专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US08572721B2 Methods and systems for routing packets in a VPN-client-to-VPN-client connection via an SSL/VPN network appliance 有权
标题翻译：通过SSL / VPN网络设备在VPN客户端到VPN客户端连接中路由数据包的方法和系统
公开(公告)号：US08572721B2
公开(公告)日：2013-10-29
申请号：US11462174
申请日：2006-08-03
申请人： Arkesh Kumar , James Harris , Ajay Soni
发明人： Arkesh Kumar , James Harris , Ajay Soni
IPC分类号： H04L29/06
CPC分类号： H04L63/0272 , H04L12/4641 , H04L63/166
摘要： In a method and system for routing packets between clients, a packet is received from a first client connected to a secure sockets layer virtual private network (an SSL/VPN) network appliance. An identification is made, responsive to an inspection of the received packet, of i) a type of connection required for transmission of the received packet to a destination address identified by the received packet and ii) a second client connected via an SSL/VPN connection to the SSL/VPN network appliance and associated with the identified destination address. A request is made for establishment by the second client of a connection of the identified type within the SSL/VPN connection. The received packet is transmitted to the second client via the established connection of the identified type.
摘要翻译：在用于在客户端之间路由分组的方法和系统中，从连接到安全套接层层虚拟专用网（SSL / VPN）网络设备的第一客户端接收分组。响应于所接收的分组的检查，进行识别i）将接收的分组传输到由接收分组识别的目的地地址所需的连接类型，以及ii）经由SSL / VPN连接连接的第二客户端到SSL / VPN网络设备并与所识别的目的地址相关联。请求由第二客户端建立SSL / VPN连接中识别类型的连接。所接收的分组经由所识别类型的建立的连接被发送到第二客户端。

2. 发明授权

US08108525B2 Systems and methods for managing a plurality of user sessions in a virtual private network environment 有权
标题翻译：用于在虚拟专用网络环境中管理多个用户会话的系统和方法
公开(公告)号：US08108525B2
公开(公告)日：2012-01-31
申请号：US11462341
申请日：2006-08-03
申请人： Arkesh Kumar , James Harris , Ajay Soni
发明人： Arkesh Kumar , James Harris , Ajay Soni
IPC分类号： G06F15/16
CPC分类号： H04L63/0272 , H04L12/4641 , H04L67/14
摘要： Methods for establishing an SSL/VPN session on behalf of a user of a client where the user has a previously existing session are described. Methods include receiving, by an appliance, a request from a first client operated by a user to establish a virtual private network session; creating, by the appliance, a temporary virtual private network session with the client; identifying, by the appliance, an existing virtual private network session previously established on behalf of the user; terminating the previous session; and creating a new virtual private network session with the client using the temporary session. Other methods may further include transmitting a request to a user corresponding to whether to terminate one or more previous sessions, and transferring session data from a previously existing session to a current session. Corresponding systems are also described.
摘要翻译：描述代表用户具有先前存在的会话的客户端的用户建立SSL / VPN会话的方法。方法包括由设备接收来自用户操作的第一客户机的请求以建立虚拟专用网络会话; 由设备创建与客户端的临时虚拟专用网络会话; 由设备识别以前代表用户建立的现有虚拟专用网络会话; 终止前一届会议; 并使用临时会话与客户端创建新的虚拟专用网络会话。其他方法还可以包括：向用户发送对应于是否终止一个或多个先前会话的请求，以及将会话数据从先前存在的会话传送到当前会话。还描述了相应的系统。

3. 发明申请

US20100281162A1 SYSTEMS AND METHODS OF PROVIDING SERVER INITIATED CONNECTIONS ON A VIRTUAL PRIVATE NETWORK 有权
标题翻译：在虚拟私有网络上提供服务器启动连接的系统和方法
公开(公告)号：US20100281162A1
公开(公告)日：2010-11-04
申请号：US12823643
申请日：2010-06-25
申请人： Charu Venkatraman , Junxiao He , Ajay Soni , James Harris , Arkesh Kumar
发明人： Charu Venkatraman , Junxiao He , Ajay Soni , James Harris , Arkesh Kumar
IPC分类号： G06F15/16 , G06F15/173
CPC分类号： H04L12/4641 , H04L63/0272 , H04L63/166 , H04L69/16 , H04L69/161 , H04L69/163 , H04L69/164
摘要： The present invention is related to a method for establishing via an appliance a transport layer protocol connection initiated by a server on a first network to a client connected from a second network to the first network via a secure socket layer virtual private network (SSL VPN) connection. The method includes the step of receiving, by an appliance, a transport layer connection request from a server on a first network to connect to a client connected to the first network via a SSL VPN connection from a second network. The transport layer connection request identifies a client destination internet protocol address and a client destination port on the first network. The method includes establishing, by the appliance, a first transport layer connection to the server on the first network, determining, by the appliance, the client on the second network associated with the client destination internet protocol address on the first network, and transmitting, by the appliance, connection information identifying the client destination port to an agent on the client. The agent establishes a second transport layer connection to the client destination port using a local internet protocol address of the client on the second network and establishes a third transport layer connection to the appliance, which it associates with the second transport layer connection.
摘要翻译：本发明涉及一种用于经由设备建立由第一网络上的服务器通过安全套接层虚拟专用网（SSL VPN）从第二网络连接到第一网络的客户端发起的传输层协议连接的方法，连接。该方法包括以下步骤：通过设备从第一网络的服务器接收传输层连接请求，以经由来自第二网络的SSL VPN连接连接到连接到第一网络的客户端。传输层连接请求标识第一网络上的客户端目标网络协议地址和客户端目的端口。该方法包括由设备建立与第一网络上的服务器的第一传输层连接，由设备确定与第一网络上的客户端目的地网际协议地址相关联的第二网络上的客户端，由设备将连接信息标识到客户机上的代理的客户端目的地端口。代理使用第二网络上的客户端的本地互联网协议地址建立与客户端目的地端口的第二传输层连接，并建立与设备相关联的第三传输层连接，其与第二传输层连接相关联。

4. 发明授权

US07769869B2 Systems and methods of providing server initiated connections on a virtual private network 有权
标题翻译：在虚拟专用网络上提供服务器启动的连接的系统和方法
公开(公告)号：US07769869B2
公开(公告)日：2010-08-03
申请号：US11465950
申请日：2006-08-21
申请人： Charu Venkatraman , Arkesh Kumar , James Harris , Ajay Soni , Junxiao He
发明人： Charu Venkatraman , Arkesh Kumar , James Harris , Ajay Soni , Junxiao He
IPC分类号： G06F15/16
CPC分类号： H04L12/4641 , H04L63/0272 , H04L63/166 , H04L69/16 , H04L69/161 , H04L69/163 , H04L69/164
摘要： The present invention is related to a method for establishing via an appliance a transport layer protocol connection initiated by a server on a first network to a client connected from a second network to the first network via a secure socket layer virtual private network (SSL VPN) connection. The method includes the step of receiving, by an appliance, a transport layer connection request from a server on a first network to connect to a client connected to the first network via a SSL VPN connection from a second network. The transport layer connection request identifies a client destination internet protocol address and a client destination port on the first network. The method includes establishing, by the appliance, a first transport layer connection to the server on the first network, determining, by the appliance, the client on the second network associated with the client destination internet protocol address on the first network, and transmitting, by the appliance, connection information identifying the client destination port to an agent on the client. The agent establishes a second transport layer connection to the client destination port using a local internet protocol address of the client on the second network and establishes a third transport layer connection to the appliance, which it associates with the second transport layer connection.
摘要翻译：本发明涉及一种用于经由设备建立由第一网络上的服务器通过安全套接层虚拟专用网（SSL VPN）从第二网络连接到第一网络的客户端发起的传输层协议连接的方法，连接。该方法包括以下步骤：通过设备从第一网络的服务器接收传输层连接请求，以经由来自第二网络的SSL VPN连接连接到连接到第一网络的客户端。传输层连接请求标识第一网络上的客户端目标网络协议地址和客户端目的端口。该方法包括由设备建立与第一网络上的服务器的第一传输层连接，由设备确定与第一网络上的客户端目的地网际协议地址相关联的第二网络上的客户端，由设备将连接信息标识到客户机上的代理的客户端目的地端口。代理使用第二网络上的客户端的本地互联网协议地址建立与客户端目的地端口的第二传输层连接，并建立与设备相关联的第三传输层连接，其与第二传输层连接相关联。

5. 发明申请

US20080034416A1 METHODS AND SYSTEMS FOR ROUTING PACKETS IN A VPN-CLIENT-TO-VPN-CLIENT CONNECTION VIA AN SSL/VPN NETWORK APPLIANCE 有权
标题翻译：用于通过SSL / VPN网络设备进行VPN客户端到VPN客户端连接的路由包的方法和系统
公开(公告)号：US20080034416A1
公开(公告)日：2008-02-07
申请号：US11462174
申请日：2006-08-03
申请人： Arkesh Kumar , James Harris , Ajay Soni
发明人： Arkesh Kumar , James Harris , Ajay Soni
IPC分类号： G06F15/16
CPC分类号： H04L63/0272 , H04L12/4641 , H04L63/166
摘要： In a method and system for routing packets between clients, a packet is received from a first client connected to a secure sockets layer virtual private network (an SSL/VPN) network appliance. An identification is made, responsive to an inspection of the received packet, of i) a type of connection required for transmission of the received packet to a destination address identified by the received packet and ii) a second client connected via an SSL/VPN connection to the SSL/VPN network appliance and associated with the identified destination address. A request is made for establishment by the second client of a connection of the identified type within the SSL/VPN connection. The received packet is transmitted to the second client via the established connection of the identified type.
摘要翻译：在用于在客户端之间路由分组的方法和系统中，从连接到安全套接层层虚拟专用网（SSL / VPN）网络设备的第一客户端接收分组。响应于所接收的分组的检查，进行识别i）将接收的分组传输到由接收分组识别的目的地地址所需的连接类型，以及ii）经由SSL / VPN连接连接的第二客户端到SSL / VPN网络设备并与所识别的目的地址相关联。请求由第二客户端建立SSL / VPN连接中识别类型的连接。所接收的分组经由所识别类型的建立的连接被发送到第二客户端。

6. 发明授权

US08356101B2 Systems and methods for managing a plurality of user sessions in a virtual private network environment 有权
标题翻译：用于在虚拟专用网络环境中管理多个用户会话的系统和方法
公开(公告)号：US08356101B2
公开(公告)日：2013-01-15
申请号：US13362346
申请日：2012-01-31
申请人： Arkesh Kumar , James Harris , Ajay Soni
发明人： Arkesh Kumar , James Harris , Ajay Soni
IPC分类号： G06F15/16
CPC分类号： H04L63/0272 , H04L12/4641 , H04L67/14
摘要： Methods for establishing an SSL/VPN session on behalf of a user of a client where the user has a previously existing session are described. Methods include receiving, by an appliance, a request from a first client operated by a user to establish a virtual private network session; creating, by the appliance, a temporary virtual private network session with the client; identifying, by the appliance, an existing virtual private network session previously established on behalf of the user; terminating the previous session; and creating a new virtual private network session with the client using the temporary session. Other methods may further include transmitting a request to a user corresponding to whether to terminate one or more previous sessions, and transferring session data from a previously existing session to a current session. Corresponding systems are also described.
摘要翻译：描述代表用户具有先前存在的会话的客户端的用户建立SSL / VPN会话的方法。方法包括由设备接收来自用户操作的第一客户机的请求以建立虚拟专用网络会话; 由设备创建与客户端的临时虚拟专用网络会话; 由设备识别以前代表用户建立的现有虚拟专用网络会话; 终止前一届会议; 并使用临时会话与客户端创建新的虚拟专用网络会话。其他方法还可以包括：向用户发送对应于是否终止一个或多个先前会话的请求，以及将会话数据从先前存在的会话传送到当前会话。还描述了相应的系统。

7. 发明授权

US08271661B2 Systems and methods of providing server initiated connections on a virtual private network 有权
标题翻译：在虚拟专用网络上提供服务器启动的连接的系统和方法
公开(公告)号：US08271661B2
公开(公告)日：2012-09-18
申请号：US12823643
申请日：2010-06-25
申请人： James Harris , Arkesh Kumar , Charu Venkatraman , Ajay Soni , Junxiao He
发明人： James Harris , Arkesh Kumar , Charu Venkatraman , Ajay Soni , Junxiao He
IPC分类号： G06F15/16
CPC分类号： H04L12/4641 , H04L63/0272 , H04L63/166 , H04L69/16 , H04L69/161 , H04L69/163 , H04L69/164
摘要： The present invention is related to a method for establishing via an appliance a transport layer protocol connection initiated by a server on a first network to a client connected from a second network to the first network via a secure socket layer virtual private network (SSL VPN) connection. The method includes the step of receiving, by an appliance, a transport layer connection request from a server on a first network to connect to a client connected to the first network via a SSL VPN connection from a second network. The transport layer connection request identifies a client destination internet protocol address and a client destination port on the first network. The method includes establishing, by the appliance, a first transport layer connection to the server on the first network, determining, by the appliance, the client on the second network associated with the client destination internet protocol address on the first network, and transmitting, by the appliance, connection information identifying the client destination port to an agent on the client. The agent establishes a second transport layer connection to the client destination port using a local internet protocol address of the client on the second network and establishes a third transport layer connection to the appliance, which it associates with the second transport layer connection.
摘要翻译：本发明涉及一种用于经由设备建立由第一网络上的服务器发起的传输层协议连接到通过安全套接层虚拟专用网（SSL VPN）从第二网络连接到第一网络的客户端的方法，连接。该方法包括以下步骤：通过设备从第一网络的服务器接收传输层连接请求，以经由来自第二网络的SSL VPN连接连接到连接到第一网络的客户端。传输层连接请求标识第一网络上的客户端目标网络协议地址和客户端目的端口。该方法包括由设备建立与第一网络上的服务器的第一传输层连接，由设备确定与第一网络上的客户端目的地网际协议地址相关联的第二网络上的客户端，由设备将连接信息标识到客户机上的代理的客户端目的地端口。代理使用第二网络上的客户端的本地互联网协议地址建立与客户端目的地端口的第二传输层连接，并建立与设备相关联的第三传输层连接，其与第二传输层连接相关联。

8. 发明申请

US20120131208A1 SYSTEMS AND METHODS FOR MANAGING A PLURALITY OF USER SESSIONS IN A VIRTUAL PRIVATE NETWORK ENVIRONMENT 有权
标题翻译：管理虚拟私人网络环境中用户会话多余的系统和方法
公开(公告)号：US20120131208A1
公开(公告)日：2012-05-24
申请号：US13362346
申请日：2012-01-31
申请人： ARKESH KUMAR , James Harris , Ajay Soni
发明人： ARKESH KUMAR , James Harris , Ajay Soni
IPC分类号： G06F15/16
CPC分类号： H04L63/0272 , H04L12/4641 , H04L67/14
摘要： Methods for establishing an SSL/VPN session on behalf of a user of a client where the user has a previously existing session are described. Methods include receiving, by an appliance, a request from a first client operated by a user to establish a virtual private network session; creating, by the appliance, a temporary virtual private network session with the client; identifying, by the appliance, an existing virtual private network session previously established on behalf of the user; terminating the previous session; and creating a new virtual private network session with the client using the temporary session. Other methods may further include transmitting a request to a user corresponding to whether to terminate one or more previous sessions, and transferring session data from a previously existing session to a current session. Corresponding systems are also described.
摘要翻译：描述代表用户具有先前存在的会话的客户端的用户建立SSL / VPN会话的方法。方法包括由设备接收来自用户操作的第一客户机的请求以建立虚拟专用网络会话; 由设备创建与客户端的临时虚拟专用网络会话; 由设备识别以前代表用户建立的现有虚拟专用网络会话; 终止前一届会议; 并使用临时会话与客户端创建新的虚拟专用网络会话。其他方法还可以包括：向用户发送对应于是否终止一个或多个先前会话的请求，以及将会话数据从先前存在的会话传送到当前会话。还描述了相应的系统。

9. 发明授权

US08151323B2 Systems and methods for providing levels of access and action control via an SSL VPN appliance 有权
标题翻译：通过SSL VPN设备提供访问级别和动作控制的系统和方法
公开(公告)号：US08151323B2
公开(公告)日：2012-04-03
申请号：US11566975
申请日：2006-12-05
申请人： James Harris , Max He , Arkesh Kumar , Ajay Soni , Charu Venkatraman , Shashi Najundaswamy , Amarnath Mullick
发明人： James Harris , Max He , Arkesh Kumar , Ajay Soni , Charu Venkatraman , Shashi Najundaswamy , Amarnath Mullick
IPC分类号： H04L29/06
CPC分类号： H04L67/06 , H04L63/0272 , H04L63/105 , H04L63/166 , H04L67/02 , H04L67/2842 , H04L67/34 , H04L69/10 , H04L69/16 , H04L69/165
摘要： The present invention relates to systems and methods to identify a level of access for a resource being accessed via a secure socket layer virtual private network (SSL VPN) connection to a network, and to control the action on the resource based on the identified level of access. The appliance described herein provides intelligent secure access and action control to resources based on a sense and respond mechanism. When a user requests access to a resource via the SSL VPN connection of the appliance, the appliance obtains information about the client to determine the user access scenario—the location, device, connection and identify of the user or client. Based on the collected information, the appliance responds to the detected user scenario by identifying a level of access to the resource for the user/client, such as rights to view, print, edit or save a document, Based on the identified level of access, the appliance controls the actions performs on the resource by various techniques described herein so that the user can only perform the allowed action n accordance with the level of access. As such, the present invention allows organization to control and provide the appropriate level of access to valuable, confidential or business critical information accessed remotely or via a pubic network while protecting such information by controlling the types of actions performed or allowed to be performed remotely on the information.
摘要翻译：本发明涉及用于识别经由到网络的安全套接字层虚拟专用网（SSL VPN）连接被访问的资源的访问级别的系统和方法，并且基于所识别的级别来控制对资源的动作访问。本文所述的设备基于感测和响应机制来提供对资源的智能安全访问和动作控制。当用户通过设备的SSL VPN连接请求访问资源时，设备将获取有关客户端的信息，以确定用户访问场景 - 用户或客户端的位置，设备，连接和标识。基于收集的信息，设备通过识别用户/客户端对资源的访问级别（例如查看，打印，编辑或保存文档的权限）来响应所检测的用户场景。基于所识别的访问级别，设备通过本文描述的各种技术控制对资源执行的操作，使得用户只能根据访问级别执行允许的动作。因此，本发明允许组织控制并提供对远程访问或通过公共网络访问的有价值的，机密的或业务关键信息的适当级别的访问，同时通过控制远程执行或允许执行的动作的类型来保护这些信息，信息。

10. 发明申请

US20080043760A1 Systems and Methods of Providing Server Initiated Connections on a Virtual Private Network 有权
标题翻译：在虚拟专用网络上提供服务器启动的连接的系统和方法
公开(公告)号：US20080043760A1
公开(公告)日：2008-02-21
申请号：US11465950
申请日：2006-08-21
申请人： Charu Venkatraman , Junxiao He , Ajay Soni , James Harris , Arkesh Kumar
发明人： Charu Venkatraman , Junxiao He , Ajay Soni , James Harris , Arkesh Kumar
IPC分类号： H04L12/56
CPC分类号： H04L12/4641 , H04L63/0272 , H04L63/166 , H04L69/16 , H04L69/161 , H04L69/163 , H04L69/164
摘要： The present invention is related to a method for establishing via an appliance a transport layer protocol connection initiated by a server on a first network to a client connected from a second network to the first network via a secure socket layer virtual private network (SSL VPN) connection. The method includes the step of receiving, by an appliance, a transport layer connection request from a server on a first network to connect to a client connected to the first network via a SSL VPN connection from a second network. The transport layer connection request identifies a client destination internet protocol address and a client destination port on the first network. The method includes establishing, by the appliance, a first transport layer connection to the server on the first network, determining, by the appliance, the client on the second network associated with the client destination internet protocol address on the first network, and transmitting, by the appliance, connection information identifying the client destination port to an agent on the client. The agent establishes a second transport layer connection to the client destination port using a local internet protocol address of the client on the second network and establishes a third transport layer connection to the appliance, which it associates with the second transport layer connection.
摘要翻译：本发明涉及一种用于经由设备建立由第一网络上的服务器通过安全套接层虚拟专用网（SSL VPN）从第二网络连接到第一网络的客户端发起的传输层协议连接的方法，连接。该方法包括以下步骤：通过设备从第一网络的服务器接收传输层连接请求，以经由来自第二网络的SSL VPN连接连接到连接到第一网络的客户端。传输层连接请求标识第一网络上的客户端目标网络协议地址和客户端目的端口。该方法包括由设备建立与第一网络上的服务器的第一传输层连接，由设备确定与第一网络上的客户端目的地网际协议地址相关联的第二网络上的客户端，由设备将连接信息标识到客户机上的代理的客户端目的地端口。代理使用第二网络上的客户端的本地互联网协议地址建立与客户端目的地端口的第二传输层连接，并建立与设备相关联的第三传输层连接，其与第二传输层连接相关联。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式