-
公开(公告)号:US11917080B2
公开(公告)日:2024-02-27
申请号:US17219411
申请日:2021-03-31
申请人: McAfee, LLC
CPC分类号: H04L9/3268 , G06F21/57 , H04L9/0891 , H04L12/66 , H04L63/20 , H04W12/069 , H04L63/0823
摘要: There is disclosed in one example a network gateway device, including: a hardware platform including a processor and a memory; a network interface, including network interface hardware; and instructions encoded within the memory to instruct the processor to: receive from an endpoint device, via the network interface, a signed security posture data structure, the signed security posture data structure including information about a security posture of the endpoint device; cryptographically verify the signed security posture data structure; and according to the signed security posture data structure, assign a network security policy to the endpoint device.
-
公开(公告)号:US11824645B2
公开(公告)日:2023-11-21
申请号:US16933289
申请日:2020-07-20
申请人: McAfee, LLC
发明人: Harsha Ramamurthy Joshi , Tirumaleswar Reddy Konda , Shashank Jain , Piyush Pramod Joshi , Himanshu Srivastava
IPC分类号: H04L9/40
CPC分类号: H04L63/126 , H04L63/20
摘要: There is disclosed in one example a computing apparatus, including: a hardware platform including a processor, a memory, and a network interface; and instructions encoded within the memory to instruct the processor to: receive an incoming packet via the network interface; extract from the incoming packet a source port and a source internet protocol (IP) address; correlate the source port and source IP to a device identifier (ID); receive a network policy for the device ID; and apply the network policy to the incoming packet.
-
公开(公告)号:US11736601B2
公开(公告)日:2023-08-22
申请号:US17971299
申请日:2022-10-21
申请人: McAfee, LLC
CPC分类号: H04M1/66 , H04L63/0823 , H04L63/18 , H04M3/4365
摘要: An apparatus, related devices and methods, having a memory element operable to store instructions; and a processor operable to execute the instructions, such that the apparatus is configured to identify, on an electronic device, a phone number of an incoming caller device; request, via an out-of-band control channel, a digital certificate for the phone number from the incoming caller device; receive, via the out-of-band control channel, the digital certificate for the phone number from the incoming caller device; determine whether the digital certificate for the phone number is authentic; and indicate, on the electronic device, based on a determination that the digital certificate for the phone number is authentic or not authentic, whether the phone number is authentic or not authentic.
-
4.发明授权公开(公告)号:US12088608B2
公开(公告)日:2024-09-10
申请号:US17111478
申请日:2020-12-03
申请人: McAfee, LLC
CPC分类号: H04L63/1425 , G06N3/04 , G06N3/08 , H04L63/029 , H04L63/1416
摘要: Methods, apparatus, systems and articles of manufacture are disclosed to analyze telemetry data of a network device for malicious activity. An example apparatus includes an interface to obtain first telemetry data, a rules generator to, using the first telemetry data, generate a global block list using a machine learning model, the machine learning model generated based on a device specific block list and a device specific allow list, and a model manager to transmit the global block list to a gateway, the gateway to facilitate on-path classification of second telemetry data.
-
公开(公告)号:US11930359B2
公开(公告)日:2024-03-12
申请号:US17404910
申请日:2021-08-17
申请人: McAfee, LLC
IPC分类号: H04W88/08 , H04W12/069 , H04W12/086 , H04W12/71 , H04W84/12 , H04L9/40 , H04W88/16
CPC分类号: H04W12/069 , H04W12/086 , H04W12/71 , H04W84/12 , H04L63/20 , H04W88/08 , H04W88/16
摘要: There is disclosed in an example, a gateway apparatus, including a hardware platform having a processor and a memory; a wireless network interface; and instructions encoded within the memory to instruct the processor to: provide a first virtual access point (VAP) secured by an IEEE 802.1x extensible authentication protocol (EAP) enterprise security method; provide a second VAP secured by a WiFi protected access pre-shared key (WPA-PSK) method; onboard a device, comprising determining whether the device supports the EAP method, and enrolling the device with the EAP method if the device supports the EAP method; and if the device does not support the EAP method, enrolling the device with the WPA-PSK method.
-
公开(公告)号:US11516331B2
公开(公告)日:2022-11-29
申请号:US17088482
申请日:2020-11-03
申请人: McAfee, LLC
摘要: An apparatus, related devices and methods, having a memory element operable to store instructions; and a processor operable to execute the instructions, such that the apparatus is configured to identify, on an electronic device, a phone number of an incoming caller device; request, via an out-of-band control channel, a digital certificate for the phone number from the incoming caller device; receive, via the out-of-band control channel, the digital certificate for the phone number from the incoming caller device; determine whether the digital certificate for the phone number is authentic; and indicate, on the electronic device, based on a determination that the digital certificate for the phone number is authentic or not authentic, whether the phone number is authentic or not authentic.
-
公开(公告)号:US11444944B2
公开(公告)日:2022-09-13
申请号:US16788046
申请日:2020-02-11
申请人: McAfee, LLC
发明人: Tirumaleswar Reddy Konda , Shashank Jain , Himanshu Srivastava , Naveen Kumar Reddy Kandadi , Piyush Pramod Joshi
IPC分类号: H04L29/06 , H04L9/40 , G16Y30/10 , H04L61/4511 , H04L101/663
摘要: There is disclosed in one example an enrollment over secure transport (EST)-capable gateway device, including: a hardware platform including a processor and a memory; a first network interface to communicatively couple to an external network, including an external DNS server; a second network interface to communicatively couple to a home network; a caching DNS server including a local DNS cache, and logic to provide DNS services to the home network; and an EST proxy to authenticate to a local endpoint on the home network, provision a DNS server certificate on the local endpoint, provision an authentication domain name (ADN) on the local endpoint, and provide encrypted domain name system (DNS) services to the local endpoint.
-
公开(公告)号:US20240205221A1
公开(公告)日:2024-06-20
申请号:US18419313
申请日:2024-01-22
申请人: McAfee, LLC
发明人: Tirumaleswar Reddy Konda , Shashank Jain , Himanshu Srivastava , Naveen Kumar Reddy Kandadi , Piyush Pramod Joshi
IPC分类号: H04L9/40 , G16Y30/10 , H04L61/4511 , H04L101/663
CPC分类号: H04L63/0876 , G16Y30/10 , H04L61/4511 , H04L63/0823 , H04L63/083 , H04L63/166 , H04L2101/663
摘要: There is disclosed in one example an enrollment over secure transport (EST)-capable gateway device, including: a hardware platform including a processor and a memory; a first network interface to communicatively couple to an external network, including an external DNS server; a second network interface to communicatively couple to a home network; a caching DNS server including a local DNS cache, and logic to provide DNS services to the home network; and an EST proxy to authenticate to a local endpoint on the home network, provision a DNS server certificate on the local endpoint, provision an authentication domain name (ADN) on the local endpoint, and provide encrypted domain name system (DNS) services to the local endpoint.
-
公开(公告)号:US20240114048A1
公开(公告)日:2024-04-04
申请号:US18088385
申请日:2022-12-23
申请人: McAfee, LLC
发明人: Dattatraya Kulkarni , Srikanth Nalluri , Himanshu Srivastava , Shashank Jain , Urmil Mahendra Parikh , Raghavendra Satyanarayana Hebbalalu , Piyush Pramod Joshi , Partha Sarathi Barik , Purushothaman Balamurugan , Saravana Kumar Ramalingam , Devanshi Saxena , Martin Pivetta , Sujay Subrahmanya , Shahmeet Singh , Ryan Burrows
IPC分类号: H04L9/40
CPC分类号: H04L63/1433 , H04L63/20
摘要: A computer-implemented method provides security services to an enterprise. The method computes, for a plurality of enterprise users, a plurality of user health scores based on respective protection statuses for a plurality of enterprise assets owned by respective users; computes, for the enterprise, an overall enterprise security status score based on the plurality of user health scores; graphically displays to an enterprise administrator the overall enterprise security status score; and presents to the enterprise administrator a plurality of action recommendations to improve the overall enterprise security status score.
-
10.发明公开公开(公告)号:US20230156038A1
公开(公告)日:2023-05-18
申请号:US17526825
申请日:2021-11-15
申请人: McAfee, LLC
CPC分类号: H04L63/166 , H04L9/0643 , H04L9/3239
摘要: Methods, apparatus, systems and articles of manufacture are disclosed to optimize telemetry collection and processing of Transport Layer Security (TLS) parameters. An example apparatus includes at least one memory, instructions, and at least one processor to execute the instructions to generate a TLS client sub-profile based on first telemetry data associated with a client device, generate a TLS server sub-profile based on second telemetry data associated with a first server, generate a hash value based on at least one of the TLS client sub-profile or the TLS server sub-profile, compare the hash value to a plurality of hash values corresponding to known TLS profiles, and, in response to identifying the at least one of the TLS client sub-profile or the TLS server sub-profile as a unique TLS profile based on the comparisons, transmit the at least one of the first or second telemetry data to a second server.
-
-
-
-
-
-
-
-
-
搜索结果
25 条记录 (耗时 0.017 秒)
