会员体验
专利管家(专利管理)
工作空间(专利管理)
风险监控(情报监控)
数据分析(专利分析)
侵权分析(诉讼无效)
联系我们
交流群
官方交流:
QQ群: 891211   
微信请扫码    >>>
现在联系顾问~
热词
    • 32. 发明申请
    • SYSTEMS AND METHODS OF PROVIDING SERVER INITIATED CONNECTIONS ON A VIRTUAL PRIVATE NETWORK
    • 在虚拟私有网络上提供服务器启动连接的系统和方法
    • US20100281162A1
    • 2010-11-04
    • US12823643
    • 2010-06-25
    • Charu VenkatramanJunxiao HeAjay SoniJames HarrisArkesh Kumar
    • Charu VenkatramanJunxiao HeAjay SoniJames HarrisArkesh Kumar
    • G06F15/16G06F15/173
    • H04L12/4641H04L63/0272H04L63/166H04L69/16H04L69/161H04L69/163H04L69/164
    • The present invention is related to a method for establishing via an appliance a transport layer protocol connection initiated by a server on a first network to a client connected from a second network to the first network via a secure socket layer virtual private network (SSL VPN) connection. The method includes the step of receiving, by an appliance, a transport layer connection request from a server on a first network to connect to a client connected to the first network via a SSL VPN connection from a second network. The transport layer connection request identifies a client destination internet protocol address and a client destination port on the first network. The method includes establishing, by the appliance, a first transport layer connection to the server on the first network, determining, by the appliance, the client on the second network associated with the client destination internet protocol address on the first network, and transmitting, by the appliance, connection information identifying the client destination port to an agent on the client. The agent establishes a second transport layer connection to the client destination port using a local internet protocol address of the client on the second network and establishes a third transport layer connection to the appliance, which it associates with the second transport layer connection.
    • 本发明涉及一种用于经由设备建立由第一网络上的服务器通过安全套接层虚拟专用网(SSL VPN)从第二网络连接到第一网络的客户端发起的传输层协议连接的方法, 连接。 该方法包括以下步骤:通过设备从第一网络的服务器接收传输层连接请求,以经由来自第二网络的SSL VPN连接连接到连接到第一网络的客户端。 传输层连接请求标识第一网络上的客户端目标网络协议地址和客户端目的端口。 该方法包括由设备建立与第一网络上的服务器的第一传输层连接,由设备确定与第一网络上的客户端目的地网际协议地址相关联的第二网络上的客户端, 由设备将连接信息标识到客户机上的代理的客户端目的地端口。 代理使用第二网络上的客户端的本地互联网协议地址建立与客户端目的地端口的第二传输层连接,并建立与设备相关联的第三传输层连接,其与第二传输层连接相关联。
    • 33. 发明授权
    • Systems and methods of providing server initiated connections on a virtual private network
    • 在虚拟专用网络上提供服务器启动的连接的系统和方法
    • US07769869B2
    • 2010-08-03
    • US11465950
    • 2006-08-21
    • Charu VenkatramanArkesh KumarJames HarrisAjay SoniJunxiao He
    • Charu VenkatramanArkesh KumarJames HarrisAjay SoniJunxiao He
    • G06F15/16
    • H04L12/4641H04L63/0272H04L63/166H04L69/16H04L69/161H04L69/163H04L69/164
    • The present invention is related to a method for establishing via an appliance a transport layer protocol connection initiated by a server on a first network to a client connected from a second network to the first network via a secure socket layer virtual private network (SSL VPN) connection. The method includes the step of receiving, by an appliance, a transport layer connection request from a server on a first network to connect to a client connected to the first network via a SSL VPN connection from a second network. The transport layer connection request identifies a client destination internet protocol address and a client destination port on the first network. The method includes establishing, by the appliance, a first transport layer connection to the server on the first network, determining, by the appliance, the client on the second network associated with the client destination internet protocol address on the first network, and transmitting, by the appliance, connection information identifying the client destination port to an agent on the client. The agent establishes a second transport layer connection to the client destination port using a local internet protocol address of the client on the second network and establishes a third transport layer connection to the appliance, which it associates with the second transport layer connection.
    • 本发明涉及一种用于经由设备建立由第一网络上的服务器通过安全套接层虚拟专用网(SSL VPN)从第二网络连接到第一网络的客户端发起的传输层协议连接的方法, 连接。 该方法包括以下步骤:通过设备从第一网络的服务器接收传输层连接请求,以经由来自第二网络的SSL VPN连接连接到连接到第一网络的客户端。 传输层连接请求标识第一网络上的客户端目标网络协议地址和客户端目的端口。 该方法包括由设备建立与第一网络上的服务器的第一传输层连接,由设备确定与第一网络上的客户端目的地网际协议地址相关联的第二网络上的客户端, 由设备将连接信息标识到客户机上的代理的客户端目的地端口。 代理使用第二网络上的客户端的本地互联网协议地址建立与客户端目的地端口的第二传输层连接,并建立与设备相关联的第三传输层连接,其与第二传输层连接相关联。
    • 34. 发明申请
    • Systems and Methods of Providing An Intranet Internet Protocol Address to a Client on a Virtual Private Network
    • 在虚拟专用网络上向客户端提供内部网互联网协议地址的系统和方法
    • US20080046994A1
    • 2008-02-21
    • US11465980
    • 2006-08-21
    • Charu VenkatramanJunxiao HeAjay Soni
    • Charu VenkatramanJunxiao HeAjay Soni
    • G06F15/16
    • H04L63/0272H04L63/166
    • The intranet IP address management solution of the appliance and/or client described herein provides an environment for efficiently assigning, managing and querying virtual private network addresses, referred to as intranet IP (IIP) addresses of virtual private network users, such as a multitude of SSL VPN users on an enterprise network. The appliance provides techniques and policies for assigning previously assigned virtual private network addresses of a user to subsequent sessions of the user as the user logs in multiple times or roams between access points. This technique is referred to IIP stickiness as the appliance attempts to provide the same IIP address to a roaming VPN user. The appliance also provides a configurable user domain naming policy so that one can ping or query the virtual private network address of a user by an easily referenceable host name identifying the user. The appliance and/or client agent also provide techniques to allow applications to seamlessly and transparently communicate on the virtual private network using the virtual private network address of the user or client on the private network.
    • 本文描述的设备和/或客户端的Intranet IP地址管理解决方案提供了一种用于有效地分配,管理和查询虚拟专用网地址的环境,被称为虚拟专用网络用户的内部网IP(IIP)地址,诸如大量 企业网络上的SSL VPN用户。 该设备提供用于在用户多次登录或者在接入点之间漫游时将用户先前分配的虚拟专用网地址分配给用户的后续会话的技术和策略。 该技术被称为IIP粘性,因为设备试图向漫游VPN用户提供相同的IIP地址。 该设备还提供可配置的用户域命名策略,以便可以通过标识用户的易于引用的主机名来ping或查询用户的虚拟专用网络地址。 设备和/或客户端代理还提供技术,以允许应用程序使用专用网络上的用户或客户端的虚拟专用网地址在虚拟专用网络上无缝和透明地通信。
    • 35. 发明申请
    • SYSTEMS AND METHODS FOR USING A CLIENT AGENT TO MANAGE HTTP AUTHENTICATION COOKIES
    • 使用客户端管理HTTP认证机构的系统和方法
    • US20080034413A1
    • 2008-02-07
    • US11462308
    • 2006-08-03
    • Junxiao HeCharu VenkatramanRoy RajanAjay Soni
    • Junxiao HeCharu VenkatramanRoy RajanAjay Soni
    • H04L9/32
    • H04L12/4641H04L63/0272H04L63/08H04L63/166H04L67/02
    • Systems and methods are described for using a client agent to manage HTTP authentication cookies. One method includes intercepting, by a client agent executing on a client, a connection request from the client; establishing, by the client agent, a transport layer virtual private network connection with a network appliance; transmitting, by the client agent via the established connection, an HTTP request comprising an authentication cookie; and transmitting, by the client agent via the connection, the connection request. A second method includes intercepting, by a client agent executing on a client, an HTTP communication comprising a cookie from an appliance on a virtual private network to the client; removing, by the client agent, the cookie from the HTTP communication; storing, by the client agent, the received cookie; transmitting, by the client agent, the modified HTTP communication to an application executing on the client; intercepting, by the client agent, an HTTP request from the client; inserting, by the client agent in the HTTP request, the received cookie; and transmitting the modified HTTP request to the appliance. Corresponding systems are also described.
    • 描述了使用客户端代理来管理HTTP身份验证cookie的系统和方法。 一种方法包括由在客户端上执行的客户端代理截取来自客户端的连接请求; 由客户端代理建立与网络设备的传输层虚拟专用网络连接; 由所述客户端代理经由建立的连接发送包括认证cookie的HTTP请求; 以及由所述客户端代理经由所述连接发送所述连接请求。 第二种方法包括由在客户端上执行的客户端代理拦截包括来自虚拟专用网络上的设备到客户端的cookie的HTTP通信; 由客户端代理从HTTP通信中删除该cookie; 由客户代理存储接收到的cookie; 由客户端代理将经修改的HTTP通信传送到在客户机上执行的应用程序; 由客户端代理拦截来自客户端的HTTP请求; 由客户端代理在HTTP请求中插入接收到的cookie; 以及将修改的HTTP请求发送到所述设备。 还描述了相应的系统。
    • 37. 发明授权
    • Systems and methods for using a client agent to manage HTTP authentication cookies
    • 使用客户端代理管理HTTP认证cookie的系统和方法
    • US08561155B2
    • 2013-10-15
    • US11462300
    • 2006-08-03
    • Junxiao HeCharu VenkatramanAjay Soni
    • Junxiao HeCharu VenkatramanAjay Soni
    • H04L29/06
    • H04L63/08H04L63/145H04L67/02H04L67/2842
    • Systems and methods are described for using a client agent to manage HTTP authentication cookies. One method includes intercepting, by a client agent executing on a client, a connection request from the client; establishing, by the client agent, a transport layer virtual private network connection with a network appliance; transmitting, by the client agent via the established connection, an HTTP request comprising an authentication cookie; and transmitting, by the client agent via the connection, the connection request. A second method includes intercepting, by a client agent executing on a client, an HTTP communication comprising a cookie from an appliance on a virtual private network to the client; removing, by the client agent, the cookie from the HTTP communication; storing, by the client agent, the received cookie; transmitting, by the client agent, the modified HTTP communication to an application executing on the client; intercepting, by the client agent, an HTTP request from the client; inserting, by the client agent in the HTTP request, the received cookie; and transmitting the modified HTTP request to the appliance. Corresponding systems are also described.
    • 描述了使用客户端代理来管理HTTP身份验证cookie的系统和方法。 一种方法包括由在客户端上执行的客户端代理截取来自客户端的连接请求; 由客户端代理建立与网络设备的传输层虚拟专用网络连接; 由所述客户端代理经由建立的连接发送包括认证cookie的HTTP请求; 以及由所述客户端代理经由所述连接发送所述连接请求。 第二种方法包括由在客户端上执行的客户端代理拦截包括来自虚拟专用网络上的设备到客户端的cookie的HTTP通信; 由客户端代理从HTTP通信中删除该cookie; 由客户代理存储接收到的cookie; 由客户端代理将经修改的HTTP通信传送到在客户机上执行的应用程序; 由客户端代理拦截来自客户端的HTTP请求; 由客户端代理在HTTP请求中插入接收到的cookie; 以及将修改的HTTP请求发送到所述设备。 还描述了相应的系统。