公开(公告)号：US20220286911A1

公开(公告)日：2022-09-08

申请号：US17491795

申请日：2021-10-01

Applicant: Zscaler, Inc.

Inventor： Nathan Howe ,  Kenneth B. Urquhart

IPC: H04W28/08 ,  H04W28/12 ,  H04L29/06

Abstract: Cloud-based 5G security, implemented in a Multi-Access Edge Compute (MEC) system, includes steps of receiving a request for a workload from User Equipment (UE); determining a type of traffic for the workflow and querying a machine learning engine based on the traffic type; informing the UE of how the workflow should be accessed; and receiving an updated request for the workflow and steering the traffic based on how the workflow should be steered. The steps can include receiving policy updates from a cloud-based system, related to how workloads should be steered.

公开(公告)号：US20230422086A1

公开(公告)日：2023-12-28

申请号：US18339752

申请日：2023-06-22

Applicant: Zscaler, Inc.

Inventor： Kartik Kumar Chatnalli Deshpande Sridhar ,  Arvind Nadendla ,  Kenneth B. Urquhart ,  Subramanian Srinivasan

IPC: H04W28/02 ,  H04W28/20

CPC classification number: H04W28/0268 ,  H04W28/20

Abstract: A method implemented via a cloud-based system for network slicing in a 5G network includes connecting with a device that connects to the 5G network, wherein the cloud-based system includes a plurality of nodes interconnected to one another and including one or more nodes integrated in a user plane of the 5G network; inline monitoring traffic between the device and destinations including any of the Internet, cloud services, private applications, edge compute, Multiaccess Edge Compute (MEC), public/private data centers, and public/private clouds; and enforcing bandwidth control, in the 5G network, to a defined Quality of Service for a slice associated with the device.

公开(公告)号：US20220286854A1

公开(公告)日：2022-09-08

申请号：US17699388

申请日：2022-03-21

Applicant: Zscaler, Inc.

Inventor： Nathan Howe ,  Kenneth B. Urquhart ,  Subramanian Srinivasan ,  Sridhar Kartik Kumar Chatnalli Deshpande ,  Patrick Foxhoven

IPC: H04W12/08 ,  H04W76/10

Abstract: The present disclosure relates to systems and methods for cloud-based 5G security network architectures intelligent steering, workload isolation, identity, and secure edge steering. Specifically, various approaches are described to integrate cloud-based security services into Multiaccess Edge Compute servers (MECs). That is, existing cloud-based security services are in line between a UE and the Internet. The present disclosure includes integrating the cloud-based security services and associated cloud-based system within service provider's MECs. In this manner, a cloud-based security service can be integrated with a service provider's 5G network or a 5G network privately operated by the customer. For example, nodes in a cloud-based system can be collocated within a service provider's network, to provide security functions to 5G users or connected by peering from the cloud-based security service into the 5G service provider's regional communications centers.

公开(公告)号：US12137082B2

公开(公告)日：2024-11-05

申请号：US17491831

申请日：2021-10-01

Applicant: Zscaler, Inc.

Inventor： Nathan Howe ,  Kenneth B. Urquhart

IPC: H04L9/40 ,  H04W28/08 ,  H04W28/12

Abstract: Cloud-based 5G security, implemented in a Multi-Access Edge Compute (MEC) system, includes steps of receiving a request for a workload from User Equipment (UE) via a Radio Access Network (RAN); determining a path to the workload; creating a tunnel to the workload; and steering the request to the workload via the tunnel that is independent of any underlying mobile network for the RAN. The tunnel can be encrypted and used on a per-application and per-session basis.

公开(公告)号：US12010553B2

公开(公告)日：2024-06-11

申请号：US17491795

申请日：2021-10-01

Applicant: Zscaler, Inc.

Inventor： Nathan Howe ,  Kenneth B. Urquhart

IPC: H04W28/08 ,  H04L9/40 ,  H04W28/12

CPC classification number: H04W28/0925 ,  H04L63/0227 ,  H04L63/029 ,  H04L63/1425 ,  H04W28/12

Abstract: Cloud-based 5G security, implemented in a Multi-Access Edge Compute (MEC) system, includes steps of receiving a request for a workload from User Equipment (UE); determining a type of traffic for the workflow and querying a machine learning engine based on the traffic type; informing the UE of how the workflow should be accessed; and receiving an updated request for the workflow and steering the traffic based on how the workflow should be steered. The steps can include receiving policy updates from a cloud-based system, related to how workloads should be steered.

公开(公告)号：US20220286860A1

公开(公告)日：2022-09-08

申请号：US17371408

申请日：2021-07-09

Applicant: Zscaler, Inc.

Inventor： Nathan Howe ,  Kenneth B. Urquhart

IPC: H04W12/37 ,  H04W12/08

Abstract: A Multi-Access Edge Compute (MEC) system includes a plurality of compute resources including one or more processors configured to implement services; wherein the services include any of edge services, routing functions, and hosted services; and wherein the services further include cloud-based security services implemented in the MEC in conjunction with a cloud-based security system that includes a plurality of nodes and offers multi-tenant cloud-based security services, and wherein the cloud-based security services implemented in the MEC are for subscribers of a service provider associated with the MEC.

公开(公告)号：US20220286429A1

公开(公告)日：2022-09-08

申请号：US17491831

申请日：2021-10-01

Applicant: Zscaler, Inc.

Inventor： Nathan Howe ,  Kenneth B. Urquhart

IPC: H04L29/06 ,  H04W28/08 ,  H04W28/12

Abstract: Cloud-based 5G security, implemented in a Multi-Access Edge Compute (MEC) system, includes steps of receiving a request for a workload from User Equipment (UE) via a Radio Access Network (RAN); determining a path to the workload; creating a tunnel to the workload; and steering the request to the workload via the tunnel that is independent of any underlying mobile network for the RAN. The tunnel can be encrypted and used on a per-application and per-session basis.

公开(公告)号：US12177667B2

公开(公告)日：2024-12-24

申请号：US17699388

申请日：2022-03-21

Applicant: Zscaler, Inc.

Inventor： Nathan Howe ,  Kenneth B. Urquhart ,  Subramanian Srinivasan ,  Sridhar Kartik Kumar Chatnalli Deshpande ,  Patrick Foxhoven

IPC: H04W12/37 ,  H04W12/08 ,  H04W76/10

Abstract: The present disclosure relates to systems and methods for cloud-based 5G security network architectures intelligent steering, workload isolation, identity, and secure edge steering. Specifically, various approaches are described to integrate cloud-based security services into Multiaccess Edge Compute servers (MECs). That is, existing cloud-based security services are in line between a UE and the Internet. The present disclosure includes integrating the cloud-based security services and associated cloud-based system within service provider's MECs. In this manner, a cloud-based security service can be integrated with a service provider's 5G network or a 5G network privately operated by the customer. For example, nodes in a cloud-based system can be collocated within a service provider's network, to provide security functions to 5G users or connected by peering from the cloud-based security service into the 5G service provider's regional communications centers.

公开(公告)号：US20240031455A1

公开(公告)日：2024-01-25

申请号：US18366836

申请日：2023-08-08

Applicant: Zscaler, Inc.

Inventor： Arvind Nadendla ,  Kartik Kumar Chatnalli Deshpande Sridhar ,  Subramanian Srinivasan ,  Vipin Kumar ,  Kenneth B. Urquhart ,  Nathan Howe

IPC: H04L69/08 ,  H04L45/645 ,  H04L65/65

CPC classification number: H04L69/08 ,  H04L45/645 ,  H04L65/65

Abstract: The present disclosure relates to systems and methods for in-transit protocol translation. Specifically, various approaches are described for translating protocols for intermediate networks in a way by which there is no need of support for encapsulation/decapsulation at the end hosts and does not require any changes to end hosts or transit networks. Various embodiments include intercepting traffic between one or more source client devices and a transit network; detecting a first communication protocol used by the one or more source client devices in the traffic; translating the traffic from the first communication protocol to a second communication protocol; and forwarding the traffic to the transit network using the second communication protocol.

公开(公告)号：US11765593B2

公开(公告)日：2023-09-19

申请号：US17371408

申请日：2021-07-09

Applicant: Zscaler, Inc.

Inventor： Nathan Howe ,  Kenneth B. Urquhart

IPC: H04W12/37 ,  H04W12/08

CPC classification number: H04W12/37 ,  H04W12/08

Abstract: A Multi-Access Edge Compute (MEC) system includes a plurality of compute resources including one or more processors configured to implement services; wherein the services include any of edge services, routing functions, and hosted services; and wherein the services further include cloud-based security services implemented in the MEC in conjunction with a cloud-based security system that includes a plurality of nodes and offers multi-tenant cloud-based security services, and wherein the cloud-based security services implemented in the MEC are for subscribers of a service provider associated with the MEC.