公开(公告)号：US11323474B1

公开(公告)日：2022-05-03

申请号：US17387615

申请日：2021-07-28

申请人： Airgap Networks Inc.

发明人： Ritesh R. Agrawal ,  Vinay Adavi ,  Satish M. Mohan

IPC分类号： H04L29/06 ,  H04L12/46

摘要： A technique to stop lateral movement of ransomware between endpoints in a VLAN is disclosed. A security appliance is set as the default gateway for intra-LAN communication. Message traffic from compromised endpoints is detected. Attributes of ransomware may be detected in the message traffic, as well as attempts to circumvent the security appliance. Compromised devices may be quarantined.

公开(公告)号：US11916957B1

公开(公告)日：2024-02-27

申请号：US18064177

申请日：2022-12-09

申请人： Airgap Networks Inc.

发明人： Raymond Wing Chon Cheh ,  Chia Chi Cheng ,  Satish M. Mohan ,  Ritesh R. Agrawal ,  Vinay Adavi

IPC分类号： H04L9/40 ,  H04L12/46

CPC分类号： H04L63/1466 ,  H04L12/4641 ,  H04L63/1416

摘要： A technique to stop lateral movement of ransomware between endpoints in a VLAN is disclosed. A security appliance is set as the default gateway for intra-LAN communication by overwriting the DHCP responses. Message traffic from compromised endpoints is detected. Attributes of ransomware may be detected in the message traffic, as well as attempts to circumvent the security appliance. Compromised devices may be quarantined. Additionally, the DHCP address assignment may be policed to ensure accuracy and correctness to provide an additional layer of security.

公开(公告)号：US11979431B1

公开(公告)日：2024-05-07

申请号：US18357338

申请日：2023-07-24

申请人： Airgap Networks Inc.

发明人： Ritesh R. Agrawal ,  Vinay Adavi ,  Satish M. Mohan

IPC分类号： H04L29/06 ,  H04L9/40

CPC分类号： H04L63/1466 ,  H04L63/0281

摘要： A technique to improve security for a VLAN is disclosed. A security appliance is set as the gateway for intra-LAN communication. Message traffic is analyzed and anomalies are detected relative to normal message traffic that correspond to device health problems that may require service by a field technician. A network switch may be configured to drop certain types of Address Resolution Protocol messages from selected ports to aid in setting a security appliance as the gateway.

公开(公告)号：US11757933B1

公开(公告)日：2023-09-12

申请号：US17888370

申请日：2022-08-15

申请人： Airgap Networks Inc.

发明人： Ritesh R. Agrawal ,  Vinay Adavi ,  Satish M. Mohan

IPC分类号： H04L9/40 ,  H04L12/46

CPC分类号： H04L63/1466 ,  H04L12/4641 ,  H04L63/1416

摘要： An extended enterprise browser provides protection from ransomware attacks against SaaS and private enterprise application. In one implementation, the extended enterprise browser supports at least two different endpoint security certificates. A selection of the endpoint security certificate is made based on a ransomware risk level posture. Various factors may be used to determine the ransomware risk level posture to aid preventing ransomware attacks.

公开(公告)号：US11736520B1

公开(公告)日：2023-08-22

申请号：US17888380

申请日：2022-08-15

申请人： Airgap Networks Inc.

发明人： Ritesh R. Agrawal ,  Vinay Adavi ,  Satish M. Mohan

IPC分类号： H04L9/40 ,  H04L12/46

CPC分类号： H04L63/1466 ,  H04L12/4641 ,  H04L63/1416

摘要： A system and method for ransomware protection includes an extended browser in an endpoint device. The extended browser selects a certificate for user authentication with an identity provider based on the enterprise ransomware threat level. The selection of the certification may be used to aid in providing protection from ransomware attacks of SaaS and private enterprise applications. The endpoint device may be part of a larger VLAN environment in which endpoint devices are deployed under a default gateway with point-to-point links.

公开(公告)号：US11711396B1

公开(公告)日：2023-07-25

申请号：US17888387

申请日：2022-08-15

申请人： Airgap Networks Inc.

发明人： Ritesh R. Agrawal ,  Vinay Adavi ,  Satish M. Mohan

IPC分类号： H04L29/06 ,  H04L9/40 ,  H04L12/46

CPC分类号： H04L63/1466 ,  H04L12/4641 ,  H04L63/1416

摘要： An extended enterprise browser installed on an endpoint device provides protection from ransomware attacks to SaaS and private enterprise applications. The extended enterprise browser monitors for alternate browser installed on the endpoint device. The extended enterprise browser may take one or more actions to block the spread of ransomware by the alternate browser.

公开(公告)号：US12058171B1

公开(公告)日：2024-08-06

申请号：US18498182

申请日：2023-10-31

申请人： AIRGAP NETWORKS INC.

发明人： Ritesh R. Agrawal ,  Vinay Adavi ,  Satish M. Mohan ,  Balireddy Ramesh Kumar Reddy

IPC分类号： H04L9/40 ,  H04L12/46

CPC分类号： H04L63/1466 ,  H04L12/4641 ,  H04L63/1416

摘要： A technique to stop lateral movement of ransomware between endpoints in a VLAN is disclosed. A security appliance is set as the default gateway for intra-LAN communication. Message traffic from compromised endpoints is detected. Attributes of ransomware may be detected in the message traffic, as well as attempts to circumvent the security appliance. Compromised devices may be quarantined. A disposable jump box may be utilized to provide an additional layer of protection against ransomware.

公开(公告)号：US12057969B1

公开(公告)日：2024-08-06

申请号：US18529647

申请日：2023-12-05

申请人： AIRGAP NETWORKS INC.

发明人： Ritesh R. Agrawal ,  Vinay Adavi ,  Satish M. Mohan

IPC分类号： H04L12/46 ,  H04L47/125 ,  H04L67/1023 ,  H04L67/1036 ,  H04L69/40

CPC分类号： H04L12/4641 ,  H04L47/125 ,  H04L67/1023 ,  H04L67/1036 ,  H04L69/40

摘要： A technique to stop lateral movement of ransomware between endpoints in a VLAN is disclosed. A security appliance is set as the default gateway for intra-LAN communication by overwriting the DHCP responses. A high availability cluster of the gateways is utilized to distribute traffic and implement load balancing amongst the gateways.

公开(公告)号：US12010141B1

公开(公告)日：2024-06-11

申请号：US18349848

申请日：2023-07-10

申请人： Airgap Networks Inc.

发明人： Lokesh Mogra ,  Balireddy Ramesh Kumar Reddy ,  Satish M. Mohan ,  Vinay Adavi ,  Ritesh R. Agrawal

IPC分类号： H04L9/40 ,  H04L12/46

CPC分类号： H04L63/1466 ,  H04L12/4641 ,  H04L63/1416

摘要： A technique to improve security for a VLAN is disclosed. A security appliance is set as the default gateway for intra-LAN communication. Message traffic is analyzed and anomalies are detected relative to normal message traffic that correspond to device health problems that may require service by a field technician. Access to a cloud-based resource may be further protected by enforcing user-based access policies.

公开(公告)号：US11757934B1

公开(公告)日：2023-09-12

申请号：US17888422

申请日：2022-08-15

申请人： Airgap Networks Inc.

发明人： Ritesh R. Agrawal ,  Vinay Adavi ,  Satish M. Mohan

IPC分类号： H04L9/00 ,  H04L9/40 ,  H04L12/46

CPC分类号： H04L63/1466 ,  H04L12/4641 ,  H04L63/1416

摘要： An extended browser provides additional protection against lateral propagation of ransomware to an endpoint device. The extended browser may monitor for inbound connection requests having access protocols vulnerable to ransomware attacks. The extended browser may select a certificate provided to an identity provider based on the ransomware threat level based at least in part on the detection of connection requests having access protocols vulnerable to ransomware attacks. Access to SaaS or private enterprise application may be limited or denied in response to detecting connection requests having the vulnerable access protocols. The endpoint device may also be part of a VLAN with endpoint device deployed under a default gateway with point-to-point links.