SYSTEMS AND METHODS FOR USING END POINT AUDITING IN CONNECTION WITH TRAFFIC MANAGEMENT
    1.
    发明申请
    SYSTEMS AND METHODS FOR USING END POINT AUDITING IN CONNECTION WITH TRAFFIC MANAGEMENT 有权
    使用端点监控与交通管理相关的系统和方法

    公开(公告)号:US20100242106A1

    公开(公告)日:2010-09-23

    申请号:US12409322

    申请日:2009-03-23

    IPC分类号: G06F15/173 G06F21/00

    摘要: The present invention provides a system and method of managing traffic traversing an intermediary based on a result of end point auditing. An authentication virtual server of an intermediary may determine a result of an end point analysis scan of a client. Responsive to the determination, the traffic management virtual server can obtain the result from the authentication virtual server. Further, the traffic management virtual server may apply the result in one or more traffic management policies to manage network traffic of a connection of the client traversing the intermediary. In some embodiments, the authentication virtual server may receive one or more expressions evaluated by the client. The one or more expressions identifies one or more attributes of the client. The traffic management virtual server can also determine a type of compression or encryption for the connection based on applying the one or more traffic management policies using the result.

    摘要翻译: 本发明提供了一种基于终端审计结果来管理遍历中间人的流量的系统和方法。 中介的认证虚拟服务器可以确定客户端的终点分析扫描的结果。 响应确定,流量管理虚拟服务器可以从认证虚拟服务器获取结果。 此外,流量管理虚拟服务器可以将结果应用于一个或多个流量管理策略中,以管理遍历中间件的客户端的连接的网络流量。 在一些实施例中,认证虚拟服务器可以接收由客户端评估的一个或多个表达式。 一个或多个表达式标识客户端的一个或多个属性。 流量管理虚拟服务器还可以基于使用结果应用一个或多个流量管理策略来确定连接的压缩或加密的类型。

    Systems and methods for using end point auditing in connection with traffic management
    2.
    发明授权
    Systems and methods for using end point auditing in connection with traffic management 有权
    使用端点审计与流量管理相关的系统和方法

    公开(公告)号:US08844040B2

    公开(公告)日:2014-09-23

    申请号:US12409322

    申请日:2009-03-23

    IPC分类号: H04L29/06

    摘要: The present invention provides a system and method of managing traffic traversing an intermediary based on a result of end point auditing. An authentication virtual server of an intermediary may determine a result of an end point analysis scan of a client. Responsive to the determination, the traffic management virtual server can obtain the result from the authentication virtual server. Further, the traffic management virtual server may apply the result in one or more traffic management policies to manage network traffic of a connection of the client traversing the intermediary. In some embodiments, the authentication virtual server may receive one or more expressions evaluated by the client. The one or more expressions identifies one or more attributes of the client. The traffic management virtual server can also determine a type of compression or encryption for the connection based on applying the one or more traffic management policies using the result.

    摘要翻译: 本发明提供了一种基于终端审计结果来管理遍历中间人的流量的系统和方法。 中介的认证虚拟服务器可以确定客户端的终点分析扫描的结果。 响应确定,流量管理虚拟服务器可以从认证虚拟服务器获取结果。 此外,流量管理虚拟服务器可以将结果应用于一个或多个流量管理策略中,以管理遍历中间件的客户端的连接的网络流量。 在一些实施例中,认证虚拟服务器可以接收由客户端评估的一个或多个表达式。 一个或多个表达式标识客户端的一个或多个属性。 流量管理虚拟服务器还可以基于使用结果应用一个或多个流量管理策略来确定连接的压缩或加密的类型。

    SYSTEMS AND METHODS FOR SELECTIVE AUTHENTICATION, AUTHORIZATION, AND AUDITING IN CONNECTION WITH TRAFFIC MANAGEMENT
    3.
    发明申请
    SYSTEMS AND METHODS FOR SELECTIVE AUTHENTICATION, AUTHORIZATION, AND AUDITING IN CONNECTION WITH TRAFFIC MANAGEMENT 有权
    与交通管理相关的选择性认证,授权和审核的系统和方法

    公开(公告)号:US20100242105A1

    公开(公告)日:2010-09-23

    申请号:US12409216

    申请日:2009-03-23

    IPC分类号: H04L9/32 G06F15/173

    摘要: The present invention provides a system and method for authentication of network traffic managed by a traffic management virtual server. A traffic management virtual server may determine that a client has not been authenticated from a request of the client to access a server. Responsive to the request, the traffic management virtual server may transmit a response to the client with instructions to redirect to an authentication virtual server. The authentication virtual server may receive a second request from the client. The authentication virtual server may then authenticate credentials received from the client and establish an authentication session for the client. Further, the authentication virtual server may transmit a second response to redirect the client to the traffic management virtual server. The second response identifies the authentication session. The traffic management virtual server then receives a request from the client with an identifier to the authentication session.

    摘要翻译: 本发明提供了一种用于由流量管理虚拟服务器管理的网络流量的认证的系统和方法。 流量管理虚拟服务器可以确定客户端尚未从客户端访问服务器的请求进行身份验证。 响应于该请求,流量管理虚拟服务器可以向客户端发送响应以重定向到认证虚拟服务器的指令。 验证虚拟服务器可以从客户端接收第二请求。 然后,认证虚拟服务器可以验证从客户端接收到的凭证,并为客户端建立认证会话。 此外,认证虚拟服务器可以发送第二响应以将客户端重定向到流量管理虚拟服务器。 第二个响应标识认证会话。 然后,流量管理虚拟服务器从客户端接收到具有识别会话的标识符的请求。

    Systems and methods for selective authentication, authorization, and auditing in connection with traffic management
    5.
    发明授权
    Systems and methods for selective authentication, authorization, and auditing in connection with traffic management 有权
    与流量管理相关的选择性认证,授权和审核的系统和方法

    公开(公告)号:US08392982B2

    公开(公告)日:2013-03-05

    申请号:US12409216

    申请日:2009-03-23

    IPC分类号: H04L29/00 H04L29/06 G06F15/16

    摘要: The present invention provides a system and method for authentication of network traffic managed by a traffic management virtual server. A traffic management virtual server may determine that a client has not been authenticated from a request of the client to access a server. Responsive to the request, the traffic management virtual server may transmit a response to the client with instructions to redirect to an authentication virtual server. The authentication virtual server may receive a second request from the client. The authentication virtual server may then authenticate credentials received from the client and establish an authentication session for the client. Further, the authentication virtual server may transmit a second response to redirect the client to the traffic management virtual server. The second response identifies the authentication session. The traffic management virtual server then receives a request from the client with an identifier to the authentication session.

    摘要翻译: 本发明提供了一种用于由流量管理虚拟服务器管理的网络流量的认证的系统和方法。 流量管理虚拟服务器可以确定客户端尚未从客户端访问服务器的请求进行身份验证。 响应于该请求,流量管理虚拟服务器可以向客户端发送响应以重定向到认证虚拟服务器的指令。 验证虚拟服务器可以从客户端接收第二请求。 然后,认证虚拟服务器可以验证从客户端接收到的凭证,并为客户端建立认证会话。 此外,认证虚拟服务器可以发送第二响应以将客户端重定向到流量管理虚拟服务器。 第二个响应标识认证会话。 然后,流量管理虚拟服务器从客户端接收到具有识别会话的标识符的请求。

    SYSTEMS AND METHODS FOR SELECTING AN AUTHENTICATION VIRTUAL SERVER FROM A PLURALITY OF VIRTUAL SERVERS
    6.
    发明申请
    SYSTEMS AND METHODS FOR SELECTING AN AUTHENTICATION VIRTUAL SERVER FROM A PLURALITY OF VIRTUAL SERVERS 有权
    从多个虚拟服务器中选择认证虚拟服务器的系统和方法

    公开(公告)号:US20100242092A1

    公开(公告)日:2010-09-23

    申请号:US12409223

    申请日:2009-03-23

    IPC分类号: G06F21/00

    摘要: The present invention provides a system and method for dynamically selecting an authentication virtual server from a plurality of authentication virtual servers. A traffic management virtual server may determine from a request received from a client to access content of a server that the client has not been authenticated. The traffic management virtual server can identify a policy for selecting an authentication virtual server to provide authentication of the client. Responsive to the identification, the traffic management virtual server can select, via the policy, an authentication virtual server of the plurality of authentication virtual servers to authenticate the client. Responsive to the request, the traffic management virtual server may transmit a response to the client The response includes an instruction to redirect to the selected authentication virtual server.

    摘要翻译: 本发明提供一种用于从多个认证虚拟服务器动态选择认证虚拟服务器的系统和方法。 流量管理虚拟服务器可以根据从客户端接收的请求来确定访问客户端尚未认证的服务器的内容。 流量管理虚拟服务器可以识别用于选择认证虚拟服务器以提供客户端认证的策略。 响应于识别,流量管理虚拟服务器可以通过策略选择多个认证虚拟服务器的认证虚拟服务器来认证客户端。 响应于该请求,流量管理虚拟服务器可以向客户端发送响应。响应包括重定向到所选择的认证虚拟服务器的指令。

    SYSTEMS AND METHODS FOR AAA-TRAFFIC MANAGEMENT INFORMATION SHARING ACROSS CORES IN A MULTI-CORE SYSTEM
    7.
    发明申请
    SYSTEMS AND METHODS FOR AAA-TRAFFIC MANAGEMENT INFORMATION SHARING ACROSS CORES IN A MULTI-CORE SYSTEM 有权
    用于在多核系统中交叉的AAA交通管理信息共享的系统和方法

    公开(公告)号:US20110154443A1

    公开(公告)日:2011-06-23

    申请号:US12976688

    申请日:2010-12-22

    IPC分类号: G06F21/00

    CPC分类号: G06F21/41

    摘要: A method for propagating authentication session information to a plurality of cores of a multi-core device includes establishing, by an authentication virtual server executing on a first core of a device intermediary to at least one client and server, a session for a user, the authentication virtual server authenticating the session. A traffic management virtual server executes on a second core of device, and receives a request to access a server via the session. The traffic management virtual server may identify, responsive to a determination that the session is not stored by the second core, from an identifier of the session that the first core established the session. The second core may send to the first core a request for data for the session identified by the identifier. The second core may receive from the first core a response to the second request identifying whether the session is valid.

    摘要翻译: 用于将认证会话信息传播到多核设备的多个核心的方法包括:通过在至少一个客户端和服务器的中间设备的第一核心上执行的认证虚拟服务器建立用户的会话, 验证虚拟服务器认证会话。 流量管理虚拟服务器在设备的第二核心上执行,并且经由会话接收到访问服务器的请求。 业务管理虚拟服务器可以响应于确定该会话未被第二核心存储的第一核心建立会话的会话标识符。 第二核心可以向第一核心发送由标识符标识的会话的数据请求。 第二核心可以从第一核心接收对第二请求的响应,以识别会话是否有效。

    Systems and methods for AAA-traffic management information sharing across cores in a multi-core system
    8.
    发明授权
    Systems and methods for AAA-traffic management information sharing across cores in a multi-core system 有权
    在多核系统中跨核心的AAA流量管理信息共享的系统和方法

    公开(公告)号:US08667575B2

    公开(公告)日:2014-03-04

    申请号:US12976688

    申请日:2010-12-22

    CPC分类号: G06F21/41

    摘要: A method for propagating authentication session information to a plurality of cores of a multi-core device includes establishing, by an authentication virtual server executing on a first core of a device intermediary to at least one client and server, a session for a user, the authentication virtual server authenticating the session. A traffic management virtual server executes on a second core of device, and receives a request to access a server via the session. The traffic management virtual server may identify, responsive to a determination that the session is not stored by the second core, from an identifier of the session that the first core established the session. The second core may send to the first core a request for data for the session identified by the identifier. The second core may receive from the first core a response to the second request identifying whether the session is valid.

    摘要翻译: 用于将认证会话信息传播到多核设备的多个核心的方法包括:通过在至少一个客户端和服务器的中间设备的第一核心上执行的认证虚拟服务器建立用户的会话, 验证虚拟服务器认证会话。 流量管理虚拟服务器在设备的第二核心上执行,并且经由会话接收到访问服务器的请求。 业务管理虚拟服务器可以响应于确定该会话未被第二核心存储的第一核心建立会话的会话标识符。 第二核心可以向第一核心发送由标识符标识的会话的数据请求。 第二核心可以从第一核心接收对第二请求的响应,以识别会话是否有效。

    Systems and methods for providing single sign on access to enterprise SAAS and cloud hosted applications
    9.
    发明授权
    Systems and methods for providing single sign on access to enterprise SAAS and cloud hosted applications 有权
    提供单一登录访问企业SAAS和云托管应用程序的系统和方法

    公开(公告)号:US09282097B2

    公开(公告)日:2016-03-08

    申请号:US13102902

    申请日:2011-05-06

    摘要: The solution of the present application addresses the problem of authentication across disparately hosted systems by providing a single authentication domain across SaaS and cloud hosted applications as well as traditional enterprise hosted applications. An application delivery controller intermediary to a plurality of clients and the disparately hosted applications providing single sign on management, integration and control. A user may log in via an interface provided, controlled or managed by the ADC, which in turns, authenticates the user to the application in accordance with policy and the host of the application. As such, the user may login once to gain access to a plurality of disparately hosted applications. From the user's perspective, the user seamlessly and transparently gains access to different hosted systems with different passwords and authentication via the remote access provided by the system of the present solution.

    摘要翻译: 本应用程序的解决方案通过在SaaS和云托管应用程序以及传统的企业托管应用程序之间提供单个身份验证域来解决跨不同托管系统的身份验证问题。 多个客户端的应用交付控制器中介,以及提供单一登录管理,集成和控制的不同托管的应用。 用户可以通过由ADC提供,控制或管理的接口登录,该接口根据策略和应用的主机向用户认证用户。 因此,用户可以登录一次以访问多个不同的托管的应用。 从用户的角度来看,用户通过本解决方案的系统提供的远程访问,无缝和透明地访问具有不同密码和身份验证的不同托管系统。

    Systems and Methods for Providing Single Sign On Access to Enterprise SAAS and Cloud Hosted Applications
    10.
    发明申请
    Systems and Methods for Providing Single Sign On Access to Enterprise SAAS and Cloud Hosted Applications 有权
    提供单一登录访问企业SAAS和云托管应用程序的系统和方法

    公开(公告)号:US20110277026A1

    公开(公告)日:2011-11-10

    申请号:US13102902

    申请日:2011-05-06

    IPC分类号: H04L9/32 G06F21/00

    摘要: The solution of the present application addresses the problem of authentication across disparately hosted systems by providing a single authentication domain across SaaS and cloud hosted applications as well as traditional enterprise hosted applications. An application delivery controller intermediary to a plurality of clients and the disparately hosted applications providing single sign on management, integration and control. A user may log in via an interface provided, controlled or managed by the ADC, which in turns, authenticates the user to the application in accordance with policy and the host of the application. As such, the user may login once to gain access to a plurality of disparately hosted applications. From the user's perspective, the user seamlessly and transparently gains access to different hosted systems with different passwords and authentication via the remote access provided by the system of the present solution

    摘要翻译: 本应用程序的解决方案通过在SaaS和云托管应用程序以及传统的企业托管应用程序之间提供单个身份验证域来解决跨不同托管系统的身份验证问题。 多个客户端的应用交付控制器中介,以及提供单一登录管理,集成和控制的不同托管的应用。 用户可以通过由ADC提供,控制或管理的接口登录,该接口根据策略和应用的主机向用户认证用户。 因此,用户可以登录一次以访问多个不同的托管的应用。 从用户的角度来看,用户通过本解决方案系统提供的远程访问,无缝透明地访问具有不同密码和身份验证的不同托管系统