Abstract: A secure VPN connection is provided based on user identify and a hardware identifier. A client application may initiate the VPN connection. A client device user may provide identification information to the application, which then sends a VPN connection request to a remote VPN gateway. The VPN gateway may require an equipment identifier to establish the secure VPN gateway. If the hardware ID is registered, the secure VPN connection is established. If the hardware ID is not registered with the VPN gateway, the connection may be denied. In some instances, a connection may be established with an unregistered equipment ID based on settings at the VPN gateway.
September 2, 2014
Date of Patent:
June 12, 2018
SonicWall US Holdings Inc.
Christopher D. Peterson, Venkatesh N. Gautam
Abstract: The present disclosure relates to systems, methods, and non-transitory computer readable storage medium for detecting a tunnel routing loop attack on a computer network. A method of the presently claimed invention receives a packet of data over an automatic tunnel. When the received packet includes an Internet protocol version 6 (IPv6) packet headers in the received packet may be extracted from the received packet. When an extracted header is a tunnel routing loop attack (TRLA) header, address information included in the TRLA header may be matched to a destination address that the IPv6 packet is about to be tunneled through. When the address information included in the TRLA header matches the destination address that the IPv6 packet is about to be tunneled through the IPv6 packet is dropped because the match indicates that that a loop is about to be formed.
Abstract: The present disclosure relates to a system, a method, and a non-transitory computer readable storage medium for deep packet inspection scanning at an application layer of a computer. A method of the presently claimed invention may scan pieces of data received out of order without reassembly at an application layer from a first input state generating one or more output states for each piece of data. The method may then identify that the first input state includes one or more characters that are associated with malicious content. The method may then identify that the data set may include malicious content when the first input state combined with one or more output states matches a known piece of malicious content.