Patents by Inventor Dennis Oshiba
Dennis Oshiba has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20160119382Abstract: Applying a security policy to an application session, includes: recognizing the application session between a network and an application via a security gateway; determining by the security gateway a user identity of the application session using information about the application session; obtaining by the security gateway the security policy comprising network parameters mapped to the user identity; and applying the security policy to the application session by the security gateway. The user identity may be a network user identity or an application user identity recognized from packets of the application session. The security policy may comprise a network traffic policy mapped and/or a document access policy mapped to the user identity, where the network traffic policy is applied to the application session. The security gateway may further generate a security report concerning the application of the security policy to the application session.Type: ApplicationFiled: January 4, 2016Publication date: April 28, 2016Inventors: Lee Chen, Dennis Oshiba, John Chiong
-
Publication number: 20160105395Abstract: A security gateway includes packet routing policies, each including a host network address, an application network address, and a forwarding interface. In routing data packets of an application session, the security gateway: recognizes the application session between a network and an application; determines a user identity from an application session record for the application session; determines packet routing policies applicable to the application session based on the user identity; receives a data packet for the application session, including a source network address and a destination network address; compares the source network address with the host network address, and the destination network address with the application network address; and in response to finding a match between the source network address and the host network address, and between the destination network address and the application network address, processes the data packet using the forwarding interface of the packet routing policy.Type: ApplicationFiled: December 17, 2015Publication date: April 14, 2016Inventors: Lee Chen, Dennis Oshiba, John Chiong
-
Publication number: 20160105446Abstract: A method for applying a security policy to an application session, includes recognizing the application session between a network and an application via a security gateway; determining by the security gateway a user identity of the application session using information about the application session; obtaining by the security gateway the security policy comprising network parameters mapped to the user identity; and applying the security policy to the application session by the security gateway. The user identity may be a network user identity or an application user identity recognized from packets of the application session. The security policy may comprise a network traffic policy mapped and/or a document access policy mapped to the user identity, where the network traffic policy is applied to the application session. The security gateway may further generate a security report concerning the application of the security policy to the application session.Type: ApplicationFiled: December 17, 2015Publication date: April 14, 2016Inventors: Lee Chen, John Chiong, Dennis Oshiba
-
Publication number: 20160062855Abstract: A method for electing a master blade in a virtual application distribution chassis (VADC), includes: sending by each blade a VADC message to each of the other blades; determining by each blade that the VADC message was not received from the master blade within a predetermined period of time; in response, sending a master claim message including a blade priority by each blade to the other blades; determining by each blade whether any of the blade priorities obtained from the received master claim messages is higher than the blade priority of the receiving blade; in response to determining that none of the blade priorities obtained is higher, setting a status of a given receiving blade to a new master blade; and sending by the given receiving blade a second VADC message to the other blades indicating the status of the new master blade of the given receiving blade.Type: ApplicationFiled: September 22, 2014Publication date: March 3, 2016Inventors: Rajkumar Jalan, Dennis Oshiba
-
Patent number: 9270705Abstract: Applying a security policy to an application session, includes: recognizing the application session between a network and an application via a security gateway; determining by the security gateway a user identity of the application session using information about the application session; obtaining by the security gateway the security policy comprising network parameters mapped to the user identity; and applying the security policy to the application session by the security gateway. The user identity may be a network user identity or an application user identity recognized from packets of the application session. The security policy may comprise a network traffic policy mapped and/or a document access policy mapped to the user identity, where the network traffic policy is applied to the application session. The security gateway may further generate a security report concerning the application of the security policy to the application session.Type: GrantFiled: July 3, 2014Date of Patent: February 23, 2016Assignee: A10 Networks, Inc.Inventors: Lee Chen, Dennis Oshiba, John Chiong
-
Publication number: 20160050233Abstract: Applying a security policy to an application session, includes: recognizing the application session between a network and an application via a security gateway; determining by the security gateway a user identity of the application session using information about the application session; obtaining by the security gateway the security policy comprising network parameters mapped to the user identity; and applying the security policy to the application session by the security gateway. The user identity may be a network user identity or an application user identity recognized from packets of the application session. The security policy may comprise a network traffic policy mapped and/or a document access policy mapped to the user identity, where the network traffic policy is applied to the application session. The security gateway may further generate a security report concerning the application of the security policy to the application session.Type: ApplicationFiled: July 3, 2014Publication date: February 18, 2016Inventors: Lee Chen, Dennis Oshiba, John Chiong
-
Publication number: 20160036778Abstract: A security gateway includes packet routing policies, each including a host network address, an application network address, and a forwarding interface. In routing data packets of an application session, the security gateway: recognizes the application session between a network and an application; determines a user identity from an application session record for the application session; determines packet routing policies applicable to the application session based on the user identity; receives a data packet for the application session, including a source network address and a destination network address; compares the source network address with the host network address, and the destination network address with the application network address; and in response to finding a match between the source network address and the host network address, and between the destination network address and the application network address, processes the data packet using the forwarding interface of the packet routing policy.Type: ApplicationFiled: July 3, 2014Publication date: February 4, 2016Inventors: Lee Chen, Dennis Oshiba, John Chiong
-
Patent number: 9253152Abstract: A security gateway includes packet routing policies, each including a host network address, an application network address, and a forwarding interface. In routing data packets of an application session, the security gateway: recognizes the application session between a network and an application; determines a user identity from an application session record for the application session; determines packet routing policies applicable to the application session based on the user identity; receives a data packet for the application session, including a source network address and a destination network address; compares the source network address with the host network address, and the destination network address with the application network address; and in response to finding a match between the source network address and the host network address, and between the destination network address and the application network address, processes the data packet using the forwarding interface of the packet routing policy.Type: GrantFiled: July 3, 2014Date of Patent: February 2, 2016Assignee: A10 Networks, Inc.Inventors: Lee Chen, Dennis Oshiba, John Chiong
-
Publication number: 20160020947Abstract: Methods and systems for synchronization of configuration files of a plurality of blades in a virtual application distribution chassis are disclosed. In an exemplary method, a master blade processes a configuration command, updates a first configuration file with the configuration command and generates an updated tag, and sends a configuration message to at least one slave blade of the virtual application distribution chassis informing of the updated configuration file. The configuration message is received by a given slave blade of the one or more slave blades and compared with a second configuration file stored at the given slave blade; and in response to determining that the updated tag in the configuration message is more recent than the tag in the second configuration file stored at the given slave blade, the slave blade sends a request for the updated configuration file to the master blade.Type: ApplicationFiled: October 1, 2015Publication date: January 21, 2016Inventors: Rajkumar Jalan, Dennis Oshiba
-
Patent number: 9219751Abstract: Method for applying a security policy to an application session, includes: recognizing the application session between a network and an application via a security gateway; determining by the security gateway a user identity of the application session using information about the application session; obtaining by the security gateway the security policy comprising network parameters mapped to the user identity; and applying the security policy to the application session by the security gateway. The user identity may be a network user identity or an application user identity recognized from packets of the application session. The security policy may comprise a network traffic policy mapped and/or a document access policy mapped to the user identity, where the network traffic policy is applied to the application session. The security gateway may further generate a security report concerning the application of the security policy to the application session.Type: GrantFiled: July 16, 2013Date of Patent: December 22, 2015Assignee: A10 Networks, Inc.Inventors: Lee Chen, John Chiong, Dennis Oshiba
-
Patent number: 9154577Abstract: Synchronization of configuration files of a virtual application distribution chassis, includes: processing a configuration command received by a master blade; updating a first configuration file with the configuration command and an updated tag by the master blade; sending a configuration message by the master blade to the slave blades informing of the updated configuration file, the configuration message comprising the updated tag; in response to receiving the configuration message by a given slave blade of the one or more slave blades, comparing the updated tag in the configuration message with a tag in a second configuration file stored at the given slave blade; and in response to determining that the updated tag in the configuration message is more recent than the tag in the second configuration file stored at the given slave blade, sending a request for the updated configuration file to the master blade by the given slave blade.Type: GrantFiled: June 6, 2011Date of Patent: October 6, 2015Assignee: A10 Networks, Inc.Inventors: Rajkumar Jalan, Dennis Oshiba
-
Patent number: 8849938Abstract: A method for electing a master blade in a virtual application distribution chassis (VADC), includes: sending by each blade a VADC message to each of the other blades; determining by each blade that the VADC message was not received from the master blade within a predetermined period of time; in response, sending a master claim message including a blade priority by each blade to the other blades; determining by each blade whether any of the blade priorities obtained from the received master claim messages is higher than the blade priority of the receiving blade; in response to determining that none of the blade priorities obtained is higher, setting a status of a given receiving blade to a new master blade; and sending by the given receiving blade a second VADC message to the other blades indicating the status of the new master blade of the given receiving blade.Type: GrantFiled: July 26, 2012Date of Patent: September 30, 2014Assignee: A10 Networks, Inc.Inventors: Rajkumar Jalan, Dennis Oshiba
-
Patent number: 8595791Abstract: Method for applying a security policy to an application session, includes: recognizing the application session between a network and an application via a security gateway; determining by the security gateway a user identity of the application session using information about the application session; obtaining by the security gateway the security policy comprising network parameters mapped to the user identity; and applying the security policy to the application session by the security gateway. The user identity may be a network user identity or an application user identity recognized from packets of the application session. The security policy may comprise a network traffic policy mapped and/or a document access policy mapped to the user identity, where the network traffic policy is applied to the application session. The security gateway may further generate a security report concerning the application of the security policy to the application session.Type: GrantFiled: October 12, 2012Date of Patent: November 26, 2013Assignee: A10 Networks, Inc.Inventors: Lee Chen, John Chiong, Dennis Oshiba
-
Patent number: 8584199Abstract: A security gateway includes packet routing policies, each including a host network address, an application network address, and a forwarding interface. In routing data packets of an application session, the security gateway: recognizes the application session between a network and an application; determines a user identity from an application session record for the application session; determines packet routing policies applicable to the application session based on the user identity; receives a data packet for the application session, including a source network address and a destination network address; compares the source network address with the host network address, and the destination network address with the application network address; and in response to finding a match between the source network address and the host network address, and between the destination network address and the application network address, processes the data packet using the forwarding interface of the packet routing policy.Type: GrantFiled: December 15, 2012Date of Patent: November 12, 2013Assignee: A10 Networks, Inc.Inventors: Lee Chen, John Chiong, Dennis Oshiba
-
Publication number: 20120311116Abstract: Synchronization of configuration files of a virtual application distribution chassis, includes: processing a configuration command received by a master blade; updating a first configuration file with the configuration command and an updated tag by the master blade; sending a configuration message by the master blade to the slave blades informing of the updated configuration file, the configuration message comprising the updated tag; in response to receiving the configuration message by a given slave blade of the one or more slave blades, comparing the updated tag in the configuration message with a tag in a second configuration file stored at the given slave blade; and in response to determining that the updated tag in the configuration message is more recent than the tag in the second configuration file stored at the given slave blade, sending a request for the updated configuration file to the master blade by the given slave blade.Type: ApplicationFiled: June 6, 2011Publication date: December 6, 2012Applicant: A10 Networks, Inc.Inventors: Rajkumar JALAN, Dennis OSHIBA
-
Publication number: 20120297240Abstract: A method for electing a master blade in a virtual application distribution chassis (VADC), includes: sending by each blade a VADC message to each of the other blades; determining by each blade that the VADC message was not received from the master blade within a predetermined period of time; in response, sending a master claim message including a blade priority by each blade to the other blades; determining by each blade whether any of the blade priorities obtained from the received master claim messages is higher than the blade priority of the receiving blade; in response to determining that none of the blade priorities obtained is higher, setting a status of a given receiving blade to a new master blade; and sending by the given receiving blade a second VADC message to the other blades indicating the status of the new master blade of the given receiving blade.Type: ApplicationFiled: July 26, 2012Publication date: November 22, 2012Applicant: A10 NETWORKS, INC.Inventors: Rajkumar Jalan, Dennis Oshiba
-
Patent number: 8312507Abstract: Method for applying a security policy to an application session, includes: recognizing the application session between a network and an application via a security gateway; determining by the security gateway a user identity of the application session using information about the application session; obtaining by the security gateway the security policy comprising network parameters mapped to the user identity; and applying the security policy to the application session by the security gateway. The user identity may be a network user identity or an application user identity recognized from packets of the application session. The security policy may comprise a network traffic policy mapped and/or a document access policy mapped to the user identity, where the network traffic policy is applied to the application session. The security gateway may further generate a security report concerning the application of the security policy to the application session.Type: GrantFiled: May 27, 2010Date of Patent: November 13, 2012Assignee: A10 Networks, Inc.Inventors: Lee Chen, John Chiong, Dennis Oshiba
-
Patent number: 8266235Abstract: A method for electing a master blade in a virtual application distribution chassis (VADC), includes: sending by each blade a VADC message to each of the other blades; determining by each blade that the VADC message was not received from the master blade within a predetermined period of time; in response, sending a master claim message including a blade priority by each blade to the other blades; determining by each blade whether any of the blade priorities obtained from the received master claim messages is higher than the blade priority of the receiving blade; in response to determining that none of the blade priorities obtained is higher, setting a status of a given receiving blade to a new master blade; and sending by the given receiving blade a second VADC message to the other blades indicating the status of the new master blade of the given receiving blade.Type: GrantFiled: January 31, 2012Date of Patent: September 11, 2012Assignee: A10 Networks, Inc.Inventors: Rajkumar Jalan, Dennis Oshiba
-
Publication number: 20120179770Abstract: A method for electing a master blade in a virtual application distribution chassis (VADC), includes: sending by each blade a VADC message to each of the other blades; determining by each blade that the VADC message was not received from the master blade within a predetermined period of time; in response, sending a master claim message including a blade priority by each blade to the other blades; determining by each blade whether any of the blade priorities obtained from the received master claim messages is higher than the blade priority of the receiving blade; in response to determining that none of the blade priorities obtained is higher, setting a status of a given receiving blade to a new master blade; and sending by the given receiving blade a second VADC message to the other blades indicating the status of the new master blade of the given receiving blade.Type: ApplicationFiled: January 31, 2012Publication date: July 12, 2012Applicant: A10 NETWORKS, INC.Inventors: Rajkumar Jalan, Dennis Oshiba
-
Publication number: 20100235880Abstract: Method for applying a security policy to an application session, includes: recognizing the application session between a network and an application via a security gateway; determining by the security gateway a user identity of the application session using information about the application session; obtaining by the security gateway the security policy comprising network parameters mapped to the user identity; and applying the security policy to the application session by the security gateway. The user identity may be a network user identity or an application user identity recognized from packets of the application session. The security policy may comprise a network traffic policy mapped and/or a document access policy mapped to the user identity, where the network traffic policy is applied to the application session. The security gateway may further generate a security report concerning the application of the security policy to the application session.Type: ApplicationFiled: May 27, 2010Publication date: September 16, 2010Applicant: A10 NETWORKS, INC.Inventors: Lee Chen, John Chiong, Dennis Oshiba