Patents by Inventor Manoj Apte

Manoj Apte has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 10375024
    Abstract: A virtual private access method implemented by a cloud system, includes receiving a request to access resources from a user device, wherein the resources are located in one of a public cloud and an enterprise network and the user device is remote therefrom on the Internet; forwarding the request to a central authority for a policy look up and for a determination of connection information to make an associated secure connection through the cloud system to the resources; receiving the connection information from the central authority responsive to an authorized policy look up; and creating secure tunnels between the user device and the resources based on the connection information.
    Type: Grant
    Filed: May 18, 2016
    Date of Patent: August 6, 2019
    Assignee: Zscaler, Inc.
    Inventors: Patrick Foxhoven, John A. Chanak, William Fehring, Denzil Wessels, Purvi Desai, Manoj Apte, Sudhindra P. Herle
  • Publication number: 20190158516
    Abstract: A Content Delivery Network (CDN) includes one or more cache servers communicatively coupled to end users for providing content thereto; and one or more origin servers communicatively coupled to the one or more cache servers through a plurality of nodes, the one or more cache servers are configured to receive traffic related to the content from the one or more origin servers through the one or more nodes of the plurality of nodes, based on one or more of a push technique and a pull technique, and the plurality of nodes are configured to monitor the traffic between the one or more origin servers and the one or more cache servers in an inline manner, process the traffic for malware and data leakage based on policy, and block the traffic responsive to detection of one or more of the malware and the data leakage, prior to traffic entering the CDN.
    Type: Application
    Filed: January 28, 2019
    Publication date: May 23, 2019
    Inventors: Dhawal Kumar Sharma, Manoj Apte, Patrick Foxhoven
  • Patent number: 10237286
    Abstract: Content Delivery Network (CDN) protection systems and methods, performed by a cloud node in a distributed security system include receiving traffic between one or more origin servers and the CDN; monitoring the traffic based on policy; detecting one or more of malware and data leakage in the traffic based on the policy; and blocking the traffic responsive to the detecting the one or more of the malware and the data leakage in the traffic, prior to the traffic entering the CDN.
    Type: Grant
    Filed: January 29, 2016
    Date of Patent: March 19, 2019
    Assignee: Zscaler, Inc.
    Inventors: Dhawal Kumar Sharma, Manoj Apte, Patrick Foxhoven
  • Patent number: 9912638
    Abstract: Systems and methods of integrating log data from a cloud system with an internal management system are described, wherein the cloud system is located externally from a secure network which contains the internal management system. The systems and methods include receiving log data from a cloud system through a secure connection between the secure network and the cloud system; buffering the received log data; filtering the buffered, received log data; and transmitting the filtered, buffered, received log data to the internal management system in a format associated with the internal management system.
    Type: Grant
    Filed: January 15, 2015
    Date of Patent: March 6, 2018
    Assignee: Zscaler, Inc.
    Inventors: Kailash Kailash, Chakkaravarthy Periyasamy Balaiah, Sushil Pangeni, Amit Sinha, Samuel John Crank, Manoj Apte, Sridhar Narasimhan
  • Publication number: 20170223029
    Abstract: Content Delivery Network (CDN) protection systems and methods, performed by a cloud node in a distributed security system include receiving traffic between one or more origin servers and the CDN; monitoring the traffic based on policy; detecting one or more of malware and data leakage in the traffic based on the policy; and blocking the traffic responsive to the detecting the one or more of the malware and the data leakage in the traffic, prior to the traffic entering the CDN.
    Type: Application
    Filed: January 29, 2016
    Publication date: August 3, 2017
    Applicant: Zscaler, Inc.
    Inventors: Dhawal Kumar Sharma, Manoj Apte, Patrick Foxhoven
  • Patent number: 9654507
    Abstract: A cloud-based method, a system, and a cloud-based security system include receiving a request from a user for a cloud application at a proxy server; determining whether the user is authenticated based on a presence of cookies in the request; if the cookies are present, un-transforming the cookies by the proxy server and forwarding the request with the un-transformed cookies to the cloud application; and, if the cookies are not present, forwarding the request to the cloud application by the proxy server for authentication and transforming the cookies subsequent to the authentication prior to sending the cookies to the user.
    Type: Grant
    Filed: July 31, 2014
    Date of Patent: May 16, 2017
    Assignee: Zscaler, Inc.
    Inventors: Tejus Gangadharappa, Sivaprasad Udupa, Dhawal Sharma, Sridhar Narasimhan, Manoj Apte
  • Patent number: 9531758
    Abstract: A cloud-based secure Web gateway, a cloud-based secure Web method, and a network deliver a secure Web gateway (SWG) as a cloud-based service to organizations and provide dynamic user identification and policy enforcement therein. As a cloud-based service, the SWG systems and methods provide scalability and capability of accommodating multiple organizations therein with proper isolation therebetween. There are two basic requirements for the cloud-based SWG: (i) Having some means of forwarding traffic from the organization or its users to the SWG nodes, and (ii) Being able to authenticate the organization and users for policy enforcement and access logging. The SWG systems and methods dynamically associate traffic to users regardless of the source (device, location, encryption, application type, etc.), and once traffic is tagged to a user/organization, various polices can be enforced and audit logs of user access can be maintained.
    Type: Grant
    Filed: May 14, 2015
    Date of Patent: December 27, 2016
    Assignee: Zscaler, Inc.
    Inventors: Srikanth Devarajan, Sridhar Narasimhan, Amit Sinha, Manoj Apte
  • Publication number: 20160261564
    Abstract: A virtual private access method implemented by a cloud system, includes receiving a request to access resources from a user device, wherein the resources are located in one of a public cloud and an enterprise network and the user device is remote therefrom on the Internet; forwarding the request to a central authority for a policy look up and for a determination of connection information to make an associated secure connection through the cloud system to the resources; receiving the connection information from the central authority responsive to an authorized policy look up; and creating secure tunnels between the user device and the resources based on the connection information.
    Type: Application
    Filed: May 18, 2016
    Publication date: September 8, 2016
    Applicant: Zscaler, Inc.
    Inventors: Patrick FOXHOVEN, John A. CHANAK, William FEHRING, Denzil WESSELS, Purvi DESAI, Manoj APTE, Sudhindra P. HERLE
  • Publication number: 20160036855
    Abstract: A cloud-based method, a system, and a cloud-based security system include receiving a request from a user for a cloud application at a proxy server; determining whether the user is authenticated based on a presence of cookies in the request; if the cookies are present, un-transforming the cookies by the proxy server and forwarding the request with the un-transformed cookies to the cloud application; and, if the cookies are not present, forwarding the request to the cloud application by the proxy server for authentication and transforming the cookies subsequent to the authentication prior to sending the cookies to the user.
    Type: Application
    Filed: July 31, 2014
    Publication date: February 4, 2016
    Applicant: Zscaler, Inc.
    Inventors: Tejus GANGADHARAPPA, Sivaprasad UDUPA, Dhawal SHARMA, Sridhar NARASIMHAN, Manoj APTE
  • Publication number: 20150326613
    Abstract: A cloud-based secure Web gateway, a cloud-based secure Web method, and a network deliver a secure Web gateway (SWG) as a cloud-based service to organizations and provide dynamic user identification and policy enforcement therein. As a cloud-based service, the SWG systems and methods provide scalability and capability of accommodating multiple organizations therein with proper isolation therebetween. There are two basic requirements for the cloud-based SWG: (i) Having some means of forwarding traffic from the organization or its users to the SWG nodes, and (ii) Being able to authenticate the organization and users for policy enforcement and access logging. The SWG systems and methods dynamically associate traffic to users regardless of the source (device, location, encryption, application type, etc.), and once traffic is tagged to a user/organization, various polices can be enforced and audit logs of user access can be maintained.
    Type: Application
    Filed: May 14, 2015
    Publication date: November 12, 2015
    Applicant: ZSCALER, INC.
    Inventors: Srikanth Devarajan, Sridhar Narasimhan, Amit Sinha, Manoj Apte
  • Patent number: 9118689
    Abstract: A cloud based security method and processing node includes monitoring data traffic between a user and an external network, wherein the monitoring is performed by a processing node comprising a first server in a cloud based system, detecting a security incident, if an archiving rule exists based on the security incident, providing a notification to a second server within an organization's domain, wherein the user is part of the organization, and wherein the notification includes private data associated with the security incident based on the archiving rule, and storing non-private data in the cloud based system based on the archiving rule.
    Type: Grant
    Filed: April 13, 2012
    Date of Patent: August 25, 2015
    Assignee: Zscaler, Inc.
    Inventors: Manoj Apte, Sridhar Narasimhan, Purvi Desai
  • Patent number: 9065800
    Abstract: A cloud-based secure Web gateway, a cloud-based secure Web method, and a network deliver a secure Web gateway (SWG) as a cloud-based service to organizations and provide dynamic user identification and policy enforcement therein. As a cloud-based service, the SWG systems and methods provide scalability and capability of accommodating multiple organizations therein with proper isolation therebetween. There are two basic requirements for the cloud-based SWG: (i) Having some means of forwarding traffic from the organization or its users to the SWG nodes, and (ii) Being able to authenticate the organization and users for policy enforcement and access logging. The SWG systems and methods dynamically associate traffic to users regardless of the source (device, location, encryption, application type, etc.), and once traffic is tagged to a user/organization, various polices can be enforced and audit logs of user access can be maintained.
    Type: Grant
    Filed: December 27, 2012
    Date of Patent: June 23, 2015
    Assignee: Zscaler, Inc.
    Inventors: Srikanth Devarajan, Sridhar Narasimhan, Amit Sinha, Manoj Apte
  • Publication number: 20150163199
    Abstract: Systems and methods of integrating log data from a cloud system with an internal management system are described, wherein the cloud system is located externally from a secure network which contains the internal management system. The systems and methods include receiving log data from a cloud system through a secure connection between the secure network and the cloud system; buffering the received log data; filtering the buffered, received log data; and transmitting the filtered, buffered, received log data to the internal management system in a format associated with the internal management system.
    Type: Application
    Filed: January 15, 2015
    Publication date: June 11, 2015
    Applicant: Zscaler, Inc.
    Inventors: Kailash Kailash, Chakkaravarthy Periyasamy Balaiah, Sushil Pangeni, Amit Sinha, Samuel John Crank, Manoj Apte, Sridhar Narasimhan
  • Patent number: 8955091
    Abstract: A system includes an enterprise network including an internal management system communicatively coupled thereon, the enterprise network includes security and the internal management system is disposed behind the security; a cloud system external to the enterprise network and communicatively coupled to the enterprise network, at least one user associated with the enterprise network is configured to communicate through the cloud system for cloud-based services, and the cloud system is configured to log data associated with the at least one user for the cloud-based services; and an external service bridge located in the enterprise network behind the security, the external service bridge is configured to securely communicate with the cloud system to receive the log data and to communicate with the internal management system to provide the log data thereto.
    Type: Grant
    Filed: April 30, 2012
    Date of Patent: February 10, 2015
    Assignee: Zscaler, Inc.
    Inventors: Kailash Kailash, Chakkaravarthy Periyasamy Balaiah, Sushil Pangeni, Amit Sinha, Samuel John Crank, Manoj Apte, Sridhar Narasimhan
  • Publication number: 20140026179
    Abstract: A cloud-based secure Web gateway, a cloud-based secure Web method, and a network deliver a secure Web gateway (SWG) as a cloud-based service to organizations and provide dynamic user identification and policy enforcement therein. As a cloud-based service, the SWG systems and methods provide scalability and capability of accommodating multiple organizations therein with proper isolation therebetween. There are two basic requirements for the cloud-based SWG: (i) Having some means of forwarding traffic from the organization or its users to the SWG nodes, and (ii) Being able to authenticate the organization and users for policy enforcement and access logging. The SWG systems and methods dynamically associate traffic to users regardless of the source (device, location, encryption, application type, etc.), and once traffic is tagged to a user/organization, various polices can be enforced and audit logs of user access can be maintained.
    Type: Application
    Filed: December 27, 2012
    Publication date: January 23, 2014
    Inventors: Srikanth Devarajan, Sridhar Narasimhan, Amit Sinha, Manoj Apte
  • Publication number: 20130291087
    Abstract: A system includes an enterprise network including an internal management system communicatively coupled thereon, the enterprise network includes security and the internal management system is disposed behind the security; a cloud system external to the enterprise network and communicatively coupled to the enterprise network, at least one user associated with the enterprise network is configured to communicate through the cloud system for cloud-based services, and the cloud system is configured to log data associated with the at least one user for the cloud-based services; and an external service bridge located in the enterprise network behind the security, the external service bridge is configured to securely communicate with the cloud system to receive the log data and to communicate with the internal management system to provide the log data thereto.
    Type: Application
    Filed: April 30, 2012
    Publication date: October 31, 2013
    Applicant: ZSCALER, INC.
    Inventors: Kailash KAILASH, Chakkaravarthy Periyasamy BALAIAH, Sushil PANGENI, Amit SINHA, Samuel John CRANK, Manoj APTE, Sridhar NARASIMHAN
  • Patent number: 8537676
    Abstract: A network device may limit the rate at which control messages are forwarded to a destination device when forwarding traffic pursuant to dynamic flow capture (DFC). In one implementation, a system may receive filtering criteria associated with DFC of network traffic and passively filter incoming traffic based on the filtering criteria to obtain traffic that matches the filtering criteria. The system may transmit a rate limited version of control messages associated with the filtered traffic to a control device.
    Type: Grant
    Filed: July 9, 2007
    Date of Patent: September 17, 2013
    Assignee: Juniper Networks, Inc.
    Inventors: Manoj Apte, Senthil Kumar Duraiswamy
  • Patent number: 8483048
    Abstract: State information is synchronized between a plurality of routing engines in a multi-chassis router according to a synchronization gradient. An example multi-chassis router is described that includes a primary routing engine and a standby routing engine in each chassis. According to the synchronization gradient, the primary routing engine of a control node updates state information on the standby routing engine of the control node prior to updating the primary routing engines of the other chassis. The primary routing engines of the other chassis update state information in respective standby routing engines prior to updating state information in consumers. If a primary routing engine fails, the corresponding standby routing engine assumes control of the primary routing engine's duties. Upon assuming control, a standby routing engine resumes updating state information without having to resend state information or interrupt packet forwarding.
    Type: Grant
    Filed: September 23, 2010
    Date of Patent: July 9, 2013
    Assignee: Juniper Networks, Inc.
    Inventors: Raj Tuplur, Bharani Chadalavada, Manoj Apte, Rajagopalan Sivaramakrishnan, Sriram Raghunathan, Umesh Krishnaswamy
  • Patent number: 8037175
    Abstract: A network device comprises a service card (e.g., a dynamic flow capture (DFC) service card) executing a communication protocol to receive, from one or more control sources, flow capture information specifying at least one destination and criteria for matching one or more packet flows. The network device includes a network interface card to receive a packet from a network, a packet replication module to replicate the packet, and a control unit to provide the replicated packet from the interface card to the DFC service card. The network device includes a filter cache that caches flow capture information recently received from the CSs. The network device may provide real-time intercept and relaying of specified network-based communications. Moreover, the techniques described herein allow CSs to tap packet flows with little delay after specifying flow capture information, e.g., within 50 milliseconds, even under high-volume networks.
    Type: Grant
    Filed: June 24, 2010
    Date of Patent: October 11, 2011
    Assignee: Juniper Networks, Inc.
    Inventors: Manoj Apte, Sandeep Jain, Fritz Budiyanto, Senthil Kumar Duraiswamy, Saravanan Deenadayalan, Yulianto Kokasih Ko
  • Patent number: 8031715
    Abstract: A network device comprises a service card (e.g., a dynamic flow capture (DFC) service card) executing a communication protocol to receive, from one or more control sources, flow capture information specifying at least one destination and criteria for matching one or more packet flows. The network device includes a network interface card to receive a packet from a network, a packet replication module to replicate the packet, and a control unit to provide the replicated packet from the interface card to the DFC service card. The network device includes a filter cache that caches flow capture information recently received from the control sources. The network device may provide real-time intercept and relaying of specified network-based communications. Moreover, the techniques described herein allow control sources to tap packet flows with little delay after specifying flow capture information, e.g., within 50 milliseconds, even under high-volume networks.
    Type: Grant
    Filed: December 14, 2009
    Date of Patent: October 4, 2011
    Assignee: Juniper Networks, Inc.
    Inventors: Szelap Philip Chang, Manoj Apte, Saravanan Deenadayalan