Sunnyvale, CA, United States
Sunnyvale, CA, United States

Fortinet, Inc. is an American multinational corporation founded in 2000 by brothers Ken and Michael Xie. The company sells high performance network security products and services including their flagship integrated network security solution, the FortiGate firewall. Fortinet distributes its systems and subscription-based services using the channel partner sales method via more than 20,000 partners worldwide. Fortinet is positioned as the revenue leader in Unified Threat Management .Fortinet competes in the UTM and network security industry against Cisco, Check Point, Juniper, and Palo Alto Networks, among others. Wikipedia.

SEARCH FILTERS
Time filter
Source Type

Patent
Fortinet | Date: 2016-12-19

Systems and methods for inline security protocol inspection are provided. According to one embodiment, a security device receives an encrypted packet from a first network appliance and buffers the encrypted packet in a buffer. An inspection module accesses the encrypted packet from the buffer, decrypts the encrypted packet to produce plain text and scans the plain text by the inspection module.


Patent
Fortinet | Date: 2016-06-16

Methods and systems for a flexible, scalable hardware and software platform that allows a managed security service provider to easily provide security services to multiple customers are provided. According to one embodiment, a method is provided for delivering customized network services to subscribers of the service provider. A request is received, at a service management system (SMS) of the service provider, to establish an Internet Protocol (IP) connection between a first and second location of a first subscriber of the managed security service provider. Responsive to the request, the SMS causes a tunnel to be established between a first and second service processing switch of the service provider which are coupled in communication via a public network and associated with the first location and the second location, respectively.


A wireless communication network is self-provisioned using coordination of data plane behavior to steer stations to preferred access points. To do so, a policy concerning traffic flow for the wireless communication network is received. Data plane traffic flow is monitored at each of the plurality of access points distributed around the wireless communication network. At some point, it may be determined the data plane traffic flow at a first access point from needs to be reduced based on the data plane traffic flow relative to the policy. In response, a station is steered to a preferred access point using OpenFlow rules to affect data plane routing decisions at the access point (e.g., drop, delay, or reprioritize packets).


Patent
Fortinet | Date: 2016-08-24

A device for detecting network traffic content is provided. The device includes a memory configured for storing one or more signatures, each of the one or more signatures associated with content desired to be detected, and 5 defined by one or more predicates. The device also includes a processor configured to receive data associated with network traffic content, execute one or more instructions based on the one or more signatures and the data, and determine whether the network traffic content matches the content desired to be detected.


Patent
Fortinet | Date: 2016-10-26

Systems and methods are described for conducting work flows by an SIEM device to carry out a complex task automatically. According to one embodiment, an SIEM device may create a work flow that includes multiple security tasks that are performed by one or more security devices. When a security event is captured or the work flow is scheduled to be executed, the SIEM device starts the work flow by scheduling the security tasks defined in the work flow. The SIEM device then collects results of security tasks performed by the one or more security devices.


Patent
Fortinet | Date: 2016-11-12

Methods and systems for secure cloud storage are provided. According to one embodiment, a gateway maintains multiple cryptographic keys. A file that is to be stored across multiple third-party cloud storage services is received by the gateway from a user of an enterprise network. The file is partitioned into chunks. A directory is created within a cloud storage service having a name attribute based on an encrypted version of a name of the file. For each chunk: (i) existence of data is identified within the chunk associated with one or more predefined search indices; (ii) searchable encrypted metadata is generated based on the identified data and a selected cryptographic key; (iii) an encrypted version of the chunk is generated; and (iv) a file is created within the directory in which a name attribute includes the searchable encrypted metadata and the file content includes the encrypted chunk.


Network devices are steered to preferred access points using a probability function. A probe request for connection is received from a network device. The probe request can be from a network device attempting to use a wireless network (e.g., a IEEE 802.11-type network or other suitable type of network). A probability function that defines a likelihood of granting the network device a connection is used to determine whether to accept or deny the response. The probe response is then sent to the network device.


Patent
Fortinet | Date: 2016-08-13

Methods and systems for improving accuracy, speed, and efficiency of context-aware pattern matching are provided. According to one embodiment, a packet stream is received by a first stage of a CPMP hardware accelerator of a network device. A pre-matching process is performed by the first stage to identify a candidate packet that matches a string or over-flow pattern associated with IPS or ADC rules. A candidate rule is identified based on a correlation of results of the pre-matching process. The candidate packet is tokened to produce matching tokens and corresponding locations. A full-match process is performed on the candidate packet by a second stage of the CPMP hardware accelerator to determine whether it satisfies the candidate rule by performing one or more of (i) context-aware pattern matching, (ii) context-aware string matching and (iii) regular expression matching based on contextual information, the matching tokens and the corresponding locations.


Patent
Fortinet | Date: 2016-12-01

Directing station roaming in a cloud-managed Wi-Fi network. Management messages are received from a controller that is located remotely from the Wi-Fi communication network by an access point. When an RSSI (received signal strength indication) value between the station and the access point falls below a threshold, the access point (i.e., controller access point) determines which neighboring access point would be a best fit for a hand-off, with limited real-time input form the cloud-based Wi-Fi controller. One of the two or more of the plurality of access points is selected for handing-off the station based on the RSSI values received from the interrogation. Responsive to the selection, a message is sent to the selected access point instructing the one of the at least one of the plurality of access points to respond to messages from the station.


Patent
Fortinet | Date: 2017-01-19

Systems and methods for controlling applications on a network are provided. According to one embodiment, a network security device detects a suspect application protocol used in connection with network traffic exchanged between a source peer and a destination peer. The network security device sends a probing request to the destination peer based on the suspect application protocol. The suspect application protocol is confirmed when a response is received from the destination peer in accordance with the suspect application protocol.

Loading Fortinet collaborators
Loading Fortinet collaborators