SonicWALL, Inc. Patent applications |
Patent application number | Title | Published |
20150334090 | METHOD TO ENABLE DEEP PACKET INSPECTION (DPI) IN OPENFLOW-BASED SOFTWARE DEFINED NETWORK (SDN) - The present invention relates to a method and system for performing deep packet inspection of messages transmitted through a network switch in a Software Defined Network (SDN). Embodiments of the invention include a network switch, a controller, and a firewall in a software defined networking environment. In the present invention, the network switch is a simple network switch that is physically separate from the controller and the firewall. The invention may include a plurality of physically distinct network switches communicating with one or more controllers and firewalls. In certain instances, communications between the network switch, the controller, and the firewall are performed using the Open Flow standard communication protocol. | 11-19-2015 |
20150195265 | VIRTUAL PRIVATE NETWORK DEAD PEER DETECTION - Methods and systems are provided for detecting dead tunnels associated with a VPN. An indicator of a tunnel capability, for example, a DPD vendor ID, is received from a peer through a VPN connection. The tunnel capability is associated with one or more phase II tunnels associated with the VPN. Traffic generated by the peer is detected, and if traffic is detected at a tunnel, the tunnel is presumed to be alive. When no traffic is detected in a tunnel, a DPD packet exchange with the tunnel is initiated. A determination is made, based on the packet exchange, whether the tunnel is alive. | 07-09-2015 |
20140214821 | SYSTEM AND METHOD FOR ADAPTIVE TEXT RECOMMENDATION - Network system provides a real-time adaptive recommendation set of documents with a high statistical measure of relevancy to the requestor device. The recommendation set is optimized based on analyzing text of documents of the interest set, categorizing these documents into clusters, extracting keywords representing the themes or concepts of documents in the clusters, and filtering a population of eligible documents accessible to the system utilizing site and or Internet-wide search engines. The system is either automatically or manually invoked and it develops and presents the recommendation set in real-time. The recommendation set may be presented as a greeting, notification, alert, HTML fragment, fax, voicemail, or automatic classification or routing of customer e-mail, personal e-mail, job postings, and offers for sale or exchange. | 07-31-2014 |
20140207892 | MESSAGE CHALLENGE RESPONSE - A system and method are disclosed for registering a email sender for the purpose of sending an email message to an email receiver including receiving a challenge message wherein the challenge message includes a machine answerable question; processing the challenge message to determine that it is a challenge message sent for the purpose of authorizing delivery of the email message; analyzing the question to determine a valid response to the challenge message; and sending the valid response that includes the answer wherein a nontrivial amount of resources are required to send the valid response. | 07-24-2014 |
20140201486 | CONTINUOUS DATA BACKUP USING REAL TIME DELTA STORAGE - A continuous data backup using real time delta storage has been presented. A backup appliance receives a backup request from a backup agent running on a computing machine to backup data on the computing machine. The computing machine is communicatively coupled to the backup appliance. Then the backup appliance performs block-based real-time backup of the data on the computing machine. The backup appliance stores backup data of the computing machine in a computer-readable storage device in the backup appliance. | 07-17-2014 |
20140157409 | CLASSIFYING A MESSAGE BASED ON FRAUD INDICATORS - Systems, methods, and media for classifying messages are disclosed. A plurality of fraud indicators are identified in the message. A signature of the message is generated. The generated signature of the message is compared to a stored signature. The stored signature is based on a statistical analysis of fraud indicators in a second message associated with the stored signature. A determination as to whether the message is fraudulent is made based on the comparison. The message is processed based on the determination that the message is a fraudulent message. | 06-05-2014 |
20140156678 | IMAGE BASED SPAM BLOCKING - A fingerprint of an image identified within a received message is generated following analysis of the message. A spam detection engine identifies an image within a message and converts the image into a grey scale image. The spam detection engine analyzes the grey scale image and assigns a score. A fingerprint of the grey scale image is generated based on the score. The fingerprint may also be based on other factors such as the message sender's status (e.g. blacklisted or whitelisted) and other scores and reports generated by the spam detection engine. The fingerprint is then used to filter future incoming messages. | 06-05-2014 |
20140150082 | Net-Based Email Filtering - A local gateway device receives email across the internet from a sender of the email and forwards it across the internet to an email filtering system. The email filtering system analyzes the email to determine whether it is spam, phishing or contains a virus and sends it back to the local gateway device along with the filtered determination. The local gateway device forwards the received email and the filtered determination to a local junk store which handles the email appropriately. For example, if the email has been determined to be spam, phishing or containing a virus, the junk store can quarantine the email and if the email has been determined to be non-spun and/or not phishing and/or not containing a virus, the junk store can forward the email to a local mail server for delivery. | 05-29-2014 |
20140129655 | SIGNATURE GENERATION USING MESSAGE SUMMARIES - Systems and methods for processing a message are provided. A message may be processed to generate a message summary by removing or replacing certain words, phrases, sentences, punctuation, and the like. Message signatures based upon the message summary may be generated and stored in a signature database, which may be used to identify and/or classify spam messages. Subsequently received messages may be classified by signature and processed based on classification. | 05-08-2014 |
20140089249 | DATA PATTERN ANALYSIS USING OPTIMIZED DETERMINISTIC FINITE AUTOMATION - Techniques for data pattern analysis using deterministic finite automaton are described herein. In one embodiment, a number of transitions from a current node to one or more subsequent nodes representing one or more sequences of data patterns is determined, where each of the current node and subsequent nodes is associated with a deterministic finite automaton (DFA) state. A data structure is dynamically allocated for each of the subsequent nodes for storing information associated with each of the subsequent nodes, where data structures for the subsequent nodes are allocated in an array maintained by a data structure corresponding to the current node if the number of transitions is greater than a predetermined threshold. Other methods and apparatuses are also described. | 03-27-2014 |
20140086215 | WIRELESS EXTENDER SECURE DISCOVERY AND PROVISIONING - According to embodiments of the invention, a first wireless access point discovers a second wireless access point, the first wireless access point tunes its radio and privacy settings, without user input, based upon parameters automatically exchanged in response to the discovery of the second wireless access point, and a secure direct wireless connection is established between the first and second wireless access points using the radio and privacy settings. Adding the first wireless to an existing mesh network includes a determination of the best available direct wireless connection. | 03-27-2014 |
20140068622 | PACKET PROCESSING ON A MULTI-CORE PROCESSOR - A method for packet processing on a multi-core processor. According to one embodiment of the invention, a first set of one or more processing cores are configured to include the capability to process packets belonging to a first set of one or more packet types, and a second set of one or more processing cores are configured to include the capability to process packets belonging to a second set of one or more packet types, where the second set of packet types is a subset of the first set of packet types. Packets belonging to the first set of packet types are processed at a processing core of either the first or second set of processing cores. Packets belonging to the second set of packet types are processed at a processing core of the first set of processing cores. | 03-06-2014 |
20140059681 | METHOD AND AN APPARATUS TO PERFORM MULTIPLE PACKET PAYLOADS ANALYSIS - A method and an apparatus to perform multiple packet payload analysis have been disclosed. In one embodiment, the method includes receiving a plurality of data packets, each of the plurality of data packets containing a portion of a data pattern, determining whether each of the plurality of data packets is out of order, and making and storing a local copy of the corresponding data packet if the corresponding data packet is out of order. Other embodiments have been claimed and described. | 02-27-2014 |
20140059646 | Query Interface to Policy Server - A scalable access filter that is used together with others like it in a virtual private network to control access by users at clients in the network to information resources provided by servers in the network. Each access filter uses a local copy of an access control data base to determine whether an access request is made by a user. Each user belongs to one or more user groups and each information resource belongs to one or more information sets. Access is permitted or denied according to access policies which define access in terms of the user groups and information sets. The first access filter in the path performs the access check, encrypts and authenticates the request; the other access filters in the path do not repeat the access check. The interface used by applications to determine whether a user has access to an entity is now an SQL entity. The policy server assembles the information needed for the response to the query from various information sources, including source external to the policy server. | 02-27-2014 |
20140059645 | Query Interface to Policy Server - A scalable access filter that is used together with others like it in a virtual private network to control access by users at clients in the network to information resources provided by servers in the network. Each access filter uses a local copy of an access control data base to determine whether an access request is made by a user. Each user belongs to one or more user groups and each information resource belongs to one or more information sets. Access is permitted or denied according to access policies which define access in terms of the user groups and information sets. The first access filter in the path performs the access check, encrypts and authenticates the request; the other access filters in the path do not repeat the access check. The interface used by applications to determine whether a user has access to an entity is now an SQL entity. The policy server assembles the information needed for the response to the query from various information sources, including source external to the policy server. | 02-27-2014 |
20140059049 | IDENTIFICATION OF CONTENT BY METADATA - Systems and methods for identifying content in electronic messages are provided. An electronic message may include certain content. The content is detected and analyzed to identify any metadata. The metadata may include a numerical signature characterizing the content. A thumbprint is generated based on the numerical signature. The thumbprint may then be compared to thumbprints of previously received messages. The comparison allows for classification of the electronic message as spam or not spam. | 02-27-2014 |
20140053264 | METHOD AND APPARATUS TO PERFORM MULTIPLE PACKET PAYLOADS ANALYSIS - A method and apparatus for identifying data patterns of a file are described herein. In one embodiment, an exemplary process includes, but is not limited to, receiving a data packet of a data stream containing a file segment of a file originated from an external host and destined to a protected host of a local area network (LAN), the file being transmitted via multiple file segments contained in multiple data packets of the data stream, and performing a data pattern analysis on the received data packet to determine whether the received data packet contains a predetermined data pattern, without waiting for a remainder of the data stream to arrive. Other methods and apparatuses are also described. | 02-20-2014 |
20140047232 | Query Interface to Policy Server - A scalable access filter that is used together with others like it in a virtual private network to control access by users at clients in the network to information resources provided by servers in the network. Each access filter uses a local copy of an access control data base to determine whether an access request is made by a user. Each user belongs to one or more user groups and each information resource belongs to one or more information sets. Access is permitted or denied according to access policies which define access in terms of the user groups and information sets. The first access filter in the path performs the access check, encrypts and authenticates the request; the other access filters in the path do not repeat the access check. The interface used by applications to determine whether a user has access to an entity is now an SQL entity. The policy server assembles the information needed for the response to the query from various information sources, including source external to the policy server. | 02-13-2014 |
20140019568 | IDENTIFICATION OF CONTENT - Systems and methods for identifying content in electronic messages are provided. An electronic message may include certain content. The content is detected and analyzed to identify any metadata. The metadata may include a numerical signature characterizing the content. A thumbprint is generated based on the numerical signature. The thumbprint may then be compared to thumbprints of previously received messages. The comparison allows for classification of the electronic message as spam or not spam. | 01-16-2014 |
20130346751 | Query Interface to Policy Server - A scalable access filter that is used together with others like it in a virtual private network to control access by users at clients in the network to information resources provided by servers in the network. Each access filter uses a local copy of an access control data base to determine whether an access request is made by a user. Each user belongs to one or more user groups and each information resource belongs to one or more information sets. Access is permitted or denied according to access policies which define access in terms of the user groups and information sets. The first access filter in the path performs the access check, encrypts and authenticates the request; the other access filters in the path do not repeat the access check. The interface used by applications to determine whether a user has access to an entity is now an SQL entity. The policy server assembles the information needed for the response to the query from various information sources, including source external to the policy server. | 12-26-2013 |
20130339458 | EFFICIENT USE OF RESOURCES IN MESSAGE CLASSIFICATION - A system and method are disclosed for routing a message through a plurality of test methods. The method includes: receiving a message; applying a first test method to the message; updating a state of the message based on the first test method; and determining a second test method to be applied to the message based on the state. | 12-19-2013 |
20130339006 | EFFICIENT STRING SEARCH - Some embodiments of an efficient string search have been presented. In one embodiment, a string of bytes representing content written in a non-delimited language is received, wherein the content has been classified into a predetermined category. In a single pass through the string of bytes, a set of N-grams is searched for simultaneously. Statistical information on occurrences of the N-grams, if any, in the string of bytes is collected. In some embodiments, a model is generated based on the statistical information, where the model is usable by a content filter to classify content. | 12-19-2013 |
20130332552 | REAL-TIME NETWORK UPDATES FOR MALICIOUS CONTENT - A global response network collects, analyzes, and distributes “cross-vector” threat-related information between security systems to allow for an intelligent, collaborative, and comprehensive real-time response. | 12-12-2013 |
20130091065 | AUTOMATIC SPIKE LICENSING - A license for one or more services may include a certain service capacity under the license. The services may be provided under the license within the service capacity. When there is a spike in service requests, the services requested may exceeds the service capacity under the license. It may be determined that the license includes a spike provision that allows for requested services to be provided in excess of the service capacity under the license. The spike provision may be activated so that the requested services in excess of the service capacity under the license are provided under the spike provision | 04-11-2013 |
20120101967 | STATISTICAL MESSAGE CLASSIFIER - A system and method are disclosed for improving a statistical message classifier. A message may be tested with a machine classifier, wherein the machine classifier is capable of making a classification on the message. In the event the message is classifiable by the machine classifier, the statistical message classifier is updated according to the reliable classification made by the machine classifier. The message may also be tested with a first classifier. In the event that the message is not classifiable by the first classifier, it is tested with a second classifier, wherein the second classifier is capable of making a second classification. In the event that the message is classifiable by the second classifier, the statistical message classifier is updated according to the second classification. | 04-26-2012 |
20110307950 | Net-Based Email Filtering - A local gateway device receives email across the internet from a sender of the email and forwards it across the internet to an email filtering system. The email filtering system analyzes the email to determine whether it is spam, phishing or contains a virus and sends it back to the local gateway device along with the filtered determination. The local gateway device forwards the received email and the filtered determination to a local junk store which handles the email appropriately. For example, if the email has been determined to be spam, phishing or containing a virus, the junk store can quarantine the email and if the email has been determined to be non-spun and/or not phishing and/or not containing a virus, the junk store can forward the email to a local mail server for delivery. | 12-15-2011 |