Real Time Touch



new TOP 200 Companies filing patents this week

new Companies with the Most Patent Filings (2010+)




Real Time Touch

Similar
Filing Names

Fortinet Inc
Fortinet Inc A Delaware Corporation
Fortinet Inc_20131212
Fortinet Inc_20100114

Fortinet Inc patents


Recent patent applications related to Fortinet Inc. Fortinet Inc is listed as an Agent/Assignee. Note: Fortinet Inc may have other listings under different names/spellings. We're not affiliated with Fortinet Inc, we're just tracking patents.

ARCHIVE: New 2018 2017 2016 2015 2014 2013 2012 2011 2010 2009 | Company Directory "F" | Fortinet Inc-related inventors


Centralized management and enforcement of online privacy policies

Systems and methods for centralized management and enforcement of online privacy policies of a private network are provided. According to one embodiment, existence of private information contained in a data packet originated by a client device of a private network and destined for a server device external to the private... Fortinet Inc

Network processing unit (npu) integrated layer 2 network device for layer 3 offloading

Systems and methods for facilitating offloading of communication sessions from layer 3 network devices are provided. According to one embodiment, session information pertaining to a session capable of being offloaded is received from a layer 3 network device by a layer 2 network device that includes multiple network processing units... Fortinet Inc

Content filtering of remote file-system access protocols

Methods and systems for content filtering of remote file-system access protocols are provided. According to one embodiment, a proxy, implemented within a network gateway device of a private network, monitors remote file-system access protocol sessions involving client computer systems and a server computer system associated with the private network. For... Fortinet Inc

Web page classification based on noise removal

Systems and methods for improving accuracy of web content classification by removing perceived noise are provided. The system receives a Uniform Resource Locator (URL) of a web page that needs to be classified, and parses the web page so as to construct a tree containing a list of tags. Unwanted... Fortinet Inc

Context-aware pattern matching accelerator

Methods and systems for improving accuracy, speed, and efficiency of context-aware pattern matching are provided. According to one embodiment, a packet stream is received by a first stage of a hardware accelerator of a network device. A pre-matching process is performed by the first stage to identify a candidate packet... Fortinet Inc

Operation of a dual instruction pipe virus co-processor

Circuits and methods are provided for detecting, identifying and/or removing undesired content. According to one embodiment, a method for performing content scanning of content objects is provided. A content object that is to be scanned is stored by a general purpose processor to a system memory of the general purpose... Fortinet Inc

Dual-mode processing of cryptographic operations

Systems and methods for dual mode hardware acceleration for cryptographic operations are provided. According to one embodiment, data upon which a cryptographic operation is to be performed is receive by a computer system that includes a host CPU and a cryptographic hardware accelerator. The data is divided into multiple blocks.... Fortinet Inc

Dhcp agent assisted routing and access control

Systems and methods for increasing layer 2 visibility of layer 3 network devices so as to facilitate implementation of device-oriented policy actions by layer 3 network devices are provided. According to one embodiment, unique physical addresses of one or more host devices are retrieved by a dynamic host configuration protocol... Fortinet Inc

Detection of undesired computer files using digital certificates

Methods and systems for detecting undesirable computer files based on scanning and analysis of information contained within an associated digital certificate chain are provided. According to one embodiment, a file having associated therewith a certificate chain is received. A type and structure of the file are identified. A location of... Fortinet Inc

Detecting poisoning attacks of internet of things (iot) location beacons in wireless local area networks (wlans) with silence periods

Poisoning attacks by spoofing location beacons in a WLAN are detected using silence periods. A location beacon identifier is received from a mobile device allegedly within range of a location device transmitting location beacons, along with a timestamp of transmission for each of the location beacons. Also silence periods associated... Fortinet Inc

Classification of top-level domain (tld) websites based on a known website classification

Systems and methods for classification of web sites and/or their corresponding URLs based on a known web site classification are provided. According to one embodiment, a website URL is received that is known to be associated with a particular content classification. A list of candidate domain names including a host... Fortinet Inc

Automatic channel selection in wireless local area network (wlan) controller based deployments

Wi-Fi channels are automatically selected in a WLAN controller based deployment. Scan results received from each of the plurality of access points comprise a list of neighboring access points from the plurality of access points relative to each access point. Responsive to a number of the plurality of access points... Fortinet Inc

Determining validity of location signal combinations for securing unmanned aerial vehicle (uav) navigation

A navigation security module of an unmanned aerial vehicle (UAV) receives a combination of signals from a location technology, each signal comprising at least a signal identification and location data. The combination of signal identifications is processed against known identifications. If the identification is not found, or if the combination... Fortinet Inc

Extension of wi-fi services multicast to a subnet across a wi-fi network using software-defined networking (sdn) to centrally control data plane behavior

Wi-Fi services multicast to a subnet in a software-defined network (SDN) are extended. An SDN controller centrally monitors a data plane of a Wi-Fi network. Advertisements for services within a first subnet by an advertising station are forwarded to the SDN controller. Parameters of the service of the advertising station... Fortinet Inc

Internet protocol security (ipsec) interface configuration and management

Systems and methods for bundling multiple IPsec dialup tunnels into a single IPsec interface are provided. According to one embodiment, an Internet Protocol security (IPsec) interface is configured between a first network device and a second network device, by the first network device and the IPsec interface is associated with... Fortinet Inc

Examining and controlling ipv6 extension headers

Methods and systems for selectively blocking, allowing and/or reformatting IPv6 headers by traversing devices are provided. According to one embodiment, reputation information regarding observed senders of Internet Protocol (IP) version 6 (IPv6) packets and packet fragments is maintained by a traversing device based on conformity or nonconformity of extension headers... Fortinet Inc

Denial-of-service (dos) mitigation based on health of protected network device

Systems and methods for improving the performance of DoS mitigation by monitoring the health of a protected network resource are provided. According to one embodiment, health of a network device protected by DoS mitigation device can be evaluated and packet/traffic received on the DoS mitigation device can be selectively/conditionally forwarded... Fortinet Inc

Denial-of-service (dos) mitigation approach based on connection characteristics

Systems and methods for an improved DDoS mitigation approach are provided. According to one embodiment, a current threshold for a network connection characteristic is established within a Denial-of-Service (DoS) mitigation device logically interposed between a protected resource of a private network and multiple client devices residing external to the private... Fortinet Inc

Data leak protection in upper layer protocols

Methods and systems for Data Leak Prevention (DLP) in a private network are provided. According to one embodiment, a packet is received by a network security device. An upper layer protocol associated with the packet is identified. It is determined whether the identified upper layer protocol is one of multiple... Fortinet Inc

Management of cellular data usage during denial of service (dos) attacks

Systems and methods for managing data usage of a cellular modem during DoS/DDoS attacks are provided. According to one embodiment, a network security device of a private network detects a DoS attack in network traffic going through the network security device and determines whether the DoS attack is being transmitted... Fortinet Inc

Intelligent telephone call routing

Systems and methods for intelligently routing an incoming telephone call to an internal extension based on the calling history are provided. According to one embodiment, a session log, containing information regarding sessions between internal extension numbers and external telephone numbers, is maintained by a call monitor of a telephone system.... Fortinet Inc

Securing internet of things (iot) rf (radio frequency) location tags using source addresses to locate stations on a wi-fi network

RF tags using source addresses to locate stations on a Wi-Fi network are secured. An RF location server receives a pseudo source address of an RF (radio frequency) tag from a station. The station obtains the pseudo source address while being within radio range of the RF tag and the... Fortinet Inc

Policy-based content filtering

Methods and systems for processing application-level content of network service protocols are described. According to one embodiment, a firewall maintains multiple configuration schemes, each defining a set of administrator-configurable content filtering process settings. The firewall also maintains a security policy database including multiple firewall security policies. At least one of... Fortinet Inc

Direct cache access for network input/output devices

Methods and systems for improving efficiency of direct cache access (DCA) are provided. According to one embodiment, a set of DCA control settings are defined by a network interface controller (NIC) of a network security device for each of multiple I/O device queues. The control settings specify portions of network... Fortinet Inc

Systems and methods for detecting undesirable network traffic content

A method of detecting a content desired to be detected includes receiving electronic data at a first host, determining a checksum value using the received electronic data, sending the checksum value to a processing station, the processing station being a second host that is different from the first host, and... Fortinet Inc

Mobile hotspot managed by access controller

Systems and methods are described for a mobile hotspot that can be managed by an access controller. According to an embodiment, a WAN connection is established by a mobile hotspot through a telecommunication data network via a wireless WAN module. When in a first mode, the mobile hotspot: (i) sets... Fortinet Inc

Facilitating content accessibility via different communication formats

Methods and systems for facilitating content accessibility via different communication formats are provided. According to one embodiment, information indicative of one or more communication formats via which a client device is capable of communication is stored on a client device by (i) sending the client device a web page having... Fortinet Inc

Directing clients based on communication format

Methods and systems for redirecting client requests are provided. According to one embodiment, a system includes a processor and a memory coupled to the processor and configured to provide the processor with instructions. A request is received from a client capable of communicating via multiple supported communication formats. The request... Fortinet Inc

Scalable inline behavioral ddos attack mitigation

Methods and systems for a scalable solution to behavioral Distributed Denial of Service (DDoS) attacks targeting a network are provided. According to one embodiment, a method to determine the scaling treatment is provided for various granular layer parameters of the Open System Interconnection (OSI) model for communication systems. A hardware-based... Fortinet Inc

Computerized advanced network content processing

A computerized system and method for processing network content in accordance with at least one content processing rule is provided. According to one embodiment, the network content is received at a first interface. A transmission protocol according to which the received network content is formatted is identified and used to... Fortinet Inc

Deauthenticating and disassociating unauthorized access points with spoofed management frames

A spoofed management frame is sent to an unauthorized access point (AP) on behalf of a station from an authorized AP, using a media access control (MAC) address of the station. The spoofed frame triggers a security association (SA) query from an unauthorized AP to reestablish valid communications. An acknowledgment... Fortinet Inc

Network appliance health monitor

Systems and methods for monitoring failures of network devices and identifying potential sources of the failures by a device health monitor are provided. A device monitor receives a usage log of a network device over a network connection and analyzes an abnormal usage of the network device from the usage... Fortinet Inc

Sandboxing protection for endpoints

Methods and systems for integrating a sandboxing service and distributed threat intelligence within an endpoint security application are provided. According to one embodiment, The method includes file system or operating system activity relating to a file accessible to an endpoint system is monitored by an endpoint security application running on... Fortinet Inc

Filtering of metadata signatures

Systems and methods for high performance IDS/IPS with efficient metadata filtering are provided. According to one embodiment, a signature database of an IDS/IPS is configured with multiple metadata signatures. A pre-match engine identifies a candidate packet of network traffic received by the IDS/IPS for full-feature match processing by: (i) categorizing... Fortinet Inc

Intelligent bridging of wi-fi flows in a software defined network (sdn)

Wi-Fi flows are intelligently bridged in a software-defined network (SDN) controller of a wireless communication network that centrally coordinates data plane behavior. A default mode tunnels packets received at an access point to the SDN controller for layer 2 routing decisions. A bridging policy concerning bridging of specific types of... Fortinet Inc

09/28/17 / #20170279769

Automated creation and use of vpn configuration profiles

Systems and methods for automatically obtaining virtual private network (VPN) connection profile data from a barcode are provided. According to one embodiment, a client security application obtains a barcode, wherein the client security application is installed on a client machine and is used for managing the security of the client... Fortinet Inc

09/28/17 / #20170279795

Secure, automatic second factor user authentication using push services

A network-based multi-factor authentication approach is provided. A request to access a protected network resource and user credentials are received from a client by an application server hosting the resource. Attributes associated with the request are obtained. After determining the credentials are valid, the access attributes are provided to an... Fortinet Inc

09/28/17 / #20170279850

Detecting and preventing flooding attacks in a network environment

A method for processing network traffic data includes receiving a packet, and determining whether the packet is a previously dropped packet that is being retransmitted. A method for processing network traffic content includes receiving a plurality of headers, the plurality of headers having respective first field values, and determining whether... Fortinet Inc

09/28/17 / #20170280368

Directed station roaming in cloud managed wi-fi network

Directing station roaming in a cloud-managed Wi-Fi network. Management messages are received from a controller that is located remotely from the Wi-Fi communication network by an access point. When an RSSI (received signal strength indication) value between the station and the access point falls below a threshold, the access point... Fortinet Inc

09/21/17 / #20170272468

Network security management via social media network

Systems and methods for managing users' local security policies based on social media network information are provided. According to one embodiment, a network security appliance of a private network receives authentication request from a client machine and provides a social login interface of a social media network to the client... Fortinet Inc

09/14/17 / #20170264509

System and dynamic management of network device data

A method and apparatus of a device that dynamically changes how management data is managed in response to events detected in a network system is described. In an exemplary embodiment, the device detects an event occurring in the network system. The device further determines if the event triggers a system... Fortinet Inc

09/14/17 / #20170264638

System and software defined behavioral ddos attack mitigation

Systems and methods for software defined behavioral DDoS attack mitigation are provided. According to one embodiment, a method is provided for mitigating DDoS attacks. A DDoS attack mitigation appliance of multiple mitigation appliances controlled by a DDoS attack mitigation central controller receives DDoS attack mitigation policies through a network connecting... Fortinet Inc

09/14/17 / #20170264646

System and software defined behavioral ddos attack mitigation

Systems and methods for software defined behavioral DDoS attack mitigation are provided. According to one embodiment, a method is provided for controlling multiple distributed denial of service (DDoS) mitigation appliances. A DDoS attack mitigation central controller configures attack mitigation policies for the DDoS attack mitigation appliances. The DDoS attack mitigation... Fortinet Inc

09/07/17 / #20170257422

Managing transmission and storage of sensitive data

Systems and methods for injecting sensitive data into outgoing traffic on behalf of a user of a private network are provided. According to one embodiment, a network security appliance maintains a database of sensitive data. Secure submission of sensitive data of a user is facilitated by the security appliance in... Fortinet Inc

09/07/17 / #20170255532

High-availability cluster architecture and protocol

Methods and systems are provided for an improved cluster-based network architecture. According to one embodiment, an active connection is established between a first interface of a network device and an enabled interface of a first cluster unit of a high availability (HA) cluster. The HA cluster is configured to provide... Fortinet Inc

09/07/17 / #20170255549

Virtualization in a multi-host environment

Methods and systems for implementing improved partitioning and virtualization in a multi-host environment are provided. According to one embodiment, multiple devices, including CPUs and peripherals, coupled with a system via an interconnect matrix/bus are associated with a shared memory logically partitioned into multiple domains. A first domain is associated with... Fortinet Inc

09/07/17 / #20170257347

Filtering hidden data embedded in media files

Systems and methods for filtering unsafe content by a network security device are provided. According to one embodiment, a network security device captures network traffic and extracts a media file from the network traffic. The network security device then determines the presence of a hidden data item embedded in the... Fortinet Inc

09/07/17 / #20170257348

System and integrated header, state, rate and content anomaly prevention for session initiation protocol

Methods and systems for an integrated solution to the rate based denial of service attacks targeting the Session Initiation Protocol are provided. According to one embodiment, header, state, rate and content anomalies are prevented and network policy enforcement is provided for session initiation protocol (SIP). A hardware-based apparatus helps identify... Fortinet Inc

09/07/17 / #20170257422

Managing transmission and storage of sensitive data

Systems and methods for injecting sensitive data into outgoing traffic on behalf of a user of a private network are provided. According to one embodiment, a network security appliance maintains a database of sensitive data. Secure submission of sensitive data of a user is facilitated by the security appliance in... Fortinet Inc

09/07/17 / #20170257463

Configuring initial settings of a network security device via a hand-held computing device

Process, equipment, and computer program product code for configuring a network security device using a hand-held computing device are provided. Default initial settings for a network security device are received by a mobile application running on a hand-held computing device. The default initial settings represent settings that allow the network... Fortinet Inc

08/31/17 / #20170251001

Metadata information based file processing

Methods and systems for network level file processing based on metadata information retrieved from a file are provided. According to one embodiment, a file is received by a network security appliance. Metadata information is extracted from the file. The extracted metadata information is processed based on one or more defined... Fortinet Inc

08/31/17 / #20170251052

Socket application program interface (api) for efficient data transactions

Methods and systems for efficient data transactions between applications running on devices associated with the same host. According to one embodiment, a host system includes an HTTP proxy and an SSL/TLS proxy operatively coupled with each other. The SSL/TLS proxy may be configured to perform SSL negotiation with a client... Fortinet Inc

08/17/17 / #20170237617

Centralized management of access points

Systems and methods are provided for centralized access, control, and management of APs. According to one embodiment, multiple APs of a private IP network are decoupled from potentially transient IP addresses by assigning a unique identifier to each of the multiple APs by an AC. An AC GUI is presented... Fortinet Inc

07/13/17 / #20170201488

Computerized deployment of management tunnels

Methods and systems for deploying management tunnels between managed and managing devices are provided. According to one embodiment, the use of PKI-authenticated serial numbers within network devices manufactured by a particular manufacturer enables one-step provisioning of one or more managed devices. A managed device is provisioned with the serial number... Fortinet Inc

07/06/17 / #20170193231

Efficient data transfer in a virus co-processing system

Circuits and methods are provided for detecting, identifying and/or removing undesired content. According to one embodiment, a processor maintains a page directory and a page table within a system memory for use in connection with translating virtual addresses to physical addresses. Content scanning of a content object is offloaded to... Fortinet Inc

07/06/17 / #20170195207

System and securing virtualized networks

Systems and methods for securing a dynamic virtualized network are provided. According to one embodiment, a network policy of a dynamic virtualized network is received by an SDN controller of the dynamic virtualized network. The network policy includes network policy elements which each identify (i) an authorized endpoint, (ii) a... Fortinet Inc

07/06/17 / #20170195253

Flexible pipeline architecture for multi-table flow processing

Methods and systems for implementing scalable SDN devices having a flexible data path pipeline having multiple flow tables and a hybrid memory approach are provided. According to one embodiment, an SDN switch performs a method of storing a flow table within a memory device most suitable for the type of... Fortinet Inc

07/06/17 / #20170195254

Application based conditional forwarding and load balancing in a software defined networking (sdn) architecture

Systems and methods for an SDN switch that provides application-based conditional forwarding and session-aware load balancing are provided. According to one embodiment, a packet is received at an input port of a Software Defined Networking (SDN) switch. The packet is forwarded by the SDN switch to a first flow processing... Fortinet Inc

07/06/17 / #20170195255

Packet routing using a software-defined networking (sdn) switch

Systems and methods for an SDN switch that facilitates forwarding/differential routing decision determination are provided. A packet is received at an input port of the SDN switch. The switch includes a first and second set of flow processing units (FPUs). The packet is forwarded to a first FPU of the... Fortinet Inc

07/06/17 / #20170195257

Cardinality based packet processing in software-defined networking (sdn) switches

Systems and methods for scalable SDN devices having ports/network interfaces mapped to cardinal flow processing (CFP) units are provided. According to one embodiment, an incoming packet is received, at a software-defined networking (SDN) switch. An ingress port on which the incoming packet was received is determined. A cardinal direction to... Fortinet Inc

07/06/17 / #20170195289

Tunnel interface for securing traffic over a network

Methods and systems for a flexible, scalable hardware and software platform that allows a managed security service provider to easily provide security services to multiple customers are provided. According to one embodiment, a method is provided for delivering customized network services to subscribers of the service provider. A request is... Fortinet Inc

07/06/17 / #20170195292

Sequentially serving network security devices using a software defined networking (sdn) switch

Systems and methods for an SDN switch that provides service group chaining for sequentially serving multiple network security devices are provided. According to one embodiment, a packet received by the switch is processed by a first FPU based on a first set of rules and forwarded conditionally to a first... Fortinet Inc

07/06/17 / #20170195351

Detecting malicious resources in a network based upon active client reputation monitoring

Systems and methods for detecting malicious resources by analyzing communication between multiple resources coupled to a network are provided. According to one embodiment, a method of client reputation monitoring is provided. A monitoring unit executing on a network security device operable to protect a private network observes activities relating to... Fortinet Inc

07/06/17 / #20170195355

Logging attack context data

Methods and systems for improved attack context data logging are provided. According to one embodiment, prior to a logging event being triggered (i) it is determined by a network security device whether a received packet is potentially associated with a threat or undesired activity by analyzing the packet; (ii) when... Fortinet Inc

06/29/17 / #20170185799

Pattern matching for data leak prevention

Systems and methods for preprocessing data to facilitate DLP pattern matching are provided. An input string is received by a Data Leak Prevention (DLP) system. The input string is converted by the DLP system into a fixed string pattern. The conversion is performed based on multiple class definitions, including a... Fortinet Inc

Patent Packs
06/29/17 / #20170187680

Systems and methods for passing network traffic content

A method for transmitting content data includes receiving content data, and passing at least a portion of the content data based on a size of the received content data. A method for transmitting content data includes receiving content data, and passing at least a portion of the content data based... Fortinet Inc

06/29/17 / #20170187683

Filtering hidden data embedded in media files

Systems and methods for filtering unsafe content by a network security device are provided. According to one embodiment, a network security device captures network traffic and extracts a media file from the network traffic. The network security device then determines the presence of a hidden data item embedded in the... Fortinet Inc

06/29/17 / #20170187684

Detection of undesired computer files using digital certificates

Methods and systems for detecting undesirable computer files based on scanning and analysis of information contained within an associated digital certificate chain are provided. According to one embodiment, a file having associated therewith a certificate chain is received. A type and structure of the file are identified. A location of... Fortinet Inc

06/29/17 / #20170187735

Rating of signature patterns for pattern matching

Systems and methods for rating of signature patterns are provided. According to one embodiment, a frequency of occurrence is determined by a network security system of each of multiple patterns within a pattern database containing a set of candidate patterns from which a set of patterns or sub-patterns thereof will... Fortinet Inc

06/29/17 / #20170187738

Systems and methods for categorizing network traffic content

A method for categorizing network traffic content includes determining a first characterization of the network traffic content determining a first probability of accuracy associated with the first characterization, and categorizing the network traffic content based at least in part on the first characterization and the first probability of accuracy. A... Fortinet Inc

06/29/17 / #20170187750

Security configuration file conversion with security policy optimization

Systems and methods for converting a configuration file from a first language into a second language with policy optimization and auditing are provided. According to one embodiment, a network appliance configuration converter parses network security policies of an input configuration file of a first network appliance to intermediate representations. The... Fortinet Inc

06/29/17 / #20170187780

Optimizing multimedia streaming in wlans (wireless local access networks) with a remote sdn (software-defined networking) controller

An SDN controller to provision network resources at a data plane to keep progressive downloads of multimedia files proportional to encoding rates is disclosed. Packets from a new or unknown flow being downloaded at a default rate are forwarded from an access point, or other device, to an SDN controller... Fortinet Inc

06/29/17 / #20170188272

Repurposing protocol messages to facilitate handoff

A control element identifies the possibility that a station will transfer to a destination AP, and prepares that destination for a handoff. The control element repurposes messages from the station which indicate a possible near-term handoff, to prepare access points to receive that handoff. The control element treats a neighbor... Fortinet Inc

06/29/17 / #20170188384

Emulating virtual port control of airtime fairness using per station enhanced distributed channel access (edca) parameters

A technique for emulating virtual port control of airtime fairness for wireless stations using per station Enhanced Distributed Channel Access (EDCA) parameters. Specific parameters are received for each of a plurality of stations connected to the access point. An EDCA field of a beacon that stores a general EDCA parameter... Fortinet Inc

06/22/17 / #20170180315

Network interface card rate limiting

Systems and methods for limiting the rate of packet transmission from a NIC to a host CPU are provided. According to one embodiment, data packets are received from a network by the NIC. The NIC is coupled to a host central processing unit (CPU) of a network security device through... Fortinet Inc

06/22/17 / #20170180323

System and securing virtualized networks

Systems and methods for securing a dynamic virtualized network are provided. According to one embodiment, a network policy of a dynamic virtualized network is received by an SDN controller of the dynamic virtualized network. The network policy includes network policy elements which each identify (i) an authorized endpoint, (ii) a... Fortinet Inc

06/22/17 / #20170180415

Two-stage hash based logic for application layer distributed denial of service (ddos) attack attribution

Methods and systems for a two-stage attribution of application layer DDoS attack are provided. In a first table just a hash index is maintained whereas the second stage table keeps the string parameter corresponding to the application layer attribute under attack. A linked list maintains a plurality of rows if... Fortinet Inc

06/22/17 / #20170180428

Policy-based configuration of internet protocol security for a virtual private network

A method for performing policy-based configuration of IPSec for a VPN is provided. According to one embodiment, a request for a VPN connection to be established between a network device and a peer network device is received by the network device from the peer network device. Responsive to receipt of... Fortinet Inc

06/22/17 / #20170180415

Two-stage hash based logic for application layer distributed denial of service (ddos) attack attribution

Methods and systems for a two-stage attribution of application layer DDoS attack are provided. In a first table just a hash index is maintained whereas the second stage table keeps the string parameter corresponding to the application layer attribute under attack. A linked list maintains a plurality of rows if... Fortinet Inc

06/08/17 / #20170163601

Mobile hotspot managed by access controller

Systems and methods are described for a mobile hotspot that can be managed by an access controller. According to an embodiment, a WAN connection is established by a mobile hotspot through a telecommunication data network via a wireless WAN module. When in a first mode, the mobile hotspot: (i) sets... Fortinet Inc

Patent Packs
06/08/17 / #20170163606

Firewall policy management

Methods and systems are provided for creation and implementation of firewall policies. According to one embodiment, a firewall maintains a log of observed network traffic flows. An administrator may request the firewall to generate a customized report based on the logged network traffic by extracting information from the log based... Fortinet Inc

06/08/17 / #20170163662

Direct cache access for network input/output devices

Methods and systems for improving efficiency of direct cache access (DCA) are provided. According to one embodiment, a set of DCA control settings are defined by a network interface controller (NIC) of a network security device for each of multiple I/O device queues. The control settings specify portions of network... Fortinet Inc

06/08/17 / #20170163673

Presentation of threat history associated with network activity

Methods and systems for extracting, processing, displaying, and analyzing events that are associated with one or more threats are provided. According to one embodiment, threat information, including information from one or more of firewall logs and historical threat logs, is maintained in a database. Information regarding threat filtering parameters is... Fortinet Inc

06/08/17 / #20170163674

Security threat detection

Systems and methods for retrospective scanning of network traffic logs for missed threats using updated scan engines are provided. According to an embodiment, a network security device maintains a network traffic log that includes information associated with network activities observed within a private network. Responsive to an event, the network... Fortinet Inc

06/08/17 / #20170163758

Http proxy

Systems and methods for translating between an older version of HTTP and a newer version of HTTP are provided. According to an embodiment, a first request message, compliant with the newer version and directed to a server that supports the older version but does not support the newer version, is... Fortinet Inc

05/25/17 / #20170149822

System and software defined behavioral ddos attack mitigation

Systems and methods for software defined behavioral DDoS attack mitigation are provided. According to one embodiment, a method is provided for mitigating DDoS attacks. A DDoS attack mitigation appliance of multiple mitigation appliances controlled by a DDoS attack mitigation central controller receives DDoS attack mitigation policies through a network connecting... Fortinet Inc

05/25/17 / #20170150322

Associating position information collected by a mobile device with amanaged network appliance

Systems and methods for obtaining and managing network appliance position information are provided. According to one embodiment, a network appliance controller establishes a network connection with a mobile device. The network appliance controller receives via the network connection from the mobile device identification information associated with a network appliance and... Fortinet Inc

05/11/17 / #20170134257

Application control

Systems and methods for controlling applications on a network are provided. According to one embodiment, a network security device detects a suspect application protocol used in connection with network traffic exchanged between a source peer and a destination peer. The network security device sends a probing request to the destination... Fortinet Inc

05/04/17 / #20170126713

Calculating consecutive matches using parallel computing

Methods and systems for determining consecutive matches are provided. According to one embodiment, a class definition and a data stream are received by a network security device. The data stream is partitioned into multiple data blocks each containing N data segments. Each data block is processed in parallel to compute:... Fortinet Inc

04/20/17 / #20170111319

Examining and controlling ipv6 extension headers

Methods and systems for selectively blocking, allowing and/or reformatting IPv6 headers by traversing devices are provided. According to one embodiment, reputation information regarding observed senders of Internet Protocol (IP) version 6 (IPv6) packets and packet fragments is maintained by a traversing device based on conformity or nonconformity of extension headers... Fortinet Inc

04/20/17 / #20170111397

System and software defined behavioral ddos attack mitigation

Systems and methods for software defined behavioral DDoS attack mitigation are provided. According to one embodiment, a method is provided for controlling multiple distributed denial of service (DDoS) mitigation appliances. A DDoS attack mitigation central controller configures attack mitigation policies for the DDoS attack mitigation appliances. The DDoS attack mitigation... Fortinet Inc

04/13/17 / #20170104638

Identifying nodes in a ring network

Methods and systems for determining a token master on a ring network are provided. According to one embodiment, a ring controller of a first blade participating in the ring network receives an indication that an arbitration token originated by an originating blade has been received. The ring controller compares the... Fortinet Inc

04/13/17 / #20170104837

Facilitating content accessibility via different communication formats

Methods and systems for facilitating content accessibility via different communication formats are provided. According to one embodiment, information indicative of one or more communication formats via which a client device is capable of communication is stored on a client device by (i) sending the client device a web page having... Fortinet Inc

04/06/17 / #20170098096

Secure cloud storage distribution and aggregation

Methods and systems for vendor independent and secure cloud storage distribution and aggregation are provided. According to one embodiment, an application programming interface (API) is provided by a cloud storage gateway device logically interposed between third-party cloud storage platforms and users of an enterprise. The API facilitates storing of files,... Fortinet Inc

03/30/17 / #20170093796

Inline inspection of security protocols

Systems and methods for inline security protocol inspection are provided. According to one embodiment, a security device receives an encrypted packet from a first network appliance and buffers the encrypted packet in a buffer. An inspection module accesses the encrypted packet from the buffer, decrypts the encrypted packet to produce... Fortinet Inc

03/30/17 / #20170093808

Tunnel interface for securing traffic over a network

Methods and systems for a flexible, scalable hardware and software platform that allows a managed security service provider to easily provide security services to multiple customers are provided. According to one embodiment, a method is provided for delivering customized network services to subscribers of the service provider. A request is... Fortinet Inc

03/30/17 / #20170093917

Centralized management and enforcement of online behavioral tracking policies

Systems and methods for manipulating online behavioral tracking policies are provided. According to one embodiment, a hypertext transfer protocol (HTTP) response transmitted from a web server to a client is captured by a network security device. A status of the client is determined by the network security device. An online... Fortinet Inc

03/30/17 / #20170094595

Power saving in wi-fi devices utilizing bluetooth

The present description provides methods, computer program products, and systems for saving power in Wi-Fi devices utilizing Bluetooth. A Wi-Fi radio transitions to deep sleep mode from active mode while a Bluetooth radio remains active. An active Wi-Fi connection to the access point can be maintained by the station while... Fortinet Inc

03/23/17 / #20170086121

Directed station roaming in cloud managed wi-fi network

Directing station roaming in a cloud-managed Wi-Fi network. Management messages are received from a controller that is located remotely from the Wi-Fi communication network by an access point. When an RSSI (received signal strength indication) value between the station and the access point falls below a threshold, the access point... Fortinet Inc

03/09/17 / #20170070907

Self-provisioning of a wireless communication network using coordination of data plane behavior to steer stations to preferred access points

A wireless communication network is self-provisioned using coordination of data plane behavior to steer stations to preferred access points. To do so, a policy concerning traffic flow for the wireless communication network is received. Data plane traffic flow is monitored at each of the plurality of access points distributed around... Fortinet Inc

03/09/17 / #20170071006

Steering connection requests for an access point to a best-serving access point

Network devices are steered to preferred access points using a probability function. A probe request for connection is received from a network device. The probe request can be from a network device attempting to use a wireless network (e.g., a IEEE 802.11-type network or other suitable type of network). A... Fortinet Inc








ARCHIVE: New 2018 2017 2016 2015 2014 2013 2012 2011 2010 2009



###

This listing is an abstract for educational and research purposes is only meant as a recent sample of applications filed, not a comprehensive history. Freshpatents.com is not affiliated or associated with Fortinet Inc in any way and there may be associated servicemarks. This data is also published to the public by the USPTO and available for free on their website. Note that there may be alternative spellings for Fortinet Inc with additional patents listed. Browse our Agent directory for other possible listings. Page by FreshPatents.com

###