-
公开(公告)号:US20170201418A1
公开(公告)日:2017-07-13
申请号:US14995136
申请日:2016-01-13
Applicant: A10 Networks, Inc.
Inventor: Rajkumar Jalan , Rishi Sampat , Swaminathan Sankar
CPC classification number: H04L41/5051 , G06F9/46
Abstract: Facilitation of processing a chain of network applications by a network controller is provided herein. In some examples, a network controller comprising a fast path module receives a service request data packet from a client side session between a client and the network controller and determines that the service request data packet matches a network application chain order, the network application chain order indicating a configuration to apply a plurality of network applications. The fast path module processes the service request data packet according to the configuration indicated in the network application chain order.
-
公开(公告)号:US20170111441A1
公开(公告)日:2017-04-20
申请号:US15394669
申请日:2016-12-29
Applicant: A10 Networks, Inc.
Inventor: Rajkumar Jalan , Gurudeep Kamat
IPC: H04L29/08 , H04L12/741
Abstract: In providing packet forwarding policies in a virtual service network that includes a network node and a pool of service load balancers serving a virtual service, the network node: receives a virtual service session request from a client device, the request including a virtual service network address for the virtual service; compares the virtual service network address in the request with the virtual service network address in each at least one packet forwarding policy; in response to finding a match between the virtual service network address in the request and a given virtual service network address in a given packet forwarding policy, determines the given destination in the given packet forwarding policy; and sends the request to a service load balancer in the pool of service load balancers associated with the given destination, where the service load balancer establishes a virtual service session with the client device.
-
公开(公告)号:US09602442B2
公开(公告)日:2017-03-21
申请号:US14863083
申请日:2015-09-23
Applicant: A10 Networks, Inc.
Inventor: Liang Han
IPC: G06F15/16 , H04L12/861 , H04L29/08 , H04L29/06
CPC classification number: H04L49/9005 , H04L49/90 , H04L67/28 , H04L67/42 , H04L69/16
Abstract: Allocation of buffers for a TCP proxy session between a client and a server by a service gateway includes monitoring dynamic network behaviors for server and client side sessions of the TCP proxy session; and allocating capacity for a server side buffer and capacity for a client side buffer in a memory buffer based on the dynamic server side network behaviors, the dynamic client side network behaviors, and a weighted average of a capacity of the memory buffer. In one approach to the allocation, the gateway determines whether an available capacity of the server or client side buffer is sufficient to store a data packet. If not sufficient, the allocated capacity of the server or client side buffer is increased based on measurements of the dynamic network behaviors and the weighted average, and the available capacity of the server or client side buffer is adjusted accordingly.
-
公开(公告)号:US20170041350A1
公开(公告)日:2017-02-09
申请号:US15334174
申请日:2016-10-25
Applicant: A10 Networks, Inc.
Inventor: Lee Chen , Dennis Oshiba , John Chiong
IPC: H04L29/06
CPC classification number: H04L63/0263 , G06F21/00 , G06F21/44 , H04L12/66 , H04L51/04 , H04L63/02 , H04L63/0227 , H04L63/0236 , H04L63/0245 , H04L63/0254 , H04L63/029 , H04L63/0407 , H04L63/08 , H04L63/10 , H04L63/102 , H04L63/105 , H04L63/164 , H04L63/168 , H04L63/20 , H04L63/30 , H04L65/1026 , H04L67/10 , H04L67/1004 , H04L67/104 , H04L67/141 , H04L67/22 , H04L67/306 , H04L67/42 , H04L69/28 , H04L69/329 , H04M1/72547 , H04W12/00
Abstract: Applying a security policy to an application session, includes recognizing the application session between a network and an application via a security gateway, determining by the security gateway a user identity of the application session using information about the application session, obtaining by the security gateway the security policy comprising network parameters mapped to the user identity, and applying the security policy to the application session by the security gateway. The user identity may be a network user identity or an application user identity recognized from packets of the application session. The security policy may comprise a network traffic policy mapped and/or a document access policy mapped to the user identity, where the network traffic policy is applied to the application session. The security gateway may further generate a security report concerning the application of the security policy to the application session.
Abstract translation: 将安全策略应用到应用会话中,包括通过安全网关识别网络和应用之间的应用会话,使用关于应用会话的信息由安全网关确定应用会话的用户身份,由安全网关获取 包括映射到用户身份的网络参数的安全策略,以及安全网关将安全策略应用于应用会话。 用户身份可以是从应用会话的分组识别的网络用户身份或应用用户身份。 安全策略可以包括被映射的网络流量策略和/或映射到用户身份的文档访问策略,其中将网络流量策略应用于应用会话。 安全网关还可以生成关于安全策略应用于应用会话的安全报告。
-
公开(公告)号:US09497201B2
公开(公告)日:2016-11-15
申请号:US14987076
申请日:2016-01-04
Applicant: A10 Networks, Inc.
Inventor: Lee Chen , Dennis Oshiba , John Chiong
CPC classification number: H04L63/0263 , G06F21/00 , G06F21/44 , H04L12/66 , H04L51/04 , H04L63/02 , H04L63/0227 , H04L63/0236 , H04L63/0245 , H04L63/0254 , H04L63/029 , H04L63/0407 , H04L63/08 , H04L63/10 , H04L63/102 , H04L63/105 , H04L63/164 , H04L63/168 , H04L63/20 , H04L63/30 , H04L65/1026 , H04L67/10 , H04L67/1004 , H04L67/104 , H04L67/141 , H04L67/22 , H04L67/306 , H04L67/42 , H04L69/28 , H04L69/329 , H04M1/72547 , H04W12/00
Abstract: Applying a security policy to an application session, includes: recognizing the application session between a network and an application via a security gateway; determining by the security gateway a user identity of the application session using information about the application session; obtaining by the security gateway the security policy comprising network parameters mapped to the user identity; and applying the security policy to the application session by the security gateway. The user identity may be a network user identity or an application user identity recognized from packets of the application session. The security policy may comprise a network traffic policy mapped and/or a document access policy mapped to the user identity, where the network traffic policy is applied to the application session. The security gateway may further generate a security report concerning the application of the security policy to the application session.
Abstract translation: 将安全策略应用于应用程序会话包括:通过安全网关识别网络和应用程序之间的应用程序会话; 使用关于应用会话的信息由安全网关确定应用会话的用户身份; 由安全网关获取包括映射到用户身份的网络参数的安全策略; 并将安全策略应用于安全网关的应用会话。 用户身份可以是从应用会话的分组识别的网络用户身份或应用用户身份。 安全策略可以包括被映射的网络流量策略和/或映射到用户身份的文档访问策略,其中将网络流量策略应用于应用会话。 安全网关还可以生成关于安全策略应用于应用会话的安全报告。
-
Patent Agency Ranking
公开(公告)号:US09477563B2
公开(公告)日:2016-10-25
申请号:US14492360
申请日:2014-09-22
Applicant: A10 Networks, Inc.
Inventor: Rajkumar Jalan , Dennis Oshiba
CPC classification number: H04L67/1008 , G06F9/45558 , G06F9/5061 , G06F11/1469 , G06F11/2025 , G06F11/3466 , G06F2009/45595 , H04L41/0668 , H04L49/70 , H04L67/101 , H04L67/1031 , H04L67/1034 , H04L67/1095 , H04L67/322 , H04L67/325
Abstract: A method for electing a master blade in a virtual application distribution chassis (VADC), includes: sending by each blade a VADC message to each of the other blades; determining by each blade that the VADC message was not received from the master blade within a predetermined period of time; in response, sending a master claim message including a blade priority by each blade to the other blades; determining by each blade whether any of the blade priorities obtained from the received master claim messages is higher than the blade priority of the receiving blade; in response to determining that none of the blade priorities obtained is higher, setting a status of a given receiving blade to a new master blade; and sending by the given receiving blade a second VADC message to the other blades indicating the status of the new master blade of the given receiving blade.
Abstract translation: 一种用于在虚拟应用分发机架(VADC)中选择主刀片的方法,包括:由每个刀片发送VADC消息给每个其他刀片; 在预定时间段内由每个刀片确定VADC消息未被从主刀片接收; 作为响应,将包括由每个刀片的刀片优先级的主要声明消息发送到其他刀片; 由每个刀片确定从所接收的主机声明消息获得的任何刀片优先级是否高于接收刀片的刀片优先级; 响应于确定没有获得的叶片优先级更高,将给定接收叶片的状态设置为新的主叶片; 并且由给定接收刀片发送第二VADC消息给另一个刀片,指示给定接收刀片的新主刀片的状态。
-
公开(公告)号:US09398011B2
公开(公告)日:2016-07-19
申请号:US14834278
申请日:2015-08-24
Applicant: A10 Networks, Inc.
Inventor: Micheal Thompson
CPC classification number: H04L63/083 , G06F21/31 , G06F2221/2111 , H04L63/08 , H04L63/0876 , H04L63/102 , H04L63/107 , H04L63/108 , H04L67/02 , H04L67/18 , H04L2463/121 , H04W4/02 , H04W12/06
Abstract: User authentication techniques based on geographical locations associated with a client device is provided. A network connection can be established between two or more host machines and a client device. Upon a request received from the client device by one of these host machines, round trip times of test messages may be measured between the client device and each of the host machines. The round trip times can be utilized to determine the current geographical location of the client device. If the location is within a tolerance geographical area, the client device may be authenticated. Otherwise, the authentication may fail or additional security procedures may be implemented. In some examples, a travel time from a historical geographical location to current geographical location can be determined. This data may be also utilized in the user authentication process.
-
公开(公告)号:US09350744B2
公开(公告)日:2016-05-24
申请号:US14972338
申请日:2015-12-17
Applicant: A10 Networks, Inc.
Inventor: Lee Chen , John Chiong , Dennis Oshiba
CPC classification number: H04L63/0263 , G06F21/00 , G06F21/44 , H04L12/66 , H04L51/04 , H04L63/02 , H04L63/0227 , H04L63/0236 , H04L63/0245 , H04L63/0254 , H04L63/029 , H04L63/0407 , H04L63/08 , H04L63/10 , H04L63/102 , H04L63/105 , H04L63/164 , H04L63/168 , H04L63/20 , H04L63/30 , H04L65/1026 , H04L67/10 , H04L67/1004 , H04L67/104 , H04L67/141 , H04L67/22 , H04L67/306 , H04L67/42 , H04L69/28 , H04L69/329 , H04M1/72547 , H04W12/00
Abstract: A method for applying a security policy to an application session, includes recognizing the application session between a network and an application via a security gateway; determining by the security gateway a user identity of the application session using information about the application session; obtaining by the security gateway the security policy comprising network parameters mapped to the user identity; and applying the security policy to the application session by the security gateway. The user identity may be a network user identity or an application user identity recognized from packets of the application session. The security policy may comprise a network traffic policy mapped and/or a document access policy mapped to the user identity, where the network traffic policy is applied to the application session. The security gateway may further generate a security report concerning the application of the security policy to the application session.
Abstract translation: 一种将安全策略应用于应用会话的方法,包括经由安全网关识别网络与应用之间的应用会话; 使用关于应用会话的信息由安全网关确定应用会话的用户身份; 由安全网关获取包括映射到用户身份的网络参数的安全策略; 并将安全策略应用于安全网关的应用会话。 用户身份可以是从应用会话的分组识别的网络用户身份或应用用户身份。 安全策略可以包括被映射的网络流量策略和/或映射到用户身份的文档访问策略,其中将网络流量策略应用于应用会话。 安全网关还可以生成关于安全策略应用于应用会话的安全报告。
-
109.发明申请公开(公告)号:US20160057252A1
公开(公告)日:2016-02-25
申请号:US14492465
申请日:2014-09-22
Applicant: A10 Networks, Inc.
Inventor: Rajkumar Jalan , Rishi Sampat
CPC classification number: H04L63/20 , H04L63/0281 , H04L63/1416 , H04L67/141 , H04L67/322
Abstract: Exemplary embodiments for programming a network device using user-defined scripts are disclosed. The systems and methods provide for a servicing node to receive a request for a network session between a client device and a server, receive a user defined class and a user defined object configuration from a node controller, and use the information to instruct an object virtual machine to generate at least one user defined object. The servicing node can then apply the at least one user defined object to a data packet of the network session, where the user defined object allows a user to configure the network device with user-defined instruction scripts.
Abstract translation: 公开了使用用户定义的脚本编程网络设备的示例性实施例。 所述系统和方法为服务节点提供接收对客户端设备和服务器之间的网络会话的请求,从节点控制器接收用户定义的类和用户定义的对象配置,并且使用该信息来指示对象虚拟 机器生成至少一个用户定义的对象。 服务节点然后可以将至少一个用户定义的对象应用于网络会话的数据分组,其中用户定义的对象允许用户使用用户定义的指令脚本来配置网络设备。
-
公开(公告)号:US20160050233A1
公开(公告)日:2016-02-18
申请号:US14323884
申请日:2014-07-03
Applicant: A10 Networks, Inc.
Inventor: Lee Chen , Dennis Oshiba , John Chiong
IPC: H04L29/06
CPC classification number: H04L63/0263 , G06F21/00 , G06F21/44 , H04L12/66 , H04L51/04 , H04L63/02 , H04L63/0227 , H04L63/0236 , H04L63/0245 , H04L63/0254 , H04L63/029 , H04L63/0407 , H04L63/08 , H04L63/10 , H04L63/102 , H04L63/105 , H04L63/164 , H04L63/168 , H04L63/20 , H04L63/30 , H04L65/1026 , H04L67/10 , H04L67/1004 , H04L67/104 , H04L67/141 , H04L67/22 , H04L67/306 , H04L67/42 , H04L69/28 , H04L69/329 , H04M1/72547 , H04W12/00
Abstract: Applying a security policy to an application session, includes: recognizing the application session between a network and an application via a security gateway; determining by the security gateway a user identity of the application session using information about the application session; obtaining by the security gateway the security policy comprising network parameters mapped to the user identity; and applying the security policy to the application session by the security gateway. The user identity may be a network user identity or an application user identity recognized from packets of the application session. The security policy may comprise a network traffic policy mapped and/or a document access policy mapped to the user identity, where the network traffic policy is applied to the application session. The security gateway may further generate a security report concerning the application of the security policy to the application session.
Abstract translation: 将安全策略应用于应用程序会话包括:通过安全网关识别网络和应用程序之间的应用程序会话; 使用关于应用会话的信息由安全网关确定应用会话的用户身份; 由安全网关获取包括映射到用户身份的网络参数的安全策略; 并将安全策略应用于安全网关的应用会话。 用户身份可以是从应用会话的分组识别的网络用户身份或应用用户身份。 安全策略可以包括被映射的网络流量策略和/或映射到用户身份的文档访问策略,其中将网络流量策略应用于应用会话。 安全网关还可以生成关于安全策略应用于应用会话的安全报告。
-
-
-
-
-
-
-
-
-
Search Results
364
records
(took 0.034 seconds)
