Patents by Inventor Sanjay Sawhney
Sanjay Sawhney has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20130110784Abstract: Containers that store data objects that were written to those containers during a particular backup are accessed. Then, a subset of the containers is identified; the containers in the subset have less than a threshold number of data objects associated with the particular backup. Data objects that are in containers in that subset and that are associated with the backup are copied to one or more other containers. Those other containers are subsequently used to restore data objects associated with the backup.Type: ApplicationFiled: October 31, 2011Publication date: May 2, 2013Applicant: SYMANTEC CORPORATIONInventors: Fanglu Guo, Petros Efstathopoulos, Xianbo Zhang, Sanjay Sawhney, Weibao Wu
-
Patent number: 8429745Abstract: A computer-implemented method for data loss prevention on mobile computing systems may include (1) identifying a mobile computing system configured to execute only one application at a time as a foreground application, (2) determining that the mobile computing system has begun executing a sensitive application as the foreground application, (3) identifying a first enumeration of screenshots stored on the mobile computing system when the mobile computing system began executing the sensitive application as the foreground application, (4) identifying a second enumeration of screenshots stored on the mobile computing system, (5) determining that at least one new screenshot was taken on the mobile computing system while the sensitive application was the foreground application by detecting a difference between the first enumeration and the second enumeration, and (6) performing a security action upon detecting the difference. Various other methods, systems, and computer-readable media are also disclosed.Type: GrantFiled: September 23, 2011Date of Patent: April 23, 2013Assignee: Symantec CorporationInventors: Jim Casaburi, Kent Griffin, Susanta Nanda, Sanjay Sawhney, Matthew Conover
-
Patent number: 8387046Abstract: A system and method for efficient security protocols in a virtualized datacenter environment are contemplated. In one embodiment, a system is provided comprising a hypervisor coupled to one or more protected virtual machines (VMs) and a security VM. Within a private communication channel, a split kernel loader provides an end-to-end communication between a paravirtualized security device driver, or symbiont, and the security VM. The symbiont monitors kernel-level activities of a corresponding guest OS, and conveys kernel-level metadata to the security VM via the private communication channel. Therefore, the well-known semantic gap problem is solved. The security VM is able to read all of the memory of a protected VM, detect locations of memory compromised by a malicious rootkit, and remediate any detected problems.Type: GrantFiled: March 26, 2009Date of Patent: February 26, 2013Assignee: Symantec CorporationInventors: Bruce Montague, Sanjay Sawhney, Matthew Conover, Tzi-cker Chiueh
-
Patent number: 8370312Abstract: A computer-implemented method for using cloud-based storage to optimize data-storage operations may include: 1) receiving a request from a client device for instructions or directions for storing a data object, 2) accessing a data-placement policy that contains criteria for identifying storage systems suitable for storing the data object, 3) identifying, based at least in part on the data-placement policy, a plurality of storage systems for storing the data object, at least one of the storage systems including a third-party Internet-based storage system, and then 4) directing the client device to store the data object on the identified storage systems.Type: GrantFiled: September 15, 2009Date of Patent: February 5, 2013Assignee: Symantec CorporationInventors: Sanjay Sawhney, Hemant Puri, Hans Van Rietschote
-
Patent number: 8195688Abstract: A system and method for storing a data object in a single-instance storage system are described. The data object may be deconstructed into a template and one or more values. If the template is not already stored in the single-instance storage system then it may be stored. Otherwise an existing copy of the template may be referenced. Similarly, existing copies of the values may be referenced if they are already present, or otherwise the values may be stored. Reconstruction information useable to reconstruct the data object may also be stored. The reconstruction information may reference the template and the one or more values stored in the single-instance storage system.Type: GrantFiled: August 21, 2009Date of Patent: June 5, 2012Assignee: Symantec Operating CorporationInventors: Sanjay Sawhney, Weibao Wu
-
Patent number: 8111154Abstract: A computer-implemented method for monitoring a mobile-computing device using geo-location information is disclosed. The method may include a learning phase. During the learning phase, a user may be located within a first range of physical locations during a recurring time period. The method may include generating a location profile for a mobile-computing device of the user and receiving a device-monitoring policy for the mobile-computing device from an administrator. The location profile may correlate the first range of physical locations with the recurring time period. The method may further include detecting, after the learning phase, that the mobile-computing device is outside the first range of physical locations during a first instance of the recurring time period. The method may also include implementing the device-monitoring policy after detecting that the mobile-computing device is outside the first range of physical locations during the first instance of the recurring time period.Type: GrantFiled: September 14, 2009Date of Patent: February 7, 2012Assignee: Symantec CorporationInventors: Hemant Puri, Anand Kashyap, Sanjay Sawhney
-
Publication number: 20110225624Abstract: A computer-implemented method for providing network access control in virtual environments. The method may include: 1) injecting a transient security agent into a virtual machine that is running on a host machine; 2) receiving, from the transient security agent, an indication of whether the virtual machine complies with one or more network access control policies; and 3) controlling network access of the virtual machine based on the indication of whether the virtual machine complies with the one or more network access control policies. Various other methods, systems, and computer-readable media are also disclosed herein.Type: ApplicationFiled: March 15, 2010Publication date: September 15, 2011Applicant: Symantec CorporationInventors: Sanjay Sawhney, Matthew Conover, Bruce Montague
-
Publication number: 20090119752Abstract: A method processing one or more files using a security application. The method includes a method processing one or more files using a security application. The method includes connecting the client to a proxy server, which is coupled to one or more NAS servers. The method includes requesting for a file from a client to the proxy server and authenticating a requesting user of the client. The method also includes authorizing the requesting user for the file requested; requesting for the file from the one or more NAS servers after authenticating and authorizing; and requesting for the file from the one or more storage elements. The file is transferred from the one or more storage elements through the NAS server to the proxy server. The method determines header information on the file at the proxy server and identifies a policy based upon the header information at the proxy server. The method also includes processing (e.g.Type: ApplicationFiled: November 29, 2007Publication date: May 7, 2009Applicant: NeoScale Systems, Inc.Inventors: Ganesan Chandrashekhar, Sanjay Sawhney, Hemant Puri, Aseem Vaid, Dharmesh Shah
-
Publication number: 20050080761Abstract: An apparatus for security applications, e.g., encryption. The apparatus has an interface (e.g., MAC) coupled to a fiber channel. The interface is adapted to receive a frame from the fiber channel. The apparatus also has a classifier coupled to the interface, which is adapted to determine an information type associated with the frame. The type is selected from at least an initiator, data, or terminator. The classifier is adapted to determine header information associated with the frame. A content addressable memory is coupled to the classifier.Type: ApplicationFiled: October 14, 2003Publication date: April 14, 2005Applicant: NeoScale SystemsInventors: Kumar Sundararajan, Upendra Mardikar, Richard Moeller, Soummya Mallick, Rainer Enders, Sanjay Sawhney
-
Publication number: 20050041812Abstract: A system (and methods) for performing a service operation on a Fibre Channel or other like channels. The system has an interface coupled to a Fibre Channel. A classifier is coupled to the interface. The classifier is adapted to receive an initiator frame from the interface. The classifier is adapted to determine header information from the initiator frame and is also adapted to determine source information, destination information, and exchange information from the header information. A flow content addressable memory is coupled to the classifier. The flow content addressable memory is configured to store one or more header information. Each of the one or more header information is associated with a state. The system has a rule content addressable memory coupled to the classifier. The rule content addressable memory is configured to store one of a plurality of policies. A processing module is coupled to the classifier.Type: ApplicationFiled: October 17, 2003Publication date: February 24, 2005Applicant: NeoScale Systems, Inc.Inventors: Kumar Sundararajan, Dharmesh Shah, Sanjay Sawhney, Atul Pandit, Aseem Vaid, Richard Moeller
-
Publication number: 20050033988Abstract: A method processing one or more files using a security application. The method includes a method processing one or more files using a security application. The method includes connecting the client to a proxy server, which is coupled to one or more NAS servers. The method includes requesting for a file from a client to the proxy server and authenticating a requesting user of the client. The method also includes authorizing the requesting user for the file requested; requesting for the file from the one or more NAS servers after authenticating and authorizing; and requesting for the file from the one or more storage elements. The file is transferred from the one or more storage elements through the NAS server to the proxy server. The method determines header information on the file at the proxy server and identifies a policy based upon the header information at the proxy server. The method also includes processing (e.g.Type: ApplicationFiled: October 17, 2003Publication date: February 10, 2005Applicant: NeoScale Systems, Inc.Inventors: Ganesan Chandrashekhar, Sanjay Sawhney, Hemant Puri, Aseem Vaid, Dharmesh Shah
-
Patent number: 6341309Abstract: A novel system for a network of computers to improve quality of services using a combination of a bandwidth mangement tool in a firewall. The present system includes, among other elements, a plurality of computers, which are each coupled to each other to form an internal network of computers (e.g., local area network or LAN). The system also includes a server, which has a memory sufficient to store a firewall program. The server is coupled to at least one of the plurality of computers, where the server is also coupled to an outgoing line to a wide area network of computers, which can be, for example, the Intenet. A bandwidth management tool is coupled to or stored in the server, where the bandwidth management tool is capable of monitoring incoming and outgoing information to and from the server.Type: GrantFiled: December 24, 1997Date of Patent: January 22, 2002Assignee: Novell, Inc.Inventors: Aseem Vaid, Sanjay Sawhney
-
Patent number: 6243815Abstract: A method for reconfiguring network security devices coupled to a network directory services server, the network directory services server providing network directory services to the network security devices, includes the steps of storing configuration data for a first network security device at a pre-determined directory location, copying the configuration data from the predetermined directory location to a directory used by the first network security device using the network directory services in response to a first reconfigure request, and updating configuration of the first network security device according to the configuration data in the directory used by the first network security device.Type: GrantFiled: December 24, 1997Date of Patent: June 5, 2001Inventors: Anand K. Antur, Sanjay Sawhney, Hemant Puri, Naveen S. Bisht
-
Patent number: 6212558Abstract: A method for configuring a plurality of network security devices, includes the steps of providing a network directory services server providing network directory services to a plurality of network servers, each of the plurality of network servers coupled to one of the plurality of network security devices, implementing a security policy for the plurality of network security devices on the network directory services server, and using the network directory services to provide configuration information for the plurality of network security devices, in response to the security policy.Type: GrantFiled: December 24, 1997Date of Patent: April 3, 2001Inventors: Anand K. Antur, Sanjay Sawhney, Hemant Puri, Naveen S. Bisht
-
Patent number: 6119235Abstract: A method for managing quality of service in a firewall server (110), the firewall server (11) coupling a data source to a data receiver, includes the steps of estimating a bit rate over a round-trip-time between the data source and the data receiver, receiving a receive acknowlegment signal from the data receiver, thereafter delaying transmission of a receive acknowlegment signal when the bit rate is greater than a bit rate limit, and transmitting the receive acknowlegment signal to the data source when the bit rate is not greater than the bitType: GrantFiled: December 24, 1997Date of Patent: September 12, 2000Assignee: Ukiah Software, Inc.Inventors: Aseem Vaid, Sanjay Sawhney
-
Patent number: 6047322Abstract: A novel method for a network of computers to improve quality of services using a combination of a bandwidth management tool in a firewall. The method includes the steps of providing a network directory services server providing network directory services to a plurality of network servers, each of the plurality of network servers coupled to one of the plurality of network quality of service devices, implementing a quality of service policy for the plurality of network quality of service devices on the network directory services server, and using the network directory services to provide configuration information for the plurality of network quality of service devices, in response to the quality of service policy.Type: GrantFiled: December 29, 1997Date of Patent: April 4, 2000Assignee: Ukiah Software, Inc.Inventors: Aseem Vaid, Sanjay Sawhney, Anand K. Antur, Naveen S. Bisht