-
公开(公告)号:US20240356979A1
公开(公告)日:2024-10-24
申请号:US18620699
申请日:2024-03-28
申请人: ColorTokens Inc.
发明人: Harish Akali , Satyam Tyagi , Wyn Owen , Surya Kollimarla , Rajesh Khazanchi
IPC分类号: H04L9/40
CPC分类号: H04L63/20 , H04L63/0263 , H04L63/1425
摘要: Zero trust and micro-segmentation techniques may be collectively used to enhance network security. To establish, refine, and enforce a zero-trust least-privileged policy, the network may be segmented to put each device of the network into a respective network of one, which forces all network traffic to pass through a zero-trust gatekeeper. The gatekeeper may then monitor and analyze the traffic to establish, refine, and enforce the zero-trust least-privileged policy, which reduces network access to only a limited set of network actions and/or paths. Using the gatekeeper, network traffic may be monitored to progressively establish the policy as well as to continually refine the policy. Recommended actions may be determined based on the analysis of the monitored network traffic and provided to the user to allow user feedback on the communication rules of zero-trust policy.
-
2.发明授权公开(公告)号:US11171928B2
公开(公告)日:2021-11-09
申请号:US16211751
申请日:2018-12-06
申请人: COLORTOKENS, INC.
发明人: Deepak Kumar Mohanty , Ashish Trivedi , Ravi Voleti , Anoop Kapoor , Mritunjay Kumar , Suprio Pal
摘要: In a method of Local Peer to Peer Direct Connection in NAT and overlay network. A request is received from a first peer at a relay gateway to establish a direct connection with a second peer. The first peer and the second peer are located behind a NAT firewall. An authentication request is relayed from the first peer at the relay gateway. The authentication request is forwarded from the relay gateway to the second peer. Upon performing authentication at the second peer, an authentication response is received at the relay gateway. The authentication response is received from the relay gateway at the first peer. An internal route propagation is performed from the second peer to the first peer via the relay gateway. A Local Peer to Peer Direct Connection is established between the first peer and the second peer for packet flow through the direct connection.
-
公开(公告)号:US10958580B2
公开(公告)日:2021-03-23
申请号:US16163532
申请日:2018-10-17
申请人: COLORTOKENS, INC.
IPC分类号: H04L12/803 , H04L29/12 , H04L29/08
摘要: A system and method for performing load balancing over an overlay network is disclosed. The load balancing is performed by a DNS load balancing module communicating to a plurality of computing devices communicatively coupled over the overlay network. The DNS load balancing module calculates and maintains a weighted value of each computing device among the plurality of computing device based on a plurality of parameters. The DNS load balancing module on receiving a DNS lookup request for a resource from a first computing device identifies a list of computing device among the plurality of computing device hosting the requested resource. The DNS load balancing module further performs load balancing by selecting a computing device among a list of computing devices for accessing the resource based on a weighted value calculated.
-
公开(公告)号:US10958556B2
公开(公告)日:2021-03-23
申请号:US16252695
申请日:2019-01-20
申请人: COLORTOKENS, INC.
摘要: A centralized controller for probing and securing vulnerable network resources is disclosed. A list of services hosted by a resource is received at the controller. A request to probe the list of services hosted on the resource is received by the controller. A probe candidate is determined by the controller. The probing is triggered by the controller based on a user scheduled time. The probing includes sending a probe packet that contains a special marker. The controller sends the list of resources to be probed for a set of port and protocol, to the probe candidate. A probe result generated as a result of the probing is received at the controller. The probe result includes vulnerable service information. A policy is computed based on the probe result and is enforced on the probed resources.
-
5.发明授权公开(公告)号:US10992635B2
公开(公告)日:2021-04-27
申请号:US16163527
申请日:2018-10-17
申请人: COLORTOKENS, INC.
IPC分类号: H04J3/16 , H04L29/12 , H04L12/741 , H04L12/66 , H04L29/08
摘要: A system and method for routing data packets between different overlay networks is disclosed. The method includes receiving a DNS lookup request for a resource from a first computing device coupled to a first overlay network. The first overlay network comprises a first edge application gateway. The method includes identifying a second computing device coupled to a second overlay network comprising the resource requested. The second overlay network comprises a second edge application gateway. The method further includes identifying a third overlay network. The data packets generated at, the first computing device is transferred to the first edge application gateway. The data packets are then transmitted from the first edge application gateway and the second edge application gateway over the third overlay network. Further, the data packets are transferred from the second edge application gateway to the second computing device thereby establishing communication between computing devices in different overlay network.
-
公开(公告)号:US10965651B2
公开(公告)日:2021-03-30
申请号:US15848983
申请日:2017-12-20
申请人: ColorTokens, Inc.
发明人: Anoop Kapoor , Ryan Farjadi , Pankaj Parekh , Ashish Trivedi , Satyam Tyagi , Harish Magganmane , Deepak Mohanty , Ravi Voleti
摘要: Described herein are systems, methods, and software to enhance secure communications between computing systems. In one implementation, a private domain name system (DNS) receives a DNS lookup request from a computing system of a plurality of computing systems associated with a private communication group, and forwards the DNS lookup request to a public DNS. The private DNS further receives a public address associated with the DNS lookup request from the public DNS, translates the public address to a private address, and transfers the private address to the requesting computing system.
-
公开(公告)号:US20210051178A1
公开(公告)日:2021-02-18
申请号:US16541528
申请日:2019-08-15
申请人: COLORTOKENS, INC.
发明人: JAYARAGHAVENDRAN KUPPANNAN , Deepak Kushwaha , Binjith Payyappatt Satheendran , Ramprasath Rajagopalan
IPC分类号: H04L29/06 , H04L12/851
摘要: A method and a system for automatically managing security policies at multiple resources are provided. A policy management engine receives and deploys a security policy configured for each resource with one or more configuration parameters on a security component of each resource. The policy management engine determines modifications made to the security policy at a corresponding resource and automatically corrects the security policy at the corresponding resource. The policy management engine generates and renders a notification including the security policy, the modifications, and detailed information of the modifications and the automatic correction of the security policy to an administrator device. The detailed information includes a description, a type, a timestamp, number of instances, etc., of each modification, volume and type of traffic flow incurred due to the modifications, historical modification information, a timestamp and a status of the automatic correction, historical correction information, a resource identification, event information, etc.
-
公开(公告)号:US20210026871A1
公开(公告)日:2021-01-28
申请号:US16521362
申请日:2019-07-24
申请人: COLORTOKENS, INC.
IPC分类号: G06F16/28 , G06F8/61 , G06F16/2457
摘要: A method and system to illuminate data related to an application, has been described. Initially a data analyzer at an application is installed. Next the installed data analyzer analyzes the data related to the application. Finally based on the analysis, the data is categorized in one or more of a plurality of categories.
-
公开(公告)号:US10572393B2
公开(公告)日:2020-02-25
申请号:US15164558
申请日:2016-05-25
申请人: ColorTokens, Inc.
发明人: Mark Medovich , Rajesh Parekh , Bharat Sastri
IPC分类号: G06F12/00 , G06F12/1072 , H04L29/08 , H04L29/06
摘要: Techniques to facilitate enhanced addressing of local and network resources from a computing system are provided herein. In one implementation, a method of configuring an object memory management unit (OMMU) for a computing system includes transferring a request to at least one network configuration resource for OMMU configuration information, and receiving the OMMU configuration information from the at least one network resource. The method further comprises, based on the OMMU configuration information, generating a mapping of virtual addresses in the computing system to local addresses that address local resource of the computing system and network addresses that address network resources external to the computing system over at least a network.
-
公开(公告)号:US10554633B2
公开(公告)日:2020-02-04
申请号:US15708421
申请日:2017-09-19
申请人: ColorTokens, Inc.
发明人: Harish Magganmane , Ravi Voleti , Ashish Trivedi , Deepak Mohanty , Charles Kuta , Anoop Kapoor , Pankaj Parekh
摘要: Described herein are systems, methods, and software to enhance secure communications between computing systems. In one implementation, a communication service identifies a communication request for a first application on a first computing system to transfer data to a second application on a second computing system. In response to the request, the communication service generates a packet, wherein the packet includes an encrypted portion for the data and private addressing associated with the first and second applications, and an unencrypted portion for group identifier information and public addressing information. Once the packet is generated, the packet is transferred to the second computing system.
-
-
-
-
-
-
-
-
-
搜索结果
38 条记录 (耗时 0.015 秒)
