-
公开(公告)号:US08701179B1
公开(公告)日:2014-04-15
申请号:US13433016
申请日:2012-03-28
CPC分类号: H04L45/74 , H04L45/60 , H04L61/10 , H04L61/203 , H04L61/2514 , H04L61/2517 , H04L61/255 , H04L61/2553 , H04L61/2557 , H04L61/256 , H04L63/02 , H04L63/0263
摘要: Techniques are described for providing secure network address translation (NAT) in a NAT device that provides endpoint-independent mapping (EIM) and endpoint-independent filtering (EIF) operations.
摘要翻译: 描述了在提供端点独立映射(EIM)和端点独立过滤(EIF)操作的NAT设备中提供安全网络地址转换(NAT)的技术。
-
公开(公告)号:US09178846B1
公开(公告)日:2015-11-03
申请号:US13326903
申请日:2011-12-15
IPC分类号: H04L29/12
CPC分类号: H04L45/74 , H04L45/60 , H04L61/10 , H04L61/203 , H04L61/2514 , H04L61/2517 , H04L61/255 , H04L61/2553 , H04L61/2557 , H04L61/256 , H04L63/02 , H04L63/0263
摘要: A source network address and port translation (NAPT) mechanism is described that reduces or eliminates the need to log any NAT translations. As described herein, a mapping between a subscriber's private address to a public address and port range is determined algorithmically. Given a particular mapping rule, as specified by the service provider, a subscriber is repeatedly and deterministically mapped to the same public network address and a specific port range for that network address. Once the public address and port range for a subscriber are computed, the particular ports for each session for that subscriber are allocated dynamically within the computed NAT port range on per session basis.
摘要翻译: 描述了源网络地址和端口转换(NAPT)机制,减少或消除了对任何NAT转换进行日志记录的需要。 如这里所描述的,用户的专用地址与公共地址和端口范围之间的映射由算法确定。 给定由服务提供商指定的特定映射规则,订户被重复地且确定地映射到该网络地址的相同公共网络地址和特定端口范围。 一旦计算了用户的公共地址和端口范围,该用户的每个会话的特定端口在每个会话基础上在计算的NAT端口范围内动态分配。
-
公开(公告)号:US08799514B1
公开(公告)日:2014-08-05
申请号:US13247014
申请日:2011-09-28
申请人: Olivier Vautrin , Reinaldo Penno , Rajesh Mohan , Sarat Kamisetty , Alain Durand
发明人: Olivier Vautrin , Reinaldo Penno , Rajesh Mohan , Sarat Kamisetty , Alain Durand
IPC分类号: G06F15/16
CPC分类号: G06F9/5011 , H04L61/2514 , H04L61/2517 , H04L67/148
摘要: A network device may receive a packet from a user device; allocate a first port range to the user device; measure a period of time after allocating the first port range; and allocate a second port range to the user device when the measured period of time is equal to a particular period of time. The first port range may be associated with a first Internet Protocol (IP) address.
摘要翻译: 网络设备可以从用户设备接收分组; 将第一个端口范围分配给用户设备; 在分配第一个端口范围后测量一段时间; 并且当所测量的时间段等于特定时间段时,将第二端口范围分配给用户设备。 第一个端口范围可以与第一个因特网协议(IP)地址相关联。
-
公开(公告)号:US09112919B1
公开(公告)日:2015-08-18
申请号:US13459482
申请日:2012-04-30
申请人: Suresh Kumar Vinapamula Venkata , Rajesh Mohan , Sarat Kamisetty , Reinaldo Penno , Sanjay V. Agrawal
发明人: Suresh Kumar Vinapamula Venkata , Rajesh Mohan , Sarat Kamisetty , Reinaldo Penno , Sanjay V. Agrawal
IPC分类号: G06F15/16 , G06F15/173 , H04L29/12
CPC分类号: H04L67/141 , H04L61/25 , H04L61/2514 , H04L61/2517 , H04L61/255 , H04L61/256 , H04L61/6068 , H04L67/142
摘要: A node is configured to receive, from a second node, a request to establish a session; perform, in response to the request, a network address translation (NAT) operation to establish the session, the NAT operation causing a first port block to be allocated to the session, the first port block including a first set of ports via which traffic, associated with the session, is transported; determine that the set of ports are no longer available for the session; determine whether a quantity of times that the first port block has been allocated to the session is greater than a threshold; and retain the first port block, for the session, when the quantity of times that the first port block has been allocated to the session is not greater than the threshold.
摘要翻译: 节点被配置为从第二节点接收建立会话的请求; 响应于所述请求,执行网络地址转换(NAT)操作以建立所述会话,所述NAT操作使得将第一端口块分配给所述会话,所述第一端口块包括第一组端口,经由所述第一端口, 与会议相关联,运输; 确定该组端口不再可用于会话; 确定第一端口块已经被分配给会话的次数是否大于阈值; 并且当第一个端口块已分配给会话的次数不大于阈值时,保留第一个端口块,用于该会话。
-
公开(公告)号:US08806033B1
公开(公告)日:2014-08-12
申请号:US13174457
申请日:2011-06-30
申请人: Suresh Kumar Vinapamula Venkata , Rajesh Mohan , Sarat Kamisetty , Reinaldo Penno , Sanjay V. Agrawal
发明人: Suresh Kumar Vinapamula Venkata , Rajesh Mohan , Sarat Kamisetty , Reinaldo Penno , Sanjay V. Agrawal
IPC分类号: G06F15/16
CPC分类号: H04L67/141 , H04L45/302 , H04L61/25
摘要: A network device may receive a request from a local device to establish a connection with a another device. The request may include an internal network identifier of the local device. The network device may evaluate a plurality of external network identifiers, associated with the network device based on selected criteria. The network device may also, or alternatively, evaluate the external network identifiers by identifying an external network identifier that is already mapped to, or paired with, the internal network identifier. The network device may select an external network identifier, of the plurality of external network identifiers, based on the evaluation and establish the connection requested by the local device using the internal network identifier and the external network identifier.
摘要翻译: 网络设备可以从本地设备接收建立与另一设备的连接的请求。 该请求可以包括本地设备的内部网络标识符。 网络设备可以基于所选择的标准来评估与网络设备相关联的多个外部网络标识符。 网络设备还可以或者替代地通过识别已经映射到内部网络标识符或与内部网络标识符配对的外部网络标识符来评估外部网络标识符。 网络设备可以基于评估来选择多个外部网络标识符中的外部网络标识符,并且使用内部网络标识符和外部网络标识符建立由本地设备请求的连接。
-
公开(公告)号:US09197746B2
公开(公告)日:2015-11-24
申请号:US12366630
申请日:2009-02-05
CPC分类号: H04M3/436 , H04L9/3215 , H04L9/3231 , H04L9/3273 , H04L63/126 , H04L63/1441 , H04L63/1483 , H04L2209/56 , H04M2203/6054
摘要: The present invention provides a system, method and apparatus for authenticating calls that is a robust Anti-vishing solution. The present invention can identify Caller ID spoofing, verify dialed number to detect man-in-the middle and verify called party against dialed digits to detect impersonation. This solution can handle calls coming from any phone any where with little impact on user experience. Two separate solutions are tailored for smart phones (communication devices capable of running application software) and traditional phones to reduce the impact to user experience while providing robust verification.
摘要翻译: 本发明提供了一种用于认证作为强大的反维护解决方案的呼叫的系统,方法和装置。 本发明可以识别来电显示欺骗,验证拨号号码以检测中间人员,并根据拨号数字验证被叫方以检测模拟。 该解决方案可以处理来自任何手机的呼叫,对用户体验影响不大。 针对智能手机(能够运行应用软件的通信设备)和传统手机定制了两个独立的解决方案,以减少对用户体验的影响,同时提供强大的验证。
-
公开(公告)号:US20090217039A1
公开(公告)日:2009-08-27
申请号:US12366630
申请日:2009-02-05
CPC分类号: H04M3/436 , H04L9/3215 , H04L9/3231 , H04L9/3273 , H04L63/126 , H04L63/1441 , H04L63/1483 , H04L2209/56 , H04M2203/6054
摘要: The present invention provides a system, method and apparatus for authenticating calls that is a robust Anti-vishing solution. The present invention can identify Caller ID spoofing, verify dialed number to detect man-in-the middle and verify called party against dialed digits to detect impersonation. This solution can handle calls coming from any phone any where with little impact on user experience. Two separate solutions are tailored for smart phones (communication devices capable of running application software) and traditional phones to reduce the impact to user experience while providing robust verification.
摘要翻译: 本发明提供了一种用于认证作为强大的反维护解决方案的呼叫的系统,方法和装置。 本发明可以识别来电显示欺骗,验证拨号号码以检测中间人员,并根据拨号数字验证被叫方以检测模拟。 该解决方案可以处理来自任何手机的呼叫,对用户体验影响不大。 针对智能手机(能够运行应用软件的通信设备)和传统手机定制了两个独立的解决方案,以减少对用户体验的影响,同时提供强大的验证。
-
-
-
-
-
-
搜索结果
7 条记录 (耗时 0.021 秒)
