CA2545496A1 - Virtual private network with pseudo server - Google Patents
Virtual private network with pseudo server Download PDFInfo
- Publication number
- CA2545496A1 CA2545496A1 CA002545496A CA2545496A CA2545496A1 CA 2545496 A1 CA2545496 A1 CA 2545496A1 CA 002545496 A CA002545496 A CA 002545496A CA 2545496 A CA2545496 A CA 2545496A CA 2545496 A1 CA2545496 A1 CA 2545496A1
- Authority
- CA
- Canada
- Prior art keywords
- server
- target
- packet traffic
- packet
- pseudo
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000004891 communication Methods 0.000 claims abstract 15
- 238000007689 inspection Methods 0.000 claims abstract 12
- 238000000034 method Methods 0.000 claims abstract 9
- 230000008929 regeneration Effects 0.000 claims abstract 6
- 238000011069 regeneration method Methods 0.000 claims abstract 6
- 238000006243 chemical reaction Methods 0.000 claims 2
- 230000005540 biological transmission Effects 0.000 claims 1
- 238000001914 filtration Methods 0.000 claims 1
- 238000013507 mapping Methods 0.000 claims 1
- 239000003607 modifier Substances 0.000 claims 1
- 230000001172 regenerating effect Effects 0.000 claims 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/02—Details
- H04L12/22—Arrangements for preventing the taking of data from a data transmission channel without authorisation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0272—Virtual private networks
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/30—Monitoring
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F15/00—Digital computers in general; Data processing equipment in general
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/46—Interconnection of networks
- H04L12/4641—Virtual LANs, VLANs, e.g. virtual private networks [VPN]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/16—Implementing security features at a particular protocol layer
- H04L63/164—Implementing security features at a particular protocol layer at the network layer
Abstract
A system, apparatus and a method for implementing a secured communications link at a layer other than that at which packets are filtered are disclosed.
In one embodiment, a computer system is configured to form a virtual private network ("VPN") and comprises an address inspection driver to identify initial target packet traffic addressed to a target server. Also, the computer system includes a pseudo server module to receive rerouted initial target packet traffic from the address inspection driver. The pseudo server module is configured to convey packet regeneration instructions to a VPN gateway. The address inspection driver functions to identify additional target packet traffic addressed to the target server and routes the additional target packet traffic to the pseudo server. In one embodiment, the pseudo server is configured to strip header information from the additional target packet traffic to form a payload, and thereafter, to route the payload to the target server.
In one embodiment, a computer system is configured to form a virtual private network ("VPN") and comprises an address inspection driver to identify initial target packet traffic addressed to a target server. Also, the computer system includes a pseudo server module to receive rerouted initial target packet traffic from the address inspection driver. The pseudo server module is configured to convey packet regeneration instructions to a VPN gateway. The address inspection driver functions to identify additional target packet traffic addressed to the target server and routes the additional target packet traffic to the pseudo server. In one embodiment, the pseudo server is configured to strip header information from the additional target packet traffic to form a payload, and thereafter, to route the payload to the target server.
Claims (23)
1. A method for securing communications with a remote client computing device by establishing a virtual private network, comprising:
generating packet traffic with a communication application running on a client computing device;
identifying at said client computing device target packet traffic of said packet traffic that is addressed to a target server;
forming a secure communications link between a pseudo server module on said computing device and said target server;
directing additional packet traffic addressed to said target server to said pseudo server module;
sending an acknowledgment to said communication application upon receipt of said additional packet traffic rerouted to said pseudo server module; and routing a payload to said target server.
generating packet traffic with a communication application running on a client computing device;
identifying at said client computing device target packet traffic of said packet traffic that is addressed to a target server;
forming a secure communications link between a pseudo server module on said computing device and said target server;
directing additional packet traffic addressed to said target server to said pseudo server module;
sending an acknowledgment to said communication application upon receipt of said additional packet traffic rerouted to said pseudo server module; and routing a payload to said target server.
2. The method of claim 1 wherein identifying at said client computing device said target packet traffic comprises:
inspecting said packet traffic at an address inspection driver;
matching information of said packet traffic to an address representing said target server; and filtering a subset of said packet traffic bound for said address representing said target server as said traffic packet traffic to be rerouted to said pseudo server module.
inspecting said packet traffic at an address inspection driver;
matching information of said packet traffic to an address representing said target server; and filtering a subset of said packet traffic bound for said address representing said target server as said traffic packet traffic to be rerouted to said pseudo server module.
3. The method of claim 1 wherein forming said secure communications link between said pseudo server and said target server comprises:
rerouting said target packet traffic to said pseudo server module on said client computing device, said pseudo server module conveying packet regeneration instructions to said target server;
receiving a link acknowledgment from said target server in response to receipt of said packet regeneration instructions at said target server; and conveying said link acknowledgment to said communication application.
rerouting said target packet traffic to said pseudo server module on said client computing device, said pseudo server module conveying packet regeneration instructions to said target server;
receiving a link acknowledgment from said target server in response to receipt of said packet regeneration instructions at said target server; and conveying said link acknowledgment to said communication application.
4. The method of claim 3 wherein conveying said packet regeneration instructions comprises including information for regenerating header information at said target server.
5. The method of claim 4 wherein including information further comprises including conversion information from converting said target packet traffic from a first format to a second format.
6. The method of claim 5 wherein including conversion information includes information for converting said first format associated with the Transmission Control Protocol ("TCP") to a second format associated with the User Data Protocol ("UDP").
7. The method of claim 1 wherein routing said payload to said target server comprises stripping header information from said additional packet traffic to form a payload.
8. The method of claim 1 wherein said acknowledgement is a false acknowledgment.
9. A computer system for forming a virtual private network, comprising:
an address inspection driver to identify initial target packet traffic addressed to a target server; and a pseudo server module to receive rerouted initial target packet traffic from said address inspection driver, said pseudo server module conveying packet regeneration instructions to said target server;
wherein said address inspection driver identifies additional target packet traffic addressed to said target server and routes said additional target packet traffic to said pseudo server; and wherein said pseudo server strips header information from said additional target packet traffic to form a payload and thereafter routes said payload to said target server.
an address inspection driver to identify initial target packet traffic addressed to a target server; and a pseudo server module to receive rerouted initial target packet traffic from said address inspection driver, said pseudo server module conveying packet regeneration instructions to said target server;
wherein said address inspection driver identifies additional target packet traffic addressed to said target server and routes said additional target packet traffic to said pseudo server; and wherein said pseudo server strips header information from said additional target packet traffic to form a payload and thereafter routes said payload to said target server.
10. The computer system of claim 9 further comprising a driver mapping data structure configured to include source information and destination information against which said address inspection driver compares packet information from said initial packet traffic.
11. The computer system of claim 9 wherein said address inspection driver is configured to filter said additional target packet traffic from passing unencrypted to said target server when at least a portion of said packet information matches at least a portion of said destination information.
12. The computer system of claim 9 wherein said address inspection driver is configured to generate a control packet that is rerouted to said pseudo server in association with said initial target packet traffic.
13. The computer system of claim 12 wherein said control packet includes source and destination information of said initial target packet traffic for detecting packet traffic originating at said target server.
14. The computer system of claim 9 wherein said packet regeneration instructions are configured to direct said target server to regenerate said target packet traffic to form regenerated packet traffic including regenerated header information and said payload.
15. The computer system of claim 9 further comprising a protocol stack in which said address inspection driver resides at or near the network layer and said pseudo server module resides at or near said transportation layer, said network layer and transportation layer being layers in accordance with the Open System Interconnection model.
16. The computer system of claim 15 wherein said address inspection driver inspects and filters packets at or near said network layer, thereby supporting any routing protocol with which to establish a secured communications link in said virtual private network.
17. The computer system of claim 17 wherein said pseudo server passes encrypted packets onto a secured communications link originating at or near said transportation layer, thereby enabling said encrypted packets to pass through network address translation ("NAT")-enabled network devices.
18 18. A virtual private network, comprising:
a client machine configured as a pseudo server machine with respect to a communication application running on said client machine, such that said communication application receives packet traffic acknowledgements from said pseudo server machine; and a virtual private network gateway operative with a server machine to function as a client machine with respect to said pseudo server machine to facilitate secure communications between said client machine and said server machine.
a client machine configured as a pseudo server machine with respect to a communication application running on said client machine, such that said communication application receives packet traffic acknowledgements from said pseudo server machine; and a virtual private network gateway operative with a server machine to function as a client machine with respect to said pseudo server machine to facilitate secure communications between said client machine and said server machine.
19. The virtual private network of claim 17 wherein said virtual private network gateway selectably conceals from said server machine an address of said client machine running said communication application.
20. The virtual private network of claim 17 wherein said pseudo server machine includes an acknowledgement generator module for generating said packet traffic acknowledgements as false acknowledgments.
21. The virtual private network of claim 17 wherein said pseudo server machine includes a packet modifier module configured to modify packets representing said secure communications to form modified packets by stripping header information therefrom.
22. The virtual private network of claim 21 wherein said pseudo server machine is configured to form a raw socket at a socket layer with which to pass said secure communications.
23. The virtual private network of claim 17 wherein said pseudo server machine includes a flag-UDP-as-TCP module configured to modify a flag in a UDP packet to indicate said UDP packet is a TCP packet, thereby forming a pseudo-UDP packet.
Applications Claiming Priority (5)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US51830503P | 2003-11-11 | 2003-11-11 | |
US60/518,305 | 2003-11-11 | ||
US52499903P | 2003-11-24 | 2003-11-24 | |
US60/524,999 | 2003-11-24 | ||
PCT/US2004/037918 WO2005048106A2 (en) | 2003-11-11 | 2004-11-12 | Virtual private network with pseudo server |
Publications (2)
Publication Number | Publication Date |
---|---|
CA2545496A1 true CA2545496A1 (en) | 2005-05-26 |
CA2545496C CA2545496C (en) | 2012-10-30 |
Family
ID=34594904
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CA2545496A Active CA2545496C (en) | 2003-11-11 | 2004-11-12 | Virtual private network with pseudo server |
Country Status (6)
Country | Link |
---|---|
US (1) | US7496097B2 (en) |
EP (1) | EP1683020B1 (en) |
JP (1) | JP2007533172A (en) |
KR (1) | KR20070026331A (en) |
CA (1) | CA2545496C (en) |
WO (1) | WO2005048106A2 (en) |
Families Citing this family (72)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7117239B1 (en) | 2000-07-28 | 2006-10-03 | Axeda Corporation | Reporting the state of an apparatus to a remote computer |
US7185014B1 (en) | 2000-09-22 | 2007-02-27 | Axeda Corporation | Retrieving data from a server |
US8108543B2 (en) | 2000-09-22 | 2012-01-31 | Axeda Corporation | Retrieving data from a server |
US7254601B2 (en) | 2001-12-20 | 2007-08-07 | Questra Corporation | Method and apparatus for managing intelligent assets in a distributed environment |
US7178149B2 (en) | 2002-04-17 | 2007-02-13 | Axeda Corporation | XML scripting of soap commands |
US8910241B2 (en) | 2002-04-25 | 2014-12-09 | Citrix Systems, Inc. | Computer security system |
US7966418B2 (en) | 2003-02-21 | 2011-06-21 | Axeda Corporation | Establishing a virtual tunnel between two computer programs |
US7978716B2 (en) | 2003-11-24 | 2011-07-12 | Citrix Systems, Inc. | Systems and methods for providing a VPN solution |
US8065418B1 (en) | 2004-02-02 | 2011-11-22 | Apple Inc. | NAT traversal for media conferencing |
US7757074B2 (en) | 2004-06-30 | 2010-07-13 | Citrix Application Networking, Llc | System and method for establishing a virtual private network |
US8739274B2 (en) | 2004-06-30 | 2014-05-27 | Citrix Systems, Inc. | Method and device for performing integrated caching in a data communication network |
US8495305B2 (en) | 2004-06-30 | 2013-07-23 | Citrix Systems, Inc. | Method and device for performing caching of dynamically generated objects in a data communication network |
KR20070037650A (en) | 2004-07-23 | 2007-04-05 | 사이트릭스 시스템스, 인크. | A method and systems for routing packets from an endpoint to a gateway |
US8914522B2 (en) | 2004-07-23 | 2014-12-16 | Citrix Systems, Inc. | Systems and methods for facilitating a peer to peer route via a gateway |
JP4759382B2 (en) * | 2004-12-21 | 2011-08-31 | 株式会社リコー | COMMUNICATION DEVICE, COMMUNICATION METHOD, COMMUNICATION PROGRAM, AND RECORDING MEDIUM |
EP1832054B1 (en) * | 2004-12-23 | 2018-03-21 | Symantec Corporation | Method and apparatus for network packet capture distributed storage system |
US20100195538A1 (en) * | 2009-02-04 | 2010-08-05 | Merkey Jeffrey V | Method and apparatus for network packet capture distributed storage system |
US8549149B2 (en) | 2004-12-30 | 2013-10-01 | Citrix Systems, Inc. | Systems and methods for providing client-side accelerated access to remote applications via TCP multiplexing |
US7810089B2 (en) | 2004-12-30 | 2010-10-05 | Citrix Systems, Inc. | Systems and methods for automatic installation and execution of a client-side acceleration program |
US8954595B2 (en) | 2004-12-30 | 2015-02-10 | Citrix Systems, Inc. | Systems and methods for providing client-side accelerated access to remote applications via TCP buffering |
US8706877B2 (en) | 2004-12-30 | 2014-04-22 | Citrix Systems, Inc. | Systems and methods for providing client-side dynamic redirection to bypass an intermediary |
US8255456B2 (en) | 2005-12-30 | 2012-08-28 | Citrix Systems, Inc. | System and method for performing flash caching of dynamically generated objects in a data communication network |
FI118316B (en) * | 2005-02-14 | 2007-09-28 | Teliasonera Ab | Communication channel between at least two private networks |
US8527756B2 (en) * | 2005-10-06 | 2013-09-03 | Cisco Technology, Inc. | Security device and building block functions |
US7921184B2 (en) | 2005-12-30 | 2011-04-05 | Citrix Systems, Inc. | System and method for performing flash crowd caching of dynamically generated objects in a data communication network |
US8301839B2 (en) | 2005-12-30 | 2012-10-30 | Citrix Systems, Inc. | System and method for performing granular invalidation of cached dynamically generated objects in a data communication network |
US8869262B2 (en) | 2006-08-03 | 2014-10-21 | Citrix Systems, Inc. | Systems and methods for application based interception of SSL/VPN traffic |
US7843912B2 (en) * | 2006-08-03 | 2010-11-30 | Citrix Systems, Inc. | Systems and methods of fine grained interception of network communications on a virtual private network |
US8495181B2 (en) * | 2006-08-03 | 2013-07-23 | Citrix Systems, Inc | Systems and methods for application based interception SSI/VPN traffic |
US8370479B2 (en) | 2006-10-03 | 2013-02-05 | Axeda Acquisition Corporation | System and method for dynamically grouping devices based on present device conditions |
US20080155052A1 (en) * | 2006-12-22 | 2008-06-26 | Texas Instruments, Inc. | Method And System For Capture, Display And Network Analysis For A Wireless Access Point |
US8065397B2 (en) | 2006-12-26 | 2011-11-22 | Axeda Acquisition Corporation | Managing configurations of distributed devices |
US7990969B2 (en) * | 2007-06-22 | 2011-08-02 | Verizon Patent And Licensing Inc. | Multiprotocol label switching (MPLS) interface with virtual private network (VPN) application |
US8516539B2 (en) | 2007-11-09 | 2013-08-20 | Citrix Systems, Inc | System and method for inferring access policies from access event records |
US8990910B2 (en) | 2007-11-13 | 2015-03-24 | Citrix Systems, Inc. | System and method using globally unique identities |
JP4498406B2 (en) * | 2007-11-21 | 2010-07-07 | 株式会社東芝 | Network virtualization system, relay device, and program |
KR100930037B1 (en) * | 2007-12-17 | 2009-12-07 | 한국전자통신연구원 | Network address translation simulation method and system |
US8218459B1 (en) * | 2007-12-20 | 2012-07-10 | Genbrand US LLC | Topology hiding of a network for an administrative interface between networks |
US8364847B2 (en) * | 2008-02-29 | 2013-01-29 | Microsoft Corporation | Address management in a connectivity platform |
US8825883B2 (en) * | 2008-02-29 | 2014-09-02 | Microsoft Corporation | Connectivity platform |
US20090234953A1 (en) * | 2008-03-11 | 2009-09-17 | Palm, Inc. | Apparatus and methods for integration of third party virtual private network solutions |
US9240945B2 (en) | 2008-03-19 | 2016-01-19 | Citrix Systems, Inc. | Access, priority and bandwidth management based on application identity |
WO2009115132A1 (en) * | 2008-03-20 | 2009-09-24 | Telefonaktiebolaget Lm Ericsson (Publ) | Method and apparatus for use in a communications network |
TWI502952B (en) * | 2008-03-25 | 2015-10-01 | Chunghwa Telecom Co Ltd | Digital switch traffic routing auditing method |
US8943575B2 (en) | 2008-04-30 | 2015-01-27 | Citrix Systems, Inc. | Method and system for policy simulation |
CN101572643B (en) * | 2008-04-30 | 2011-06-22 | 成都市华为赛门铁克科技有限公司 | Method and system for realizing data transmission among private networks |
US8625642B2 (en) | 2008-05-23 | 2014-01-07 | Solera Networks, Inc. | Method and apparatus of network artifact indentification and extraction |
US20090292736A1 (en) * | 2008-05-23 | 2009-11-26 | Matthew Scott Wood | On demand network activity reporting through a dynamic file system and method |
US8521732B2 (en) | 2008-05-23 | 2013-08-27 | Solera Networks, Inc. | Presentation of an extracted artifact based on an indexing technique |
US8004998B2 (en) * | 2008-05-23 | 2011-08-23 | Solera Networks, Inc. | Capture and regeneration of a network data using a virtual software switch |
US8990573B2 (en) | 2008-11-10 | 2015-03-24 | Citrix Systems, Inc. | System and method for using variable security tag location in network communications |
CN101442494B (en) * | 2008-12-16 | 2011-06-22 | 中兴通讯股份有限公司 | Method for implementing rapid rerouting |
US20110125748A1 (en) * | 2009-11-15 | 2011-05-26 | Solera Networks, Inc. | Method and Apparatus for Real Time Identification and Recording of Artifacts |
US20110125749A1 (en) * | 2009-11-15 | 2011-05-26 | Solera Networks, Inc. | Method and Apparatus for Storing and Indexing High-Speed Network Traffic Data |
US8966112B1 (en) | 2009-11-30 | 2015-02-24 | Dell Software Inc. | Network protocol proxy |
KR101027725B1 (en) * | 2009-12-29 | 2011-04-12 | 주식회사 피앤피시큐어 | Security system |
US8811397B2 (en) | 2010-02-16 | 2014-08-19 | Ncp Engineering Gmbh | System and method for data communication between a user terminal and a gateway via a network node |
US8769097B2 (en) * | 2010-04-19 | 2014-07-01 | Henri Rizk | First-point of entry (FPOE) method for multiple social networks and systems and methods for enabling users to interact democratically within open groups and for managing voting rights in an online social network environment |
US8578486B2 (en) | 2010-06-18 | 2013-11-05 | Microsoft Corporation | Encrypted network traffic interception and inspection |
US8849991B2 (en) | 2010-12-15 | 2014-09-30 | Blue Coat Systems, Inc. | System and method for hypertext transfer protocol layered reconstruction |
US8666985B2 (en) | 2011-03-16 | 2014-03-04 | Solera Networks, Inc. | Hardware accelerated application-based pattern matching for real time classification and recording of network traffic |
WO2013018940A1 (en) * | 2011-07-29 | 2013-02-07 | 인터리젠 주식회사 | Method for detecting and preventing illegal transactions in electronic commerce and system therefor |
US10432587B2 (en) * | 2012-02-21 | 2019-10-01 | Aventail Llc | VPN deep packet inspection |
US9451056B2 (en) * | 2012-06-29 | 2016-09-20 | Avaya Inc. | Method for mapping packets to network virtualization instances |
US8448238B1 (en) | 2013-01-23 | 2013-05-21 | Sideband Networks, Inc. | Network security as a service using virtual secure channels |
KR101428999B1 (en) * | 2013-04-12 | 2014-08-12 | 주식회사 엑스게이트 | Packet filtering method and firewall using dns information |
US9602470B2 (en) * | 2013-05-23 | 2017-03-21 | Sercomm Corporation | Network device, IPsec system and method for establishing IPsec tunnel using the same |
US20220360566A1 (en) * | 2015-07-31 | 2022-11-10 | Nicira, Inc. | Distributed tunneling for vpn |
US10257280B2 (en) * | 2015-12-28 | 2019-04-09 | Carbonite, Inc. | Systems and methods for remote management of appliances |
US10567516B2 (en) * | 2017-02-24 | 2020-02-18 | Wyse Technology L.L.C. | Sharing local network resources with a remote VDI instance |
CN107197005B (en) * | 2017-05-12 | 2020-12-29 | 广州视源电子科技股份有限公司 | Data transmission method and device, client, server and data transmission system |
CN114157534B (en) * | 2021-12-14 | 2023-04-25 | 福达新创通讯科技(厦门)有限公司 | Distributed multi-tributary VPN communication, system and storage medium |
Family Cites Families (136)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6850252B1 (en) * | 1999-10-05 | 2005-02-01 | Steven M. Hoffberg | Intelligent electronic appliance system and method |
US5835726A (en) | 1993-12-15 | 1998-11-10 | Check Point Software Technologies Ltd. | System for securing the flow of and selectively modifying packets in a computer network |
JP3003907B2 (en) * | 1994-05-10 | 2000-01-31 | 三菱電機株式会社 | Server / client type system |
US5623492A (en) * | 1995-03-24 | 1997-04-22 | U S West Technologies, Inc. | Methods and systems for managing bandwidth resources in a fast packet switching network |
US6324525B1 (en) | 1996-06-17 | 2001-11-27 | Hewlett-Packard Company | Settlement of aggregated electronic transactions over a network |
US6178409B1 (en) * | 1996-06-17 | 2001-01-23 | Verifone, Inc. | System, method and article of manufacture for multiple-entry point virtual point of sale architecture |
US6002767A (en) | 1996-06-17 | 1999-12-14 | Verifone, Inc. | System, method and article of manufacture for a modular gateway server architecture |
US5850446A (en) | 1996-06-17 | 1998-12-15 | Verifone, Inc. | System, method and article of manufacture for virtual point of sale processing utilizing an extensible, flexible architecture |
US5987132A (en) | 1996-06-17 | 1999-11-16 | Verifone, Inc. | System, method and article of manufacture for conditionally accepting a payment method utilizing an extensible, flexible architecture |
US6072870A (en) * | 1996-06-17 | 2000-06-06 | Verifone Inc. | System, method and article of manufacture for a gateway payment architecture utilizing a multichannel, extensible, flexible architecture |
US5943424A (en) * | 1996-06-17 | 1999-08-24 | Hewlett-Packard Company | System, method and article of manufacture for processing a plurality of transactions from a single initiation point on a multichannel, extensible, flexible architecture |
US5812668A (en) * | 1996-06-17 | 1998-09-22 | Verifone, Inc. | System, method and article of manufacture for verifying the operation of a remote transaction clearance system utilizing a multichannel, extensible, flexible architecture |
US6026379A (en) * | 1996-06-17 | 2000-02-15 | Verifone, Inc. | System, method and article of manufacture for managing transactions in a high availability system |
US6119105A (en) * | 1996-06-17 | 2000-09-12 | Verifone, Inc. | System, method and article of manufacture for initiation of software distribution from a point of certificate creation utilizing an extensible, flexible architecture |
US5983208A (en) | 1996-06-17 | 1999-11-09 | Verifone, Inc. | System, method and article of manufacture for handling transaction results in a gateway payment architecture utilizing a multichannel, extensible, flexible architecture |
US5889863A (en) * | 1996-06-17 | 1999-03-30 | Verifone, Inc. | System, method and article of manufacture for remote virtual point of sale processing utilizing a multichannel, extensible, flexible architecture |
US6253027B1 (en) * | 1996-06-17 | 2001-06-26 | Hewlett-Packard Company | System, method and article of manufacture for exchanging software and configuration data over a multichannel, extensible, flexible architecture |
US6373950B1 (en) * | 1996-06-17 | 2002-04-16 | Hewlett-Packard Company | System, method and article of manufacture for transmitting messages within messages utilizing an extensible, flexible architecture |
US6272556B1 (en) * | 1996-07-01 | 2001-08-07 | Sun Microsystems, Inc. | Object-oriented system, method and article of manufacture for migrating a client-server application (#5) |
US5978840A (en) | 1996-09-26 | 1999-11-02 | Verifone, Inc. | System, method and article of manufacture for a payment gateway system architecture for processing encrypted payment transactions utilizing a multichannel, extensible, flexible architecture |
US5931917A (en) * | 1996-09-26 | 1999-08-03 | Verifone, Inc. | System, method and article of manufacture for a gateway system architecture with system administration information accessible from a browser |
US6101543A (en) * | 1996-10-25 | 2000-08-08 | Digital Equipment Corporation | Pseudo network adapter for frame capture, encapsulation and encryption |
US6026440A (en) * | 1997-01-27 | 2000-02-15 | International Business Machines Corporation | Web server account manager plug-in for monitoring resources |
US5996076A (en) | 1997-02-19 | 1999-11-30 | Verifone, Inc. | System, method and article of manufacture for secure digital certification of electronic commerce |
US6282172B1 (en) * | 1997-04-01 | 2001-08-28 | Yipes Communications, Inc. | Generating acknowledgement signals in a data communication system |
US5958016A (en) * | 1997-07-13 | 1999-09-28 | Bell Atlantic Network Services, Inc. | Internet-web link for access to intelligent network service control |
US6006268A (en) * | 1997-07-31 | 1999-12-21 | Cisco Technology, Inc. | Method and apparatus for reducing overhead on a proxied connection |
US6061796A (en) * | 1997-08-26 | 2000-05-09 | V-One Corporation | Multi-access virtual private network |
US6199181B1 (en) | 1997-09-09 | 2001-03-06 | Perfecto Technologies Ltd. | Method and system for maintaining restricted operating environments for application programs or operating systems |
US6023724A (en) * | 1997-09-26 | 2000-02-08 | 3Com Corporation | Apparatus and methods for use therein for an ISDN LAN modem that displays fault information to local hosts through interception of host DNS request messages |
CA2309660C (en) * | 1997-11-13 | 2010-02-09 | Hyperspace Communications, Inc. | File transfer system |
US6412000B1 (en) * | 1997-11-25 | 2002-06-25 | Packeteer, Inc. | Method for automatically classifying traffic in a packet communications network |
US6327242B1 (en) | 1998-03-17 | 2001-12-04 | Infolibria, Inc. | Message redirector with cut-through switch for highly reliable and efficient network traffic processor deployment |
US6590588B2 (en) * | 1998-05-29 | 2003-07-08 | Palm, Inc. | Wireless, radio-frequency communications using a handheld computer |
US6308273B1 (en) * | 1998-06-12 | 2001-10-23 | Microsoft Corporation | Method and system of security location discrimination |
AU771091B2 (en) * | 1998-06-19 | 2004-03-11 | Juniper Networks, Inc. | Device for performing IP forwarding and ATM switching |
US6640248B1 (en) | 1998-07-10 | 2003-10-28 | Malibu Networks, Inc. | Application-aware, quality of service (QoS) sensitive, media access control (MAC) layer |
US6452915B1 (en) * | 1998-07-10 | 2002-09-17 | Malibu Networks, Inc. | IP-flow classification in a wireless point to multi-point (PTMP) transmission system |
GB2341523B (en) * | 1998-09-12 | 2003-10-29 | Ibm | Apparatus and method for establishing communication in a computer network |
US6253327B1 (en) * | 1998-12-02 | 2001-06-26 | Cisco Technology, Inc. | Single step network logon based on point to point protocol |
US6697844B1 (en) * | 1998-12-08 | 2004-02-24 | Lucent Technologies, Inc. | Internet browsing using cache-based compaction |
US6333931B1 (en) | 1998-12-28 | 2001-12-25 | Cisco Technology, Inc. | Method and apparatus for interconnecting a circuit-switched telephony network and a packet-switched data network, and applications thereof |
US6760748B1 (en) | 1999-01-20 | 2004-07-06 | Accenture Llp | Instructional system grouping student terminals |
US6615357B1 (en) * | 1999-01-29 | 2003-09-02 | International Business Machines Corporation | System and method for network address translation integration with IP security |
US6662221B1 (en) * | 1999-04-12 | 2003-12-09 | Lucent Technologies Inc. | Integrated network and service management with automated flow through configuration and provisioning of virtual private networks |
US7103068B1 (en) * | 1999-05-04 | 2006-09-05 | Sprint Communication Company L.P. | System and method for configuring bandwidth transmission rates for call connections |
US6611822B1 (en) * | 1999-05-05 | 2003-08-26 | Ac Properties B.V. | System method and article of manufacture for creating collaborative application sharing |
US6505230B1 (en) | 1999-05-14 | 2003-01-07 | Pivia, Inc. | Client-server independent intermediary mechanism |
US6792615B1 (en) | 1999-05-19 | 2004-09-14 | New Horizons Telecasting, Inc. | Encapsulated, streaming media automation and distribution system |
US6473794B1 (en) | 1999-05-27 | 2002-10-29 | Accenture Llp | System for establishing plan to test components of web based framework by displaying pictorial representation and conveying indicia coded components of existing network framework |
US6536037B1 (en) * | 1999-05-27 | 2003-03-18 | Accenture Llp | Identification of redundancies and omissions among components of a web based architecture |
US6721713B1 (en) | 1999-05-27 | 2004-04-13 | Andersen Consulting Llp | Business alliance identification in a web architecture framework |
US6615166B1 (en) * | 1999-05-27 | 2003-09-02 | Accenture Llp | Prioritizing components of a network framework required for implementation of technology |
US6519571B1 (en) * | 1999-05-27 | 2003-02-11 | Accenture Llp | Dynamic customer profile management |
US7882247B2 (en) * | 1999-06-11 | 2011-02-01 | Netmotion Wireless, Inc. | Method and apparatus for providing secure connectivity in mobile and other intermittent computing environments |
US6523027B1 (en) * | 1999-07-30 | 2003-02-18 | Accenture Llp | Interfacing servers in a Java based e-commerce architecture |
US6718535B1 (en) | 1999-07-30 | 2004-04-06 | Accenture Llp | System, method and article of manufacture for an activity framework design in an e-commerce based environment |
US6633878B1 (en) | 1999-07-30 | 2003-10-14 | Accenture Llp | Initializing an ecommerce database framework |
US6704873B1 (en) | 1999-07-30 | 2004-03-09 | Accenture Llp | Secure gateway interconnection in an e-commerce based environment |
US6601233B1 (en) * | 1999-07-30 | 2003-07-29 | Accenture Llp | Business components framework |
US6609128B1 (en) * | 1999-07-30 | 2003-08-19 | Accenture Llp | Codes table framework design in an E-commerce architecture |
US6438594B1 (en) * | 1999-08-31 | 2002-08-20 | Accenture Llp | Delivering service to a client via a locally addressable interface |
US6549949B1 (en) * | 1999-08-31 | 2003-04-15 | Accenture Llp | Fixed format stream in a communication services patterns environment |
US6502213B1 (en) | 1999-08-31 | 2002-12-31 | Accenture Llp | System, method, and article of manufacture for a polymorphic exception handler in environment services patterns |
US6697824B1 (en) * | 1999-08-31 | 2004-02-24 | Accenture Llp | Relationship management in an E-commerce application framework |
US6742015B1 (en) | 1999-08-31 | 2004-05-25 | Accenture Llp | Base services patterns in a netcentric environment |
US6601234B1 (en) * | 1999-08-31 | 2003-07-29 | Accenture Llp | Attribute dictionary in a business logic services environment |
US6339832B1 (en) * | 1999-08-31 | 2002-01-15 | Accenture Llp | Exception response table in environment services patterns |
US6715145B1 (en) | 1999-08-31 | 2004-03-30 | Accenture Llp | Processing pipeline in a base services pattern environment |
US6434628B1 (en) * | 1999-08-31 | 2002-08-13 | Accenture Llp | Common interface for handling exception interface name with additional prefix and suffix for handling exceptions in environment services patterns |
US6477580B1 (en) | 1999-08-31 | 2002-11-05 | Accenture Llp | Self-described stream in a communication services patterns environment |
US6529909B1 (en) * | 1999-08-31 | 2003-03-04 | Accenture Llp | Method for translating an object attribute converter in an information services patterns environment |
US6550057B1 (en) * | 1999-08-31 | 2003-04-15 | Accenture Llp | Piecemeal retrieval in an information services patterns environment |
US6615199B1 (en) * | 1999-08-31 | 2003-09-02 | Accenture, Llp | Abstraction factory in a base services pattern environment |
US6434568B1 (en) * | 1999-08-31 | 2002-08-13 | Accenture Llp | Information services patterns in a netcentric environment |
US6427132B1 (en) * | 1999-08-31 | 2002-07-30 | Accenture Llp | System, method and article of manufacture for demonstrating E-commerce capabilities via a simulation on a network |
US6442748B1 (en) * | 1999-08-31 | 2002-08-27 | Accenture Llp | System, method and article of manufacture for a persistent state and persistent object separator in an information services patterns environment |
US6606660B1 (en) * | 1999-08-31 | 2003-08-12 | Accenture Llp | Stream-based communication in a communication services patterns environment |
US6615253B1 (en) * | 1999-08-31 | 2003-09-02 | Accenture Llp | Efficient server side data retrieval for execution of client side applications |
US6571282B1 (en) * | 1999-08-31 | 2003-05-27 | Accenture Llp | Block-based communication in a communication services patterns environment |
US6611867B1 (en) * | 1999-08-31 | 2003-08-26 | Accenture Llp | System, method and article of manufacture for implementing a hybrid network |
US6345239B1 (en) * | 1999-08-31 | 2002-02-05 | Accenture Llp | Remote demonstration of business capabilities in an e-commerce environment |
US6477665B1 (en) | 1999-08-31 | 2002-11-05 | Accenture Llp | System, method, and article of manufacture for environment services patterns in a netcentic environment |
US6578068B1 (en) * | 1999-08-31 | 2003-06-10 | Accenture Llp | Load balancer in environment services patterns |
US6636242B2 (en) | 1999-08-31 | 2003-10-21 | Accenture Llp | View configurer in a presentation services patterns environment |
US6289382B1 (en) * | 1999-08-31 | 2001-09-11 | Andersen Consulting, Llp | System, method and article of manufacture for a globally addressable interface in a communication services patterns environment |
US6529948B1 (en) * | 1999-08-31 | 2003-03-04 | Accenture Llp | Multi-object fetch component |
US6601192B1 (en) * | 1999-08-31 | 2003-07-29 | Accenture Llp | Assertion component in environment services patterns |
US6539396B1 (en) * | 1999-08-31 | 2003-03-25 | Accenture Llp | Multi-object identifier system and method for information service pattern environment |
US6496850B1 (en) | 1999-08-31 | 2002-12-17 | Accenture Llp | Clean-up of orphaned server contexts |
US6640249B1 (en) | 1999-08-31 | 2003-10-28 | Accenture Llp | Presentation services patterns in a netcentric environment |
US6640244B1 (en) | 1999-08-31 | 2003-10-28 | Accenture Llp | Request batcher in a transaction services patterns environment |
US6640238B1 (en) | 1999-08-31 | 2003-10-28 | Accenture Llp | Activity component in a presentation services patterns environment |
US6332163B1 (en) | 1999-09-01 | 2001-12-18 | Accenture, Llp | Method for providing communication services over a computer network system |
US6732269B1 (en) | 1999-10-01 | 2004-05-04 | International Business Machines Corporation | Methods, systems and computer program products for enhanced security identity utilizing an SSL proxy |
US6606744B1 (en) * | 1999-11-22 | 2003-08-12 | Accenture, Llp | Providing collaborative installation management in a network-based supply chain environment |
US6671818B1 (en) | 1999-11-22 | 2003-12-30 | Accenture Llp | Problem isolation through translating and filtering events into a standard object format in a network based supply chain |
US6496776B1 (en) | 2000-02-29 | 2002-12-17 | Brad W. Blumberg | Position-based information access device and method |
US8380854B2 (en) * | 2000-03-21 | 2013-02-19 | F5 Networks, Inc. | Simplified method for processing multiple connections from the same client |
US6701514B1 (en) | 2000-03-27 | 2004-03-02 | Accenture Llp | System, method, and article of manufacture for test maintenance in an automated scripting framework |
US6502102B1 (en) | 2000-03-27 | 2002-12-31 | Accenture Llp | System, method and article of manufacture for a table-driven automated scripting architecture |
US6553377B1 (en) * | 2000-03-31 | 2003-04-22 | Network Associates, Inc. | System and process for maintaining a plurality of remote security applications using a modular framework in a distributed computing environment |
US6981041B2 (en) * | 2000-04-13 | 2005-12-27 | Aep Networks, Inc. | Apparatus and accompanying methods for providing, through a centralized server site, an integrated virtual office environment, remotely accessible via a network-connected web browser, with remote network monitoring and management capabilities |
US6732314B1 (en) * | 2000-05-26 | 2004-05-04 | 3Com Corporation | Method and apparatus for L2TP forward error correction |
ATE397346T1 (en) * | 2000-07-25 | 2008-06-15 | Juniper Networks Inc | NETWORK ARCHITECTURE AND METHOD FOR TRANSPARENT ONLINE CROSS- SECTIONAL CODING AND TRANSPORTING NETWORK COMMUNICATIONS DATA |
US7221660B1 (en) * | 2000-08-08 | 2007-05-22 | E.F. Johnson Company | System and method for multicast communications using real time transport protocol (RTP) |
US20020038339A1 (en) * | 2000-09-08 | 2002-03-28 | Wei Xu | Systems and methods for packet distribution |
US6691227B1 (en) * | 2000-09-08 | 2004-02-10 | Reefedge, Inc. | Location-independent packet routing and secure access in a short-range wireless networking environment |
US8250357B2 (en) * | 2000-09-13 | 2012-08-21 | Fortinet, Inc. | Tunnel interface for securing traffic over a network |
US7958185B2 (en) * | 2000-09-18 | 2011-06-07 | Bentley Systems, Inc. | Spatial data enabled engineering, construction, and operations computer-aided design (CAD) project system, method and computer program product |
US6735601B1 (en) | 2000-12-29 | 2004-05-11 | Vmware, Inc. | System and method for remote file access by computer |
US7096009B2 (en) * | 2001-03-09 | 2006-08-22 | Research In Motion Limited | Advanced voice and data operations in a mobile data communication device |
US7533409B2 (en) * | 2001-03-22 | 2009-05-12 | Corente, Inc. | Methods and systems for firewalling virtual private networks |
US20040107360A1 (en) * | 2002-12-02 | 2004-06-03 | Zone Labs, Inc. | System and Methodology for Policy Enforcement |
US7546629B2 (en) * | 2002-03-06 | 2009-06-09 | Check Point Software Technologies, Inc. | System and methodology for security policy arbitration |
US8200818B2 (en) * | 2001-07-06 | 2012-06-12 | Check Point Software Technologies, Inc. | System providing internet access management with router-based policy enforcement |
US6873988B2 (en) * | 2001-07-06 | 2005-03-29 | Check Point Software Technologies, Inc. | System and methods providing anti-virus cooperative enforcement |
US7908472B2 (en) * | 2001-07-06 | 2011-03-15 | Juniper Networks, Inc. | Secure sockets layer cut through architecture |
AU2002323364A1 (en) * | 2001-08-24 | 2003-03-10 | Peribit Networks, Inc. | Dynamic multi-point meshed overlay network |
US20030046587A1 (en) * | 2001-09-05 | 2003-03-06 | Satyam Bheemarasetti | Secure remote access using enterprise peer networks |
US20030046586A1 (en) * | 2001-09-05 | 2003-03-06 | Satyam Bheemarasetti | Secure remote access to data between peers |
US7631084B2 (en) * | 2001-11-02 | 2009-12-08 | Juniper Networks, Inc. | Method and system for providing secure access to private networks with client redirection |
EP1446931A1 (en) * | 2001-11-13 | 2004-08-18 | EMS Technologies, Inc. | Enhancements for tcp perfomance enhancing proxies |
US7707287B2 (en) * | 2002-03-22 | 2010-04-27 | F5 Networks, Inc. | Virtual host acceleration system |
WO2003083692A1 (en) | 2002-03-27 | 2003-10-09 | First Virtual Communications | System and method for traversing firewalls with protocol communications |
US6826627B2 (en) * | 2002-09-03 | 2004-11-30 | Burnbag, Ltd. | Data transformation architecture |
US20040078772A1 (en) * | 2002-10-16 | 2004-04-22 | Cosine Communications, Inc. | Dynamic route exchange |
TWI234969B (en) * | 2002-11-26 | 2005-06-21 | Ind Tech Res Inst | Dynamic network address translation system and method of transparent private network device |
US7363500B2 (en) * | 2002-12-03 | 2008-04-22 | Juniper Networks, Inc. | Tunneled authentication protocol for preventing man-in-the-middle attacks |
US7694328B2 (en) * | 2003-10-21 | 2010-04-06 | Google Inc. | Systems and methods for secure client applications |
US7584500B2 (en) * | 2003-11-19 | 2009-09-01 | Hughes Network Systems, Llc | Pre-fetching secure content using proxy architecture |
US8572249B2 (en) * | 2003-12-10 | 2013-10-29 | Aventail Llc | Network appliance for balancing load and platform services |
US8255973B2 (en) * | 2003-12-10 | 2012-08-28 | Chris Hopen | Provisioning remote computers for accessing resources |
US7555772B2 (en) * | 2004-01-26 | 2009-06-30 | Juniper Networks, Inc. | Wireless firewall with tear down messaging |
US9626655B2 (en) * | 2004-02-19 | 2017-04-18 | Intellectual Ventures I Llc | Method, apparatus and system for regulating electronic mail |
US7757074B2 (en) * | 2004-06-30 | 2010-07-13 | Citrix Application Networking, Llc | System and method for establishing a virtual private network |
-
2004
- 2004-11-12 US US10/988,004 patent/US7496097B2/en active Active
- 2004-11-12 JP JP2006539930A patent/JP2007533172A/en active Pending
- 2004-11-12 KR KR1020067009144A patent/KR20070026331A/en not_active Application Discontinuation
- 2004-11-12 EP EP04810901.1A patent/EP1683020B1/en active Active
- 2004-11-12 CA CA2545496A patent/CA2545496C/en active Active
- 2004-11-12 WO PCT/US2004/037918 patent/WO2005048106A2/en active Application Filing
Also Published As
Publication number | Publication date |
---|---|
CA2545496C (en) | 2012-10-30 |
US7496097B2 (en) | 2009-02-24 |
EP1683020B1 (en) | 2018-01-24 |
WO2005048106A3 (en) | 2005-06-23 |
EP1683020A2 (en) | 2006-07-26 |
US20050185647A1 (en) | 2005-08-25 |
WO2005048106A2 (en) | 2005-05-26 |
JP2007533172A (en) | 2007-11-15 |
EP1683020A4 (en) | 2011-08-31 |
KR20070026331A (en) | 2007-03-08 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CA2545496A1 (en) | Virtual private network with pseudo server | |
US8995453B2 (en) | Systems and methods for providing a VPN solution | |
EP2400693B1 (en) | Routing and service performance management in an application acceleration environment | |
US9264356B2 (en) | Network gateway apparatus | |
US8601567B2 (en) | Firewall for tunneled IPv6 traffic | |
KR20150079910A (en) | Software-defined network overlay | |
US7249191B1 (en) | Transparent bridge that terminates TCP connections | |
WO2013113171A1 (en) | Flow identification method, device, and system | |
CN111262715B (en) | Virtual intranet acceleration method and system and computer equipment | |
US20160156742A1 (en) | Relaying system and method of transmitting ip address of client to server using encapsulation protocol | |
CN115189920A (en) | Cross-network domain communication method and related device | |
CN102255808B (en) | Congestion notification method, device, system and network equipment | |
CN102932229A (en) | Method for carrying out encryption and decryption processing on data packet | |
CN103716240B (en) | Message forwarding method, message receiving method and corresponding equipment | |
CN1306761C (en) | Method for transmitting Ethernet message by Internet | |
CN102984167B (en) | Traversal method for universal firewall based on Socks5 protocol | |
CN101150510B (en) | A method and device for realizing GRE protocol compatible IPinIP protocol | |
Johanson et al. | Relaying controller area network frames over wireless internetworks for automotive testing applications | |
CN108337331A (en) | Network penetrating method, device, system and network connectivty inspection method | |
JP2003163690A5 (en) | ||
JP3827613B2 (en) | Router device | |
De Clercq et al. | RFC 4798: Connecting IPv6 Islands over IPv4 MPLS Using IPv6 Provider Edge Routers (6PE) | |
JP2007068220A (en) | Virtual router | |
McNabb | How the Internet Works | |
Prevost et al. | Network Working Group J. De Clercq Request for Comments: 4798 Alcatel-Lucent Category: Standards Track D. Ooms OneSparrow |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
EEER | Examination request |