Patents by Inventor PALO ALTO NETWORKS, INC.

PALO ALTO NETWORKS, INC. has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Publication number: 20140215562
    Abstract: A security device for processing network flows includes packet processing cards with packet processors formed thereon where each packet processing card stores local counter values for one or more events and a packet processing manager including global event counters to maintain event statistics for events in the security device. In one embodiment, the packet processing manager stores a copy of the local counter value of an event for each packet processor reporting the event in the counter memory and the global event counter provides a global counter sum value for the event by summing the copies of local counter values in the local memory. In another embodiment, the global counter sum is compared to a threshold value to put the event in a conforming state or non-conforming state. The packet processing manager sends a multicast message to the interested packet processors indicating an event has transitioned to a non-conforming state.
    Type: Application
    Filed: March 15, 2013
    Publication date: July 31, 2014
    Applicant: PALO ALTO NETWORKS, INC.
    Inventor: Palo Alto Networks, Inc.
  • Publication number: 20140215560
    Abstract: A security device for processing network flows is described, including: one or more packet processors configured to receive incoming data packets associated with network flows where a packet processor is assigned as an owner of network flows and each packet processor processes data packets associated with flows for which it is the assigned owner; and a packet processing manager configured to assign ownership of network flows to the packet processors where the packet processing manager includes a global flow table containing global flow table entries mapping network flows to packet processor ownership assignments and a predict flow table containing predict flow entries mapping predicted network flows to packet processor ownership assignments. A predict flow entry includes a predict key and associated packet processor ownership assignment. The predict key includes multiple data fields identifying a predicted network flow where one or more of the data fields have a wildcard value.
    Type: Application
    Filed: March 15, 2013
    Publication date: July 31, 2014
    Inventor: Palo Alto Networks, Inc.
  • Publication number: 20140215561
    Abstract: A security device for processing network flows includes one or more packet processors configured to receive incoming data packets associated with one or more network flows where a packet processor is assigned as an owner of one or more network flows and each packet processor processes data packets associated with flows for which it is the assigned owner; and a packet processing manager configured to assign ownership of network flows to the one or more packet processors where the packet processing manager includes a global flow table containing entries mapping network flows to packet processor ownership assignments. The packet processing manager informs a packet processor of an ownership assignment after one or more packets are received, and the one or more packet processors learns of ownership assignments of network flows from the packet processing manager.
    Type: Application
    Filed: March 15, 2013
    Publication date: July 31, 2014
    Inventor: Palo Alto Networks, Inc.
  • Publication number: 20130198348
    Abstract: Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for managing network devices. A central management system stores shared configuration objects in a central configuration database. A network device stores shared configuration objects and device-specific configuration objects in a local configuration database. The local configuration database's shared configuration objects correspond to shared configuration objects in the central configuration database. The network device can be configured locally or using the central management system.
    Type: Application
    Filed: February 5, 2013
    Publication date: August 1, 2013
    Applicant: PALO ALTO NETWORKS, INC.
    Inventor: PALO ALTO NETWORKS, INC.