公开(公告)号：US20240187371A1

公开(公告)日：2024-06-06

申请号：US18362072

申请日：2023-07-31

申请人： Palo Alto Networks, Inc.

发明人： Jayant Jain ,  Brian Russell Kean ,  Aditya Srinivasa Ivaturi ,  Mohit Sahni ,  Mingfei Peng

IPC分类号： H04L61/256 ,  H04L61/2592 ,  H04L61/4511

CPC分类号： H04L61/256 ,  H04L61/2592 ,  H04L61/4511 ,  H04L2101/618

摘要： A controller can securely publish an application of a tenant by securely extending a network fabric into the networks of the tenant with virtual private networks and NAT. After a tenant deploys an application into one or more networks of the tenant, the tenant can indicate select applications to publish. The network controller assigns a network address from the routable address space of the network fabric to the application and a network address aggregate to each application connector that will front an instance of the application, which securely extends the network fabric into the tenant network. The network controller configures NAT rules in the network fabric and on the application connector to create a route for traffic of the application through the network fabric to the application instance using a fully qualified domain name assigned to the application without exposing a private network address of the application instance and preserving security of other resource on the tenant network.

公开(公告)号：US11757826B1

公开(公告)日：2023-09-12

申请号：US18060774

申请日：2022-12-01

申请人： Palo Alto Networks, Inc.

发明人： Jayant Jain ,  Brian Russell Kean ,  Aditya Srinivasa Ivaturi ,  Mohit Sahni ,  Mingfei Peng

IPC分类号： H04L61/256 ,  H04L61/2592 ,  H04L61/4511 ,  H04L101/618

CPC分类号： H04L61/256 ,  H04L61/2592 ,  H04L61/4511 ,  H04L2101/618

摘要： A controller can securely publish an application of a tenant by securely extending a network fabric into the networks of the tenant with virtual private networks and NAT. After a tenant deploys an application into one or more networks of the tenant, the tenant can indicate select applications to publish. The network controller assigns a network address from the routable address space of the network fabric to the application and a network address aggregate to each application connector that will front an instance of the application, which securely extends the network fabric into the tenant network. The network controller configures NAT rules in the network fabric and on the application connector to create a route for traffic of the application through the network fabric to the application instance using a fully qualified domain name assigned to the application without exposing a private network address of the application instance and preserving security of other resource on the tenant network.

公开(公告)号：US12126590B2

公开(公告)日：2024-10-22

申请号：US18362072

申请日：2023-07-31

申请人： Palo Alto Networks, Inc.

发明人： Jayant Jain ,  Brian Russell Kean ,  Aditya Srinivasa Ivaturi ,  Mohit Sahni ,  Mingfei Peng

IPC分类号： H04L61/256 ,  H04L61/2592 ,  H04L61/4511 ,  H04L101/618

CPC分类号： H04L61/256 ,  H04L61/2592 ,  H04L61/4511 ,  H04L2101/618

摘要： A controller can securely publish an application of a tenant by securely extending a network fabric into the networks of the tenant with virtual private networks and NAT. After a tenant deploys an application into one or more networks of the tenant, the tenant can indicate select applications to publish. The network controller assigns a network address from the routable address space of the network fabric to the application and a network address aggregate to each application connector that will front an instance of the application, which securely extends the network fabric into the tenant network. The network controller configures NAT rules in the network fabric and on the application connector to create a route for traffic of the application through the network fabric to the application instance using a fully qualified domain name assigned to the application without exposing a private network address of the application instance and preserving security of other resource on the tenant network.

公开(公告)号：US20220337590A1

公开(公告)日：2022-10-20

申请号：US17473549

申请日：2021-09-13

申请人： Palo Alto Networks, Inc.

发明人： Suraj Kumar Jaiswal ,  Krishna Murthy Pokuri ,  Manish Pathak ,  Aditya Srinivasa Ivaturi

IPC分类号： H04L29/06

摘要： Mitigating multiple authentications for a geo-distributed security service is disclosed. A request to access a web service from a client device is received. The request is redirected to a geo-distributed authentication service including a distributed cache for storing a user's authentication authorization. An authorization token included in a distributed authentication cache cookie and uniform resource locator (URL) for the web service to facilitate secure access to the web service from the client device are returned.