Patents Assigned to Forescout Technologies Inc.
-
Patent number: 11240132Abstract: Systems, methods, and related technologies for device classification are described. In certain aspects, traffic data associated with a device and data from an external system can be accessed. The data can be processed to determine a device classification for the device. An action can be initiated based on the classification.Type: GrantFiled: April 29, 2020Date of Patent: February 1, 2022Assignee: Forescout Technologies, Inc.Inventors: Yang Zhang, Siying Yang
-
Patent number: 11240114Abstract: Systems, methods, and related technologies for device monitoring are described. In certain aspects, network traffic data is analyzed to determine one or more devices associated with a network. The network may be a remote network. The network traffic data may further be used to determine one or more non-active devices associated with the network.Type: GrantFiled: December 27, 2019Date of Patent: February 1, 2022Assignee: FORESCOUT TECHNOLOGIES, INC.Inventors: Ilya Fainberg, Anderson Lam, Mihael Sudakovitch
-
Patent number: 11146559Abstract: Disclosed is a method of transparently detecting authentication status of endpoint devices in a network. This method may be used for differentiating guest or rogue endpoints from enterprise endpoints.Type: GrantFiled: January 13, 2014Date of Patent: October 12, 2021Assignee: ForeScout Technologies, Inc.Inventors: Gil Friedrich, Roy Rotem
-
Patent number: 11122071Abstract: Systems, methods, and related technologies for entity visibility are described. In certain aspects, information associated with a type of entity is accessed and a network is scanned for a plurality of entities. One or more entities are selected from plurality of entities based on the type of entity. Properties associated with the one or more selected entities are accessed. The information associated with the one or more selected entities and the one or more properties associated with the selected one or more entities are stored.Type: GrantFiled: June 29, 2018Date of Patent: September 14, 2021Assignee: FORESCOUT TECHNOLOGIES, INC.Inventors: Anderson Lam, Sharad Singh, Mihael Sudakovitch
-
Patent number: 11108799Abstract: Systems, methods, and related technologies for analyzing traffic based on naming information are described. In certain aspects, name information and address information from a name translation response are stored. The name information is associated with a device based on the device sending a communication to an address associated with the name information.Type: GrantFiled: January 24, 2020Date of Patent: August 31, 2021Assignee: FORESCOUT TECHNOLOGIES, INC.Inventors: Oded Comay, Oren Nechushtan
-
Patent number: 11012330Abstract: An intrusion detection method for detecting an intrusion in data traffic on a data communication network parses the data traffic to extract at least one protocol field of a protocol message of the data traffic, and associates the extracted protocol field with a model for that protocol field. The model is selected from a set of models. An assessment is made to determine if a contents of the extracted protocol field is in a safe region as defined by the model, and an intrusion detection signal is generated in case it is established that the contents of the extracted protocol field is outside the safe region. The set of models may comprise a corresponding model for each protocol field of a set of protocol fields.Type: GrantFiled: March 17, 2017Date of Patent: May 18, 2021Assignee: ForeScout Technologies, Inc.Inventor: Emmanuele Zambon
-
Patent number: 10965758Abstract: A method, apparatus and product for sub-networks based cyber security. One method comprises detecting a device connecting to a local network which is divided into subnets; determining a usage profile of the device; automatically selecting a subnet to connect the device based on the usage profile; and connecting the device to the selected subnet in the local network. Another method comprises monitoring communication traffic of devices in each of the subnets of a local network; performing anomaly detection to detect an abnormal communication of a device connected to a subnet; blocking the abnormal communication of the device; and removing the device from the subnet and connecting the device to a quarantine subnet of the local network, whereby reducing connectivity of the device with other devices connected to the local network.Type: GrantFiled: January 29, 2019Date of Patent: March 30, 2021Assignee: ForeScout Technologies, Inc.Inventors: Shmulik Bachar, Yossi Atias
-
Patent number: 10885165Abstract: Systems, methods, and related technologies for account access monitoring are described. In certain aspects, a login request associated with a device can be analyzed and a score determined. The score and a threshold can be used to determine whether to initiate an action.Type: GrantFiled: May 17, 2017Date of Patent: January 5, 2021Assignee: ForeScout Technologies, Inc.Inventors: Chunhui Zhan, Siying Yang
-
Patent number: 10862885Abstract: Systems, methods, and related technologies for device identification are described. In certain aspects, packet data associated with a device can be analyzed and a score determined. The score and the threshold can be compared to determine a device identification for the device.Type: GrantFiled: March 20, 2017Date of Patent: December 8, 2020Assignee: ForeScout Technologies, Inc.Inventors: Yang Zhang, Siying Yang
-
Patent number: 10839084Abstract: Systems, methods, and related technologies for device monitoring and device risk monitoring are described. In certain aspects, an indicator associated with a security risk is set based on communication between a first device having an associated elevated security risk and a second device. The indicator can be stored and may be used as a basis for performing a security action.Type: GrantFiled: December 14, 2017Date of Patent: November 17, 2020Assignee: FORESCOUT TECHNOLOGIES, INC.Inventors: Tal Peled, Shlomit Tassa, Oren Nechushtan, Ariel Biton
-
Patent number: 10812334Abstract: Systems, methods, and related technologies for self-training classification are described. In certain aspects, a plurality of device classification methods with associated models are accessed. Each of the classification methods have an associated reliability level. The models of classification methods with a higher reliability level than other classifications methods are used to train the models associated with lower reliability level. The trained models and associated classification methods are thus improved.Type: GrantFiled: June 29, 2018Date of Patent: October 20, 2020Assignee: FORESCOUT TECHNOLOGIES, INC.Inventors: Siying Yang, Yang Zhang
-
Patent number: 10778723Abstract: Systems, methods, and related technologies for device scanning are described. In certain aspects, a device is selected based on being a NAT device and information is accessed therefrom to determine a device communicatively coupled to the NAT device. The device communicatively coupled to the NAT device may then be scanned and the results stored.Type: GrantFiled: March 26, 2018Date of Patent: September 15, 2020Assignee: FORESCOUT TECHNOLOGIES, INC.Inventor: Siying Yang
-
Patent number: 10705821Abstract: Systems, methods, and related technologies for device software monitoring and device software updating are described. In certain aspects, a device is selected based on being a smart device and a software version of associated with the software of the device is determined. The device software may then be automatically updated if newer software is available.Type: GrantFiled: February 9, 2018Date of Patent: July 7, 2020Assignee: FORESCOUT TECHNOLOGIES, INC.Inventor: Siying Yang
-
Patent number: 10652278Abstract: Systems, methods, and related technologies for device compliance monitoring are described. In certain aspects, one or more compliance rules associated with a device classification are used to determine a compliance level of a device. The one or more compliance rules may be based on a standard. An action can be initiated based on the compliance level.Type: GrantFiled: December 19, 2016Date of Patent: May 12, 2020Assignee: Forescout Technologies, Inc.Inventors: Anderson Lam, Kevin Benjamin Mayer, Yuri Mikhel, Gilad Walden
-
Patent number: 10652116Abstract: Systems, methods, and related technologies for device classification are described. In certain aspects, traffic data associated with a device and data from an external system can be accessed. The data can be processed to determine a device classification for the device. An action can be initiated based on the classification.Type: GrantFiled: December 6, 2016Date of Patent: May 12, 2020Assignee: Forescout Technologies, Inc.Inventors: Yang Zhang, Siying Yang
-
Patent number: 10574678Abstract: Systems, methods, and related technologies for analyzing traffic based on naming information are described. In certain aspects, name information and address information from a name translation response are stored. The name information is associated with a device based on the device sending a communication to an address associated with the name information.Type: GrantFiled: December 13, 2016Date of Patent: February 25, 2020Assignee: Forescout Technologies, Inc.Inventors: Oded Comay, Oren Nechushtan
-
Patent number: 10560336Abstract: Systems, methods, and related technologies for device monitoring are described. In certain aspects, network traffic data is analyzed to determine one or more devices associated with a network. The network may be a remote network. The network traffic data may further be used to determine one or more non-active devices associated with the network.Type: GrantFiled: January 31, 2017Date of Patent: February 11, 2020Assignee: FORESCOUT TECHNOLOGIES, INC.Inventors: Ilya Fainberg, Anderson Lam, Mihael Sudakovitch
-
Patent number: 10530764Abstract: A network access control (NAC) device detects a connection of an endpoint device at a network switch coupled to a network and restricts access of the endpoint device to prevent the endpoint device from accessing resources of the network. The NAC device establishes a connection with the endpoint device, validates a client certificate corresponding to the endpoint device to authenticate the endpoint device as a corporate device and grants the endpoint device access to the resources of the network.Type: GrantFiled: December 19, 2016Date of Patent: January 7, 2020Assignee: FORESCOUT TECHNOLOGIES, INC.Inventors: Oded Comay, Kevin Benjamin Mayer, Oren Nechushtan, Tomer Reisner
-
Patent number: 10382215Abstract: Systems, methods, and related technologies for device identification and policy enforcement using Power over Ethernet (PoE) are described. In certain aspects, a communication that originates from a Power over Ethernet (PoE) enabled device can be received. The communication can be processed to determine a characteristic of the device. An action can be initiated based on the characteristic.Type: GrantFiled: March 18, 2016Date of Patent: August 13, 2019Assignee: FORESCOUT TECHNOLOGIES, INC.Inventors: Gilad Walden, Tomer Reisner, Kevin Mayer, Svetlana Khanin
-
Patent number: 9027079Abstract: Disclosed is a method and system for network access control, including an authentication proxy that authenticates different access-points, retrieves data from security databases and from Network Monitoring Systems, processing said data according to a dynamic security policy and using said processing outcome to determine the access level which will be granted to an access point in the network.Type: GrantFiled: November 18, 2013Date of Patent: May 5, 2015Assignee: ForeScout Technologies, Inc.Inventors: Oded Comay, Doron Shikmoni