Patents by Inventor Geoffrey Howard Cooper
Geoffrey Howard Cooper has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11356413Abstract: The present disclosure combines Software Defined Networks (SDN) concepts with Security concepts. The coordination between SDN and Security provides a myriad of advantageous use cases. One exemplary use case involves providing a fast path at network speeds using SDN by routing network traffic to bypass a security appliance once the security appliance determines that the security appliance no longer needs to inspect the network traffic. Another exemplary use case involves remote provisioning of security zones.Type: GrantFiled: February 21, 2020Date of Patent: June 7, 2022Assignee: McAfee, LLCInventors: Geoffrey Howard Cooper, John Richard Guzik
-
Publication number: 20210344692Abstract: A method in an embodiment includes detecting a change for a virtual machine in a virtual server of a virtual network infrastructure, determining whether a virtual security appliance is configured in the virtual server, and sending a request to create the virtual security appliance in the virtual server. The method further includes allowing the virtual machine to initiate when the virtual security appliance is created in the virtual machine. The virtual security appliance performs security inspections on network packets sent from the virtual machine. In more specific embodiments, the method further includes creating an intercept mechanism in the virtual server to intercept the network packets from the virtual machine. In further embodiments, one or more security policies identify one or more virtual security appliances to process the network packets from the virtual machine.Type: ApplicationFiled: May 13, 2021Publication date: November 4, 2021Applicant: McAfee, LLCInventors: Geoffrey Howard Cooper, Manuel Nedbal, Hemang Satish Nadkarni
-
Patent number: 11025647Abstract: A method in an embodiment includes detecting a change for a virtual machine in a virtual server of a virtual network infrastructure, determining whether a virtual security appliance is configured in the virtual server, and sending a request to create the virtual security appliance in the virtual server. The method further includes allowing the virtual machine to initiate when the virtual security appliance is created in the virtual machine. The virtual security appliance performs security inspections on network packets sent from the virtual machine. In more specific embodiments, the method further includes creating an intercept mechanism in the virtual server to intercept the network packets from the virtual machine. In further embodiments, one or more security policies identify one or more virtual security appliances to process the network packets from the virtual machine.Type: GrantFiled: January 6, 2017Date of Patent: June 1, 2021Assignee: McAfee, LLCInventors: Geoffrey Howard Cooper, Manuel Nedbal, Hemang Satish Nadkarni
-
Publication number: 20200195610Abstract: The present disclosure combines Software Defined Networks (SDN) concepts with Security concepts. The coordination between SDN and Security provides a myriad of advantageous use cases. One exemplary use case involves providing a fast path at network speeds using SDN by routing network traffic to bypass a security appliance once the security appliance determines that the security appliance no longer needs to inspect the network traffic. Another exemplary use case involves remote provisioning of security zones.Type: ApplicationFiled: February 21, 2020Publication date: June 18, 2020Applicant: McAfee, LLCInventors: Geoffrey Howard Cooper, John Richard Guzik
-
Patent number: 10587576Abstract: The present disclosure combines Software Defined Networks (SDN) concepts with Security concepts. The coordination between SDN and Security provides a myriad of advantageous use cases. One exemplary use case involves providing a fast path at network speeds using SDN by routing network traffic to bypass a security appliance once the security appliance determines that the security appliance no longer needs to inspect the network traffic. Another exemplary use case involves remote provisioning of security zones.Type: GrantFiled: December 10, 2013Date of Patent: March 10, 2020Assignee: McAfee, LLCInventors: Geoffrey Howard Cooper, John Richard Guzik
-
Patent number: 9866528Abstract: A method is provided in one example embodiment and includes exchanging a session descriptor associated with a network connection and an application on a host, correlating the session descriptor with a network policy, and applying the network policy to the network connection. In alternative embodiments, the session descriptor may be exchanged through an out-of-band communication channel or an in-band communication channel.Type: GrantFiled: August 17, 2015Date of Patent: January 9, 2018Assignee: McAfee, LLCInventors: Geoffrey Howard Cooper, David Frederick Diehl, Vinay A. Mahadik, Ramnath Venugopalan
-
Publication number: 20170264622Abstract: A method in an embodiment includes detecting a change for a virtual machine in a virtual server of a virtual network infrastructure, determining whether a virtual security appliance is configured in the virtual server, and sending a request to create the virtual security appliance in the virtual server. The method further includes allowing the virtual machine to initiate when the virtual security appliance is created in the virtual machine. The virtual security appliance performs security inspections on network packets sent from the virtual machine. In more specific embodiments, the method further includes creating an intercept mechanism in the virtual server to intercept the network packets from the virtual machine. In further embodiments, one or more security policies identify one or more virtual security appliances to process the network packets from the virtual machine.Type: ApplicationFiled: January 6, 2017Publication date: September 14, 2017Applicant: McAfee, Inc.Inventors: Geoffrey Howard Cooper, Manuel Nedbal, Hemang Satish Nadkarni
-
Patent number: 9571507Abstract: A method in an embodiment includes detecting a change for a virtual machine in a virtual server of a virtual network infrastructure, determining whether a virtual security appliance is configured in the virtual server, and sending a request to create the virtual security appliance in the virtual server. The method further includes allowing the virtual machine to initiate when the virtual security appliance is created in the virtual machine. The virtual security appliance performs security inspections on network packets sent from the virtual machine. In more specific embodiments, the method further includes creating an intercept mechanism in the virtual server to intercept the network packets from the virtual machine. In further embodiments, one or more security policies identify one or more virtual security appliances to process the network packets from the virtual machine.Type: GrantFiled: October 21, 2012Date of Patent: February 14, 2017Assignee: McAfee, Inc.Inventors: Geoffrey Howard Cooper, Manuel Nedbal, Hemang Satish Nadkarni
-
Patent number: 9516062Abstract: A method in an example embodiment includes correlating a first set of event data from a private network and determining a local reputation score of a host in the private network based on correlating the first set of event data. The method further includes providing the local reputation score of the host to a security node, which applies a policy, based on the local reputation score of the host, to a network communication associated with the host. In specific embodiments, the local reputation score of the host is mapped to a network address of the host. In further embodiments, the first set of event data includes one or more event indicators representing one or more events, respectively, in the private network. In more specific embodiments, the method includes determining a local reputation score of a user and providing the local reputation score of the user to the security node.Type: GrantFiled: December 22, 2014Date of Patent: December 6, 2016Assignee: McAfee, Inc.Inventors: Geoffrey Howard Cooper, David Frederick Diehl, Michael W. Green, Robert Ma
-
Patent number: 9413785Abstract: A method is described in example embodiments below that include receiving a content tag associated with transferring a file over a network connection. A session descriptor may also be received. The session descriptor and the content tag may be correlated with a network policy, which may be applied to the network connection. In some embodiments, the content tag may be received with the session descriptor. The file may be tainted by another file in some embodiments, and the content tag may be associated with other file.Type: GrantFiled: May 15, 2014Date of Patent: August 9, 2016Assignee: McAfee, Inc.Inventors: Geoffrey Howard Cooper, David Frederick Diehl, Robert Ma
-
Publication number: 20160205071Abstract: The present disclosure combines Software Defined Networks (SDN) concepts with Security concepts. The coordination between SDN and Security provides a myriad of advantageous use cases. One exemplary use case involves providing a fast path at network speeds using SDN by routing network traffic to bypass a security appliance once the security appliance determines that the security appliance no longer needs to inspect the network traffic. Another exemplary use case involves remote provisioning of security zones.Type: ApplicationFiled: December 10, 2013Publication date: July 14, 2016Applicant: McAfee, Inc.Inventors: Geoffrey Howard COOPER, John Richard GUZIK
-
Publication number: 20150365380Abstract: A method is provided in one example embodiment and includes exchanging a session descriptor associated with a network connection and an application on a host, correlating the session descriptor with a network policy, and applying the network policy to the network connection. In alternative embodiments, the session descriptor may be exchanged through an out-of-band communication channel or an in-band communication channel.Type: ApplicationFiled: August 17, 2015Publication date: December 17, 2015Applicant: MCAFEE, INC.Inventors: Geoffrey Howard Cooper, David Frederick Diehl, Vinay A. Mahadik, Ramnath Venugopalan
-
Patent number: 9112830Abstract: A method is provided in one example embodiment and includes exchanging a session descriptor associated with a network connection and an application on a host, correlating the session descriptor with a network policy, and applying the network policy to the network connection. In alternative embodiments, the session descriptor may be exchanged through an out-of-band communication channel or an in-band communication channel.Type: GrantFiled: February 23, 2011Date of Patent: August 18, 2015Assignee: McAfee, Inc.Inventors: Geoffrey Howard Cooper, David Frederick Diehl, Vinay A. Mahadik, Ramnath Venugopalan
-
Publication number: 20150180903Abstract: A method in an example embodiment includes correlating a first set of event data from a private network and determining a local reputation score of a host in the private network based on correlating the first set of event data. The method further includes providing the local reputation score of the host to a security node, which applies a policy, based on the local reputation score of the host, to a network communication associated with the host. In specific embodiments, the local reputation score of the host is mapped to a network address of the host. In further embodiments, the first set of event data includes one or more event indicators representing one or more events, respectively, in the private network. In more specific embodiments, the method includes determining a local reputation score of a user and providing the local reputation score of the user to the security node.Type: ApplicationFiled: December 22, 2014Publication date: June 25, 2015Inventors: Geoffrey Howard Cooper, David Frederick Diehl, Michael W. Green, Robert Ma
-
Patent number: 9049171Abstract: A method is provided in one example embodiment and includes exchanging a session descriptor associated with a network connection and an application on a host, correlating the session descriptor with a network policy, and applying the network policy to the network connection. In alternative embodiments, the session descriptor may be exchanged through an out-of-band communication channel or an in-band communication channel.Type: GrantFiled: February 23, 2011Date of Patent: June 2, 2015Assignee: McAfee, Inc.Inventors: Geoffrey Howard Cooper, David Frederick Diehl, Vinay A. Mahadik, Ramnath Venugopalan
-
Patent number: 8931043Abstract: A method in an example embodiment includes correlating a first set of event data from a private network and determining a local reputation score of a host in the private network based on correlating the first set of event data. The method further includes providing the local reputation score of the host to a security node, which applies a policy, based on the local reputation score of the host, to a network communication associated with the host. In specific embodiments, the local reputation score of the host is mapped to a network address of the host. In further embodiments, the first set of event data includes one or more event indicators representing one or more events, respectively, in the private network. In more specific embodiments, the method includes determining a local reputation score of a user and providing the local reputation score of the user to the security node.Type: GrantFiled: April 10, 2012Date of Patent: January 6, 2015Assignee: McAfee Inc.Inventors: Geoffrey Howard Cooper, David Frederick Diehl, Michael W. Green, Robert Ma
-
Publication number: 20140250492Abstract: A method is described in example embodiments below that include receiving a content tag associated with transferring a file over a network connection. A session descriptor may also be received. The session descriptor and the content tag may be correlated with a network policy, which may be applied to the network connection. In some embodiments, the content tag may be received with the session descriptor. The file may be tainted by another file in some embodiments, and the content tag may be associated with other file.Type: ApplicationFiled: May 15, 2014Publication date: September 4, 2014Inventors: Geoffrey Howard Cooper, David Frederick Diehl, Robert Ma
-
Patent number: 8739272Abstract: A method is described in example embodiments below that include receiving a content tag associated with transferring a file over a network connection. A session descriptor may also be received. The session descriptor and the content tag may be correlated with a network policy, which may be applied to the network connection. In some embodiments, the content tag may be received with the session descriptor. The file may be tainted by another file in some embodiments, and the content tag may be associated with other file.Type: GrantFiled: April 2, 2012Date of Patent: May 27, 2014Assignee: McAfee, Inc.Inventors: Geoffrey Howard Cooper, David Frederick Diehl, Robert Ma
-
Publication number: 20140115578Abstract: A method in an embodiment includes detecting a change for a virtual machine in a virtual server of a virtual network infrastructure, determining whether a virtual security appliance is configured in the virtual server, and sending a request to create the virtual security appliance in the virtual server. The method further includes allowing the virtual machine to initiate when the virtual security appliance is created in the virtual machine. The virtual security appliance performs security inspections on network packets sent from the virtual machine. In more specific embodiments, the method further includes creating an intercept mechanism in the virtual server to intercept the network packets from the virtual machine. In further embodiments, one or more security policies identify one or more virtual security appliances to process the network packets from the virtual machine.Type: ApplicationFiled: October 21, 2012Publication date: April 24, 2014Inventors: Geoffrey Howard Cooper, Manuel Nedbal, Hemang Satish Nadkarni
-
Patent number: 8584195Abstract: User names and user groups serve as the basis of a formal policy in a network. A passive monitor examines network traffic in near real time and indicates: which network traffic is flowing on the network as before; which users or user groups were logged into workstations initiating this network traffic; and which of this traffic conforms to the formal policy definition. In one embodiment of the invention, users and user groups are determined by querying Microsoft® Active Directory and Microsoft® Windows servers, to determine who is logged onto the Microsoft® network. Other sources of identity information are also possible.Type: GrantFiled: September 12, 2007Date of Patent: November 12, 2013Assignee: McAfee, IncInventors: Kieran Gerard Sherlock, Geoffrey Howard Cooper, John Richard Guzik, Derek Patton Pearcy, Luis Filipe Pereira Valente