Chang D Li

US Patent:

20220191252, Jun 16, 2022

Filed:

Mar 7, 2022

Appl. No.:

17/688675

Inventors:

- Santa Clara CA, US
Leonid Burakovsky - Pleasanton CA, US
Jesse C. Shu - Palo Alto CA, US
Chang Li - San Jose CA, US

International Classification:

H04L 9/40
H04W 12/06
H04W 12/48
H04W 12/088

Abstract:

Techniques for mobile equipment identity and/or IoT equipment identity and application identity based security enforcement in service provider networks (e.g., service provider networks for mobile subscribers) are disclosed. In some embodiments, a system/process/computer program product for mobile equipment identity and/or IoT equipment identity and application identity based security enforcement in service provider networks includes monitoring network traffic on a service provider network at a security platform to identify a device identifier for a new session; determining an application identifier for user traffic associated with the new session at the security platform; and determining a security policy to apply at the security platform to the new session based on the device identifier and the application identifier.

US Patent:

20210250381, Aug 12, 2021

Filed:

Apr 29, 2021

Appl. No.:

17/244758

Inventors:

- Santa Clara CA, US
Leonid Burakovsky - Pleasanton CA, US
Jesse C. Shu - Palo Alto CA, US
Chang Li - San Jose CA, US

International Classification:

H04L 29/06

Abstract:

Techniques for location based security in service provider networks (e.g., service provider networks for mobile subscribers) are disclosed. A system/process/computer program product for location based security in service provider networks includes monitoring network traffic on a service provider network at a security platform to identify a location for a new session; associating the location with the new session at the security platform; and determining a security policy to apply at the security platform to the new session based on the location.

US Patent:

20200287939, Sep 10, 2020

Filed:

May 21, 2020

Appl. No.:

16/880852

Inventors:

- Santa Clara CA, US
Leonid Burakovsky - Pleasanton CA, US
Jesse C. Shu - Palo Alto CA, US
Chang Li - San Jose CA, US

International Classification:

H04L 29/06
H04W 12/06
H04W 12/00
H04W 12/08

Abstract:

Techniques for mobile equipment identity and/or IoT equipment identity and application identity based security enforcement in service provider networks (e.g., service provider networks for mobile subscribers) are disclosed. In some embodiments, a system/process/computer program product for mobile equipment identity and/or IoT equipment identity and application identity based security enforcement in service provider networks includes monitoring network traffic on a service provider network at a security platform to identify a device identifier for a new session; determining an application identifier for user traffic associated with the new session at the security platform; and determining a security policy to apply at the security platform to the new session based on the device identifier and the application identifier.

US Patent:

20200225047, Jul 16, 2020

Filed:

Jan 13, 2020

Appl. No.:

16/741681

Inventors:

- Palo Alto CA, US
Aaron Sekhri - Palo Alto CA, US
Andreja Kogovsek - London, GB
Benjamin Dawes - Claverley, GB
Brandon Burr - San Francisco CA, US
Chang Li - Palo Alto CA, US
Elizabeth Caudill - San Francisco CA, US
Zachary Romanow - Washington DC, US

International Classification:

G01C 21/34
G01C 21/36
G06Q 10/08

Abstract:

Systems and methods are provided for event-based route planning. Information of events taking place in a predetermined geographic area is received. An origin and at least one destination are determined. One or more first routes for traveling from the origin to the destination are determined from the predetermined geographic area. One or more segments in each of the first routes are determined based on the received information, each segment being associated with a corresponding recommendation for travelling via the segment.

US Patent:

20180367569, Dec 20, 2018

Filed:

Jun 15, 2017

Appl. No.:

15/624434

Inventors:

- Santa Clara CA, US
Leonid Burakovsky - Pleasanton CA, US
Jesse C. Shu - Palo Alto CA, US
Chang Li - San Jose CA, US

International Classification:

H04L 29/06

Abstract:

Techniques for location based security in service provider networks (e.g., service provider networks for mobile subscribers) are disclosed. In some embodiments, a system/process/computer program product for location based security in service provider networks includes monitoring network traffic on a service provider network at a security platform to identify a location for a new session; associating the location with the new session at the security platform; and determining a security policy to apply at the security platform to the new session based on the location.

US Patent:

20180367570, Dec 20, 2018

Filed:

Jun 15, 2017

Appl. No.:

15/624437

Inventors:

- Santa Clara CA, US
Leonid Burakovsky - Pleasanton CA, US
Jesse C. Shu - Palo Alto CA, US
Chang Li - San Jose CA, US

International Classification:

H04L 29/06
H04W 12/06

Abstract:

Techniques for mobile equipment identity and/or IoT equipment identity and application identity based security enforcement in service provider networks (e.g., service provider networks for mobile subscribers) are disclosed. In some embodiments, a system/process/computer program product for mobile equipment identity and/or IoT equipment identity and application identity based security enforcement in service provider networks includes monitoring network traffic on a service provider network at a security platform to identify a device identifier for a new session; determining an application identifier for user traffic associated with the new session at the security platform; and determining a security policy to apply at the security platform to the new session based on the device identifier and the application identifier.

US Patent:

20180084006, Mar 22, 2018

Filed:

Jul 31, 2017

Appl. No.:

15/665179

Inventors:

- Santa Clara CA, US
Chang Li - San Jose CA, US

International Classification:

H04L 29/06

Abstract:

Techniques for latency-based policy activation are disclosed. In some embodiments, a system for latency-based policy activation includes collecting a plurality of latency measures associated with monitored network communications; correlating the plurality of latency measures associated with the monitored network communications to detect anomalous network activity based on a profile; and performing a mitigation response to the anomalous network activity based on a policy.