Sunnyvale, CA, United States
Sunnyvale, CA, United States

Time filter

Source Type

A network device initiates a transmission control protocol (TCP) connection to establish a TCP session with a management device, and performs, via the TCP session, a secure protocol client/server role reversal for the management device. The network device receives, from the management device, initiation of a secure connection over the TCP session in accordance with a secure protocol, and provides, to the management device, a trusted certificate with an embedded host key that is dynamically generated using a cryptographic processor of the network device, based on the initiation of the secure connection. The network device also establishes the secure connection with the management device based on an authentication of the host key by the management device via the trusted certificate.


Patent
Juniper Networks Inc. | Date: 2017-05-10

Techniques are described for optimizing the placement of automatically generated rules within security policies. An administrator may, for example, interact with the graphical representation of rules rendered by the threat control module and, responsive to the interaction, the system may determine an optimal placement for the created rule in the list of rules for the identified security device based on either the existence of anomalies or threat IP data and/or advanced security parameters. In this way, the system allows administrators to configure rules with the most optimal sequence to detect threats.


Techniques are described for taking direct actions, such as selectively blocking or allowing traffic and applications, while monitoring events from a graphical representation of threats. As such, the administrator in an enterprise interacts with the graphical representation of threats rendered by the security management system to automatically invoke a policy/rule module of the security management system to configure and update security policies for the security devices deployed throughout the computer networks of the enterprise. An administrator may, for example, interact with the representation of threats rendered by the threat control module based on the data aggregated from the distributed security devices and, responsive to the interaction, the security management system may identify a relevant set of the security devices, automatically construct security policies having ordered rules within the policies for the identified set of security devices, and automatically communicate and install the policies in the identified set of security devices.


Patent
Juniper Networks Inc. | Date: 2017-05-10

Techniques are described for taking direct actions, such as selectively blocking or allowing traffic and applications, while monitoring events from a graphical representation of threats. As such, the administrator in an enterprise interacts with the graphical representation of threats rendered by the security management system to automatically invoke a policy/rule module of the security management system to configure and update security policies for the security devices deployed throughout the computer networks of the enterprise. An administrator may, for example, interact with the representation of threats rendered by the threat control module based on the data aggregated from the distributed security devices and, responsive to the interaction, the security management system may identify a relevant set of the security devices, automatically construct security policies having ordered rules within the policies for the identified set of security devices, and automatically communicate and install the policies in the identified set of security devices.


Patent
Juniper Networks Inc. | Date: 2016-01-29

A device may transmit, to one or more network devices of a portion of a network, information indicating that the device is configured to perform a static designated forwarder election procedure. The device may determine that the one or more network devices of the portion of the network are each configured to perform the static designated forwarder election procedure. The device may enable a static designated forwarder configuration of the device based on determining that the one or more network devices of the portion of the network are each configured to perform the static designated forwarder election procedure.


In some embodiments, a system includes a set of servers, a set of switches within a switch fabric, and an optical device. The optical device is operatively coupled to the set of servers via a first set of optical fibers. Each server from the set of servers is associated with at least one wavelength from a set of wavelengths upon connection to the optical device. The optical device is operatively coupled to each switch from a set of switches via an optical fiber from a second set of optical fibers. The optical device, when operative, wavelength demultiplexes optical signals received from each switch from the set of switches, and sends, for each wavelength from the set of wavelengths, optical signals for that wavelength to the server from the set of servers.


Patent
Juniper Networks Inc. | Date: 2017-05-17

A device may transmit, to one or more network devices of a portion of a network, information indicating that the device is configured to perform a static designated forwarder election procedure. The device may determine that the one or more network devices of the portion of the network are each configured to perform the static designated forwarder election procedure. The device may enable a static designated forwarder configuration of the device based on determining that the one or more network devices of the portion of the network are each configured to perform the static designated forwarder election procedure.


Patent
Juniper Networks Inc. | Date: 2017-01-10

In some embodiments, an apparatus includes a management module configured to assign a unique set of identifiers to each network control entity from a set of network control entities. As a result, a network control entity from the set of network control entities can assign an identifier from its unique set of identifiers to a port in response to that network control entity receiving a login request from the port. The set of network control entities is associated with a distributed multi-stage switch. The management module is also configured to store a zone set database associated with the distributed multi-stage switch. The management module is configured to send an instance of an active zone set stored within the zone set database to each network control entity from the set of network control entities such that each network control entity can enforce the active zone set.


Patent
Juniper Networks Inc. | Date: 2017-02-06

A device may be configured to store virtual identifier information indicating virtual identifiers associated with servers. The virtual identifier information may associate a quantity of virtual identifiers with each respective server of the servers based on a weight associated with the respective server. The device may receive an object identifier identifying an object to be processed by at least one of the servers. The device may calculate hash values for the virtual identifiers based on the object identifier. The device may determine a virtual identifier associated with a hash value that satisfies a particular condition. The device may select a server associated with the virtual identifier. The device may send an instruction to the server to process the object.


A device receives, from a client device, a request for a resource, and accesses a table that includes one or more items of information. The device compares information provided in the request to the one or more items of information provided in the table, and terminates a connection for the request at the device when the information provided in the request matches at least one of the one or more items of information provided in the table. The device forwards the request to a network when the connection is not terminated at the device, and selects a target device for the resource when the connection is terminated at the device.

Loading Juniper Networks Inc. collaborators
Loading Juniper Networks Inc. collaborators