Real Time Touch



new TOP 200 Companies filing patents this week

new Companies with the Most Patent Filings (2010+)




Real Time Touch

Similar
Filing Names

Fortinet Inc
Fortinet Inc A Delaware Corporation
Fortinet Inc_20131212
Fortinet Inc_20100114

Fortinet Inc patents


Recent patent applications related to Fortinet Inc. Fortinet Inc is listed as an Agent/Assignee. Note: Fortinet Inc may have other listings under different names/spellings. We're not affiliated with Fortinet Inc, we're just tracking patents.

ARCHIVE: New 2018 2017 2016 2015 2014 2013 2012 2011 2010 2009 | Company Directory "F" | Fortinet Inc-related inventors


 new patent  Telecommunication terminal

A telecommunication terminal that integrated with a wireless access point is provided. According to one embodiment, a telecommunication terminal includes a local area network (lan) port, a processor, an internet protocol (ip) phone unit, a wireless access point unit and a housing. ... Fortinet Inc

Data leak protection

Methods and systems for data leak prevention (dlp) in an enterprise network are provided. According to one embodiment, a network security device maintains a filter database containing multiple filtering rules. ... Fortinet Inc

Cloud based logging service

Methods and systems are provided for facilitating access to a cloud-based logging service. According to one embodiment, access to a cloud-based logging service is integrated within a network security appliance by automatically configuring access settings for the logging service and creating an account for the security appliance with the logging service. ... Fortinet Inc

Filtering hidden data embedded in media files

Systems and methods for filtering unsafe content by a network security device are provided. According to one embodiment, a network security device captures network traffic and extracts a media file from the network traffic. ... Fortinet Inc

Security information and event management

Systems and methods are described for conducting work flows by an siem device to carry out a complex task automatically. According to one embodiment, an siem device may receive a work flow template defining at an abstract level multiple security tasks that are performed by one or more security devices. ... Fortinet Inc

Stand-by controller assisted failover

Methods and systems for standby controller aided failover are provided. According to one embodiment, an active control channel and an active data channel are established by an active controller with a managed device via a management protocol. ... Fortinet Inc

Automated resolution of wi-fi connectivity issues over sms

Wi-fi connectivity issues are automatically resolved over sms. An sms message including a mac address is received for a station having a wireless connectivity issue involving a wi-fi portion of the data communication network. ... Fortinet Inc

Selective enforcement of event record purging in a high volume log system

Event record purging is selectively enforced in a high volume log system. A plurality of data retention policies is received for one or more data types. ... Fortinet Inc

System and method for software defined behavioral ddos attack mitigation

Systems and methods for software defined behavioral ddos attack mitigation are provided. According to one embodiment, a method is provided for mitigating ddos attacks. ... Fortinet Inc

Adaptive allocation for dynamic reporting rates of log events to a central log management server from distributed nodes in a high volume log management system

Dynamic reporting rates for a log management system are adaptively allocated. Each individual controller node device of plurality of controller nodes is initially allocated an eps rate limit for submitting event records to a log management system (e.g., an siem log management system) out of a licensed eps rate. ... Fortinet Inc

Monitoring wireless station experience on a wi-fi network by emulating client radios

Wireless station experience is monitored by emulating client radios. A radio (or entire transceiver) from a plurality of radios on the access point is assigned to switch from a normal mode to a client mode to operate as a client radio. ... Fortinet Inc

Calculating consecutive matches using parallel computing

Methods and systems for determining consecutive matches are provided. According to one embodiment, a class definition and a data stream are received by a network security device. ... Fortinet Inc

Wireless station steering based on station data exchange capacity

Wireless stations of a wi-fi network based are steered to either a high throughput channel or a low throughput channel based on data exchange capacity, in addition to dual-band capability. A probe request data packet from a wireless station seeking to join a channel of the plurality of channels supported by the access point is detected. ... Fortinet Inc

Automated configuration of endpoint security management

Systems and methods for managing configuration of a client security application based on a network environment in which the client device is operating are provided. According to one embodiment, a network connection state of a client device with respect to a private network is determined by a client security application running on the client device. ... Fortinet Inc

03/22/18 / #20180083970

Document classification by a hybrid classifier

Systems and methods for classifying urls by a hybrid classifier are provided. According to one embodiment, a hybrid classifier receives a candidate url. ... Fortinet Inc

03/22/18 / #20180083922

Firewall policy management

Methods and systems are provided for creation and implementation of firewall policies. According to one embodiment, a firewall maintains a log of observed network traffic flows. ... Fortinet Inc

03/22/18 / #20180083791

Reducing multicast service traffic for matching and streaming in sdn (software defined networking) enabled networks

Multicast packets from streaming services on a data network are reduced. A packet conversion policy distributes openflow rules to network components involved in multicasting services. ... Fortinet Inc

03/22/18 / #20180080571

Check valve for preventing air backflow in a modular cooling system

A cooling system for electrical and electronic devices for hot swapping of a fan module without affecting cooling efficiency due to air backflow, preventing stalling of newly installed exhaust device due to reverse rotation. A check valve assembly having an inlet side frame member, an outlet side frame member, and one or more non-symmetrical valve flaps, each flap having a movable part and a fixed part. ... Fortinet Inc

03/22/18 / #20180080479

Fan vibration damping devices, systems and/or methods

Vibration damping devices and methods utilizing the same for damping vibrations in a fan. A vibration damping device for a fan, the fan having an inlet side of a frame and an exhaust side of the frame and the frame retains a fan mechanism. ... Fortinet Inc

03/15/18 / #20180077264

Configuring initial settings of a network security device via a hand-held computing device

Process, equipment, and computer program product code for configuring a network security device using a hand-held computing device are provided. Default initial settings for a network security device are received by a mobile application running on a hand-held computing device. ... Fortinet Inc

03/15/18 / #20180077202

Cloud-based security policy configuration

Systems and methods for configuring security policies based on security parameters stored in a public or private cloud infrastructure are provided. According to one embodiment, security parameters associated with a first network appliance of an enterprise, physically located at a first site, are shared by the first network appliance with multiple network appliances of the enterprise by logging into an shared enterprise cloud account. ... Fortinet Inc

03/15/18 / #20180077200

Augmented reality visualization device for network security

Systems and methods for managing network security events with the assistance of augmented reality are provided. According to one embodiment, a reality image of a network object is captured by an augmented reality device. ... Fortinet Inc

03/15/18 / #20180077118

Load balancing among a cluster of firewall security devices

A method for balancing load among firewall security devices (fsds) is provided. According to one embodiment, a switching device performs adaptive load balancing among cluster units of an ha cluster of firewall security devices. ... Fortinet Inc

03/15/18 / #20180077116

Computerized system and method for deployment of management tunnels

Methods and systems for deploying management tunnels between managed and managing devices are provided. According to one embodiment, the use of pki-authenticated serial numbers within network devices manufactured by a particular manufacturer enables one-step provisioning of one or more managed devices. ... Fortinet Inc

03/15/18 / #20180077087

Virtual memory protocol segmentation offloading

Methods and systems for a more efficient transmission of network traffic are provided. According to one embodiment, presence of outbound payload data, distributed across a first and second payload buffer, within a user memory space of a network device that has been generated by a user process is determined by a bus/memory interface or a network interface unit. ... Fortinet Inc

03/08/18 / #20180070304

Power saving in wi-fi devices utilizing bluetooth

The present description provides methods, computer program products, and systems for saving power in wi-fi devices utilizing bluetooth. A wi-fi radio transitions to deep sleep mode from active mode while a bluetooth radio remains active. ... Fortinet Inc

03/08/18 / #20180069946

Cache management based on factors relating to replacement cost of data

Systems and methods for a cache replacement policy that takes into consideration factors relating to the replacement cost of currently cached data and/or the replacement cost of received data. According to one embodiment, data is received by a network device responsive to a request issued on behalf of a client device. ... Fortinet Inc

03/08/18 / #20180069895

Detection of spoof attacks on internet of things (iot) location broadcasting beacons

Spoof attacks on location based beacons are detected. A stream of beacons (e.g., ibeacons) comprising at least a unique source identifier is generated. ... Fortinet Inc

03/08/18 / #20180069831

Accelerating data communication using tunnels

Methods and systems are provided for increasing application performance and accelerating data communications in a wan environment. According to one embodiment, packets are received at a flow classification module operating at the internet protocol (ip) layer of a first wide area network (wan) acceleration device via a private tunnel, which is operable to convey application layer data for connection-oriented applications between wan acceleration devices. ... Fortinet Inc

03/08/18 / #20180069770

Network flow analysis

Systems and methods for a network flow analysis service that facilitates collection, analysis and sharing of information regarding network flows are provided. According to one embodiment, a network flow analysis service provider collects network traffic information of network flows from a plurality of different network sources, analyzes at least one attribute associating with the network flows based on the network traffic information; and distributes the at least one attribute to subscribers of the network flow analysis service.. ... Fortinet Inc

03/08/18 / #20180068125

Secure cloud storage distribution and aggregation

Methods and systems for secure cloud storage are provided. According to one embodiment, file storage policies are maintained for users of an enterprise network by a trusted gateway device interposed between the network and multiple third-party cloud storage services. ... Fortinet Inc

03/01/18 / #20180063147

Network content rating based on public rating database

Systems and methods for inspecting/analyzing a data stream to identify one or more attributes of content associated with the data stream, and apply appropriate content filtering based thereon are provided. According to one embodiment, the data stream is in a form of one or more interactions between a client device and a server associated with a service provider that delivers, streams or authorizes access to digital content by subscribers of the service provider. ... Fortinet Inc

02/08/18 / #20180041475

Centralized management and enforcement of online privacy policies

Systems and methods for centralized management and enforcement of online privacy policies of a private network are provided. According to one embodiment, existence of private information contained in a data packet originated by a client device of a private network and destined for a server device external to the private network is identified by a network security device protecting the private network by scanning the data packet for information matching a signature contained within a private information signature database. ... Fortinet Inc

02/01/18 / #20180034829

Content filtering of remote file-system access protocols

Methods and systems for content filtering of remote file-system access protocols are provided. According to one embodiment, a proxy, implemented within a network gateway device of a private network, monitors remote file-system access protocol sessions involving client computer systems and a server computer system associated with the private network. ... Fortinet Inc

02/01/18 / #20180034734

Network processing unit (npu) integrated layer 2 network device for layer 3 offloading

Systems and methods for facilitating offloading of communication sessions from layer 3 network devices are provided. According to one embodiment, session information pertaining to a session capable of being offloaded is received from a layer 3 network device by a layer 2 network device that includes multiple network processing units (npus). ... Fortinet Inc

01/25/18 / #20180025012

Web page classification based on noise removal

Systems and methods for improving accuracy of web content classification by removing perceived noise are provided. The system receives a uniform resource locator (url) of a web page that needs to be classified, and parses the web page so as to construct a tree containing a list of tags. ... Fortinet Inc

01/11/18 / #20180013795

Context-aware pattern matching accelerator

Methods and systems for improving accuracy, speed, and efficiency of context-aware pattern matching are provided. According to one embodiment, a packet stream is received by a first stage of a hardware accelerator of a network device. ... Fortinet Inc

01/04/18 / #20180007615

Automatic channel selection in wireless local area network (wlan) controller based deployments

Wi-fi channels are automatically selected in a wlan controller based deployment. Scan results received from each of the plurality of access points comprise a list of neighboring access points from the plurality of access points relative to each access point. ... Fortinet Inc

01/04/18 / #20180007090

Classification of top-level domain (tld) websites based on a known website classification

Systems and methods for classification of web sites and/or their corresponding urls based on a known web site classification are provided. According to one embodiment, a website url is received that is known to be associated with a particular content classification. ... Fortinet Inc

01/04/18 / #20180007067

Detecting poisoning attacks of internet of things (iot) location beacons in wireless local area networks (wlans) with silence periods

Poisoning attacks by spoofing location beacons in a wlan are detected using silence periods. A location beacon identifier is received from a mobile device allegedly within range of a location device transmitting location beacons, along with a timestamp of transmission for each of the location beacons. ... Fortinet Inc

01/04/18 / #20180007006

Detection of undesired computer files using digital certificates

Methods and systems for detecting undesirable computer files based on scanning and analysis of information contained within an associated digital certificate chain are provided. According to one embodiment, a file having associated therewith a certificate chain is received. ... Fortinet Inc

01/04/18 / #20180006996

Dhcp agent assisted routing and access control

Systems and methods for increasing layer 2 visibility of layer 3 network devices so as to facilitate implementation of device-oriented policy actions by layer 3 network devices are provided. According to one embodiment, unique physical addresses of one or more host devices are retrieved by a dynamic host configuration protocol (dhcp) agent that is operatively coupled with a dhcp server. ... Fortinet Inc

01/04/18 / #20180006806

Dual-mode processing of cryptographic operations

Systems and methods for dual mode hardware acceleration for cryptographic operations are provided. According to one embodiment, data upon which a cryptographic operation is to be performed is receive by a computer system that includes a host cpu and a cryptographic hardware accelerator. ... Fortinet Inc

01/04/18 / #20180004945

Operation of a dual instruction pipe virus co-processor

Circuits and methods are provided for detecting, identifying and/or removing undesired content. According to one embodiment, a method for performing content scanning of content objects is provided. ... Fortinet Inc

12/28/17 / #20170374098

Denial-of-service (dos) mitigation approach based on connection characteristics

Systems and methods for an improved ddos mitigation approach are provided. According to one embodiment, a current threshold for a network connection characteristic is established within a denial-of-service (dos) mitigation device logically interposed between a protected resource of a private network and multiple client devices residing external to the private network. ... Fortinet Inc

12/28/17 / #20170374097

Denial-of-service (dos) mitigation based on health of protected network device

Systems and methods for improving the performance of dos mitigation by monitoring the health of a protected network resource are provided. According to one embodiment, health of a network device protected by dos mitigation device can be evaluated and packet/traffic received on the dos mitigation device can be selectively/conditionally forwarded to the protected network device or can be dropped based on the health of the protected network device. ... Fortinet Inc

12/28/17 / #20170374031

Examining and controlling ipv6 extension headers

Methods and systems for selectively blocking, allowing and/or reformatting ipv6 headers by traversing devices are provided. According to one embodiment, reputation information regarding observed senders of internet protocol (ip) version 6 (ipv6) packets and packet fragments is maintained by a traversing device based on conformity or nonconformity of extension headers contained within the ipv6 packets with respect to a set of security checks performed by the traversing device. ... Fortinet Inc

12/28/17 / #20170374025

Internet protocol security (ipsec) interface configuration and management

Systems and methods for bundling multiple ipsec dialup tunnels into a single ipsec interface are provided. According to one embodiment, an internet protocol security (ipsec) interface is configured between a first network device and a second network device, by the first network device and the ipsec interface is associated with a static internet protocol (ip) address. ... Fortinet Inc

12/28/17 / #20170373867

Extension of wi-fi services multicast to a subnet across a wi-fi network using software-defined networking (sdn) to centrally control data plane behavior

Wi-fi services multicast to a subnet in a software-defined network (sdn) are extended. An sdn controller centrally monitors a data plane of a wi-fi network. ... Fortinet Inc

12/28/17 / #20170369183

Determining validity of location signal combinations for securing unmanned aerial vehicle (uav) navigation

A navigation security module of an unmanned aerial vehicle (uav) receives a combination of signals from a location technology, each signal comprising at least a signal identification and location data. The combination of signal identifications is processed against known identifications. ... Fortinet Inc

12/21/17 / #20170366664

Intelligent telephone call routing

Systems and methods for intelligently routing an incoming telephone call to an internal extension based on the calling history are provided. According to one embodiment, a session log, containing information regarding sessions between internal extension numbers and external telephone numbers, is maintained by a call monitor of a telephone system. ... Fortinet Inc

12/21/17 / #20170366575

Management of cellular data usage during denial of service (dos) attacks

Systems and methods for managing data usage of a cellular modem during dos/ddos attacks are provided. According to one embodiment, a network security device of a private network detects a dos attack in network traffic going through the network security device and determines whether the dos attack is being transmitted through a cellular modem of a cellular data network. ... Fortinet Inc

12/21/17 / #20170366507

Data leak protection in upper layer protocols

Methods and systems for data leak prevention (dlp) in a private network are provided. According to one embodiment, a packet is received by a network security device. ... Fortinet Inc

11/30/17 / #20170344767

Securing internet of things (iot) rf (radio frequency) location tags using source addresses to locate stations on a wi-fi network

Rf tags using source addresses to locate stations on a wi-fi network are secured. An rf location server receives a pseudo source address of an rf (radio frequency) tag from a station. ... Fortinet Inc

11/23/17 / #20170339107

Policy-based content filtering

Methods and systems for processing application-level content of network service protocols are described. According to one embodiment, a firewall maintains multiple configuration schemes, each defining a set of administrator-configurable content filtering process settings. ... Fortinet Inc

10/26/17 / #20170310779

Facilitating content accessibility via different communication formats

Methods and systems for facilitating content accessibility via different communication formats are provided. According to one embodiment, information indicative of one or more communication formats via which a client device is capable of communication is stored on a client device by (i) sending the client device a web page having embedded therein test content associated with a first protocol stack and/or a second protocol stack; and (ii) based on a response to the test content received from the client device, determining communication capabilities of the client device. ... Fortinet Inc

10/26/17 / #20170310640

Mobile hotspot managed by access controller

Systems and methods are described for a mobile hotspot that can be managed by an access controller. According to an embodiment, a wan connection is established by a mobile hotspot through a telecommunication data network via a wireless wan module. ... Fortinet Inc

10/26/17 / #20170308699

Systems and methods for detecting undesirable network traffic content

A method of detecting a content desired to be detected includes receiving electronic data at a first host, determining a checksum value using the received electronic data, sending the checksum value to a processing station, the processing station being a second host that is different from the first host, and receiving a result from the processing station, the result indicating whether the electronic data is associated with a content desired to be detected. A method of detecting a content desired to be detected includes receiving electronic data at a receiving station, and determining whether the received electronic data is associated with a content desired to be detected, wherein the receiving station does not include content detection data for identifying the content desired to be detected.. ... Fortinet Inc

10/05/17 / #20170289180

Filtering of metadata signatures

Systems and methods for high performance ids/ips with efficient metadata filtering are provided. According to one embodiment, a signature database of an ids/ips is configured with multiple metadata signatures. ... Fortinet Inc

10/05/17 / #20170289179

Sandboxing protection for endpoints

Methods and systems for integrating a sandboxing service and distributed threat intelligence within an endpoint security application are provided. According to one embodiment, the method includes file system or operating system activity relating to a file accessible to an endpoint system is monitored by an endpoint security application running on the endpoint system. ... Fortinet Inc

10/05/17 / #20170288955

Network appliance health monitor

Systems and methods for monitoring failures of network devices and identifying potential sources of the failures by a device health monitor are provided. A device monitor receives a usage log of a network device over a network connection and analyzes an abnormal usage of the network device from the usage log. ... Fortinet Inc

09/28/17 / #20170280368

Directed station roaming in cloud managed wi-fi network

Directing station roaming in a cloud-managed wi-fi network. Management messages are received from a controller that is located remotely from the wi-fi communication network by an access point. ... Fortinet Inc

09/28/17 / #20170279850

Detecting and preventing flooding attacks in a network environment

A method for processing network traffic data includes receiving a packet, and determining whether the packet is a previously dropped packet that is being retransmitted. A method for processing network traffic content includes receiving a plurality of headers, the plurality of headers having respective first field values, and determining whether the first field values of the respective headers form a first prescribed pattern. ... Fortinet Inc

09/28/17 / #20170279795

Secure, automatic second factor user authentication using push services

A network-based multi-factor authentication approach is provided. A request to access a protected network resource and user credentials are received from a client by an application server hosting the resource. ... Fortinet Inc

09/28/17 / #20170279769

Automated creation and use of vpn configuration profiles

Systems and methods for automatically obtaining virtual private network (vpn) connection profile data from a barcode are provided. According to one embodiment, a client security application obtains a barcode, wherein the client security application is installed on a client machine and is used for managing the security of the client machine. ... Fortinet Inc

09/28/17 / #20170279637

Intelligent bridging of wi-fi flows in a software defined network (sdn)

Wi-fi flows are intelligently bridged in a software-defined network (sdn) controller of a wireless communication network that centrally coordinates data plane behavior. A default mode tunnels packets received at an access point to the sdn controller for layer 2 routing decisions. ... Fortinet Inc

09/21/17 / #20170272468

Network security management via social media network

Systems and methods for managing users' local security policies based on social media network information are provided. According to one embodiment, a network security appliance of a private network receives authentication request from a client machine and provides a social login interface of a social media network to the client machine. ... Fortinet Inc

09/14/17 / #20170264646

System and method for software defined behavioral ddos attack mitigation

Systems and methods for software defined behavioral ddos attack mitigation are provided. According to one embodiment, a method is provided for controlling multiple distributed denial of service (ddos) mitigation appliances. ... Fortinet Inc

09/14/17 / #20170264638

System and method for software defined behavioral ddos attack mitigation

Systems and methods for software defined behavioral ddos attack mitigation are provided. According to one embodiment, a method is provided for mitigating ddos attacks. ... Fortinet Inc

09/14/17 / #20170264509

System and method for dynamic management of network device data

A method and apparatus of a device that dynamically changes how management data is managed in response to events detected in a network system is described. In an exemplary embodiment, the device detects an event occurring in the network system. ... Fortinet Inc

09/07/17 / #20170257463

Configuring initial settings of a network security device via a hand-held computing device

Process, equipment, and computer program product code for configuring a network security device using a hand-held computing device are provided. Default initial settings for a network security device are received by a mobile application running on a hand-held computing device. ... Fortinet Inc

09/07/17 / #20170257422

Managing transmission and storage of sensitive data

Systems and methods for injecting sensitive data into outgoing traffic on behalf of a user of a private network are provided. According to one embodiment, a network security appliance maintains a database of sensitive data. ... Fortinet Inc

09/07/17 / #20170257348

System and method for integrated header, state, rate and content anomaly prevention for session initiation protocol

Methods and systems for an integrated solution to the rate based denial of service attacks targeting the session initiation protocol are provided. According to one embodiment, header, state, rate and content anomalies are prevented and network policy enforcement is provided for session initiation protocol (sip). ... Fortinet Inc

09/07/17 / #20170257347

Filtering hidden data embedded in media files

Systems and methods for filtering unsafe content by a network security device are provided. According to one embodiment, a network security device captures network traffic and extracts a media file from the network traffic. ... Fortinet Inc

09/07/17 / #20170255549

Virtualization in a multi-host environment

Methods and systems for implementing improved partitioning and virtualization in a multi-host environment are provided. According to one embodiment, multiple devices, including cpus and peripherals, coupled with a system via an interconnect matrix/bus are associated with a shared memory logically partitioned into multiple domains. ... Fortinet Inc

09/07/17 / #20170255532

High-availability cluster architecture and protocol

Methods and systems are provided for an improved cluster-based network architecture. According to one embodiment, an active connection is established between a first interface of a network device and an enabled interface of a first cluster unit of a high availability (ha) cluster. ... Fortinet Inc

08/31/17 / #20170251052

Socket application program interface (api) for efficient data transactions

Methods and systems for efficient data transactions between applications running on devices associated with the same host. According to one embodiment, a host system includes an http proxy and an ssl/tls proxy operatively coupled with each other. ... Fortinet Inc

08/31/17 / #20170251001

Metadata information based file processing

Methods and systems for network level file processing based on metadata information retrieved from a file are provided. According to one embodiment, a file is received by a network security appliance. ... Fortinet Inc

08/17/17 / #20170237617

Centralized management of access points

Systems and methods are provided for centralized access, control, and management of aps. According to one embodiment, multiple aps of a private ip network are decoupled from potentially transient ip addresses by assigning a unique identifier to each of the multiple aps by an ac. ... Fortinet Inc

07/13/17 / #20170201488

Computerized system and method for deployment of management tunnels

Methods and systems for deploying management tunnels between managed and managing devices are provided. According to one embodiment, the use of pki-authenticated serial numbers within network devices manufactured by a particular manufacturer enables one-step provisioning of one or more managed devices. ... Fortinet Inc

07/06/17 / #20170195355

Logging attack context data

Methods and systems for improved attack context data logging are provided. According to one embodiment, prior to a logging event being triggered (i) it is determined by a network security device whether a received packet is potentially associated with a threat or undesired activity by analyzing the packet; (ii) when the determination is negative, the packet is stored within a circular buffer; and (iii) when the determination is affirmative, (a) the logging event is triggered, (b) pre-attack context information regarding the threat is captured by extracting information from packets within the circular buffer and (c) the pre-attack context information is stored within a log. ... Fortinet Inc

07/06/17 / #20170195351

Detecting malicious resources in a network based upon active client reputation monitoring

Systems and methods for detecting malicious resources by analyzing communication between multiple resources coupled to a network are provided. According to one embodiment, a method of client reputation monitoring is provided. ... Fortinet Inc

07/06/17 / #20170195292

Sequentially serving network security devices using a software defined networking (sdn) switch

Systems and methods for an sdn switch that provides service group chaining for sequentially serving multiple network security devices are provided. According to one embodiment, a packet received by the switch is processed by a first fpu based on a first set of rules and forwarded conditionally to a first security device. ... Fortinet Inc

07/06/17 / #20170195289

Tunnel interface for securing traffic over a network

Methods and systems for a flexible, scalable hardware and software platform that allows a managed security service provider to easily provide security services to multiple customers are provided. According to one embodiment, a method is provided for delivering customized network services to subscribers of the service provider. ... Fortinet Inc

07/06/17 / #20170195257

Cardinality based packet processing in software-defined networking (sdn) switches

Systems and methods for scalable sdn devices having ports/network interfaces mapped to cardinal flow processing (cfp) units are provided. According to one embodiment, an incoming packet is received, at a software-defined networking (sdn) switch. ... Fortinet Inc

07/06/17 / #20170195255

Packet routing using a software-defined networking (sdn) switch

Systems and methods for an sdn switch that facilitates forwarding/differential routing decision determination are provided. A packet is received at an input port of the sdn switch. ... Fortinet Inc

07/06/17 / #20170195254

Application based conditional forwarding and load balancing in a software defined networking (sdn) architecture

Systems and methods for an sdn switch that provides application-based conditional forwarding and session-aware load balancing are provided. According to one embodiment, a packet is received at an input port of a software defined networking (sdn) switch. ... Fortinet Inc

07/06/17 / #20170195253

Flexible pipeline architecture for multi-table flow processing

Methods and systems for implementing scalable sdn devices having a flexible data path pipeline having multiple flow tables and a hybrid memory approach are provided. According to one embodiment, an sdn switch performs a method of storing a flow table within a memory device most suitable for the type of rules contained within the flow table. ... Fortinet Inc

07/06/17 / #20170195207

System and method for securing virtualized networks

Systems and methods for securing a dynamic virtualized network are provided. According to one embodiment, a network policy of a dynamic virtualized network is received by an sdn controller of the dynamic virtualized network. ... Fortinet Inc

07/06/17 / #20170193231

Efficient data transfer in a virus co-processing system

Circuits and methods are provided for detecting, identifying and/or removing undesired content. According to one embodiment, a processor maintains a page directory and a page table within a system memory for use in connection with translating virtual addresses to physical addresses. ... Fortinet Inc

06/29/17 / #20170188384

Emulating virtual port control of airtime fairness using per station enhanced distributed channel access (edca) parameters

A technique for emulating virtual port control of airtime fairness for wireless stations using per station enhanced distributed channel access (edca) parameters. Specific parameters are received for each of a plurality of stations connected to the access point. ... Fortinet Inc

06/29/17 / #20170188272

Repurposing protocol messages to facilitate handoff

A control element identifies the possibility that a station will transfer to a destination ap, and prepares that destination for a handoff. The control element repurposes messages from the station which indicate a possible near-term handoff, to prepare access points to receive that handoff. ... Fortinet Inc

06/29/17 / #20170187780

Optimizing multimedia streaming in wlans (wireless local access networks) with a remote sdn (software-defined networking) controller

An sdn controller to provision network resources at a data plane to keep progressive downloads of multimedia files proportional to encoding rates is disclosed. Packets from a new or unknown flow being downloaded at a default rate are forwarded from an access point, or other device, to an sdn controller for analysis. ... Fortinet Inc

06/29/17 / #20170187750

Security configuration file conversion with security policy optimization

Systems and methods for converting a configuration file from a first language into a second language with policy optimization and auditing are provided. According to one embodiment, a network appliance configuration converter parses network security policies of an input configuration file of a first network appliance to intermediate representations. ... Fortinet Inc

06/29/17 / #20170187738

Systems and methods for categorizing network traffic content

A method for categorizing network traffic content includes determining a first characterization of the network traffic content determining a first probability of accuracy associated with the first characterization, and categorizing the network traffic content based at least in part on the first characterization and the first probability of accuracy. A method for use in a process to categorize network traffic content includes obtaining a plurality of data, each of the plurality of data representing a probability of accuracy of a characterization of network traffic content, and associating each of the plurality of data with a technique for characterizing network traffic content. ... Fortinet Inc

06/29/17 / #20170187735

Rating of signature patterns for pattern matching

Systems and methods for rating of signature patterns are provided. According to one embodiment, a frequency of occurrence is determined by a network security system of each of multiple patterns within a pattern database containing a set of candidate patterns from which a set of patterns or sub-patterns thereof will be selected for inclusion within a pre-match list. ... Fortinet Inc

06/29/17 / #20170187684

Detection of undesired computer files using digital certificates

Methods and systems for detecting undesirable computer files based on scanning and analysis of information contained within an associated digital certificate chain are provided. According to one embodiment, a file having associated therewith a certificate chain is received. ... Fortinet Inc

06/29/17 / #20170187683

Filtering hidden data embedded in media files

Systems and methods for filtering unsafe content by a network security device are provided. According to one embodiment, a network security device captures network traffic and extracts a media file from the network traffic. ... Fortinet Inc

06/29/17 / #20170187680

Systems and methods for passing network traffic content

A method for transmitting content data includes receiving content data, and passing at least a portion of the content data based on a size of the received content data. A method for transmitting content data includes receiving content data, and passing at least a portion of the content data based on a prescribed rate. ... Fortinet Inc

06/29/17 / #20170185799

Pattern matching for data leak prevention

Systems and methods for preprocessing data to facilitate dlp pattern matching are provided. An input string is received by a data leak prevention (dlp) system. ... Fortinet Inc

06/22/17 / #20170180428

Policy-based configuration of internet protocol security for a virtual private network

A method for performing policy-based configuration of ipsec for a vpn is provided. According to one embodiment, a request for a vpn connection to be established between a network device and a peer network device is received by the network device from the peer network device. ... Fortinet Inc

06/22/17 / #20170180415

Two-stage hash based logic for application layer distributed denial of service (ddos) attack attribution

Methods and systems for a two-stage attribution of application layer ddos attack are provided. In a first table just a hash index is maintained whereas the second stage table keeps the string parameter corresponding to the application layer attribute under attack. ... Fortinet Inc

06/22/17 / #20170180323

System and method for securing virtualized networks

Systems and methods for securing a dynamic virtualized network are provided. According to one embodiment, a network policy of a dynamic virtualized network is received by an sdn controller of the dynamic virtualized network. ... Fortinet Inc

06/22/17 / #20170180315

Network interface card rate limiting

Systems and methods for limiting the rate of packet transmission from a nic to a host cpu are provided. According to one embodiment, data packets are received from a network by the nic. ... Fortinet Inc

06/08/17 / #20170163758

Http proxy

Systems and methods for translating between an older version of http and a newer version of http are provided. According to an embodiment, a first request message, compliant with the newer version and directed to a server that supports the older version but does not support the newer version, is received by the proxy from a client that supports the newer version. ... Fortinet Inc

06/08/17 / #20170163674

Security threat detection

Systems and methods for retrospective scanning of network traffic logs for missed threats using updated scan engines are provided. According to an embodiment, a network security device maintains a network traffic log that includes information associated with network activities observed within a private network. ... Fortinet Inc

06/08/17 / #20170163673

Presentation of threat history associated with network activity

Methods and systems for extracting, processing, displaying, and analyzing events that are associated with one or more threats are provided. According to one embodiment, threat information, including information from one or more of firewall logs and historical threat logs, is maintained in a database. ... Fortinet Inc

06/08/17 / #20170163662

Direct cache access for network input/output devices

Methods and systems for improving efficiency of direct cache access (dca) are provided. According to one embodiment, a set of dca control settings are defined by a network interface controller (nic) of a network security device for each of multiple i/o device queues. ... Fortinet Inc

06/08/17 / #20170163606

Firewall policy management

Methods and systems are provided for creation and implementation of firewall policies. According to one embodiment, a firewall maintains a log of observed network traffic flows. ... Fortinet Inc

06/08/17 / #20170163601

Mobile hotspot managed by access controller

Systems and methods are described for a mobile hotspot that can be managed by an access controller. According to an embodiment, a wan connection is established by a mobile hotspot through a telecommunication data network via a wireless wan module. ... Fortinet Inc

05/11/17 / #20170134257

Application control

Systems and methods for controlling applications on a network are provided. According to one embodiment, a network security device detects a suspect application protocol used in connection with network traffic exchanged between a source peer and a destination peer. ... Fortinet Inc

05/04/17 / #20170126713

Calculating consecutive matches using parallel computing

Methods and systems for determining consecutive matches are provided. According to one embodiment, a class definition and a data stream are received by a network security device. ... Fortinet Inc

04/20/17 / #20170111397

System and method for software defined behavioral ddos attack mitigation

Systems and methods for software defined behavioral ddos attack mitigation are provided. According to one embodiment, a method is provided for controlling multiple distributed denial of service (ddos) mitigation appliances. ... Fortinet Inc

04/20/17 / #20170111319

Examining and controlling ipv6 extension headers

Methods and systems for selectively blocking, allowing and/or reformatting ipv6 headers by traversing devices are provided. According to one embodiment, reputation information regarding observed senders of internet protocol (ip) version 6 (ipv6) packets and packet fragments is maintained by a traversing device based on conformity or nonconformity of extension headers contained within the ipv6 packets with respect to a set of security checks performed by the traversing device. ... Fortinet Inc

04/13/17 / #20170104837

Facilitating content accessibility via different communication formats

Methods and systems for facilitating content accessibility via different communication formats are provided. According to one embodiment, information indicative of one or more communication formats via which a client device is capable of communication is stored on a client device by (i) sending the client device a web page having embedded therein test content associated with a first protocol stack and/or a second protocol stack; and (ii) based on a response to the test content received from the client device, determining communication capabilities of the client device. ... Fortinet Inc

04/13/17 / #20170104638

Identifying nodes in a ring network

Methods and systems for determining a token master on a ring network are provided. According to one embodiment, a ring controller of a first blade participating in the ring network receives an indication that an arbitration token originated by an originating blade has been received. ... Fortinet Inc

04/06/17 / #20170098096

Secure cloud storage distribution and aggregation

Methods and systems for vendor independent and secure cloud storage distribution and aggregation are provided. According to one embodiment, an application programming interface (api) is provided by a cloud storage gateway device logically interposed between third-party cloud storage platforms and users of an enterprise. ... Fortinet Inc

03/30/17 / #20170094595

Power saving in wi-fi devices utilizing bluetooth

The present description provides methods, computer program products, and systems for saving power in wi-fi devices utilizing bluetooth. A wi-fi radio transitions to deep sleep mode from active mode while a bluetooth radio remains active. ... Fortinet Inc

03/30/17 / #20170093917

Centralized management and enforcement of online behavioral tracking policies

Systems and methods for manipulating online behavioral tracking policies are provided. According to one embodiment, a hypertext transfer protocol (http) response transmitted from a web server to a client is captured by a network security device. ... Fortinet Inc

03/30/17 / #20170093808

Tunnel interface for securing traffic over a network

Methods and systems for a flexible, scalable hardware and software platform that allows a managed security service provider to easily provide security services to multiple customers are provided. According to one embodiment, a method is provided for delivering customized network services to subscribers of the service provider. ... Fortinet Inc

03/30/17 / #20170093796

Inline inspection of security protocols

Systems and methods for inline security protocol inspection are provided. According to one embodiment, a security device receives an encrypted packet from a first network appliance and buffers the encrypted packet in a buffer. ... Fortinet Inc

03/23/17 / #20170086121

Directed station roaming in cloud managed wi-fi network

Directing station roaming in a cloud-managed wi-fi network. Management messages are received from a controller that is located remotely from the wi-fi communication network by an access point. ... Fortinet Inc

03/09/17 / #20170071006

Steering connection requests for an access point to a best-serving access point

Network devices are steered to preferred access points using a probability function. A probe request for connection is received from a network device. ... Fortinet Inc

03/09/17 / #20170070907

Self-provisioning of a wireless communication network using coordination of data plane behavior to steer stations to preferred access points

A wireless communication network is self-provisioned using coordination of data plane behavior to steer stations to preferred access points. To do so, a policy concerning traffic flow for the wireless communication network is received. ... Fortinet Inc

03/02/17 / #20170063883

Metadata information based file processing

Methods and systems for network level file processing based on metadata information retrieved from a file are provided. According to one embodiment, a file is received by a network security appliance. ... Fortinet Inc

03/02/17 / #20170063803

Firewall interface configuration to enable bi-directional voip traversal communications

Methods and systems for an intelligent network protection gateway (npg) and network architecture are provided. According to one embodiment, a firewall provides network-layer protection to hosts of a private network against unauthorized access by hosts of an external network by performing network address translation (nat) processing of internet protocol (ip) addresses. ... Fortinet Inc

03/02/17 / #20170063796

Interface groups for rule-based network security

Systems and methods for designating interfaces of a network security appliance as source/destination interfaces in connection with defining a security rule are provided. According to one embodiment, a security rule configuration interface is displayed through which a network administrator can specify parameters of security rules to be applied to traffic attempting to traverse the network security appliance. ... Fortinet Inc

03/02/17 / #20170063790

Data leak protection

Methods and systems for data leak prevention (dlp) in an enterprise network are provided. According to one embodiment, a network security device maintains a filter database containing multiple filtering rules. ... Fortinet Inc

03/02/17 / #20170063557

Detection of fraudulent certificate authority certificates

Systems and methods for verifying a certificate authority are provided. According to one embodiment, a network security device intercepts a session between a client and a server, wherein a secure channel is requested to be established between the client and the server in the session. ... Fortinet Inc

03/02/17 / #20170061141

Secure cloud storage distribution and aggregation

Methods and systems for secure cloud storage are provided. According to one embodiment, a gateway maintains multiple cryptographic keys. ... Fortinet Inc

02/23/17 / #20170054743

Detecting network traffic content

A device for detecting network traffic content is provided. The device includes a memory configured for storing one or more signatures, each of the one or more signatures associated with content desired to be detected, and 5 defined by one or more predicates. ... Fortinet Inc

02/23/17 / #20170054290

Polarity recognition and swapping for dc powered devices

A system for recognizing and swapping polarity for dc powered devices that includes a polarity detection module that is configured to identify polarity of dc power input, and further configured to send an output to a controller based on identification of polarity of the dc power input. The system includes a power switch array that is operatively coupled with the controller, and wherein the controller, based on the output, can set one or more switches of the power switch array for executing polarity switching.. ... Fortinet Inc

02/16/17 / #20170048195

Security information and event management

Systems and methods are described for conducting work flows by an siem device to carry out a complex task automatically. According to one embodiment, an siem device may create a work flow that includes multiple security tasks that are performed by one or more security devices. ... Fortinet Inc

02/09/17 / #20170041428

Cache management based on factors relating to replacement cost of data

Systems and methods for a cache replacement policy that takes into consideration factors relating to the replacement cost of currently cached data and/or the replacement cost of requested data. According to one embodiment, a request for data is received by a network device. ... Fortinet Inc

02/09/17 / #20170041348

Context-aware pattern matching accelerator

Methods and systems for improving accuracy, speed, and efficiency of context-aware pattern matching are provided. According to one embodiment, a packet stream is received by a first stage of a cpmp hardware accelerator of a network device. ... Fortinet Inc

02/09/17 / #20170039117

High-availability cluster architecture and protocol

Methods and systems are provided for an improved cluster-based network architecture. According to one embodiment, an active connection is established between a first interface of a network device and an enabled interface of a first cluster unit of a high availability (ha) cluster. ... Fortinet Inc

02/02/17 / #20170034190

Providing security in a communication network

Systems and methods for optimizing system resources by selectively enabling various scanning functions relating to user traffic streams based on the level of trust associated with the destination are provided. According to one embodiment, a network security device within an enterprise network receives an application protocol request directed to an external network that is originated by a client device associated with the enterprise network. ... Fortinet Inc

01/26/17 / #20170026408

Detection of spoof attacks on location broadcasting beacons

Spoof attacks on location based beacons are detected. A stream of beacons (e.g., ibeacons) comprising at least a unique source identifier is generated. ... Fortinet Inc

01/26/17 / #20170026186

Detection of fraudulent digital certificates

Systems and methods for verifying a digital certificate are provided. According to one embodiment, a network security device intercepts a session between a client and a server, wherein a secure channel is requested to be established between the client and the server in the session. ... Fortinet Inc

01/26/17 / #20170026184

Detection of fraudulent digital certificates

Systems and methods for verifying a digital certificate are provided. According to one embodiment, a trusted digital certificate of a server is collect by a network security device from a channel. ... Fortinet Inc

01/12/17 / #20170013077

Managing transfer of data in a data network

A method and apparatus for managing a transfer of data in a data network identifies data associated with a communication session between a first node and a second node in the data network. Further processing of the communication session occurs when a portion of the communication session meets a criterion and the communication session is permitted to continue when the portion of the communication session does not meet the criterion.. ... Fortinet Inc

01/05/17 / #20170006515

Dynamic generation of per-station realm lists for hot spot connections

Per-station realm lists are dynamically generating per-station for hot spot connections to access points by roaming stations. A query for a list of realms is received from a roaming station when connecting to a hot spot. ... Fortinet Inc








ARCHIVE: New 2018 2017 2016 2015 2014 2013 2012 2011 2010 2009



###

This listing is an abstract for educational and research purposes is only meant as a recent sample of applications filed, not a comprehensive history. Freshpatents.com is not affiliated or associated with Fortinet Inc in any way and there may be associated servicemarks. This data is also published to the public by the USPTO and available for free on their website. Note that there may be alternative spellings for Fortinet Inc with additional patents listed. Browse our Agent directory for other possible listings. Page by FreshPatents.com

###