公开(公告)号：US08001279B2

公开(公告)日：2011-08-16

申请号：US10317522

申请日：2002-12-12

申请人： Jean-Marc Berthaud ,  Pascal Chauffour ,  Jean-Claude Dispensa ,  Valerie Mahe

发明人： Jean-Marc Berthaud ,  Pascal Chauffour ,  Jean-Claude Dispensa ,  Valerie Mahe

IPC分类号： G06F15/16

CPC分类号： H04L63/0218 ,  H04L63/20

摘要： A method of synchronizing firewalls in a communication system comprising a server farm wherein any user connected to the Internet can access customer servers, and at least two firewalls using a Virtual Router Redundancy Protocol (VRRP) to set up as primary interface firewall the firewall which owns the primary interface of the VRRP group of interfaces to at least one customer server. The method includes initializing, in a secondary interface firewall, a synchronization message exchange with the primary firewall after receiving a packet for a connection having a state which is incompatible with the received packet or after the standard firewall processing of a packet corresponding to a new connection, and registering in a common connection table the state of any connection if the connection is new or if the connection state has changed.

摘要翻译： 一种在包括服务器场的通信系统中同步防火墙的方法，其中连接到因特网的任何用户可以访问客户服务器，以及使用虚拟路由器冗余协议（VRRP）至少两个防火墙来建立作为主接口防火墙的防火墙， 接口的VRRP组的主界面至少一个客户服务器。 该方法包括：在二级接口防火墙中，在接收到具有与接收到的分组不兼容的状态的连接的分组之后或在对应于新连接的分组的标准防火墙处理之后，在辅助接口防火墙中初始化与主防火墙的同步消息交换 并且如果连接是新的或者连接状态已经改变，则在公共连接表中注册任何连接的状态。

公开(公告)号：US07475162B2

公开(公告)日：2009-01-06

申请号：US11955479

申请日：2007-12-13

申请人： Jean-Marc Berthaud ,  Pascal Chauffour ,  Jean-Claude Dispensa ,  Valerie Mahe

发明人： Jean-Marc Berthaud ,  Pascal Chauffour ,  Jean-Claude Dispensa ,  Valerie Mahe

IPC分类号： G06F15/16 ,  H04L12/28

CPC分类号： H04L63/0209 ,  H04L29/06 ,  H04L67/1002 ,  H04L67/1034 ,  H04L2029/06054

摘要： A method of preserving symmetrical routing in a communication system comprising a server farm connected to the Internet through an Internet access router. The server farm includes at least two customer cabinets with at least a WEB server and at least two firewalls. The firewalls use a Virtual Router Redundancy Protocol (VRRP) to set up one firewall as being the primary firewall. The method includes checking in each firewall whether there is a change of the VRRP state from primary to secondary or reciprocally. Such a change indicates that a link between the primary firewall and one of the customer cabinets has failed. The link is disabled from the network to the firewall the state of which has changed from primary to secondary or the link is enabled from the Internet network to the firewall the state of which has changed from secondary to primary.

摘要翻译： 一种在通信系统中保持对称路由的方法，包括通过因特网接入路由器连接到因特网的服务器场。 服务器场至少包括两个具有至少一个WEB服务器和至少两个防火墙的客户机柜。 防火墙使用虚拟路由器冗余协议（VRRP）将一个防火墙设置为主要防火墙。 该方法包括在每个防火墙中检查VRRP状态是否从主要到次要的或相互的变化。 这种变化表明主防火墙和其中一个客户机柜之间的链接失败。 该链路从网络禁用到防火墙，其状态从主要变为次要，或链路从互联网到防火墙，其状态从次要更改为主。

公开(公告)号：US07359992B2

公开(公告)日：2008-04-15

申请号：US10317397

申请日：2002-12-12

申请人： Jean-Marc Berthaud ,  Pascal Chauffour ,  Jean-Claude Dispensa ,  Valerie Mahe

发明人： Jean-Marc Berthaud ,  Pascal Chauffour ,  Jean-Claude Dispensa ,  Valerie Mahe

IPC分类号： G06F15/16 ,  H04L12/28

CPC分类号： H04L63/0209 ,  H04L29/06 ,  H04L67/1002 ,  H04L67/1034 ,  H04L2029/06054

摘要： A method of preserving symmetrical routing in a communication system comprising a server farm connected to the Internet through an Internet access router. The server farm includes at least two customer cabinets with at least a WEB server and at least two firewalls. The firewalls use a Virtual Router Redundancy Protocol (VRRP) to set up one firewall as being the primary firewall. The method includes checking in each firewall whether there is a change of the VRRP state from primary to secondary or reciprocally. Such a change indicates that a link between the primary firewall and one of the customer cabinets has failed. The link is disabled from the network to the firewall the state of which has changed from primary to secondary or the link is enabled from the Internet network to the firewall the state of which has changed from secondary to primary.

摘要翻译： 一种在通信系统中保持对称路由的方法，包括通过因特网接入路由器连接到因特网的服务器场。 服务器场至少包括两个具有至少一个WEB服务器和至少两个防火墙的客户机柜。 防火墙使用虚拟路由器冗余协议（VRRP）将一个防火墙设置为主要防火墙。 该方法包括在每个防火墙中检查VRRP状态是否从主要到次要的或相互的变化。 这种变化表明主防火墙和其中一个客户机柜之间的链接失败。 该链路从网络禁用到防火墙，其状态从主要变为次要，或链路从互联网到防火墙，其状态从次要更改为主。

公开(公告)号：US07231462B2

公开(公告)日：2007-06-12

申请号：US10317652

申请日：2002-12-12

申请人： Jean-Marc Berthaud ,  Pascal Chauffour ,  Jean-Claude Dispensa ,  Valerie Mahe

发明人： Jean-Marc Berthaud ,  Pascal Chauffour ,  Jean-Claude Dispensa ,  Valerie Mahe

IPC分类号： G06F15/173 ,  G06F15/16 ,  H04L12/28 ,  H04L12/56

CPC分类号： H04L45/00 ,  H04L45/22 ,  H04L45/28 ,  H04L45/586 ,  H04L63/0209

摘要： A method of preserving symmetrical routing in a communication system comprising a server farm connected to the Internet by an Internet access router IAR. The server farm includes at least two customer cabinets each having a WEB server, and at least two firewalls. The firewalls use Virtual Router Redundancy Protocol (VRRP) to set up a primary firewall that supports communication between a customer server and an Internet user. The IAR selects the firewall to be used as being the firewall corresponding to the interface having the lowest weight in a routing table. The cost assigned to each interface associated with a firewall is automatically generated, at the initial time, according to the priority assigned by the VRRP protocol to said interface associated with said firewall.

摘要翻译： 一种在通信系统中保持对称路由的方法，包括由因特网接入路由器IAR连接到因特网的服务器场。 服务器场包括至少两个具有WEB服务器的客户机柜和至少两个防火墙。 防火墙使用虚拟路由器冗余协议（VRRP）设置支持客户服务器和Internet用户之间通信的主要防火墙。 IAR选择防火墙作为与路由表中权重最小的接口相对应的防火墙。 根据由VRRP协议分配给与所述防火墙相关联的所述接口的优先级，自动生成分配给与防火墙相关联的每个接口的成本。

公开(公告)号：US20080109892A1

公开(公告)日：2008-05-08

申请号：US11955479

申请日：2007-12-13

申请人： Jean-Marc Berthaud ,  Pascal Chauffour ,  Jean-Claude Dispensa ,  Valerie Mahe

发明人： Jean-Marc Berthaud ,  Pascal Chauffour ,  Jean-Claude Dispensa ,  Valerie Mahe

IPC分类号： G06F9/00

CPC分类号： H04L63/0209 ,  H04L29/06 ,  H04L67/1002 ,  H04L67/1034 ,  H04L2029/06054

摘要： A method of preserving symmetrical routing in a communication system comprising a server farm connected to the Internet through an Internet access router. The server farm includes at least two customer cabinets with at least a WEB server and at least two firewalls. The firewalls use a Virtual Router Redundancy Protocol (VRRP) to set up one firewall as being the primary firewall. The method includes checking in each firewall whether there is a change of the VRRP state from primary to secondary or reciprocally. Such a change indicates that a link between the primary firewall and one of the customer cabinets has failed. The link is disabled from the network to the firewall the state of which has changed from primary to secondary or the link is enabled from the Internet network to the firewall the state of which has changed from secondary to primary.

摘要翻译： 一种在通信系统中保持对称路由的方法，包括通过因特网接入路由器连接到因特网的服务器场。 服务器场至少包括两个具有至少一个WEB服务器和至少两个防火墙的客户机柜。 防火墙使用虚拟路由器冗余协议（VRRP）将一个防火墙设置为主要防火墙。 该方法包括在每个防火墙中检查VRRP状态是否从主要到次要的或相互的变化。 这种变化表明主防火墙和其中一个客户机柜之间的链接失败。 该链路从网络禁用到防火墙，其状态从主要变为次要，或链路从互联网到防火墙，其状态从次要更改为主。

公开(公告)号：US20100151840A1

公开(公告)日：2010-06-17

申请号：US12339183

申请日：2008-12-19

申请人： Frederic Bauchot ,  Jean-Claude Dispensa ,  Francois-Xavier Drouet ,  Gerard Marmigere

发明人： Frederic Bauchot ,  Jean-Claude Dispensa ,  Francois-Xavier Drouet ,  Gerard Marmigere

IPC分类号： H04M3/42 ,  H04W4/02

CPC分类号： H04W4/02 ,  H04L67/18 ,  H04M3/4872 ,  H04M2242/30 ,  H04W48/04 ,  H04W68/00

摘要： A method and system for generating alerts based on predicted wireless connection losses. A message is received that includes a first position of a mobile device, an indication of a service being provided to the mobile device via a wireless connection provided by a first bearer, and an mobile device identifier. A direction and speed of the mobile device is received. An amount of time elapsing before the mobile device moves to a second position at which the mobile device experiences a loss of the wireless connection via the first bearer is predicted. An alert that indicates that the loss is occurring in the amount of time is generated. The alert is sent to the mobile device as a response to the message.

摘要翻译： 一种基于预测的无线连接损失产生警报的方法和系统。 接收到包括移动设备的第一位置的消息，经由由第一承载提供的无线连接提供给移动设备的服务的指示以及移动设备标识符。 接收移动设备的方向和速度。 预测在移动设备移动到移动设备经由第一承载失去无线连接的第二位置之前经过的时间量。 表示产生损失发生在时间量上的警报。 警报作为对消息的响应发送到移动设备。

公开(公告)号：US20070008974A1

公开(公告)日：2007-01-11

申请号：US11441948

申请日：2006-05-25

申请人： Jean-Claude Dispensa ,  Eric Lebrun

发明人： Jean-Claude Dispensa ,  Eric Lebrun

IPC分类号： H04L12/56

CPC分类号： H04L29/12481 ,  H04L12/5692 ,  H04L29/12783 ,  H04L43/00 ,  H04L43/0817 ,  H04L61/2557 ,  H04L61/35

摘要： Network services are routed responsive to receiving a datagram. The datagram requests a certain network-delivered service and includes a virtual address for the service. An apparatus selects a physical address for a certain server from among a number of a physical addresses of respective servers associated by the apparatus with the virtual address. Performance of the respective servers is ranked so that the physical address are selected responsive to the performance ranks. The apparatus forwards the datagram, which includes the selected physical address for directing the datagram to the certain server.

摘要翻译： 响应于接收到数据报，网络服务被路由。 数据报请求特定的网络传送服务，并包含该服务的虚拟地址。 设备从具有虚拟地址的设备相关联的各个服务器的物理地址的数量中选择特定服务器的物理地址。 对各个服务器的性能进行排序，以便根据性能等级选择物理地址。 该设备转发数据报，其包括用于将数据报引导到某个服务器的所选择的物理地址。

公开(公告)号：US06636501B1

公开(公告)日：2003-10-21

申请号：US09378454

申请日：1999-08-20

申请人： Jean-Claude Dispensa ,  Denis Esteve ,  Christophe Jourdet ,  Pascal Thubert

发明人： Jean-Claude Dispensa ,  Denis Esteve ,  Christophe Jourdet ,  Pascal Thubert

IPC分类号： H04L1228

CPC分类号： H04L49/3009 ,  H04L49/25 ,  H04L49/30

摘要： A communication system speeds up digital traffic between nodes. The traffic is organized into data frames flowing over network high and low speed links attached to entry and exit ports of the nodes. Low speed modules connect the low speed links to a high speed switch. Router dispatch modules connect the high speed switch to a node attached to a high speed link for forwarding each data frame toward a dynamically selected target low speed module via the high speed switch, such that the dynamic selection of the target low speed module is based on detection of the module with the least load. At least one main router is attached to the high speed switch for storing a routing table to enable the targeted low speed module to orient one of the frames toward a right node exit port.

摘要翻译： 通信系统加快了节点之间的数字流量。 流量被组织成流经连接到节点的进入和离开端口的网络高速和低速链路的数据帧。 低速模块将低速链路连接到高速开关。 路由器调度模块将高速交换机连接到连接到高速链路的节点，用于经由高速交换机将每个数据帧转发到动态选择的目标低速模块，使得目标低速模块的动态选择基于 以最小负载检测模块。 至少一个主路由器连接到高速交换机，用于存储路由表，以使目标低速模块能够将一个帧定向到右节点出口。

公开(公告)号：US08229853B2

公开(公告)日：2012-07-24

申请号：US12211151

申请日：2008-09-16

申请人： Jean-Claude Dispensa ,  Philippe Gregoire ,  Dominique Picard

发明人： Jean-Claude Dispensa ,  Philippe Gregoire ,  Dominique Picard

IPC分类号： G06Q40/00

CPC分类号： G06Q20/40 ,  G06Q10/02 ,  G06Q40/00

摘要： A method and system for preventing unauthorized card transactions via dynamic itinerary-driven profiling. Authorization record(s) including authorized geographic locations and authorized periods of time are received from a travel reservation system (TRS). The authorization record(s) identify an itinerary specified by a travel booking(s) purchased via the TRS using a debit or credit card. The itinerary specifies that the cardholder is scheduled to be in the authorized geographic locations for the authorized periods of time. In response to receiving a request for an authorization of a card transaction, a location and date associated with the card transaction are retrieved from the request. The card transaction is rejected based on a determination that the retrieved location is not within the authorized geographic locations and/or the retrieved date is not within the authorized periods of time. A notification of the retrieved location and retrieved date is logged and displayed.

摘要翻译： 一种用于通过动态行程驱动的分析来防止未经授权的卡交易的方法和系统。 从旅行预订系统（TRS）收到包括授权地理位置和授权时间段的授权记录。 授权记录标识通过TRS使用借记卡或信用卡购买的旅行预订指定的行程。 该行程规定持卡人计划在授权的时间段内在授权的地理位置。 响应于接收到对卡交易的授权的请求，从请求中检索与卡交易相关联的位置和日期。 基于确定所检索的位置不在授权的地理位置和/或检索日期不在授权的时间段内，该卡交易被拒绝。 记录并显示检索到的位置和检索日期的通知。

公开(公告)号：US07796539B2

公开(公告)日：2010-09-14

申请号：US11932342

申请日：2007-10-31

申请人： Lionel Denecheau ,  Jean-Claude Dispensa ,  Denis Esteve

发明人： Lionel Denecheau ,  Jean-Claude Dispensa ,  Denis Esteve

IPC分类号： H04L12/28

CPC分类号： H04L69/16 ,  H04L12/42 ,  H04L69/161 ,  H04L69/163 ,  H04L69/22

摘要： In a network having nodes, N nodes are members of a virtual communications ring for multicast communication among the N Nodes, each of the N Nodes being associated with only an upstream and a downstream one of the other N nodes. One of the N nodes manages changes in ring membership, including requesting the others of the N nodes to participate in measuring distances to a N+1th, node responsive to receiving an insertion request message. The manager node inserts the N+1th node in the communications ring responsive to receiving replies, which includes inserting the N+1th node in a selected location between two selected ones of the N Nodes, such that the N nodes and the N+1th node are enabled to multicast messages around the ring. Due to the selected location of the N+1th node, communication distances for multicasted messages tend to be shorter than such distances that would otherwise occur.

摘要翻译： 在具有节点的网络中，N个节点是N个节点之间的用于组播通信的虚拟通信环的成员，每个N个节点仅与其他N个节点中的上游和下游一个相关联。 N个节点中的一个节点管理环成员资格的变化，包括响应于接收到插入请求消息请求N个节点中的其他节点参与测量到第N + 1个节点的距离。 所述管理节点响应于接收到的回复将所述第N + 1个节点插入所述通信环中，所述回复包括在所述N个节点的两个选定的节点之间插入所选择的位置中的所述第N + 1个节点，使得所述N个节点和所述第N + 使能环绕环绕多播消息。 由于第N + 1个节点的选定位置，组播消息的通信距离往往比否则会发生的距离短。