公开(公告)号：US20150074751A1

公开(公告)日：2015-03-12

申请号：US14539681

申请日：2014-11-12

Applicant: Citrix Systems, Inc.

Inventor： Puneet Agarwal ,  Srinivasan Thirunarayanan ,  Saibal Kumar Adhya ,  Akshat Choudhary

IPC: H04L29/06 ,  H04L29/08

CPC classification number: H04L63/0272 ,  H04L29/08846 ,  H04L63/0281 ,  H04L63/105 ,  H04L63/166 ,  H04L63/20 ,  H04L67/02 ,  H04L67/14 ,  H04L67/2814

Abstract: The present disclosure provides solutions that may enable an enterprise providing services to a number of clients to determine whether to establish a client based SSL VPN session or a clientless SSL VPN session with a client based on an information associated with the client. An intermediary establishing SSL VPN sessions between clients and servers may receive a request from a client to access a server. The intermediary may identify a session policy based on the request. The session policy may indicate whether to establish a client based SSL VPN session or clientless SSL VPN session with the server. The intermediary may determine, responsive to the policy, to establish a clientless or client based SSL VPN session between the client and the server.

公开(公告)号：US20140157361A1

公开(公告)日：2014-06-05

申请号：US14175616

申请日：2014-02-07

Applicant: CITRIX SYSTEMS, INC.

Inventor： Puneet Agarwal ,  Srinivasan Thirunarayanan ,  Vamsi Korrapatti ,  Prakash Khemani ,  Rajiv Mirani ,  Anoop Reddy

IPC: H04L29/06

CPC classification number: H04L63/0272 ,  H04L29/08846 ,  H04L63/0281 ,  H04L63/105 ,  H04L63/166 ,  H04L63/20 ,  H04L67/02 ,  H04L67/14 ,  H04L67/2814

Abstract: The present disclosure provides solutions for an enterprise providing services to a variety of clients to enable the client to use the resources provided by the enterprise by modifying URLs received and the URLs from the responses from the servers to the client's requests before forwarding the requests and the responses to the intended destinations. An intermediary may identify an access profile for a clients' request to access a server via a clientless SSL VPN session. The intermediary may detect one or more URLs in content served by the server in response to the request using one or more regular expressions of the access profile. The intermediary may rewrite or modify, responsive to detecting, the one or more detected URLs in accordance with a URL transformation specified by one or more rewrite policies of the access profile. The response with modified URLs may be forwarded to the client.

Abstract translation: 本公开提供了向各种客户端提供服务的企业的解决方案，以使得客户端能够在转发请求之前通过修改所接收的URL和从服务器的响应到客户端的请求来使用企业提供的资源，并且 对预期目的地的回应。 中介可以识别客户端通过无客户端SSL VPN会话访问服务器的请求的访问配置文件。 响应于使用访问简档的一个或多个正则表达式的请求，中介可以检测服务器所服务的内容中的一个或多个URL。 根据由访问简档的一个或多个重写策略指定的URL变换，中介可以响应于检测到一个或多个检测到的URL来重写或修改。 具有修改的URL的响应可以转发给客户端。

公开(公告)号：US09571456B2

公开(公告)日：2017-02-14

申请号：US14539681

申请日：2014-11-12

Applicant: Citrix Systems, Inc.

Inventor： Puneet Agarwal ,  Srinivasan Thirunarayanan ,  Saibal Kumar Adhya ,  Akshat Choudhary

IPC: H04L29/00 ,  H04L29/06 ,  H04L29/08

CPC classification number: H04L63/0272 ,  H04L29/08846 ,  H04L63/0281 ,  H04L63/105 ,  H04L63/166 ,  H04L63/20 ,  H04L67/02 ,  H04L67/14 ,  H04L67/2814

Abstract: The present disclosure provides solutions that may enable an enterprise providing services to a number of clients to determine whether to establish a client based SSL VPN session or a clientless SSL VPN session with a client based on an information associated with the client. An intermediary establishing SSL VPN sessions between clients and servers may receive a request from a client to access a server. The intermediary may identify a session policy based on the request. The session policy may indicate whether to establish a client based SSL VPN session or clientless SSL VPN session with the server. The intermediary may determine, responsive to the policy, to establish a clientless or client based SSL VPN session between the client and the server.

Abstract translation: 本公开提供了可以使得能够向多个客户端提供服务的企业基于与客户端相关联的信息来确定是否建立与客户端的基于客户端的SSL VPN会话或客户端SSL VPN会话的解决方案。 在客户端和服务器之间建立SSL VPN会话的中间件可以接收客户端访问服务器的请求。 中介可以根据请求识别会话策略。 会话策略可以指示是否与服务器建立基于客户端的SSL VPN会话或客户端SSL VPN会话。 中介可以根据策略确定在客户端和服务器之间建立基于客户端或客户端的SSL VPN会话。

公开(公告)号：US10270740B2

公开(公告)日：2019-04-23

申请号：US14175616

申请日：2014-02-07

Applicant: Citrix Systems, Inc.

Inventor： Puneet Agarwal ,  Srinivasan Thirunarayanan ,  Vamsi Korrapatti ,  Prakash Khemani ,  Rajiv Mirani ,  Anoop Reddy

IPC: H04L29/06 ,  H04L29/08

Abstract: The present disclosure provides solutions for an enterprise providing services to a variety of clients to enable the client to use the resources provided by the enterprise by modifying URLs received and the URLs from the responses from the servers to the client's requests before forwarding the requests and the responses to the intended destinations. An intermediary may identify an access profile for a clients' request to access a server via a clientless SSL VPN session. The intermediary may detect one or more URLs in content served by the server in response to the request using one or more regular expressions of the access profile. The intermediary may rewrite or modify, responsive to detecting, the one or more detected URLs in accordance with a URL transformation specified by one or more rewrite policies of the access profile. The response with modified URLs may be forwarded to the client.

公开(公告)号：US09059966B2

公开(公告)日：2015-06-16

申请号：US14306354

申请日：2014-06-17

Applicant: Citrix Systems, Inc.

Inventor： Puneet Agarwal ,  Saibal Kumar Adhya ,  Srinivasan Thirunarayanan ,  James Harris

IPC: H04L29/06 ,  H04L29/08

CPC classification number: H04L63/0227 ,  H04L63/0272 ,  H04L63/0281 ,  H04L63/166 ,  H04L63/20 ,  H04L67/02 ,  H04L67/28 ,  H04L67/2842

Abstract: The present application enables the enterprise to configure various policies to address various subsets of the traffic based on various information relating the client, the server, or the details and nature of the interactions between the client and the server. An intermediary deployed between clients and servers may establish an SSL VPN session between a client and a server. The intermediary may receiving a response from a server to a request of a client via the clientless SSL VPN session. The response may comprise one or more cookies. The intermediary may identify an access profile for the clientless SSL VPN session. The access profile may identify one or more policies for proxying cookies. The intermediary may determine, responsive to the one or more policies of the access profile, whether to proxy or bypass proxying for the client the one or more cookies.

Abstract translation: 本应用使得企业能够基于与客户端，服务器或客户端与服务器之间的交互的细节和性质相关的各种信息来配置各种策略来处理流量的各种子集。 部署在客户端和服务器之间的中介可以在客户端和服务器之间建立SSL VPN会话。 中间人可以通过无客户端SSL VPN会话从服务器接收到客户端的请求的响应。 响应可以包括一个或多个cookie。 中介可以识别无客户端SSL VPN会话的访问配置文件。 访问配置文件可以标识用于代理Cookie的一个或多个策略。 中介可以响应于访问简档的一个或多个策略来确定是否为客户端代理或绕过代理一个或多个cookie。

公开(公告)号：US20140298410A1

公开(公告)日：2014-10-02

申请号：US14306354

申请日：2014-06-17

Applicant: Citrix Systems, Inc.

Inventor： Puneet Agarwal ,  Saibal Kumar Adhya ,  Srinivasan Thirunarayanan ,  James Harris

IPC: H04L29/06

CPC classification number: H04L63/0227 ,  H04L63/0272 ,  H04L63/0281 ,  H04L63/166 ,  H04L63/20 ,  H04L67/02 ,  H04L67/28 ,  H04L67/2842

Abstract: The present application enables the enterprise to configure various policies to address various subsets of the traffic based on various information relating the client, the server, or the details and nature of the interactions between the client and the server. An intermediary deployed between clients and servers may establish an SSL VPN session between a client and a server. The intermediary may receiving a response from a server to a request of a client via the clientless SSL VPN session. The response may comprise one or more cookies. The intermediary may identify an access profile for the clientless SSL VPN session. The access profile may identify one or more policies for proxying cookies. The intermediary may determine, responsive to the one or more policies of the access profile, whether to proxy or bypass proxying for the client the one or more cookies.

Abstract translation: 本应用使得企业能够基于与客户端，服务器或客户端与服务器之间的交互的细节和性质相关的各种信息来配置各种策略来处理流量的各种子集。 部署在客户端和服务器之间的中介可以在客户端和服务器之间建立SSL VPN会话。 中间人可以通过无客户端SSL VPN会话从服务器接收到客户端的请求的响应。 响应可以包括一个或多个cookie。 中介可以识别无客户端SSL VPN会话的访问配置文件。 访问配置文件可以标识用于代理Cookie的一个或多个策略。 中介可以响应于访问简档的一个或多个策略来确定是否为客户端代理或绕过代理一个或多个cookie。