专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

11. 发明申请

US20120271964A1 Load Balancing for Network Devices 有权
标题翻译：网络设备的负载平衡
公开(公告)号：US20120271964A1
公开(公告)日：2012-10-25
申请号：US13090489
申请日：2011-04-20
申请人： Kevin Porter
发明人： Kevin Porter
IPC分类号： G06F15/16
CPC分类号： H04L67/1008 , H04L67/2842
摘要： In one embodiment, an electronic device receives a request; obtains a current state from each of a plurality of electronic devices; and selects one of the plurality of electronic devices to service the request based on the current state of each of the plurality of electronic devices. The current state of each of the plurality of electronic devices is one of a plurality of states in a state model. Each of the plurality of states in the state model indicates a discrete level of workload for the plurality of electronic devices.
摘要翻译：在一个实施例中，电子设备接收请求; 从多个电子设备中的每一个获得当前状态; 并且基于所述多个电子设备中的每一个的当前状态，选择所述多个电子设备中的一个来服务所述请求。多个电子设备中的每一个的当前状态是状态模型中的多个状态之一。状态模型中的多个状态中的每一个表示多个电子设备的工作负荷的离散水平。

12. 发明授权

US08200920B2 Systems and methods for storing and accessing data stored in a data array 有权
标题翻译：用于存储和访问存储在数据阵列中的数据的系统和方法
公开(公告)号：US08200920B2
公开(公告)日：2012-06-12
申请号：US12350902
申请日：2009-01-08
申请人： Joshua David Dinerstein , John A. Aurich , Kenneth Victor Steiner
发明人： Joshua David Dinerstein , John A. Aurich , Kenneth Victor Steiner
IPC分类号： G06F13/00
CPC分类号： G06F17/30961 , G06F12/0866 , G06F12/0888 , G06F2212/465
摘要： Methods, systems, and apparatus for storing and accessing data stored in a data array are presented. In one embodiment, data is stored in a data array that includes a plurality of nodes. The nodes of the data array are segmented into one or more standard and priority pages. The pages are represented in a packed index. The priority pages are then cached and the standard pages are saved to disk. In another embodiment, data stored in a node of a data array may be accessed wherein the data array is segmented into at least one priority page and at least one standard page and the data array includes a plurality of nodes. A request for data stored in the node may be received. A priority page and/or a standard page may be searched for the node and, when found, the node may be accessed.
摘要翻译：提出了存储和访问存储在数据阵列中的数据的方法，系统和装置。在一个实施例中，数据被存储在包括多个节点的数据阵列中。数据阵列的节点被分割成一个或多个标准和优先级页面。页面以打包的索引表示。然后优先级页面被缓存，标准页面被保存到磁盘。在另一个实施例中，可以访问存储在数据阵列的节点中的数据，其中数据阵列被分割成至少一个优先级页面和至少一个标准页面，并且数据阵列包括多个节点。可以接收对节点中存储的数据的请求。可以搜索优先级页面和/或标准页面以查找节点，并且当发现节点可以被访问时。

13. 发明授权

US07555552B2 Method and apparatus for policy management in a network device 有权
标题翻译：网络设备中策略管理的方法和装置
公开(公告)号：US07555552B2
公开(公告)日：2009-06-30
申请号：US11672497
申请日：2007-02-07
申请人： Mark Maxted , Matthew Thurston , Kevin Porter , Chris Zuercher , Doug Moen
发明人： Mark Maxted , Matthew Thurston , Kevin Porter , Chris Zuercher , Doug Moen
IPC分类号： G06F15/173 , G06F15/16
CPC分类号： H04L63/0227 , H04L63/0281
摘要： A method and apparatus for policy management in a network intermediary device. One embodiment of the invention, includes establishing a session between a client and an intermediary device on a network to enable processing of a communication between the client and the intermediary device. Then, the communication is processed by the intermediary device while maintaining a consistent version of policy throughout the communication. Finally, after the communication is complete, the intermediary terminates the communication. The intermediary device may maintain consistent policy by utilizing a policy ticket upon which transactional information is stored and that references the version of policy that was current when the communication first began. The policy ticket may be transported throughout the intermediary device according to a “checkpoint” scheme, and at each checkpoint, evaluating the policy rules, if necessary, to determine appropriate actions to be taken based on current client and network information as applied to the policy rules.
摘要翻译：一种用于网络中介设备中的策略管理的方法和装置。本发明的一个实施例包括在客户机和网络上的中间设备之间建立会话，以便能够处理客户端和中间设备之间的通信。然后，通信由中间设备处理，同时在整个通信中保持一致的策略版本。最后，通信完成后，中介终止通信。中间设备可以通过使用存储事务信息的策略票据来保持一致的策略，并且引用在通信开始时当前的策略的版本。可以根据“检查点”方案在整个中间设备处运输策略单，并且在每个检查点处，如果需要，评估策略规则，以根据当前客户端和网络信息应用于策略来确定要采取的适当动作规则。

14. 发明授权

US07290050B1 Transparent load balancer for network connections 有权
标题翻译：用于网络连接的透明负载均衡器
公开(公告)号：US07290050B1
公开(公告)日：2007-10-30
申请号：US10252061
申请日：2002-09-20
申请人： Cameron Smith , Vilis Ositis
发明人： Cameron Smith , Vilis Ositis
IPC分类号： G06F15/173 , G06F9/46
CPC分类号： H04L67/1008 , H04L67/1002 , H04L67/1006 , H04L69/16 , H04L69/165
摘要： A transparent load balancer receives incoming Ethernet frames having incoming source and destination IP and MAC addresses. The load balancer diverts the incoming frames to one of several multi-application platforms. The incoming frames are communicated across a first TCP connection that terminates on a multi-application platform. The first TCP connection is defined by TCP source and destination ports. The transparent load balancer receives outgoing frames from the multi-application platform and outputs the outgoing frames with source and destination IP and MAC addresses that are identical to the incoming source and destination IP and MAC addresses. The outgoing frames are communicated across a second TCP connection, the second TCP connection being defined by the same TCP source port and TCP destination port of the first TCP connection. The transparent load balancer and multi-application platforms can be inserted into a running network without noticeable interruption to devices on the network.
摘要翻译：透明负载平衡器接收具有传入源和目标IP和MAC地址的入站以太网帧。负载平衡器将进入的帧转移到几个多应用平台之一。传入的帧通过在多应用平台上终止的第一TCP连接进行通信。第一个TCP连接由TCP源端口和目标端口定义。透明负载平衡器从多应用平台接收输出帧，并输出与源IP和MAC地址相同的源IP和MAC地址的出站帧。输出帧通过第二TCP连接进行通信，第二TCP连接由第一TCP连接的相同TCP源端口和TCP目标端口定义。透明负载平衡器和多应用平台可以插入到正在运行的网络中，而不会明显地中断网络上的设备。

15. 发明申请

US20040254943A1 Multiple cache communication and uncacheable objects 有权
标题翻译：多个缓存通信和不可缓存的对象
公开(公告)号：US20040254943A1
公开(公告)日：2004-12-16
申请号：US10812514
申请日：2004-03-30
申请人： Blue Coat Systems, Inc., a Delaware corporation
发明人： Michael A. Malcolm
IPC分类号： G06F017/00
CPC分类号： H04L67/2842 , H04L67/28
摘要： The invention provides a method and system for operating multiple communicating caches. Between caches, unnecessary transmission of repeated information is substantially reduced. Each cache maintains information to improve the collective operation of the system of multiple communicating caches. This can include information about the likely contents of each other cache, or about the behavior of client devices or server devices coupled to other caches in the system. Pairs of communicating caches substantially compress transmitted information. This includes both reliable compression, in which the receiving cache can reliably identify the compressed information in response to the message, and unreliable compression, in which the receiving cache will sometimes be unable to identify the compressed information. A first cache refrains from unnecessarily transmitting the same information to a second cache when each already has a copy. This includes both-maintaining a record at a first cache of information likely to be stored at a second cache, and transmitting a relatively short identifier for that information in place of the information itself. A set of caches are disposed in a directed graph structure, with a set of root caches disposed for coupling to server devices and a set of leaf caches disposed for coupling to client devices. Both root caches and leaf caches maintain non-cacheable objects beyond their initial use, along with digests of the non-cacheable objects. When a server device returns identical information to a root cache, root caches can transmit only associated digests to leaf caches, avoiding re-transmitting the entire non-cacheable object.
摘要翻译：本发明提供了一种用于操作多个通信高速缓存的方法和系统。在高速缓存之间，重复信息的不必要的传输显着减少。每个缓存维护信息以改善多个通信高速缓存系统的集体操作。这可以包括关于每个其他高速缓存的可能内容的信息，或关于耦合到系统中其他高速缓存的客户端设备或服务器设备的行为。成对的通信缓存基本上压缩了传输的信息。这包括可靠的压缩，其中接收缓存可以可靠地识别响应于消息的压缩信息，以及不可靠的压缩，其中接收缓存有时将不能识别压缩信息。当每个已经具有副本时，第一高速缓存避免不必要地将相同的信息发送到第二缓存。这包括在可能存储在第二高速缓存中的信息的第一高速缓存上保持记录，以及代替信息本身来发送用于该信息的相对较短的标识符。一组缓存被布置在有向图结构中，一组根高速缓存被设置用于耦合到服务器设备和一组叶高速缓存，其被设置用于耦合到客户端设备。根高速缓存和叶高速缓存都保留超过其初始使用的非可缓存对象，以及不可缓存对象的摘要。当服务器设备向根高速缓存返回相同的信息时，根高速缓存可以仅将关联的摘要传输到叶高速缓存，避免重新发送整个不可缓存的对象。

16. 发明申请

US20160366160A1 Systems and Methods for Processing Data Flows 审中-公开
标题翻译：用于处理数据流的系统和方法
公开(公告)号：US20160366160A1
公开(公告)日：2016-12-15
申请号：US15137492
申请日：2016-04-25
申请人： Blue Coat Systems, Inc.
发明人： Harsh Kapoor , Moisey Akerman , Stephen Justus , John C. Ferguson , Yevgeny Korsunsky , Paul S. Gallo , Charles Ching Lee , Timothy M. Martin , Chunsheng Fu , Weidong Xu
IPC分类号： H04L29/06 , H04L12/24 , H04L29/08
CPC分类号： H04L63/1425 , G06N3/088 , H04L41/0866 , H04L63/1416 , H04L63/20 , H04L67/306
摘要： A flow processing facility, which uses a set of artificial neurons for pattern recognition, such as a self-organizing map, in order to provide security and protection to a computer or computer system supports unified threat management based at least in part on patterns relevant to a variety of types of threats that relate to computer systems, including computer networks. Flow processing for switching, security, and other network applications, including a facility that processes a data flow to address patterns relevant to a variety of conditions are directed at internal network security, virtualization, and web connection security. A flow processing facility for inspecting payloads of network traffic packets detects security threats and intrusions across accessible layers of the IP-stack by applying content matching and behavioral anomaly detection techniques based on regular expression matching and self-organizing maps. Exposing threats and intrusions within packet payload at or near real-time rates enhances network security from both external and internal sources while ensuring security policy is rigorously applied to data and system resources. Intrusion Detection and Protection (IDP) is provided by a flow processing facility that processes a data flow to address patterns relevant to a variety of types of network and data integrity threats that relate to computer systems, including computer networks.
摘要翻译：使用一组用于模式识别的人造神经元（例如自组织图）以便向计算机或计算机系统提供安全性和保护的流程处理设备至少部分地基于与与计算机系统（包括计算机网络）相关的各种类型的威胁。用于交换，安全和其他网络应用的流处理，包括处理数据流以处理与各种条件相关的模式的设施，针对内部网络安全性，虚拟化和Web连接安全性。用于检查网络流量包的有效载荷的流处理设备通过应用基于正则表达式匹配和自组织映射的内容匹配和行为异常检测技术来检测IP堆栈的可访问层的安全威胁和入侵。在实时速率或接近实时速率的情况下，在数据包有效载荷中暴露威胁和入侵，从而确保安全策略严格应用于数据和系统资源，从而提高了外部和内部来源的网络安全性。入侵检测和保护（IDP）由处理数据流的流处理设备提供，以处理与包括计算机网络在内的计算机系统相关的各种类型的网络和数据完整性威胁相关的模式。

17. 发明授权

US09419990B2 Apparatus and method for characterizing the risk of a user contracting malicious software 有权
标题翻译：用于表征用户收集恶意软件的风险的装置和方法
公开(公告)号：US09419990B2
公开(公告)日：2016-08-16
申请号：US13754810
申请日：2013-01-30
申请人： Blue Coat Systems, Inc.
发明人： Joseph H. Levy , Matthew S. Wood
IPC分类号： H04L29/06
CPC分类号： H04L63/1408 , H04L63/0281 , H04L63/1425
摘要： A non-transitory computer readable storage medium includes executable instructions to identify specified network interactions initiated by a client machine. The specified network interactions are compared to normative values to produce a promiscuity score indicative of the risk of the client machine contracting malicious software. Depending upon the promiscuity score, prophylactic actions are optionally applied to the client machine.
摘要翻译：非暂时性计算机可读存储介质包括用于识别客户端机器发起的指定网络交互的可执行指令。将指定的网络交互与规范值进行比较，以产生指示客户端计算机收缩恶意软件风险的滥交分数。根据滥交分数，预防性行为可选地应用于客户端机器。

18. 发明授权

US08839404B2 System and method for building intelligent and distributed L2-L7 unified threat management infrastructure for IPv4 and IPv6 environments 有权
标题翻译：构建用于IPv4和IPv6环境的智能分布式L2-L7统一威胁管理基础设施的系统和方法
公开(公告)号：US08839404B2
公开(公告)日：2014-09-16
申请号：US13116760
申请日：2011-05-26
申请人： Qing Li , Ronald Andrew Frederick , Thomas A. Clare
发明人： Qing Li , Ronald Andrew Frederick , Thomas A. Clare
IPC分类号： H04L29/06 , H04L29/08
CPC分类号： H04L63/20 , H04L63/0218 , H04L63/0245 , H04L63/0263 , H04L63/0281 , H04L63/1425 , H04L63/145 , H04L67/327
摘要： A security gateway appliance is configured to evaluate network traffic according to security rules that classify traffic flows according to specifically identified application programs responsible for producing and/or consuming the network traffic and to enforce policies in accordance with network traffic classifications. The appliance includes an on-box anti-virus/anti-malware engine, on-box data loss prevention engine and on-box authentication engine. One or more of these engines is informed by an on-box dynamic real tie rating system that allows for determined levels of scrutiny to be paid to the network traffic. Security gateways of this type can be clustered together to provide a set of resources for one or more networks, and in some instances as the backbone of a cloud-based service.
摘要翻译：安全网关设备被配置为根据根据专门识别的负责生成和/或消耗网络流量的应用程序对业务流进行分类的安全规则来评估网络流量，并根据网络流量分类来执行策略。该设备包括一个箱内防病毒/反恶意软件引擎，即插即用数据丢失防护引擎和开箱验证引擎。这些引擎中的一个或多个通过一个盒内动态真实连接分级系统通知，该系统允许将确定的审查级别支付给网络流量。这种类型的安全网关可以集群在一起，为一个或多个网络提供一组资源，在某些情况下作为基于云服务的骨干网。

19. 发明授权

US08788822B1 Enhanced QoS solution for thin client or remote access sessions 有权
标题翻译：针对瘦客户机或远程访问会话的增强型QoS解决方案
公开(公告)号：US08788822B1
公开(公告)日：2014-07-22
申请号：US11149684
申请日：2005-06-10
申请人： Guy Riddle
发明人： Guy Riddle
IPC分类号： H04L29/06
CPC分类号： H04L69/14 , H04L47/6275 , H04L67/322 , H04L69/16
摘要： Methods, apparatuses and systems directed to the application of network QoS policy to different data types multiplexed over a connection corresponding to a given session between a first host and a second host. In one implementation, the present invention includes a dual gateway architecture where a first gateway terminates the connection with a remote access client, demultiplexes the remote access session data stream into a plurality of separate streams for transmission to a second gateway. The second gateway re-multiplexes the separate data streams into a single remote access session data stream for transmission to a remote access server. The use of separate data streams between the first and second gateways allows for the application of individual policies on the components of the remote access session data flow. For example, a policy scheme can be configured that gives preference to mouse movements, transmitted in a first data stream, over printer traffic, transmitted in a second data stream. The present invention can also be applied to network application protocols, other than remote access protocols, that multiplex more than one “virtual channel” containing different traffic types over a single transport layer connection.
摘要翻译：针对将网络QoS策略应用于通过对应于第一主机和第二主机之间的给定会话的连接复用的不同数据类型的方法，装置和系统。在一个实现中，本发明包括双网关架构，其中第一网关终止与远程访问客户端的连接，将远程访问会话数据流解复用为多个单独的流以传输到第二网关。第二网关将单独的数据流重新多路复用到单个远程访问会话数据流中，以便传输到远程访问服务器。在第一和第二网关之间使用单独的数据流允许在远程访问会话数据流的组件上应用单独的策略。例如，可以配置策略方案，其优先考虑在第一数据流中传输的鼠标移动，通过打印机流量，在第二数据流中传输。本发明还可以应用于在单个传输层连接上复用包含不同业务类型的多于一个“虚拟信道”的除了远程接入协议之外的网络应用协议。

20. 发明授权

US08612541B2 Method and apparatus for multi-tenant policy management in a network device 有权
标题翻译：网络设备中多租户策略管理的方法和装置
公开(公告)号：US08612541B2
公开(公告)日：2013-12-17
申请号：US13098268
申请日：2011-04-29
申请人： Mark Maxted
发明人： Mark Maxted
IPC分类号： G06F15/16
CPC分类号： H04L63/0281 , H04L63/0227
摘要： A communication between a client and an intermediary device on a network is evaluated at multiple communication flow checkpoints according to a tenant-specific policy current at the outset of the communication and selected according to an identification of a tenant with which the client is associated, the identified tenant being one of a plurality of tenants services by the intermediary device. Non-current policies are maintained by the intermediary device for use in connection with communications that have not yet been fully processed so that consistency of policy enforcement is maintained even if policies change while transactions are in process. Further, long-standing transactions may be reevaluated in light of changed policies to determine whether or not the transactions should be dropped.
摘要翻译：根据在通信开始时根据租户特定策略电流在多个通信流检查点处评估网络上的客户端和中间设备之间的通信，并且根据与客户端相关联的租户的标识来选择该通信，确定的租户是中介设备的多个租户服务之一。非当前政策由中介设备维护，用于尚未完全处理的通信，以便即使政策在交易过程中发生变化时仍维持政策执行的一致性。此外，长期的交易可能会根据改变的政策重新评估，以确定交易是否应该被丢弃。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式