-
公开(公告)号:US08516156B1
公开(公告)日:2013-08-20
申请号:US12838280
申请日:2010-07-16
IPC分类号: G06F15/16
摘要: A method, system, and apparatus are directed towards compression of content over a network. The content may include content length information, such as within a header. In one embodiment, a portion of the content may be compressed to approximately fill a buffer of a predefined size. If there remains additional uncompressed content, a new content length may be determined based in part on the length of the compressed content and the remaining uncompressed content. The buffered content and the new content length may then be forwarded in response to the request. The remaining uncompressed content may be split into predefined blocks using identity compression. Identity compression may then be applied to the remaining uncompressed content which is then forwarded to a destination in response to the request.
摘要翻译: 一种方法,系统和装置旨在通过网络压缩内容。 内容可以包括内容长度信息,例如在标题内。 在一个实施例中,内容的一部分可以被压缩以大致填充预定大小的缓冲器。 如果仍然存在额外的未压缩内容,则可以部分地基于压缩内容的长度和剩余的未压缩内容来确定新的内容长度。 然后可以响应于该请求转发缓冲的内容和新的内容长度。 剩余的未压缩内容可以使用身份压缩分割成预定义的块。 然后,可以将身份压缩应用于剩余的未压缩内容,然后响应于请求将身份压缩转发到目的地。
-
公开(公告)号:US08326984B1
公开(公告)日:2012-12-04
申请号:US13212841
申请日:2011-08-18
IPC分类号: G06F15/173 , G06F15/16
摘要: A system, apparatus, and method selectively provides content compression to a client based, in part, on whether the network connection from the client is determined to be a high latency, low-bandwidth connection. The present invention gathers one or more network metrics associated with the connection from the client. In one embodiment, the metrics include estimated TCP metrics, including smoothed round trip time, maximum segment size (MSS), and bandwidth delay product (BWDP). These estimated network metrics are employed to make an application layer decision of whether the client connection is a high latency, low-bandwidth connection. If it is, then content may be selectively compressed virtually on the fly for transfer over the network connection. In one embodiment, the selective compression uses a content encoding compression feature of the HTTP protocol standard.
摘要翻译: 系统,装置和方法部分地基于来自客户机的网络连接是否被确定为高延迟低带宽连接,有选择地向客户端提供内容压缩。 本发明从客户端收集与该连接相关联的一个或多个网络度量。 在一个实施例中,度量包括估计的TCP度量,包括平滑的往返时间,最大段大小(MSS)和带宽延迟乘积(BWDP)。 采用这些估计的网络度量来做出应用层决定客户端连接是否是高延迟,低带宽连接。 如果是,则内容可以被虚拟地虚拟地选择性地压缩以通过网络连接传送。 在一个实施例中,选择性压缩使用HTTP协议标准的内容编码压缩特征。
-
公开(公告)号:US09106479B1
公开(公告)日:2015-08-11
申请号:US10721565
申请日:2003-11-25
IPC分类号: H04L29/08 , H04L12/805
CPC分类号: H04L29/08009 , H04L29/08045 , H04L29/08072 , H04L45/34 , H04L47/36 , H04L69/16 , H04L69/321 , H04L69/326 , H04L69/329
摘要: A system and method is directed to managing network communications and improving network security. In a communication protocol, an improved method of generating a value that encodes information received in an incoming message, and a corresponding way of validating an incoming message with an encoded value, improves network security. A technique for directing a network device to delay communications includes sending an instruction designating an initial window size of zero to the device. Another technique uses a TCP fast retransmit protocol. The techniques can be used to provide layer four switching, change to layer seven switching when desired, and then change back to layer four switching to improve security in a layer four switching device. Levels of trust can also be used to selectively perform aspects of the invention.
摘要翻译: 系统和方法旨在管理网络通信和提高网络安全性。 在通信协议中,生成对在入局消息中接收的信息进行编码的值的改进方法以及使用编码值验证传入消息的相应方式提高了网络的安全性。 用于引导网络设备延迟通信的技术包括向设备发送指定初始窗口大小为零的指令。 另一种技术使用TCP快速重传协议。 这些技术可用于提供第四层交换,在需要时转换为第七层交换,然后转回到第四层交换,以提高第四层交换设备的安全性。 也可以使用信任级别来选择性地执行本发明的方面。
-
公开(公告)号:US08516113B1
公开(公告)日:2013-08-20
申请号:US13558068
申请日:2012-07-25
IPC分类号: G06F15/16
摘要: A system, apparatus, and method selectively provides content compression to a client based, in part, on whether the network connection from the client is determined to be a high latency, low-bandwidth connection. The present invention gathers one or more network metrics associated with the connection from the client. In one embodiment, the metrics include estimated TCP metrics, including smoothed round trip time, maximum segment size (MSS), and bandwidth delay product (BWDP). These estimated network metrics are employed to make an application layer decision of whether the client connection is a high latency, low-bandwidth connection. If it is, then content may be selectively compressed virtually on the fly for transfer over the network connection. In one embodiment, the selective compression uses a content encoding compression feature of the HTTP protocol standard.
摘要翻译: 系统,装置和方法部分地基于来自客户机的网络连接是否被确定为高延迟低带宽连接,有选择地向客户端提供内容压缩。 本发明从客户端收集与该连接相关联的一个或多个网络度量。 在一个实施例中,度量包括估计的TCP度量,包括平滑的往返时间,最大段大小(MSS)和带宽延迟乘积(BWDP)。 采用这些估计的网络度量来做出应用层决定客户端连接是否是高延迟,低带宽连接。 如果是,则内容可以被虚拟地虚拟地选择性地压缩以通过网络连接传送。 在一个实施例中,选择性压缩使用HTTP协议标准的内容编码压缩特征。
-
公开(公告)号:US08010668B1
公开(公告)日:2011-08-30
申请号:US12981338
申请日:2010-12-29
IPC分类号: G06F15/173 , G06F15/16
摘要: A system, apparatus, and method selectively provides content compression to a client based, in part, on whether the network connection from the client is determined to be a high latency, low-bandwidth connection. The present invention gathers one or more network metrics associated with the connection from the client. In one embodiment, the metrics include estimated TCP metrics, including smoothed round trip time, maximum segment size (MSS), and bandwidth delay product (BWDP). These estimated network metrics are employed to make an application layer decision of whether the client connection is a high latency, low-bandwidth connection. If it is, then content may be selectively compressed virtually on the fly for transfer over the network connection. In one embodiment, the selective compression uses a content encoding compression feature of the HTTP protocol standard.
-
公开(公告)号:US08782393B1
公开(公告)日:2014-07-15
申请号:US11420677
申请日:2006-05-26
IPC分类号: G06F21/00
CPC分类号: H04L63/166 , H04L63/0272 , H04L63/0281 , H04L63/045 , H04L63/061
摘要: A method, system, and apparatus are directed towards enabling access to payload by a third-party sent over an SSL session. The third-party may be a proxy situated between a client and a server. SSL handshake messages are sent between the client and the server to establish the SSL connection. As the SSL handshake messages are routed through the proxy, the proxy may extract data. In addition, one of the client or the server may send another message within, or out-of-band to, the series of SSL handshake message directly to the proxy. The other SSL message may include secret data that the proxy may use to generate a session key for the SSL connection. With the session key, the proxy may receive SSL messages over the SSL connection, modify and/or transpose the payload within the received SSL messages, and/or terminate the SSL connection at the proxy.
摘要翻译: 一种方法,系统和装置旨在使得能够通过SSL会话发送的第三方对负载进行访问。 第三方可以是位于客户端和服务器之间的代理。 在客户端和服务器之间发送SSL握手消息,建立SSL连接。 当SSL握手消息通过代理路由时,代理可以提取数据。 此外,客户端或服务器中的一个可以直接向该代理发送一系列SSL握手消息内或带外的另一消息。 另一SSL消息可以包括代理可用于生成用于SSL连接的会话密钥的秘密数据。 通过会话密钥,代理可以通过SSL连接接收SSL消息,修改和/或转发收到的SSL消息内的有效负载,和/或终止代理服务器上的SSL连接。
-
公开(公告)号:US07783781B1
公开(公告)日:2010-08-24
申请号:US11243629
申请日:2005-10-05
IPC分类号: G06F15/16 , G06F15/173
摘要: A method, system, and apparatus are directed towards compression of content over a network. The content may include content length information, such as within a header. In one embodiment, a portion of the content may be compressed to approximately fill a buffer of a predefined size. If there remains additional uncompressed content, a new content length may be determined based in part on the length of the compressed content and the remaining uncompressed content. The buffered content and the new content length may then be forwarded in response to the request. The remaining uncompressed content may be split into predefined blocks using identity compression. Identity compression may then be applied to the remaining uncompressed content which is then forwarded to a destination in response to the request.
摘要翻译: 一种方法,系统和装置旨在通过网络压缩内容。 内容可以包括内容长度信息,例如在标题内。 在一个实施例中,内容的一部分可以被压缩以大致填充预定大小的缓冲器。 如果仍然存在额外的未压缩内容,则可以部分地基于压缩内容的长度和剩余的未压缩内容来确定新的内容长度。 然后可以响应于该请求转发缓冲的内容和新的内容长度。 剩余的未压缩内容可以使用身份压缩分割成预定义的块。 然后,可以将身份压缩应用于剩余的未压缩内容,然后响应于请求将身份压缩转发到目的地。
-
公开(公告)号:US08379515B1
公开(公告)日:2013-02-19
申请号:US11670410
申请日:2007-02-01
申请人: Arindum Mukerji
发明人: Arindum Mukerji
IPC分类号: G01R31/08
CPC分类号: H04L69/163 , H04L47/26 , H04L47/30 , H04L47/323
摘要: A system, apparatus, and method are directed towards managing traffic over a network by imposing temporal delays in acknowledgments (ACKs). A Traffic Management Device (TMD), interposed between two network session end-points monitors a buffer of relayed packets. If the contents of the buffer exceed a threshold value, delays are imposed on sending of acknowledgements. If the buffer contents exceed the threshold, and the buffer's contents are increasing, the delays may be increased. If the buffer's contents are about at steady state, the acknowledgement delays may be decreased, or maintained at a current delay status. In one embodiment, if the sender is sending packets at a rate above a receiver's ability to receive the packets, and the sender appears not to be decreasing its rate of transmission, an explicit congestion notification echo (ECE) may be sent to the sender.
摘要翻译: 系统,装置和方法旨在通过在确认(ACK)中施加时间延迟来管理网络上的流量。 介于两个网络会话端点之间的流量管理设备(TMD)监视中继分组的缓冲区。 如果缓冲区的内容超过了一个阈值,则会发送确认的延迟。 如果缓冲区内容超过阈值,并且缓冲区的内容正在增加,则可能会增加延迟。 如果缓冲器的内容处于稳定状态,则可以减小确认延迟,或者保持当前的延迟状态。 在一个实施例中,如果发送者以高于接收方接收分组的能力的速率发送分组,并且发送方似乎不降低其传输速率,则可以向发送方发送明确的拥塞通知回显(ECE)。
-
公开(公告)号:US07493383B1
公开(公告)日:2009-02-17
申请号:US11618620
申请日:2006-12-29
申请人: Arindum Mukerji
发明人: Arindum Mukerji
IPC分类号: G06F15/173
CPC分类号: H04L69/16 , H04L47/10 , H04L67/14 , H04L67/148 , H04L69/14 , H04L69/161 , H04L69/165
摘要: A system, apparatus, and method for managing TCP over TCP communications using multiple TCP network connections. A plurality of tunneled network connections may be established between network devices. The network devices may employ one of the tunneled network connections over which to establish a plurality of application sessions. If congestion is detected on the employed tunneled network connection that exceeds a threshold, then a reset flag may be sent to abort that tunneled network connection. At least some of the application sessions are also transferred to another one of plurality of tunneled network connections, without terminating the moved application sessions. In one embodiment, at least one more tunneled network connection may be established between the network devices.
摘要翻译: 一种用于使用多个TCP网络连接来管理TCP over TCP通信的系统,装置和方法。 可以在网络设备之间建立多个隧道化网络连接。 网络设备可以使用隧道网络连接之一来建立多个应用会话。 如果在超过阈值的所采用的隧道网络连接上检测到拥塞,则可以发送复位标志以中止该隧道网络连接。 至少一些应用会话也被转移到多个隧道化网络连接中的另一个,而不终止移动的应用会话。 在一个实施例中,可以在网络设备之间建立至少一个更多的隧道化网络连接。
-
公开(公告)号:US08611222B1
公开(公告)日:2013-12-17
申请号:US13592187
申请日:2012-08-22
IPC分类号: H04L12/28
CPC分类号: H04L69/321
摘要: A system, apparatus, and method are directed towards selectively combining data into a packet to modify a number of packets transmitted over a network based on a detection of a transaction boundary. If it is determined to concatenate the data, such concatenation may continue until an acknowledgement (ACK) is received, or a predetermined amount of data is concatenated in the packet, or a transaction boundary is detected. If at least one of these conditions is satisfied, concatenation may be inhibited, and the packet may be sent. Concatenation is then re-enabled. In one embodiment, Nagle's algorithm is used for concatenating data into a packet. In one embodiment, an ACK may be sent based on a write completion indicator included within a packet. Receipt of the ACK may disable concatenation.
-
-
-
-
-
-
-
-
-
搜索结果
32 条记录 (耗时 0.024 秒)
