公开(公告)号：US11553000B2

公开(公告)日：2023-01-10

申请号：US16663832

申请日：2019-10-25

Applicant: Citrix Systems, Inc.

Inventor： Ioannis Beredimas ,  Lampros Dounis ,  Panagiotis Matzavinos

IPC: H04L9/40

Abstract: Systems and methods described herein provide for building policies using namespaces. A device may receive a request to access a resource in a computing environment. The request may include one or more attributes. The device may identify a set of namespaces having domain-specific policy grammar to generate domain-specific policies. The device may determine a namespace from the identified set of namespaces which corresponds to the one or more attributes of the request. The device may generate, using domain-specific policy grammar of the determined namespace, a domain-specific policy to apply to the request.

公开(公告)号：US20220353065A1

公开(公告)日：2022-11-03

申请号：US17868909

申请日：2022-07-20

Applicant: Citrix Systems, Inc.

Inventor： Ioannis Beredimas ,  Snigdhendu Mukhopadhyay ,  Adam Phillip Schultz

IPC: H04L9/08 ,  H04L41/0806

Abstract: A system and method for securely encrypting and booting a headless appliance. A method includes providing the headless appliance with content stored in a memory, wherein the content is encrypted with a key, and wherein the key is separately stored on a remote computing device; booting the headless appliance and loading a fallback configuration; in response to a user device connecting to the headless appliance, directing the user device to a captive portal and capturing credentials of a user; forwarding the credentials to the remote computing device for verification by an identity provider; in response to the credentials being verified as a non-administrator, granting access to a public network for the user; and in response to the credentials being verified as an administrator, obtaining the key from the remote computing device to decrypt the content to provide access to a private network for the user.

公开(公告)号：US20250077260A1

公开(公告)日：2025-03-06

申请号：US18467427

申请日：2023-09-14

Applicant: Citrix Systems, Inc.

Inventor： Ioannis Prevezanos ,  Ioannis Dounis ,  Ioannis Beredimas ,  Shankar Krishnamurthy

IPC: G06F9/455

Abstract: Systems and methods for detecting CPU topology may include executing, by a virtual machine on a host device having a multi-core processing system, a machine-readable process on a core of the host device. The systems and methods may include determining, by the virtual machine, a benchmark metric according to execution of the machine-readable process. The systems and methods may include iteratively executing, by the virtual machine, for different combinations of sockets of the virtual machine, the machine-readable process, to determine execution metrics for each combination of cores in which the machine-readable process is executed. The systems and methods may include determining, by the virtual machine, a hyperthreading arrangement of the host device according to a comparison of the execution metrics to the benchmark metric.

公开(公告)号：US20230336623A1

公开(公告)日：2023-10-19

申请号：US17745288

申请日：2022-05-16

Applicant: Citrix Systems, Inc.

Inventor： Panagiotis Gourgaris ,  Ioannis Beredimas

IPC: H04L67/1021 ,  G06F16/27 ,  H04L67/1008 ,  H04L67/1095

CPC classification number: H04L67/1021 ,  G06F16/273 ,  H04L67/1008 ,  H04L67/1095

Abstract: Systems and methods for geographically distributed node replication include a first node which receives a message from a client based on a proximity of the first node to the client, the message transmitted to the first node via anycast routing from the client. The first node may replicate the message to a first subset of the geographically distributed system of nodes based on a geographic proximity of nodes within the first subset. The first node may publish the message to a data feed of a message bus for the system of nodes, to cause at least one node of the system of nodes to receive the message from the first node, the at least one node outside the first subset and subscribing to the data feed of the first node.

公开(公告)号：US11582325B2

公开(公告)日：2023-02-14

申请号：US17372061

申请日：2021-07-09

Applicant: Citrix Systems, Inc.

Inventor： Paraskevas Zafiris ,  Ioannis Beredimas ,  Konstantinos Papanikitas

IPC: G06F9/50 ,  G06F11/07 ,  G06F11/30 ,  G06F11/32 ,  G06F11/34 ,  H04L67/60 ,  G06F16/953 ,  H04L67/10 ,  G06F9/54 ,  H04L61/4511 ,  H04L61/5007

Abstract: Described embodiments provide for routing remote application data. A device can receive a request to access an application. The application can be provided by data centers and accessible via service providers. The device can select a data center from the plurality of data centers and a service provider based at least on a metric indicative of a connection between the data center and the service provider. The device can query a database including one or more connection metrics using the application identified in the request and a location of a router transmitting the request. The device can determine the location of the router based on an internet protocol (IP) address of a client communicably coupled to the router. The device can transmit a response to the request identifying the selected data center and the selected service provider.

公开(公告)号：US11190484B2

公开(公告)日：2021-11-30

申请号：US16451895

申请日：2019-06-25

Applicant: Citrix Systems, Inc.

Inventor： Ioannis Beredimas

IPC: H04L29/12 ,  H04L12/743 ,  H04L29/06

Abstract: A system, method and program product for provisioning a large scale network address translation (LSN) system. A system is disclosed that processes packets between a router and a TCP/IP network. The system includes a plurality of LSN appliances and a flow processor embedded in each of the plurality of LSN appliances. Each flow processor includes: a hash function that determines an owner appliance from the plurality of LSN appliances for a request received from the router based on a private IP address of the request; a look-up table that that determines the owner appliance from the plurality of LSN appliances for a response received from the TCP/IP network based on a public IP address of the response; and a packet routing system that routes a received request or a received response to the owner appliance.

公开(公告)号：US11936723B2

公开(公告)日：2024-03-19

申请号：US17745288

申请日：2022-05-16

Applicant: Citrix Systems, Inc.

Inventor： Panagiotis Gourgaris ,  Ioannis Beredimas

IPC: G06F16/00 ,  G06F16/27 ,  H04L67/1008 ,  H04L67/1021 ,  H04L67/1095

CPC classification number: H04L67/1021 ,  G06F16/273 ,  H04L67/1008 ,  H04L67/1095

Abstract: Systems and methods for geographically distributed node replication include a first node which receives a message from a client based on a proximity of the first node to the client, the message transmitted to the first node via anycast routing from the client. The first node may replicate the message to a first subset of the geographically distributed system of nodes based on a geographic proximity of nodes within the first subset. The first node may publish the message to a data feed of a message bus for the system of nodes, to cause at least one node of the system of nodes to receive the message from the first node, the at least one node outside the first subset and subscribing to the data feed of the first node.

公开(公告)号：US11924081B2

公开(公告)日：2024-03-05

申请号：US17872791

申请日：2022-07-25

Applicant: Citrix Systems, Inc.

Inventor： Ioannis Beredimas ,  Panagiotis Gourgaris ,  Panteleimon Evangelos Aivaliotis ,  Aristotelis Mertis

IPC: H04L43/0864 ,  H04L61/4511

CPC classification number: H04L43/0864 ,  H04L61/4511

Abstract: The present solution provides systems and methods for a GSLB service to access a first plurality of measurements of network latency between a plurality of access-points and the first client device and a second plurality of measurements of network latency between the plurality of access-points and one or more of data centers. The GSLB service can receive, from the one or more data centers, health of an application deployed across the one or more data centers. The GSLB service can determine, according to the first plurality of measurements, the second plurality of measurements and the health of the application, a first data center of the one or more data centers and a first access-point of the plurality of access-points. The GSLB service can send, to the first client device, a domain name system (DNS) response identifying the first access-point and the first data center.

公开(公告)号：US20230421471A1

公开(公告)日：2023-12-28

申请号：US17872791

申请日：2022-07-25

Applicant: Citrix Systems, Inc.

Inventor： Ioannis Beredimas ,  Panagiotis Gourgaris ,  Panteleimon Evangelos Aivaliotis ,  Aristotelis Mertis

IPC: H04L43/0864 ,  H04L61/4511

CPC classification number: H04L43/0864 ,  H04L61/4511

Abstract: The present solution provides systems and methods for a GSLB service to access a first plurality of measurements of network latency between a plurality of access-points and the first client device and a second plurality of measurements of network latency between the plurality of access-points and one or more of data centers. The GSLB service can receive, from the one or more data centers, health of an application deployed across the one or more data centers. The GSLB service can determine, according to the first plurality of measurements, the second plurality of measurements and the health of the application, a first data center of the one or more data centers and a first access-point of the plurality of access-points. The GSLB service can send, to the first client device, a domain name system (DNS) response identifying the first access-point and the first data center.

公开(公告)号：US20220400161A1

公开(公告)日：2022-12-15

申请号：US17372061

申请日：2021-07-09

Applicant: Citrix Systems, Inc.

Inventor： Paraskevas Zafiris ,  Ioannis Beredimas ,  Konstantinos Papanikitas

IPC: H04L29/08 ,  G06F16/953 ,  G06F9/54 ,  H04L29/12

Abstract: Described embodiments provide for routing remote application data. A device can receive a request to access an application. The application can be provided by data centers and accessible via service providers. The device can select a data center from the plurality of data centers and a service provider based at least on a metric indicative of a connection between the data center and the service provider. The device can query a database including one or more connection metrics using the application identified in the request and a location of a router transmitting the request. The device can determine the location of the router based on an internet protocol (IP) address of a client communicably coupled to the router. The device can transmit a response to the request identifying the selected data center and the selected service provider.