公开(公告)号：US11716314B2

公开(公告)日：2023-08-01

申请号：US17307634

申请日：2021-05-04

Applicant: Citrix Systems, Inc.

Inventor： J Mohan Rao Arisankala ,  Chaitra Maraliga Ramaiah ,  Karthick Srivatsan

IPC: H04L9/40 ,  H04L9/08 ,  H04L67/141 ,  H04L67/143 ,  H04L69/16 ,  H04L67/01

CPC classification number: H04L63/0485 ,  H04L9/0861 ,  H04L67/141 ,  H04L67/143 ,  H04L67/01 ,  H04L69/16

Abstract: Described embodiments provide systems and apparatuses for enhanced quality of service, steering and policy enforcement for https traffic via intelligent in-line path discovery of a TLS terminating node. The system may include a first network device having a secure connection traversing through the first network device, and in communication with a second network device. The first network device and the second network device may be intermediary to a client device and a server. The first network device may determine that the second network device terminates the secure connection. The first network device may receive key generation information of the secure connection from the second network device following determining the second network device terminates the secure connection. The first network device may decipher packet(s) of the secure connection destined for the device or the server using the received key generation information, to regulate network traffic of the secure connection at the first network device.

公开(公告)号：US11582163B2

公开(公告)日：2023-02-14

申请号：US17109904

申请日：2020-12-02

Applicant: Citrix Systems, Inc.

Inventor： Praveen Raja Dhanabalan ,  Chaitra Maraliga Ramaiah

IPC: H04L47/625 ,  H04L47/2441

Abstract: A system for optimizing network traffic is described. The system includes a quality of service (QoS) engine configured to acquire information regarding a plurality of data packets comprising a plurality of data packet flows operating over a plurality of links. The QoS engine can be further configured to determine a flow priority to the plurality of data packets flows, and to determine TCP characteristics for the plurality of data packet flows. The system further includes a TCP controller configured to acquire the flow priority to the plurality of data packets from the QoS engine. The TCP controller can be configured to obtain queue information associated with the plurality of data packets, and adjust a receive window size based on the flow priority and the queue information.

公开(公告)号：US11489782B2

公开(公告)日：2022-11-01

申请号：US16750613

申请日：2020-01-23

Applicant: Citrix Systems, Inc.

Inventor： Chaitra Maraliga Ramaiah ,  Praveen Raja Dhanabalan

IPC: H04L47/27 ,  H04L47/193 ,  H04L69/16 ,  H04L47/11 ,  H04L47/12 ,  H04L47/56 ,  H04L47/2425

Abstract: A system for optimizing network traffic is described. The system includes a transport communication protocol (TCP) controller configured to acquire data regarding a flow of a plurality of data packets over a link and to determine TCP characteristics for the flow, a traffic prioritization module configured to assign a flow priority to the flow, and a traffic priority controller configured detect congestion on the link and determine a congestion window size for the flow based on the flow priority and the TCP characteristics.

公开(公告)号：US11470011B2

公开(公告)日：2022-10-11

申请号：US16999554

申请日：2020-08-21

Applicant: Citrix Systems, Inc.

Inventor： Chaitra Maraliga Ramaiah ,  Praveen Raja Dhanabalan

IPC: H04L47/27 ,  H04L47/193 ,  H04L69/16 ,  H04L47/11 ,  H04L47/12 ,  H04L47/56 ,  H04L47/2425

Abstract: A system for optimizing network traffic is described. The system includes a transport communication protocol (TCP) controller configured to acquire data regarding a flow of a plurality of data packets over a link and to determine TCP characteristics for the flow, a traffic prioritization module configured to assign a flow priority to the flow, and a traffic priority controller configured detect congestion on the link and determine a congestion window size for the flow based on the flow priority and the TCP characteristics.

公开(公告)号：US10924372B2

公开(公告)日：2021-02-16

申请号：US16007043

申请日：2018-06-13

Applicant: CITRIX SYSTEMS, INC.

Inventor： Karthick Srivatsan ,  Marco Murgia ,  Chaitra Maraliga Ramaiah

IPC: H04L12/26 ,  H04L29/08 ,  H04L29/06

Abstract: A computing system may include point of presence (PoP) servers coupled to a wide area network (WAN) and configured to receive client requests for a Software as a service (SaaS) application(s) from different network branches coupled to the WAN, and connect the network branches with a given SaaS host server from among different SaaS host servers coupled to the WAN and providing the SaaS application(s). The system may also include a PoP selection controller (PSC) coupled to the WAN and cooperating with the PoP servers to determine first network health metrics for connections between the PoP servers and the network branches, determine second network health metrics for connections between the PoP servers and the SaaS host servers, and select a respective PoP server for each network branch to be connected with for providing the SaaS application(s) based upon the first and second network health metrics.

公开(公告)号：US10404603B2

公开(公告)日：2019-09-03

申请号：US15004677

申请日：2016-01-22

Applicant: Citrix Systems, Inc.

Inventor： Praveen Raja Dhanabalan ,  Chaitra Maraliga Ramaiah ,  Karthick Srivatsan

IPC: H04L12/851 ,  H04L12/801

Abstract: An appliance o for evicting data based on traffic priority of data is described. The appliance has one or more processors and includes a compression history manager configured to acquire traffic priority information of data, the data being conveyed over a connection and to assign a compression history set based on the traffic priority information of the data. The compression history manager is also configured to, if cache space does not exist to store the data and another compression history set corresponds to lower traffic priority in a cache queue, evict data from the other compression history set corresponding to lower traffic priority.

公开(公告)号：US10367891B2

公开(公告)日：2019-07-30

申请号：US14867792

申请日：2015-09-28

Applicant: Citrix Systems, Inc.

Inventor： Praveen Raja Dhanabalan ,  Chaitra Maraliga Ramaiah ,  Akshata Bhat

IPC: H04L29/06 ,  H04L29/08

Abstract: A system for optimizing network traffic is described. The system includes a plurality of appliances, each having an SSL session exchange module. An appliance in active state is called a primary appliance, and one or more appliances in inactive state are called secondary appliances. An appliance of a cluster of appliances comprises a secure session exchange module and one or more network interfaces configured to facilitate a first secure session between a client device and the appliance and a second secure session between the appliance and a server. The secure session exchange module in a primary appliance is configured to provide a message for sending to one or more secondary appliances. The message indicates that the appliance is acting as a primary instance for a server. The secure session exchange module in the primary appliance is also configured to acquire at least one session-related parameter through a handshake procedure for a secure layer with the server. A network interface of the one or more network interfaces is further configured to send the at least one session-related parameter to the one or more secondary appliances. The one or more secondary appliances are configured to reuse one or more sessions based on the acquired session-related parameter.

公开(公告)号：US20210092070A1

公开(公告)日：2021-03-25

申请号：US17109904

申请日：2020-12-02

Applicant: Citrix Systems, Inc.

Inventor： Praveen Raja Dhanabalan ,  Chaitra Maraliga Ramaiah

IPC: H04L12/863 ,  H04L12/851

Abstract: A system for optimizing network traffic is described. The system includes a quality of service (QoS) engine configured to acquire information regarding a plurality of data packets comprising a plurality of data packet flows operating over a plurality of links. The QoS engine can be further configured to determine a flow priority to the plurality of data packets flows, and to determine TCP characteristics for the plurality of data packet flows. The system further includes a TCP controller configured to acquire the flow priority to the plurality of data packets from the QoS engine. The TCP controller can be configured to obtain queue information associated with the plurality of data packets, and adjust a receive window size based on the flow priority and the queue information.

公开(公告)号：US10594608B2

公开(公告)日：2020-03-17

申请号：US15896935

申请日：2018-02-14

Applicant: Citrix Systems, Inc.

Inventor： Chaitra Maraliga Ramaiah ,  Praveen Raja Dhanabalan

IPC: H04L12/26 ,  H04L12/801 ,  H04L29/06 ,  H04L12/911

Abstract: A system for optimizing network traffic is described. The system includes a transport communication protocol (TCP) controller configured to acquire data regarding a flow of a plurality of data packets over a link and to determine TCP characteristics for the flow, and a congestion window controller configured to determine an initial congestion window based on the TCP characteristics. The TCP controller is further configured to establish a second flow using the initial congestion window.

公开(公告)号：US10250637B2

公开(公告)日：2019-04-02

申请号：US15010692

申请日：2016-01-29

Applicant: Citrix Systems, Inc.

Inventor： Praveen Raja Dhanabalan ,  Chaitra Maraliga Ramaiah ,  Akshata Bhat

IPC: H04L9/00 ,  H04L29/06 ,  H04L29/08

Abstract: An appliance and a method of pre-establishing SSL session connections for SSL connection establishment are provided. The appliance comprises a secure session pre-handshake establishment module configured to facilitate a secure session connection between an appliance and a server associated with a website, wherein the facilitation causes the appliance to receive session information, determine whether session information corresponding to the secure session connection request has been cached, determine whether the server is associated with a server group based on the determination that session information has not been cached, and form secure session connections between the appliance and servers listed in the server group based on the determination that the server is associated with a server group.