-
公开(公告)号:US12074845B2
公开(公告)日:2024-08-27
申请号:US18110172
申请日:2023-02-15
IPC分类号: H04L61/5014 , H04L12/66 , H04L47/70 , H04L61/00 , H04L101/618
CPC分类号: H04L61/5014 , H04L12/66 , H04L47/70 , H04L61/35 , H04L2101/618
摘要: Systems, methods, and devices for performing targeted filtering of network traffic generated by user equipment (UE) devices connected to a customer premise equipment (CPE) device in a communication system that includes a distributed residential gateway. A network server may determine that the communication system includes a UE device that is compromised, misconfigured, or operating outside normal communication parameters, identify the UE device, determine an Internet protocol (IP) address or a media access control (MAC) address of the identified UE device, generate a quarantine request message that includes the IP address or the MAC address of the identified UE device in response to determining that the preconfigured virtual local area network access control list (VACL) on the CPE lists source IP addresses from which the CPE will filter outbound traffic, and send the generated quarantine request message to a bridged residential gateway (BRG) associated with the CPE device.
-
公开(公告)号:US12052373B1
公开(公告)日:2024-07-30
申请号:US17325992
申请日:2021-05-20
申请人: VERISIGN, INC.
IPC分类号: H04L9/32 , H04L61/4511 , H04L9/00 , H04L101/618
CPC分类号: H04L9/3247 , H04L61/4511 , H04L9/50 , H04L2101/618
摘要: Systems, methods, and computer products for associating a network identifier with a network address enable operations that may include: receiving a network identifier associated with a first network; obtaining an identification of a proof provider; sending, to the proof provider, a network address associated with a second network, wherein the proof provider is configured to generate a signed association of the network identifier with the network address using a private key of the proof provider; obtaining the signed association; and providing, to the second network, at least the signed association. The second network may be configured to validate the signed association and store the signed association.
-
公开(公告)号:US11838262B1
公开(公告)日:2023-12-05
申请号:US18072280
申请日:2022-11-30
申请人: Cujo LLC
发明人: Santeri Kangas , Kimmo Kasslin , Leonardas Marozas , Filip Savin
IPC分类号: H04L29/12 , H04L61/4511 , H04L61/09 , H04L9/40 , H04L67/02 , G06F15/16 , G06F16/901 , H04L101/618
CPC分类号: H04L61/4511 , H04L61/09 , H04L63/14 , H04L67/02 , H04L2101/618
摘要: A first data communication of a first connected device related to a first target website is intercepted. The first data communication identifies the first target website by a first fully qualified domain name (FQDN), and the first FQDN is mapped to a first Internet protocol (IP) address. A pair of the first FQDN and the first IP address is determined. A second data communication of a second connected device related to a second target website is intercepted. The second data communication comprises a second encrypted FQDN and a second IP address of the second target website. The second IP address is determined to be equal to the first IP address. A cybersecurity reputation of the second target website is retrieved based on the first FQDN. In response to determining that the reputation matches a predetermined alarm condition, a cybersecurity operation is enforced for the second data communication.
-
公开(公告)号:US11716680B2
公开(公告)日:2023-08-01
申请号:US17153102
申请日:2021-01-20
发明人: Xiaojuan Li , Haorui Yang , Hui Jin , Guowei Ouyang , Fenghui Dou
IPC分类号: H04W48/18 , H04W76/11 , H04W8/08 , H04W40/02 , H04W48/16 , H04W80/10 , H04W80/12 , H04W24/02 , H04W76/12 , H04W76/10 , H04L69/167 , H04W80/04 , H04L101/654 , H04W8/24 , H04L101/686 , H04L101/618 , H04W60/04 , H04W8/20 , H04W8/26
CPC分类号: H04W48/18 , H04L69/167 , H04W8/08 , H04W24/02 , H04W40/02 , H04W48/16 , H04W76/10 , H04W76/11 , H04W76/12 , H04W80/04 , H04W80/045 , H04W80/10 , H04W80/12 , H04L2101/618 , H04L2101/654 , H04L2101/686 , H04W8/20 , H04W8/24 , H04W8/26 , H04W60/04
摘要: A protocol data unit (PDU) type setting method, a user equipment (UE) policy setting method, and a related entity, where the PDU type setting method includes: setting, by UE, a requested PDU type of a PDU session in a process of establishing the PDU session, where the requested PDU type of the PDU session is set by the UE based on a first condition, the first condition includes an Internet Protocol (IP) version corresponding to an application, and the application is associated with the PDU session. In the embodiments of the present disclosure, the requested PDU type of the PDU session can be consistent with a PDU type requested by the application, such that the application can normally perform communication.
-
公开(公告)号:US20240244119A1
公开(公告)日:2024-07-18
申请号:US18617565
申请日:2024-03-26
申请人: OXYLABS, UAB
IPC分类号: H04L67/56 , H04L61/4511 , H04L61/5007 , H04L101/618
CPC分类号: H04L67/56 , H04L61/4511 , H04L61/5007 , H04L2101/618
摘要: Systems and methods for coordinating network connectivity and communication between proxy servers, exit-nodes and client modules are disclosed. In one aspect, proxy-nodes in a proxy infrastructure accept connections with exit-nodes based on geographical proximity or proxy-node metrics. Further, a proxy-node can communicate and instruct another proxy-node to service the client request via a suitable exit-node. Further still, a proxy-node can communicate and instruct proxy-node to redirect a suitable exit-node towards the first proxy-node in order to service the client request. In another aspect, the proxy-infrastructure enables client modules to connect to proxy-nodes based on geographical proximity, client parameters, and client's behavioral informatics. In yet another aspect, proxy infrastructure enables a proxy node to redirect exit-nodes to a different proxy-node in the event of a) system overload or resource exhaustion, b) graceful shutdown c) erroneous network connection between exit-nodes and the proxy-node.
-
公开(公告)号:US12003600B2
公开(公告)日:2024-06-04
申请号:US17845240
申请日:2022-06-21
申请人: Oxylabs, UAB
IPC分类号: G06F15/16 , H04L61/4511 , H04L61/5007 , H04L67/56 , H04L101/618
CPC分类号: H04L67/56 , H04L61/4511 , H04L61/5007 , H04L2101/618
摘要: Systems and methods for coordinating network connectivity and communication between proxy servers, exit-nodes and client modules are disclosed. In one aspect, the proxy infrastructure enables network connectivity between exit-nodes and proxy-nodes without the need of any proxy-gateways or middleware entities to delegate the connections. Proxy-nodes in the proxy infrastructure accept connections with exit-nodes based on geographical proximity, proxy-node metrics, such as server loads and clients' frequent preferences. Further, a single instance of proxy-node can communicate and instruct another instance of proxy-node, to service the client request via a suitable exit-node. Further still, a single instance of proxy-node can communicate and instruct another instance of proxy-node to redirect a suitable exit-node towards the first proxy-node in order to service the client request. In another instance, the proxy-infrastructure enables client modules to connect to proxy-nodes based on geographical proximity, client parameters, and client's behavioral informatics. In yet another aspect, proxy infrastructure enables a proxy node to redirect exit-nodes to a different proxy—node in the event of a) system overload or resource exhaustion, b) graceful shutdown c) erroneous network connection between exit-nodes and the proxy-node.
-
公开(公告)号:US11902243B2
公开(公告)日:2024-02-13
申请号:US17937937
申请日:2022-10-04
IPC分类号: H04L61/4511 , H04L67/56 , H04L61/59 , H04L61/4552 , H04L101/618
CPC分类号: H04L61/4511 , H04L61/4552 , H04L61/59 , H04L67/56 , H04L2101/618
摘要: Systems and methods are described herein for providing proxy mechanisms for DNS services, such as resolving DNS requests. In some embodiments, the systems and methods establish a Proxy DNS module at a DNS resolver of an internet service provider, and access, with the proxy DNS module, DNS queries destined for a public name server. The name server may be accessible by the DNS resolver via a publically-accessible network. Further, the systems and methods may route the accessed DNS queries to a private name server associated with the proxy DNS module and accessible via a private communications channel, and receive, from the private name server and via the private communications channel, IP addresses associated with the DNS queries.
-
公开(公告)号:US11757826B1
公开(公告)日:2023-09-12
申请号:US18060774
申请日:2022-12-01
IPC分类号: H04L61/256 , H04L61/2592 , H04L61/4511 , H04L101/618
CPC分类号: H04L61/256 , H04L61/2592 , H04L61/4511 , H04L2101/618
摘要: A controller can securely publish an application of a tenant by securely extending a network fabric into the networks of the tenant with virtual private networks and NAT. After a tenant deploys an application into one or more networks of the tenant, the tenant can indicate select applications to publish. The network controller assigns a network address from the routable address space of the network fabric to the application and a network address aggregate to each application connector that will front an instance of the application, which securely extends the network fabric into the tenant network. The network controller configures NAT rules in the network fabric and on the application connector to create a route for traffic of the application through the network fabric to the application instance using a fully qualified domain name assigned to the application without exposing a private network address of the application instance and preserving security of other resource on the tenant network.
-
公开(公告)号:US11641341B2
公开(公告)日:2023-05-02
申请号:US17356710
申请日:2021-06-24
IPC分类号: H04L61/5014 , H04L12/66 , H04L47/70 , H04L61/00 , H04L101/618
摘要: Systems, methods, and devices for performing targeted filtering of network traffic generated by user equipment (UE) devices connected to a customer premise equipment (CPE) device in a communication system that includes a distributed residential gateway. A network server may determine that the communication system includes a UE device that is compromised, misconfigured, or operating outside normal communication parameters, identify the UE device, determine an Internet protocol (IP) address or a media access control (MAC) address of the identified UE device, generate a quarantine request message that includes the IP address or the MAC address of the identified UE device in response to determining that the preconfigured virtual local area network access control list (VACL) on the CPE lists source IP addresses from which the CPE will filter outbound traffic, and send the generated quarantine request message to a bridged residential gateway (BRG) associated with the CPE device.
-
10.发明授权公开(公告)号:US11533197B2
公开(公告)日:2022-12-20
申请号:US17481177
申请日:2021-09-21
申请人: CLOUDFLARE, INC.
发明人: Nicholas Alexander Wondra , Achiel Paul van der Mandele , Alexander Forster , Eric Reeves , Joaquin Madruga , Rustam Xing Lalkaka , Marek Przemyslaw Majkowski
IPC分类号: G06F15/16 , H04L12/46 , H04L101/618
摘要: A GRE tunnel is configured between multiple computing devices of a distributed cloud computing network and a single origin router of the origin network. The GRE tunnel has a first GRE endpoint that has an IP address that is shared among the computing devices of the distribute cloud computing network and a second GRE endpoint that has a publicly routable IP address of the origin router. A first computing device receives an IP packet from a client that is destined to an origin server. The first computing device processes the received IP packet and encapsulates the IP packet inside an outer packet to generate a GRE encapsulated packet whose source address is the first GRE endpoint and the destination address is the second GRE endpoint. The GRE encapsulated packet is transmitted over the GRE tunnel to the single origin router.
-
-
-
-
-
-
-
-
-
搜索结果
38 条记录 (耗时 0.015 秒)
