| BARRACUDA NETWORKS INC. Patent applications |
| Patent application number | Title | Published |
|---|
| 20120023112 | Method for measuring similarity of diverse binary objects comprising bit patterns - An apparatus, system, and method for measuring the similarity of diverse binary objects, such as files, is disclosed. The method comprises determining a plurality of digital signatures in each of a plurality of dissimilar objects, for each digital signature, accessing a location in a store which has object identifiers for each object which also exhibits at least one instance of the digital signature, writing into the store the object identifiers of all the objects which have the corresponding pattern and the number of times the pattern is found, and making a list of all the objects which share a pattern found in each object. Analyzing the list determines the degree of similarity of a particular object with each of a plurality of diverse binary objects. | 01-26-2012 |
| 20120017096 | More Elegant Exastore Apparatus and Method of Operation - An apparatus to scale for multiple petabyte backup in redundant locations. Workload is automatically shared among many servers by a characteristic derived from the content itself. Duplicate storage is eliminated by checking for the existence or absence of simple files and appending client identification to files shared among multiple subscribers. Replication depends on simple atomic file operations rather than use of tables or databases. An efficient storage method for much larger quantities of data than conventional services. | 01-19-2012 |
| 20110289582 | METHOD FOR DETECTING MALICIOUS JAVASCRIPT - An apparatus and system for scoring and grading websites and method of operation. An apparatus receives one or more Uniform Resource Identifiers (URI), requests and receives a resource such as a webpage, and observes the behaviors of an enhanced browser emulator as controlled by javascript provided by the webpage. The enhanced browser emulator tracks behaviors which when aggregated imply malicious intent. | 11-24-2011 |
| 20110289575 | DIRECTORY AUTHENTICATION METHOD FOR POLICY DRIVEN WEB FILTERING - Enabling web filtering by authenticated group membership, role, or user identity is provided by embedding a uniform resource identifier into an electronic document requested by a client. A client browser will provide directory credentials to a trusted web filter apparatus enabling a policy controlled access to resources external to the trusted network. An apparatus comprises circuits for transmitting a uniform resource identifier to a client, receiving a request comprising authentication credentials, querying a policy database and determining a customized policy for access to an externally sourced electronic document or application. A computer-implemented technique to simplify web filter administrator tasks by removing a need to set each browsers settings or install additional software on each user terminal. | 11-24-2011 |
| 20110289434 | Certified URL checking, caching, and categorization service - Disclosed is a method, a computer system and a computer readable media product that contains a set of computer executable software instructions for directing the computer system to execute a process for generating improved abbreviated uniform resource identifiers (URI) commonly called an URL. A system comprises an URL shortening server, coupled to a web filter, coupled to a proxy server, coupled to a domain name system server. A user may append host and domain as a suffix to a shortened URL to request at least one of web filtering, categorization, and preview before redirection to the site. A site receives a request for an abbreviated URL or a categorized abbreviated URL which is provided upon passing a webfilter. | 11-24-2011 |
| 20110258272 | FACILITATING TRANSMISSION OF AN EMAIL OF A WELL BEHAVED SENDER BY EXTRACTING EMAIL PARAMETERS AND QUERYING A DATABASE - Facilitating email transmission by extracting email parameters, requesting data in the form of a dns query, and receiving a sender reputation as an IP address. Querying a database by sending a plurality of arguments concatenated to a dns request and receiving an IP address in reply. Filtering email by querying a database with email parameters comprising an IP address and a domain of an email sender which may be extracted from an packet headers in the SMTP sequence up to and including the MAIL command and prior to the DATA command. The smtp session is continued, modified or interrupted according to the result of the query submitted to a database operating as a dns server. | 10-20-2011 |
| 20110249683 | TRANSMISSION APPARATUS FOR VPN OPTIMIZATION BY DEFRAGMENTATION AND DEDUPLICATION AND METHOD - A transmission apparatus for optimizing a virtual private network operates by defragmenting and deduplicating transfer of variable sized blocks. A large data object is converted to a plurality of data paragraphs by a fingerprinting method. Each data paragraph is cached and hashed. The hashes are transmitted to at least one satellite apparatus. Only data paragraphs which are not previously cached at each satellite are transferred. | 10-13-2011 |
| 20110249680 | RECEPTION APPARATUS FOR VPN OPTIMIZATION BY DEFRAGMENTATION AND DEDUPLICATION AND METHOD - A reception apparatus for optimizing a virtual private network operates by defragmenting and deduplicating transfer of variable sized blocks. A large data object is converted to a plurality of data paragraphs by a fingerprinting method. Each data paragraph is cached and hashed. The hashes are transmitted from a primary apparatus. Only data paragraphs which are not previously cached at satellite are received. The data object is integrated from stored and newly transmitted data paragraphs and transmitted to its destination IP address. | 10-13-2011 |
| 20110239291 | Detecting and Thwarting Browser-Based Network Intrusion Attacks For Intellectual Property Misappropriation System and Method - Detecting and thwarting browser-based network intrusion attacks for intellectual property misappropriation is provided by enabling a local machine to direct retrieval of resources using uniform resource identifiers to a browser operating within a virtual machine whose internet protocol address is within a range external to a trusted network sub-circuit. Such a virtual machine is constrained by not having access to the Active Director Server of the trusted network. Such a virtual machine is constrained by not having access to other resources of the trusted network. Such a virtual machine is constrained by a monitor application which terminates the virtual machine if characteristics of intrusion or network attack are observed within the virtual machine. | 09-29-2011 |
| 20110225244 | TRACING DOMAINS TO AUTHORITATIVE SERVERS ASSOCIATED WITH SPAM - The invention provides a method and system for filtering email which may contain links to a large number of rapidly synthesized domains serving spam content by referencing a database of categorized authoritative servers, querying a domain name system server for an authoritative server associated with domain names embedded in email, and accessing the database of categorized authoritative servers for a match. | 09-15-2011 |
| 20110035795 | PORT HOPPING AND SEEK YOU PEER TO PEER TRAFFIC CONTROL METHOD AND SYSTEM - A network apparatus, system, and method for operating a server to identify and subsequently control suspected peer-to-peer (P2P) sources transmitting traffic from a first network to a second network. Identifying a peer-to-peer source by a characteristic of destination port profile. Identifying a peer-to-peer source by a characteristic of destination host IP address profile. Determining when hopping ports usage comprise a data stream. Determining when destination IP address usage represent “Seek You” (CQ) like call behavior analogous to a radio invitation for any operators listening to respond. | 02-10-2011 |
| 20110030060 | METHOD FOR DETECTING MALICIOUS JAVASCRIPT - A method provides Dynamic Analysis to identify URL provisioning malicious javascripts comprising tracing frequently used javascript feature used to either inject malicious javascript in html response or redirecting user to the website that is serving malicious contents. An apparatus embodiment operates in the cloud in the middle where it identifies javascript in the response traffic and then requests the other corresponding javascript and can make a determination before delivering the original content to the user. | 02-03-2011 |
| 20110022670 | FACILITATING TRANSMISSION OF EMAIL BY CHECKING EMAIL PARAMETERS WITH A DATABASE OF WELL BEHAVED SENDERS - Facilitating email transmission by extracting email parameters, requesting data in the form of a dns query, and receiving a sender reputation as an IP address. Querying a database by sending a plurality of arguments concatenated to a dns request and receiving an IP address in reply. Operating a remote database as a dns server, receiving queries as domains and transmitting replies in the format of IPv4 or IPv6 addresses. Filtering email by querying a database with email parameters comprising an IP address and a domain of an email sender which may be extracted from an email header in the HELO, EHLO, MAIL FROM, or RETURN PATH. The smtp session is continued, modified or interrupted according to the result of the query submitted to a database operating as a dns server. | 01-27-2011 |
| 20110004750 | Hierarchical skipping method for optimizing data transfer through retrieval and identification of non-redundant components - A method for optimizing data transfer through retrieval and identification of non-redundant components. Efficiently packing each network transmission block using sequence search criteria. A hierarchical skipping method. Avoidance of sending undesired pieces. Segmentation of each file and object into a hierarchy of pieces in a plurality of types. | 01-06-2011 |
| 20110004601 | Multi-streamed method for optimizing data transfer through parallelized interlacing of data based upon sorted characteristics to minimize latencies inherent in the system - A method for optimizing data transfer through parallelized interlacing of data based upon sorted characteristics to minimize latencies inherent in the system. Operating a plurality of threads in parallel on disparate file sizes ordered by an additional thread. Efficient backup of heterogeneous non-volatile mass store to a network attached server. Scalable distribution of backup processes for computing hashes and eliminating duplication. Increased granularity of file pieces to match blocking of file I/O with network transmission. Efficiently packing each network transmission block using sequence search criteria. Avoidance of sending undesired pieces. Segmentation of each file and object into a hierarchy of pieces in a plurality of types. | 01-06-2011 |
| 20100325240 | QUERYING A DATABASE AS A DOMAIN NAME SYSTEM RESOLVER - Querying a database by sending a plurality of arguments concatenated to a Domain Name System request and receiving a reply in the form of text or encoded as an IPv4 or an IPv6 address. | 12-23-2010 |
| 20100318681 | PROTOCOL-INDEPENDENT, MOBILE, WEB FILTER SYSTEM PROVISIONING DNS TRIAGE, URI SCANNER, AND QUERY PROXY SERVICES - A system comprising three services: query string proxy, URI path scanner, and domain name system triage. A query string proxy sends a request on behalf of a client and analyzes the response from a remote server. A URI path scanner performs keyword matching on the entire path of a uniform resource identifier. A domain name system triage service receives a UDP request prior to establishing any protocol session between a client and a server and returns one IP address selected from the following: a block IP address, a trusted IP address, and a redirection to enhanced filter service IP address. | 12-16-2010 |
| 20100260187 | VPN OPTIMIZATION BY DEFRAGMENTATION AND DEDUPLICATION APPARATUS AND METHOD - An apparatus for optimizing a virtual private network operates by defragmenting and deduplicating transfer of variable sized blocks. A large data object is converted to a plurality of data paragraphs by a fingerprinting method. Each data paragraph is cached and hashed. The hashes are transmitted between a primary and a satellite apparatus. Only data paragraphs which are not cached at both the primary and satellite are transferred. The data object is integrated from data paragraphs stored in cache and transmitted to its destination IP address. | 10-14-2010 |
| 20100251372 | DEMAND SCHEDULED EMAIL VIRUS AFTERBURNER APPARATUS, METHOD, AND SYSTEM - Queuing and rescanning email for most recently detected virus signatures. An apparatus comprising a first virus scanning circuit operating on received email and a second virus scanning circuit operating on the outbound email queue and quarantine store. Rescanning for viruses while delivering email to downstream email server or viewing quarantine with virus signatures not previously known when the virus was first introduced to the wild. A circuit determines that an email server or an email client is active and ready to retrieve or read emails from quarantine or from the output queue of a an anti-virus, anti-spam appliance. Upon that condition, one or more virus signatures are read from a most recently discovered virus signature syndication server. Emails in the output queue, or quarantine or rescanned before transmission to the destination email server. | 09-30-2010 |
| 20100241619 | BACKUP APPARATUS WITH HIGHER SECURITY AND LOWER NETWORK BANDWIDTH CONSUMPTION - A system for more secure, more efficient, more widely applicable backup, retention, and retrieval of data. An apparatus comprising improved means for de-duplication of data and securely storing data remotely with efficient retention and recovery. A method comprising disassembling data objects, efficiently de-duplicating, securely storing and retrieving backups in shared servers on a public network, and controlling retention. | 09-23-2010 |
| 20100211639 | APPARATUS AND METHOD FOR SERVING ANNULAR MESSAGES TO LOCAL BROWSERS - A system to enable a local area network operator to optimize bandwidth by controlling annular display surrounding sourced content. An apparatus for storing content sponsor messages locally to a user's network. A method for selecting among locally served messages, images, and applications to support delivery of content provider's intellectual property. In short, optimizing and tuning the delivery of the message annulus surrounding the “news hole” of a webpage. | 08-19-2010 |
| 20100180027 | CONTROLLING TRANSMISSION OF UNAUTHORIZED UNOBSERVABLE CONTENT IN EMAIL USING POLICY - A system, method, and apparatus is disclosed to control mail server in handling encrypted messages. | 07-15-2010 |
| 20100174829 | APPARATUS FOR TO PROVIDE CONTENT TO AND QUERY A REVERSE DOMAIN NAME SYSTEM SERVER - An apparatus is disclosed for to provide content to and query a reverse domain name system (DNS) server without depending on the kindness of domain name system registrars, registrants. DNS replies are observed by firewalls or filters, analyzed, and transmitted to a reverse domain name system server. An embodiment of the present invention can be within a DNS server or SMTP server. | 07-08-2010 |
| 20100146260 | TANDEM ENCRYPTION CONNECTIONS TO PROVIDE NETWORK TRAFFIC SECURITY METHOD AND APPARATUS - Security measures are applied to encrypted data exchanges by enabling content decryption, rule application, and content re-encryption at a network location. A certificate, self-signed or authenticated by an official Certificate Authority is obtained for and installed within the secure proxy apparatus. A link to a secure page is replaced with a link to a page having a fully qualified domain name of the proxy apparatus as the suffix. An encrypted session between the client is established between the client and the proxy apparatus without deceit in the later case. A first encryption-enabled connection is established from the first node to a content filter, while a second encryption-enabled connection is established from the content filter to the second node. Following decryption, a determination is made as to whether the content includes Undesired Data. Restricted material is blocked, while unrestricted material is re-encrypted and delivered to the destination node. For a self-signed certificate, the destination node comprises a private security system-signed root certificate installed in the destination node's Trusted Root Certification Authorities certificate store. In another aspect of the invention, at least one of encrypted Instant Messages, e-mail messages and web pages are decrypted and recorded at a location between sources and destinations of the transmissions. The look and feel is maintained of a single encrypted link between the requestor and the external source by the inventive use of a wildcard certificate within the network local to the requestor. | 06-10-2010 |
| 20100131646 | POLICY-MANAGED DNS SERVER FOR TO CONTROL NETWORK TRAFFIC - Disclosed is a method, a computer system, and a computer-readable media product that contains a set of computer executable software instructions for directing the computer to execute a process for policy-based operation of a DNS server apparatus to manage traffic due to undesirable mail or requests for electronic documents. The policies operate according to owners, regions, or countries controlling source IP addresses and deterministically select from a plurality of non-equivalent replies to be sent to the source IP address. Accumulating previous activity records may assist in determining which traffic may be usefully deferred or suppressed. The process includes withholding certain information from certain DNS servers seeking IP addresses to improve overall security and integrity of the Internet. | 05-27-2010 |
| 20100121981 | AUTOMATED VERIFICATION OF DNS ACCURACY - Disclosed is a method, a computer system, and a computer readable media product that contains a set of computer executable software instructions for directing the computer to execute a process for independent confirmation of DNS replies to foil DNS cache poisoning attacks. The process comprises comparing a plurality of DNS replies for an exact or predefined “close enough” match as a condition for blocking or forwarding a DNS reply to a resolver. The tangible beneficial result is to prevent the success of a dns cache poisoning attack from diverting a user to a malicious site on the internet. | 05-13-2010 |
| 20100088742 | APPARATUS FOR DEFINING A SET OF RULES FOR A PACKET FORWARDING DEVICE - There are methods and apparatus, including computer program products, for defining a policy including a set of rules for a packet forwarding device by receiving information sufficient to enable a first rule related to one of security or traffic management to be defined, and based on the received information, enabling a corresponding second rule related to the other one of security or traffic management to be defined. | 04-08-2010 |
| 20100088741 | METHOD FOR DEFINING A SET OF RULES FOR A PACKET FORWARDING DEVICE - There are methods and apparatus, including computer program products, for defining a policy including a set of rules for a packet forwarding device by receiving information sufficient to enable a first rule related to one of security or traffic management to be defined, and based on the received information, enabling a corresponding second rule related to the other one of security or traffic management to be defined. | 04-08-2010 |
| 20100049985 | DISTRIBUTED FREQUENCY DATA COLLECTION VIA DNS NETWORKING - Domain Name Service (DNS) requests are used as the reporting vehicle for ensuring that security-related information can be transferred from a network. As one possibility, a central facility for a security provider may maintain a data collection capability that is based upon receiving the DNS requests containing the information being reported. In an email application, if a data block is embedded within or attached to an email message, an algorithm is applied to the data block to generate an indicator that is specifically related to the contents of the data block. As one possibility, the algorithm may generate a hash that provides a “digital fingerprint” having a reasonable likelihood that the hash is unique to the data block. By embedding the hash within a DNS request, the request becomes a report that the data block has been accessed. | 02-25-2010 |
| 20100049893 | LINK BALANCER APPARATUS WITH LOW PROFILE PLURAL PORT INPUT / OUTPUT CARD - A space-conscious system utilizes a low profile expansion card for providing a physical and electrical interface between a larger scale board, such as a motherboard, and a plurality of external components. The expansion card is mounted in a perpendicular orientation relative to the larger scale board, despite dimensional limitations with regard to such an orientation. The expansion card includes an input/output circuit board and a plurality of “signal-conduction extenders” for enabling coupling a plurality of ports to an external wall of the housing in which the expansion card and larger scale board are contained. In one possible embodiment, the housing is compatible with the 1U standard, the expansion card is an Ethernet card, and there is an adapter board at the front wall of the housing for routing connections from the expansion card to a plurality of exposed ports. The invention allows more than two of the expansion cards to be mounted in parallel within the same container. | 02-25-2010 |
| 20100049848 | DISTRIBUTED FREQUENCY DATA COLLECTION VIA INDICATOR EMBEDDED WITH DNS REQUEST - Domain Name Service (DNS) requests are used as the reporting vehicle for ensuring that security-related information can be transferred from a network. As one possibility, a central facility for a security provider may maintain a data collection capability that is based upon receiving the DNS requests containing the information being reported. In an email application, if a data block is embedded within or attached to an email message, an algorithm is applied to the data block to generate an indicator that is specifically related to the contents of the data block. As one possibility, the algorithm may generate a hash that provides a “digital fingerprint” having a reasonable likelihood that the hash is unique to the data block. By embedding the hash within a DNS request, the request becomes a report that the data block has been accessed. | 02-25-2010 |
| 20100031323 | Network Interface Device - There are methods and apparatus, including computer program products, for defining a policy including a set of rules for a packet forwarding device by receiving information sufficient to enable a first rule related to one of security or traffic management to be defined, and based on the received information, enabling a corresponding second rule related to the other one of security or traffic management to be defined. | 02-04-2010 |
| 20100011420 | OPERATING A SERVICE ON A NETWORK AS A DOMAIN NAME SYSTEM SERVER - Operating a service such as a remote database as a dns server, receiving inputs such as queries as domain names and transmitting replies in the format of IPv4 or IPv6 addresses. | 01-14-2010 |
| 20100005191 | REQUESTING A SERVICE OR TRANSMITTING CONTENT AS A DOMAIN NAME SYSTEM RESOLVER - Requesting a service such as querying a database or communicating content by sending a plurality of arguments concatenated to a dns request and receiving a reply in the form of text or an IPv4 or an IPv6 address. | 01-07-2010 |
| 20100005146 | FACILITATING TRANSMISSION OF EMAIL BY CHECKING EMAIL PARAMETERS WITH A DATABASE OF WELL BEHAVED SENDERS - Facilitating email transmission by extracting email parameters, requesting data in the form of a dns query, and receiving a sender reputation as an IP address. Querying a database by sending a plurality of arguments concatenated to a dns request and receiving an IP address in reply. Operating a remote database as a dns server, receiving queries as domains and transmitting replies in the format of IPv4 or IPv6 addresses. Filtering email by querying a database with email parameters comprising an IP address and a domain of an email sender which may be extracted from an email header in the HELO, EHLO, MAIL FROM, or RETURN PATH. The smtp session is continued, modified or interrupted according to the result of the query submitted to a database operating as a dns server. | 01-07-2010 |
| 20090285219 | DEFICIT AND GROUP ROUND ROBIN SCHEDULING FOR EFFICIENT NETWORK TRAFFIC MANAGEMENT - Data traffic is scheduled by, in a first scheduler, selecting a source of traffic from a plurality of sources of traffic, each source being associated with a second scheduler, in a second scheduler associated with the selected source of traffic, selecting a type of traffic from a plurality of types of traffic within the source selected by the first scheduler, and transmitting data of the selected type and source. Scheduling data traffic apparatus and method using deficit and group ratio round robin budgeting. | 11-19-2009 |
| 20090279550 | TUNNELING FOR EFFICIENT NETWORK TRAFFIC MANAGEMENT - Data traffic is scheduled by, in a first scheduler, selecting a source of traffic from a plurality of sources of traffic, each source being associated with a second scheduler, in a second scheduler associated with the selected source of traffic, selecting a type of traffic from a plurality of types of traffic within the source selected by the first scheduler, and transmitting data of the selected type and source. Identifying and creating tunnels between endpoints in a network for optimum data traffic method and apparatus. | 11-12-2009 |
