Patents by Inventor John Edward McDowall
John Edward McDowall has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11979746Abstract: Techniques for selective intelligent enforcement for mobile networks using a security platform are disclosed.Type: GrantFiled: July 21, 2023Date of Patent: May 7, 2024Assignee: Palo Alto Networks, Inc.Inventors: Sachin Verma, Leonid Burakovsky, John Edward McDowall, Apoorva Jain
-
Patent number: 11949654Abstract: Techniques for distributed offload leveraging different offload devices are disclosed. In some embodiments, a system, process, and/or computer program product for distributed offload leveraging different offload devices includes receiving a flow at a firewall of a security service (e.g., a cloud-based security service); inspecting the flow at the firewall to determine meta information associated with the flow; and offloading the flow to an offload entity (e.g., a SmartNIC, software executed on a Network Interface Card (NIC), and/or a network device, such as a network router and/or network switch) based on the meta information associated with the flow (e.g., an application identification associated with the flow determined using deep packet inspection) and based on a policy.Type: GrantFiled: March 31, 2023Date of Patent: April 2, 2024Assignee: Palo Alto Networks, Inc.Inventors: John Edward McDowall, James Sugg, Charles Bransi
-
Patent number: 11924165Abstract: Techniques for securing containerized applications are disclosed. In some embodiments, a system, process, and/or computer program product for securing containerized applications includes detecting a new application container (e.g., an application pod); deploying a security entity (e.g., a firewall) to the application container; and monitoring all traffic to and from the application container (e.g., all layer-7 ingress, egress, and east-west traffic associated with the application container) using the security entity to enforce a policy.Type: GrantFiled: August 31, 2022Date of Patent: March 5, 2024Assignee: Palo Alto Networks, Inc.Inventors: John Edward McDowall, Sharad Saha, Nilesh Bansal
-
Publication number: 20230247000Abstract: Techniques for distributed offload leveraging different offload devices are disclosed. In some embodiments, a system, process, and/or computer program product for distributed offload leveraging different offload devices includes receiving a flow at a firewall of a security service (e.g., a cloud-based security service); inspecting the flow at the firewall to determine meta information associated with the flow; and offloading the flow to an offload entity (e.g., a SmartNIC, software executed on a Network Interface Card (NIC), and/or a network device, such as a network router and/or network switch) based on the meta information associated with the flow (e.g., an application identification associated with the flow determined using deep packet inspection) and based on a policy.Type: ApplicationFiled: March 31, 2023Publication date: August 3, 2023Inventors: John Edward McDowall, James Sugg, Charles Bransi
-
Patent number: 11665139Abstract: Techniques for distributed offload leveraging different offload devices are disclosed. In some embodiments, a system, process, and/or computer program product for distributed offload leveraging different offload devices includes receiving a flow at a firewall of a security service (e.g., a cloud-based security service); inspecting the flow at the firewall to determine meta information associated with the flow; and offloading the flow to an offload entity (e.g., a SmartNIC, software executed on a Network Interface Card (NIC), and/or a network device, such as a network router and/or network switch) based on the meta information associated with the flow (e.g., an application identification associated with the flow determined using deep packet inspection) and based on a policy.Type: GrantFiled: April 30, 2021Date of Patent: May 30, 2023Assignee: Palo Alto Networks, Inc.Inventors: John Edward McDowall, James Sugg, Charles Bransi
-
Publication number: 20230008901Abstract: Techniques for securing containerized applications are disclosed. In some embodiments, a system, process, and/or computer program product for securing containerized applications includes detecting a new application container (e.g., an application pod); deploying a security entity (e.g., a firewall) to the application container; and monitoring all traffic to and from the application container (e.g., all layer-7 ingress, egress, and east-west traffic associated with the application container) using the security entity to enforce a policy.Type: ApplicationFiled: August 31, 2022Publication date: January 12, 2023Inventors: John Edward McDowall, Sharad Saha, Nilesh Bansal
-
Publication number: 20220385631Abstract: Techniques for distributed traffic steering and enforcement for security solutions are disclosed. In some embodiments, a system, process, and/or computer program product for distributed traffic steering and enforcement for security solutions includes encapsulating an original traffic header for a monitored flow from/to a host or a container; rerouting the flow from the host or the container to a security platform of a security service; performing security analysis at the security platform using the original traffic header; and rerouting the flow back to the host or the container for routing to an original destination based on the original traffic header.Type: ApplicationFiled: March 1, 2022Publication date: December 1, 2022Inventors: John Edward McDowall, Nilesh Bansal, Sharad Saha
-
Publication number: 20220353240Abstract: Techniques for distributed offload leveraging different offload devices are disclosed. In some embodiments, a system, process, and/or computer program product for distributed offload leveraging different offload devices includes receiving a flow at a firewall of a security service (e.g., a cloud-based security service); inspecting the flow at the firewall to determine meta information associated with the flow; and offloading the flow to an offload entity (e.g., a SmartNIC, software executed on a Network Interface Card (NIC), and/or a network device, such as a network router and/or network switch) based on the meta information associated with the flow (e.g., an application identification associated with the flow determined using deep packet inspection) and based on a policy.Type: ApplicationFiled: April 30, 2021Publication date: November 3, 2022Inventors: John Edward McDowall, James Sugg, Charles Bransi
-
Patent number: 11477165Abstract: Techniques for securing containerized applications are disclosed. In some embodiments, a system, process, and/or computer program product for securing containerized applications includes detecting a new application container (e.g., an application pod); deploying a security entity (e.g., a firewall) to the application container; and monitoring all traffic to and from the application container (e.g., all layer-7 ingress, egress, and east-west traffic associated with the application container) using the security entity to enforce a policy.Type: GrantFiled: May 28, 2021Date of Patent: October 18, 2022Assignee: Palo Alto Networks, Inc.Inventors: John Edward McDowall, Sharad Saha, Nilesh Bansal
-
Patent number: 9509549Abstract: Techniques are disclosed to extend routing rules from external services. A request is received to modify a specified rule in a network element of a network. The specified rule governs disposition of a network flow specific to an application. The request is received via a communications channel configured to expose an application programming interface (API) to the application. The request is interpreted at a network abstraction layer of the network element. The request is converted into a command at a service implementation layer of the network element. The command is executed to modify the specified rule in the network element, responsive to the request.Type: GrantFiled: March 15, 2013Date of Patent: November 29, 2016Assignee: CISCO TECHNOLOGY, INC.Inventors: Richard M. Pruss, John Edward McDowall, Jan Medved
-
Publication number: 20140280835Abstract: Techniques are disclosed to extend routing rules from external services. A request is received to modify a specified rule in a network element of a network. The specified rule governs disposition of a network flow specific to an application. The request is received via a communications channel configured to expose an application programming interface (API) to the application. The request is interpreted at a network abstraction layer of the network element. The request is converted into a command at a service implementation layer of the network element. The command is executed to modify the specified rule in the network element, responsive to the request.Type: ApplicationFiled: March 15, 2013Publication date: September 18, 2014Applicant: CISCO TECHNOLOGY, INC.Inventors: Richard M. PRUSS, John Edward McDowall, Jan Medved