Patents by Inventor Mika Jalava
Mika Jalava has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 8099776Abstract: A personalized firewall or other network gateway is provided by a method of matching a data packet to a rule in a network gateway having a rule base. One or more identification values are determined based on the data packet and property value(s) associated with said one or more identification values are queried and received from a property server. The property value(s) describe for example allowed connections and services for an entity associated with the identification value(s). The property value(s) are compared to at least one rule in the rule base, said at least one rule comprising property value(s) and an action, and the action defined in said at least one rule is taken, if said property value(s) of the rule match corresponding property value(s) associated with said one or more identification values.Type: GrantFiled: November 22, 2002Date of Patent: January 17, 2012Assignee: Stonesoft CorporationInventors: Mika Jalava, Tuomo Syvänne
-
Patent number: 8085752Abstract: A method of handling mobile entities in a firewall, wherein a first mobile entity table comprising identifiers of mobile entities, which are active in a firewall, and a second mobile entity table comprising identifiers of mobile entities, which are active in a predefined set of other firewalls and identifiers of corresponding other firewalls, are maintained in the firewall. A new mobile entity, which is not currently active in the firewall, is detected, after which it is found on the basis of the second mobile entity table, if the new mobile entity is currently active in another firewall. If the mobile entity is currently active in another firewall, state information related to the new mobile entity is queried from the another firewall, and stored in the firewall to be used for processing data packets from/to the new mobile entity.Type: GrantFiled: November 21, 2002Date of Patent: December 27, 2011Assignee: Stonesoft CorporationInventors: Tuomo Syvänne, Mika Jalava
-
Patent number: 8019850Abstract: The invention provides a centralized VPN management of a plurality of VPN sites by means of a VPN Information Provider (VIP). Management of a VPN device is distributed so that at least part of the VPN configuration is centrally managed without giving away control of the firewall rulebase or other critical local configuration used in the VPN device.Type: GrantFiled: July 29, 2009Date of Patent: September 13, 2011Assignee: Stonesoft CorporationInventor: Mika Jalava
-
Patent number: 7721084Abstract: A method of filtering a tunneled data packet including an outer header and an outer payload, the outer payload including an inner data packet including an inner header and an inner payload, where the value of at least one outer header field of the tunneled data packet is matched to a first rule, and the action defined in the first rule is taken. Taking the action defined in the first rule includes detecting the inner data packet within the tunneled data packet, matching the value of at least one field of the inner data packet to a second rule, and taking the action defined in the second rule.Type: GrantFiled: November 22, 2002Date of Patent: May 18, 2010Assignee: Stonesoft CorporationInventors: Riku Salminen, Tuomo Syvänne, Mika Jalava
-
Publication number: 20090287810Abstract: The invention provides a centralized VPN management of a plurality of VPN sites by means of a VPN Information Provider (VIP). Management of a VPN device is distributed so that at least part of the VPN configuration is centrally managed without giving away control of the firewall rulebase or other critical local configuration used in the VPN device.Type: ApplicationFiled: July 29, 2009Publication date: November 19, 2009Applicant: STONESOFT CORPORATIONInventor: Mika Jalava
-
Patent number: 7392537Abstract: The invention provides an arrangement for managing a network security application comprising a full management user interface for conducting management operations for the network security application, and a limited management user interface for conducting a limited number of management operations of the full management user interface for the network security application over a wireless remote connection.Type: GrantFiled: October 8, 2001Date of Patent: June 24, 2008Assignee: Stonesoft OyInventors: Jari Satomaa, Hannu Pudas, Mika Jalava
-
Patent number: 7162737Abstract: A method (400, 500, 600, 700) for synchronizing state information in a security gateway cluster comprising at least two nodes comprises the following steps. Synchronizing (403) state information by sending state information from a first node of said at least two nodes, detecting (401) in said security gateway cluster a predetermined irregularly occurring action, and initiating (402) synchronization of state information as a response to said action. The state information is sent to at least a second node of said at least two nodes. Corresponding computer program, computer program product, software entities (910, 920), a node (900) of a security gateway cluster (950) and a security gateway cluster are also presented.Type: GrantFiled: October 12, 2001Date of Patent: January 9, 2007Assignee: StonesoftInventors: Tuomo Syvanne, Mika Jalava
-
Publication number: 20030118038Abstract: A personalized firewall or other network gateway is provided by a method of matching a data packet to a rule in a network gateway having a rule base. One or more identification values are determined (302) on the basis of the data packet and property value(s) associated with said one or more identification values are queried (304) and received from a property server. The property value(s) describe for example allowed connections and services for an entity associated with the identification value(s). The property value(s) are compared (306) to at least one rule in the rule base, said at least one rule comprising property value(s) and an action, and the action defined in said at least one rule is taken (310), if said property value(s) of the rule match corresponding property value(s) associated with said one or more identification values.Type: ApplicationFiled: November 22, 2002Publication date: June 26, 2003Inventors: Mika Jalava, Tuomo Syvanne
-
Publication number: 20030117993Abstract: A method of handling mobile entities in a firewall, wherein a first mobile entity table comprising identifiers of mobile entities, which are active in a firewall, and a second mobile entity table comprising identifiers of mobile entities, which are active in a predefined set of other firewalls and identifiers of corresponding other firewalls, are maintained (400, 402) in the firewall. A new mobile entity, which is not currently active in the firewall, is detected (404), after which it is found on the basis of the second mobile entity table, if the new mobile entity is currently active in another firewall. If the mobile entity is currently active in another firewall, state information related to the new mobile entity is queried (408) from the another firewall, and stored (410) in the firewall to be used for processing data packets from/to the new mobile entity.Type: ApplicationFiled: November 21, 2002Publication date: June 26, 2003Inventors: Tuomo Syvanne, Mika Jalava
-
Publication number: 20030115328Abstract: A method of filtering a tunneled data packet comprising an outer header and an outer payload, the outer payload comprising an inner data packet comprising an inner header and an inner payload, where the value of at least one outer header field of the tunneled data packet is matched to a first rule, and the action defined in the first rule is taken. Taking the action defined in the first rule comprises detecting the inner data packet within the tunneled data packet, matching the value of at least one field of the inner data packet to a second rule, and taking the action defined in the second rule.Type: ApplicationFiled: November 22, 2002Publication date: June 19, 2003Inventors: Riku Salminen, Tuomo Syvanne, Mika Jalava
-
Publication number: 20030069958Abstract: The invention provides a centralized VPN management of a plurality of VPN sites by means of a VPN Information Provider (VIP). Management of a VPN device is distributed so that at least part of the VPN configuration is centrally managed without giving away control of the firewall rulebase or other critical local configuration used in the VPN device.Type: ApplicationFiled: May 21, 2002Publication date: April 10, 2003Inventor: Mika Jalava
-
Publication number: 20030070084Abstract: The invention provides an arrangement for managing a network security application comprising a full management user interface for conducting management operations for the network security application, and a limited management user interface for conducting a limited number of management operations of the full management user interface for the network security application over a wireless remote connection.Type: ApplicationFiled: October 8, 2001Publication date: April 10, 2003Inventors: Jari Satomaa, Hannu Pudas, Mika Jalava
-
Publication number: 20020112189Abstract: A method (400, 500, 600, 700) for synchronizing state information in a security gateway cluster comprising at least two nodes comprises the following steps. Synchronizing (403) state information by sending state information from a first node of said at least two nodes, detecting (401) in said security gateway cluster a predetermined irregularly occurring action, and initiating (402) synchronization of state information as a response to said action. The state information is sent to at least a second node of said at least two nodes. Corresponding computer program, computer program product, software entities (910, 920), a node (900) of a security gateway cluster (950) and a security gateway cluster are also presented.Type: ApplicationFiled: October 12, 2001Publication date: August 15, 2002Inventors: Tuomo Syvanne, Mika Jalava