Patent application number | Description | Published |
20090182818 | HEURISTIC DETECTION OF PROBABLE MISSPELLED ADDRESSES IN ELECTRONIC COMMUNICATIONS - Methods and systems for detecting suspicious electronic communications, such as electronic mail (email) messages containing, originated or purportedly originated from misspelled and/or deliberately misleading addresses, are provided. According to one embodiment, an electronic communication, such as an electronic mail (email) message, is scanned to determine whether the electronic communication contains one or more suspicious addresses or represents a suspicious traffic pattern. If the electronic communication is determined to contain one or more suspicious addresses or is determined to represent a suspicious traffic pattern, then the electronic communication is handled in accordance with an electronic communication security policy associated with suspicious electronic communications. For example, an event may be logged, the electronic communication may be dropped or quarantined, the communication may be tagged as spam or possible phishing and/or an end user may be alerted to the existence of the one or more suspicious addresses. | 07-16-2009 |
20090293051 | MONITORING AND DYNAMIC TUNING OF TARGET SYSTEM PERFORMANCE - Methods and systems for remotely monitoring and tuning the performance of one or more target systems are provided. According to one embodiment, a separate tuning server receives data, such as profiling data, that has been collected regarding a target system. Then, if based on the data it is determined that performance attributes of the target system can be improved, the performance of the target system is dynamically tuned. Depending upon the circumstances, the target system may be caused to replace an application component of a program being executed by the target system with a new application component, which may be contained within an image chosen from a set of pre-built images or built and compiled by the tuning server specifically for the target system. In some cases, the dynamic tuning of the performance of the target system may involve making a change to a configuration file on the target system. | 11-26-2009 |
20100095377 | DETECTION OF SUSPICIOUS TRAFFIC PATTERNS IN ELECTRONIC COMMUNICATIONS - Methods and systems for detecting suspicious traffic patterns in electronic communications are provided. According to one embodiment, an electronic mail (email) message is received by a mail filter (milter), which evaluates a traffic pattern represented by the email message by scanning information associated with the email message and comparing it to information associated with one or more traffic analysis profiles. If the email message is identified by the milter as being inconsistent with normal email traffic patterns as represented by the one or more traffic analysis profiles, then the milter causes the email message to be handled in accordance with an email security policy associated with suspicious traffic patterns. For example, in the context of an outbound message, the originator may be alerted to a factor contributing to the identification and the originator may be provided with an opportunity to address the factor. | 04-15-2010 |
20120291117 | COMPUTERIZED SYSTEM AND METHOD FOR HANDLING NETWORK TRAFFIC - Methods and systems for processing network content associated with multiple virtual domains are provided. According to one embodiment, content processing of network traffic associated with multiple virtual domains is performed by a service daemon process initiated within a firewall. The service daemon process handles content processing of network traffic for the virtual domains by aggregating communication channels associated with the virtual domains and by applying to the network traffic an appropriate content processing policy corresponding to a virtual domain with which the network traffic is associated. | 11-15-2012 |
20130305343 | COMPUTERIZED SYSTEM AND METHOD FOR HANDLING NETWORK TRAFFIC - Methods and systems for processing network content associated with multiple virtual domains are provided. According to one embodiment, a service daemon process is instantiated within a firewall to handle content processing of network traffic of virtual domains by aggregating communication channels associated with the virtual domains and by applying an appropriate content processing policy for the corresponding virtual domain. A connection request is received by the firewall from a virtual domain. A child process is forked by the service daemon process to handle network traffic associated with the virtual domain. A communication channel is established between a kernel of the firewall and the service daemon process to transfer a portion of the network traffic between the service daemon process and the kernel. The child process is configured to perform content processing of the network traffic in accordance with a content processing policy associated with the virtual domain. | 11-14-2013 |
20130305346 | COMPUTERIZED SYSTEM AND METHOD FOR ADVANCED NETWORK CONTENT PROCESSING - A computerized system and method for processing network content in accordance with at least one content processing rule. In accordance with the inventive method, the network content is received at a first interface. The inventive system identifies a transmission protocol information of the received network content and uses the identified transmission protocol information to intercept at least a portion of the received network content formatted in accordance with a transmission protocol. The intercepted portion of the network content is redirected to a proxy, which buffers the redirected portion of network content. The buffered network content is scanned in accordance with a scanning criterion and processed in accordance with the at least one content processing rule based on the result of the scanning. The processed portion of network content may be forwarded using the second interface. | 11-14-2013 |
20130332997 | COMPUTERIZED SYSTEM AND METHOD FOR DEPLOYMENT OF MANAGEMENT TUNNELS - Methods and systems for deploying management tunnels between managed and managing devices are provided. According to one embodiment, a managed device receives an address of a management device. The managed device has stored therein a pre-configured unique identifier of an authorized management device and a digital certificate assigned to the managed device prior to installation of the managed device within a network. A tunnel is established between the devices. The management device has stored therein a digital certificate assigned to the management device prior to installation of the management device within the network. The digital certificate of the management device is received by the managed device. Prior to allowing the management device to use the tunnel to perform management functionality in relation to the managed device, a unique identifier included within or associated with the digital certificate of the management device is confirmed with reference to the pre-configured unique identifier. | 12-12-2013 |
20150052362 | COMPUTERIZED SYSTEM AND METHOD FOR DEPLOYMENT OF MANAGEMENT TUNNELS - Methods and systems for deploying management tunnels between managed and managing devices are provided. According to one embodiment, network devices, including a peer managed devices, a management device and a trusted peer managed device are deployed within a network. The network devices are pre-configured to form a web of trust by storing within each network device (i) a digital certificate signed by a manufacturer or a distributor and (ii) a unique identifier. The peer managed device establishes a management tunnel with the management device based on an address received from an external source. Prior to allowing the management device to use the management tunnel to perform management functionality, the peer managed device verifies credentials of the managed device by causing its unique identifier to be confirmed with reference to a pre-configured identifier of an authorized management device stored within the peer managed device. | 02-19-2015 |
Patent application number | Description | Published |
20130013777 | DELEGATED NETWORK MANAGEMENT SYSTEM AND METHOD OF USING THE SAME - A method for providing a management function requested by a user that uses a managed device includes establishing a session on a managed device in response to a user logging into an account on the managed device, establishing a delegated management session on a management device, the delegated management session corresponding to the session on the managed device, receiving a management message on the management device, the management message being related to a management function requested by the user, and in response to the received management message, performing the management function using the management device. | 01-10-2013 |
20130254310 | DELEGATED NETWORK MANAGEMENT SYSTEM AND METHOD OF USING THE SAME - A method for providing a management function requested by a user that uses a managed device includes establishing a session on a managed device in response to a user logging into an account on the managed device, establishing a delegated management session on a management device, the delegated management session corresponding to the session on the managed device, receiving a management message on the management device, the management message being related to a management function requested by the user, and in response to the received management message, performing the management function using the management device. | 09-26-2013 |