专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US08271645B2 Systems and methods for trace filters by association of client to vserver to services 有权
标题翻译：通过将客户端与vserver关联到服务来跟踪过滤器的系统和方法
公开(公告)号：US08271645B2
公开(公告)日：2012-09-18
申请号：US12626204
申请日：2009-11-25
申请人： Roy Rajan , Sudheer Thokala , Saravanakumar Annamalaisami
发明人： Roy Rajan , Sudheer Thokala , Saravanakumar Annamalaisami
IPC分类号： G06F15/173 , G06F15/16 , G06F11/00
CPC分类号： H04L43/10
摘要： The present disclosure is directed towards systems and methods for tracing packets via an intermediary device. The systems and methods include an intermediary device that establishes connections with clients and connections with servers. The intermediary device links a connection to a server with a connection to a client to provide a client with access to the server. When the client requests a packet trace, the intermediary device applies the trace to linked connections with the client to obtain full trace information for network packets servicing the client.
摘要翻译：本公开涉及用于经由中间设备跟踪分组的系统和方法。系统和方法包括建立与客户端的连接和与服务器的连接的中间设备。中间设备将连接与服务器连接到与客户端的连接，以向客户端提供对服务器的访问。当客户端请求数据包跟踪时，中间设备将跟踪应用于与客户端的链接连接，以获得为客户端提供服务的网络数据包的完整跟踪信息。

2. 发明申请

US20110125892A1 SYSTEMS AND METHODS FOR TRACE FILTERS BY ASSOCIATION OF CLIENT TO VSERVER TO SERVICES 有权
标题翻译：通过将客户协会转交给服务来追踪过滤器的系统和方法
公开(公告)号：US20110125892A1
公开(公告)日：2011-05-26
申请号：US12626204
申请日：2009-11-25
申请人： Roy Rajan , Sudheer Thokala , Saravanakumar Annamalaisami
发明人： Roy Rajan , Sudheer Thokala , Saravanakumar Annamalaisami
IPC分类号： G06F15/173
CPC分类号： H04L43/10
摘要： The present disclosure is directed towards systems and methods for tracing packets via an intermediary device. The systems and methods include an intermediary device that establishes connections with clients and connections with servers. The intermediary device links a connection to a server with a connection to a client to provide a client with access to the server. When the client requests a packet trace, the intermediary device applies the trace to linked connections with the client to obtain full trace information for network packets servicing the client.
摘要翻译：本公开涉及用于经由中间设备跟踪分组的系统和方法。系统和方法包括建立与客户端的连接和与服务器的连接的中间设备。中间设备将连接与服务器连接到与客户端的连接，以向客户端提供对服务器的访问。当客户端请求数据包跟踪时，中间设备将跟踪应用于与客户端的链接连接，以获得为客户端提供服务的网络数据包的完整跟踪信息。

3. 发明授权

US08819115B2 Systems and methods for sampling management across multiple cores for HTML injection 有权
标题翻译：用于HTML注入的多个内核采样管理的系统和方法
公开(公告)号：US08819115B2
公开(公告)日：2014-08-26
申请号：US12645677
申请日：2009-12-23
申请人： Roy Rajan , Saravanakumar Annamalaisami
发明人： Roy Rajan , Saravanakumar Annamalaisami
IPC分类号： G06F15/16
CPC分类号： H04L67/10 , H04L67/02 , H04L67/2804 , H04L67/2819 , H04L67/288 , H04L67/325 , H04L67/42
摘要： A method for sampling management includes establishing, for a multi-core intermediary comprising a plurality of packet evaluation components executing on a corresponding plurality of cores, a frequency at which the multi-core intermediary intercepts a response transmitted from a server to a client and injects data into the intercepted response. For each of the plurality of packet evaluation components, an offset and a frequency based on a number of packet evaluation components in the plurality of packet evaluation components is established, a combination of the established frequencies substantially similar to the frequency established for the multi-core intermediary. One of the plurality of cores intercepts a response from the server to the client, at a time specified by the frequency and the offset. The packet evaluation component executing on the one of the plurality of cores injects data into the intercepted response.
摘要翻译：一种用于采样管理的方法包括：对于包含在相应多个核上执行的多个分组评估组件的多核心中介，建立多核中介拦截从服务器发送到客户端的响应并注入的频率数据进入截获的响应。对于多个分组评估组件中的每一个，建立基于多个分组评估组件中的分组评估分量的数量的偏移和频率，所建立的频率的组合与为多核建立的频率基本相似中介。多个核心中的一个在由频率和偏移指定的时间内截获从服务器到客户端的响应。在多个核心中的一个上执行的分组评估组件将数据注入被截获的响应中。

4. 发明申请

US20110153839A1 SYSTEMS AND METHODS FOR SERVER SURGE PROTECTION IN A MULTI-CORE SYSTEM 有权
标题翻译：用于多核系统中的服务器防护的系统和方法
公开(公告)号：US20110153839A1
公开(公告)日：2011-06-23
申请号：US12645803
申请日：2009-12-23
申请人： Roy Rajan , Saravanakumar Annamalaisami
发明人： Roy Rajan , Saravanakumar Annamalaisami
IPC分类号： G06F15/16
CPC分类号： H04L47/32 , H04L67/1002 , H04L67/1008 , H04L67/1029 , H04L69/16
摘要： The present application is directed towards systems and methods for providing connection surge protection to one or more servers by an intermediary multi-core system. A packet processing engine of a multi-core device deployed as an intermediary between a plurality of clients and one or more servers determines an estimated number of total pending requests received by all packet processing engines based on a value of a local counter of received requests, the total number of pending requests received by all other packet processing engines at a last predetermined interval, and a rate of change of the total number of pending requests received by all other packet processing engines multiplied by the time since the last predetermined interval. The packet processing engine applies a surge protection policy to received pending requests responsive to the determined estimated number of total pending requests.
摘要翻译：本申请涉及用于通过中间多核系统向一个或多个服务器提供连接浪涌保护的系统和方法。作为在多个客户机和一个或多个服务器之间的中介部署的多核设备的分组处理引擎，基于接收到的请求的本地计数器的值来确定所有分组处理引擎接收的总待决请求的估计数量，所有其他分组处理引擎以最后一个预定间隔接收到的未决请求的总数，以及所有其他分组处理引擎所接收的待处理请求总数乘以自上一个预定间隔以来的时间的变化率。分组处理引擎响应于所确定的总待决请求的估计数量，将接收的未决请求应用浪涌保护策略。

5. 发明授权

US08463887B2 Systems and methods for server surge protection in a multi-core system 有权
公开(公告)号：US08463887B2
公开(公告)日：2013-06-11
申请号：US12645803
申请日：2009-12-23
申请人： Roy Rajan , Saravanakumar Annamalaisami
发明人： Roy Rajan , Saravanakumar Annamalaisami
IPC分类号： G06F15/173
CPC分类号： H04L47/32 , H04L67/1002 , H04L67/1008 , H04L67/1029 , H04L69/16
摘要： The present application is directed towards systems and methods for providing connection surge protection to one or more servers by an intermediary multi-core system. A packet processing engine of a multi-core device deployed as an intermediary between a plurality of clients and one or more servers determines an estimated number of total pending requests received by all packet processing engines based on a value of a local counter of received requests, the total number of pending requests received by all other packet processing engines at a last predetermined interval, and a rate of change of the total number of pending requests received by all other packet processing engines multiplied by the time since the last predetermined interval. The packet processing engine applies a surge protection policy to received pending requests responsive to the determined estimated number of total pending requests.

6. 发明申请

US20110154488A1 SYSTEMS AND METHODS FOR GENERATING AND MANAGING COOKIE SIGNATURES FOR PREVENTION OF HTTP DENIAL OF SERVICE IN MULTI-CORE SYSTEM 有权
标题翻译：用于生成和管理COOKIE签名的系统和方法，用于防止多核系统中的服务质量问题
公开(公告)号：US20110154488A1
公开(公告)日：2011-06-23
申请号：US12645938
申请日：2009-12-23
申请人： Roy Rajan , Saravanakumar Annamalaisami
发明人： Roy Rajan , Saravanakumar Annamalaisami
IPC分类号： G06F21/00
CPC分类号： G06F15/167 , H04L63/123 , H04L63/168
摘要： The present application is directed towards systems and methods for generating and maintaining cookie consistency for security protection across a plurality of cores in a multi-core system. A packet processing engine executing on one core designated as a primary packet processing engine generates and maintains a global random seed. The global random seed may be used as an initial seed for creation of cookie signatures by each of a plurality of packet processing engines executing on a plurality of cores of the multi-core system using a deterministic pseudo-random number generation function such that each core creates an identical set of cookie signatures.
摘要翻译：本申请涉及用于生成和维护跨多核系统中的多个核心的安全保护的cookie一致性的系统和方法。在指定为主分组处理引擎的一个核上执行的分组处理引擎生成并维护全局随机种子。全局随机种子可以被用作通过使用确定性伪随机数生成函数在多核系统的多个核上执行的多个分组处理引擎中的每一个来创建cookie签名的初始种子，使得每个核心创建一组相同的cookie签名。

7. 发明授权

US08843645B2 Systems and methods for detecting incomplete requests, TCP timeouts and application timeouts 有权
标题翻译：用于检测不完整请求，TCP超时和应用程序超时的系统和方法
公开(公告)号：US08843645B2
公开(公告)日：2014-09-23
申请号：US12822825
申请日：2010-06-24
申请人： Saravanakumar Annamalaisami , Ashok Kumar Jagadeeswaran , Mahesh Mylarappa , Roy Rajan
发明人： Saravanakumar Annamalaisami , Ashok Kumar Jagadeeswaran , Mahesh Mylarappa , Roy Rajan
IPC分类号： G06F15/16 , H04L29/06
CPC分类号： H04L63/1458 , H04L63/166 , H04L63/168
摘要： Described herein is a method and system for preventing Denial of Service (DoS) attacks. An intermediary device is deployed between clients and servers. The device receives a first packet of an application layer transaction via a transport layer connection between the device and client. The device records a last activity time for the transport layer connection based upon the timestamp of the first packet. The device receives subsequent data packets and determines whether the data in the packets completes a protocol data structure of the application layer protocol. If the device determines that the subsequent packet completes the protocol data structure, the last activity time is updated. If the device determines that the application layer protocol remains incomplete, the device retains the last activity time and determines that the duration of inactivity for the transport layer connection exceeds a predetermined threshold. The device may subsequently drop the connection.
摘要翻译：这里描述了防止拒绝服务（DoS）攻击的方法和系统。中间设备部署在客户端和服务器之间。设备经由设备和客户端之间的传输层连接来接收应用层事务的第一分组。设备根据第一个数据包的时间戳记记录传输层连接的最后活动时间。该设备接收后续的数据包，并确定包中的数据是否完成了应用层协议的协议数据结构。如果设备确定后续分组完成协议数据结构，则最后的活动时间被更新。如果设备确定应用层协议保持不完整，则设备保留最后的活动时间，并确定传输层连接的不活动持续时间超过预定阈值。该设备可以随后丢弃连接。

8. 发明授权

US08392562B2 Systems and methods for managing preferred client connectivity to servers via multi-core system 有权
公开(公告)号：US08392562B2
公开(公告)日：2013-03-05
申请号：US12645828
申请日：2009-12-23
申请人： Roy Rajan , Ashwin Jagadish , Saravanakumar Annamalaisami
发明人： Roy Rajan , Ashwin Jagadish , Saravanakumar Annamalaisami
IPC分类号： G06F15/173
CPC分类号： H04L67/14 , G06F9/5055
摘要： The present application is directed towards systems and methods for providing a cookie by an intermediary device comprising a plurality of packet processing engines executing on a corresponding plurality of cores, the cookie identifying a session of a user that was redirected responsive to a service exceeding a response time limit. The cookie may be generated with identifiers based off a name of a virtual server managing a service of a server, and a name of a policy associated with the virtual server. Each packet processing engine of the plurality of packet processing engines may interpret cookies generated by other packet processing engines due to the name of the virtual server and name of the policy, and may provide preferred client connectivity based on cookies included in requests for access to a service.

9. 发明授权

US08214505B2 Systems and methods of handling non-HTTP client or server push on HTTP Vserver 有权
标题翻译：在HTTP Vserver上处理非HTTP客户端或服务器的系统和方法
公开(公告)号：US08214505B2
公开(公告)日：2012-07-03
申请号：US12820730
申请日：2010-06-22
申请人： Ashok Kumar Jagadeeswaran , Roy Rajan , Saravanakumar Annamalaisami
发明人： Ashok Kumar Jagadeeswaran , Roy Rajan , Saravanakumar Annamalaisami
IPC分类号： G06F15/16
CPC分类号： H04L67/22 , H04L67/02
摘要： The present application presents systems and methods for handling by an HTTP virtual server (HTTPVS), connections via which non-HTTP data is transmitted between clients and servers. HTTPVS intercepts a request from a client to establish first transport layer connection (TLC) with a server. HTTPVS establishes second TLC with the servers in response to receiving an acknowledgment from a client to establish the first TLC. HTTPVS determines if a first network packet transmitted via first TLC comprises an HTTP payload or non-HTTP payload. If HTTPVP the first network packet includes HTTP payload, HTTPVS may process all transmissions from the first TLC in accordance with connection tracking and forward the processed transmissions to the server via the second TLC. If HTTPVS determines that the first network packet does not include an HTTP payload, HTTPVS may link the first TLC and the second TLC so the client and server exchange non-HTTP communication without interruption.
摘要翻译：本应用程序提供了由HTTP虚拟服务器（HTTPVS）处理的系统和方法，通过该连接在客户端和服务器之间传输非HTTP数据。 HTTPVS拦截来自客户端的请求，以建立与服务器的第一传输层连接（TLC）。 HTTPVS与服务器建立第二个TLC，响应于从客户端收到建立第一个TLC的确认。 HTTPVS确定通过第一TLC发送的第一网络分组是否包含HTTP有效载荷或非HTTP有效载荷。如果第一网络分组的HTTPVP包括HTTP有效载荷，则HTTPVS可以根据连接跟踪处理来自第一TLC的所有传输，并且经由第二TLC将处理后的传输转发到服务器。如果HTTPVS确定第一个网络数据包不包含HTTP有效载荷，则HTTPVS可以链接第一个TLC和第二个TLC，以便客户端和服务器不间断地交换非HTTP通信。

10. 发明授权

US08380994B2 Systems and methods for generating and managing cookie signatures for prevention of HTTP denial of service in multi-core system 有权
标题翻译：用于生成和管理cookie签名以防止多核系统中的HTTP拒绝服务的系统和方法
公开(公告)号：US08380994B2
公开(公告)日：2013-02-19
申请号：US12645938
申请日：2009-12-23
申请人： Roy Rajan , Saravanakumar Annamalaisami
发明人： Roy Rajan , Saravanakumar Annamalaisami
IPC分类号： H04L9/00
CPC分类号： G06F15/167 , H04L63/123 , H04L63/168
摘要： The present application is directed towards systems and methods for generating and maintaining cookie consistency for security protection across a plurality of cores in a multi-core system. A packet processing engine executing on one core designated as a primary packet processing engine generates and maintains a global random seed. The global random seed may be used as an initial seed for creation of cookie signatures by each of a plurality of packet processing engines executing on a plurality of cores of the multi-core system using a deterministic pseudo-random number generation function such that each core creates an identical set of cookie signatures.
摘要翻译：本申请涉及用于生成和维护跨多核系统中的多个核心的安全保护的cookie一致性的系统和方法。在指定为主分组处理引擎的一个核上执行的分组处理引擎生成并维护全局随机种子。全局随机种子可以被用作通过使用确定性伪随机数生成函数在多核系统的多个核上执行的多个分组处理引擎中的每一个来创建cookie签名的初始种子，使得每个核心创建一组相同的cookie签名。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式