公开(公告)号：US08775614B2

公开(公告)日：2014-07-08

申请号：US13299975

申请日：2011-11-18

申请人： Dhiraj K. Gupta ,  Gerardo Diaz-Cuellar ,  Ashish Saxena ,  Abhishek Tiwari

发明人： Dhiraj K. Gupta ,  Gerardo Diaz-Cuellar ,  Ashish Saxena ,  Abhishek Tiwari

IPC分类号： G06F15/173

CPC分类号： H04L63/10 ,  G06F11/3006 ,  G06F11/3065 ,  H04L63/0428 ,  H04L63/08 ,  H04L63/20 ,  H04L67/40

摘要： Techniques to provide an improved representation of remote network access for a network administrator managing and controlling access to resources on an enterprise network. The representation indicates resources accessed by a remote computer or by a user of that computer and provides associated information useful for managing remote network access. To create the representation, multiple security associations formed between a remote client computer and resources on the enterprise network are associated with entity sessions, based on identical session identifiers generated for each security association within an entity session. The entity sessions may be aggregated into a to DirectAccess “connection” between the remote client computer and the enterprise network, based on an identity of the remote client computer. Resources accessed over the connection may be identified using a session identifier of each entity session so that security associations in that entity session may be matched with the resources.

摘要翻译： 为网络管理员提供远程网络访问的改进表示的技术，管理和控制对企业网络上的资源的访问。 该表示指示由远程计算机或该计算机的用户访问的资源，并提供对管理远程网络访问有用的相关信息。 为了创建表示，基于为实体会话期间的每个安全关联生成的相同的会话标识符，在远程客户端计算机和企业网络上的资源之间形成的多个安全关联与实体会话相关联。 基于远程客户端计算机的身份，实体会话可以聚合到远程客户端计算机和企业网络之间的DirectAccess“连接”中。 可以使用每个实体会话的会话标识符来识别通过连接访问的资源，使得该实体会话中的安全关联可以与资源匹配。

公开(公告)号：US20130067072A1

公开(公告)日：2013-03-14

申请号：US13299975

申请日：2011-11-18

申请人： Dhiraj K. Gupta ,  Gerardo Diaz-Cuellar ,  Ashish Saxena ,  Abhishek Tiwari

发明人： Dhiraj K. Gupta ,  Gerardo Diaz-Cuellar ,  Ashish Saxena ,  Abhishek Tiwari

IPC分类号： G06F15/173 ,  G06F11/30

CPC分类号： H04L63/10 ,  G06F11/3006 ,  G06F11/3065 ,  H04L63/0428 ,  H04L63/08 ,  H04L63/20 ,  H04L67/40

摘要： Techniques to provide an improved representation of remote network access for a network administrator managing and controlling access to resources on an enterprise network. The representation indicates resources accessed by a remote computer or by a user of that computer and provides associated information useful for managing remote network access. To create the representation, multiple security associations formed between a remote client computer and resources on the enterprise network are associated with entity sessions, based on identical session identifiers generated for each security association within an entity session. The entity sessions may be aggregated into a to DirectAccess “connection” between the remote client computer and the enterprise network, based on an identity of the remote client computer. Resources accessed over the connection may be identified using a session identifier of each entity session so that security associations in that entity session may be matched with the resources.

摘要翻译： 为网络管理员提供远程网络访问的改进表示的技术，管理和控制对企业网络上的资源的访问。 该表示指示由远程计算机或该计算机的用户访问的资源，并提供对管理远程网络访问有用的相关信息。 为了创建表示，基于为实体会话期间的每个安全关联生成的相同的会话标识符，在远程客户端计算机和企业网络上的资源之间形成的多个安全关联与实体会话相关联。 基于远程客户端计算机的身份，实体会话可以聚合到远程客户端计算机和企业网络之间的DirectAccess连接。 可以使用每个实体会话的会话标识符来识别通过连接访问的资源，使得该实体会话中的安全关联可以与资源匹配。