公开(公告)号：US08893259B2

公开(公告)日：2014-11-18

申请号：US12359982

申请日：2009-01-26

申请人： Puneet Agarwal ,  Saibal Kumar Adhya ,  Srinivasan Thirunarayanan ,  Akshat Choudhary

发明人： Puneet Agarwal ,  Saibal Kumar Adhya ,  Srinivasan Thirunarayanan ,  Akshat Choudhary

IPC分类号： H04L29/06 ,  H04L29/08

CPC分类号： H04L63/0272 ,  H04L29/08846 ,  H04L63/0281 ,  H04L63/105 ,  H04L63/166 ,  H04L63/20 ,  H04L67/02 ,  H04L67/14 ,  H04L67/2814

摘要： The present disclosure provides solutions that may enable an enterprise providing services to a number of clients to determine whether to establish a client based SSL VPN session or a clientless SSL VPN session with a client based on an information associated with the client. An intermediary establishing SSL VPN sessions between clients and servers may receive a request from a client to access a server. The intermediary may identify a session policy based on the request. The session policy may indicate whether to establish a client based SSL VPN session or clientless SSL VPN session with the server. The intermediary may determine, responsive to the policy, to establish a clientless or client based SSL VPN session between the client and the server.

摘要翻译： 本公开提供了可以使得能够向多个客户端提供服务的企业基于与客户端相关联的信息来确定是否建立与客户端的基于客户端的SSL VPN会话或客户端SSL VPN会话的解决方案。 在客户端和服务器之间建立SSL VPN会话的中间件可以接收客户端访问服务器的请求。 中介可以根据请求识别会话策略。 会话策略可以指示是否与服务器建立基于客户端的SSL VPN会话或客户端SSL VPN会话。 中介可以根据策略确定在客户端和服务器之间建立基于客户端或客户端的SSL VPN会话。

公开(公告)号：US20120303293A1

公开(公告)日：2012-11-29

申请号：US13221665

申请日：2011-08-30

申请人： Scot McNeill ,  Puneet Agarwal

发明人： Scot McNeill ,  Puneet Agarwal

IPC分类号： G06F19/00

CPC分类号： E21B47/0001 ,  E21B17/01

摘要： A method and system are provided to reconstruct vibration responses such as stress and fatigue damage at desired locations in a structure from a limited number of vibration measurements at a few locations in the structure. Vibration response measurements can be of any type, e.g. acceleration, angular velocity, strain, etc. The desired locations can be anywhere within the domain of the structure and may include the entire structural domain. Measured vibration responses may be of uniform type or combinations of different types.

摘要翻译： 提供了一种方法和系统，用于在结构中的几个位置处的有限数量的振动测量结构中重建振动响应，例如在结构中的期望位置处的应力和疲劳损伤。 振动响应测量可以是任何类型，例如， 加速度，角速度，应变等。期望的位置可以是结构域内的任何地方，并且可以包括整个结构域。 测量的振动响应可以是均匀的类型或不同类型的组合。

公开(公告)号：US20120036178A1

公开(公告)日：2012-02-09

申请号：US12851449

申请日：2010-08-05

申请人： Anil Kumar Gavini ,  Akshat Choudhary ,  Puneet Agarwal

发明人： Anil Kumar Gavini ,  Akshat Choudhary ,  Puneet Agarwal

IPC分类号： G06F15/16

CPC分类号： G06F9/5027 ,  G06F2209/5016 ,  H04L67/02 ,  H04L67/2804 ,  H04L67/2819

摘要： The present solution is directed towards systems and methods for managing cookies by a multi-core device. The device is intermediary to a client and one or more servers. A first core of a multi-core device receives a response from a server to a request of the client through a user session. The response comprises a cookie. The first core removes the cookie from the response and stores the cookie in a corresponding storage for the session. The first core forwards the response without the cookie to the client. A second core then receives via a session, a second request from the client. The second core determines the identification of the first core as owner of the session from the second request. The second core then communicates to the first core a third request for cookie information for the session.

摘要翻译： 目前的解决方案涉及用于通过多核设备管理Cookie的系统和方法。 该设备是客户端和一个或多个服务器的中介。 多核设备的第一核心通过用户会话接收从服务器到客户端的请求的响应。 响应包括一个cookie。 第一个核心从响应中删除cookie，并将cookie存储在会话的相应存储中。 第一个核心将没有cookie的响应转发给客户端。 然后，第二核心经由会话接收来自客户端的第二请求。 第二核确定第一个核心作为第二个请求中的会话的所有者的标识。 然后，第二个核心向第一个核心传达第三个会话Cookie信息请求。

公开(公告)号：US20110154443A1

公开(公告)日：2011-06-23

申请号：US12976688

申请日：2010-12-22

申请人： RAVINDRANATH THAKUR ,  Puneet Agarwal ,  Arkesh Kumar ,  Rui Li

发明人： RAVINDRANATH THAKUR ,  Puneet Agarwal ,  Arkesh Kumar ,  Rui Li

IPC分类号： G06F21/00

CPC分类号： G06F21/41

摘要： A method for propagating authentication session information to a plurality of cores of a multi-core device includes establishing, by an authentication virtual server executing on a first core of a device intermediary to at least one client and server, a session for a user, the authentication virtual server authenticating the session. A traffic management virtual server executes on a second core of device, and receives a request to access a server via the session. The traffic management virtual server may identify, responsive to a determination that the session is not stored by the second core, from an identifier of the session that the first core established the session. The second core may send to the first core a request for data for the session identified by the identifier. The second core may receive from the first core a response to the second request identifying whether the session is valid.

摘要翻译： 用于将认证会话信息传播到多核设备的多个核心的方法包括：通过在至少一个客户端和服务器的中间设备的第一核心上执行的认证虚拟服务器建立用户的会话， 验证虚拟服务器认证会话。 流量管理虚拟服务器在设备的第二核心上执行，并且经由会话接收到访问服务器的请求。 业务管理虚拟服务器可以响应于确定该会话未被第二核心存储的第一核心建立会话的会话标识符。 第二核心可以向第一核心发送由标识符标识的会话的数据请求。 第二核心可以从第一核心接收对第二请求的响应，以识别会话是否有效。

公开(公告)号：US07933900B2

公开(公告)日：2011-04-26

申请号：US11257282

申请日：2005-10-23

申请人： Bindu Reddy ,  Jonathan Brunsman ,  Ning Mosberger ,  Gaurav Ravindra Bhaya ,  Sarah Sirajuddin ,  David Kale ,  Jennifer L. Kozenski ,  Arvind Sundararajan ,  Puneet Agarwal

发明人： Bindu Reddy ,  Jonathan Brunsman ,  Ning Mosberger ,  Gaurav Ravindra Bhaya ,  Sarah Sirajuddin ,  David Kale ,  Jennifer L. Kozenski ,  Arvind Sundararajan ,  Puneet Agarwal

IPC分类号： G06F7/00 ,  G06F17/30

CPC分类号： G06F17/30867 ,  G06F17/30017 ,  G06F17/3012 ,  G06F17/30312 ,  G06F17/30424 ,  G06F17/30864 ,  G06F17/30893

摘要： A user can refine a search over structured data by specifying that a label or an attribute value be used to further filter the results of a query.

摘要翻译： 用户可以通过指定使用标签或属性值来进一步过滤查询结果来优化对结构化数据的搜索。

公开(公告)号：US07826481B2

公开(公告)日：2010-11-02

申请号：US11289369

申请日：2005-11-30

申请人： Mohan Kalkunte ,  Gurumurthy Yelewarapu ,  Puneet Agarwal ,  Song-Huo Yu ,  Venkateshwar Buduma

发明人： Mohan Kalkunte ,  Gurumurthy Yelewarapu ,  Puneet Agarwal ,  Song-Huo Yu ,  Venkateshwar Buduma

IPC分类号： H04J3/16 ,  H04L12/54

CPC分类号： H04L45/00 ,  H04L12/18 ,  H04L45/583 ,  H04L49/351 ,  H04L49/352

摘要： A network device that processes packets and includes at least one legacy component for performing basic processing on packets in the network device. The network device further includes at least one advanced component for performing advanced processing, which can not be performed by the legacy component, on packets in the network device. When an incoming packet to the legacy component requires advanced processing, the legacy component performs the basic processing and transmits the packet to a loop-back port on advanced component. Upon receiving the packet, basic processing is disabled on the advanced component and advanced processing is performed on the packet.

摘要翻译： 一种网络设备，其处理分组并且包括用于对所述网络设备中的分组执行基本处理的至少一个传统组件。 网络设备还包括至少一个高级组件，用于在网络设备中的分组上执行不能由传统组件执行的高级处理。 当到传统组件的传入分组需要高级处理时，传统组件执行基本处理，并将分组发送到高级组件上的环回端口。 接收到报文后，对高级组件进行基本处理，对报文进行高级处理。

公开(公告)号：US20100242106A1

公开(公告)日：2010-09-23

申请号：US12409322

申请日：2009-03-23

申请人： James Harris ,  Rui Li ,  Arkesh Kumar ,  Ravindranath Thakur ,  Puneet Agarwal ,  Akshat Choudhary ,  Punit Gupta

发明人： James Harris ,  Rui Li ,  Arkesh Kumar ,  Ravindranath Thakur ,  Puneet Agarwal ,  Akshat Choudhary ,  Punit Gupta

IPC分类号： G06F15/173 ,  G06F21/00

CPC分类号： H04L63/0876 ,  G06F21/31 ,  G06F21/53 ,  G06F2009/4557 ,  H04L63/08 ,  H04L63/0884 ,  H04L63/10 ,  H04L63/105 ,  H04L63/166 ,  H04L63/20 ,  H04L67/2814

摘要： The present invention provides a system and method of managing traffic traversing an intermediary based on a result of end point auditing. An authentication virtual server of an intermediary may determine a result of an end point analysis scan of a client. Responsive to the determination, the traffic management virtual server can obtain the result from the authentication virtual server. Further, the traffic management virtual server may apply the result in one or more traffic management policies to manage network traffic of a connection of the client traversing the intermediary. In some embodiments, the authentication virtual server may receive one or more expressions evaluated by the client. The one or more expressions identifies one or more attributes of the client. The traffic management virtual server can also determine a type of compression or encryption for the connection based on applying the one or more traffic management policies using the result.

摘要翻译： 本发明提供了一种基于终端审计结果来管理遍历中间人的流量的系统和方法。 中介的认证虚拟服务器可以确定客户端的终点分析扫描的结果。 响应确定，流量管理虚拟服务器可以从认证虚拟服务器获取结果。 此外，流量管理虚拟服务器可以将结果应用于一个或多个流量管理策略中，以管理遍历中间件的客户端的连接的网络流量。 在一些实施例中，认证虚拟服务器可以接收由客户端评估的一个或多个表达式。 一个或多个表达式标识客户端的一个或多个属性。 流量管理虚拟服务器还可以基于使用结果应用一个或多个流量管理策略来确定连接的压缩或加密的类型。

公开(公告)号：US07643420B2

公开(公告)日：2010-01-05

申请号：US11187404

申请日：2005-07-21

申请人： Bruce H. Kwan ,  Puneet Agarwal

发明人： Bruce H. Kwan ,  Puneet Agarwal

IPC分类号： H04J1/16

CPC分类号： H04L47/10 ,  H04L47/193 ,  H04L47/22

摘要： Various aspects of a method and system for transmission control protocol (TCP) traffic smoothing are presented. Traffic smoothing may comprise a method for controlling data transmission in a communications system that further comprises scheduling the timing of transmission of information from a TCP offload engine (TOE) based on a traffic profile. Traffic smoothing may comprise transmitting information from a TOE at a rate that is either greater than, approximately equal to, or less than, the rate at which the information was generated. Some conventional network interface cards (NIC) that utilize TOEs may not provide a mechanism that enables traffic shaping. By not providing a mechanism for traffic shaping, there may be a greater probability of lost packets in the network.

摘要翻译： 提出了传输控制协议（TCP）流量平滑的方法和系统的各个方面。 业务平滑可以包括用于控制通信系统中的数据传输的方法，该方法还包括基于业务简档调度来自TCP卸载引擎（TOE）的信息的传输定时。 业务平滑可以包括以大于等于或小于生成信息速率的速率从TOE发送信息。 使用TOE的一些常规网络接口卡（NIC）可能不提供启用流量整形的机制。 通过不提供用于流量整形的机制，网络中可能存在丢失分组的可能性更大。

公开(公告)号：US20090259810A1

公开(公告)日：2009-10-15

申请号：US12101696

申请日：2008-04-11

申请人： Eric Baden ,  Puneet Agarwal

发明人： Eric Baden ,  Puneet Agarwal

IPC分类号： G06F12/00

CPC分类号： H04L47/10 ,  H04L45/00 ,  H04L47/24

摘要： A system may include a content addressable memory (CAM) that is configured to include multiple services, receive a key, where the key includes source port information and IP information related to a packet received on one of multiple ports, and output a match index value in response to a search of the CAM using the key. The system may include a policy memory module that is configured to receive the match index value and to output meter controls and a meter address based on the match index value, a port meter map module that is configured to receive the source port information and to output a mask value and a per port meter value, and a remapping module that is configured to receive the meter address, receive the mask value and the per port meter value, and modify the meter address based on those values.

摘要翻译： 系统可以包括内容可寻址存储器（CAM），其被配置为包括多个服务，接收密钥，其中密钥包括源端口信息和与在多个端口中的一个端口上接收的分组相关的IP信息，并输出匹配索引值 响应于使用该键搜索CAM。 该系统可以包括：策略存储器模块，被配置为接收匹配索引值，并且基于匹配索引值输出仪表控制和仪表地址;配置为接收源端口信息并输出 掩码值和每端口仪表值，以及配置为接收仪表地址，接收掩码值和每端口仪表值的重映射模块，并根据这些值修改仪表地址。

公开(公告)号：US20090193513A1

公开(公告)日：2009-07-30

申请号：US12359101

申请日：2009-01-23

申请人： Puneet Agarwal ,  Ravindra Nath Thakur ,  Anil Kumar Gavini

发明人： Puneet Agarwal ,  Ravindra Nath Thakur ,  Anil Kumar Gavini

IPC分类号： G06F21/00

CPC分类号： H04L63/0272 ,  H04L63/0227 ,  H04L63/105 ,  H04L63/1441 ,  H04L63/166

摘要： The present disclosure presents methods, systems and intermediaries which determine an encoding scheme of a uniform resource location (URL) from a plurality of encoding schemes for a clientless secure socket layer virtual private network (SSL VPN) via a proxy. An intermediary may receive a response from a server comprising a URL. The response from the server may be directed to a client via a SSL VPN session and via the intermediary. The intermediary may determine, responsive to an encoding policy, one of a transparent, opaque or encrypted encoding scheme for encoding the URL. The intermediary may rewrite the URL for transmission to the client in accordance with the determined encoding scheme.

摘要翻译： 本公开提供了通过代理从无客户端安全套接字层虚拟专用网（SSL VPN）的多个编码方案中确定统一资源位置（URL）的编码方案的方法，系统和中介​​。 中介可以从包含URL的服务器接收响应。 来自服务器的响应可以经由SSL VPN会话并且经由中介向客户端发送。 中介可以响应于编码策略来确定用于对URL进行编码的透明，不透明或加密的编码方案之一。 中介可以根据所确定的编码方案重写用于传送给客户端的URL。