Patents by Inventor Ronald Wai Lun Szeto
Ronald Wai Lun Szeto has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 9961135Abstract: A method, system, and computer program product for balancing servers based on server load status, include: receiving from a server a service response to a service request, the service response including a result from a processing of the service request and a server status indicating a computing load status of the server; obtaining the server status from the service response; receiving a next service request from a host, the next service request comprising a Uniform Resource Locator (URL); determining that the server is configured to process the URL; determining whether the server status indicates that the server is available to process the next service request; and in response to determining that the server status indicates that the server is available to process the next service request, sending the next service request to the server.Type: GrantFiled: December 1, 2015Date of Patent: May 1, 2018Assignee: A10 NETWORKS, INC.Inventors: Lalgudi Narayanan Kannan, Ronald Wai Lun Szeto, Lee Chen, Feilong Xu, Rajkumar Jalan
-
Patent number: 9906591Abstract: The processing of data packets sent over a communication session between a host and a server by a service gateway includes processing a data packet using a current hybrid-stateful or hybrid-stateless processing method. The processing then checks whether a hybrid-stateless or hybrid-stateful condition is satisfied. When one of the sets of conditions is satisfied, the process includes changing from a hybrid-stateful to a hybrid-stateless processing method, or vice versa, for a subsequently received data packet. If the conditions are not satisfied, the process continues as originally structured.Type: GrantFiled: February 4, 2016Date of Patent: February 27, 2018Assignee: A10 NETWORKS, INC.Inventors: Rajkumar Jalan, Feilong Xu, Lalgudi Narayanan Kannan, Ronald Wai Lun Szeto
-
Publication number: 20180054459Abstract: Network access control systems and methods are provided herein. A method includes receiving at a network device a SYN packet from a client device over a network, determining if the client device is a trusted source for the network using the SYN packet, if the client device is a trusted resource, receiving an acknowledgement (ACK) packet from the client device that includes identifying information for the client device plus an additional value, and identifying information for the network device, and establishing a connection with the network for the client device.Type: ApplicationFiled: October 31, 2017Publication date: February 22, 2018Inventors: Rajkumar Jalan, Ronald Wai Lun Szeto, Steven Wu
-
Publication number: 20180034848Abstract: Provided are methods and systems for mitigating a denial of service attack. A system for mitigating a denial of service attack may include a network module, a storage module, and a processor module. The network module may be operable to receive a request from a network device to establish a data connection between the network device and a server based on a determination that the network device is trusted. The storage module may be operable to store a whitelist associated with a plurality of trusted network devices. The processor module may be operable to determine that the network device is trusted. Based on the determination, the processor module may associate the network device with the whitelist for a predetermined period of time.Type: ApplicationFiled: July 26, 2016Publication date: February 1, 2018Inventors: Rajkumar Jalan, Gurudeep Kamat, Ronald Wai Lun Szeto
-
Publication number: 20180019931Abstract: Methods and systems are provided for automatically capturing network data for a detected anomaly. In some examples, a network node establishes a baseline usage by applying at least one baselining rule to network traffic to generate baseline statistics, detects an anomaly usage by applying at least one anomaly rule to network traffic and generating an anomaly event, and captures network data according to an anomaly event by triggering at least one capturing rule to be applied to network traffic when an associated anomaly event is generated.Type: ApplicationFiled: July 15, 2016Publication date: January 18, 2018Inventors: Rajkumar Jalan, Ronald Wai Lun Szeto, Rishi Sampat, Julia Lin
-
Patent number: 9838425Abstract: Network access control systems and methods are provided herein. A method includes receiving at a network device a SYN packet from a client device over a network, determining if the client device is a trusted source for the network using the SYN packet, if the client device is a trusted resource, receiving an acknowledgement (ACK) packet from the client device that includes identifying information for the client device plus an additional value, and identifying information for the network device, and establishing a connection with the network for the client device.Type: GrantFiled: April 24, 2014Date of Patent: December 5, 2017Assignee: A10 NETWORKS, INC.Inventors: Rajkumar Jalan, Ronald Wai Lun Szeto, Steven Wu
-
Publication number: 20170187793Abstract: A service gateway processes a service request received from a host based on a dynamic service response time of a server. In an exemplary embodiment, the service gateway relays a service request to a server over a service session between the service gateway and the server; receives a service response from the server; calculates a dynamic service processing time for the service request from a service request time and a service response time; compares the dynamic service processing time with an expected service processing time; updates a server busy indicator for the server in response to the comparing, where the server busy indicator is maintained at the service gateway; and processes future service requests in accordance with the server busy indicator at the service gateway.Type: ApplicationFiled: March 15, 2017Publication date: June 29, 2017Inventors: Rajkumar Jalan, Ronald Wai Lun Szeto, Feilong Xu
-
Patent number: 9609052Abstract: A service gateway processes a service request received from a host by: relaying the service request from the service gateway to a server over a service session between the service gateway and the server; determining a service request time for the service session; receiving by the service gateway a service response from the server; determining by the service gateway a service response time; calculating by the service gateway a service processing time for the service request from the service request time and the service response time; comparing the service processing time with an expected service processing time; and updating a server busy indicator for the server in response to the comparing. If the service processing time exceeds the expected service processing time, the server busy indicator is updated to indicate that the server is busy. Otherwise, the server busy indicator is updated to indicate that the server is not busy.Type: GrantFiled: December 2, 2010Date of Patent: March 28, 2017Assignee: A10 Networks, Inc.Inventors: Rajkumar Jalan, Ronald Wai Lun Szeto, Feilong Xu
-
Publication number: 20160156708Abstract: The processing of data packets sent over a communication session between a host and a server by a service gateway includes processing a data packet using a current hybrid-stateful or hybrid-stateless processing method. The processing then checks whether a hybrid-stateless or hybrid-stateful condition is satisfied. When one of the sets of conditions is satisfied, the process includes changing from a hybrid-stateful to a hybrid-stateless processing method, or vice versa, for a subsequently received data packet. If the conditions are not satisfied, the process continues as originally structured.Type: ApplicationFiled: February 4, 2016Publication date: June 2, 2016Inventors: Rajkumar Jalan, Feilong Xu, Lalgudi Narayanan Kannan, Ronald Wai Lun Szeto
-
Patent number: 9344456Abstract: A system and method for a distributed multi-processing security gateway establishes a host side session, selects a proxy network address for a server, uses the proxy network address to establish a server side session, receives a data packet, assigns a central processing unit core from a plurality of central processing unit cores in a multi-core processor of the security gateway to process the data packet, processes the data packet according to security policies, and sends the processed data packet. The proxy network address is selected such that a same central processing unit core is assigned to process data packets from the server side session and the host side session. By assigning central processing unit cores in this manner, higher capable security gateways are provided.Type: GrantFiled: December 15, 2014Date of Patent: May 17, 2016Assignee: A10 Networks, Inc.Inventors: Lee Chen, Ronald Wai Lun Szeto
-
Publication number: 20160088074Abstract: A method, system, and computer program product for balancing servers based on server load status, include: receiving from a server a service response to a service request, the service response including a result from a processing of the service request and a server status indicating a computing load status of the server; obtaining the server status from the service response; receiving a next service request from a host, the next service request comprising a Uniform Resource Locator (URL); determining that the server is configured to process the URL; determining whether the server status indicates that the server is available to process the next service request; and in response to determining that the server status indicates that the server is available to process the next service request, sending the next service request to the server.Type: ApplicationFiled: December 1, 2015Publication date: March 24, 2016Inventors: Lalgudi Narayanan Kannan, Ronald Wai Lun Szeto, Lee Chen, Feilong Xu, Rajkumar Jalan
-
Publication number: 20160065619Abstract: A system and method for a distributed multi-processing security gateway establishes a host side session, selects a proxy network address for a server, uses the proxy network address to establish a server side session, receives a data packet, assigns a central processing unit core from a plurality of central processing unit cores in a multi-core processor of the security gateway to process the data packet, processes the data packet according to security policies, and sends the processed data packet. The proxy network address is selected such that a same central processing unit core is assigned to process data packets from the server side session and the host side session. By assigning central processing unit cores in this manner, higher capable security gateways are provided.Type: ApplicationFiled: December 15, 2014Publication date: March 3, 2016Inventors: Lee Chen, Ronald Wai Lun Szeto
-
Patent number: 9270774Abstract: The processing of data packets sent over a communication session between a host and a server by a service gateway includes processing a data packet using a current hybrid-stateful or hybrid-stateless processing method. The processing then checks whether a hybrid-stateless or hybrid-stateful condition is satisfied. When one of the sets of conditions is satisfied, the process includes changing from a hybrid-stateful to a hybrid-stateless processing method, or vice versa, for a subsequently received data packet. If the conditions are not satisfied, the process continues as originally structured.Type: GrantFiled: October 21, 2014Date of Patent: February 23, 2016Assignee: A10 Networks, Inc.Inventors: Rajkumar Jalan, Feilong Xu, Lalgudi Narayanan Kannan, Ronald Wai Lun Szeto
-
Patent number: 9258332Abstract: A system and method for a distributed multi-processing security gateway establishes a host side session, selects a proxy network address for a server, uses the proxy network address to establish a server side session, receives a data packet, assigns a central processing unit core from a plurality of central processing unit cores in a multi-core processor of the security gateway to process the data packet, processes the data packet according to security policies, and sends the processed data packet. The proxy network address is selected such that a same central processing unit core is assigned to process data packets from the server side session and the host side session. By assigning central processing unit cores in this manner, higher capable security gateways are provided.Type: GrantFiled: October 23, 2014Date of Patent: February 9, 2016Assignee: A10 Networks, Inc.Inventors: Lee Chen, Ronald Wai Lun Szeto
-
Patent number: 9215275Abstract: A method, system, and computer program product for balancing servers based on server load status, include: receiving from a server a service response to a service request, the service response including a result from a processing of the service request and a server status indicating a computing load status of the server; obtaining the server status from the service response; receiving a next service request from a host, the next service request comprising a Uniform Resource Locator (URL); determining that the server is configured to process the URL; determining whether the server status indicates that the server is available to process the next service request; and in response to determining that the server status indicates that the server is available to process the next service request, sending the next service request to the server.Type: GrantFiled: September 30, 2010Date of Patent: December 15, 2015Assignee: A10 Networks, Inc.Inventors: Lalgudi Narayanan Kannan, Ronald Wai Lun Szeto, Lee Chen, Feilong Xu, Rajkumar Jalan
-
Patent number: 9124550Abstract: Systems and methods for a distributed multi-processing security gateway establishes a host side session, selects a proxy network address for a server based on network information, and using the proxy network address to establish a server side session. The proxy network address is selected such that a same processing element is assigned to process data packets from the server side session and the host side session. The network information includes a security gateway network address and a host network address. By assigning processing elements in this manner, higher capable security gateways are provided.Type: GrantFiled: March 17, 2015Date of Patent: September 1, 2015Assignee: A10 Networks, Inc.Inventors: Lee Chen, Ronald Wai Lun Szeto
-
Patent number: 9032502Abstract: A system and method for a distributed multi-processing security gateway establishes a host side session, selects a proxy network address for a server based on network information, and using the proxy network address to establish a server side session. The proxy network address is selected such that a same processing element is assigned to process data packets from the server side session and the host side session. The network information includes a security gateway network address and a host network address. By assigning processing elements in this manner, higher capable security gateways are provided.Type: GrantFiled: October 2, 2013Date of Patent: May 12, 2015Assignee: A10 Networks, Inc.Inventors: Lee Chen, Ronald Wai Lun Szeto
-
Publication number: 20150047012Abstract: A system and method for a distributed multi-processing security gateway establishes a host side session, selects a proxy network address for a server, uses the proxy network address to establish a server side session, receives a data packet, assigns a central processing unit core from a plurality of central processing unit cores in a multi-core processor of the security gateway to process the data packet, processes the data packet according to security policies, and sends the processed data packet. The proxy network address is selected such that a same central processing unit core is assigned to process data packets from the server side session and the host side session. By assigning central processing unit cores in this manner, higher capable security gateways are provided.Type: ApplicationFiled: October 23, 2014Publication date: February 12, 2015Inventors: Lee Chen, Ronald Wai Lun Szeto
-
Publication number: 20150039671Abstract: The processing of data packets sent over a communication session between a host and a server by a service gateway includes processing a data packet using a current hybrid-stateful or hybrid-stateless processing method. The processing then checks whether a hybrid-stateless or hybrid-stateful condition is satisfied. When one of the sets of conditions is satisfied, the process includes changing from a hybrid-stateful to a hybrid-stateless processing method, or vice versa, for a subsequently received data packet. If the conditions are not satisfied, the process continues as originally structured.Type: ApplicationFiled: October 21, 2014Publication date: February 5, 2015Inventors: Rajkumar Jalan, Feilong Xu, Lalgudi Narayanan Kannan, Ronald Wai Lun Szeto
-
Patent number: 8943577Abstract: A system and method for a distributed multi-processing security gateway establishes a host side session, selects a proxy network address for a server, uses the proxy network address to establish a server side session, receives a data packet, assigns a central processing unit core from a plurality of central processing unit cores in a multi-core processor of the security gateway to process the data packet, processes the data packet according to security policies, and sends the processed data packet. The proxy network address is selected such that a same central processing unit core is assigned to process data packets from the server side session and the host side session. By assigning central processing unit cores in this manner, higher capable security gateways are provided.Type: GrantFiled: May 1, 2013Date of Patent: January 27, 2015Assignee: A10 Networks, Inc.Inventors: Lee Chen, Ronald Wai Lun Szeto