公开(公告)号：US20210092062A1

公开(公告)日：2021-03-25

申请号：US16577561

申请日：2019-09-20

Applicant: Citrix Systems, Inc.

Inventor： Praveen Raja Dhanabalan ,  Naveen Yerramneni ,  Ramanjaneya Reddy Kamalapuram ,  Snigdhendu Mukhopadhyay

IPC: H04L12/803 ,  H04L12/927 ,  H04L12/851 ,  H04L12/26

Abstract: Techniques are disclosed for enhancing quality of experience (QoE) being provided by an application executing in a network based on a determined current QoE of the application. An example methodology implementing the techniques includes determining one or more characteristics of a data flow for an application, computing a score for the execution of the application based on the determined one or more characteristics of the data flow, the score being indicative of a quality of a user experience associated with the application and responsive to determination that the score does not satisfy a threshold, adjusting the data flow so that execution of the application results in a user experience that is satisfactory based on the computed score. In one example, adjusting the data flow includes packet duplication. In another example, adjusting the data flow includes forward error correction.

公开(公告)号：US20200374229A1

公开(公告)日：2020-11-26

申请号：US16877971

申请日：2020-05-19

Applicant: Citrix Systems, Inc.

Inventor： Vladimir Vysotsky ,  Snigdhendu Mukhopadhyay

IPC: H04L12/741 ,  H04L29/08 ,  H04L12/24 ,  H04L29/12

Abstract: Described embodiments provide systems and methods for steering network traffic using dynamically generated configuration scripts. A first device may generate a configuration script for an application on the client for connecting with a server. The configuration script may specify the application to establish a direct connection or an indirect connection with the server. The first device may provide the configuration script to be invoked by the application to identify a first address to access the server based on a determination to establish the direct connection or the indirect connection. The first device may receive, from the client, an initiation request to connect with the server including the first address. The first device may determine second address by applying a routing policy to the first address. The first device may establish one of the direct connection or the indirect connection using the second address.

公开(公告)号：US11343185B2

公开(公告)日：2022-05-24

申请号：US16877971

申请日：2020-05-19

Applicant: Citrix Systems, Inc.

Inventor： Vladimir Vysotsky ,  Snigdhendu Mukhopadhyay

IPC: H04L45/74 ,  H04L67/56 ,  H04L61/4511 ,  H04L41/12 ,  H04L41/0813

Abstract: Described embodiments provide systems and methods for steering network traffic using dynamically generated configuration scripts. A first device may generate a configuration script for an application on the client for connecting with a server. The configuration script may specify the application to establish a direct connection or an indirect connection with the server. The first device may provide the configuration script to be invoked by the application to identify a first address to access the server based on a determination to establish the direct connection or the indirect connection. The first device may receive, from the client, an initiation request to connect with the server including the first address. The first device may determine second address by applying a routing policy to the first address. The first device may establish one of the direct connection or the indirect connection using the second address.

公开(公告)号：US10911310B2

公开(公告)日：2021-02-02

申请号：US16417018

申请日：2019-05-20

Applicant: Citrix Systems, Inc.

Inventor： Vladimir Vysotsky ,  Snigdhendu Mukhopadhyay

IPC: H04L12/24 ,  H04L29/12 ,  H04L12/707 ,  G06F9/455

Abstract: Described embodiments provide systems and methods for steering network traffic using dynamically generated configuration scripts. A first device may generate a configuration script for an application on the client for connecting with a server. The configuration script may specify the application to establish a direct connection or an indirect connection with the server. The first device may provide the configuration script to be invoked by the application to identify a first address to access the server based on a determination to establish the direct connection or the indirect connection. The first device may receive, from the client, an initiation request to connect with the server including the first address. The first device may determine second address by applying a routing policy to the first address. The first device may establish one of the direct connection or the indirect connection using the second address.

公开(公告)号：US20200374197A1

公开(公告)日：2020-11-26

申请号：US16417018

申请日：2019-05-20

Applicant: Citrix Systems, Inc.

Inventor： Vladimir Vysotsky ,  Snigdhendu Mukhopadhyay

IPC: H04L12/24 ,  H04L29/12 ,  H04L12/707 ,  G06F9/455

Abstract: Described embodiments provide systems and methods for steering network traffic using dynamically generated configuration scripts. A first device may generate a configuration script for an application on the client for connecting with a server. The configuration script may specify the application to establish a direct connection or an indirect connection with the server. The first device may provide the configuration script to be invoked by the application to identify a first address to access the server based on a determination to establish the direct connection or the indirect connection. The first device may receive, from the client, an initiation request to connect with the server including the first address. The first device may determine second address by applying a routing policy to the first address. The first device may establish one of the direct connection or the indirect connection using the second address.

公开(公告)号：US11831758B2

公开(公告)日：2023-11-28

申请号：US17868909

申请日：2022-07-20

Applicant: Citrix Systems, Inc.

Inventor： Ioannis Beredimas ,  Snigdhendu Mukhopadhyay ,  Adam Phillip Schultz

IPC: H04L9/40 ,  H04L9/08 ,  H04L41/0806

CPC classification number: H04L9/0825 ,  H04L9/085 ,  H04L9/0877 ,  H04L41/0806

Abstract: A system and method for securely encrypting and booting a headless appliance. A method includes providing the headless appliance with content stored in a memory, wherein the content is encrypted with a key, and wherein the key is separately stored on a remote computing device; booting the headless appliance and loading a fallback configuration; in response to a user device connecting to the headless appliance, directing the user device to a captive portal and capturing credentials of a user; forwarding the credentials to the remote computing device for verification by an identity provider; in response to the credentials being verified as a non-administrator, granting access to a public network for the user; and in response to the credentials being verified as an administrator, obtaining the key from the remote computing device to decrypt the content to provide access to a private network for the user.

公开(公告)号：US11431482B2

公开(公告)日：2022-08-30

申请号：US17170175

申请日：2021-02-08

Applicant: Citrix Systems, Inc.

Inventor： Ioannis Beredimas ,  Snigdhendu Mukhopadhyay ,  Adam Phillip Schultz

IPC: G06F21/57 ,  H04L9/08 ,  H04L41/0806

Abstract: A system and method for securely encrypting and booting a headless appliance. A computerized method is disclosed that includes: providing the network appliance with content encrypted with a secret key; launching the network appliance in a fallback configuration that provides limited operational capabilities; forwarding a request for the secret key to an online service that independently utilizes an identity provider to establish trust with an appliance administrator; receiving the secret key from the online service upon establishment of trust with the appliance administrator; decrypting the content with the secret key received from the online service; and utilizing the content to launch the network appliance in a full configuration.

公开(公告)号：US20220239473A1

公开(公告)日：2022-07-28

申请号：US17170175

申请日：2021-02-08

Applicant: Citrix Systems, Inc.

Inventor： Ioannis Beredimas ,  Snigdhendu Mukhopadhyay ,  Adam Phillip Schultz

IPC: H04L9/08 ,  H04L12/24

Abstract: A system and method for securely encrypting and booting a headless appliance. A computerized method is disclosed that includes: providing the network appliance with content encrypted with a secret key; launching the network appliance in a fallback configuration that provides limited operational capabilities; forwarding a request for the secret key to an online service that independently utilizes an identity provider to establish trust with an appliance administrator; receiving the secret key from the online service upon establishment of trust with the appliance administrator; decrypting the content with the secret key received from the online service; and utilizing the content to launch the network appliance in a full configuration.

公开(公告)号：US20220224684A1

公开(公告)日：2022-07-14

申请号：US17183882

申请日：2021-02-24

Applicant: Citrix Systems, Inc.

Inventor： Adam Schultz ,  Snigdhendu Mukhopadhyay ,  Ioannis Beredimas

IPC: H04L29/06 ,  H04L29/08 ,  H04L12/707

Abstract: Described embodiments provide systems and methods for validating session tokens using network properties. A first device having one or more processors coupled with memory may identify a session token from an initiation of a session between the first device and a second device via a network path of a plurality of network paths. The first device may determine that the first network path is to be trusted based at least on a property of the network path. The first device may validate the session token for use over the plurality of network paths, responsive to determining that the network path is to be trusted. The first device may provide, responsive to validating, the session token to the second device for use in communications over the plurality of network paths.

公开(公告)号：US20210044530A1

公开(公告)日：2021-02-11

申请号：US17083509

申请日：2020-10-29

Applicant: Citrix Systems, Inc.

Inventor： Praveen Raja Dhanabalan ,  Sachin Shelar ,  Snigdhendu Mukhopadhyay

IPC: H04L12/813 ,  H04L12/803 ,  H04L12/725 ,  H04L12/24

Abstract: Methods and systems for changing communication paths in a network based on predicted Quality of Experience metrics are described herein. Computing devices in a network may communicate via one or more communication paths and using one or more applications. One or more Quality of Experience metrics may be determined for the one or more applications. Network metrics for the network may be measured and, based on one or more Quality of Service policies for the network, predicted Quality of Experience metrics may be determined using, e.g., a model network. A communication path recommendation may be output based on the predicted Quality of Experience metrics. For example, the recommendation may cause an application to change from a first communication path to a second communication path.