Abstract: A gateway performs silent authentication refreshes with an identity management platform in order to extend the expiration of a cookie provided to an endpoint that accesses network applications through the gateway.

Abstract: A gateway performs silent authentication refreshes with an identity management platform in order to extend the expiration of a cookie provided to an endpoint that accesses network applications through the gateway.

Abstract: In a cluster of network devices using a consensus protocol for cluster synchronization, a full software rollback is performed by backing up a cluster state on a primary instance for the cluster, and then restarting all devices at the same time from a prior partition. The primary instance can then start a cluster management service and other devices can join the cluster using the consensus state stored by the primary instance.

Abstract: In order to use zero trust network resources distributed across multiple gateways, an agent is deployed on an endpoint of an enterprise network. The agent maps requests for specific applications to corresponding gateways. The agent may also multiplex or otherwise aggregate communications among different network applications and gateways in order to provide seamless, transparent access to the distributed resources at a single endpoint, and/or within a single interface.

Abstract: A virtualized gateway for applications in a zero trust network access environment is managed from a cloud-based threat management facility for an enterprise network. In order to facilitate creation of a new, centrally managed gateway, a one-time passcode for registration of the gateway to the threat management facility is encoded onto a virtual disk and distributed to a host platform along with a base gateway image for the gateway. This advantageously permits the new gateway to boot and securely register with the threat management facility without further administrative intervention.

Abstract: Certain edge networking devices such as application gateways may report status to a cloud-based threat management platform using a persistent network connection between the gateway and the cloud platform. Where a cloud computing platform for an edge networking device or the treat management platform imposes periodic timeouts, the threat management platform may monitor connects and disconnects for edge devices and asynchronously evaluate connection status of edge devices independently of a heartbeat or other signal through the persistent connection in order to distinguish periodic timeouts imposed by the cloud computing platform from networking devices that are compromised or malfunctioning.

Abstract: A virtualized gateway for applications in a zero trust network access environment is managed from a cloud-based threat management facility for an enterprise network. In order to facilitate creation of a new, centrally managed gateway, a one-time passcode for registration of the gateway to the threat management facility is encoded onto a virtual disk and distributed to a host platform along with a base gateway image for the gateway. This advantageously permits the new gateway to boot and securely register with the threat management facility without further administrative intervention.

Abstract: Certain edge networking devices such as application gateways may report status to a cloud-based threat management platform using a persistent network connection between the gateway and the cloud platform. Where a cloud computing platform for an edge networking device or the treat management platform imposes periodic timeouts, the threat management platform may monitor connects and disconnects for edge devices and asynchronously evaluate connection status of edge devices independently of a heartbeat or other signal through the persistent connection in order to distinguish periodic timeouts imposed by the cloud computing platform from networking devices that are compromised or malfunctioning.

Abstract: An example profiler device includes one or more processors implemented in circuitry and configured to monitor network traffic entering and exiting the protected network zone; identify one or more endpoints that interface with the protected network zone; compare network traffic characteristics of network traffic associated with the endpoints to network traffic characteristics of known device types to determine device types corresponding to the endpoints; assign one or more network policies to the identified endpoints according to the determined device types; and distribute data representing the assigned network policies to a policy enforcement point (PEP) device to cause the PEP device to enforce the network policies on network traffic, associated with the identified endpoints, entering and exiting the protected network zone.

Abstract: An apparatus including a heat sink having two or more sections of parallel fins that define colinear channels is disclosed herein. The colinear channels are configured to direct flow of air or coolant across the heat sink and have wider channel widths closer to an inlet for the air or coolant and narrower widths closer to an outlet for the air or coolant.

Abstract: A virtualized gateway for applications in a zero trust network access environment is managed from a cloud-based threat management facility for an enterprise network. In order to facilitate creation of a new, centrally managed gateway, a one-time passcode for registration of the gateway to the threat management facility is encoded onto a virtual disk and distributed to a host platform along with a base gateway image for the gateway. This advantageously permits the new gateway to boot and securely register with the threat management facility without further administrative intervention.

Abstract: Certain edge networking devices such as application gateways may report status to a cloud-based threat management platform using a persistent network connection between the gateway and the cloud platform. Where a cloud computing platform for an edge networking device or the treat management platform imposes periodic timeouts, the threat management platform may monitor connects and disconnects for edge devices and asynchronously evaluate connection status of edge devices independently of a heartbeat or other signal through the persistent connection in order to distinguish periodic timeouts imposed by the cloud computing platform from networking devices that are compromised or malfunctioning.

Abstract: The invention relates to a method and system that implements a peer-to-peer transaction using a QR Code. The invention may be realized by a mobile device that comprises: a memory component that stores customer data; and a computer processor, coupled to the memory, programmed to: send a request for a QR Code for a transaction, wherein the request comprises an amount and a time period; responsive to the request, receive the QR Code on the mobile device; present the QR Code to a payer for the transaction; and receive a payment based on the QR Code, from the payer, where the payment is received in an account associated with the QR Code.

Abstract: A method, system and computer program product automate support for an Internet of Things (IoT) device by a trusted agent. The system includes a mobile wallet executed by a user device that effects execution of a financial transaction with a third party system for an IoT device. A device interface receives a unique identifier associated with the IoT device. A network interface accesses support information associated with the unique identifier of the IoT device. A secure storage used by the mobile wallet stores the unique identifier and support information. A support operation engine executes a support operation for the IoT device based on the unique identifier and support information in the secure storage accessed by the mobile wallet.

Abstract: A mobile device, computer program recording medium and method support surreptitious communication with a user via a mobile device via binary tactile inputs and outputs. A communication module of the mobile devices receives a first alphanumeric message that is converted to a first binary coded message that is rendered as first and second vibration outputs that are humanly distinguishable. A touch input component of one of a touch screen and a motion sensor detects a sequential pattern of user touches. Distinguished first and second tactile inputs in the sequential pattern identify a second binary coded message that is converted into a second alphanumeric message. First and second alphanumeric messages are comprised of a combination of characters selected from one or more of: (i) letters; (ii) numerals; and (iii) symbols.

Abstract: Cash grid techniques or systems are disclosed that provide a centralized tracking service for physical and digital currency. In operation, physical digital currency can be associated with, and otherwise tracked between, a mobile wallet and to the cash grid using unique ledger and communication systems and methodologies. A trusted bank or other entity can provide a machine which can convert physical cash to virtual cash. As part of the conversion from physical to digital currency, the identification (ID) (e.g., serial number) of the physical cash is transferred to and linked to the virtual (or digital) cash.

Abstract: An air intake control system can consist of an aero-acoustic assembly positioned within an enclosure. The aero-acoustic assembly may have an intake occupied by a plurality of louvers with each of the plurality of louvers configured to move between open and closed positions in response to airflow passing through the intake.

Abstract: A system includes an enclosure defining an air flow path having an input end and an output end. A plurality of devices are operatively supported by the enclosure and located proximate the air flow path, each of the devices having at least one operating parameter. A plurality of cooling fans are supported by the enclosure that are configured to cause air to propagate according to the air flow path from the input end to the output end. A plurality of temperature sensors supported by the enclosure are located at a plurality of locations that are proximate the air flow path. A controller is configured to adjust at least one fan speed of the plurality of cooling fans based on individual readings of the plurality of temperature sensors and according to the at least one operating parameter of each of the plurality of devices.

Abstract: An air intake control system can consist of an aero-acoustic assembly positioned within an enclosure. The aero-acoustic assembly may have an intake occupied by a plurality of louvers with each of the plurality of louvers configured to move between open and closed positions in response to airflow passing through the intake.

Abstract: The invention relates to a method and system that implements a peer-to-peer transaction using a QR Code. The invention may be realized by a mobile device that comprises: a memory component that stores customer data; and a computer processor, coupled to the memory, programmed to: send a request for a QR Code for a transaction, wherein the request comprises an amount and a time period; responsive to the request, receive the QR Code on the mobile device; present the QR Code to a payer for the transaction; and receive a payment based on the QR Code, from the payer, where the payment is received in an account associated with the QR Code.