Patents by Inventor Venkata Suresh Reddy Obulareddy
Venkata Suresh Reddy Obulareddy has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20240129297Abstract: A cloud computing platform provides zero trust network access as a service to a customer that maintains an application on-premises. In this context, the customer may be required to demonstrate ownership of a domain before the cloud computing platform will provide access to the on-premises application via the domain.Type: ApplicationFiled: December 28, 2022Publication date: April 18, 2024Inventors: Venkata Suresh Reddy Obulareddy, Prashil Rakeshkumar Gupta, Sanjeev Kumar Maheve
-
Publication number: 20240129298Abstract: A cloud computing platform provides zero trust network access as a service to customers that maintain applications on-premises, and a zero trust network access appliance at the customer premises that couples the on-premises applications to the cloud computing platform. In this context, the number of secure tunnels maintained for an application between the customer premises and the cloud computing platform may be dynamically managed to support variations in user demand for the application.Type: ApplicationFiled: December 28, 2022Publication date: April 18, 2024Inventors: Venkata Suresh Reddy Obulareddy, Nabil Semsu
-
Publication number: 20240129277Abstract: A cloud computing platform provides zero trust network access as a service to customers that maintain applications on-premises. In this context, the cloud computing platform may associate customers and/or applications with specific service proxies, and add an abstraction layer for network access that maps an alias domain for each customer and/or application to a network load balancer associated with the specific service proxies associated with the corresponding application(s). This approach advantageously simplifies the configuration of service proxies at the cloud computing platform by permitting dedicated relationships among network load balancers, specific service proxies, and specific applications, while concurrently reducing or avoiding the administrative burden on customers of updating network pointers when the clusters of service proxies are periodically reconfigured to adjust to varying user traffic.Type: ApplicationFiled: December 28, 2022Publication date: April 18, 2024Inventors: Robert Paul Andrews, Venkata Suresh Reddy Obulareddy, Harsha A R, Neha Parshottam Patel
-
Publication number: 20240129296Abstract: Infrastructure for zero trust network access (ZTNA) is deployed as a cloud-based service remotely from a customer premises where user applications are hosted. By connecting an appliance on the customer premises to the cloud-based service through a secure tunnel or the like, an application hosted on the customer premises can then be accessed externally as a ZTNA application without the customer premises opening a firewall to public networks or otherwise exposing potential attack surfaces to the customer premises.Type: ApplicationFiled: December 28, 2022Publication date: April 18, 2024Inventors: Robert Paul Andrews, Biju Ramachandra Kaimal, Venkata Suresh Reddy Obulareddy
-
Publication number: 20240129278Abstract: A cloud computing platform provides zero trust network access as a service to customers that maintain applications on-premises, and a zero trust network access appliance at the customer premises that couples the on-premises applications to the cloud computing platform. A customer may host multiple instances of the appliance in order to support scalable access, where each instance creates a separate secure tunnel to the cloud computing platform. In this context, when a new appliance authenticates a new secure tunnel, information such as a connector name, customer, and port for the tunnel may be shared on a control plane for the computing platform to facilitate programmatic load balancing within the cloud computing platform.Type: ApplicationFiled: December 28, 2022Publication date: April 18, 2024Inventors: Robert Paul Andrews, Venkata Suresh Reddy Obulareddy, Amit Katyal, Thiyagu Rajendran
-
Patent number: 11888890Abstract: Certain edge networking devices such as application gateways may report status to a cloud-based threat management platform using a persistent network connection between the gateway and the cloud platform. Where a cloud computing platform for an edge networking device or the treat management platform imposes periodic timeouts, the threat management platform may monitor connects and disconnects for edge devices and asynchronously evaluate connection status of edge devices independently of a heartbeat or other signal through the persistent connection in order to distinguish periodic timeouts imposed by the cloud computing platform from networking devices that are compromised or malfunctioning.Type: GrantFiled: October 24, 2022Date of Patent: January 30, 2024Assignee: Sophos LimitedInventors: Sanjeev Kumar Maheve, Biju Ramachandra Kaimal, Venkata Suresh Reddy Obulareddy, Neha Parshottam Patel
-
Patent number: 11863582Abstract: A virtualized gateway for applications in a zero trust network access environment is managed from a cloud-based threat management facility for an enterprise network. In order to facilitate creation of a new, centrally managed gateway, a one-time passcode for registration of the gateway to the threat management facility is encoded onto a virtual disk and distributed to a host platform along with a base gateway image for the gateway. This advantageously permits the new gateway to boot and securely register with the threat management facility without further administrative intervention.Type: GrantFiled: November 7, 2022Date of Patent: January 2, 2024Assignee: Sophos LimitedInventors: Prashil Rakeshkumar Gupta, Biju Ramachandra Kaimal, Venkata Suresh Reddy Obulareddy
-
Publication number: 20230308433Abstract: A Transport Layer Security (TLS) handshake can be terminated early—i.e., before certificate validation—to reduce server-side demand, which can be particularly advantageous in counteracting Denial-of-Service (DOS) attacks and the like. To this end, an endpoint may provide a one-time password (OTP) in the client hello message during the initial steps of a TLS handshake or similar connection protocol. A gateway, upon receiving the client hello message, may generate its own OTP for comparison with the OTP in the client hello message. The endpoint and gateway may advantageously generate the OTP based on a secret provided by a threat management facility with a preexisting secure connection to the two entities. If the OTP provided in the client hello message and the OTP generated on the gateway are the same, then the TLS handshake may continue; otherwise, the Transmission Control Protocol (TCP) connection will be terminated by the gateway.Type: ApplicationFiled: March 25, 2022Publication date: September 28, 2023Inventors: Amit Katyal, Venkata Suresh Reddy Obulareddy
-
Publication number: 20230216685Abstract: A gateway performs silent authentication refreshes with an identity management platform in order to extend the expiration of a cookie provided to an endpoint that accesses network applications through the gateway.Type: ApplicationFiled: March 14, 2023Publication date: July 6, 2023Inventors: Biju Ramachandra Kaimal, Venkata Suresh Reddy Obulareddy
-
Patent number: 11663030Abstract: A gateway performs silent authentication refreshes with an identity management platform in order to extend the expiration of a cookie provided to an endpoint that accesses network applications through the gateway.Type: GrantFiled: March 9, 2022Date of Patent: May 30, 2023Assignee: Sophos LimitedInventors: Biju Ramachandra Kaimal, Venkata Suresh Reddy Obulareddy
-
Publication number: 20230120522Abstract: In a cluster of network devices using a consensus protocol for cluster synchronization, a full software rollback is performed by backing up a cluster state on a primary instance for the cluster, and then restarting all devices at the same time from a prior partition. The primary instance can then start a cluster management service and other devices can join the cluster using the consensus state stored by the primary instance.Type: ApplicationFiled: March 9, 2022Publication date: April 20, 2023Inventors: Nikhil Bhandari, Venkata Suresh Reddy Obulareddy, Amit Katyal
-
Publication number: 20230121834Abstract: A gateway performs silent authentication refreshes with an identity management platform in order to extend the expiration of a cookie provided to an endpoint that accesses network applications through the gateway.Type: ApplicationFiled: March 9, 2022Publication date: April 20, 2023Inventors: Biju Ramachandra Kaimal, Venkata Suresh Reddy Obulareddy
-
Publication number: 20230123781Abstract: In order to use zero trust network resources distributed across multiple gateways, an agent is deployed on an endpoint of an enterprise network. The agent maps requests for specific applications to corresponding gateways. The agent may also multiplex or otherwise aggregate communications among different network applications and gateways in order to provide seamless, transparent access to the distributed resources at a single endpoint, and/or within a single interface.Type: ApplicationFiled: March 9, 2022Publication date: April 20, 2023Inventors: Biju Ramachandra Kaimal, Andrew J. Thomas, Venkata Suresh Reddy Obulareddy, Mayur Premi, Robert W. Cook, Ramesh Kamath, Matthew Charles Setzer, Madan Mohan Nayak
-
Publication number: 20230053702Abstract: A virtualized gateway for applications in a zero trust network access environment is managed from a cloud-based threat management facility for an enterprise network. In order to facilitate creation of a new, centrally managed gateway, a one-time passcode for registration of the gateway to the threat management facility is encoded onto a virtual disk and distributed to a host platform along with a base gateway image for the gateway. This advantageously permits the new gateway to boot and securely register with the threat management facility without further administrative intervention.Type: ApplicationFiled: November 7, 2022Publication date: February 23, 2023Inventors: Prashil Rakeshkumar Gupta, Biju Ramachandra Kaimal, Venkata Suresh Reddy Obulareddy
-
Publication number: 20230053301Abstract: Certain edge networking devices such as application gateways may report status to a cloud-based threat management platform using a persistent network connection between the gateway and the cloud platform. Where a cloud computing platform for an edge networking device or the treat management platform imposes periodic timeouts, the threat management platform may monitor connects and disconnects for edge devices and asynchronously evaluate connection status of edge devices independently of a heartbeat or other signal through the persistent connection in order to distinguish periodic timeouts imposed by the cloud computing platform from networking devices that are compromised or malfunctioning.Type: ApplicationFiled: October 24, 2022Publication date: February 16, 2023Inventors: Sanjeev Kumar Maheve, Biju Ramachandra Kaimal, Venkata Suresh Reddy Obulareddy, Neha Parshottam Patel
-
Patent number: 11496461Abstract: A virtualized gateway for applications in a zero trust network access environment is managed from a cloud-based threat management facility for an enterprise network. In order to facilitate creation of a new, centrally managed gateway, a one-time passcode for registration of the gateway to the threat management facility is encoded onto a virtual disk and distributed to a host platform along with a base gateway image for the gateway. This advantageously permits the new gateway to boot and securely register with the threat management facility without further administrative intervention.Type: GrantFiled: March 25, 2021Date of Patent: November 8, 2022Assignee: Sophos LimitedInventors: Prashil Rakeshkumar Gupta, Biju Ramachandra Kaimal, Venkata Suresh Reddy Obulareddy
-
Patent number: 11483336Abstract: Certain edge networking devices such as application gateways may report status to a cloud-based threat management platform using a persistent network connection between the gateway and the cloud platform. Where a cloud computing platform for an edge networking device or the treat management platform imposes periodic timeouts, the threat management platform may monitor connects and disconnects for edge devices and asynchronously evaluate connection status of edge devices independently of a heartbeat or other signal through the persistent connection in order to distinguish periodic timeouts imposed by the cloud computing platform from networking devices that are compromised or malfunctioning.Type: GrantFiled: March 25, 2021Date of Patent: October 25, 2022Assignee: Sophos LimitedInventors: Sanjeev Kumar Maheve, Biju Ramachandra Kaimal, Venkata Suresh Reddy Obulareddy, Neha Parshottam Patel
-
Publication number: 20220272117Abstract: Certain edge networking devices such as application gateways may report status to a cloud-based threat management platform using a persistent network connection between the gateway and the cloud platform. Where a cloud computing platform for an edge networking device or the treat management platform imposes periodic timeouts, the threat management platform may monitor connects and disconnects for edge devices and asynchronously evaluate connection status of edge devices independently of a heartbeat or other signal through the persistent connection in order to distinguish periodic timeouts imposed by the cloud computing platform from networking devices that are compromised or malfunctioning.Type: ApplicationFiled: March 25, 2021Publication date: August 25, 2022Inventors: Sanjeev Kumar Maheve, Biju Ramachandra Kaimal, Venkata Suresh Reddy Obulareddy, Neha Parshottam Patel
-
Publication number: 20220272082Abstract: A virtualized gateway for applications in a zero trust network access environment is managed from a cloud-based threat management facility for an enterprise network. In order to facilitate creation of a new, centrally managed gateway, a one-time passcode for registration of the gateway to the threat management facility is encoded onto a virtual disk and distributed to a host platform along with a base gateway image for the gateway. This advantageously permits the new gateway to boot and securely register with the threat management facility without further administrative intervention.Type: ApplicationFiled: March 25, 2021Publication date: August 25, 2022Inventors: Prashil Rakeshkumar Gupta, Biju Ramachandra Kaimal, Venkata Suresh Reddy Obulareddy