Patents by Inventor Reuven HARRISON
Reuven HARRISON has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20160294653Abstract: There are provided a computer-implemented connectivity manager and a method of managing connectivity between resources in a computer network using the connectivity manager.Type: ApplicationFiled: June 14, 2016Publication date: October 6, 2016Inventors: Reuven Harrison, Michael Hamelin
-
Patent number: 9386048Abstract: There are provided a computer-implemented connectivity manager and a method of managing connectivity between resources in a computer network using the connectivity manager.Type: GrantFiled: September 16, 2013Date of Patent: July 5, 2016Assignee: Tufin Software Technologies Ltd.Inventors: Reuven Harrison, Michael Hamelin
-
Patent number: 9313175Abstract: A system capable of automated mapping between a connectivity request and an ordered security rule-set and a method of operating thereof. The system includes an interface operable to obtain data characterizing at least one connectivity request; a module for automated recognizing at least one rule within the rule-set, the rule controlling traffic requested in the at least one connectivity request, wherein the recognizing is provided by comparing a set of combinations specified in the connectivity request with a set of combinations specified in the rule and matching connectivity-related actions specified in the connectivity request; a module for automated evaluating relationship between traffic controlled by the recognized at least one rule and traffic requested in the at least one connectivity request; and a module for automated classifying, in accordance with evaluation results, the at least one connectivity request with respect to the at least one rules and/or vice versa.Type: GrantFiled: November 18, 2014Date of Patent: April 12, 2016Assignee: TUFIN SOFTWARE TECHNOLOGES LTD.Inventor: Reuven Harrison
-
Patent number: 9203808Abstract: There are provided a method of automated managing an ordered set of security rules implemented at a plurality of security gateways and a system thereof. The method comprises obtaining data characterizing a connectivity request which may become allowable only upon changes of an initial rule-set, thus giving rise to an unfitting connectivity request; analyzing routing tables of the plurality of the security gateways; generating ranking the security gateways in accordance with their relevance to the unfitting connectivity request; selecting one or more security gateways with the highest ranking; and implementing a configuration change required in order to facilitate allowance of the unfitting connectivity request at the one or more selected security gateways.Type: GrantFiled: May 1, 2013Date of Patent: December 1, 2015Assignee: TUFIN SOFTWARE TECHNOLOGIES LTD.Inventors: Reuven Harrison, Michael Hamelin
-
Patent number: 9122990Abstract: There are provided a method of automated managing one or more security rule-sets and a system thereof. The method comprising: obtaining data characterizing a connectivity request and an amended rule-set, the amended rule-set being derivative of an initial rule-set amended to fit the connectivity request; automated verifying each possible combination of values in the connectivity request against the initial rule-set and the amended rule-set; calculating one or more values selected from a group comprising values characterizing relative amount of extra allowed traffic and values characterizing relative amount of dissatisfied requested traffic; automated comparing the calculated values and/or derivatives thereof with a predefined threshold; and automated classifying the amended rule-set as applicable for implementation if the results of the automated comparing match a predefined verification criterion.Type: GrantFiled: May 21, 2013Date of Patent: September 1, 2015Assignee: TUFIN SOFTWARE TECHNOLOGIES LTD.Inventors: Reuven Harrison, Amir Cogan, Tomer Barkan
-
Publication number: 20150074755Abstract: A system capable of automated mapping between a connectivity request and an ordered security rule-set and a method of operating thereof. The system includes an interface operable to obtain data characterizing at least one connectivity request; a module for automated recognizing at least one rule within the rule-set, the rule controlling traffic requested in the at least one connectivity request, wherein the recognizing is provided by comparing a set of combinations specified in the connectivity request with a set of combinations specified in the rule and matching connectivity-related actions specified in the connectivity request; a module for automated evaluating relationship between traffic controlled by the recognized at least one rule and traffic requested in the at least one connectivity request; and a module for automated classifying, in accordance with evaluation results, the at least one connectivity request with respect to the at least one rules and/or vice versa.Type: ApplicationFiled: November 18, 2014Publication date: March 12, 2015Inventor: Reuven HARRISON
-
Patent number: 8914841Abstract: A system capable of automated mapping between a connectivity request and an ordered security rule-set and a method of operating thereof. The system includes an interface operable to obtain data characterizing at least one connectivity request; a module for automated recognizing at least one rule within the rule-set, the rule controlling traffic requested in the at least one connectivity request, wherein the recognizing is provided by comparing a set of combinations specified in the connectivity request with a set of combinations specified in the rule and matching connectivity-related actions specified in the connectivity request; a module for automated evaluating relationship between traffic controlled by the recognized at least one rule and traffic requested in the at least one connectivity request; and a module for automated classifying, in accordance with evaluation results, the at least one connectivity request with respect to the at least one rules and/or vice versa.Type: GrantFiled: November 23, 2011Date of Patent: December 16, 2014Assignee: Tufin Software Technologies Ltd.Inventor: Reuven Harrison
-
Patent number: 8819762Abstract: Provided a computerized system and method of automated auditing a range of rules associated with an enforced security policy. The method comprises automated obtaining log records assigned to a first rule within the range of rules and logged during a counted period, each said log record comprising a unique rule identifier and recorded values of respective arguments comprised in the rule; counting a number of records matching certain recorded values and logged within certain time intervals within the counted period (counted values); and automated generating a counted log record assigned to said rule, said record comprising the unique rule identifier, the counted period, recorded values of the rule arguments and respective counted values.Type: GrantFiled: December 6, 2007Date of Patent: August 26, 2014Assignee: Tufin Software Technologies Ltd.Inventors: Reuven Harrison, Reuven Kitov
-
Publication number: 20140082196Abstract: There are provided a computer-implemented connectivity manager and a method of managing connectivity between resources in a computer network using the connectivity manager.Type: ApplicationFiled: September 16, 2013Publication date: March 20, 2014Applicant: Tufin Software Technologies Ltd.Inventors: Reuven Harrison, Michael Hamelin
-
Publication number: 20130254150Abstract: There are provided a method of automated managing one or more security rule-sets and a system thereof. The method comprising: obtaining data characterizing a connectivity request and an amended rule-set, the amended rule-set being derivative of an initial rule-set amended to fit the connectivity request; automated verifying each possible combination of values in the connectivity request against the initial rule-set and the amended rule-set; calculating one or more values selected from a group comprising values characterizing relative amount of extra allowed traffic and values characterizing relative amount of dissatisfied requested traffic; automated comparing the calculated values and/or derivatives thereof with a predefined threshold; and automated classifying the amended rule-set as applicable for implementation if the results of the automated comparing match a predefined verification criterion.Type: ApplicationFiled: May 21, 2013Publication date: September 26, 2013Applicant: TUFIN SOFTWARE TECHNOLOGIES LTD.Inventors: Reuven HARRISON, Amir COGAN, Tomer BARKAN
-
Publication number: 20130247169Abstract: There are provided a method of automated managing an ordered set of security rules implemented at a plurality of security gateways and a system thereof. The method comprises obtaining data characterizing a connectivity request which may become allowable only upon changes of an initial rule-set, thus giving rise to an unfitting connectivity request; analyzing routing tables of the plurality of the security gateways; generating ranking the security gateways in accordance with their relevance to the unfitting connectivity request; selecting one or more security gateways with the highest ranking; and implementing a configuration change required in order to facilitate allowance of the unfitting connectivity request at the one or more selected security gateways.Type: ApplicationFiled: May 1, 2013Publication date: September 19, 2013Applicant: TUFIN SOFTWARE TECHNOLOGIES LTD.Inventors: Reuven HARRISON, Michael HAMELIN
-
Patent number: 8490171Abstract: There is provided a rule-set generator and a method of automated configuration of a security gateway. The method comprises setting-up an initial rule-set; obtaining log records of communication events corresponding to the initial rule-set so as to obtain a sufficient amount of log records; transforming the obtained log records into respective rules, wherein source, destination and service fields in each rule correspond to source, destination and service values in respective obtained log record, and the action in all rules is defined as “Accept”, thus giving rise to a transformation-based rule-set; and processing the transformation-based rule-set so as to generate an operable rule-set by processing the transformation-based rule-set.Type: GrantFiled: July 14, 2008Date of Patent: July 16, 2013Assignee: Tufin Software Technologies Ltd.Inventors: Reuven Harrison, Yakov Persky
-
Patent number: 8468113Abstract: There are provided a method of automated managing two or more security rule-sets and a system thereof. The method comprises: obtaining data characterizing a first rule-set and a second rule-set; automated recognizing all possible combinations of values in the first and the second rule-sets; automated verifying each combination of values in the second rule-set against the first rule-set; calculating one or more values characterizing the differences in allowable and rejectable traffic in the first rule-set and the second rule-set; automated comparing the calculated values and/or derivatives thereof with a predefined threshold; and automated classifying the relationship between the first rule-set and the second rule-set in accordance with comparison results.Type: GrantFiled: September 20, 2010Date of Patent: June 18, 2013Assignee: Tufin Software Technologies Ltd.Inventors: Reuven Harrison, Amir Cogan, Tomer Barkan
-
Patent number: 8458766Abstract: There are provided a method of automated managing an ordered set of security rules implemented at one or more security gateways and a system thereof. The method comprises a) obtaining data characterizing a connectivity request which may become allowable only upon changes of an initial rule-set, thus giving rise to an unfitting connectivity request; b) automated searching for a rule within said ordered set of security rules, said rule best matching to be amended in order to facilitate allowance of the unfitting connectivity request, wherein best matching is defined in accordance with one or more predefined criteria; c) automated generating amendment of the best matching rule, said amendment capable to facilitate allowance of the unfitting connectivity request; and d) automated implementing the generated amendment at one or more relevant security gateways among said one or more security gateways.Type: GrantFiled: May 17, 2010Date of Patent: June 4, 2013Assignee: Tufin Software Technologies Ltd.Inventors: Reuven Harrison, Michael Hamelin
-
Publication number: 20120192246Abstract: A system capable of automated mapping between a connectivity request and an ordered security rule-set and a method of operating thereof. The system includes an interface operable to obtain data characterizing at least one connectivity request; a module for automated recognizing at least one rule within the rule-set, the rule controlling traffic requested in the at least one connectivity request, wherein the recognizing is provided by comparing a set of combinations specified in the connectivity request with a set of combinations specified in the rule and matching connectivity-related actions specified in the connectivity request; a module for automated evaluating relationship between traffic controlled by the recognized at least one rule and traffic requested in the at least one connectivity request; and a module for automated classifying, in accordance with evaluation results, the at least one connectivity request with respect to the at least one rules and/or vice versa.Type: ApplicationFiled: November 23, 2011Publication date: July 26, 2012Applicant: Tufin Software Technologies Ltd.Inventor: Reuven HARRISON
-
Publication number: 20110060713Abstract: There are provided a method of automated managing two or more security rule-sets and a system thereof. The method comprises: obtaining data characterizing a first rule-set and a second rule-set; automated recognizing all possible combinations of values in the first and the second rule-sets; automated verifying each combination of values in the second rule-set against the first rule-set; calculating one or more values characterizing the differences in allowable and rejectable traffic in the first rule-set and the second rule-set; automated comparing the calculated values and/or derivatives thereof with a predefined threshold; and automated classifying the relationship between the first rule-set and the second rule-set in accordance with comparison results.Type: ApplicationFiled: September 20, 2010Publication date: March 10, 2011Applicant: TUFIN SOFTWARE TECHNOLOGIES LTD.Inventors: Reuven Harrison, Amir Cogan, Tomer Barkan
-
Publication number: 20100299741Abstract: There are provided a method of automated managing an ordered set of security rules implemented at one or more security gateways and a system thereof. The method comprises a) obtaining data characterizing a connectivity request which may become allowable only upon changes of an initial rule-set, thus giving rise to an unfitting connectivity request; b) automated searching for a rule within said ordered set of security rules, said rule best matching to be amended in order to facilitate allowance of the unfitting connectivity request, wherein best matching is defined in accordance with one or more predefined criteria; c) automated generating amendment of the best matching rule, said amendment capable to facilitate allowance of the unfitting connectivity request; and d) automated implementing the generated amendment at one or more relevant security gateways among said one or more security gateways.Type: ApplicationFiled: May 17, 2010Publication date: November 25, 2010Applicant: TUFIN SOFTWARE TECHNOLOGIES LTD.Inventors: Reuven Harrison, Michael Hamelin
-
Publication number: 20100011433Abstract: There is provided a rule-set generator and a method of automated configuration of a security gateway. The method comprises setting-up an initial rule-set; obtaining log records of communication events corresponding to the initial rule-set so as to obtain a sufficient amount of log records; transforming the obtained log records into respective rules, wherein source, destination and service fields in each rule correspond to source, destination and service values in respective obtained log record, and the action in all rules is defined as “Accept”, thus giving rise to a transformation-based rule-set; and processing the transformation-based rule-set so as to generate an operable rule-set by processing the transformation-based rule-set.Type: ApplicationFiled: July 14, 2008Publication date: January 14, 2010Applicant: TUFIN SOFTWARE TECHNOLOGIES LTD.Inventors: Reuven HARRISON, Yakov PERSKY
-
Publication number: 20090138938Abstract: Provided a computerized system and method of automated auditing a range of rules associated with an enforced security policy. The method comprises automated obtaining log records assigned to a first rule within the range of rules and logged during a counted period, each said log record comprising a unique rule identifier and recorded values of respective arguments comprised in the rule; counting a number of records matching certain recorded values and logged within certain time intervals within the counted period (counted values); and automated generating a counted log record assigned to said rule, said record comprising the unique rule identifier, the counted period, recorded values of the rule arguments and respective counted values.Type: ApplicationFiled: December 6, 2007Publication date: May 28, 2009Applicant: TUFIN SOFTWARE TECHNOLOGIES LTD.Inventors: Reuven Harrison, Reuven Kitov