公开(公告)号：US12075249B2

公开(公告)日：2024-08-27

申请号：US17013802

申请日：2020-09-07

申请人： Fortinet, Inc.

发明人： Ravikiran Mahamkali

IPC分类号： H04W12/088 ,  H04L9/40 ,  H04W12/121 ,  H04W28/02 ,  H04W48/02

CPC分类号： H04W12/088 ,  H04L63/0263 ,  H04W12/121 ,  H04W28/0215 ,  H04W48/02

摘要： Application data collected by an IDS (intrusion detection system) on the data communication network and concerning applications executing on stations coupled to the plurality of access points, is received. Additionally, firewall rules for applications from a firewall device coupled to the data communication network and providing firewall services to the plurality of access points, including outbound traffic from the plurality of access points, are received. The firewall rules can be parsed to expose configured actions for applications. A customized application control policy is prepared for each particular application for implementation on the network edge by at least one of the plurality of access points.

公开(公告)号：US20240244086A1

公开(公告)日：2024-07-18

申请号：US18621471

申请日：2024-03-29

申请人： Fortinet, Inc.

发明人： Wenping Luo ,  Robert May ,  Kunal Marwah

IPC分类号： H04L9/40

CPC分类号： H04L63/20 ,  H04L63/0823 ,  H04L63/0272 ,  H04L63/0281

摘要： Various approaches for providing scalable network access processing. In some cases, approaches discussed relate to systems and methods for providing scalable zero trust network access control.

公开(公告)号：US12041065B2

公开(公告)日：2024-07-16

申请号：US16653532

申请日：2019-10-15

申请人： Fortinet, Inc.

发明人： Manuel Nedbal ,  Ratinder Paul Singh Ahuja ,  Sumanth Gangashanaiah

IPC分类号： H04L9/40 ,  H04L43/0882

CPC分类号： H04L63/1416 ,  H04L43/0882

摘要： Systems, methods, and apparatuses enable one or more security microservices to resolve the disparate impact of security exploits to resources within a resource group. When a resource group is determined to be impacted by a security exploit, the one or more security microservices determines whether the members of the resource group are disparately impacted. In response, the one or more security microservices splits the resource group into an impacted resource group and a non-impacted resource group and applies exploit mitigation to the resource group members in the impacted resource group. When the one or more security microservices determine that the resource group members of the split resource group are no longer disparately impacted, the one or more security microservices combine the impacted resource group and the non-impacted resource group back into a single resource group.

公开(公告)号：US20240236125A1

公开(公告)日：2024-07-11

申请号：US18093628

申请日：2023-01-05

申请人： Fortinet, Inc.

发明人： Hector Agustin Cozzetti

IPC分类号： H04L9/40

CPC分类号： H04L63/1425 ,  H04L63/1433 ,  H04L63/205

摘要： Various embodiments provide systems and methods systems and methods for dynamically attracting malicious network behavior.

公开(公告)号：US20240236039A1

公开(公告)日：2024-07-11

申请号：US18093604

申请日：2023-01-05

申请人： Fortinet, Inc.

发明人： Zainul Arif bin Mohamed

IPC分类号： H04L9/40

CPC分类号： H04L63/0227

摘要： Various embodiments provide multi-path traffic filtering devices and methods for using such.

公开(公告)号：US20240224057A1

公开(公告)日：2024-07-04

申请号：US18375049

申请日：2023-09-29

申请人： Fortinet, Inc.

发明人： Vijayakumar Vellaichamy

IPC分类号： H04W16/14 ,  H04L1/00 ,  H04W74/08 ,  H04W74/0816

CPC分类号： H04W16/14 ,  H04L1/0069 ,  H04W74/0816 ,  H04W74/0866

摘要： BSS (basic service set) sharing is enabled on the Wi-Fi 7 access point, wherein the Wi-Fi 7 access point is wirelessly connected to a plurality of stations over the common wireless channel. A puncturing pattern is determined to share spectrum of the common wireless channel between the multiple BSSs. All shared BSSs are advertised in beacons with an EHT field comprising the puncturing pattern and broadcast over the common wireless channel. At least two stations of the plurality of stations are connected over at least two different BSSs of the multiple BSSs. Data frames are transmitted simultaneously to the at least two stations across the at least two different BSSs. A first BSS occupies a first portion of a spectrum and a second BSS occupies a second portion of the spectrum, according to the puncturing pattern.

公开(公告)号：US20240214913A1

公开(公告)日：2024-06-27

申请号：US18088980

申请日：2022-12-27

申请人： Fortinet, Inc.

发明人： Ruchir Mishra ,  Shrikant Gambheer Patil ,  Karthik Vasudevan

IPC分类号： H04W48/16 ,  H04B17/318 ,  H04W12/06

CPC分类号： H04W48/16 ,  H04B17/318 ,  H04W12/06 ,  H04W84/12

摘要： A dynamic radio signal strength indicator (RSSI) connection threshold is determined, with machine learning, based on previous Wi-Fi 6E connection data for the Wi-Fi 6E access point. An authentication request frame (or other type of frame) is received from a Wi-Fi 6E client that received a beacon. The authentication request or other management frame includes an RSSI measurement characterizing signal strength between the Wi-Fi 6E client and the Wi-Fi 6E access point. It is determining whether the RSSI measurement of the authentication request frame satisfies the machine learning RSSI threshold as a minimum signal strength for connections. Responsive to the RSSI measurement not satisfying the RSSI threshold, the connection with the Wi-Fi 6E client is refused.

公开(公告)号：US12003484B2

公开(公告)日：2024-06-04

申请号：US17859162

申请日：2022-07-07

申请人： Fortinet, Inc.

发明人： Jochen Pretli

IPC分类号： H04L9/40 ,  H04L61/256

CPC分类号： H04L63/0245 ,  H04L61/2564 ,  H04L63/0421

摘要： Systems, devices, and methods are discussed for avoiding data thefts in real-time transactions.

公开(公告)号：US11968237B2

公开(公告)日：2024-04-23

申请号：US17710686

申请日：2022-03-31

申请人： Fortinet, Inc.

发明人： Yita Lee ,  Sen Yang ,  Ting Liu

IPC分类号： H04L9/40 ,  H04L45/02 ,  H04L45/42 ,  H04L47/125

CPC分类号： H04L63/20 ,  H04L45/02 ,  H04L45/42 ,  H04L47/125 ,  H04L63/0236 ,  H04L63/029 ,  H04L63/0435

摘要： A processing blade is assigned from the plurality of processing blades to a session of data packets. The load balancing engine manages a session table and an IPsec routing table by updating the session table with a particular security engine card assigned to the session and by updating the IPsec routing table for storing a remote IP address for a particular session. Outbound raw data packets of a particular session are parsed for matching cleartext tuple information prior to IPsec encryption, and inbound encrypted data packets of the particular session are parsed for matching cipher tuple information prior to IPsec decryption. Inbound data packets assigned to the processing blade from the session table are parsed and forwarded to the station.

公开(公告)号：US20240129308A1

公开(公告)日：2024-04-18

申请号：US18396393

申请日：2023-12-26

申请人： Fortinet, Inc.

发明人： EMILIO BORBOLLA GALINDO

IPC分类号： H04L9/40

CPC分类号： H04L63/0876 ,  H04L63/0236 ,  H04L63/0272 ,  H04L63/1433

摘要： Various approaches for securing networks against access from off network devices. In some cases, embodiments discussed relate to systems and methods for identifying potential threats included in a remote network by a network access device prior to requesting access to a known secure network via the remote network.