Patents by Inventor Yueh-Zen Chen
Yueh-Zen Chen has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20230388349Abstract: Embodiments of the present application relate to a method for policy enforcement, a system for policy enforcement, and a computer program product for policy enforcement. A method for policy enforcement is provided. The method includes receiving a host information profile report from a client device, and enforcing a security policy for network access based on the host information profile report. The host information profile report includes device profile information associated with the client device.Type: ApplicationFiled: March 2, 2023Publication date: November 30, 2023Inventors: Siu-Wang Leung, Song Wang, Yueh-Zen Chen
-
Patent number: 11632396Abstract: Embodiments of the present application relate to a method for policy enforcement, a system for policy enforcement, and a computer program product for policy enforcement. A method for policy enforcement is provided. The method includes receiving a host information profile report from a client device, and enforcing a security policy for network access based on the host information profile report. The host information profile report includes device profile information associated with the client device.Type: GrantFiled: August 10, 2018Date of Patent: April 18, 2023Assignee: Palo Alto Networks, Inc.Inventors: Siu-Wang Leung, Song Wang, Yueh-Zen Chen
-
Publication number: 20180352004Abstract: Embodiments of the present application relate to a method for policy enforcement, a system for policy enforcement, and a computer program product for policy enforcement. A method for policy enforcement is provided. The method includes receiving a host information profile report from a client device, and enforcing a security policy for network access based on the host information profile report. The host information profile report includes device profile information associated with the client device.Type: ApplicationFiled: August 10, 2018Publication date: December 6, 2018Inventors: Siu-Wang Leung, Song Wang, Yueh-Zen Chen
-
Patent number: 10075472Abstract: Embodiments of the present application relate to a method for policy enforcement, a system for policy enforcement, and a computer program product for policy enforcement. A method for policy enforcement is provided. The method includes receiving a host information profile report from a client device, and enforcing a security policy for network access based on the host information profile report. The host information profile report includes device profile information associated with the client device.Type: GrantFiled: January 20, 2015Date of Patent: September 11, 2018Assignee: Palo Alto Networks, Inc.Inventors: Siu-Wang Leung, Song Wang, Yueh-Zen Chen
-
Patent number: 9455958Abstract: Techniques for credentials management in large scale virtual private network (VPN) deployment are disclosed. In some embodiments, credentials management in large scale VPN deployment includes generating a public/private key pair and a certificate signing request at a satellite device; automatically communicating the certificate signing request to a portal over a public, untrusted network to authenticate the satellite device using a serial number associated with the satellite device, in which the certificate signing request and the serial number are verified by the portal; and receiving a certificate from the portal for using to establish VPN connections and configuration information for the satellite device, in which the certificate includes a credential signed by a trusted certificate authority, and the configuration information includes gateway configuration information identifying a plurality of gateways to which the satellite device is configured to connect using VPN connections.Type: GrantFiled: February 26, 2016Date of Patent: September 27, 2016Assignee: Palo Alto Networks, Inc.Inventors: Martin Walter, Nicholas Campagna, Yueh-Zen Chen, Monty Sher Gill
-
Publication number: 20160261563Abstract: Techniques for credentials management in large scale virtual private network (VPN) deployment are disclosed. In some embodiments, credentials management in large scale VPN deployment includes generating a public/private key pair and a certificate signing request at a satellite device; automatically communicating the certificate signing request to a portal over a public, untrusted network to authenticate the satellite device using a serial number associated with the satellite device, in which the certificate signing request and the serial number are verified by the portal; and receiving a certificate from the portal for using to establish VPN connections and configuration information for the satellite device, in which the certificate includes a credential signed by a trusted certificate authority, and the configuration information includes gateway configuration information identifying a plurality of gateways to which the satellite device is configured to connect using VPN connections.Type: ApplicationFiled: February 26, 2016Publication date: September 8, 2016Inventors: Martin Walter, Nicholas Campagna, Yueh-Zen Chen, Monty Sher Gill
-
Patent number: 9413723Abstract: Techniques for configuring and managing remote security devices are disclosed. In some embodiments, configuring and managing remote security devices includes receiving a registration request for a remote security device at a device for configuring and managing a plurality of remote security devices; verifying the registration request to determine that the remote security device is an authorized remote security device for an external network; and sending a response identifying one or more security gateways to the remote security device, in which the remote security device is automatically configured to connect to each of the one or more security gateways using a distinct Layer 3 protocol tunnel (e.g., a virtual private network (VPN)).Type: GrantFiled: September 24, 2014Date of Patent: August 9, 2016Assignee: Palo Alto Networks, Inc.Inventors: Yueh-Zen Chen, Wilson Xu, Monty Sher Gill
-
Patent number: 9306911Abstract: Techniques for credentials management in large scale virtual private network (VPN) deployment are disclosed. In some embodiments, credentials management in large scale VPN deployment includes generating a public/private key pair and a certificate signing request at a satellite device; automatically communicating the certificate signing request to a portal over a public, untrusted network to authenticate the satellite device using a serial number associated with the satellite device, in which the certificate signing request and the serial number are verified by the portal; and receiving a certificate from the portal for using to establish VPN connections and configuration information for the satellite device, in which the certificate includes a credential signed by a trusted certificate authority, and the configuration information includes gateway configuration information identifying a plurality of gateways to which the satellite device is configured to connect using VPN connections.Type: GrantFiled: January 13, 2015Date of Patent: April 5, 2016Assignee: Palo Alto Networks, Inc.Inventors: Martin Walter, Nicholas Campagna, Yueh-Zen Chen, Monty Sher Gill
-
Publication number: 20150200969Abstract: Embodiments of the present application relate to a method for policy enforcement, a system for policy enforcement, and a computer program product for policy enforcement. A method for policy enforcement is provided. The method includes receiving a host information profile report from a client device, and enforcing a security policy for network access based on the host information profile report. The host information profile report includes device profile information associated with the client device.Type: ApplicationFiled: January 20, 2015Publication date: July 16, 2015Inventors: Siu-Wang Leung, Song Wang, Yueh-Zen Chen
-
Publication number: 20150195252Abstract: Techniques for credentials management in large scale virtual private network (VPN) deployment are disclosed. In some embodiments, credentials management in large scale VPN deployment includes generating a public/private key pair and a certificate signing request at a satellite device; automatically communicating the certificate signing request to a portal over a public, untrusted network to authenticate the satellite device using a serial number associated with the satellite device, in which the certificate signing request and the serial number are verified by the portal; and receiving a certificate from the portal for using to establish VPN connections and configuration information for the satellite device, in which the certificate includes a credential signed by a trusted certificate authority, and the configuration information includes gateway configuration information identifying a plurality of gateways to which the satellite device is configured to connect using VPN connections.Type: ApplicationFiled: January 13, 2015Publication date: July 9, 2015Inventors: Martin Walter, Nicholas Campagna, Yueh-Zen Chen, Monty Sher Gill
-
Publication number: 20150106909Abstract: Techniques for configuring and managing remote security devices are disclosed. In some embodiments, configuring and managing remote security devices includes receiving a registration request for a remote security device at a device for configuring and managing a plurality of remote security devices; verifying the registration request to determine that the remote security device is an authorized remote security device for an external network; and sending a response identifying one or more security gateways to the remote security device, in which the remote security device is automatically configured to connect to each of the one or more security gateways using a distinct Layer 3 protocol tunnel (e.g., a virtual private network (VPN)).Type: ApplicationFiled: September 24, 2014Publication date: April 16, 2015Inventors: Yueh-Zen Chen, Wilson Xu, Monty Sher Gill
-
Patent number: 8973088Abstract: Embodiments of the present application relate to a method for policy enforcement, a system for policy enforcement, and a computer program product for policy enforcement. A method for policy enforcement is provided. The method includes receiving a host information profile report from a client device, and enforcing a security policy for network access based on the host information profile report. The host information profile report includes device profile information associated with the client device.Type: GrantFiled: May 24, 2011Date of Patent: March 3, 2015Assignee: Palo Alto Networks, Inc.Inventors: Siu-Wang Leung, Song Wang, Yueh-Zen Chen
-
Patent number: 8966260Abstract: Techniques for credentials management in large scale virtual private network (VPN) deployment are disclosed. In some embodiments, credentials management in large scale VPN deployment includes generating a public/private key pair and a certificate signing request at a satellite device; automatically communicating the certificate signing request to a portal over a public, untrusted network to authenticate the satellite device using a serial number associated with the satellite device, in which the certificate signing request and the serial number are verified by the portal; and receiving a certificate from the portal for using to establish VPN connections and configuration information for the satellite device, in which the certificate includes a credential signed by a trusted certificate authority, and the configuration information includes gateway configuration information identifying a plurality of gateways to which the satellite device is configured to connect using VPN connections.Type: GrantFiled: January 30, 2013Date of Patent: February 24, 2015Assignee: Palo Alto Networks, Inc.Inventors: Martin Walter, Nicholas Campagna, Yueh-Zen Chen, Monty S. Gill
-
Patent number: 8938777Abstract: Using geographical information in policy enforcement is disclosed. A request for a resource is received from a device. A policy to be applied to the request is determined based at least in part on geographical information associated with an IP address. The policy is enforced. The IP address may be either a source IP address or a destination IP address.Type: GrantFiled: September 23, 2013Date of Patent: January 20, 2015Assignee: Palo Alto Networks, Inc.Inventors: Anupam Bharali, Ravi Ithal, Yueh-Zen Chen
-
Patent number: 8875223Abstract: Techniques for configuring and managing remote security devices are disclosed. In some embodiments, configuring and managing remote security devices includes receiving a registration request for a remote security device at a device for configuring and managing a plurality of remote security devices; verifying the registration request to determine that the remote security device is an authorized remote security device for an external network; and sending a response identifying one or more security gateways to the remote security device, in which the remote security device is automatically configured to connect to each of the one or more security gateways using a distinct Layer 3 protocol tunnel (e.g., a virtual private network (VPN)).Type: GrantFiled: August 31, 2011Date of Patent: October 28, 2014Assignee: Palo Alto Networks, Inc.Inventors: Yueh-Zen Chen, Wilson Xu, Monty Sher Gill
-
Patent number: 8566900Abstract: Using geographical information in policy enforcement is disclosed. A policy is determined based on geographical information associated with an IP address. A policy is enforced based at least in part on the geographical information. The IP address may be either a source IP address or a destination IP address. In some cases network traffic is monitored to determine the IP address.Type: GrantFiled: May 23, 2011Date of Patent: October 22, 2013Assignee: Palo Alto Networks, Inc.Inventors: Anupam Bharali, Ravi Ithal, Yueh-Zen Chen