-
公开(公告)号:US11563632B2
公开(公告)日:2023-01-24
申请号:US17231063
申请日:2021-04-15
申请人: A10 Networks, Inc.
发明人: Rishi Sampat , Rajkumar Jalan
IPC分类号: H04L41/0806 , H04L69/163 , G06F9/455 , H04L67/141 , G06F9/54 , H04L67/00 , H04L41/0233 , G06F9/445 , G06F21/00 , G06F21/57 , H04L67/60 , H04L9/40 , H04L41/084
摘要: Provided are systems and methods for configuring a network servicing node with user-defined instruction scripts. A method for configuring a network servicing node with user-defined instruction scripts may commence with receiving, from a user of the network servicing node, a user loadable program. The user loadable program may include at least the user-defined instruction scripts. The method may continue with receiving a data packet from a data network associated with the user. The method may further include determining a condition associated with the data packet. The method may continue with identifying, in a name table, a program name associated with a program using the condition. The program may be the user loadable program. The method may further include processing the data packet by getting an instruction of the user-defined instruction scripts from a storage module and applying the instruction to the data packet.
-
公开(公告)号:US11323529B2
公开(公告)日:2022-05-03
申请号:US15652820
申请日:2017-07-18
申请人: A10 NETWORKS, INC.
发明人: Rishi Sampat , Rajkumar Jalan
IPC分类号: H04L67/56 , H04L69/168 , H04L67/01 , H04L69/326 , H04L69/163 , H04L67/02 , H04L67/563
摘要: Systems and methods for TCP fast open support in proxy devices are provided. An example system may include at least one circuit and at least one data plane communicatively coupled to the circuit. The circuit may be configured to receive at least one SYN packet. The at least one SYN packet is associated with at least one client device and includes a cookie. The circuit can be configured to validate the cookie. If the result of the validation is positive, the data plane can be configured to initiate, based on the at least one SYN packet, a connection between the at least one client device and at least one server. If the result of the validation is negative, the circuit can be configured to generate, based on the SYN packet, a new cookie and send a SYN-ACK packet to the client, the SYN-ACK packet including the new cookie.
-
公开(公告)号:US20210258209A1
公开(公告)日:2021-08-19
申请号:US17231063
申请日:2021-04-15
申请人: A10 Networks, Inc.
发明人: Rishi Sampat , Rajkumar Jalan
IPC分类号: H04L12/24 , H04L29/06 , H04L29/08 , G06F9/455 , G06F9/54 , G06F9/445 , G06F21/00 , G06F21/57
摘要: Provided are systems and methods for configuring a network servicing node with user-defined instruction scripts. A method for configuring a network servicing node with user-defined instruction scripts may commence with receiving, from a user of the network servicing node, a user loadable program. The user loadable program may include at least the user-defined instruction scripts. The method may continue with receiving a data packet from a data network associated with the user. The method may further include determining a condition associated with the data packet. The method may continue with identifying, in a name table, a program name associated with a program using the condition. The program may be the user loadable program. The method may further include processing the data packet by getting an instruction of the user-defined instruction scripts from a storage module and applying the instruction to the data packet.
-
公开(公告)号:US10972344B2
公开(公告)日:2021-04-06
申请号:US16267823
申请日:2019-02-05
申请人: A10 Networks, Inc.
IPC分类号: G06F15/173 , H04L12/24 , H04L12/26
摘要: Provided are methods and systems for adjusting subscriber policies. A method for adjusting of subscriber policies may include applying traffic enforcement rules to a data traffic associated with a subscriber. The method can further include determining network conditions associated with the data traffic. The method can include modifying, based on the determination of the network conditions, attributes according to attribute adjustment rules to obtain modified attributes. The method can further include modifying the traffic enforcement rules based on the modified attributes to obtain modified traffic enforcement rules.
-
公开(公告)号:US10911490B2
公开(公告)日:2021-02-02
申请号:US15856456
申请日:2017-12-28
申请人: A10 Networks, Inc.
发明人: Micheal Thompson , Richard Groves
摘要: A security platform running on a server includes (a) protocol stacks each configured to receive and to transmit IP data packets over a network interface, wherein the protocol stacks have predetermined performance characteristics that are different from each other and wherein each protocol stack includes one or more program interfaces to allow changes to its performance characteristics; (b) application programs each configured to receive and transmit payloads of the IP data packets, wherein at least two of the application programs are customized to handle different content types in the payloads and wherein each application program accesses the program interface of at least one protocol stack to tune performance characteristics of the protocol stack; (c) classifiers configured to inspect at a given time IP data packets then received in the network interface to select one of the protocol stack and one of the application programs to service the data packets; and (d) a control program to load and run the selected protocol stack and the selected application program.
-
公开(公告)号:US10581907B2
公开(公告)日:2020-03-03
申请号:US16114619
申请日:2018-08-28
申请人: A10 NETWORKS, INC.
发明人: Rajkumar Jalan , Ronald Wai Lun Szeto , Steven Wu
IPC分类号: H04L29/06
摘要: Provided are methods and systems for network access control. A method for network access control may commence with determining whether a client device is a trusted source or an untrusted source. The determination may be performed using a SYN packet received from the client device. The SYN packet may include identifying information for the client device. When it is determined that the client device is neither the trusted source nor the untrusted source, the method may continue with transmitting a SYN/ACK packet to the client device. The SYN/ACK packet may include a SYN cookie and identifying information for a network device. The method may further include receiving an ACK packet from the client device that may include the identifying information for the client device, identifying information for the network device, and the SYN cookie. The method may continue with establishing a connection with a network for the client device.
-
公开(公告)号:US10536517B2
公开(公告)日:2020-01-14
申请号:US15460952
申请日:2017-03-16
申请人: A10 Networks, Inc.
发明人: Yang Yang , Yichao He , Ali Golshan
摘要: A method and system for selecting a server load balancer (SLB) for processing requests associated with a client are provided. The method may commence with receiving a Domain Name System (DNS) request from a client DNS server associated with the client. The method may include determining a geolocation of the client. The method may continue with receiving a time delay record including a round trip time (RTT) between the client and each of pluralities of SLBs and a geolocation of each SLB. The method may include matching the geolocation of the client and the geolocation of each of the pluralities of SLBs. The method may include selecting SLBs having the geolocation that matches the geolocation of the client. The method may further include selecting, from the SLBs, an SLB having a lowest RTT and sending a DNS response comprising network data of the selected SLB to the client DNS server.
-
公开(公告)号:US10484465B2
公开(公告)日:2019-11-19
申请号:US15858578
申请日:2017-12-29
申请人: A10 NETWORKS, INC.
摘要: The processing of data packets sent over a communication session between a host and a server by a service gateway includes processing a data packet using a current hybrid-stateful or hybrid-stateless processing method. The processing then checks whether a hybrid-stateless or hybrid-stateful condition is satisfied. When one of the sets of conditions is satisfied, the process includes changing from a hybrid-stateful to a hybrid-stateless processing method, or vice versa, for a subsequently received data packet. If the conditions are not satisfied, the process continues as originally structured.
-
公开(公告)号:US10469594B2
公开(公告)日:2019-11-05
申请号:US14962058
申请日:2015-12-08
申请人: A10 Networks, Inc.
发明人: Xuyang Jiang , Yang Yang , Ali Golshan
IPC分类号: H04L29/08 , H04L29/06 , H04N21/222 , G06F21/00 , H04L9/00 , H04N21/647
摘要: Provided are methods and systems for inspecting secure data. A system for inspecting secure data comprises a server facing module, and a client facing module in communication with the server facing module. The client facing module is operable to intercept a client request associated with the secure data to establish a secure connection with a server, establish a data traffic channel via the server facing module, and provide a control message to the server facing module via the data traffic channel. The control message includes an instruction to the server facing module to obtain a security certificate from the server. The security certificate is received from the server facing module via the data traffic channel. The security certificate is forged to establish the secure connection between the client and the client facing module. The client facing module sends unencrypted data to the server facing module via the data traffic channel.
-
10.发明授权公开(公告)号:US10411956B2
公开(公告)日:2019-09-10
申请号:US16125078
申请日:2018-09-07
申请人: A10 NETWORKS, INC.
发明人: Ali Golshan , Swaminathan Sankar , Venky Natham
摘要: Provided are methods and systems for enabling a planned upgrade or a planned downgrade of a first network device. A method may commence with receiving a request for a virtual service via a Transmission Control Protocol (TCP) session between the first network device and the client device. The method may further include creating, by a second network device being a standby device for the first network device, a redirect network session for the TCP session. The method may continue with delivering, by the first network device, the request for the virtual service to a server. Upon a change designating the second network device as an active device for the virtual service, the second network device may receive, from the server, a server response associated with the virtual service and redirect the server response to the first network device for further sending of the server response to the client device.
-
-
-
-
-
-
-
-
-
搜索结果
228 条记录 (耗时 0.029 秒)
