公开(公告)号：US10432530B2

公开(公告)日：2019-10-01

申请号：US15785335

申请日：2017-10-16

Applicant: Citrix Systems, Inc.

Inventor： Praveen Raja Dhanabalan

IPC: H04L12/801 ,  H04L12/26 ,  H04L29/06

Abstract: An appliance for providing compression technique for jitter sensitive application through multiple network links is described. The appliance has one or more processors and includes a link quality estimator, a jitterless compressor, and a link switcher. The link quality estimator is configured to measure latency over a first link and a second link, wherein the second link has a longer latency than the first link. The jitterless compressor is configured to accumulate packets for a time period associated with a difference in latency between the second link and the first link, and determine a number of packets based on a packet size associated with the accumulated packets and bandwidth of the first link. The link switcher is configured to acquire the determined number of packets, wherein the determined number of packets have been compressed, transmit a first packet over the second link, and transmit the acquired number of packets over the first link.

公开(公告)号：US10404603B2

公开(公告)日：2019-09-03

申请号：US15004677

申请日：2016-01-22

Applicant: Citrix Systems, Inc.

Inventor： Praveen Raja Dhanabalan ,  Chaitra Maraliga Ramaiah ,  Karthick Srivatsan

IPC: H04L12/851 ,  H04L12/801

Abstract: An appliance o for evicting data based on traffic priority of data is described. The appliance has one or more processors and includes a compression history manager configured to acquire traffic priority information of data, the data being conveyed over a connection and to assign a compression history set based on the traffic priority information of the data. The compression history manager is also configured to, if cache space does not exist to store the data and another compression history set corresponds to lower traffic priority in a cache queue, evict data from the other compression history set corresponding to lower traffic priority.

公开(公告)号：US10367891B2

公开(公告)日：2019-07-30

申请号：US14867792

申请日：2015-09-28

Applicant: Citrix Systems, Inc.

Inventor： Praveen Raja Dhanabalan ,  Chaitra Maraliga Ramaiah ,  Akshata Bhat

IPC: H04L29/06 ,  H04L29/08

Abstract: A system for optimizing network traffic is described. The system includes a plurality of appliances, each having an SSL session exchange module. An appliance in active state is called a primary appliance, and one or more appliances in inactive state are called secondary appliances. An appliance of a cluster of appliances comprises a secure session exchange module and one or more network interfaces configured to facilitate a first secure session between a client device and the appliance and a second secure session between the appliance and a server. The secure session exchange module in a primary appliance is configured to provide a message for sending to one or more secondary appliances. The message indicates that the appliance is acting as a primary instance for a server. The secure session exchange module in the primary appliance is also configured to acquire at least one session-related parameter through a handshake procedure for a secure layer with the server. A network interface of the one or more network interfaces is further configured to send the at least one session-related parameter to the one or more secondary appliances. The one or more secondary appliances are configured to reuse one or more sessions based on the acquired session-related parameter.

公开(公告)号：US20190230027A1

公开(公告)日：2019-07-25

申请号：US15875437

申请日：2018-01-19

Applicant: Citrix Systems, Inc.

Inventor： Marco Murgia ,  Praveen Raja Dhanabalan

IPC: H04L12/725 ,  H04L12/727 ,  H04L12/733 ,  H04L12/729 ,  H04L12/851 ,  H04L12/841

CPC classification number: H04L45/302 ,  H04L45/121 ,  H04L45/125 ,  H04L45/126 ,  H04L45/22 ,  H04L45/70 ,  H04L47/125 ,  H04L47/24 ,  H04L47/283 ,  H04L49/205

Abstract: The systems and methods discussed herein provide for faster communications, particularly for high priority traffic, across a distributed network with multiple exit points to a Wide Area Network. Rather than simply routing traffic based on internal or external destination, an intelligent router may measure latency to an endpoint destination via multiple paths, both external and internal, and direct traffic accordingly. Steering high priority traffic via the internal connection to an exit point near the destination server, and then to the server via the external network, may be faster than simply forwarding the connection via the external network from the exit point closest to the source device. Additionally, to reduce bandwidth requirements of the nearby exit point and provide capability for higher priority traffic, low priority traffic may be redirected back via the internal connection and transmitted via a distant exit point.

公开(公告)号：US10212043B1

公开(公告)日：2019-02-19

申请号：US15660147

申请日：2017-07-26

Applicant: Citrix Systems, Inc.

Inventor： Anup Lal Gupta ,  Praveen Raja Dhanabalan

IPC: G01R31/08 ,  H04L12/24 ,  H04L12/803 ,  H04L12/26

Abstract: Disclosed embodiments describe systems and methods for predicting health of a link. A device in communication with a link can identify profile information of a stream of network traffic traversing the link. The device can determine a first prediction of health of the link by applying one or more rules to the plurality of parameters of the profile information. The device can determine a second prediction of health of the link by applying a classifier to one or more timed sequences of the plurality of parameters of the profile information. The device can establishes a respective weight for each of the first prediction of health and the second prediction of heath. The device can select, using the respective weight, between the first prediction of health and the second prediction of health to provide a predictor of the health of the link.

公开(公告)号：US20180077068A1

公开(公告)日：2018-03-15

申请号：US15262773

申请日：2016-09-12

Applicant: Citrix Systems, Inc.

Inventor： Praveen Raja Dhanabalan

IPC: H04L12/851 ,  H04L29/06

CPC classification number: H04L47/2433 ,  H04L47/2441 ,  H04L47/2458 ,  H04L69/04

Abstract: The present solution is directed towards systems and methods for prioritizing data streams transmitted between intermediary devices. In some implementations, the system can temporarily reprioritize data streams based on their compression characteristics. The system can also reprioritize the data packets within specific traffic classes and then prioritize each of the individual traffic classes.

公开(公告)号：US11997080B2

公开(公告)日：2024-05-28

申请号：US17138030

申请日：2020-12-30

Applicant: Citrix Systems, Inc.

Inventor： Praveen Raja Dhanabalan ,  Krishna Kumar KB

IPC: H04L29/06 ,  H04L9/32 ,  H04L9/40 ,  H04L67/02 ,  H04L67/146

CPC classification number: H04L63/0823 ,  H04L9/3263 ,  H04L9/3268 ,  H04L63/083 ,  H04L67/02 ,  H04L67/146

Abstract: A method for validating a Uniform Resource Locator (URL) includes generating electronic media content including the URL, generating a Certificate Signing Request (CSR) including the URL, sending the CSR to a certificate signing server, receiving a signed certificate corresponding to the CSR from the certificate signing server, and encoding the signed certificate as metadata in the electronic media content and/or encoding a serial number associated with the signed certificate as metadata in the electronic media content. A user can send the URL to another user through a chat message, an email, a word processing document or other business application, or a document which has a URL through a pen drive, email, or chat message. The certificate-based mechanism is used to validate the origin (sender) of the URL so that the recipients know that the URL can be accessed without having to separately analyze the security risks.

公开(公告)号：US11677567B2

公开(公告)日：2023-06-13

申请号：US17141602

申请日：2021-01-05

Applicant: Citrix Systems, Inc.

Inventor： Praveen Raja Dhanabalan ,  Aayush Bhala ,  Shubham Choudhary

IPC: H04L9/32 ,  H04L9/08

CPC classification number: H04L9/3263 ,  H04L9/088

Abstract: A computing device may receive a file previously uploaded by another device, and may validate the received file using data including a first value encrypted based on a document (e.g., a digital certificate or identification certificate) of the uploading device. The computing device may determine the validity of the certificate based on a certificate of a remote computing device to which the file was uploaded, and may decrypt the first value using a key of the certificate of the uploading device. The computing device may determine a second value for the received file and may determine validity of the received file based on a match of the first value and the second value.

公开(公告)号：US11582282B2

公开(公告)日：2023-02-14

申请号：US16992948

申请日：2020-08-13

Applicant: Citrix Systems, Inc.

Inventor： Marco Murgia ,  Praveen Raja Dhanabalan ,  Anup Lal Gupta

IPC: H04L65/80 ,  H04L47/2425 ,  H04L47/2441 ,  H04L47/24 ,  H04L47/2491 ,  H04L47/2483 ,  H04L65/61

Abstract: The systems and methods of the present disclosure are directed towards a dynamic system that is configured to identify and map networked traffic, such as that of video, voice, file transfer, and web based applications to predetermined Quality of Service (QoS) classes. The different QoS classes can be associated with different traffic priorities. The networked traffic can be encrypted, which can prevent an intermediate device from processing or otherwise reading the packet headers of the traffic. The systems and methods of the present disclosure can predict QoS classes for encrypted traffic based on traffic patterns and other characteristics of the encrypted traffic.

公开(公告)号：US20220386124A1

公开(公告)日：2022-12-01

申请号：US17331993

申请日：2021-05-27

Applicant: Citrix Systems, Inc.

Inventor： Krishna Kumar KB ,  Praveen Raja Dhanabalan

IPC: H04W12/069 ,  H04L9/32 ,  H04W12/04 ,  H04W4/80

Abstract: Described embodiments provide for provisioning devices securely using zero touch deployments. A controller application can receive a first authentication code from the controller. The controller application can establish, responsive to receiving the first authentication code, a short-range wireless connection with the device within a pairing range of the controller application using at least one of one or more short-range wireless communication types. The controller application can receive a second authentication code from the device via the short-range wireless connection. The controller application can determine that the first authentication code received from the controller corresponds to the second authentication code received via the short-range wireless connection. The controller application can transmit, responsive to determining that the first authentication code corresponds to the second authentication code, an approval request to the controller to sign a certificate to authorize the device to communicate with the controller.