公开(公告)号：US09912638B2

公开(公告)日：2018-03-06

申请号：US14597623

申请日：2015-01-15

申请人： Kailash Kailash ,  Chakkaravarthy Periyasamy Balaiah ,  Sushil Pangeni ,  Amit Sinha ,  Samuel John Crank ,  Manoj Apte ,  Sridhar Narasimhan

发明人： Kailash Kailash ,  Chakkaravarthy Periyasamy Balaiah ,  Sushil Pangeni ,  Amit Sinha ,  Samuel John Crank ,  Manoj Apte ,  Sridhar Narasimhan

IPC分类号： G06F9/00 ,  G06F15/16 ,  G06F17/00 ,  H04L29/06 ,  H04L12/26 ,  H04L12/24 ,  H04L29/12

CPC分类号： H04L63/0209 ,  H04L41/0213 ,  H04L41/069 ,  H04L41/5096 ,  H04L43/0817 ,  H04L61/2514 ,  H04L63/1416 ,  H04L63/1425 ,  H04L63/1433

摘要： Systems and methods of integrating log data from a cloud system with an internal management system are described, wherein the cloud system is located externally from a secure network which contains the internal management system. The systems and methods include receiving log data from a cloud system through a secure connection between the secure network and the cloud system; buffering the received log data; filtering the buffered, received log data; and transmitting the filtered, buffered, received log data to the internal management system in a format associated with the internal management system.

公开(公告)号：US20150163199A1

公开(公告)日：2015-06-11

申请号：US14597623

申请日：2015-01-15

申请人： Kailash Kailash ,  Chakkaravarthy Periyasamy Balaiah ,  Sushil Pangeni ,  Amit Sinha ,  Samuel John Crank ,  Manoj Apte ,  Sridhar Narasimhan

发明人： Kailash Kailash ,  Chakkaravarthy Periyasamy Balaiah ,  Sushil Pangeni ,  Amit Sinha ,  Samuel John Crank ,  Manoj Apte ,  Sridhar Narasimhan

IPC分类号： H04L29/06

CPC分类号： H04L63/0209 ,  H04L41/0213 ,  H04L41/069 ,  H04L41/5096 ,  H04L43/0817 ,  H04L61/2514 ,  H04L63/1416 ,  H04L63/1425 ,  H04L63/1433

摘要： Systems and methods of integrating log data from a cloud system with an internal management system are described, wherein the cloud system is located externally from a secure network which contains the internal management system. The systems and methods include receiving log data from a cloud system through a secure connection between the secure network and the cloud system; buffering the received log data; filtering the buffered, received log data; and transmitting the filtered, buffered, received log data to the internal management system in a format associated with the internal management system.

摘要翻译： 描述了将来自云系统的日志数据与内部管理系统集成的系统和方法，其中云系统位于包含内部管理系统的安全网络的外部。 系统和方法包括通过安全网络和云系统之间的安全连接从云系统接收日志数据; 缓存接收到的日志数据; 过滤缓冲的接收到的日志数据; 以及以与内部管理系统相关联的格式将经过滤的缓冲的接收到的日志数据发送到内部管理系统。

公开(公告)号：US08955091B2

公开(公告)日：2015-02-10

申请号：US13459475

申请日：2012-04-30

申请人： Kailash Kailash ,  Chakkaravarthy Periyasamy Balaiah ,  Sushil Pangeni ,  Amit Sinha ,  Samuel John Crank ,  Manoj Apte ,  Sridhar Narasimhan

发明人： Kailash Kailash ,  Chakkaravarthy Periyasamy Balaiah ,  Sushil Pangeni ,  Amit Sinha ,  Samuel John Crank ,  Manoj Apte ,  Sridhar Narasimhan

IPC分类号： G06F21/00

CPC分类号： H04L63/1425 ,  H04L41/0213 ,  H04L41/069 ,  H04L41/5096 ,  H04L43/0817 ,  H04L61/2514 ,  H04L63/1433

摘要： A system includes an enterprise network including an internal management system communicatively coupled thereon, the enterprise network includes security and the internal management system is disposed behind the security; a cloud system external to the enterprise network and communicatively coupled to the enterprise network, at least one user associated with the enterprise network is configured to communicate through the cloud system for cloud-based services, and the cloud system is configured to log data associated with the at least one user for the cloud-based services; and an external service bridge located in the enterprise network behind the security, the external service bridge is configured to securely communicate with the cloud system to receive the log data and to communicate with the internal management system to provide the log data thereto.

摘要翻译： 一种系统包括企业网络，其中包括通信耦合的内部管理系统，企业网络包括安全性，并且内部管理系统被布置在安全性后面; 企业网络外部并通信耦合到企业网络的云系统，至少一个与企业网络相关联的用户被配置为通过云系统进行通信以进行基于云的服务，并且云系统被配置为记录与 用于基于云的服务的至少一个用户; 位于企业网络背后的外部服务桥，外部服务网桥被配置为与云系统安全通信，接收日志数据，并与内部管理系统通信，提供日志数据。

公开(公告)号：US20140026179A1

公开(公告)日：2014-01-23

申请号：US13728631

申请日：2012-12-27

申请人： Srikanth Devarajan ,  Sridhar Narasimhan ,  Amit Sinha ,  Manoj Apte

发明人： Srikanth Devarajan ,  Sridhar Narasimhan ,  Amit Sinha ,  Manoj Apte

IPC分类号： H04L29/06

CPC分类号： H04L63/0227 ,  G06F21/51 ,  G06F21/56 ,  H04L63/168

摘要： A cloud-based secure Web gateway, a cloud-based secure Web method, and a network deliver a secure Web gateway (SWG) as a cloud-based service to organizations and provide dynamic user identification and policy enforcement therein. As a cloud-based service, the SWG systems and methods provide scalability and capability of accommodating multiple organizations therein with proper isolation therebetween. There are two basic requirements for the cloud-based SWG: (i) Having some means of forwarding traffic from the organization or its users to the SWG nodes, and (ii) Being able to authenticate the organization and users for policy enforcement and access logging. The SWG systems and methods dynamically associate traffic to users regardless of the source (device, location, encryption, application type, etc.), and once traffic is tagged to a user/organization, various polices can be enforced and audit logs of user access can be maintained.

摘要翻译： 基于云的安全Web网关，基于云的安全Web方法和网络向组织提供作为基于云的服务的安全Web网关（SWG），并在其中提供动态用户标识和策略实施。 作为基于云的服务，SWG系统和方法提供了可扩展性和容纳多个组织的能力，其间具有适当的隔离。 基于云的SWG有两个基本要求：（i）具有将流量从组织或其用户转发到SWG节点的方法，以及（ii）能够对组织和用户进行身份验证以进行策略执行和访问日志记录 。 无论源（设备，位置，加密，应用程序类型等），SWG系统和方法都会将流量动态地关联到用户，一旦流量被标记给用户/组织，就可以执行各种策略并审核用户访问日志 可以维护。

公开(公告)号：US20150326613A1

公开(公告)日：2015-11-12

申请号：US14712154

申请日：2015-05-14

申请人： Srikanth Devarajan ,  Sridhar Narasimhan ,  Amit Sinha ,  Manoj Apte

发明人： Srikanth Devarajan ,  Sridhar Narasimhan ,  Amit Sinha ,  Manoj Apte

IPC分类号： H04L29/06 ,  H04L29/12 ,  H04L29/08

CPC分类号： H04L63/20 ,  G06F17/30289 ,  G06F21/51 ,  G06F21/56 ,  H04L61/2007 ,  H04L63/0281 ,  H04L63/08 ,  H04L63/105 ,  H04L67/02

摘要： A cloud-based secure Web gateway, a cloud-based secure Web method, and a network deliver a secure Web gateway (SWG) as a cloud-based service to organizations and provide dynamic user identification and policy enforcement therein. As a cloud-based service, the SWG systems and methods provide scalability and capability of accommodating multiple organizations therein with proper isolation therebetween. There are two basic requirements for the cloud-based SWG: (i) Having some means of forwarding traffic from the organization or its users to the SWG nodes, and (ii) Being able to authenticate the organization and users for policy enforcement and access logging. The SWG systems and methods dynamically associate traffic to users regardless of the source (device, location, encryption, application type, etc.), and once traffic is tagged to a user/organization, various polices can be enforced and audit logs of user access can be maintained.

摘要翻译： 基于云的安全Web网关，基于云的安全Web方法和网络向组织提供作为基于云的服务的安全Web网关（SWG），并在其中提供动态用户标识和策略实施。 作为基于云的服务，SWG系统和方法提供了可扩展性和容纳多个组织的能力，其间具有适当的隔离。 基于云的SWG有两个基本要求：（i）具有将流量从组织或其用户转发到SWG节点的方法，以及（ii）能够对组织和用户进行身份验证以进行策略执行和访问日志记录 。 无论源（设备，位置，加密，应用程序类型等），SWG系统和方法都会将流量动态地关联到用户，一旦流量被标记给用户/组织，就可以执行各种策略并审核用户访问日志 可以维护。

公开(公告)号：US09531758B2

公开(公告)日：2016-12-27

申请号：US14712154

申请日：2015-05-14

申请人： Srikanth Devarajan ,  Sridhar Narasimhan ,  Amit Sinha ,  Manoj Apte

发明人： Srikanth Devarajan ,  Sridhar Narasimhan ,  Amit Sinha ,  Manoj Apte

IPC分类号： H04L29/06 ,  H04L29/08 ,  H04L29/12 ,  G06F21/51 ,  G06F21/56 ,  G06F17/30

CPC分类号： H04L63/20 ,  G06F17/30289 ,  G06F21/51 ,  G06F21/56 ,  H04L61/2007 ,  H04L63/0281 ,  H04L63/08 ,  H04L63/105 ,  H04L67/02

摘要： A cloud-based secure Web gateway, a cloud-based secure Web method, and a network deliver a secure Web gateway (SWG) as a cloud-based service to organizations and provide dynamic user identification and policy enforcement therein. As a cloud-based service, the SWG systems and methods provide scalability and capability of accommodating multiple organizations therein with proper isolation therebetween. There are two basic requirements for the cloud-based SWG: (i) Having some means of forwarding traffic from the organization or its users to the SWG nodes, and (ii) Being able to authenticate the organization and users for policy enforcement and access logging. The SWG systems and methods dynamically associate traffic to users regardless of the source (device, location, encryption, application type, etc.), and once traffic is tagged to a user/organization, various polices can be enforced and audit logs of user access can be maintained.

公开(公告)号：US09065800B2

公开(公告)日：2015-06-23

申请号：US13728631

申请日：2012-12-27

申请人： Srikanth Devarajan ,  Sridhar Narasimhan ,  Amit Sinha ,  Manoj Apte

发明人： Srikanth Devarajan ,  Sridhar Narasimhan ,  Amit Sinha ,  Manoj Apte

IPC分类号： H04L29/06 ,  G06F21/51 ,  G06F21/56

CPC分类号： H04L63/0227 ,  G06F21/51 ,  G06F21/56 ,  H04L63/168

摘要： A cloud-based secure Web gateway, a cloud-based secure Web method, and a network deliver a secure Web gateway (SWG) as a cloud-based service to organizations and provide dynamic user identification and policy enforcement therein. As a cloud-based service, the SWG systems and methods provide scalability and capability of accommodating multiple organizations therein with proper isolation therebetween. There are two basic requirements for the cloud-based SWG: (i) Having some means of forwarding traffic from the organization or its users to the SWG nodes, and (ii) Being able to authenticate the organization and users for policy enforcement and access logging. The SWG systems and methods dynamically associate traffic to users regardless of the source (device, location, encryption, application type, etc.), and once traffic is tagged to a user/organization, various polices can be enforced and audit logs of user access can be maintained.

摘要翻译： 基于云的安全Web网关，基于云的安全Web方法和网络向组织提供作为基于云的服务的安全Web网关（SWG），并在其中提供动态用户标识和策略实施。 作为基于云的服务，SWG系统和方法提供了可扩展性和容纳多个组织的能力，其间具有适当的隔离。 基于云的SWG有两个基本要求：（i）具有将流量从组织或其用户转发到SWG节点的方法，以及（ii）能够对组织和用户进行身份验证以进行策略执行和访问日志记录 。 无论源（设备，位置，加密，应用程序类型等），SWG系统和方法都会将流量动态地关联到用户，一旦流量被标记给用户/组织，就可以执行各种策略并审核用户访问日志 可以维护。

公开(公告)号：US09118689B1

公开(公告)日：2015-08-25

申请号：US13446856

申请日：2012-04-13

申请人： Manoj Apte ,  Sridhar Narasimhan ,  Purvi Desai

发明人： Manoj Apte ,  Sridhar Narasimhan ,  Purvi Desai

IPC分类号： H04L29/06

CPC分类号： H04L63/1441 ,  H04L51/12 ,  H04L63/045 ,  H04L63/08 ,  H04L63/104 ,  H04L63/1408 ,  H04L63/1425 ,  H04L63/145 ,  H04L63/308 ,  H04W12/06

摘要： A cloud based security method and processing node includes monitoring data traffic between a user and an external network, wherein the monitoring is performed by a processing node comprising a first server in a cloud based system, detecting a security incident, if an archiving rule exists based on the security incident, providing a notification to a second server within an organization's domain, wherein the user is part of the organization, and wherein the notification includes private data associated with the security incident based on the archiving rule, and storing non-private data in the cloud based system based on the archiving rule.

摘要翻译： 基于云的安全方法和处理节点包括监视用户和外部网络之间的数据流量，其中所述监视由包括基于云的系统中的第一服务器的处理节点执行，检测安全事件，如果存在归档规则 在所述安全事件上，向组织的域内的第二服务器提供通知，其中所述用户是所述组织的一部分，并且其中所述通知包括基于归档规则与所述安全事件相关联的专用数据，以及存储非私有数据 在基于云的系统中基于归档规则。

公开(公告)号：US09654507B2

公开(公告)日：2017-05-16

申请号：US14448012

申请日：2014-07-31

申请人： Tejus Gangadharappa ,  Sivaprasad Udupa ,  Dhawal Sharma ,  Sridhar Narasimhan ,  Manoj Apte

发明人： Tejus Gangadharappa ,  Sivaprasad Udupa ,  Dhawal Sharma ,  Sridhar Narasimhan ,  Manoj Apte

IPC分类号： H04L29/06 ,  H04L29/08

CPC分类号： H04L63/20 ,  H04L63/0281 ,  H04L63/08 ,  H04L63/083 ,  H04L67/146 ,  H04L67/2809

摘要： A cloud-based method, a system, and a cloud-based security system include receiving a request from a user for a cloud application at a proxy server; determining whether the user is authenticated based on a presence of cookies in the request; if the cookies are present, un-transforming the cookies by the proxy server and forwarding the request with the un-transformed cookies to the cloud application; and, if the cookies are not present, forwarding the request to the cloud application by the proxy server for authentication and transforming the cookies subsequent to the authentication prior to sending the cookies to the user.

公开(公告)号：US10237286B2

公开(公告)日：2019-03-19

申请号：US15010441

申请日：2016-01-29

申请人： Dhawal Kumar Sharma ,  Manoj Apte ,  Patrick Foxhoven

发明人： Dhawal Kumar Sharma ,  Manoj Apte ,  Patrick Foxhoven

IPC分类号： H04L9/00 ,  H04L29/06 ,  H04L29/08

摘要： Content Delivery Network (CDN) protection systems and methods, performed by a cloud node in a distributed security system include receiving traffic between one or more origin servers and the CDN; monitoring the traffic based on policy; detecting one or more of malware and data leakage in the traffic based on the policy; and blocking the traffic responsive to the detecting the one or more of the malware and the data leakage in the traffic, prior to the traffic entering the CDN.