|FORTINET, INC. Patent applications|
|Patent application number||Title||Published|
|20150256513||FIREWALL INTERFACE CONFIGURATION TO ENABLE BI-DIRECTIONAL VOIP TRAVERSAL COMMUNICATIONS - Methods and systems for an intelligent network protection gateway (NPG) and network architecture are provided. According to one embodiment, a firewall provides network-layer protection to internal hosts against unauthorized access by hosts of an external network by performing network address translation (NAT) processing of Internet Protocol (IP) addresses. The firewall also provides application-layer protection on behalf of the internal hosts and supports Voice over IP (VoIP) services by actively processing signaling protocols associated with VoIP sessions. An external VoIP interface of the firewall receives incoming VoIP packets having associated therewith an indication regarding a VoIP port of external interface. The packets are directed to an appropriate internal host by the firewall performing port address forwarding based on a mapping of VoIP ports to private addresses of the internal hosts.||09-10-2015|
|20150249686||INITIAL DIAGNOSTICS OF A NETWORK SECURITY DEVICE VIA A HAND-HELD COMPUTING DEVICE - Process, equipment, and computer program product code for configuration of and/or performing diagnostics on a network security device using a hand-held computing device are provided. According to one embodiment, a hand-held computing device is connected to a network security device via a connecting cable that is coupled to a management interface of the hand-held computing device. A mobile application running on the hand-held computing device sends a diagnostic command via the connecting cable to the network security device to initiate performance of one or more diagnostic tests on the network security device. Results of the one or more diagnostic tests are received from the network security device via the connecting cable. The results of the one or more diagnostic tests are displayed via a display of the hand-held computing device.||09-03-2015|
|20150249644||CLOUD-BASED SECURITY POLICY CONFIGURATION - Systems and methods for configuring security policies based on security parameters stored in a public or private cloud infrastructure are provided. According to one embodiment, security parameters associated with a first network appliance of an enterprise, physically located at a first site, are shared by the first network appliance with multiple network appliances of the enterprise by logging into an shared enterprise cloud account. The shared parameters are retrieved by a second network appliance of the enterprise, physically located at a second site, by logging into the shared enterprise cloud account. A VPN client configuration is automatically created by the second network appliance that controls a VPN connection between the first and second network appliances based on the shared parameters. The VPN connection is dynamically established based on the shared parameters when the VPN client configuration permits network traffic to be exchanged between the first and second network appliances.||09-03-2015|
|20150249641||HUMAN USER VERIFICATION OF HIGH-RISK NETWORK ACCESS - Systems and methods for performing a human user test when a high-risk network access is captured by an intermediary security device are provided. According to one embodiment, a request that is sent from a client to a server is captured by an intermediary security device logically interposed between the client and the server. A human user test message is sent by the intermediary security device to the client to verify that the request was initiated by a human user of the client. A response to the human user test message is received by the intermediary security device. It is determined by the intermediary security device whether the response is a correct response to the human user test message. When the determination is affirmative, the request is allowed to pass through the intermediary security device and to be delivered to the server.||09-03-2015|
|20150244691||POLICY-BASED CONFIGURATION OF INTERNET PROTOCOL SECURITY FOR A VIRTUAL PRIVATE NETWORK - A method for performing policy-based configuration of Internet Protocol Security (IPSec) for a Virtual Private Network (VPN) is provided. According to one embodiment, a policy page through which a policy, including multiple VPN settings for establishing a VPN connection, may be viewed and configured is displayed via a user interface of a source network device. The VPN settings include a type of IPSec tunnel to be established between the source network device and a peer network device. A selection regarding the type of IPSec tunnel to be used for the VPN connection is received via the user interface. The source network device requests the VPN connection be established between the source network device and the peer network device in accordance with the policy by sending a notification request to the peer network device. The notification requests includes parameter values associated with the VPN settings.||08-27-2015|
Patent applications by FORTINET, INC.