H04L69/18

摘要： Methods of communicatively connecting first and second endpoints are disclosed. One method includes transmitting from a first endpoint to a second endpoint a connection request, the connection request including an IP address of the second endpoint. The method further includes, based at least in part on the IP address of the second endpoint, selecting IPsec from among a plurality of available security protocols to first attempt to use in forming a tunnel between the first and second endpoints, and forming the tunnel between the first and second endpoints based on the connection request.

公开(公告)号：US09675925B2

公开(公告)日：2017-06-13

申请号：US14790550

申请日：2015-07-02

申请人： Shwetha Ramkumar ,  Robert A. Johnson ,  Eduardo Mon ,  John W. Fulton

发明人： Shwetha Ramkumar ,  Robert A. Johnson ,  Eduardo Mon ,  John W. Fulton

IPC分类号： B01D53/047 ,  B01D53/04 ,  G05D7/06

CPC分类号： B01D53/0446 ,  B01D53/0407 ,  B01D53/047 ,  B01D53/0473 ,  B01D53/0476 ,  B01D2256/24 ,  B01D2256/245 ,  B01D2257/304 ,  B01D2257/502 ,  B01D2257/504 ,  B01D2257/702 ,  B01D2259/40009 ,  B01D2259/41 ,  G05D7/0682

摘要： Provided are apparatus and systems having a lessened pulsation through the use of a pulse flow control mechanism. In performing a cyclical swing adsorption process, various streams are passed through adsorbent bed units during various steps in the swing adsorption process. The pulse flow control mechanism is utilized within a manifold of one of the streams to lessen pulsation within the manifold that results from performing the various steps.