Patents by Inventor Monty Sher Gill
Monty Sher Gill has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 9847968Abstract: A host identification engine receives network traffic from a network and uses one or more artifact extractors to extract artifact data items that can identify a host. The artifact data items can be stored in a host signature database. Network addresses to which the hosts correspond can be stored in a network address database. A mapping table can be implemented to match the data in the signature database and network database to generate durable host identification data that can accurately track hosts as they use different identification data and/or move between hosts.Type: GrantFiled: March 10, 2015Date of Patent: December 19, 2017Assignee: Vectra Networks, Inc.Inventors: Nicolas Beauchesne, Monty Sher Gill, Oliver Kourosh Tavakoli
-
Patent number: 9800491Abstract: Methods, systems, and apparatus, including computer program products, featuring receiving at a network device a plurality of packets associated with a flow, one or more of the plurality of packets having associated header data and content. Based on the content of one or more first packets in the plurality of packets, the network device identifies an application associated with the flow, where none of the first packets is addressed to the network device. For one or more second packets associated with the flow, the network device determines a forwarding destination for the second packets based on the application associated with the flow and forwards the packet according to the determined forwarding destination.Type: GrantFiled: December 16, 2016Date of Patent: October 24, 2017Assignee: Palo Alto Networks, Inc.Inventors: Nir Zuk, Yonghui Cheng, Wilson Xu, Monty Sher Gill
-
Patent number: 9565097Abstract: Methods, systems, and apparatus, including computer program products, featuring receiving at a network device a plurality of packets associated with a flow, one or more of the plurality of packets having associated header data and content. Based on the content of one or more first packets in the plurality of packets, the network device identifies an application associated with the flow, where none of the first packets is addressed to the network device. For one or more second packets associated with the flow, the network device determines a forwarding destination for the second packets based on the application associated with the flow and forwards the packet according to the determined forwarding destination.Type: GrantFiled: September 3, 2014Date of Patent: February 7, 2017Assignee: Palo Alto Networks, Inc.Inventors: Nir Zuk, Yonghui Cheng, Wilson Xu, Monty Sher Gill
-
Patent number: 9455958Abstract: Techniques for credentials management in large scale virtual private network (VPN) deployment are disclosed. In some embodiments, credentials management in large scale VPN deployment includes generating a public/private key pair and a certificate signing request at a satellite device; automatically communicating the certificate signing request to a portal over a public, untrusted network to authenticate the satellite device using a serial number associated with the satellite device, in which the certificate signing request and the serial number are verified by the portal; and receiving a certificate from the portal for using to establish VPN connections and configuration information for the satellite device, in which the certificate includes a credential signed by a trusted certificate authority, and the configuration information includes gateway configuration information identifying a plurality of gateways to which the satellite device is configured to connect using VPN connections.Type: GrantFiled: February 26, 2016Date of Patent: September 27, 2016Assignee: Palo Alto Networks, Inc.Inventors: Martin Walter, Nicholas Campagna, Yueh-Zen Chen, Monty Sher Gill
-
Publication number: 20160261563Abstract: Techniques for credentials management in large scale virtual private network (VPN) deployment are disclosed. In some embodiments, credentials management in large scale VPN deployment includes generating a public/private key pair and a certificate signing request at a satellite device; automatically communicating the certificate signing request to a portal over a public, untrusted network to authenticate the satellite device using a serial number associated with the satellite device, in which the certificate signing request and the serial number are verified by the portal; and receiving a certificate from the portal for using to establish VPN connections and configuration information for the satellite device, in which the certificate includes a credential signed by a trusted certificate authority, and the configuration information includes gateway configuration information identifying a plurality of gateways to which the satellite device is configured to connect using VPN connections.Type: ApplicationFiled: February 26, 2016Publication date: September 8, 2016Inventors: Martin Walter, Nicholas Campagna, Yueh-Zen Chen, Monty Sher Gill
-
Patent number: 9413723Abstract: Techniques for configuring and managing remote security devices are disclosed. In some embodiments, configuring and managing remote security devices includes receiving a registration request for a remote security device at a device for configuring and managing a plurality of remote security devices; verifying the registration request to determine that the remote security device is an authorized remote security device for an external network; and sending a response identifying one or more security gateways to the remote security device, in which the remote security device is automatically configured to connect to each of the one or more security gateways using a distinct Layer 3 protocol tunnel (e.g., a virtual private network (VPN)).Type: GrantFiled: September 24, 2014Date of Patent: August 9, 2016Assignee: Palo Alto Networks, Inc.Inventors: Yueh-Zen Chen, Wilson Xu, Monty Sher Gill
-
Patent number: 9306911Abstract: Techniques for credentials management in large scale virtual private network (VPN) deployment are disclosed. In some embodiments, credentials management in large scale VPN deployment includes generating a public/private key pair and a certificate signing request at a satellite device; automatically communicating the certificate signing request to a portal over a public, untrusted network to authenticate the satellite device using a serial number associated with the satellite device, in which the certificate signing request and the serial number are verified by the portal; and receiving a certificate from the portal for using to establish VPN connections and configuration information for the satellite device, in which the certificate includes a credential signed by a trusted certificate authority, and the configuration information includes gateway configuration information identifying a plurality of gateways to which the satellite device is configured to connect using VPN connections.Type: GrantFiled: January 13, 2015Date of Patent: April 5, 2016Assignee: Palo Alto Networks, Inc.Inventors: Martin Walter, Nicholas Campagna, Yueh-Zen Chen, Monty Sher Gill
-
Publication number: 20150312211Abstract: A host identification engine receives network traffic from a network and uses one or more artifact extractors to extract artifact data items that can identify a host. The artifact data items can be stored in a host signature database. Network addresses to which the hosts correspond can be stored in a network address database. A mapping table can be implemented to match the data in the signature database and network database to generate durable host identification data that can accurately track hosts as they use different identification data and/or move between hosts.Type: ApplicationFiled: March 10, 2015Publication date: October 29, 2015Applicant: VECTRA NETWORKS, INC.Inventors: Nicolas Beauchesne, Monty Sher Gill, Oliver Kourosh Tavakoli
-
Publication number: 20150195252Abstract: Techniques for credentials management in large scale virtual private network (VPN) deployment are disclosed. In some embodiments, credentials management in large scale VPN deployment includes generating a public/private key pair and a certificate signing request at a satellite device; automatically communicating the certificate signing request to a portal over a public, untrusted network to authenticate the satellite device using a serial number associated with the satellite device, in which the certificate signing request and the serial number are verified by the portal; and receiving a certificate from the portal for using to establish VPN connections and configuration information for the satellite device, in which the certificate includes a credential signed by a trusted certificate authority, and the configuration information includes gateway configuration information identifying a plurality of gateways to which the satellite device is configured to connect using VPN connections.Type: ApplicationFiled: January 13, 2015Publication date: July 9, 2015Inventors: Martin Walter, Nicholas Campagna, Yueh-Zen Chen, Monty Sher Gill
-
Publication number: 20150106909Abstract: Techniques for configuring and managing remote security devices are disclosed. In some embodiments, configuring and managing remote security devices includes receiving a registration request for a remote security device at a device for configuring and managing a plurality of remote security devices; verifying the registration request to determine that the remote security device is an authorized remote security device for an external network; and sending a response identifying one or more security gateways to the remote security device, in which the remote security device is automatically configured to connect to each of the one or more security gateways using a distinct Layer 3 protocol tunnel (e.g., a virtual private network (VPN)).Type: ApplicationFiled: September 24, 2014Publication date: April 16, 2015Inventors: Yueh-Zen Chen, Wilson Xu, Monty Sher Gill
-
Publication number: 20150055657Abstract: Methods, systems, and apparatus, including computer program products, featuring receiving at a network device a plurality of packets associated with a flow, one or more of the plurality of packets having associated header data and content. Based on the content of one or more first packets in the plurality of packets, the network device identifies an application associated with the flow, where none of the first packets is addressed to the network device. For one or more second packets associated with the flow, the network device determines a forwarding destination for the second packets based on the application associated with the flow and forwards the packet according to the determined forwarding destination.Type: ApplicationFiled: September 3, 2014Publication date: February 26, 2015Inventors: Nir Zuk, Yonghui Cheng, Wilson Xu, Monty Sher Gill
-
Patent number: 8875223Abstract: Techniques for configuring and managing remote security devices are disclosed. In some embodiments, configuring and managing remote security devices includes receiving a registration request for a remote security device at a device for configuring and managing a plurality of remote security devices; verifying the registration request to determine that the remote security device is an authorized remote security device for an external network; and sending a response identifying one or more security gateways to the remote security device, in which the remote security device is automatically configured to connect to each of the one or more security gateways using a distinct Layer 3 protocol tunnel (e.g., a virtual private network (VPN)).Type: GrantFiled: August 31, 2011Date of Patent: October 28, 2014Assignee: Palo Alto Networks, Inc.Inventors: Yueh-Zen Chen, Wilson Xu, Monty Sher Gill