专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

WO2008017010A1 SYSTEMS AND METHODS FOR MANAGING A PLURALITY OF USER SESSIONS IN A VIRTUAL PRIVATE NETWORK ENVIRONMENT 审中-公开
标题翻译：管理虚拟私人网络环境中用户会话多余的系统和方法
公开(公告)号：WO2008017010A1
公开(公告)日：2008-02-07
申请号：PCT/US2007/075034
申请日：2007-08-02
申请人： CITRIX SYSTEMS, INC. , KUMAR, Arkesh , HARRIS, James , SONI, Ajay
发明人： KUMAR, Arkesh , HARRIS, James , SONI, Ajay
IPC分类号： H04L29/06 , H04L29/08 , H04L12/46
CPC分类号： H04L63/0272 , H04L12/4641 , H04L67/14
摘要： Methods for establishing an SSL/VPN session on behalf of a user of a client (102a) where the user has a previously existing session are described. Methods include receiving, by an appliance (200), a request from a first client (102a) operated by a user to establish a virtual private network session; creating, by the appliance, a temporary virtual private network session with the client; identifying, by the appliance, an existing virtual private network session previously established on behalf of the user; terminating the previous session; and creating a new virtual private network session with the client using the temporary session. Other methods may further include transmitting a request to a user corresponding to whether to terminate one or more previous sessions, and transferring session data from a previously existing session to a current session. Corresponding systems are also described.
摘要翻译：代表用户（102a）的用户建立SSL / VPN会话的方法

2. 发明申请

WO2010107558A1 SYSTEMS AND METHODS FOR USING END POINT AUDITING IN CONNECTION WITH TRAFFIC MANAGEMENT 审中-公开
标题翻译：使用端点监控与交通管理相关的系统和方法
公开(公告)号：WO2010107558A1
公开(公告)日：2010-09-23
申请号：PCT/US2010/025227
申请日：2010-02-24
申请人： CITRIX SYSTEMS, INC. , HARRIS, James , LI, Raymond , KUMAR, Arkesh , THAKUR, Ravindranath , AGARWAL, Puneet , CHOUDHARY, Akshat , GUPTA, Punit
发明人： HARRIS, James , LI, Raymond , KUMAR, Arkesh , THAKUR, Ravindranath , AGARWAL, Puneet , CHOUDHARY, Akshat , GUPTA, Punit
IPC分类号： H04L29/06 , G06F21/00
CPC分类号： H04L63/0876 , G06F21/31 , G06F21/53 , G06F2009/4557 , H04L63/08 , H04L63/0884 , H04L63/10 , H04L63/105 , H04L63/166 , H04L63/20 , H04L67/2814
摘要： The present invention provides a system and method of managing traffic traversing an intermediary based on a result of end point auditing. An authentication virtual server of an intermediary may determine a result of an end point analysis scan of a client. Responsive to the determination, the traffic management virtual server can obtain the result from the authentication virtual server. Further, the traffic management virtual server may apply the result in one or more traffic management policies to manage network traffic of a connection of the client traversing the intermediary. In some embodiments, the authentication virtual server may receive one or more expressions evaluated by the client. The one or more expressions identifies one or more attributes of the client. The traffic management virtual server can also determine a type of compression or encryption for the connection based on applying the one or more traffic management policies using the result.
摘要翻译：本发明提供了一种基于终端审计结果来管理遍历中间人的流量的系统和方法。中介的认证虚拟服务器可以确定客户端的终点分析扫描的结果。响应确定，流量管理虚拟服务器可以从认证虚拟服务器获取结果。此外，流量管理虚拟服务器可以将结果应用于一个或多个流量管理策略中，以管理遍历中间件的客户端的连接的网络流量。在一些实施例中，认证虚拟服务器可以接收由客户端评估的一个或多个表达式。一个或多个表达式标识客户端的一个或多个属性。流量管理虚拟服务器还可以基于使用结果应用一个或多个流量管理策略来确定连接的压缩或加密的类型。

3. 发明申请

WO2008017011A2 SYSTEMS AND METHODS FOR APPLICATION-BASED INTERCEPTION AND AUTHORIZATION OF SSL/VPN TRAFFIC 审中-公开
标题翻译：用于基于应用程序的SSL / VPN流量的截取和授权的系统和方法
公开(公告)号：WO2008017011A2
公开(公告)日：2008-02-07
申请号：PCT/US2007/075035
申请日：2007-08-02
申请人： CITRIX SYSTEMS, INC. , MULLICK, Amarnath , VENKATRAMAN, Charu , HE, Junxiao , NANJUNDASWAMI, Shashi , HARRIS, James , SONI, Ajay
发明人： MULLICK, Amarnath , VENKATRAMAN, Charu , HE, Junxiao , NANJUNDASWAMI, Shashi , HARRIS, James , SONI, Ajay
IPC分类号： H04L29/06
CPC分类号： H04L63/0236 , H04L63/0245 , H04L63/0263 , H04L63/0272 , H04L63/101 , H04L63/104 , H04L63/306
摘要： A method for intercepting, by an agent of a client, communications from the client to be transmitted via a virtual private network connection includes the step of intercepting communications based on identification of an application from which the communication originates. The agent receives information identifying a first application. The agent determines a network communication transmitted by the client originates from the first application and intercepts that communication. The agent transmits the intercepted communication via the virtual private network connection. Another method is described for allowing or denying, by an appliance, access to a resource by an application on a client via a virtual private network connection includes basing the decision to allow or deny access on identification of the application. The appliance associates with the intercepted request an authorization policy based on the identity of the application. The appliance determines, using the authorization policy and the identity of the application, to either allow or deny access by the application to the resource.
摘要翻译：用于由客户机的代理拦截来自客户机的通过虚拟专用网络连接发送的通信的方法包括基于通信发起的应用的标识来拦截通信的步骤。代理接收标识第一个应用程序的信息。代理确定客户端发送的网络通信源自第一个应用程序并拦截该通信。代理通过虚拟专用网络连接发送截取的通信。描述了另一种方法，用于通过设备允许或拒绝客户端上的应用程序经由虚拟专用网络连接访问资源，包括基于决定允许还是拒绝对应用程序的标识进行访问。设备根据应用程序的身份与截获的请求关联授权策略。设备使用授权策略和应用程序的身份确定是允许还是拒绝应用程序访问资源。

4. 发明申请

WO2009094657A1 SYSTEMS AND METHODS FOR FINE GRAIN POLICY DRIVEN COOKIE PROXYING 审中-公开
标题翻译：精细粮食政策驱动COOKIE代理的制度和方法
公开(公告)号：WO2009094657A1
公开(公告)日：2009-07-30
申请号：PCT/US2009/032046
申请日：2009-01-26
申请人： CITRIX SYSTEMS, INC. , AGARWAL, Puneet , ADHYA, Saibal, Kumar , THIRUNARAYANAN, Srinivasan , HARRIS, James
发明人： AGARWAL, Puneet , ADHYA, Saibal, Kumar , THIRUNARAYANAN, Srinivasan , HARRIS, James
IPC分类号： H04L29/06
CPC分类号： H04L63/0227 , H04L63/0272 , H04L63/0281 , H04L63/166 , H04L63/20 , H04L67/02 , H04L67/28 , H04L67/2842
摘要： The present application enables the enterprise to configure various policies to address various subsets of the traffic based on various information relating the client, the server, or the details and nature of the interactions between the client and the server. An intermediary deployed between clients and servers may establish an SSL VPN session between a client and a server. The intermediary may receiving a response from a server to a request of a client via the clientless SSL VPN session. The response may comprise one or more cookies. The intermediary may identify an access profile for the clientless SSL VPN session. The access profile may identify one or more policies for proxying cookies. The intermediary may determine, responsive to the one or more policies of the access profile, whether to proxy or bypass proxying for the client the one or more cookies.
摘要翻译：本应用使得企业能够基于与客户端，服务器或客户端与服务器之间的交互的细节和性质相关的各种信息来配置各种策略来处理流量的各种子集。部署在客户端和服务器之间的中介可以在客户端和服务器之间建立SSL VPN会话。中间人可以通过无客户端SSL VPN会话从服务器接收到客户端的请求的响应。响应可以包括一个或多个cookie。中介可以识别无客户端SSL VPN会话的访问配置文件。访问配置文件可以标识用于代理Cookie的一个或多个策略。中介可以响应于访问简档的一个或多个策略来确定是否为客户端代理或绕过代理一个或多个cookie。

5. 发明申请

WO2009051898A1 SYSTEMS AND METHODS FOR MANAGING COOKIES VIA HTTP CONTENT LAYER 审中-公开
标题翻译：用于通过HTTP内容层管理咖啡的系统和方法
公开(公告)号：WO2009051898A1
公开(公告)日：2009-04-23
申请号：PCT/US2008/074400
申请日：2008-08-27
申请人： CITRIX SYSTEMS, INC. , HARRIS, James
发明人： HARRIS, James
IPC分类号： H04L29/06 , H04L29/08
CPC分类号： H04L67/02 , H04L67/28 , H04L67/2842
摘要： The cookie management system and methods of the present solution address issues with rewriting cookie headers by handling cookies in the content layer of HTTP instead of the HTTP transaction layer. The present solution maintains cookie information for a browser via an intermediary and installs the correct cookie parameters in the browser via the HTTP content layer. Instead of using the headers of the HTTP transaction layer which may cause issues due to rewriting, the present solution manages the cookies outside of this layer. This avoids the browser managing the cookies incorrectly. Set cookies headers served from a server in response to client HTTP requests are removed by the intermediary. Cookie information from the headers are stored in a cookie jar on the intermediary. The intermediary delivers instructions and scripts via the content layer of the HTTP response to set the cookie in the browser. The scripts detect browser changes to the cookie and communicates the changes to the intermediary to update the cookie jar. With the present solution, the domain and path names of a cookie are set correctly on the browser when delivering content via a reverse proxy.
摘要翻译：本解决方案的cookie管理系统和方法解决了通过处理HTTP内容层而不是HTTP事务层重写cookie头部的问题。本解决方案通过中介维护浏览器的Cookie信息，并通过HTTP内容层在浏览器中安装正确的Cookie参数。而不是使用可能导致重写问题的HTTP事务层的标头，本解决方案管理该层外的Cookie。这样可以避免浏览器错误地管理cookies。设置从服务器提供响应客户端HTTP请求的cookie头被中介人删除。来自标头的Cookie信息存储在中介的cookie jar中。中间人通过HTTP响应的内容层传递指令和脚本，以便在浏览器中设置cookie。这些脚本检测到cookie的浏览器更改，并将更改传达给中介来更新cookie jar。使用本解决方案，通过反向代理传递内容时，浏览器可以正确设置Cookie的域名和路径名称。

6. 发明公开

EP2409472A1 SYSTEMS AND METHODS FOR USING END POINT AUDITING IN CONNECTION WITH TRAFFIC MANAGEMENT 有权
标题翻译：系统和方法使用终点保险在交通管理连接
公开(公告)号：EP2409472A1
公开(公告)日：2012-01-25
申请号：EP10708452.7
申请日：2010-02-24
申请人： Citrix Systems, Inc.
发明人： HARRIS, James , LI, Raymond , KUMAR, Arkesh , THAKUR, Ravindranath , AGARWAL, Puneet , CHOUDHARY, Akshat , GUPTA, Punit
IPC分类号： H04L29/06 , G06F21/00
摘要： The present invention provides a system and method for authentication of network traffic managed by a traffic management virtual server. A traffic management virtual server may determine that a client has not been authenticated from a request of the client to access a server. Responsive to the request, the traffic management virtual server may transmit a response to the client with instructions to redirect to an authentication virtual server. The authentication virtual server may receive a second request from the client. The authentication virtual server may then authenticate credentials received from the client and establish an authentication session for the client. Further, the authentication virtual server may transmit a second response to redirect the client to the traffic management virtual server. The second response identifies the authentication session. The traffic management virtual server then receives a request from the client with an identifier to the authentication session.
摘要翻译：本发明提供一种系统和管理基于端点审计的结果中介的交通横动的方法。中介的认证虚拟服务器可确定矿客户端的终点分析扫描的结果。响应于所述确定，流量管理虚拟服务器可以从认证虚拟服务器的结果。此外，流量管理虚拟服务器可以申请结果中的一个或多个流量管理策略来管理客户端经过中间设备的连接的网络流量。在一些实施例中，认证虚拟服务器可以接收由客户端评估一个或多个表达式。将一个或多个表达式标识客户端的一个或多个属性。流量管理虚拟服务器可以因此确定为矿基于使用所述结果将所述一个或多个流量管理策略的连接的类型的压缩或加密的。

7. 发明授权

EP2241081B1 SYSTEMS AND METHODS FOR FINE GRAIN POLICY DRIVEN COOKIE PROXYING 有权
标题翻译：用于细粒度政策驱动COOKIE委托的系统和方法
公开(公告)号：EP2241081B1
公开(公告)日：2018-05-02
申请号：EP09703631.3
申请日：2009-01-26
申请人： Citrix Systems, Inc.
发明人： AGARWAL, Puneet , ADHYA, Saibal, Kumar , THIRUNARAYANAN, Srinivasan , HARRIS, James
IPC分类号： H04L29/06
CPC分类号： H04L63/0227 , H04L63/0272 , H04L63/0281 , H04L63/166 , H04L63/20 , H04L67/02 , H04L67/28 , H04L67/2842
摘要： The present solution enables a client that is not configured to use cookies to access resources of the server that uses cookies for communications with the clients. An intermediary deployed between a client and a server intercepts and modifies transmissions between the client and the server to compensate for the mismatch in configuration of the cookies between the client and the server. The present disclosure relates to a method for managing cookies by an intermediary for a client. An intermediary receives a response from a server to a request of a client. The response may comprise a uniform resource locator (URL) and a cookie. The intermediary may modify the response by removing the cookie from the response and inserting a unique client identifier into the URL. The intermediary may store the removed cookie in association with the unique client identifier and forward the modified response to the client.

8. 发明授权

EP2409472B1 SYSTEMS AND METHODS FOR USING END POINT AUDITING IN CONNECTION WITH TRAFFIC MANAGEMENT 有权
公开(公告)号：EP2409472B1
公开(公告)日：2020-04-01
申请号：EP10708452.7
申请日：2010-02-24
申请人： Citrix Systems, Inc.
发明人： HARRIS, James , LI, Raymond , KUMAR, Arkesh , THAKUR, Ravindranath , AGARWAL, Puneet , CHOUDHARY, Akshat , GUPTA, Punit
IPC分类号： H04L29/06 , G06F21/00

9. 发明公开

EP2241081A1 SYSTEMS AND METHODS FOR FINE GRAIN POLICY DRIVEN COOKIE PROXYING 有权
标题翻译：食品加工食品加工食品加工食品
公开(公告)号：EP2241081A1
公开(公告)日：2010-10-20
申请号：EP09703631.3
申请日：2009-01-26
申请人： Citrix Systems, Inc.
发明人： AGARWAL, Puneet , ADHYA, Saibal, Kumar , THIRUNARAYANAN, Srinivasan , HARRIS, James
IPC分类号： H04L29/06
CPC分类号： H04L63/0227 , H04L63/0272 , H04L63/0281 , H04L63/166 , H04L63/20 , H04L67/02 , H04L67/28 , H04L67/2842
摘要： The present solution enables a client that is not configured to use cookies to access resources of the server that uses cookies for communications with the clients. An intermediary deployed between a client and a server intercepts and modifies transmissions between the client and the server to compensate for the mismatch in configuration of the cookies between the client and the server. The present disclosure relates to a method for managing cookies by an intermediary for a client. An intermediary receives a response from a server to a request of a client. The response may comprise a uniform resource locator (URL) and a cookie. The intermediary may modify the response by removing the cookie from the response and inserting a unique client identifier into the URL. The intermediary may store the removed cookie in association with the unique client identifier and forward the modified response to the client.
摘要翻译：本解决方案使未配置为使用Cookie的客户端访问使用Cookie与客户端通信的服务器的资源。部署在客户端和服务器之间的中间人拦截并修改客户端和服务器之间的传输，以补偿客户端和服务器之间的Cookie配置不匹配。本公开涉及一种由客户端的中间人管理cookie的方法。中介从服务器接收到客户端请求的响应。响应可以包括统一的资源定位符（URL）和cookie。中介可以通过从响应中删除cookie并将唯一的客户端标识符插入到URL中来修改响应。中介可以将删除的cookie与唯一的客户端标识符相关联地存储，并将修改的响应转发给客户端。

10. 发明授权

EP2201744B1 METHODS FOR MANAGING COOKIES VIA HTTP CONTENT LAYER 有权
公开(公告)号：EP2201744B1
公开(公告)日：2019-04-24
申请号：EP08798761.6
申请日：2008-08-27
申请人： Citrix Systems, Inc.
发明人： HARRIS, James
IPC分类号： H04L29/06 , H04L29/08

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式