Patents Assigned to Juniper Networks
  • Using file metadata for data obfuscation
    Patent number: 8412926
    Abstract: A system and method may assist in securing data for transmission to a receiving entity. Received data may include metadata associated therewith. The data may be encrypted using an encryption key encoded within selected portions of the metadata, where the selection of the selected portions is based on a scheme shared with the receiving entity. The encrypted data including the metadata may be transferred to the receiving entity. The receiving entity may decrypt the encrypted data using the selected portions of the metadata.
    Type: Grant
    Filed: April 11, 2007
    Date of Patent: April 2, 2013
    Assignee: Juniper Networks, Inc.
    Inventor: Simon J. Gerraty
  • Rescue configuration
    Patent number: 8412803
    Abstract: A configuration is identified as a rescue configuration. The identified rescue configuration is stored in a storage device (if it is not already stored). The stored rescue configuration may then be used to configure an apparatus, such as a router, in response to a rescue command. Identifying a particular configuration as a rescue configuration can be done by a manual command. The identifying may be limited such that it is effected only if performed by an authorized user. Alternatively, the identification of a configuration as the rescue configuration can be done automatically. For example, an automatic rollback to a known functioning configuration can occur automatically (e.g., in response to a rescue command). A configuration may be determined to be the known functioning configuration using various factors.
    Type: Grant
    Filed: September 19, 2003
    Date of Patent: April 2, 2013
    Assignee: Juniper Networks, Inc.
    Inventor: Paul Fraley
  • Solving timeout issues in backup devices
    Patent number: 8407355
    Abstract: A backup device detects that a session timer associated with a session in a session table of the backup network device has expired and ages out the session from the session table based on whether a first message has been sent to a master network device regarding the session and whether a second message has been received from the master network device regarding the session.
    Type: Grant
    Filed: June 30, 2006
    Date of Patent: March 26, 2013
    Assignee: Juniper Networks, Inc.
    Inventors: Xiaosong Yang, Lin Chen, Changming Liu
  • Event-based user interface customization
    Patent number: 8407597
    Abstract: A computing device receives a setting of a customizable preference for an interface element of a user interface and receives a definition for an event associated with the setting. The computing device monitors for an occurrence of the event and receives an indication of the occurrence of the event. The computing device also obtains the setting associated with the event, applies the setting to the interface element, and renders, for presentation on a display, the interface element based on the setting.
    Type: Grant
    Filed: October 16, 2009
    Date of Patent: March 26, 2013
    Assignee: Juniper Networks, Inc.
    Inventor: Darren Christopher Tom
  • Transposing a packet firewall policy within a node
    Patent number: 8407779
    Abstract: A system is configured to receive a set of rules that specify how packets are to be processed by a node, where the set of rules include one or more negative rules that identify operations to be performed, by the node, when information associated with the packets does not match information specified by the negative rules, and one or more positive rules that identify other operations to be performed, by the node, when the information associated with the packets matches information specified by the positive rules. The system is also configured to create a group of modified rules by converting the negative rules into a corresponding group of positive rules; and install the modified rules in the node that allows the node to process the packets, using the modified rules, as though the node was processing the packets using the set of rules.
    Type: Grant
    Filed: July 29, 2011
    Date of Patent: March 26, 2013
    Assignee: Juniper Networks, Inc.
    Inventors: Sandip Shah, Apoorva Jindal
  • Chassis system with front cooling intake
    Patent number: 8405985
    Abstract: A line card includes a metal frame that includes a front section, and a bottom section connected to the front section via an angled section, where the angled section results in an opening between the line card and a second line card, when the line card is installed above the second line card in a rack, and where the opening allows directed air to enter the rack from a front direction; a printed circuit board attached to the metal frame; and a group of front panel connectors attached to the front section of the metal frame.
    Type: Grant
    Filed: September 8, 2010
    Date of Patent: March 26, 2013
    Assignee: Juniper Networks, Inc.
    Inventors: Boris Reynov, Jack Kohn, Euan F. Mowat, Shreeram Siddhaye, Ben Nitzan, Mahesh Nagarajan
  • Dynamic disk throttling in a wide area network optimization device
    Patent number: 8407416
    Abstract: A network device may operate to increase application performance over a wide area network. In one particular implementation, the network device may monitor accesses to a disk drive from entities and determine whether an entity is accessing the disk drive in a manner that causes a disproportionate amount of performance degradation. If so, the network device may throttle access to the disk drive for the entity.
    Type: Grant
    Filed: April 5, 2012
    Date of Patent: March 26, 2013
    Assignee: Juniper Networks, Inc.
    Inventors: An-Cheng Huang, Vanco Buca
  • ROUTING DEVICE HAVING INTEGRATED MPLS-AWARE FIREWALL
    Publication number: 20130074177
    Abstract: An MPLS-aware firewall allows firewall security policies to be applied to MPLS traffic. The firewall, which may be integrated within a routing device, can be configured into multiple virtual security systems. The routing device provides a user interface by which a user specifies one or more zones to be recognized by the integrated firewall when applying stateful firewall services to the packets. The user interface allows the user to define different zones and policies for different ones of the virtual security systems. In addition, the user interface supports a syntax that allows the user to define the zones for the firewall by specifying the customer VPNs as interfaces associated with the zones. The routing device generates mapping information for the integrated firewall to map the customer VPNs to specific MPLS labels for the MPLS tunnels carrying the customer's traffic.
    Type: Application
    Filed: November 5, 2012
    Publication date: March 21, 2013
    Applicant: JUNIPER NETWORKS, INC.
    Inventor: JUNIPER NETWORKS, INC.
  • ROUTE CONTROL SYSTEM AND ROUTE CONTROL METHOD IN A SWITCHING APPARATUS
    Publication number: 20130070585
    Abstract: A system includes a cell handler, a virtual path handler, a virtual channel handler, a trunk. and a controller. The controller initiates, based on issuing an instruction to the cell handler, a loop-back control test. The loop-back control test involving transmission of an operation and maintenance (OAM) cell from the cell handler, via the virtual path handler, the virtual channel handler, and the trunk, and back to the cell handler. The controller further monitors the OAM cell, detects a fault based on monitoring the OAM cell; and perform fault avoidance based on detecting the fault.
    Type: Application
    Filed: September 14, 2012
    Publication date: March 21, 2013
    Applicant: JUNIPER NETWORKS INC.
    Inventor: Yoshinori TAKASAKI
  • OPTIMIZATION OF PACKET BUFFER MEMORY UTILIZATION
    Publication number: 20130073931
    Abstract: A method performed by an I/O unit connected to another I/O unit in a network device. The method includes receiving a packet; segmenting the packet into a group of data blocks; storing the group of data blocks in a data memory; generating data protection information for a data block of the group of data blocks; creating a control block for the data block; storing, in a control memory, a group of data items for the control block, the group of data items including information associated with a location, of the data block, within the data memory and the data protection information for the data block; performing a data integrity check on the data block, using the data protection information, to determine whether the data block contains a data error; and outputting the data block when the data integrity check indicates that the data block does not contain a data error.
    Type: Application
    Filed: November 16, 2012
    Publication date: March 21, 2013
    Applicant: Juniper Networks, Inc.
    Inventor: Juniper Networks, Inc.
  • APPLICATION IDENTIFICATION
    Publication number: 20130074144
    Abstract: A method may include receiving a communication from a client device and identifying a port number, a protocol and a destination associated with the communication. The method may also include identifying a first application being executed by the first client device based on the port number, the protocol and the destination associated with the first communication.
    Type: Application
    Filed: September 14, 2012
    Publication date: March 21, 2013
    Applicant: JUNIPER NETWORKS, INC.
    Inventors: Krishna NARAYANASWAMY, Siying YANG
  • PACKET PROCESSING IN A MULTIPLE PROCESSOR SYSTEM
    Publication number: 20130074184
    Abstract: Packet processing is provided in a multiple processor system including a first processor to processing a packet and to create a tag associated with the packet. The tag includes information about the processing of the packet. A second processor receives the packet subsequent to the first processor and processes the packet using the tag information.
    Type: Application
    Filed: September 14, 2012
    Publication date: March 21, 2013
    Applicant: JUNIPER NETWORKS, INC.
    Inventors: Nir Zuk, Yu Ming Mao
  • Delaying one-shot signal objects
    Patent number: 8402301
    Abstract: A device may include a processor to execute a thread. The processor may be further configured to execute a set of wrappers that are called from within the thread to invoke a set of one-shot signal objects to generate delayed signals. Each of the set of wrappers may be configured to detect whether different ones of one-shot signal objects that were invoked from within the thread have generated signals at periodic time intervals, determine a delay to be used for invoking one of the set of one-shot signal objects, and invoke the one of the set of one-shot signal object to generate one of the delayed signals based on the delay when the different ones of one-shot signal objects have generated signals at periodic time intervals. The processor may be further configured to receive the delayed signals generated from the set of one-shot signal objects over a time period.
    Type: Grant
    Filed: December 29, 2010
    Date of Patent: March 19, 2013
    Assignee: Juniper Networks, Inc.
    Inventor: Jeffrey C. Venable, Sr.
  • MULTI-METHOD GATEWAY-BASED NETWORK SECURITY SYSTEMS AND METHODS
    Publication number: 20130067560
    Abstract: Systems and methods for detecting and preventing network security breaches are described. The systems and methods present a gateway-based packet-forwarding network security solution to not only detect security breaches but also prevent them by directly dropping suspicious packets and connections. The systems and methods employ multiple techniques to detect and prevent network security breaches, including stateful signature detection, traffic signature detection, and protocol anomaly detection.
    Type: Application
    Filed: September 14, 2012
    Publication date: March 14, 2013
    Applicant: JUNIPER NETWORKS, INC.
    Inventors: Nir ZUK, Kowsik GURUSWAMY
  • INTELLIGENT INTEGRATED NETWORK SECURITY DEVICE
    Publication number: 20130067561
    Abstract: Methods, computer program products and apparatus for processing data packets are described. Methods include receiving the data packet, examining the data packet, determining a single flow record associated with the packet and extracting flow instructions for two or more devices from the single flow record.
    Type: Application
    Filed: September 14, 2012
    Publication date: March 14, 2013
    Applicant: Juniper Networks, Inc.
    Inventor: Nir ZUK
  • INTELLIGENT INTEGRATED NETWORK SECURITY DEVICE FOR HIGH-AVAILABILITY APPLICATIONS
    Publication number: 20130067268
    Abstract: Methods and apparatuses for inspecting packets are provided. A primary security system may be configured for processing packets. The primary security system may be operable to maintain flow information for a group of devices to facilitate processing of the packets. A secondary security system may be designated for processing packets upon a failover event. Flow records may be shared from the primary security system with the secondary security system.
    Type: Application
    Filed: September 14, 2012
    Publication date: March 14, 2013
    Applicant: JUNIPER NETWORKS, INC.
    Inventors: Nir ZUK, Yu Ming Mao, Kowsik Guruswamy
  • DETECTION OF NETWORK SECURITY BREACHES BASED ON ANALYSIS OF NETWORK RECORD LOGS
    Publication number: 20130067575
    Abstract: Computer program products and methods of inspecting a log of security records in a computer network are provided. The method includes retrieving a log record, processing the log record including deriving a key to a table, determining a data value from information in the log record and adding the data value to a list of data values associated with the key if the data value is unique. One or more entries of the table are evaluated based on predetermined criteria to detect attempted security breaches.
    Type: Application
    Filed: September 14, 2012
    Publication date: March 14, 2013
    Applicant: JUNIPER NETWORKS, INC.
    Inventor: Nir ZUK
  • Asynchronous calls using intermittent callback for delay sensitive applications
    Patent number: 8396201
    Abstract: A call handling system receives an asynchronous call request, from a call requester, requesting performance of an operation, where the call request includes a delay parameter specified by the call requester. The call handling system performs the requested operation, and sends a callback to the call requester, which includes partial results from performance of the requested operation, at selected intervals determined by the delay parameter.
    Type: Grant
    Filed: October 22, 2009
    Date of Patent: March 12, 2013
    Assignee: Juniper Networks, Inc.
    Inventors: Timothy Noel T, Srinivasa Ds, Siddharth Tuli
  • Systems and methods for preserving the order of data
    Patent number: 8397233
    Abstract: A device includes an input processing unit and an output processing unit. The input processing unit dispatches first data to one of a group of processing engines, records an identity of the one processing engine in a location in a first memory, reserves one or more corresponding locations in a second memory, causes the first data to be processed by the one processing engine, and stores the processed first data in one of the locations in the second memory. The output processing unit receives second data, assigns an entry address corresponding to a location in an output memory to the second data, transfers the second data and the entry address to one of a group of second processing engines, causes the second data to be processed by the second processing engine, and stores the processed second data to the location in the output memory.
    Type: Grant
    Filed: May 23, 2007
    Date of Patent: March 12, 2013
    Assignee: Juniper Networks, Inc.
    Inventors: Raymond Marcelino Manese Lim, Stefan Dyckerhoff, Jeffrey Glenn Libby, Teshager Tesfaye
  • Band control system for a digital subscriber network and band control method therefor
    Patent number: 8396008
    Abstract: A band control system for a digital subscriber line network in which a first apparatus and a second apparatus situated at a subscriber station and a center, respectively, are interconnected by a cable for interchanging at least a digital data signal with each other. The system may cause one of the first apparatus or the second apparatus to monitor receipt of signals from the other of the first apparatus or the second apparatus; send, based on a result of monitoring, a band variation command to the other apparatus for causing the other apparatus to vary a band by using a frequency band not used for signal transfer; cause the other apparatus to receive the band variation command; and vary the band in accordance with the band variation command.
    Type: Grant
    Filed: March 11, 2011
    Date of Patent: March 12, 2013
    Assignee: Juniper Networks, Inc.
    Inventor: Takemasa Takahashi