公开(公告)号：US08549617B2

公开(公告)日：2013-10-01

申请号：US12968015

申请日：2010-12-14

申请人： Yin Wei ,  Subramanian Iyer ,  Richard Campagna ,  James Wood

发明人： Yin Wei ,  Subramanian Iyer ,  Richard Campagna ,  James Wood

IPC分类号： H04L29/06

CPC分类号： H04L63/0272 ,  H04L63/08 ,  H04W12/06 ,  H04W76/19

摘要： An integrated, multi-service virtual private network (VPN) network client for cellular mobile devices is described. The multi-service network client can be deployed as a single software package on cellular mobile network devices to provide integrated services including secure enterprise VPN connectivity, acceleration, security management including monitored and enforced endpoint compliance, and collaboration services. The multi-service client integrates with an operating system of the device to provide a VPN handler to establish a VPN connection with a remote VPN security device. The VPN network client includes to data acceleration module exchange network packets with the VPN handler and apply at least one acceleration service to the network packets, and a VPN control application that provides a unified user interface that allows a user to configure both the VPN handler and the data acceleration module.

摘要翻译： 描述了用于蜂窝移动设备的集成的多业务虚拟专用网（VPN）网络客户端。 多服务网络客户端可以部署为蜂窝移动网络设备上的单一软件包，以提供集成服务，包括安全的企业VPN连接，加速，安全管理，包括监控和强制端点遵从以及协作服务。 多服务客户端与设备的操作系统集成，提供VPN处理程序与远程VPN安全设备建立VPN连接。 VPN网络客户端包括数据加速模块与VPN处理器交换网络数据包，并对网络数据包应用至少一个加速服务，以及提供统一用户界面的VPN控制应用程序，允许用户配置VPN处理程序和 数据加速模块。

公开(公告)号：US08473734B2

公开(公告)日：2013-06-25

申请号：US12968067

申请日：2010-12-14

申请人： Yin Wei ,  Subramanian Iyer ,  Richard Campagna ,  James Wood

发明人： Yin Wei ,  Subramanian Iyer ,  Richard Campagna ,  James Wood

IPC分类号： H04L29/06

CPC分类号： H04L63/0272 ,  H04L63/164 ,  H04L63/166

摘要： An integrated, multi-service network client for cellular mobile devices is described. The multi-service network client can be deployed as a single software package on cellular mobile network devices to provide integrated services including secure enterprise virtual private network (VPN) connectivity, acceleration, security management including monitored and enforced endpoint compliance, and collaboration services. Once installed on the cellular mobile device, the multi-service client establishes the VPN connection to concurrently include both a layer three (L3) tunnel that uses a first type of transport layer protocol of the operating system and a layer four (L4) tunnel that uses a second type of transport layer protocol of the operating system. The VPN handler determines whether network ports associated with the L3 tunnel are unblocked by an operating system and, when the network ports are unblocked, automatically transitions from the L4 tunnel to the L3 tunnel without terminating the VPN connection.

摘要翻译： 描述了用于蜂窝移动设备的集成的多服务网络客户端。 多业务网络客户端可以作为蜂窝移动网络设备上的单个软件包部署，以提供集成服务，包括安全企业虚拟专用网（VPN）连接，加速，安全管理，包括受监控和强制端点遵从以及协作服务。 一旦安装在蜂窝移动设备上，多服务客户端建立VPN连接以同时包括使用操作系统的第一类型的传输层协议的第三层（L3）隧道和第四层（L4）隧道， 使用操作系统的第二种类型的传输层协议。 VPN处理器确定与L3隧道相关联的网络端口是否被操作系统解除阻塞，并且当网络端口被解除阻塞时，自动从L4隧道转换到L3隧道，而不终止VPN连接。

公开(公告)号：US08464336B2

公开(公告)日：2013-06-11

申请号：US12968048

申请日：2010-12-14

申请人： Yin Wei ,  Subramanian Iyer ,  Richard Campagna ,  James Wood

发明人： Yin Wei ,  Subramanian Iyer ,  Richard Campagna ,  James Wood

IPC分类号： H04L29/06

CPC分类号： H04L63/0272 ,  H04L12/4633 ,  H04L12/4641 ,  H04L63/0815 ,  H04L63/1433 ,  H04W76/19

摘要： A virtual private network client for cellular mobile devices is described. The VPN network client establishes a secure VPN connection with a remote VPN security device. The VPN network client establishes a secure control channel with the secure VPN gateway and, upon a successful authentication, receives a session cookie with a unique identifier. In the event communication with the secure VPN gateway is subsequently temporarily lost, the VPN network client performs a fast reconnect without requiring re-authentication of the cellular mobile device by communicating the session cookie to the secure VPN gateway. Prior to performing the fast reconnect, the VPN network client identifies a set of transport mechanisms currently available to the cellular mobile device and, when only a cellular network is available and not a wireless packet-based connection, the VPN network client defers the fast reconnect until application-layer data is received from a user application and is ready to be sent to the remote VPN security device via the VPN connection.

摘要翻译： 描述了用于蜂窝移动设备的虚拟专用网络客户端。 VPN网络客户端与远程VPN安全设备建立安全的VPN连接。 VPN网络客户端与安全VPN网关建立安全控制通道，并且在成功认证时，接收具有唯一标识符的会话cookie。 在与安全VPN网关的通信随后暂时丢失的情况下，VPN网络客户端执行快速重新连接，而不需要通过将会话cookie传送到安全VPN网关来对蜂窝移动设备进行重新认证。 在执行快速重新连接之前，VPN网络客户端识别当前可用于蜂窝移动设备的一组传输机制，并且当只有蜂窝网络可用而不是基于无线分组的连接时，VPN网络客户端延迟快速重新连接 直到从用户应用程序接收到应用层数据，并准备通过VPN连接发送到远程VPN安全设备。

公开(公告)号：US20120005746A1

公开(公告)日：2012-01-05

申请号：US12968095

申请日：2010-12-14

申请人： Yin Wei ,  Subramanian Iyer ,  Richard Campagna ,  James Wood

发明人： Yin Wei ,  Subramanian Iyer ,  Richard Campagna ,  James Wood

IPC分类号： G06F21/00

CPC分类号： H04L63/0272 ,  H04L63/0428 ,  H04W12/02

摘要： An integrated, multi-service network client for cellular mobile devices is described. The multi-service client includes a VPN handler having an interface programmed to exchange the network packets with the security manager for application of the security service, wherein the VPN handler is configurable to operate in one of an enterprise mode and in a non-enterprise mode, wherein in the enterprise mode the VPN handler establishes a VPN connection with a remote VPN security device and provides encryption services to securely tunnel the network packets between the cellular mobile device and the remote VPN security device, and wherein in the non-enterprise mode the VPN handler directs the network packets to the security manager without application of the encryption services and communicates the network packets to a packet-based network without tunneling the packets.

摘要翻译： 描述了用于蜂窝移动设备的集成的多服务网络客户端。 所述多服务客户机包括VPN处理器，所述VPN处理器具有被编程为将所述网络分组与所述安全管理器交换以用于所述安全服务的应用的接口，其中所述VPN处理程序可配置为以企业模式和非企业模式 其中在所述企业模式中，所述VPN处理器与远程VPN安全设备建立VPN连接，并且提供加密服务以安全地在所述蜂窝移动设备与所述远程VPN安全设备之间隧道传送所述网络分组，并且其中在所述非企业模式中 VPN处理器将网络数据包引导到安全管理器而不应用加密服务，并将网络数据包传送到基于分组的网络，而不会隧道传送数据包。

公开(公告)号：US20120002813A1

公开(公告)日：2012-01-05

申请号：US12967977

申请日：2010-12-14

申请人： Yin Wei ,  Subramanian Iyer ,  Richard Campagna ,  James Wood

发明人： Yin Wei ,  Subramanian Iyer ,  Richard Campagna ,  James Wood

IPC分类号： H04K1/00 ,  G06F21/20

CPC分类号： H04L63/0272 ,  H04L63/08 ,  H04W4/00 ,  H04W12/06 ,  H04W76/10 ,  H04W88/02 ,  Y10S379/901

摘要： An integrated, multi-service network client for cellular mobile devices is described. The multi-service network client can be deployed as a single software package on cellular mobile network devices to provide integrated services including secure enterprise virtual private network (VPN) connectivity, acceleration, security management including monitored and enforced endpoint compliance, and collaboration services. Once installed on the cellular mobile device, the multi-service client integrates with an operating system of the device to provide a single entry point for user authentication for secure enterprise connectivity, endpoint security services including endpoint compliance with respect to anti-virus and spyware software, and comprehensive integrity checks. That is, the multi-service client provides a common user interface to the integrated services, and provides a VPN handler that interfaces with the operating system to provide an entry point for network traffic to which the integrated services can be seamlessly applied.

摘要翻译： 描述了用于蜂窝移动设备的集成的多服务网络客户端。 多业务网络客户端可以作为蜂窝移动网络设备上的单个软件包部署，以提供集成服务，包括安全企业虚拟专用网（VPN）连接，加速，安全管理，包括受监控和强制端点遵从以及协作服务。 一旦安装在蜂窝移动设备上，多服务客户端与该设备的操作系统集成，为安全的企业连接提供用户认证的单个入口点，包括针对防病毒和间谍软件的端点遵从性的端点安全服务 ，全面完整检查。 也就是说，多服务客户端为集成服务提供通用的用户界面，并提供与操作系统接口的VPN处理程序，为集成服务无缝应用的网络流量提供入口点。

公开(公告)号：US20120002814A1

公开(公告)日：2012-01-05

申请号：US12968013

申请日：2010-12-14

申请人： Yin Wei ,  Subramanian Iyer ,  Richard Campagna ,  James Wood

发明人： Yin Wei ,  Subramanian Iyer ,  Richard Campagna ,  James Wood

IPC分类号： G06F21/20 ,  H04K1/00

CPC分类号： H04L61/30 ,  H04L29/12594 ,  H04L63/0272 ,  H04W12/02

摘要： An integrated, multi-service network client for cellular mobile devices is described. The multi-service network client can be deployed as a single software package on cellular mobile network devices to provide integrated services including secure enterprise virtual private network (VPN) connectivity, acceleration, security management including monitored and enforced endpoint compliance, and collaboration services. The VPN network client is programmed to receive a web-based home page from an enterprise VPN appliance, process the web-based home page to identify a bookmark embedded within the response that corresponds to an enterprise webmail for the user and dynamically construct a user interface to have an input control native to the cellular mobile device for launching a native email client of the cellular mobile device to access the email without launching a web browser.

摘要翻译： 描述了用于蜂窝移动设备的集成的多服务网络客户端。 多业务网络客户端可以作为蜂窝移动网络设备上的单个软件包部署，以提供集成服务，包括安全企业虚拟专用网（VPN）连接，加速，安全管理，包括受监控和强制端点遵从以及协作服务。 VPN网络客户端被编程为从企业VPN设备接收基于Web的主页，处理基于网页的主页以识别嵌入在响应内的用于用户的企业webmail对应的书签，并动态构建用户界面 具有蜂窝移动设备原生的输入控件，用于启动蜂窝移动设备的本地电子邮件客户端以访问电子邮件而不启动网络浏览器。

公开(公告)号：US20120005745A1

公开(公告)日：2012-01-05

申请号：US12968043

申请日：2010-12-14

申请人： Yin Wei ,  Subramanian Iyer ,  Richard Campagna ,  James Wood

发明人： Yin Wei ,  Subramanian Iyer ,  Richard Campagna ,  James Wood

IPC分类号： G06F21/00

CPC分类号： H04L29/12594 ,  H04L61/301 ,  H04L63/0272 ,  H04W12/02

摘要： A virtual private network (VPN) client for cellular mobile devices is described. The VPN network client processes network packets for securely tunneling the network packets between the cellular mobile device and the remote VPN security device. Upon establishing the VPN connection, the VPN network client receives a web-based home page from the secure VPN device via a secure response, dynamically parses bookmark links from the secure response and renders a bookmark window using input controls native to the cellular mobile device without invoking a web browser on the cellular mobile device. Each of the input controls corresponds to a different one of the bookmarks parsed from the secure response. Upon selection of one of the input controls, the VPN network client formulates and outputs an appropriate request to the secure VPN device as if a corresponding one of the bookmark links were selected by the user.

摘要翻译： 描述了用于蜂窝移动设备的虚拟专用网（VPN）客户端。 VPN网络客户端处理网络数据包，以便在蜂窝移动设备和远程VPN安全设备之间安全地隧道传输网络数据包。 建立VPN连接后，VPN网络客户端通过安全响应从安全VPN设备接收基于Web的主页，从安全响应中动态解析书签链接，并使用蜂窝移动设备原生的输入控件呈现书签窗口，而无需 在蜂窝移动设备上调用网络浏览器。 每个输入控件对应于从安全响应分析的不同的一个书签。 当选择其中一个输入控件时，VPN网络客户端就会制定并向安全VPN设备输出适当的请求，就像用户选择了相应的一个书签链接一样。

公开(公告)号：US20120005477A1

公开(公告)日：2012-01-05

申请号：US12968067

申请日：2010-12-14

申请人： Yin Wei ,  Subramanian Iyer ,  Richard Campagna ,  James Wood

发明人： Yin Wei ,  Subramanian Iyer ,  Richard Campagna ,  James Wood

IPC分类号： H04L29/06 ,  G06F17/00

CPC分类号： H04L63/0272 ,  H04L63/164 ,  H04L63/166

摘要： An integrated, multi-service network client for cellular mobile devices is described. The multi-service network client can be deployed as a single software package on cellular mobile network devices to provide integrated services including secure enterprise virtual private network (VPN) connectivity, acceleration, security management including monitored and enforced endpoint compliance, and collaboration services. Once installed on the cellular mobile device, the multi-service client establishes the VPN connection to concurrently include both a layer three (L3) tunnel that uses a first type of transport layer protocol of the operating system and a layer four (L4) tunnel that uses a second type of transport layer protocol of the operating system. The VPN handler determines whether network ports associated with the L3 tunnel are unblocked by an operating system and, when the network ports are unblocked, automatically transitions from the L4 tunnel to the L3 tunnel without terminating the VPN connection.

摘要翻译： 描述了用于蜂窝移动设备的集成的多服务网络客户端。 多业务网络客户端可以作为蜂窝移动网络设备上的单个软件包部署，以提供集成服务，包括安全企业虚拟专用网（VPN）连接，加速，安全管理，包括受监控和强制端点遵从以及协作服务。 一旦安装在蜂窝移动设备上，多服务客户端建立VPN连接以同时包括使用操作系统的第一类型的传输层协议的第三层（L3）隧道和第四层（L4）隧道， 使用操作系统的第二种类型的传输层协议。 VPN处理器确定与L3隧道相关联的网络端口是否被操作系统解除阻塞，并且当网络端口被解除阻塞时，自动从L4隧道转换到L3隧道，而不终止VPN连接。

公开(公告)号：US08949968B2

公开(公告)日：2015-02-03

申请号：US13403436

申请日：2012-02-23

申请人： Vikki Yin Wei ,  Subramanian Iyer ,  Richard Campagna ,  James Wood

发明人： Vikki Yin Wei ,  Subramanian Iyer ,  Richard Campagna ,  James Wood

IPC分类号： H04L29/06 ,  H04W4/00 ,  H04W12/06 ,  H04W76/02 ,  H04W88/02

CPC分类号： H04L63/0272 ,  H04L63/08 ,  H04W4/00 ,  H04W12/06 ,  H04W76/10 ,  H04W88/02 ,  Y10S379/901

摘要： An integrated, multi-service network client for cellular mobile devices is described. The multi-service network client can be deployed as a single software package on cellular mobile network devices to provide integrated services including secure enterprise virtual private network (VPN) connectivity, acceleration, security management including monitored and enforced endpoint compliance, and collaboration services. Once installed on the cellular mobile device, the multi-service client integrates with an operating system of the device to provide a single entry point for user authentication for secure enterprise connectivity, endpoint security services including endpoint compliance with respect to anti-virus and spyware software, and comprehensive integrity checks. That is, the multi-service client provides a common user interface to the integrated services, and provides a VPN handler that interfaces with the operating system to provide an entry point for network traffic to which the integrated services can be seamlessly applied.

摘要翻译： 描述了用于蜂窝移动设备的集成的多服务网络客户端。 多业务网络客户端可以作为蜂窝移动网络设备上的单个软件包部署，以提供集成服务，包括安全企业虚拟专用网（VPN）连接，加速，安全管理，包括受监控和强制端点遵从以及协作服务。 一旦安装在蜂窝移动设备上，多服务客户端与该设备的操作系统集成，为安全的企业连接提供用户认证的单个入口点，包括针对防病毒和间谍软件的端点遵从性的端点安全服务 ，全面完整检查。 也就是说，多服务客户端为集成服务提供通用的用户界面，并提供与操作系统接口的VPN处理程序，为集成服务无缝应用的网络流量提供入口点。

公开(公告)号：US08458787B2

公开(公告)日：2013-06-04

申请号：US12968043

申请日：2010-12-14

申请人： Yin Wei ,  Subramanian Iyer ,  Richard Campagna ,  James Wood

发明人： Yin Wei ,  Subramanian Iyer ,  Richard Campagna ,  James Wood

IPC分类号： G06F9/00

CPC分类号： H04L29/12594 ,  H04L61/301 ,  H04L63/0272 ,  H04W12/02

摘要： A virtual private network (VPN) client for cellular mobile devices is described. The VPN network client processes network packets for securely tunneling the network packets between the cellular mobile device and the remote VPN security device. Upon establishing the VPN connection, the VPN network client receives a web-based home page from the secure VPN device via a secure response, dynamically parses bookmark links from the secure response and renders a bookmark window using input controls native to the cellular mobile device without invoking a web browser on the cellular mobile device. Each of the input controls corresponds to a different one of the bookmarks parsed from the secure response. Upon selection of one of the input controls, the VPN network client formulates and outputs an appropriate request to the secure VPN device as if a corresponding one of the bookmark links were selected by the user.

摘要翻译： 描述了用于蜂窝移动设备的虚拟专用网（VPN）客户端。 VPN网络客户端处理网络数据包，以便在蜂窝移动设备和远程VPN安全设备之间安全地隧道传输网络数据包。 建立VPN连接后，VPN网络客户端通过安全响应从安全VPN设备接收基于Web的主页，从安全响应中动态解析书签链接，并使用蜂窝移动设备原生的输入控件呈现书签窗口，而无需 在蜂窝移动设备上调用网络浏览器。 每个输入控件对应于从安全响应分析的不同的一个书签。 当选择其中一个输入控件时，VPN网络客户端就会制定并向安全VPN设备输出适当的请求，就像用户选择了相应的一个书签链接一样。