Prakash T Seshadri

US Patent:

20210099472, Apr 1, 2021

Filed:

Dec 11, 2020

Appl. No.:

17/247461

Inventors:

- Sunnyvale CA, US
Jeffrey S. MARSHALL - Santa Clara CA, US
Sunil G. RAWOORKAR - Pleasanton CA, US
Srinivasan VEERARAGHAVAN - Cupertino CA, US
Prakash T. SESHADRI - Fremont CA, US

International Classification:

H04L 29/06

Abstract:

A device receives information identifying a specific host threat to a network, where the information includes a list of network addresses associated with the specific host threat. The device identifies network elements, of the network, associated with the specific host threat to the network, and determines a network control system associated with the identified network elements. The device determines a policy enforcement group of network elements, of the identified network elements, that maps to the list of network addresses associated with the specific host threat, where the network control system is associated with the policy enforcement group of network elements. The device determines a threat policy action to enforce for the specific host threat, and causes, via the network control system, the threat policy action to be enforced by the policy enforcement group of network elements.

US Patent:

20190297094, Sep 26, 2019

Filed:

Jun 29, 2018

Appl. No.:

16/024308

Inventors:

- Sunnyvale CA, US
Jeffrey S. Marshall - Santa Clara CA, US
Sunil G. Rawoorkar - Pleasanton CA, US
Srinivasan Veeraraghavan - Cupertino CA, US
Prakash T. Seshadri - Fremont CA, US

International Classification:

H04L 29/06

Abstract:

A device receives information identifying a specific host threat to a network, where the information includes a list of network addresses associated with the specific host threat. The device identifies network elements, of the network, associated with the specific host threat to the network, and determines a network control system associated with the identified network elements. The device determines a policy enforcement group of network elements, of the identified network elements, that maps to the list of network addresses associated with the specific host threat, where the network control system is associated with the policy enforcement group of network elements. The device determines a threat policy action to enforce for the specific host threat, and causes, via the network control system, the threat policy action to be enforced by the policy enforcement group of network elements.

US Patent:

20190007453, Jan 3, 2019

Filed:

Jun 29, 2017

Appl. No.:

15/637789

Inventors:

- Sunnyvale CA, US
Rakesh Kumar - San Ramon CA, US
Prakash T. Seshadri - Fremont CA, US

International Classification:

H04L 29/06

Abstract:

A device may receive first information associated with a set of security rules. The first information may identify a set of security actions a device is to implement when the set of security rules applies to traffic. The device may determine a manner in which the set of security rules is to apply using the first information. The device may determine whether the manner in which the set of security rules is to apply and an intent of a network security policy or a manner in which a set of previously defined security rules is to apply match to determine whether the set of security rules conflicts with the network security policy or whether the set of security rules and the set of previously defined security rules are related. The device may perform an action.

US Patent:

20190007454, Jan 3, 2019

Filed:

Jun 29, 2017

Appl. No.:

15/637806

Inventors:

- Sunnyvale CA, US
Rakesh Kumar - San Ramon CA, US
Prakash T. Seshadri - Fremont CA, US

International Classification:

H04L 29/06

Abstract:

A device may receive information identifying a set of conditions related to controlling implementation of a set of security rules. The set of conditions may be associated with a set of security actions that a device is to perform based on whether the set of conditions is satisfied. The device may determine the set of security rules that is to be controlled by the set of conditions using information related to the set of security rules. The device may modify information related to the set of security rules to cause the implementation of the set of security rules to be controlled by the set of conditions. The modification to cause the device to process the set of security rules to dynamically implement the set of security actions based on satisfaction of the set of conditions. The device may perform an action after modifying the information.

US Patent:

20190007456, Jan 3, 2019

Filed:

Jun 30, 2017

Appl. No.:

15/639366

Inventors:

- Sunnyvale CA, US
Rakesh Kumar - San Ramon CA, US
Prakash T. Seshadri - Fremont CA, US
Sriram Subramanian - Bangalore, IN

International Classification:

H04L 29/06

Abstract:

A device may receive policy information associated with a first application group and a second application group. The device may receive network topology information associated with a network. The device may generate a first policy based on the policy information and the network topology information, and generate a second policy based on the policy information and the network topology information. The device may provide, to the virtual network device, information associated with the first policy to permit the virtual network device to implement the first policy in association with network traffic transferred between the first application group and the second application group. The device may provide, to the physical network device, information associated with the second policy to permit the physical network device to implement the second policy in association with network traffic transferred between the first application group and the second application group.

US Patent:

20180288078, Oct 4, 2018

Filed:

Apr 1, 2018

Appl. No.:

15/942530

Inventors:

- Sunnyvale CA, US
Prakash T. Seshadri - Fremont CA, US
Daniel J. Quinlan - San Francisco CA, US
Volodymyr Kuznetsov - Austin TX, US
Rakesh Kumar - San Ramon CA, US

International Classification:

H04L 29/06
G06F 21/56

Abstract:

A security platform may determine mapped attribute information associated with a plurality of host identifiers. The mapped attribute information may include information that identifies a set of related attributes. The security platform may determine, based on the mapped attribute information, that a host device is associated with at least two host identifiers of the plurality of host identifiers. The security platform may aggregate, based on the at two least host identifiers, threat information as aggregated threat information associated with the host device. The security platform may classify the host device as an infected device or a suspicious device based on the aggregated threat information.