-
1.发明授权System and method for building intelligent and distributed L2-L7 unified threat management infrastructure for IPv4 and IPv6 environments 有权构建用于IPv4和IPv6环境的智能分布式L2-L7统一威胁管理基础设施的系统和方法公开(公告)号:US08839404B2
公开(公告)日:2014-09-16
申请号:US13116760
申请日:2011-05-26
CPC分类号: H04L63/20 , H04L63/0218 , H04L63/0245 , H04L63/0263 , H04L63/0281 , H04L63/1425 , H04L63/145 , H04L67/327
摘要: A security gateway appliance is configured to evaluate network traffic according to security rules that classify traffic flows according to specifically identified application programs responsible for producing and/or consuming the network traffic and to enforce policies in accordance with network traffic classifications. The appliance includes an on-box anti-virus/anti-malware engine, on-box data loss prevention engine and on-box authentication engine. One or more of these engines is informed by an on-box dynamic real tie rating system that allows for determined levels of scrutiny to be paid to the network traffic. Security gateways of this type can be clustered together to provide a set of resources for one or more networks, and in some instances as the backbone of a cloud-based service.
摘要翻译: 安全网关设备被配置为根据根据专门识别的负责生成和/或消耗网络流量的应用程序对业务流进行分类的安全规则来评估网络流量,并根据网络流量分类来执行策略。 该设备包括一个箱内防病毒/反恶意软件引擎,即插即用数据丢失防护引擎和开箱验证引擎。 这些引擎中的一个或多个通过一个盒内动态真实连接分级系统通知,该系统允许将确定的审查级别支付给网络流量。 这种类型的安全网关可以集群在一起,为一个或多个网络提供一组资源,在某些情况下作为基于云服务的骨干网。
-
2.发明申请System and Method for Building Intelligent and Distributed L2 - L7 Unified Threat Management Infrastructure for IPv4 and IPv6 Environments 有权用于构建IPv4和IPv6环境的智能和分布式L2-L7统一威胁管理基础设施的系统和方法公开(公告)号:US20120304277A1
公开(公告)日:2012-11-29
申请号:US13116760
申请日:2011-05-26
IPC分类号: G06F21/20
CPC分类号: H04L63/20 , H04L63/0218 , H04L63/0245 , H04L63/0263 , H04L63/0281 , H04L63/1425 , H04L63/145 , H04L67/327
摘要: A security gateway appliance is configured to evaluate network traffic according to security rules that classify traffic flows according to specifically identified application programs responsible for producing and/or consuming the network traffic and to enforce policies in accordance with network traffic classifications. The appliance includes an on-box anti-virus/anti-malware engine, on-box data loss prevention engine and on-box authentication engine. One or more of these engines is informed by an on-box dynamic real tie rating system that allows for determined levels of scrutiny to be paid to the network traffic. Security gateways of this type can be clustered together to provide a set of resources for one or more networks, and in some instances as the backbone of a cloud-based service.
摘要翻译: 安全网关设备被配置为根据根据专门识别的负责生成和/或消耗网络流量的应用程序对业务流进行分类的安全规则来评估网络流量,并根据网络流量分类来执行策略。 该设备包括一个箱内防病毒/反恶意软件引擎,即插即用数据丢失防护引擎和开箱验证引擎。 这些引擎中的一个或多个通过一个盒内动态真实连接分级系统通知,该系统允许将确定的审查级别支付给网络流量。 这种类型的安全网关可以集群在一起,为一个或多个网络提供一组资源,在某些情况下作为基于云服务的骨干网。
-
公开(公告)号:US20130080611A1
公开(公告)日:2013-03-28
申请号:US13240469
申请日:2011-09-22
申请人: Qing Li , Ronald Andrew Frederick
发明人: Qing Li , Ronald Andrew Frederick
IPC分类号: G06F15/173
CPC分类号: H04N21/222 , H04L67/2842 , H04N21/23106
摘要: In one embodiment, downloading one or more content items; determining which ones of the one or more content items are popular among a plurality of users; categorizing the one or more content items into one or more groups, wherein each group comprises one or more related content items; associating one or more keywords with each group, wherein the one or more keywords describe content of the one or more related content items in the corresponding group; and caching the one or more content items categorized into the one or more groups and the one or more keywords associated with each group.
摘要翻译: 在一个实施例中,下载一个或多个内容项; 确定所述一个或多个内容项中的哪一个在多个用户中是流行的; 将一个或多个内容项目分类为一个或多个组,其中每个组包括一个或多个相关内容项; 将一个或多个关键字与每个组相关联,其中一个或多个关键字描述相应组中的一个或多个相关内容项的内容; 以及缓存分类为所述一个或多个组的所述一个或多个内容项以及与每个组相关联的所述一个或多个关键字。
-
公开(公告)号:US08813189B2
公开(公告)日:2014-08-19
申请号:US13299773
申请日:2011-11-18
申请人: Qing Li , Ronald Andrew Frederick
发明人: Qing Li , Ronald Andrew Frederick
IPC分类号: G06F21/00
CPC分类号: H04L63/0281 , H04L63/062 , H04L63/306
摘要: In certain embodiments, a method includes receiving, by a capture device, traffic flows transmitted by a plurality of client devices, each of the traffic flows being associated with one of the plurality of client devices and comprising encrypted data. The method further includes receiving, by the capture device, flow information communicated from a proxy server communicatively coupled to the capture device, the flow information comprising an identification of a particular traffic flow and a session key associated with the particular traffic flow. The method further includes storing, by the capture device, encrypted data of the particular traffic flow identified by the flow information supplied by the proxy server; storing, by the capture device, the session key associated with the particular traffic flow; and discarding, by the capture device, any of the plurality of received traffic flows not identified in the flow information received from the proxy server.
摘要翻译: 在某些实施例中,一种方法包括由捕获设备接收由多个客户端设备发送的业务流,所述业务流中的每一个与所述多个客户端设备之一相关联并且包括加密数据。 所述方法还包括由所述捕获设备接收从可通信地耦合到所述捕获设备的代理服务器传送的流信息,所述流信息包括特定业务流的标识和与所述特定业务流相关联的会话密钥。 该方法还包括由捕获设备存储由代理服务器提供的流信息标识的特定业务流的加密数据; 由捕获设备存储与特定业务流相关联的会话密钥; 以及由所述捕获设备丢弃在从所述代理服务器接收的流信息中未标识的所述多个接收到的业务流中的任何一个。
-
公开(公告)号:US08843608B2
公开(公告)日:2014-09-23
申请号:US13240469
申请日:2011-09-22
申请人: Qing Li , Ronald Andrew Frederick
发明人: Qing Li , Ronald Andrew Frederick
IPC分类号: G06F15/173 , G06F15/16 , H04N21/231 , H04L29/08 , H04N21/222
CPC分类号: H04N21/222 , H04L67/2842 , H04N21/23106
摘要: In one embodiment, downloading one or more content items; determining which ones of the one or more content items are popular among a plurality of users; categorizing the one or more content items into one or more groups, wherein each group comprises one or more related content items; associating one or more keywords with each group, wherein the one or more keywords describe content of the one or more related content items in the corresponding group; and caching the one or more content items categorized into the one or more groups and the one or more keywords associated with each group.
摘要翻译: 在一个实施例中,下载一个或多个内容项; 确定所述一个或多个内容项中的哪一个在多个用户中是流行的; 将一个或多个内容项目分类为一个或多个组,其中每个组包括一个或多个相关内容项; 将一个或多个关键字与每个组相关联,其中一个或多个关键字描述相应组中的一个或多个相关内容项的内容; 以及缓存分类为所述一个或多个组的所述一个或多个内容项以及与每个组相关联的所述一个或多个关键字。
-
公开(公告)号:US20130133032A1
公开(公告)日:2013-05-23
申请号:US13299773
申请日:2011-11-18
申请人: Qing Li , Ronald Andrew Frederick
发明人: Qing Li , Ronald Andrew Frederick
IPC分类号: G06F21/00
CPC分类号: H04L63/0281 , H04L63/062 , H04L63/306
摘要: In certain embodiments, a method includes receiving, by a capture device, traffic flows transmitted by a plurality of client devices, each of the traffic flows being associated with one of the plurality of client devices and comprising encrypted data. The method further includes receiving, by the capture device, flow information communicated from a proxy server communicatively coupled to the capture device, the flow information comprising an identification of a particular traffic flow and a session key associated with the particular traffic flow. The method further includes storing, by the capture device, encrypted data of the particular traffic flow identified by the flow information supplied by the proxy server; storing, by the capture device, the session key associated with the particular traffic flow; and discarding, by the capture device, any of the plurality of received traffic flows not identified in the flow information received from the proxy server.
摘要翻译: 在某些实施例中,一种方法包括由捕获设备接收由多个客户端设备发送的业务流,所述业务流中的每一个与所述多个客户端设备之一相关联并且包括加密数据。 所述方法还包括由所述捕获设备接收从可通信地耦合到所述捕获设备的代理服务器传送的流信息,所述流信息包括特定业务流的标识和与所述特定业务流相关联的会话密钥。 该方法还包括由捕获设备存储由代理服务器提供的流信息标识的特定业务流的加密数据; 由捕获设备存储与特定业务流相关联的会话密钥; 以及由所述捕获设备丢弃在从所述代理服务器接收的流信息中未标识的所述多个接收到的业务流中的任何一个。
-
-
-
-
-
搜索结果
6 条记录 (耗时 0.021 秒)
