Patents by Inventor Ananth Raman
Ananth Raman has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20210152521Abstract: Example firewalls disclosed herein populate a first dynamic object of a firewall rule with first information to identify a first updateable set of devices that satisfy a first one of a plurality of conditions associated with the firewall rule, the first information based on first data obtained from an appliance that monitors communication traffic in at least a portion of a network. Disclosed example firewalls also populate a second dynamic object of the firewall rule with second information to identify a second updateable set of devices that satisfy a second one of the conditions associated with the firewall rule, the second information based on second data obtained from a data source different from the appliance. Disclosed example firewalls further apply, based on evaluation of the first dynamic object and the second dynamic object, the firewall rule to first network traffic associated with a first device in communication with the network.Type: ApplicationFiled: January 25, 2021Publication date: May 20, 2021Inventors: Bikram Kumar Gupta, Ananth Raman, Manuel Nedbal, Elanthiraiyan A. Anbalagan
-
Patent number: 10904216Abstract: Example firewalls disclosed herein populate a first dynamic object of a firewall rule with first information to identify a first updateable set of devices that satisfy a first one of a plurality of conditions associated with the firewall rule, the first information based on first data obtained from an appliance that monitors communication traffic in at least a portion of a network. Disclosed example firewalls also populate a second dynamic object of the firewall rule with second information to identify a second updateable set of devices that satisfy a second one of the conditions associated with the firewall rule, the second information based on second data obtained from an external data source. Disclosed example firewalls further determine, based on the first dynamic object and the second dynamic object, whether the firewall rule is to apply to first network traffic associated with a first device in communication with the network.Type: GrantFiled: July 29, 2019Date of Patent: January 26, 2021Assignee: McAfee, LLCInventors: Bikram Kumar Gupta, Ananth Raman, Manuel Nedbal, Elanthiraiyan A. Anbalagan
-
Publication number: 20190349335Abstract: Example firewalls disclosed herein populate a first dynamic object of a firewall rule with first information to identify a first updateable set of devices that satisfy a first one of a plurality of conditions associated with the firewall rule, the first information based on first data obtained from an appliance that monitors communication traffic in at least a portion of a network. Disclosed example firewalls also populate a second dynamic object of the firewall rule with second information to identify a second updateable set of devices that satisfy a second one of the conditions associated with the firewall rule, the second information based on second data obtained from an external data source. Disclosed example firewalls further determine, based on the first dynamic object and the second dynamic object, whether the firewall rule is to apply to first network traffic associated with a first device in communication with the network.Type: ApplicationFiled: July 29, 2019Publication date: November 14, 2019Inventors: Bikram Kumar Gupta, Ananth Raman, Manuel Nedbal, Elanthiraiyan A. Anbalagan
-
Patent number: 10367787Abstract: A firewall provides improved network security by allowing the use of dynamic objects in firewall rules, where the dynamic objects evaluate to a variable set of devices. The dynamic objects may be updated from real-time data sources and non-real time inventories of data. Dynamic objects may be used for either or both of source and destination in a firewall rule. Where the dynamic object includes non-real time data, the dynamic object may be synchronized with the non-real time data inventory on a configurable basis. By using dynamic objects, the firewall can provide flexibility in the rules to allow control over user-owned and controlled devices.Type: GrantFiled: December 20, 2013Date of Patent: July 30, 2019Assignee: McAfee, LLCInventors: Bikram Kumar Gupta, Ananth Raman, Manuel Nedbal, Elanthiraiyan A. Anbalagan
-
Publication number: 20160315911Abstract: A firewall provides improved network security by allowing the use of dynamic objects in firewall rules, where the dynamic objects evaluate to a variable set of devices. The dynamic objects may be updated from real-time data sources and non-real time inventories of data. Dynamic objects may be used for either or both of source and destination in a firewall rule. Where the dynamic object includes non-real time data, the dynamic object may be synchronized with the non-real time data inventory on a configurable basis. By using dynamic objects, the firewall can provide flexibility in the rules to allow control over user-owned and controlled devices.Type: ApplicationFiled: December 20, 2013Publication date: October 27, 2016Inventors: Bikram Kumar GUPTA, Ananth RAMAN, Manuel NEDBAL, Elanthiraiyan A. Anbalagan
-
Patent number: 8640237Abstract: A system, method and computer program product are provided including a router and a security sub-system coupled to the router. Such security sub-system includes a plurality of virtual firewalls, a plurality of virtual intrusion prevention systems (IPSs), and a plurality of virtual virus scanners. Further, each of the virtual firewalls, IPSs, and virus scanners is assigned to at least one of a plurality of user and is configured in a user-specific.Type: GrantFiled: August 8, 2011Date of Patent: January 28, 2014Assignee: McAfee, Inc.Inventors: Steven M. Haeffele, Ramesh M. Gupta, Ananth Raman, Srikant Vissamsetti
-
Patent number: 8555389Abstract: A system, method and computer program product are provided including a router and a security sub-system coupled to the router. Such security sub-system includes a plurality of virtual firewalls, a plurality of virtual intrusion prevention systems (IPSs), and a plurality of virtual virus scanners. Further, each of the virtual firewalls, IPSs, and virus scanners is assigned to at least one of a plurality of user and is configured in a user-specific.Type: GrantFiled: August 8, 2011Date of Patent: October 8, 2013Assignee: McAfee, Inc.Inventors: Steven M. Haeffele, Ramesh M. Gupta, Ananth Raman, Srikant Vissamsetti
-
Publication number: 20110296516Abstract: A system, method and computer program product are provided including a router and a security sub-system coupled to the router. Such security sub-system includes a plurality of virtual firewalls, a plurality of virtual intrusion prevention systems (IPSs), and a plurality of virtual virus scanners. Further, each of the virtual firewalls, IPSs, and virus scanners is assigned to at least one of a plurality of user and is configured in a user-specific.Type: ApplicationFiled: August 8, 2011Publication date: December 1, 2011Inventors: Steven M. Haeffele, Ramesh M. Gupta, Ananth Raman, Srikant Vissamsetti
-
Publication number: 20110296527Abstract: A system, method and computer program product are provided including a router and a security sub-system coupled to the router. Such security sub-system includes a plurality of virtual firewalls, a plurality of virtual intrusion prevention systems (IPSs), and a plurality of virtual virus scanners. Further, each of the virtual firewalls, IPSs, and virus scanners is assigned to at least one of a plurality of user and is configured in a user-specific.Type: ApplicationFiled: August 8, 2011Publication date: December 1, 2011Inventors: Steven M. Haeffele, Ramesh M. Gupta, Ananth Raman, Srikant Vissamsetti
-
Patent number: 8015611Abstract: A system, method and computer program product are provided including a router and a security sub-system coupled to the router. Such security sub-system includes a plurality of virtual firewalls, a plurality of virtual intrusion prevention systems (IPSs), and a plurality of virtual virus scanners. Further, each of the virtual firewalls, IPSs, and virus scanners is assigned to at least one of a plurality of user and is configured in a user-specific.Type: GrantFiled: September 10, 2007Date of Patent: September 6, 2011Assignee: McAfee, Inc.Inventors: Steven M. Haeffele, Ramesh M. Gupta, Ananth Raman, Srikant Vissamsetti
-
Patent number: 7823204Abstract: A method of detecting intrusions on a computer includes the step of identifying an internet protocol field range describing fields within internet protocol packets received by a computer. A connectivity range is also established which describes a distribution of network traffic received by the computer. An internet protocol field threshold and a connectivity threshold are then determined from the internet protocol field range and connectivity range, respectively. During the operation of the computer, values are calculated for the internet protocol field range and connectivity range. These values are compared to the internet protocol metric threshold and connectivity metric threshold so as to identify an intrusion on the computer.Type: GrantFiled: January 13, 2006Date of Patent: October 26, 2010Assignee: McAfee, Inc.Inventors: Ramesh M. Gupta, Parveen K. Jain, Keith E. Amidon, Fengmin Gong, Srikant Vissamsetti, Steve M. Haeffele, Ananth Raman
-
Patent number: 7624444Abstract: A method of detecting intrusions on a computer includes the step of identifying an internet protocol field range describing fields within internet protocol packets received by a computer. A connectivity range is also established which describes a distribution of network traffic received by the computer. An internet protocol field threshold and a connectivity threshold are then determined from the internet protocol field range and connectivity range, respectively. During the operation of the computer, values are calculated for the internet protocol field range and connectivity range. These values are compared to the internet protocol metric threshold and connectivity metric threshold so as to identify an intrusion on the computer.Type: GrantFiled: June 13, 2002Date of Patent: November 24, 2009Assignee: McAfee, Inc.Inventors: Ramesh M. Gupta, Parveen K. Jain, Keith E. Amidon, Fengmin Gong, Srikant Vissamsetti, Steve M. Haeffele, Ananth Raman
-
Patent number: 7610610Abstract: A system, method and computer program product are provided including a router and a security sub-system coupled to the router. Such security sub-system includes a plurality of virtual firewalls, a plurality of virtual intrusion prevention systems (IPSs), and a plurality of virtual virus scanners. Further, each of the virtual firewalls, IPSs, and virus scanners is assigned to at least one of a plurality of user and is configured in a user-specific.Type: GrantFiled: January 10, 2005Date of Patent: October 27, 2009Assignee: McAfee, Inc.Inventors: Steven M. Haeffele, Ramesh M. Gupta, Ananth Raman, Srikant Vissamsetti
-
Patent number: 7409714Abstract: A method of forming a virtual intrusion detection system includes the step of positioning a set of sensors in a network environment, each sensor supporting multiple logical traffic paths. The method also includes the step of providing a set of sensor management systems corresponding to the set of sensors. This set of sensor management systems enforces a set of virtual intrusion detection systems, wherein each virtual intrusion detection system corresponds to a predetermined logical traffic path through the set of sensors, each virtual detection system providing sensor traffic information solely to authorized parties.Type: GrantFiled: June 13, 2002Date of Patent: August 5, 2008Assignee: McAfee, Inc.Inventors: Ramesh M. Gupta, Parveen K. Jain, Keith E. Amidon, Fengmin Gong, Srikant Vissamsetti, Steve M. Haeffele, Ananth Raman
-
Publication number: 20080060073Abstract: A system, method and computer program product are provided including a router and a security sub-system coupled to the router. Such security sub-system includes a plurality of virtual firewalls, a plurality of virtual intrusion prevention systems (IPSs), and a plurality of virtual virus scanners.Type: ApplicationFiled: September 10, 2007Publication date: March 6, 2008Inventors: Steven Haeffele, Ramesh Gupta, Ananth Raman, Srikant Vissamsetti
-
Patent number: 7308715Abstract: An intrusion signature describing an attack is stored on a computer. Once a plurality of internet protocol packets is received, the plurality of internet protocol packets collectively containing an information sequence within a series of states, it is rearranged so as to place the information sequence in order. Each state of the series of states is then successively examined so as to correlate the information sequence to the intrusion signature.Type: GrantFiled: June 13, 2002Date of Patent: December 11, 2007Assignee: McAfee, Inc.Inventors: Ramesh M. Gupta, Parveen K. Jain, Keith E. Amidon, Fengmin Gong, Srikant Vissamsetti, Steve M. Haeffele, Ananth Raman
-
Patent number: 7234168Abstract: A method of provisioning a computer against computer attacks includes constructing a hierarchy characterizing different computer attacks and counter measures, and traversing this hierarchy to identify computer attacks and countermeasures relevant to a target platform. Detection and protection measures are collected in response to this traversing. These detection and protection measures are then downloaded to a security sensor associated with the target platform.Type: GrantFiled: June 13, 2002Date of Patent: June 19, 2007Assignee: McAfee, Inc.Inventors: Ramesh M. Gupta, Parveen K. Jain, Keith E. Amidon, Fengmin Gong, Srikant Vissamsetti, Steve M. Haeffele, Ananth Raman
-
Publication number: 20060156403Abstract: A system, method and computer program product are provided including a router and a security sub-system coupled to the router. Such security sub-system includes a plurality of virtual firewalls, a plurality of virtual intrusion prevention systems (IPSs), and a plurality of virtual virus scanners.Type: ApplicationFiled: January 10, 2005Publication date: July 13, 2006Inventors: Steven Haeffele, Ramesh Gupta, Ananth Raman, Srikant Vissamsetti
-
Publication number: 20060117386Abstract: A method of detecting intrusions on a computer includes the step of identifying an internet protocol field range describing fields within internet protocol packets received by a computer. A connectivity range is also established which describes a distribution of network traffic received by the computer. An internet protocol field threshold and a connectivity threshold are then determined from the internet protocol field range and connectivity range, respectively. During the operation of the computer, values are calculated for the internet protocol field range and connectivity range. These values are compared to the internet protocol metric threshold and connectivity metric threshold so as to identify an intrusion on the computer.Type: ApplicationFiled: January 13, 2006Publication date: June 1, 2006Inventors: Ramesh Gupta, Parveen Jain, Keith Amidon, Fengmin Gong, Srikant Vissamsetti, Steve Haeffele, Ananth Raman
-
Publication number: 20030014662Abstract: A method of detecting intrusions on a computer includes storing an intrusion signature describing an attack on a computer. Once a plurality of internet protocol packets is received, the plurality of internet protocol packets collectively containing an information sequence within a series of states, it is rearranged so as to place the information sequence in order. Each state of the series of states is then successively examined so as to correlate the information sequence to the intrusion signature.Type: ApplicationFiled: June 13, 2002Publication date: January 16, 2003Inventors: Ramesh M. Gupta, Parveen K. Jain, Keith E. Amidon, Fengmin Gong, Srikant Vissamsetti, Steve M. Haeffele, Ananth Raman