CA2545496A1 - Virtual private network with pseudo server - Google Patents

Virtual private network with pseudo server Download PDF

Info

Publication number
CA2545496A1
CA2545496A1 CA002545496A CA2545496A CA2545496A1 CA 2545496 A1 CA2545496 A1 CA 2545496A1 CA 002545496 A CA002545496 A CA 002545496A CA 2545496 A CA2545496 A CA 2545496A CA 2545496 A1 CA2545496 A1 CA 2545496A1
Authority
CA
Canada
Prior art keywords
server
target
packet traffic
packet
pseudo
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CA002545496A
Other languages
French (fr)
Other versions
CA2545496C (en
Inventor
Gouthman P. Rao
Robert Rodriguez
Eric Brueggemann
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Citrix Gateways Inc
Original Assignee
Citrix Gateways, Inc.
Gouthman P. Rao
Robert Rodriguez
Eric Brueggemann
Net6, Inc.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Citrix Gateways, Inc., Gouthman P. Rao, Robert Rodriguez, Eric Brueggemann, Net6, Inc. filed Critical Citrix Gateways, Inc.
Publication of CA2545496A1 publication Critical patent/CA2545496A1/en
Application granted granted Critical
Publication of CA2545496C publication Critical patent/CA2545496C/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/02Details
    • H04L12/22Arrangements for preventing the taking of data from a data transmission channel without authorisation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0272Virtual private networks
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/30Monitoring
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F15/00Digital computers in general; Data processing equipment in general
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4641Virtual LANs, VLANs, e.g. virtual private networks [VPN]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/16Implementing security features at a particular protocol layer
    • H04L63/164Implementing security features at a particular protocol layer at the network layer

Abstract

A system, apparatus and a method for implementing a secured communications link at a layer other than that at which packets are filtered are disclosed.
In one embodiment, a computer system is configured to form a virtual private network ("VPN") and comprises an address inspection driver to identify initial target packet traffic addressed to a target server. Also, the computer system includes a pseudo server module to receive rerouted initial target packet traffic from the address inspection driver. The pseudo server module is configured to convey packet regeneration instructions to a VPN gateway. The address inspection driver functions to identify additional target packet traffic addressed to the target server and routes the additional target packet traffic to the pseudo server. In one embodiment, the pseudo server is configured to strip header information from the additional target packet traffic to form a payload, and thereafter, to route the payload to the target server.

Claims (23)

1. A method for securing communications with a remote client computing device by establishing a virtual private network, comprising:
generating packet traffic with a communication application running on a client computing device;
identifying at said client computing device target packet traffic of said packet traffic that is addressed to a target server;
forming a secure communications link between a pseudo server module on said computing device and said target server;
directing additional packet traffic addressed to said target server to said pseudo server module;
sending an acknowledgment to said communication application upon receipt of said additional packet traffic rerouted to said pseudo server module; and routing a payload to said target server.
2. The method of claim 1 wherein identifying at said client computing device said target packet traffic comprises:
inspecting said packet traffic at an address inspection driver;
matching information of said packet traffic to an address representing said target server; and filtering a subset of said packet traffic bound for said address representing said target server as said traffic packet traffic to be rerouted to said pseudo server module.
3. The method of claim 1 wherein forming said secure communications link between said pseudo server and said target server comprises:
rerouting said target packet traffic to said pseudo server module on said client computing device, said pseudo server module conveying packet regeneration instructions to said target server;
receiving a link acknowledgment from said target server in response to receipt of said packet regeneration instructions at said target server; and conveying said link acknowledgment to said communication application.
4. The method of claim 3 wherein conveying said packet regeneration instructions comprises including information for regenerating header information at said target server.
5. The method of claim 4 wherein including information further comprises including conversion information from converting said target packet traffic from a first format to a second format.
6. The method of claim 5 wherein including conversion information includes information for converting said first format associated with the Transmission Control Protocol ("TCP") to a second format associated with the User Data Protocol ("UDP").
7. The method of claim 1 wherein routing said payload to said target server comprises stripping header information from said additional packet traffic to form a payload.
8. The method of claim 1 wherein said acknowledgement is a false acknowledgment.
9. A computer system for forming a virtual private network, comprising:
an address inspection driver to identify initial target packet traffic addressed to a target server; and a pseudo server module to receive rerouted initial target packet traffic from said address inspection driver, said pseudo server module conveying packet regeneration instructions to said target server;
wherein said address inspection driver identifies additional target packet traffic addressed to said target server and routes said additional target packet traffic to said pseudo server; and wherein said pseudo server strips header information from said additional target packet traffic to form a payload and thereafter routes said payload to said target server.
10. The computer system of claim 9 further comprising a driver mapping data structure configured to include source information and destination information against which said address inspection driver compares packet information from said initial packet traffic.
11. The computer system of claim 9 wherein said address inspection driver is configured to filter said additional target packet traffic from passing unencrypted to said target server when at least a portion of said packet information matches at least a portion of said destination information.
12. The computer system of claim 9 wherein said address inspection driver is configured to generate a control packet that is rerouted to said pseudo server in association with said initial target packet traffic.
13. The computer system of claim 12 wherein said control packet includes source and destination information of said initial target packet traffic for detecting packet traffic originating at said target server.
14. The computer system of claim 9 wherein said packet regeneration instructions are configured to direct said target server to regenerate said target packet traffic to form regenerated packet traffic including regenerated header information and said payload.
15. The computer system of claim 9 further comprising a protocol stack in which said address inspection driver resides at or near the network layer and said pseudo server module resides at or near said transportation layer, said network layer and transportation layer being layers in accordance with the Open System Interconnection model.
16. The computer system of claim 15 wherein said address inspection driver inspects and filters packets at or near said network layer, thereby supporting any routing protocol with which to establish a secured communications link in said virtual private network.
17. The computer system of claim 17 wherein said pseudo server passes encrypted packets onto a secured communications link originating at or near said transportation layer, thereby enabling said encrypted packets to pass through network address translation ("NAT")-enabled network devices.
18 18. A virtual private network, comprising:
a client machine configured as a pseudo server machine with respect to a communication application running on said client machine, such that said communication application receives packet traffic acknowledgements from said pseudo server machine; and a virtual private network gateway operative with a server machine to function as a client machine with respect to said pseudo server machine to facilitate secure communications between said client machine and said server machine.
19. The virtual private network of claim 17 wherein said virtual private network gateway selectably conceals from said server machine an address of said client machine running said communication application.
20. The virtual private network of claim 17 wherein said pseudo server machine includes an acknowledgement generator module for generating said packet traffic acknowledgements as false acknowledgments.
21. The virtual private network of claim 17 wherein said pseudo server machine includes a packet modifier module configured to modify packets representing said secure communications to form modified packets by stripping header information therefrom.
22. The virtual private network of claim 21 wherein said pseudo server machine is configured to form a raw socket at a socket layer with which to pass said secure communications.
23. The virtual private network of claim 17 wherein said pseudo server machine includes a flag-UDP-as-TCP module configured to modify a flag in a UDP packet to indicate said UDP packet is a TCP packet, thereby forming a pseudo-UDP packet.
CA2545496A 2003-11-11 2004-11-12 Virtual private network with pseudo server Active CA2545496C (en)

Applications Claiming Priority (5)

Application Number Priority Date Filing Date Title
US51830503P 2003-11-11 2003-11-11
US60/518,305 2003-11-11
US52499903P 2003-11-24 2003-11-24
US60/524,999 2003-11-24
PCT/US2004/037918 WO2005048106A2 (en) 2003-11-11 2004-11-12 Virtual private network with pseudo server

Publications (2)

Publication Number Publication Date
CA2545496A1 true CA2545496A1 (en) 2005-05-26
CA2545496C CA2545496C (en) 2012-10-30

Family

ID=34594904

Family Applications (1)

Application Number Title Priority Date Filing Date
CA2545496A Active CA2545496C (en) 2003-11-11 2004-11-12 Virtual private network with pseudo server

Country Status (6)

Country Link
US (1) US7496097B2 (en)
EP (1) EP1683020B1 (en)
JP (1) JP2007533172A (en)
KR (1) KR20070026331A (en)
CA (1) CA2545496C (en)
WO (1) WO2005048106A2 (en)

Families Citing this family (72)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7117239B1 (en) 2000-07-28 2006-10-03 Axeda Corporation Reporting the state of an apparatus to a remote computer
US7185014B1 (en) 2000-09-22 2007-02-27 Axeda Corporation Retrieving data from a server
US8108543B2 (en) 2000-09-22 2012-01-31 Axeda Corporation Retrieving data from a server
US7254601B2 (en) 2001-12-20 2007-08-07 Questra Corporation Method and apparatus for managing intelligent assets in a distributed environment
US7178149B2 (en) 2002-04-17 2007-02-13 Axeda Corporation XML scripting of soap commands
US8910241B2 (en) 2002-04-25 2014-12-09 Citrix Systems, Inc. Computer security system
US7966418B2 (en) 2003-02-21 2011-06-21 Axeda Corporation Establishing a virtual tunnel between two computer programs
US7978716B2 (en) 2003-11-24 2011-07-12 Citrix Systems, Inc. Systems and methods for providing a VPN solution
US8065418B1 (en) 2004-02-02 2011-11-22 Apple Inc. NAT traversal for media conferencing
US8739274B2 (en) 2004-06-30 2014-05-27 Citrix Systems, Inc. Method and device for performing integrated caching in a data communication network
US7757074B2 (en) 2004-06-30 2010-07-13 Citrix Application Networking, Llc System and method for establishing a virtual private network
US8495305B2 (en) 2004-06-30 2013-07-23 Citrix Systems, Inc. Method and device for performing caching of dynamically generated objects in a data communication network
CN101199187A (en) 2004-07-23 2008-06-11 茨特里克斯系统公司 A method and systems for securing remote access to private networks
US7808906B2 (en) 2004-07-23 2010-10-05 Citrix Systems, Inc. Systems and methods for communicating a lossy protocol via a lossless protocol using false acknowledgements
JP4759382B2 (en) * 2004-12-21 2011-08-31 株式会社リコー COMMUNICATION DEVICE, COMMUNICATION METHOD, COMMUNICATION PROGRAM, AND RECORDING MEDIUM
US20100195538A1 (en) * 2009-02-04 2010-08-05 Merkey Jeffrey V Method and apparatus for network packet capture distributed storage system
EP1832054B1 (en) * 2004-12-23 2018-03-21 Symantec Corporation Method and apparatus for network packet capture distributed storage system
US8954595B2 (en) 2004-12-30 2015-02-10 Citrix Systems, Inc. Systems and methods for providing client-side accelerated access to remote applications via TCP buffering
US8706877B2 (en) 2004-12-30 2014-04-22 Citrix Systems, Inc. Systems and methods for providing client-side dynamic redirection to bypass an intermediary
US7810089B2 (en) 2004-12-30 2010-10-05 Citrix Systems, Inc. Systems and methods for automatic installation and execution of a client-side acceleration program
US8549149B2 (en) 2004-12-30 2013-10-01 Citrix Systems, Inc. Systems and methods for providing client-side accelerated access to remote applications via TCP multiplexing
US8255456B2 (en) 2005-12-30 2012-08-28 Citrix Systems, Inc. System and method for performing flash caching of dynamically generated objects in a data communication network
FI118316B (en) * 2005-02-14 2007-09-28 Teliasonera Ab Communication channel between at least two private networks
AU2006298420B2 (en) * 2005-10-06 2011-02-17 Nds Limited Security device and building block functions
US8301839B2 (en) 2005-12-30 2012-10-30 Citrix Systems, Inc. System and method for performing granular invalidation of cached dynamically generated objects in a data communication network
US7921184B2 (en) 2005-12-30 2011-04-05 Citrix Systems, Inc. System and method for performing flash crowd caching of dynamically generated objects in a data communication network
US8869262B2 (en) 2006-08-03 2014-10-21 Citrix Systems, Inc. Systems and methods for application based interception of SSL/VPN traffic
US8495181B2 (en) * 2006-08-03 2013-07-23 Citrix Systems, Inc Systems and methods for application based interception SSI/VPN traffic
US7843912B2 (en) * 2006-08-03 2010-11-30 Citrix Systems, Inc. Systems and methods of fine grained interception of network communications on a virtual private network
US8370479B2 (en) 2006-10-03 2013-02-05 Axeda Acquisition Corporation System and method for dynamically grouping devices based on present device conditions
US20080155052A1 (en) * 2006-12-22 2008-06-26 Texas Instruments, Inc. Method And System For Capture, Display And Network Analysis For A Wireless Access Point
US8065397B2 (en) 2006-12-26 2011-11-22 Axeda Acquisition Corporation Managing configurations of distributed devices
US7990969B2 (en) * 2007-06-22 2011-08-02 Verizon Patent And Licensing Inc. Multiprotocol label switching (MPLS) interface with virtual private network (VPN) application
US8516539B2 (en) 2007-11-09 2013-08-20 Citrix Systems, Inc System and method for inferring access policies from access event records
US8990910B2 (en) 2007-11-13 2015-03-24 Citrix Systems, Inc. System and method using globally unique identities
JP4498406B2 (en) * 2007-11-21 2010-07-07 株式会社東芝 Network virtualization system, relay device, and program
KR100930037B1 (en) * 2007-12-17 2009-12-07 한국전자통신연구원 Network address translation simulation method and system
US8218459B1 (en) * 2007-12-20 2012-07-10 Genbrand US LLC Topology hiding of a network for an administrative interface between networks
US8364847B2 (en) 2008-02-29 2013-01-29 Microsoft Corporation Address management in a connectivity platform
US8825883B2 (en) * 2008-02-29 2014-09-02 Microsoft Corporation Connectivity platform
US20090234953A1 (en) * 2008-03-11 2009-09-17 Palm, Inc. Apparatus and methods for integration of third party virtual private network solutions
US9240945B2 (en) 2008-03-19 2016-01-19 Citrix Systems, Inc. Access, priority and bandwidth management based on application identity
WO2009115132A1 (en) * 2008-03-20 2009-09-24 Telefonaktiebolaget Lm Ericsson (Publ) Method and apparatus for use in a communications network
TWI502952B (en) * 2008-03-25 2015-10-01 Chunghwa Telecom Co Ltd Digital switch traffic routing auditing method
CN101572643B (en) * 2008-04-30 2011-06-22 成都市华为赛门铁克科技有限公司 Method and system for realizing data transmission among private networks
US8943575B2 (en) 2008-04-30 2015-01-27 Citrix Systems, Inc. Method and system for policy simulation
US20090292736A1 (en) * 2008-05-23 2009-11-26 Matthew Scott Wood On demand network activity reporting through a dynamic file system and method
US8004998B2 (en) * 2008-05-23 2011-08-23 Solera Networks, Inc. Capture and regeneration of a network data using a virtual software switch
US8521732B2 (en) 2008-05-23 2013-08-27 Solera Networks, Inc. Presentation of an extracted artifact based on an indexing technique
US8625642B2 (en) 2008-05-23 2014-01-07 Solera Networks, Inc. Method and apparatus of network artifact indentification and extraction
US8990573B2 (en) 2008-11-10 2015-03-24 Citrix Systems, Inc. System and method for using variable security tag location in network communications
CN101442494B (en) * 2008-12-16 2011-06-22 中兴通讯股份有限公司 Method for implementing rapid rerouting
WO2011060377A1 (en) * 2009-11-15 2011-05-19 Solera Networks, Inc. Method and apparatus for real time identification and recording of artifacts
US20110125749A1 (en) * 2009-11-15 2011-05-26 Solera Networks, Inc. Method and Apparatus for Storing and Indexing High-Speed Network Traffic Data
US9054913B1 (en) 2009-11-30 2015-06-09 Dell Software Inc. Network protocol proxy
KR101027725B1 (en) * 2009-12-29 2011-04-12 주식회사 피앤피시큐어 Security system
US8811397B2 (en) 2010-02-16 2014-08-19 Ncp Engineering Gmbh System and method for data communication between a user terminal and a gateway via a network node
US8769097B2 (en) * 2010-04-19 2014-07-01 Henri Rizk First-point of entry (FPOE) method for multiple social networks and systems and methods for enabling users to interact democratically within open groups and for managing voting rights in an online social network environment
US8578486B2 (en) 2010-06-18 2013-11-05 Microsoft Corporation Encrypted network traffic interception and inspection
US8849991B2 (en) 2010-12-15 2014-09-30 Blue Coat Systems, Inc. System and method for hypertext transfer protocol layered reconstruction
US8666985B2 (en) 2011-03-16 2014-03-04 Solera Networks, Inc. Hardware accelerated application-based pattern matching for real time classification and recording of network traffic
CN103080961A (en) * 2011-07-29 2013-05-01 英特瑞伦股份有限公司 Method for detecting and preventing illegal transactions in electronic commerce and system therefor
US10432587B2 (en) * 2012-02-21 2019-10-01 Aventail Llc VPN deep packet inspection
US9451056B2 (en) * 2012-06-29 2016-09-20 Avaya Inc. Method for mapping packets to network virtualization instances
US8448238B1 (en) 2013-01-23 2013-05-21 Sideband Networks, Inc. Network security as a service using virtual secure channels
KR101428999B1 (en) * 2013-04-12 2014-08-12 주식회사 엑스게이트 Packet filtering method and firewall using dns information
US9602470B2 (en) * 2013-05-23 2017-03-21 Sercomm Corporation Network device, IPsec system and method for establishing IPsec tunnel using the same
US20220360566A1 (en) * 2015-07-31 2022-11-10 Nicira, Inc. Distributed tunneling for vpn
US10257280B2 (en) 2015-12-28 2019-04-09 Carbonite, Inc. Systems and methods for remote management of appliances
US10567516B2 (en) * 2017-02-24 2020-02-18 Wyse Technology L.L.C. Sharing local network resources with a remote VDI instance
CN107197005B (en) * 2017-05-12 2020-12-29 广州视源电子科技股份有限公司 Data transmission method and device, client, server and data transmission system
CN114157534B (en) * 2021-12-14 2023-04-25 福达新创通讯科技(厦门)有限公司 Distributed multi-tributary VPN communication, system and storage medium

Family Cites Families (136)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6850252B1 (en) * 1999-10-05 2005-02-01 Steven M. Hoffberg Intelligent electronic appliance system and method
US5835726A (en) 1993-12-15 1998-11-10 Check Point Software Technologies Ltd. System for securing the flow of and selectively modifying packets in a computer network
JP3003907B2 (en) * 1994-05-10 2000-01-31 三菱電機株式会社 Server / client type system
US5623492A (en) * 1995-03-24 1997-04-22 U S West Technologies, Inc. Methods and systems for managing bandwidth resources in a fast packet switching network
US6178409B1 (en) * 1996-06-17 2001-01-23 Verifone, Inc. System, method and article of manufacture for multiple-entry point virtual point of sale architecture
US5889863A (en) * 1996-06-17 1999-03-30 Verifone, Inc. System, method and article of manufacture for remote virtual point of sale processing utilizing a multichannel, extensible, flexible architecture
US5987132A (en) 1996-06-17 1999-11-16 Verifone, Inc. System, method and article of manufacture for conditionally accepting a payment method utilizing an extensible, flexible architecture
US6253027B1 (en) * 1996-06-17 2001-06-26 Hewlett-Packard Company System, method and article of manufacture for exchanging software and configuration data over a multichannel, extensible, flexible architecture
US6119105A (en) * 1996-06-17 2000-09-12 Verifone, Inc. System, method and article of manufacture for initiation of software distribution from a point of certificate creation utilizing an extensible, flexible architecture
US5983208A (en) 1996-06-17 1999-11-09 Verifone, Inc. System, method and article of manufacture for handling transaction results in a gateway payment architecture utilizing a multichannel, extensible, flexible architecture
US6072870A (en) * 1996-06-17 2000-06-06 Verifone Inc. System, method and article of manufacture for a gateway payment architecture utilizing a multichannel, extensible, flexible architecture
US6324525B1 (en) 1996-06-17 2001-11-27 Hewlett-Packard Company Settlement of aggregated electronic transactions over a network
US6002767A (en) 1996-06-17 1999-12-14 Verifone, Inc. System, method and article of manufacture for a modular gateway server architecture
US5943424A (en) * 1996-06-17 1999-08-24 Hewlett-Packard Company System, method and article of manufacture for processing a plurality of transactions from a single initiation point on a multichannel, extensible, flexible architecture
US6373950B1 (en) * 1996-06-17 2002-04-16 Hewlett-Packard Company System, method and article of manufacture for transmitting messages within messages utilizing an extensible, flexible architecture
US5850446A (en) 1996-06-17 1998-12-15 Verifone, Inc. System, method and article of manufacture for virtual point of sale processing utilizing an extensible, flexible architecture
US5812668A (en) 1996-06-17 1998-09-22 Verifone, Inc. System, method and article of manufacture for verifying the operation of a remote transaction clearance system utilizing a multichannel, extensible, flexible architecture
US6026379A (en) * 1996-06-17 2000-02-15 Verifone, Inc. System, method and article of manufacture for managing transactions in a high availability system
US6272556B1 (en) * 1996-07-01 2001-08-07 Sun Microsystems, Inc. Object-oriented system, method and article of manufacture for migrating a client-server application (#5)
US5978840A (en) 1996-09-26 1999-11-02 Verifone, Inc. System, method and article of manufacture for a payment gateway system architecture for processing encrypted payment transactions utilizing a multichannel, extensible, flexible architecture
US5931917A (en) * 1996-09-26 1999-08-03 Verifone, Inc. System, method and article of manufacture for a gateway system architecture with system administration information accessible from a browser
US6101543A (en) * 1996-10-25 2000-08-08 Digital Equipment Corporation Pseudo network adapter for frame capture, encapsulation and encryption
US6026440A (en) * 1997-01-27 2000-02-15 International Business Machines Corporation Web server account manager plug-in for monitoring resources
US5996076A (en) 1997-02-19 1999-11-30 Verifone, Inc. System, method and article of manufacture for secure digital certification of electronic commerce
US6282172B1 (en) * 1997-04-01 2001-08-28 Yipes Communications, Inc. Generating acknowledgement signals in a data communication system
US5958016A (en) * 1997-07-13 1999-09-28 Bell Atlantic Network Services, Inc. Internet-web link for access to intelligent network service control
US6006268A (en) * 1997-07-31 1999-12-21 Cisco Technology, Inc. Method and apparatus for reducing overhead on a proxied connection
US6061796A (en) * 1997-08-26 2000-05-09 V-One Corporation Multi-access virtual private network
IL126149A (en) 1997-09-09 2003-07-31 Sanctum Ltd Method and system for protecting operations of trusted internal networks
US6023724A (en) * 1997-09-26 2000-02-08 3Com Corporation Apparatus and methods for use therein for an ISDN LAN modem that displays fault information to local hosts through interception of host DNS request messages
AU757557B2 (en) * 1997-11-13 2003-02-27 Intellectual Ventures I Llc File transfer system
AU1421799A (en) * 1997-11-25 1999-06-15 Packeteer, Inc. Method for automatically classifying traffic in a packet communications network
US6327242B1 (en) 1998-03-17 2001-12-04 Infolibria, Inc. Message redirector with cut-through switch for highly reliable and efficient network traffic processor deployment
US6590588B2 (en) * 1998-05-29 2003-07-08 Palm, Inc. Wireless, radio-frequency communications using a handheld computer
US6308273B1 (en) * 1998-06-12 2001-10-23 Microsoft Corporation Method and system of security location discrimination
WO1999066675A1 (en) * 1998-06-19 1999-12-23 Unisphere Solutions, Inc. A quality of service facility in a device for performing ip forwarding and atm switching
US6452915B1 (en) * 1998-07-10 2002-09-17 Malibu Networks, Inc. IP-flow classification in a wireless point to multi-point (PTMP) transmission system
US6640248B1 (en) 1998-07-10 2003-10-28 Malibu Networks, Inc. Application-aware, quality of service (QoS) sensitive, media access control (MAC) layer
GB2341523B (en) * 1998-09-12 2003-10-29 Ibm Apparatus and method for establishing communication in a computer network
US6253327B1 (en) * 1998-12-02 2001-06-26 Cisco Technology, Inc. Single step network logon based on point to point protocol
US6697844B1 (en) * 1998-12-08 2004-02-24 Lucent Technologies, Inc. Internet browsing using cache-based compaction
US6333931B1 (en) 1998-12-28 2001-12-25 Cisco Technology, Inc. Method and apparatus for interconnecting a circuit-switched telephony network and a packet-switched data network, and applications thereof
US6760748B1 (en) 1999-01-20 2004-07-06 Accenture Llp Instructional system grouping student terminals
US6615357B1 (en) * 1999-01-29 2003-09-02 International Business Machines Corporation System and method for network address translation integration with IP security
US6662221B1 (en) * 1999-04-12 2003-12-09 Lucent Technologies Inc. Integrated network and service management with automated flow through configuration and provisioning of virtual private networks
US7103068B1 (en) * 1999-05-04 2006-09-05 Sprint Communication Company L.P. System and method for configuring bandwidth transmission rates for call connections
US6611822B1 (en) * 1999-05-05 2003-08-26 Ac Properties B.V. System method and article of manufacture for creating collaborative application sharing
US6505230B1 (en) 1999-05-14 2003-01-07 Pivia, Inc. Client-server independent intermediary mechanism
US6792615B1 (en) 1999-05-19 2004-09-14 New Horizons Telecasting, Inc. Encapsulated, streaming media automation and distribution system
US6519571B1 (en) * 1999-05-27 2003-02-11 Accenture Llp Dynamic customer profile management
US6473794B1 (en) 1999-05-27 2002-10-29 Accenture Llp System for establishing plan to test components of web based framework by displaying pictorial representation and conveying indicia coded components of existing network framework
US6536037B1 (en) * 1999-05-27 2003-03-18 Accenture Llp Identification of redundancies and omissions among components of a web based architecture
US6721713B1 (en) 1999-05-27 2004-04-13 Andersen Consulting Llp Business alliance identification in a web architecture framework
US6615166B1 (en) * 1999-05-27 2003-09-02 Accenture Llp Prioritizing components of a network framework required for implementation of technology
US7882247B2 (en) * 1999-06-11 2011-02-01 Netmotion Wireless, Inc. Method and apparatus for providing secure connectivity in mobile and other intermittent computing environments
US6633878B1 (en) 1999-07-30 2003-10-14 Accenture Llp Initializing an ecommerce database framework
US6609128B1 (en) * 1999-07-30 2003-08-19 Accenture Llp Codes table framework design in an E-commerce architecture
US6601233B1 (en) * 1999-07-30 2003-07-29 Accenture Llp Business components framework
US6718535B1 (en) 1999-07-30 2004-04-06 Accenture Llp System, method and article of manufacture for an activity framework design in an e-commerce based environment
US6704873B1 (en) 1999-07-30 2004-03-09 Accenture Llp Secure gateway interconnection in an e-commerce based environment
US6523027B1 (en) * 1999-07-30 2003-02-18 Accenture Llp Interfacing servers in a Java based e-commerce architecture
US6339832B1 (en) * 1999-08-31 2002-01-15 Accenture Llp Exception response table in environment services patterns
US6345239B1 (en) * 1999-08-31 2002-02-05 Accenture Llp Remote demonstration of business capabilities in an e-commerce environment
US6615199B1 (en) * 1999-08-31 2003-09-02 Accenture, Llp Abstraction factory in a base services pattern environment
US6477580B1 (en) 1999-08-31 2002-11-05 Accenture Llp Self-described stream in a communication services patterns environment
US6289382B1 (en) * 1999-08-31 2001-09-11 Andersen Consulting, Llp System, method and article of manufacture for a globally addressable interface in a communication services patterns environment
US6640244B1 (en) 1999-08-31 2003-10-28 Accenture Llp Request batcher in a transaction services patterns environment
US6601234B1 (en) * 1999-08-31 2003-07-29 Accenture Llp Attribute dictionary in a business logic services environment
US6529948B1 (en) * 1999-08-31 2003-03-04 Accenture Llp Multi-object fetch component
US6496850B1 (en) 1999-08-31 2002-12-17 Accenture Llp Clean-up of orphaned server contexts
US6502213B1 (en) 1999-08-31 2002-12-31 Accenture Llp System, method, and article of manufacture for a polymorphic exception handler in environment services patterns
US6442748B1 (en) * 1999-08-31 2002-08-27 Accenture Llp System, method and article of manufacture for a persistent state and persistent object separator in an information services patterns environment
US6640249B1 (en) 1999-08-31 2003-10-28 Accenture Llp Presentation services patterns in a netcentric environment
US6697824B1 (en) * 1999-08-31 2004-02-24 Accenture Llp Relationship management in an E-commerce application framework
US6434628B1 (en) * 1999-08-31 2002-08-13 Accenture Llp Common interface for handling exception interface name with additional prefix and suffix for handling exceptions in environment services patterns
US6636242B2 (en) 1999-08-31 2003-10-21 Accenture Llp View configurer in a presentation services patterns environment
US6578068B1 (en) * 1999-08-31 2003-06-10 Accenture Llp Load balancer in environment services patterns
US6640238B1 (en) 1999-08-31 2003-10-28 Accenture Llp Activity component in a presentation services patterns environment
US6715145B1 (en) 1999-08-31 2004-03-30 Accenture Llp Processing pipeline in a base services pattern environment
US6571282B1 (en) * 1999-08-31 2003-05-27 Accenture Llp Block-based communication in a communication services patterns environment
US6550057B1 (en) * 1999-08-31 2003-04-15 Accenture Llp Piecemeal retrieval in an information services patterns environment
US6539396B1 (en) * 1999-08-31 2003-03-25 Accenture Llp Multi-object identifier system and method for information service pattern environment
US6438594B1 (en) * 1999-08-31 2002-08-20 Accenture Llp Delivering service to a client via a locally addressable interface
US6427132B1 (en) * 1999-08-31 2002-07-30 Accenture Llp System, method and article of manufacture for demonstrating E-commerce capabilities via a simulation on a network
US6434568B1 (en) * 1999-08-31 2002-08-13 Accenture Llp Information services patterns in a netcentric environment
US6615253B1 (en) * 1999-08-31 2003-09-02 Accenture Llp Efficient server side data retrieval for execution of client side applications
US6742015B1 (en) 1999-08-31 2004-05-25 Accenture Llp Base services patterns in a netcentric environment
US6611867B1 (en) * 1999-08-31 2003-08-26 Accenture Llp System, method and article of manufacture for implementing a hybrid network
US6606660B1 (en) * 1999-08-31 2003-08-12 Accenture Llp Stream-based communication in a communication services patterns environment
US6477665B1 (en) 1999-08-31 2002-11-05 Accenture Llp System, method, and article of manufacture for environment services patterns in a netcentic environment
US6529909B1 (en) * 1999-08-31 2003-03-04 Accenture Llp Method for translating an object attribute converter in an information services patterns environment
US6601192B1 (en) * 1999-08-31 2003-07-29 Accenture Llp Assertion component in environment services patterns
US6549949B1 (en) * 1999-08-31 2003-04-15 Accenture Llp Fixed format stream in a communication services patterns environment
US6332163B1 (en) 1999-09-01 2001-12-18 Accenture, Llp Method for providing communication services over a computer network system
US6732269B1 (en) 1999-10-01 2004-05-04 International Business Machines Corporation Methods, systems and computer program products for enhanced security identity utilizing an SSL proxy
US6671818B1 (en) 1999-11-22 2003-12-30 Accenture Llp Problem isolation through translating and filtering events into a standard object format in a network based supply chain
US6606744B1 (en) * 1999-11-22 2003-08-12 Accenture, Llp Providing collaborative installation management in a network-based supply chain environment
US6496776B1 (en) 2000-02-29 2002-12-17 Brad W. Blumberg Position-based information access device and method
US8380854B2 (en) * 2000-03-21 2013-02-19 F5 Networks, Inc. Simplified method for processing multiple connections from the same client
US6701514B1 (en) 2000-03-27 2004-03-02 Accenture Llp System, method, and article of manufacture for test maintenance in an automated scripting framework
US6502102B1 (en) 2000-03-27 2002-12-31 Accenture Llp System, method and article of manufacture for a table-driven automated scripting architecture
US6553377B1 (en) * 2000-03-31 2003-04-22 Network Associates, Inc. System and process for maintaining a plurality of remote security applications using a modular framework in a distributed computing environment
US6981041B2 (en) * 2000-04-13 2005-12-27 Aep Networks, Inc. Apparatus and accompanying methods for providing, through a centralized server site, an integrated virtual office environment, remotely accessible via a network-connected web browser, with remote network monitoring and management capabilities
US6732314B1 (en) 2000-05-26 2004-05-04 3Com Corporation Method and apparatus for L2TP forward error correction
US7336682B2 (en) * 2000-07-25 2008-02-26 Juniper Networks, Inc. Network architecture and methods for transparent on-line cross-sessional encoding and transport of network communications data
US7221660B1 (en) * 2000-08-08 2007-05-22 E.F. Johnson Company System and method for multicast communications using real time transport protocol (RTP)
US6691227B1 (en) * 2000-09-08 2004-02-10 Reefedge, Inc. Location-independent packet routing and secure access in a short-range wireless networking environment
US20020038339A1 (en) * 2000-09-08 2002-03-28 Wei Xu Systems and methods for packet distribution
US8250357B2 (en) * 2000-09-13 2012-08-21 Fortinet, Inc. Tunnel interface for securing traffic over a network
US7958185B2 (en) * 2000-09-18 2011-06-07 Bentley Systems, Inc. Spatial data enabled engineering, construction, and operations computer-aided design (CAD) project system, method and computer program product
US6735601B1 (en) 2000-12-29 2004-05-11 Vmware, Inc. System and method for remote file access by computer
US7096009B2 (en) * 2001-03-09 2006-08-22 Research In Motion Limited Advanced voice and data operations in a mobile data communication device
US7533409B2 (en) * 2001-03-22 2009-05-12 Corente, Inc. Methods and systems for firewalling virtual private networks
US8200818B2 (en) * 2001-07-06 2012-06-12 Check Point Software Technologies, Inc. System providing internet access management with router-based policy enforcement
US6873988B2 (en) * 2001-07-06 2005-03-29 Check Point Software Technologies, Inc. System and methods providing anti-virus cooperative enforcement
US20040107360A1 (en) * 2002-12-02 2004-06-03 Zone Labs, Inc. System and Methodology for Policy Enforcement
US7908472B2 (en) * 2001-07-06 2011-03-15 Juniper Networks, Inc. Secure sockets layer cut through architecture
US7546629B2 (en) * 2002-03-06 2009-06-09 Check Point Software Technologies, Inc. System and methodology for security policy arbitration
AU2002323364A1 (en) * 2001-08-24 2003-03-10 Peribit Networks, Inc. Dynamic multi-point meshed overlay network
US20030046586A1 (en) * 2001-09-05 2003-03-06 Satyam Bheemarasetti Secure remote access to data between peers
US20030046587A1 (en) * 2001-09-05 2003-03-06 Satyam Bheemarasetti Secure remote access using enterprise peer networks
US7631084B2 (en) * 2001-11-02 2009-12-08 Juniper Networks, Inc. Method and system for providing secure access to private networks with client redirection
AU2002357711A1 (en) * 2001-11-13 2003-05-26 Ems Technologies, Inc. Flow control between performance enhancing proxies over variable bandwidth split links
US7707287B2 (en) * 2002-03-22 2010-04-27 F5 Networks, Inc. Virtual host acceleration system
WO2003083692A1 (en) * 2002-03-27 2003-10-09 First Virtual Communications System and method for traversing firewalls with protocol communications
US6826627B2 (en) * 2002-09-03 2004-11-30 Burnbag, Ltd. Data transformation architecture
US20040078772A1 (en) * 2002-10-16 2004-04-22 Cosine Communications, Inc. Dynamic route exchange
TWI234969B (en) * 2002-11-26 2005-06-21 Ind Tech Res Inst Dynamic network address translation system and method of transparent private network device
WO2004051964A2 (en) * 2002-12-03 2004-06-17 Funk Software, Inc. Tunneled authentication protocol for preventing man-in-the-middle attacks
WO2005043360A1 (en) * 2003-10-21 2005-05-12 Green Border Technologies Systems and methods for secure client applications
US7584500B2 (en) * 2003-11-19 2009-09-01 Hughes Network Systems, Llc Pre-fetching secure content using proxy architecture
WO2005059684A2 (en) * 2003-12-10 2005-06-30 Aventail Corporation End point control
US8572249B2 (en) * 2003-12-10 2013-10-29 Aventail Llc Network appliance for balancing load and platform services
US7555772B2 (en) * 2004-01-26 2009-06-30 Juniper Networks, Inc. Wireless firewall with tear down messaging
US9626655B2 (en) * 2004-02-19 2017-04-18 Intellectual Ventures I Llc Method, apparatus and system for regulating electronic mail
US7757074B2 (en) * 2004-06-30 2010-07-13 Citrix Application Networking, Llc System and method for establishing a virtual private network

Also Published As

Publication number Publication date
WO2005048106A3 (en) 2005-06-23
KR20070026331A (en) 2007-03-08
US7496097B2 (en) 2009-02-24
WO2005048106A2 (en) 2005-05-26
CA2545496C (en) 2012-10-30
JP2007533172A (en) 2007-11-15
EP1683020A4 (en) 2011-08-31
US20050185647A1 (en) 2005-08-25
EP1683020B1 (en) 2018-01-24
EP1683020A2 (en) 2006-07-26

Similar Documents

Publication Publication Date Title
CA2545496A1 (en) Virtual private network with pseudo server
US8995453B2 (en) Systems and methods for providing a VPN solution
EP2400693B1 (en) Routing and service performance management in an application acceleration environment
US9264356B2 (en) Network gateway apparatus
WO2004023263A3 (en) System for allowing network traffic through firewalls
CN1879388A (en) Dual mode firewall
US8601567B2 (en) Firewall for tunneled IPv6 traffic
US7249191B1 (en) Transparent bridge that terminates TCP connections
US10742768B2 (en) Relaying system and method of transmitting IP address of client to server using encapsulation protocol
De Clercq et al. Connecting IPv6 islands over IPv4 MPLS using IPv6 provider edge routers (6PE)
WO2013113171A1 (en) Flow identification method, device, and system
CN111262715B (en) Virtual intranet acceleration method and system and computer equipment
CN115189920A (en) Cross-network domain communication method and related device
CN102255808B (en) Congestion notification method, device, system and network equipment
CN102932229A (en) Method for carrying out encryption and decryption processing on data packet
CN103716240B (en) Message forwarding method, message receiving method and corresponding equipment
CN1306761C (en) Method for transmitting Ethernet message by Internet
CN102984167B (en) Traversal method for universal firewall based on Socks5 protocol
CN101150510B (en) A method and device for realizing GRE protocol compatible IPinIP protocol
Johanson et al. Relaying controller area network frames over wireless internetworks for automotive testing applications
CN108337331A (en) Network penetrating method, device, system and network connectivty inspection method
JP2003163690A5 (en)
JP3827613B2 (en) Router device
De Clercq et al. RFC 4798: Connecting IPv6 Islands over IPv4 MPLS Using IPv6 Provider Edge Routers (6PE)
JP2007068220A (en) Virtual router

Legal Events

Date Code Title Description
EEER Examination request