公开(公告)号：US09985931B2

公开(公告)日：2018-05-29

申请号：US15436802

申请日：2017-02-18

Applicant: Fortinet, Inc.

Inventor： Pankajkumar Chechani ,  Sekhar Sumanth Gorajala Chandra

IPC: G06F15/16 ,  H04L29/06 ,  H04W12/08 ,  H04W76/02 ,  H04W84/12

CPC classification number: H04L63/029 ,  H04L63/0272 ,  H04L63/0892 ,  H04L63/102 ,  H04W12/08 ,  H04W76/11 ,  H04W76/12 ,  H04W76/14 ,  H04W76/15 ,  H04W84/12 ,  H04W88/08

Abstract: Systems and methods are described for a mobile hotspot that can be managed by an access controller. According to an embodiment, a WAN connection is established by a mobile hotspot through a telecommunication data network via a wireless WAN module. When in a first mode, the mobile hotspot: (i) sets up a secure tunnel through the WAN connection with an AC of the enterprise that manages APs of a wireless network of an enterprise; (ii) broadcasts an SSID that is also broadcast by the APs; (iii) establishes a WLAN connection with a WiFi-enabled device based on an AP profile containing (a) authentication information regarding users approved to access the wireless network and (b) information identifying the SSID; (iv) receives WLAN traffic from the WiFi-enabled device through the WLAN connection; and (v) transmits the WLAN traffic to a server of the enterprise via the secure tunnel and the AC.

公开(公告)号：US20170366575A1

公开(公告)日：2017-12-21

申请号：US15184749

申请日：2016-06-16

Applicant: Fortinet, Inc.

Inventor： Shashidhar Reddy Polepalli ,  Pankajkumar Chechani

IPC: H04L29/06 ,  H04W24/08 ,  H04L12/801 ,  H04W36/16

CPC classification number: H04L63/1458 ,  H04L47/11 ,  H04L47/12 ,  H04L63/1416 ,  H04W36/165

Abstract: Systems and methods for managing data usage of a cellular modem during DoS/DDoS attacks are provided. According to one embodiment, a network security device of a private network detects a DoS attack in network traffic going through the network security device and determines whether the DoS attack is being transmitted through a cellular modem of a cellular data network. The network security device reduces data usage of the cellular modem when the DoS attack is detected and the DoS attack being is transmitted through the cellular modem.

公开(公告)号：US20160094515A1

公开(公告)日：2016-03-31

申请号：US14669682

申请日：2015-03-26

Applicant: Fortinet, Inc.

Inventor： Pankajkumar Chechani ,  Sekhar Sumanth Gorajala Chandra

IPC: H04L29/06 ,  H04W12/08 ,  H04W76/02

CPC classification number: H04L63/029 ,  H04L63/0272 ,  H04L63/0892 ,  H04L63/102 ,  H04W12/08 ,  H04W76/11 ,  H04W76/12 ,  H04W76/14 ,  H04W76/15 ,  H04W84/12 ,  H04W88/08

Abstract: Systems and methods are described for a mobile hotspot that can be managed from an access controller. According to an embodiment, a mobile establishes a wide area network (WAN) connection through a wireless WAN module and establishes a wireless local area network (WLAN) connection with a wireless fidelity (WiFi)-enabled device using a first wireless access point (AP) profile, wherein the first AP profile is also used for multiple APs of an enterprise that are controlled by an access controller (AC). The mobile hotspot sets up a secure tunnel with the AC through the WAN connection. After receiving WLAN traffic from the WiFi-enabled device through the WLAN connection, the WLAN traffic is transmitted to the AC through the secure tunnel.

Abstract translation: 为可以从访问控制器管理的移动热点描述系统和方法。 根据实施例，移动台通过无线WAN模块建立广域网（WAN）连接，并使用第一无线接入点（AP）建立与使用无线保真（WiFi）的设备的无线局域网（WLAN）连接 ）简档，其中第一AP简档也用于由访问控制器（AC）控制的企业的多个AP。 移动热点通过WAN连接与AC建立安全通道。 WLAN通过WLAN连接接收WLAN流量后，通过安全隧道将WLAN流量传输到AC。

公开(公告)号：US10326737B2

公开(公告)日：2019-06-18

申请号：US15640378

申请日：2017-06-30

Applicant: Fortinet, Inc.

Inventor： Pankajkumar Chechani ,  Sekhar Sumanth Gorajala Chandra

IPC: G06F15/16 ,  H04L29/06 ,  H04W12/08 ,  H04W76/12 ,  H04W76/11 ,  H04W76/15 ,  H04W84/12 ,  H04W76/14 ,  H04W88/08

Abstract: Systems and methods are described for a mobile hotspot that can be managed by an access controller. According to an embodiment, a WAN connection is established by a mobile hotspot through a telecommunication data network via a wireless WAN module. When in a first mode, the mobile hotspot: (i) sets up a secure tunnel through the WAN connection with an AC of the enterprise that manages APs of a wireless network of an enterprise; (ii) broadcasts an SSID that is also broadcast by the APs; (iii) establishes a WLAN connection with a WiFi-enabled device based on an AP profile containing (a) authentication information regarding users approved to access the wireless network and (b) information identifying the SSID; (iv) receives WLAN traffic from the WiFi-enabled device through the WLAN connection; and (v) transmits the WLAN traffic to a server of the enterprise via the secure tunnel and the AC.

公开(公告)号：US20170310640A1

公开(公告)日：2017-10-26

申请号：US15640378

申请日：2017-06-30

Applicant: Fortinet, Inc.

Inventor： Pankajkumar Chechani ,  Sekhar Sumanth Gorajala Chandra

IPC: H04L29/06 ,  H04W84/12 ,  H04W76/02 ,  H04W12/08 ,  H04W88/08

CPC classification number: H04L63/029 ,  H04L63/0272 ,  H04L63/0892 ,  H04L63/102 ,  H04W12/08 ,  H04W76/11 ,  H04W76/12 ,  H04W76/14 ,  H04W76/15 ,  H04W84/12 ,  H04W88/08

Abstract: Systems and methods are described for a mobile hotspot that can be managed by an access controller. According to an embodiment, a WAN connection is established by a mobile hotspot through a telecommunication data network via a wireless WAN module. When in a first mode, the mobile hotspot: (i) sets up a secure tunnel through the WAN connection with an AC of the enterprise that manages APs of a wireless network of an enterprise; (ii) broadcasts an SSID that is also broadcast by the APs; (iii) establishes a WLAN connection with a WiFi-enabled device based on an AP profile containing (a) authentication information regarding users approved to access the wireless network and (b) information identifying the SSID; (iv) receives WLAN traffic from the WiFi-enabled device through the WLAN connection; and (v) transmits the WLAN traffic to a server of the enterprise via the secure tunnel and the AC.

公开(公告)号：US09078137B1

公开(公告)日：2015-07-07

申请号：US14498504

申请日：2014-09-26

Applicant: Fortinet, Inc.

Inventor： Pankajkumar Chechani ,  Sekhar Sumanth Gorajala Chandra

IPC: G06F15/16 ,  H04W12/08 ,  H04L29/06 ,  H04W88/12 ,  H04W88/06

CPC classification number: H04L63/029 ,  H04L63/0272 ,  H04L63/0892 ,  H04L63/102 ,  H04W12/08 ,  H04W76/11 ,  H04W76/12 ,  H04W76/14 ,  H04W76/15 ,  H04W84/12 ,  H04W88/08

Abstract: Systems and methods are described for a mobile hotspot that can be managed from an access controller. According to an embodiment, a mobile establishes a wide area network (WAN) connection through a wireless WAN module and establishes a wireless local area network (WLAN) connection with a wireless fidelity (WiFi)-enabled device using a first AP profile, wherein the first AP profile is the same as an AP profile for APs that is controlled by an access controller (AC). The mobile hotspot sets up a security tunnel with the AC through the WAN connection. After receiving WLAN traffic from the WiFi-enabled device through the WLAN connection transmitting, the mobile hotspot routes the WLAN traffic to the AC through the security tunnel.

Abstract translation: 为可以从访问控制器管理的移动热点描述系统和方法。 根据实施例，移动台通过无线WAN模块建立广域网（WAN）连接，并使用第一AP配置文件与使用无线保真（WiFi）的设备建立无线局域网（WLAN）连接，其中， 第一AP配置文件与由访问控制器（AC）控制的AP的AP配置文件相同。 移动热点通过WAN连接与AC建立安全通道。 WLAN通过WLAN连接发送接收WLAN流量后，移动热点通过安全隧道将WLAN流量路由到AC。

公开(公告)号：US10171506B2

公开(公告)日：2019-01-01

申请号：US15075819

申请日：2016-03-21

Applicant: Fortinet, Inc.

Inventor： Pankajkumar Chechani

IPC: H04L29/06 ,  H04L29/08

Abstract: Systems and methods for managing users' local security policies based on social media network information are provided. According to one embodiment, a network security appliance of a private network receives authentication request from a client machine and provides a social login interface of a social media network to the client machine. After a user of the client machine is authenticated by the social media network through a personal social media network account of the user, the network security appliance receives an authentication and a user profile of the user from the social media network. The network security appliance extracts social relationship information from the user profile and determines a local network security policy for the user based on the social relationship information.

公开(公告)号：US10015142B2

公开(公告)日：2018-07-03

申请号：US14669682

申请日：2015-03-26

Applicant: Fortinet, Inc.

Inventor： Pankajkumar Chechani ,  Sekhar Sumanth Gorajala Chandra

IPC: G06F15/16 ,  H04L29/06 ,  H04W12/08 ,  H04W84/12 ,  H04W76/02 ,  H04W88/08

CPC classification number: H04L63/029 ,  H04L63/0272 ,  H04L63/0892 ,  H04L63/102 ,  H04W12/08 ,  H04W76/11 ,  H04W76/12 ,  H04W76/14 ,  H04W76/15 ,  H04W84/12 ,  H04W88/08

Abstract: Systems and methods are described for a mobile hotspot that can be managed from an access controller. According to an embodiment, a mobile establishes a wide area network (WAN) connection through a wireless WAN module and establishes a wireless local area network (WLAN) connection with a wireless fidelity (WiFi)-enabled device using a first wireless access point (AP) profile, wherein the first AP profile is also used for multiple APs of an enterprise that are controlled by an access controller (AC). The mobile hotspot sets up a secure tunnel with the AC through the WAN connection. After receiving WLAN traffic from the WiFi-enabled device through the WLAN connection, the WLAN traffic is transmitted to the AC through the secure tunnel.

公开(公告)号：US20170272468A1

公开(公告)日：2017-09-21

申请号：US15075819

申请日：2016-03-21

Applicant: Fortinet, Inc.

Inventor： Pankajkumar Chechani

IPC: H04L29/06 ,  H04L29/08

CPC classification number: H04L63/20 ,  H04L63/0815 ,  H04L63/102 ,  H04L67/10 ,  H04L67/306 ,  H04L67/42

Abstract: Systems and methods for managing users' local security policies based on social media network information are provided. According to one embodiment, a network security appliance of a private network receives authentication request from a client machine and provides a social login interface of a social media network to the client machine. After a user of the client machine is authenticated by the social media network through a personal social media network account of the user, the network security appliance receives an authentication and a user profile of the user from the social media network. The network security appliance extracts social relationship information from the user profile and determines a local network security policy for the user based on the social relationship information.

公开(公告)号：US10237301B2

公开(公告)日：2019-03-19

申请号：US15184749

申请日：2016-06-16

Applicant: Fortinet, Inc.

Inventor： Shashidhar Reddy Polepalli ,  Pankajkumar Chechani

IPC: G06F11/00 ,  G06F12/14 ,  G06F12/16 ,  G08B23/00 ,  H04L29/06 ,  H04W36/16 ,  H04L12/801

Abstract: Systems and methods for managing data usage of a cellular modem during DoS/DDoS attacks are provided. According to one embodiment, a network security device of a private network detects a DoS attack in network traffic going through the network security device and determines whether the DoS attack is being transmitted through a cellular modem of a cellular data network. The network security device reduces data usage of the cellular modem when the DoS attack is detected and the DoS attack being is transmitted through the cellular modem.