公开(公告)号：US11153285B2

公开(公告)日：2021-10-19

申请号：US16183232

申请日：2018-11-07

Applicant: Citrix Systems, Inc.

Inventor： Abhishek Chauhan ,  Karthick Srivatsan ,  J Mohan Rao Arisankala ,  Chaitra Maraliga Ramaiah

IPC: H04L29/06 ,  G06F16/957 ,  H04L9/08 ,  H04L29/08

Abstract: Embodiments described include systems and methods for management and pre-establishment of network application and secure communication sessions. Session logs may be analyzed to identify an application or secure communication sessions likely to be accessed, and prior to receiving a request to establish the session, an intermediary (e.g. another device such as an intermediary appliance or other device, or an intermediary agent on a client such as a client application) may pre-establish the session, performing any necessary handshaking or credential or key exchange processes. When the session is subsequently requested (e.g. in response to a user request), the system may immediately begin using the pre-established session. This pre-establishment may be coordinated within the enterprise providing load balancing and scheduling of session establishment to prevent large processing loads at any one point in time.

公开(公告)号：US11044117B2

公开(公告)日：2021-06-22

申请号：US16232451

申请日：2018-12-26

Applicant: Citrix Systems, Inc.

Inventor： Karthick Srivatsan ,  Chaitra Maraliga Ramaiah ,  Anand Medikeri ,  Rajnesh Raturi ,  Moorthi Subramaniyan ,  Sandeep Manohar Nirikhi

IPC: H04L12/46 ,  H04L12/751 ,  H04L12/715 ,  H04L12/743 ,  H04L12/721 ,  H04L9/06

Abstract: Described embodiments provide systems and methods of forming overlay tunnels for delivery of data between networked devices. A first intermediary device may transmit, responsive to a connection request from a client, a request having a source IP address corresponding to a first virtual IP address of the first device and a first payload including first security hash information to be processed by a second intermediary device. The first device may receive, from the second intermediary device, a response. The response may have a source IP address corresponding to the IP address of the server and a second payload including a virtual IP address of the second device, responsive to second security hash information corresponding to the first security hash information. The first device may establish an overlay tunnel using the first virtual IP address and the second virtual IP address for communicating data between the client and the server.

公开(公告)号：US20200213151A1

公开(公告)日：2020-07-02

申请号：US16232451

申请日：2018-12-26

Applicant: Citrix Systems, Inc.

Inventor： Karthick Srivatsan ,  Chaitra Maraliga Ramaiah ,  Anand Medikeri ,  Rajnesh Raturi ,  Moorthi Subramaniyan ,  Sandeep Manohar Nirikhi

IPC: H04L12/46 ,  H04L12/751 ,  H04L12/715 ,  H04L12/743 ,  H04L12/721 ,  H04L9/06

Abstract: Described embodiments provide systems and methods of forming overlay tunnels for delivery of data between networked devices. A first intermediary device may transmit, responsive to a connection request from a client, a request having a source IP address corresponding to a first virtual IP address of the first device and a first payload including first security hash information to be processed by a second intermediary device. The first device may receive, from the second intermediary device, a response. The response may have a source IP address corresponding to the IP address of the server and a second payload including a virtual IP address of the second device, responsive to second security hash information corresponding to the first security hash information. The first device may establish an overlay tunnel using the first virtual IP address and the second virtual IP address for communicating data between the client and the server.

公开(公告)号：US20200177564A1

公开(公告)日：2020-06-04

申请号：US16209070

申请日：2018-12-04

Applicant: Citrix Systems, Inc.

Inventor： J Mohan Rao Arisankala ,  Chaitra Maraliga Ramaiah ,  Karthick Srivatsan

IPC: H04L29/06 ,  H04L9/08 ,  H04L29/08

Abstract: Described embodiments provide systems and apparatuses for enhanced quality of service, steering and policy enforcement for https traffic via intelligent in-line path discovery of a TLS terminating node. The system may include a first network device having a secure connection traversing through the first network device, and in communication with a second network device. The first network device and the second network device may be intermediary to a client device and a server. The first network device may determine that the second network device terminates the secure connection. The first network device may receive key generation information of the secure connection from the second network device following determining the second network device terminates the secure connection. The first network device may decipher packet(s) of the secure connection destined for the device or the server using the received key generation information, to regulate network traffic of the secure connection at the first network device.