Patents by Inventor Yuming Mao
Yuming Mao has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 9800697Abstract: Methods and apparatus for processing data packets in a computer network are described. One general method includes receiving a data packet; examining the data packet to classify the data packet including classifying the data packet as a L2 or L3 packet and including determining at least one zone associated with the packet; processing the packet in accordance with one or more policies associated with the zone; determining forwarding information associated with the data packet; and if one or more policies permit, forwarding the data packet toward an intended destination using the forwarding information.Type: GrantFiled: January 19, 2016Date of Patent: October 24, 2017Assignee: Palo Alto Networks, Inc.Inventors: Nir Zuk, Yuming Mao, Haoying Xu, Arnit Green
-
Patent number: 9531792Abstract: The present invention proposes a information file generating system and method based on parallel processing. Wherein, said information file generating system based on parallel processing comprises a file request processing device, a control device, a temporary task processing device, an abnormity processing device and an input/output device. Among them, said file request processing device is used to receive and analyze a file request instruction from an application server, and create an information file generation task and at least one temporary information file generation task according to the result of the analysis. The information file generating system and method based on parallel processing disclosed in the present invention are easy to be operated, can ensure the real-time performance and accuracy, and can improve the work efficiency and performance of the system.Type: GrantFiled: March 30, 2012Date of Patent: December 27, 2016Assignee: CHINA UNIONPAY CO., LTD.Inventors: Lin Chen, Yuming Mao
-
Patent number: 9407605Abstract: Methods and apparatus for transferring packets in a packet switched communication system. A system is provided that includes an L2 device including a controller determining for each packet received whether the received packet is to be inspected, an inspection device operable to inspect and filter packets identified by the controller including using a zone specific policy and an L2 controller for transferring inspected packets in accordance with L2 header information using L2 protocols.Type: GrantFiled: March 31, 2014Date of Patent: August 2, 2016Assignee: Juniper Networks, Inc.Inventors: Yuming Mao, Roger Jia-Jyi Lian, Guangsong Huang, Lee Chik Cheung
-
Publication number: 20160219131Abstract: Methods and apparatus for processing data packets in a computer network are described. One general method includes receiving a data packet; examining the data packet to classify the data packet including classifying the data packet as a L2 or L3 packet and including determining at least one zone associated with the packet; processing the packet in accordance with one or more policies associated with the zone; determining forwarding information associated with the data packet; and if one or more policies permit, forwarding the data packet toward an intended destination using the forwarding information.Type: ApplicationFiled: January 19, 2016Publication date: July 28, 2016Inventors: Nir Zuk, Yuming Mao, Haoying Xu, Arnit Green
-
Patent number: 9391954Abstract: Methods, systems, and apparatus, including computer program products, featuring receiving at a first security device a packet. The first security device determines that the packet is associated with a flow assigned to a distinct second security device. The first security device sends the packet to the second security device. After the second security device performs security processing using the packet, the first security device receives from the second security device a message regarding the packet. The first security device transmits the packet.Type: GrantFiled: May 6, 2014Date of Patent: July 12, 2016Assignee: Palo Alto Networks, Inc.Inventors: Nir Zuk, Wilson Xu, Yuming Mao
-
Patent number: 9385994Abstract: Methods and apparatus, including computer program products, implementing and using techniques for processing a data packet. An input port receives a data packet, a switching board classifies the data packet, determines whether the data packet should be accepted, and switches the data packet to a management board if the data packet is a first data packet in a session, and to a processing board if the data packet is not a first data packet in a session. A management board receives a data packet from the switching board, examines the data packet and forwards the data packet to one of the processing boards. One or more processing boards receives non-first data packets from the switching board and data packets from the management board and processes the data packets. A firewall and a secure gateway with firewall and virtual private network functionality for processing a data packet are also described.Type: GrantFiled: January 31, 2014Date of Patent: July 5, 2016Assignee: Juniper Networks, Inc.Inventors: Yan Ke, Yuming Mao, Jian Tong, Guangsong Huang
-
Patent number: 9294394Abstract: Methods and apparatus for processing data packets in a computer network are described. One general method includes receiving a data packet; examining the data packet to classify the data packet including classifying the data packet as a L2 or L3 packet and including determining at least one zone associated with the packet; processing the packet in accordance with one or more policies associated with the zone; determining forwarding information associated with the data packet; and if one or more policies permit, forwarding the data packet toward an intended destination using the forwarding information.Type: GrantFiled: October 24, 2013Date of Patent: March 22, 2016Assignee: Palo Alto Networks, Inc.Inventors: Nir Zuk, Yuming Mao, Haoying Xu, Arnit Green
-
Patent number: 9185075Abstract: Methods and apparatus, including computer program products, implementing and using techniques for processing a data packet in a packet forwarding device. A data packet is received. A virtual local area network destination is determined for the received data packet, and a set of rules associated with the virtual local area network destination is identified. The rules are applied to the data packet. If a virtual local area network destination has been determined for the received data packet, the data packet is output to the destination, using the result from the application of the rules. If no destination has been determined, the data packet is dropped. A security system for partitioning security system resources into a plurality of separate security domains that are configurable to enforce one or more policies and to allocate security system resources to the one or more security domains, is also described.Type: GrantFiled: June 6, 2006Date of Patent: November 10, 2015Assignee: Juniper Networks, Inc.Inventors: Yan Ke, Yuming Mao, Wilson Xu, Brian Yean-Shiang Leu
-
Patent number: 8959197Abstract: Methods and apparatuses for inspecting packets are provided. A primary security system may be configured for processing packets. The primary security system may be operable to maintain flow information for a group of devices to facilitate processing of the packets. A secondary security system may be designated for processing packets upon a failover event. Flow records may be shared from the primary security system with the secondary security system.Type: GrantFiled: December 30, 2013Date of Patent: February 17, 2015Assignee: Juniper Networks, Inc.Inventors: Nir Zuk, Yuming Mao, Kowsik Guruswamy
-
Patent number: 8924342Abstract: A data transfer system and method are provided in the present invention. Wherein, the data transfer system and method comprises a source data obtaining service module and a target table updating service module, both of which are divided into a main part and an affiliated part, and wherein the affiliated part is a dynamic function library, which can package sub-processings such as source data obtaining, data transformation and data inserting/updating. Meanwhile, the data transfer system and method can support quasi real-time data transfer tasks and real-time data transfer tasks at the same time. The data transfer system and method support multi-computer disaster tolerance and extension, and the customization of the dynamic function library can facilitate the change in the requirements of data transfer.Type: GrantFiled: August 24, 2010Date of Patent: December 30, 2014Assignee: China Unionpay Co., Ltd.Inventors: Lin Chen, Yuming Mao, Xiao Zhuang, Zhijun Lu, Yanming Yang, Mei Bai
-
Publication number: 20140331311Abstract: Methods, systems, and apparatus, including computer program products, featuring receiving at a first security device a packet. The first security device determines that the packet is associated with a flow assigned to a distinct second security device. The first security device sends the packet to the second security device. After the second security device performs security processing using the packet, the first security device receives from the second security device a message regarding the packet. The first security device transmits the packet.Type: ApplicationFiled: May 6, 2014Publication date: November 6, 2014Applicant: Palo Alto Networks, Inc.Inventors: Nir Zuk, Wilson Xu, Yuming Mao
-
Publication number: 20140215600Abstract: Methods and apparatus for transferring packets in a packet switched communication system. A system is provided that includes an L2 device including a controller determining for each packet received whether the received packet is to be inspected, an inspection device operable to inspect and filter packets identified by the controller including using a zone specific policy and an L2 controller for transferring inspected packets in accordance with L2 header information using L2 protocols.Type: ApplicationFiled: March 31, 2014Publication date: July 31, 2014Applicant: JUNIPER NETWORKS, INC.Inventors: Yuming MAO, Roger Jia-Jyi LIAN, Guangsong HUANG, Lee Chik CHEUNG
-
Publication number: 20140215598Abstract: Methods and apparatus, including computer program products, implementing and using techniques for processing a data packet. An input port receives a data packet, a switching board classifies the data packet, determines whether the data packet should be accepted, and switches the data packet to a management board if the data packet is a first data packet in a session, and to a processing board if the data packet is not a first data packet in a session. A management board receives a data packet from the switching board, examines the data packet and forwards the data packet to one of the processing boards. One or more processing boards receives non-first data packets from the switching board and data packets from the management board and processes the data packets. A firewall and a secure gateway with firewall and virtual private network functionality for processing a data packet are also described.Type: ApplicationFiled: January 31, 2014Publication date: July 31, 2014Applicant: Juniper Networks, Inc.Inventors: Yan KE, Yuming MAO, Jian TONG, Guangsong HUANG
-
Patent number: 8769664Abstract: Methods, systems, and apparatus, including computer program products, featuring receiving at a first security device a packet. The first security device determines that the packet is associated with a flow assigned to a distinct second security device. The first security device sends the packet to the second security device. After the second security device performs security processing using the packet, the first security device receives from the second security device a message regarding the packet. The first security device transmits the packet.Type: GrantFiled: January 30, 2009Date of Patent: July 1, 2014Assignee: Palo Alto Networks, Inc.Inventors: Nir Zuk, Wilson Xu, Yuming Mao
-
Publication number: 20140119376Abstract: Methods and apparatus for processing data packets in a computer network are described. One general method includes receiving a data packet; examining the data packet to classify the data packet including classifying the data packet as a L2 or L3 packet and including determining at least one zone associated with the packet; processing the packet in accordance with one or more policies associated with the zone; determining forwarding information associated with the data packet; and if one or more policies permit, forwarding the data packet toward an intended destination using the forwarding information.Type: ApplicationFiled: October 24, 2013Publication date: May 1, 2014Applicant: Palo Alto Networks, Inc.Inventors: Nir Zuk, Yuming Mao, Haoying Xu, Arnit Green
-
Publication number: 20140115379Abstract: Methods and apparatuses for inspecting packets are provided. A primary security system may be configured for processing packets. The primary security system may be operable to maintain flow information for a group of devices to facilitate processing of the packets. A secondary security system may be designated for processing packets upon a failover event. Flow records may be shared from the primary security system with the secondary security system.Type: ApplicationFiled: December 30, 2013Publication date: April 24, 2014Applicant: Juniper Networks, Inc.Inventors: Nir ZUK, Yuming Mao, Kowsik Guruswamy
-
Publication number: 20140082053Abstract: The present invention proposes a information file generating system and method based on parallel processing. Wherein, said information file generating system based on parallel processing comprises a file request processing device, a control device, a temporary task processing device, an abnormity processing device and an input/output device. Among them, said tile request processing device is used to receive and analyze a file request instruction from an application server, and create an information file generation task and at least one temporary information file generation task according to the result of the analysis. The information file generating system and method based on parallel processing disclosed in the present invention are easy to be operated, can ensure the real-time performance and accuracy, and can improve the work efficiency and performance of the system.Type: ApplicationFiled: March 30, 2012Publication date: March 20, 2014Inventors: Lin Chen, Yuming Mao
-
Patent number: 8654779Abstract: Methods and apparatus, including computer program products, implementing and using techniques for processing a data packet. An input port receives a data packet, a switching board classifies the data packet, determines whether the data packet should be accepted, and switches the data packet to a management board if the data packet is a first data packet in a session, and to a processing board if the data packet is not a first data packet in a session. A management board receives a data packet from the switching board, examines the data packet and forwards the data packet to one of the processing boards. One or more processing boards receives non-first data packets from the switching board and data packets from the management board and processes the data packets. A firewall and a secure gateway with firewall and virtual private network functionality for processing a data packet are also described.Type: GrantFiled: November 22, 2011Date of Patent: February 18, 2014Assignee: Juniper Networks, Inc.Inventors: Yan Ke, Yuming Mao, Jian Tong, Guangsong Huang
-
Patent number: 8594085Abstract: Methods and apparatus for processing data packets in a computer network are described. One general method includes receiving a data packet; examining the data packet to classify the data packet including classifying the data packet as a L2 or L3 packet and including determining at least one zone associated with the packet; processing the packet in accordance with one or more policies associated with the zone; determining forwarding information associated with the data packet; and if one or more policies permit, forwarding the data packet toward an intended destination using the forwarding information.Type: GrantFiled: April 11, 2007Date of Patent: November 26, 2013Assignee: Palo Alto Networks, Inc.Inventors: Nir Zuk, Yuming Mao, Haoying Xu, Arnit Green
-
Patent number: 8527459Abstract: A system and a method for replicating data among heterogeneous databases are described. The system includes an initialization module for creating and initializing shared memory, a message queue and a semaphore; a processing module including a data reader, a data adapter and a data loader; a replication module for replicating the data in the shared memory to a target database according to the messages in the message queue; and a cleaning module for releasing the shared memory after the replication. The method includes creating and initializing the shared memory, the message queue and the semaphore; reading data from the source database, then converting the data into target data for a target database, and loading the target data in the shared memory; replicating the target data in the shared memory to the target database according to the messages in the message queue; and releasing the shared memory after the replication.Type: GrantFiled: August 31, 2010Date of Patent: September 3, 2013Assignee: China Unionpay Co., Ltd.Inventors: Yanming Yang, Lin Chen, Jinzhi Hua, Yuming Mao, Xiao Zhuang, Zhijun Lu