专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

41. 发明授权

US08769522B2 Systems and methods of installing an application without rebooting 有权
标题翻译：安装应用程序而不重新启动的系统和方法
公开(公告)号：US08769522B2
公开(公告)日：2014-07-01
申请号：US11465948
申请日：2006-08-21
申请人： Charu Venkatraman , Arkesh Kumar , Junxiao He , Ajay Soni
发明人： Charu Venkatraman , Arkesh Kumar , Junxiao He , Ajay Soni
IPC分类号： G06F9/44
CPC分类号： H04L67/34 , G06F8/65 , H04L63/0272 , H04L63/104 , H04L63/166
摘要： A method for automatically changing a version of a client agent for a non-administrative user account without rebooting the user's machine uses a service having installation privileges. The service executes on the client and installs a client agent. The client agent communicates with a network appliance. The client agent detects a difference between its version and a version of the client agent identified by the network appliance. The agent signals the service that it has detected the difference and, in response, the service executes an installation program that installs, without rebooting the client, the version of the client agent identified by the appliance. A corresponding system is also described.
摘要翻译：用于自动更改非管理用户帐户的客户端代理的版本而不重新启动用户的计算机的方法将使用具有安装权限的服务。服务在客户端上执行并安装客户端代理。客户端代理与网络设备进行通信。客户端代理检测其版本与由网络设备识别的客户端代理的版本之间的差异。该代理向该服务发出信号，它检测到该差异，作为响应，该服务执行安装程序，而不重新启动客户机，该设备将由该设备识别的客户端代理的版本。还描述了相应的系统。

42. 发明申请

US20130152162A1 METHOD AND SYSTEM FOR AUTHORIZING A LEVEL OF ACCESS OF A CLIENT TO A VIRTUAL PRIVATE NETWORK CONNECTION, BASED ON A CLIENT-SIDE ATTRIBUTE 有权
标题翻译：基于客户端属性来授权客户访问虚拟私有网络连接的方法和系统
公开(公告)号：US20130152162A1
公开(公告)日：2013-06-13
申请号：US13760898
申请日：2013-02-06
申请人： AMARNATH MULLICK , Charu Venkatraman , Shashi Nanjundaswamy , Junxiao He , Ajay Soni
发明人： AMARNATH MULLICK , Charu Venkatraman , Shashi Nanjundaswamy , Junxiao He , Ajay Soni
IPC分类号： H04L29/06
CPC分类号： H04L63/20 , H04L63/0272 , H04L63/102 , H04L63/105
摘要： An appliance and method for authorizing a level of access of a client to a virtual private network connection, based on a client-side attribute includes the step of establishing, by an appliance, a control connection with a client upon receiving a client request to establish a virtual private network connection with a network. The appliance transmits, via the control connection, a request to the client to evaluate at least one clause of a security string, the at least one clause including an expression associated with a client-side attribute. The client transmits, via the control connection, a response to the appliance comprising a result of evaluating the at least one clause by the client. The appliance assigns the client to an authorization group based on the result of evaluation of the at least one clause.
摘要翻译：基于客户端属性来授权客户端访问虚拟专用网络连接的级别的设备和方法包括以下步骤：当设备在接收到建立客户端请求时建立与客户端的控制连接与网络的虚拟专用网络连接。该设备经由控制连接向客户端发送请求以评估安全字符串的至少一个子句，所述至少一个子句包括与客户端属性相关联的表达式。客户端经由控制连接发送对设备的响应，包括由客户端评估至少一个子句的结果。该设备基于至少一个子句的评估结果将客户端分配给授权组。

43. 发明授权

US08418243B2 Systems and methods of providing an intranet internet protocol address to a client on a virtual private network 有权
标题翻译：在虚拟专用网络上向客户端提供内联网互联网协议地址的系统和方法
公开(公告)号：US08418243B2
公开(公告)日：2013-04-09
申请号：US11465980
申请日：2006-08-21
申请人： Charu Venkatraman , Junxiao He , Ajay Soni
发明人： Charu Venkatraman , Junxiao He , Ajay Soni
IPC分类号： H04L29/00
CPC分类号： H04L63/0272 , H04L63/166
摘要： The intranet IP address management solution of the appliance and/or client described herein provides an environment for efficiently assigning, managing and querying virtual private network addresses, referred to as intranet IP (IIP) addresses of virtual private network users, such as a multitude of SSL VPN users on an enterprise network. The appliance provides techniques and policies for assigning previously assigned virtual private network addresses of a user to subsequent sessions of the user as the user logs in multiple times or roams between access points. This technique is referred to IIP stickiness as the appliance attempts to provide the same IIP address to a roaming VPN user. The appliance also provides a configurable user domain naming policy so that one can ping or query the virtual private network address of a user by an easily referenceable host name identifying the user. The appliance and/or client agent also provide techniques to allow applications to seamlessly and transparently communicate on the virtual private network using the virtual private network address of the user or client on the private network.
摘要翻译：本文描述的设备和/或客户端的Intranet IP地址管理解决方案提供了一种用于有效地分配，管理和查询虚拟专用网地址的环境，被称为虚拟专用网络用户的内部网IP（IIP）地址，诸如大量企业网络上的SSL VPN用户。该设备提供用于在用户多次登录或者在接入点之间漫游时将用户先前分配的虚拟专用网地址分配给用户的后续会话的技术和策略。该技术被称为IIP粘性，因为设备试图向漫游VPN用户提供相同的IIP地址。该设备还提供可配置的用户域命名策略，以便可以通过标识用户的易于引用的主机名来ping或查询用户的虚拟专用网络地址。设备和/或客户端代理还提供技术，以允许应用程序使用专用网络上的用户或客户端的虚拟专用网地址在虚拟专用网络上无缝和透明地通信。

44. 发明申请

US20080046993A1 METHOD AND SYSTEM FOR AUTHORIZING A LEVEL OF ACCESS OF A CLIENT TO A VIRTUAL PRIVATE NETWORK CONNECTION, BASED ON A CLIENT-SIDE ATTRIBUTE 有权
标题翻译：基于客户端属性来授权客户访问虚拟私有网络连接的方法和系统
公开(公告)号：US20080046993A1
公开(公告)日：2008-02-21
申请号：US11465915
申请日：2006-08-21
申请人： Amarnath Mullick , Charu Venkatraman , Shashi Nanjundaswamy , Junxiao He , Ajay Soni
发明人： Amarnath Mullick , Charu Venkatraman , Shashi Nanjundaswamy , Junxiao He , Ajay Soni
IPC分类号： G06F17/00
CPC分类号： H04L63/20 , H04L63/0272 , H04L63/102 , H04L63/105
摘要： An appliance and method for authorizing a level of access of a client to a virtual private network connection, based on a client-side attribute includes the step of establishing, by an appliance, a control connection with a client upon receiving a client request to establish a virtual private network connection with a network. The appliance transmits, via the control connection, a request to the client to evaluate at least one clause of a security string, the at least one clause including an expression associated with a client-side attribute. The client transmits, via the control connection, a response to the appliance comprising a result of evaluating the at least one clause by the client. The appliance assigns the client to an authorization group based on the result of evaluation of the at least one clause.
摘要翻译：基于客户端属性来授权客户端访问虚拟专用网络连接的级别的设备和方法包括以下步骤：当设备在接收到建立客户端请求时建立与客户端的控制连接与网络的虚拟专用网络连接。该设备经由控制连接向客户端发送请求以评估安全字符串的至少一个子句，所述至少一个子句包括与客户端属性相关联的表达式。客户端经由控制连接发送对设备的响应，包括由客户端评估至少一个子句的结果。该设备基于至少一个子句的评估结果将客户端分配给授权组。

45. 发明申请

US20080043760A1 Systems and Methods of Providing Server Initiated Connections on a Virtual Private Network 有权
标题翻译：在虚拟专用网络上提供服务器启动的连接的系统和方法
公开(公告)号：US20080043760A1
公开(公告)日：2008-02-21
申请号：US11465950
申请日：2006-08-21
申请人： Charu Venkatraman , Junxiao He , Ajay Soni , James Harris , Arkesh Kumar
发明人： Charu Venkatraman , Junxiao He , Ajay Soni , James Harris , Arkesh Kumar
IPC分类号： H04L12/56
CPC分类号： H04L12/4641 , H04L63/0272 , H04L63/166 , H04L69/16 , H04L69/161 , H04L69/163 , H04L69/164
摘要： The present invention is related to a method for establishing via an appliance a transport layer protocol connection initiated by a server on a first network to a client connected from a second network to the first network via a secure socket layer virtual private network (SSL VPN) connection. The method includes the step of receiving, by an appliance, a transport layer connection request from a server on a first network to connect to a client connected to the first network via a SSL VPN connection from a second network. The transport layer connection request identifies a client destination internet protocol address and a client destination port on the first network. The method includes establishing, by the appliance, a first transport layer connection to the server on the first network, determining, by the appliance, the client on the second network associated with the client destination internet protocol address on the first network, and transmitting, by the appliance, connection information identifying the client destination port to an agent on the client. The agent establishes a second transport layer connection to the client destination port using a local internet protocol address of the client on the second network and establishes a third transport layer connection to the appliance, which it associates with the second transport layer connection.
摘要翻译：本发明涉及一种用于经由设备建立由第一网络上的服务器通过安全套接层虚拟专用网（SSL VPN）从第二网络连接到第一网络的客户端发起的传输层协议连接的方法，连接。该方法包括以下步骤：通过设备从第一网络的服务器接收传输层连接请求，以经由来自第二网络的SSL VPN连接连接到连接到第一网络的客户端。传输层连接请求标识第一网络上的客户端目标网络协议地址和客户端目的端口。该方法包括由设备建立与第一网络上的服务器的第一传输层连接，由设备确定与第一网络上的客户端目的地网际协议地址相关联的第二网络上的客户端，由设备将连接信息标识到客户机上的代理的客户端目的地端口。代理使用第二网络上的客户端的本地互联网协议地址建立与客户端目的地端口的第二传输层连接，并建立与设备相关联的第三传输层连接，其与第二传输层连接相关联。

46. 发明申请

US20080034418A1 Systems and Methods for Application Based Interception SSI/VPN Traffic 有权
标题翻译：基于应用的拦截SSI / VPN流量的系统和方法
公开(公告)号：US20080034418A1
公开(公告)日：2008-02-07
申请号：US11462321
申请日：2006-08-03
申请人： Charu Venkatraman , Junxiao He , Amarnath Mullick , Shashi Nanjundaswami , James Harris , Ajay Soni
发明人： Charu Venkatraman , Junxiao He , Amarnath Mullick , Shashi Nanjundaswami , James Harris , Ajay Soni
IPC分类号： G06F15/16
CPC分类号： H04L63/0227 , H04L63/0272 , H04L63/0876 , H04L63/102
摘要： A method for intercepting, by an agent of a client, communications from the client to be transmitted via a virtual private network connection includes the step of intercepting communications based on identification of an application from which the communication originates. The agent receives information identifying a first application. The agent determines a network communication transmitted by the client originates from the first application and intercepts that communication. The agent transmits the intercepted communication via the virtual private network connection.
摘要翻译：用于由客户的代理拦截要通过虚拟专用网络连接发送的通信的方法包括基于来自该通信的应用的识别来拦截通信的步骤。代理接收标识第一应用的信息。代理确定由客户端发送的网络通信源自第一应用，并拦截该通信。该代理通过虚拟专用网络连接发送被拦截的通信。

47. 发明申请

US20080031265A1 SYSTEMS AND METHODS FOR USING A CLIENT AGENT TO MANAGE ICMP TRAFFIC IN A VIRTUAL PRIVATE NETWORK ENVIRONMENT 有权
标题翻译：使用客户端在虚拟私有网络环境中管理ICMP流量的系统和方法
公开(公告)号：US20080031265A1
公开(公告)日：2008-02-07
申请号：US11462253
申请日：2006-08-03
申请人： Amarnath Mullick , Charu Venkatraman , Shashi Nanjundaswami , Junxiao He , Roy Rajan , Ajay Soni
发明人： Amarnath Mullick , Charu Venkatraman , Shashi Nanjundaswami , Junxiao He , Roy Rajan , Ajay Soni
IPC分类号： H04L12/56
CPC分类号： H04L12/4641 , H04L41/046 , H04L41/0893 , H04L43/00 , H04L43/0811 , H04L43/0817 , H04L43/10 , H04L63/0272 , H04L63/166
摘要： Systems and methods are described for using a client agent executing on a client to send ICMP messages to an appliance connected via a virtual private network Methods include: establishing, via a client agent executing on a client, a transport layer virtual private network connection with an appliance; intercepting, by the client agent at the network layer, an ICMP request originating from the client; and transmitting, by the client agent via a transport layer connection, the ICMP request to the appliance. Addition methods describe determining, by the appliance, the address identified by the ICMP request corresponds to a second client, the second client also connected via a virtual private network to the remote machine; and transmitting, by the appliance to the second client via the virtual private network connection, the ICMP request. Corresponding systems are also described.
摘要翻译：描述了使用在客户端上执行的客户端代理将ICMP消息发送到经由虚拟专用网连接的设备的系统和方法。方法包括：通过在客户端上执行的客户端代理来建立传输层虚拟专用网络连接器具; 由网络层的客户代理拦截来自客户端的ICMP请求; 以及由所述客户端代理经由传输层连接向所述设备发送所述ICMP请求。附加方法描述了由设备确定由ICMP请求标识的地址对应于第二客户端，第二客户端还经由虚拟专用网络连接到远程机器; 以及由所述设备经由所述虚拟专用网络连接向所述第二客户端发送所述ICMP请求。还描述了相应的系统。

48. 发明授权

US08397287B2 Method and system for authorizing a level of access of a client to a virtual private network connection, based on a client-side attribute 有权
标题翻译：基于客户端属性来授权客户端访问虚拟专用网络连接的级别的方法和系统
公开(公告)号：US08397287B2
公开(公告)日：2013-03-12
申请号：US11465915
申请日：2006-08-21
申请人： Amarnath Mullick , Shashi Nanjundaswamy , Ajay Soni , Charu Venkatraman , Max He
发明人： Amarnath Mullick , Shashi Nanjundaswamy , Ajay Soni , Charu Venkatraman , Max He
IPC分类号： G06F17/00
CPC分类号： H04L63/20 , H04L63/0272 , H04L63/102 , H04L63/105
摘要： An appliance and method for authorizing a level of access of a client to a virtual private network connection, based on a client-side attribute includes the step of establishing, by an appliance, a control connection with a client upon receiving a client request to establish a virtual private network connection with a network. The appliance transmits, via the control connection, a request to the client to evaluate at least one clause of a security string, the at least one clause including an expression associated with a client-side attribute. The client transmits, via the control connection, a response to the appliance comprising a result of evaluating the at least one clause by the client. The appliance assigns the client to an authorization group based on the result of evaluation of the at least one clause.
摘要翻译：基于客户端属性来授权客户端访问虚拟专用网络连接的级别的设备和方法包括以下步骤：当设备在接收到建立客户端请求时建立与客户端的控制连接与网络的虚拟专用网络连接。该设备经由控制连接向客户端发送请求以评估安全字符串的至少一个子句，所述至少一个子句包括与客户端属性相关联的表达式。客户端经由控制连接发送对设备的响应，包括由客户端评估至少一个子句的结果。该设备基于至少一个子句的评估结果将客户端分配给授权组。

49. 发明授权

US08151323B2 Systems and methods for providing levels of access and action control via an SSL VPN appliance 有权
标题翻译：通过SSL VPN设备提供访问级别和动作控制的系统和方法
公开(公告)号：US08151323B2
公开(公告)日：2012-04-03
申请号：US11566975
申请日：2006-12-05
申请人： James Harris , Max He , Arkesh Kumar , Ajay Soni , Charu Venkatraman , Shashi Najundaswamy , Amarnath Mullick
发明人： James Harris , Max He , Arkesh Kumar , Ajay Soni , Charu Venkatraman , Shashi Najundaswamy , Amarnath Mullick
IPC分类号： H04L29/06
CPC分类号： H04L67/06 , H04L63/0272 , H04L63/105 , H04L63/166 , H04L67/02 , H04L67/2842 , H04L67/34 , H04L69/10 , H04L69/16 , H04L69/165
摘要： The present invention relates to systems and methods to identify a level of access for a resource being accessed via a secure socket layer virtual private network (SSL VPN) connection to a network, and to control the action on the resource based on the identified level of access. The appliance described herein provides intelligent secure access and action control to resources based on a sense and respond mechanism. When a user requests access to a resource via the SSL VPN connection of the appliance, the appliance obtains information about the client to determine the user access scenario—the location, device, connection and identify of the user or client. Based on the collected information, the appliance responds to the detected user scenario by identifying a level of access to the resource for the user/client, such as rights to view, print, edit or save a document, Based on the identified level of access, the appliance controls the actions performs on the resource by various techniques described herein so that the user can only perform the allowed action n accordance with the level of access. As such, the present invention allows organization to control and provide the appropriate level of access to valuable, confidential or business critical information accessed remotely or via a pubic network while protecting such information by controlling the types of actions performed or allowed to be performed remotely on the information.
摘要翻译：本发明涉及用于识别经由到网络的安全套接字层虚拟专用网（SSL VPN）连接被访问的资源的访问级别的系统和方法，并且基于所识别的级别来控制对资源的动作访问。本文所述的设备基于感测和响应机制来提供对资源的智能安全访问和动作控制。当用户通过设备的SSL VPN连接请求访问资源时，设备将获取有关客户端的信息，以确定用户访问场景 - 用户或客户端的位置，设备，连接和标识。基于收集的信息，设备通过识别用户/客户端对资源的访问级别（例如查看，打印，编辑或保存文档的权限）来响应所检测的用户场景。基于所识别的访问级别，设备通过本文描述的各种技术控制对资源执行的操作，使得用户只能根据访问级别执行允许的动作。因此，本发明允许组织控制并提供对远程访问或通过公共网络访问的有价值的，机密的或业务关键信息的适当级别的访问，同时通过控制远程执行或允许执行的动作的类型来保护这些信息，信息。

50. 发明申请

US20070245409A1 Systems and Methods for Providing Levels of Access and Action Control Via an SSL VPN Appliance 有权
标题翻译：通过SSL VPN设备提供访问级别和行动控制的系统和方法
公开(公告)号：US20070245409A1
公开(公告)日：2007-10-18
申请号：US11566975
申请日：2006-12-05
申请人： James Harris , Max He , Arkesh Kumar , Ajay Soni , Charu Venkatraman , Shashi Najundaswamy , Amarnath Mullick
发明人： James Harris , Max He , Arkesh Kumar , Ajay Soni , Charu Venkatraman , Shashi Najundaswamy , Amarnath Mullick
IPC分类号： H04L9/32
CPC分类号： H04L67/06 , H04L63/0272 , H04L63/105 , H04L63/166 , H04L67/02 , H04L67/2842 , H04L67/34 , H04L69/10 , H04L69/16 , H04L69/165
摘要： The present invention relates to systems and methods to identify a level of access for a resource being accessed via a secure socket layer virtual private network (SSL VPN) connection to a network, and to control the action on the resource based on the identified level of access. The appliance described herein provides intelligent secure access and action control to resources based on a sense and respond mechanism. When a user requests access to a resource via the SSL VPN connection of the appliance, the appliance obtains information about the client to determine the user access scenario—the location, device, connection and identify of the user or client. Based on the collected information, the appliance responds to the detected user scenario by identifying a level of access to the resource for the user/client, such as rights to view, print, edit or save a document, Based on the identified level of access, the appliance controls the actions performs on the resource by various techniques described herein so that the user can only perform the allowed action n accordance with the level of access. As such, the present invention allows organization to control and provide the appropriate level of access to valuable, confidential or business critical information accessed remotely or via a pubic network while protecting such information by controlling the types of actions performed or allowed to be performed remotely on the information.
摘要翻译：本发明涉及用于识别经由到网络的安全套接字层虚拟专用网（SSL VPN）连接被访问的资源的访问级别的系统和方法，并且基于所识别的级别来控制对资源的动作访问。本文所述的设备基于感测和响应机制来提供对资源的智能安全访问和动作控制。当用户通过设备的SSL VPN连接请求访问资源时，设备将获取有关客户端的信息，以确定用户访问场景 - 用户或客户端的位置，设备，连接和标识。基于收集的信息，设备通过识别用户/客户端对资源的访问级别（例如查看，打印，编辑或保存文档的权限）来响应所检测的用户场景。基于所识别的访问级别，设备通过本文描述的各种技术控制对资源执行的操作，使得用户只能根据访问级别执行允许的动作。因此，本发明允许组织控制并提供对远程访问或通过公共网络访问的有价值的，机密的或业务关键信息的适当级别的访问，同时通过控制远程执行或允许执行的动作的类型来保护这些信息，信息。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式