Patents by Inventor Abraham R. Matthews
Abraham R. Matthews has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 9853948Abstract: Methods and systems for a flexible, scalable hardware and software platform that allows a managed security service provider to easily provide security services to multiple customers are provided. According to one embodiment, a method is provided for delivering customized network services to subscribers of the service provider. A request is received, at a service management system (SMS) of the service provider, to establish an Internet Protocol (IP) connection between a first and second location of a first subscriber of the managed security service provider. Responsive to the request, the SMS causes a tunnel to be established between a first and second service processing switch of the service provider which are coupled in communication via a public network and associated with the first location and the second location, respectively.Type: GrantFiled: March 24, 2017Date of Patent: December 26, 2017Assignee: Fortinet, Inc.Inventors: Chih-Tiang Sun, Kiho Yum, Abraham R. Matthews
-
Publication number: 20170195289Abstract: Methods and systems for a flexible, scalable hardware and software platform that allows a managed security service provider to easily provide security services to multiple customers are provided. According to one embodiment, a method is provided for delivering customized network services to subscribers of the service provider. A request is received, at a service management system (SMS) of the service provider, to establish an Internet Protocol (IP) connection between a first and second location of a first subscriber of the managed security service provider. Responsive to the request, the SMS causes a tunnel to be established between a first and second service processing switch of the service provider which are coupled in communication via a public network and associated with the first location and the second location, respectively.Type: ApplicationFiled: March 24, 2017Publication date: July 6, 2017Applicant: Fortinet, Inc.Inventors: Chih-Tiang Sun, Kiho Yum, Abraham R. Matthews
-
Patent number: 9667604Abstract: Methods and systems for a flexible, scalable hardware and software platform that allows a managed security service provider to easily provide security services to multiple customers are provided. According to one embodiment, a method is provided for delivering customized network services to subscribers of the service provider. A request is received, at a service management system (SMS) of the service provider, to establish an Internet Protocol (IP) connection between a first and second location of a first subscriber of the managed security service provider. Responsive to the request, the SMS causes a tunnel to be established between a first and second service processing switch of the service provider which are coupled in communication via a public network and associated with the first location and the second location, respectively.Type: GrantFiled: June 16, 2016Date of Patent: May 30, 2017Assignee: Fortinet, Inc.Inventors: Chih-Tiang Sun, Kiho Yum, Abraham R. Matthews
-
Publication number: 20170093808Abstract: Methods and systems for a flexible, scalable hardware and software platform that allows a managed security service provider to easily provide security services to multiple customers are provided. According to one embodiment, a method is provided for delivering customized network services to subscribers of the service provider. A request is received, at a service management system (SMS) of the service provider, to establish an Internet Protocol (IP) connection between a first and second location of a first subscriber of the managed security service provider. Responsive to the request, the SMS causes a tunnel to be established between a first and second service processing switch of the service provider which are coupled in communication via a public network and associated with the first location and the second location, respectively.Type: ApplicationFiled: June 16, 2016Publication date: March 30, 2017Applicant: Fortinet, Inc.Inventors: Chih-Tiang Sun, Kiho Yum, Abraham R. Matthews
-
Patent number: 9509588Abstract: Methods and systems for managing a service provider switch are provided. According to one embodiment, a method is provided for provisioning a switch with a network-based managed Internet Protocol (IP) service. A network operating system (NOS) is provided on each processor element (PE) of the switch. The NOS includes an object manager (OM) responsible for managing global software object groups, managing software object configurations, managing local software objects and groups and routing control information between address spaces based on locations of software objects. The OM performs management plane communications among software objects by way of system calls. The OM performs data plane communications among software objects by way of object-to-object channels.Type: GrantFiled: October 28, 2013Date of Patent: November 29, 2016Assignee: Cisco Technology, Inc.Inventors: Abraham R. Matthews, Anna Berenberg
-
Patent number: 9391964Abstract: Methods and systems for a flexible, scalable hardware and software platform that allows a managed security service provider to easily provide security services to multiple customers are provided. According to one embodiment, a method is provided for delivering customized network services to subscribers of the service provider. A request is received, at a service management system (SMS) of the service provider, to establish an Internet Protocol (IP) connection between a first and second location of a first subscriber of the managed security service provider. Responsive to the request, the SMS causes a tunnel to be established between a first and second service processing switch of the service provider which are coupled in communication via a public network and associated with the first location and the second location, respectively.Type: GrantFiled: January 27, 2016Date of Patent: July 12, 2016Assignee: Fortinet, Inc.Inventors: Chih-Tiang Sun, Kiho Yum, Abraham R. Matthews
-
Publication number: 20160142384Abstract: Methods and systems for a flexible, scalable hardware and software platform that allows a managed security service provider to easily provide security services to multiple customers are provided. According to one embodiment, a method is provided for delivering customized network services to subscribers of the service provider. A request is received, at a service management system (SMS) of the service provider, to establish an Internet Protocol (IP) connection between a first and second location of a first subscriber of the managed security service provider. Responsive to the request, the SMS causes a tunnel to be established between a first and second service processing switch of the service provider which are coupled in communication via a public network and associated with the first location and the second location, respectively.Type: ApplicationFiled: January 27, 2016Publication date: May 19, 2016Applicant: Fortinet, Inc.Inventors: Chih-Tiang Sun, Kiho Yum, Abraham R. Matthews
-
Patent number: 9258280Abstract: Methods and systems for a flexible, scalable hardware and software platform that allows a managed security service provider to easily provide security services to multiple customers are provided. According to one embodiment, a method is provided for delivering customized network services to subscribers of the service provider. A request is received, at a service management system (SMS) of the service provider, to establish an Internet Protocol (IP) connection between a first and second location of a first subscriber of the managed security service provider. Responsive to the request, the SMS causes a tunnel to be established between a first and second service processing switch of the service provider which are coupled in communication via a public network and associated with the first location and the second location, respectively.Type: GrantFiled: September 26, 2015Date of Patent: February 9, 2016Assignee: Fortinet, Inc.Inventors: Chih-Tiang Sun, Kiho Yum, Abraham R. Matthews
-
Publication number: 20160021072Abstract: Methods and systems for a flexible, scalable hardware and software platform that allows a managed security service provider to easily provide security services to multiple customers are provided. According to one embodiment, a method is provided for delivering customized network services to subscribers of the service provider. A request is received, at a service management system (SMS) of the service provider, to establish an Internet Protocol (IP) connection between a first and second location of a first subscriber of the managed security service provider. Responsive to the request, the SMS causes a tunnel to be established between a first and second service processing switch of the service provider which are coupled in communication via a public network and associated with the first location and the second location, respectively.Type: ApplicationFiled: September 26, 2015Publication date: January 21, 2016Applicant: FORTINET, INC.Inventors: Chih-Tiang Sun, Kiho Yum, Abraham R. Matthews
-
Patent number: 9160716Abstract: Methods and systems for a flexible, scalable hardware and software platform that allows a managed security service provider to easily provide security services to multiple customers are provided. According to one embodiment, a method is provided for delivering customized network services to subscribers of the service provider. A request is received, at a service management system (SMS) of the service provider, to establish an Internet Protocol (IP) connection between a first and second location of a first subscriber of the managed security service provider. Responsive to the request, the SMS causes a tunnel to be established between a first virtual router (VR) and a second VR running on a first and second service processing switch, respectively, of the service provider which are coupled in communication via a public network and associated with the first location and the second location, respectively.Type: GrantFiled: November 17, 2014Date of Patent: October 13, 2015Assignee: Fortinet, Inc.Inventors: Chih-Tiang Sun, Kiho Yum, Abraham R. Matthews
-
Patent number: 9124555Abstract: Methods and systems for a flexible, scalable hardware and software platform that allows a managed security service provider to easily provide security services to multiple customers are provided. According to one embodiment, a method is provided for delivering customized network services to subscribers of a service provider. Multiple virtual routers (VRs) are provided within each of multiple service processing switches of a service provider. Each VR is supported by an object group and each object of the object group supports a network service. One or more VRs are assigned to a subscriber of multiple subscribers of the service provider. Customized network services are provided to the subscriber by the one or more VRs assigned to the subscriber.Type: GrantFiled: February 11, 2014Date of Patent: September 1, 2015Assignee: Fortinet, Inc.Inventors: Chih-Tiang Sun, Kiho Yum, Abraham R. Matthews
-
Publication number: 20150095636Abstract: Methods and systems for a flexible, scalable hardware and software platform that allows a managed security service provider to easily provide security services to multiple customers are provided. According to one embodiment, a method is provided for delivering customized network services to subscribers of the service provider. A request is received, at a service management system (SMS) of the service provider, to establish an Internet Protocol (IP) connection between a first and second location of a first subscriber of the managed security service provider. Responsive to the request, the SMS causes a tunnel to be established between a first virtual router (VR) and a second VR running on a first and second service processing switch, respectively, of the service provider which are coupled in communication via a public network and associated with the first location and the second location, respectively.Type: ApplicationFiled: November 17, 2014Publication date: April 2, 2015Applicant: FORTINET, INC.Inventors: Chih-Tiang Sun, Kiho Yum, Abraham R. Matthews
-
Publication number: 20150019859Abstract: Methods and systems for a flexible, scalable hardware and software platform that allows a managed security service provider to easily provide security services to multiple customers are provided. According to one embodiment, a method is provided for delivering customized network services to subscribers of a service provider. Multiple virtual routers (VRs) are provided within each of multiple service processing switches of a service provider. Each VR is supported by an object group and each object of the object group supports a network service. One or more VRs are assigned to a subscriber of multiple subscribers of the service provider. Customized network services are provided to the subscriber by the one or more VRs assigned to the subscriber.Type: ApplicationFiled: February 11, 2014Publication date: January 15, 2015Applicant: FORTINET, INC.Inventors: Chih-Tiang Sun, Kiho Yum, Abraham R. Matthews
-
Publication number: 20140059234Abstract: Methods and systems for managing a service provider switch are provided. According to one embodiment, a method is provided for provisioning a switch with a network-based managed Internet Protocol (IP) service. A network operating system (NOS) is provided on each processor element (PE) of the switch. The NOS includes an object manager (OM) responsible for managing global software object groups, managing software object configurations, managing local software objects and groups and routing control information between address spaces based on locations of software objects. The OM performs management plane communications among software objects by way of system calls. The OM performs data plane communications among software objects by way of object-to-object channels.Type: ApplicationFiled: October 28, 2013Publication date: February 27, 2014Applicant: Cisco Technology, Inc.Inventors: Abraham R. Matthews, Anna Berenberg
-
Patent number: 8650390Abstract: Methods and systems for a flexible, scalable hardware and software platform that allows a managed security service provider to easily provide security services to multiple customers is provided. According to one embodiment, a request to establish an IP connection between two locations of a subscriber is received at a service management system (SMS) of the service provider. A tunnel is established between service processing switches coupled in communication through a public network. First and second packet routing nodes within the service processing switches are associated with the first and second locations, respectively. An encryption configuration decision is bound with a routing configuration of the packet routing nodes, by, when the request is to establish a secure IP connection, configuring, the packet routing nodes to cause all packets transmitted to the other location to be encrypted and to cause all packets received from the other location to be decrypted.Type: GrantFiled: August 14, 2012Date of Patent: February 11, 2014Assignee: Fortinet, Inc.Inventors: Chih-Tiang Sun, Kiho Yum, Abraham R. Matthews
-
Patent number: 8601110Abstract: Methods and systems for managing a service provider switch are provided. According to one embodiment, a method is provided for provisioning a switch with a network-based managed Internet Protocol (IP) service. A network operating system (NOS) is provided on each processor element (PE) of the switch. The NOS includes an object manager (OM) responsible for managing global software object groups, managing software object configurations, managing local software objects and groups and routing control information between address spaces based on locations of software objects. The OM performs management plane communications among software objects by way of system calls. The OM performs data plane communications among software objects by way of object-to-object channels.Type: GrantFiled: August 15, 2012Date of Patent: December 3, 2013Assignee: Cisco Technology, Inc.Inventors: Abraham R. Matthews, Anna Berenberg
-
Patent number: 8583800Abstract: Methods and systems for offering network-based managed security services are provided. According to one embodiment, an IP service processing switch includes multiple service blades and one or more packet-passing data rings. The service blades each have multiple processors for providing customized security services to subscribers of a service provider. Upon receipt of a packet by a service blade from the one or more packet-passing data rings, a PEID value within the packet is inspected and when the PEID value corresponds to a PEID assigned to a processor associated with the service blade, the packet is steered to a software entity of a VR on the processor that corresponds to an LQID value within the packet. And, when the PEID value does not correspond to any PEIDs assigned to processors on the service blade, the packet is passed to a next service blade on the one or more packet-passing data rings.Type: GrantFiled: August 30, 2012Date of Patent: November 12, 2013Assignee: Fortinet, Inc.Inventors: Abraham R. Matthews, Steven P. Weir
-
Publication number: 20120324216Abstract: Methods and systems for a flexible, scalable hardware and software platform that allows a managed security service provider to easily provide security services to multiple customers is provided. According to one embodiment, a request to establish an IP connection between two locations of a subscriber is received at a service management system (SMS) of the service provider. A tunnel is established between service processing switches coupled in communication through a public network. First and second packet routing nodes within the service processing switches are associated with the first and second locations, respectively. An encryption configuration decision is bound with a routing configuration of the packet routing nodes, by, when the request is to establish a secure IP connection, configuring, the packet routing nodes to cause all packets transmitted to the other location to be encrypted and to cause all packets received from the other location to be decrypted.Type: ApplicationFiled: August 14, 2012Publication date: December 20, 2012Applicant: FORTINET, INC.Inventors: Chih-Tang Sun, Kiho Yum, Abraham R. Matthews
-
Publication number: 20120324532Abstract: Methods and systems for offering network-based managed security services are provided. According to one embodiment, an IP service processing switch includes multiple service blades and one or more packet-passing data rings. The service blades each have multiple processors for providing customized security services to subscribers of a service provider. Upon receipt of a packet by a service blade from the one or more packet-passing data rings, a PEID value within the packet is inspected and when the PEID value corresponds to a PEID assigned to a processor associated with the service blade, the packet is steered to a software entity of a VR on the processor that corresponds to an LQID value within the packet. And, when the PEID value does not correspond to any PEIDs assigned to processors on the service blade, the packet is passed to a next service blade on the one or more packet-passing data rings.Type: ApplicationFiled: August 30, 2012Publication date: December 20, 2012Applicant: FORTINET, INC.Inventors: Abraham R. Matthews, Steven Patrick Weir
-
Publication number: 20120311125Abstract: Methods and systems for managing a service provider switch are provided. According to one embodiment, a method is provided for provisioning a switch with a network-based managed Internet Protocol (IP) service. A network operating system (NOS) is provided on each processor element (PE) of the switch. The NOS includes an object manager (OM) responsible for managing global software object groups, managing software object configurations, managing local software objects and groups and routing control information between address spaces based on locations of software objects. The OM performs management plane communications among software objects by way of system calls. The OM performs data plane communications among software objects by way of object-to-object channels.Type: ApplicationFiled: August 15, 2012Publication date: December 6, 2012Applicant: FORTINET, INC.Inventors: Abraham R. Matthews, Anna Berenberg