IPC분류정보
국가/구분 |
United States(US) Patent
등록
|
국제특허분류(IPC7판) |
|
출원번호 |
US-0831719
(2007-07-31)
|
등록번호 |
US-8566452
(2013-10-22)
|
발명자
/ 주소 |
- Goodwin, III, James S.
- Jain, Amit
- Natarajan, Ravi
|
출원인 / 주소 |
|
대리인 / 주소 |
Frommer Lawrence & Haug LLP
|
인용정보 |
피인용 횟수 :
18 인용 특허 :
117 |
초록
▼
A system, apparatus, and method are directed to converting from a use of a HTTPS connection to a tunnel connection while maintaining an underlying connection between a client and a server. An HTTPS connection is employed to establish a network connection between a client device and a network device.
A system, apparatus, and method are directed to converting from a use of a HTTPS connection to a tunnel connection while maintaining an underlying connection between a client and a server. An HTTPS connection is employed to establish a network connection between a client device and a network device. A gateway is selected to receive a request from the client device. In one embodiment, selecting may comprise using load-balancing, cookie-persistence, or the like. Subsequently, the HTTPS connection is transitioned to another application layer communication protocol connection. Transitioning may comprise converting from a use of a first protocol stack configured to process a HTTP connection to a second protocol stack configured to process a non-HTTP based application protocol connection, and establishing a tunnel between the client device and a server through the selected gateway.
대표청구항
▼
1. A method for managing a communication over a network, comprising: employing Hyper-Text Transfer Protocol (HTTP) to establish a network connection between a client device and a network device, wherein an active network session is established between the client device and the network device using T
1. A method for managing a communication over a network, comprising: employing Hyper-Text Transfer Protocol (HTTP) to establish a network connection between a client device and a network device, wherein an active network session is established between the client device and the network device using Transmission Control Protocol/Internet Protocol (TCP/IP);selecting a gateway to receive a request from the client device; andtransitioning the HTTP connection between the network device and the client device to a non-HTTP based application protocol connection extended at least to the selected gateway and the client device in part by sending an HTTP disable command, disabling an HTTP protocol for the HTTP connection with the client device, while the underlying TCP/IP network session remains active wherein transitioning further comprises: terminating the HTTP communication at the network device; andsending network traffic from the terminated HTTP connection to the selected gateway. 2. The method of claim 1, further comprising: employing a load balancing mechanism to select the gateway to receive the request from the client device; andproviding a cookie to the client device, wherein the cookie is employable to establish a persistent connection between the client device and the selected gateway. 3. The method of claim 1, wherein the non-HTTP based application protocol connection includes at least one of a Secure Shell (SSH), telnet, File Transfer Protocol (FTP), or Point-to-Point (PPP) based application layer protocol. 4. The method of claim 1, wherein a cookie is employed by the network device to identify the selected gateway. 5. The method of claim 1, wherein the cookie indicates an association between the client device and the SSL/VPN gateway. 6. The method of claim 1, wherein transitioning the HTTP connection further comprises the network device sending the HTTP disable command. 7. The method of claim 1, further comprising: providing a list of network resources to a user of the client device, wherein the user selects the non-HTTP based application protocol useable for establishing a tunnel through the selected gateway to at least one of the network resources. 8. The method of claim 1, further comprising: receiving network traffic from the client device, wherein the network traffic includes a cookie; anddetermining which gateway to send the network traffic to based on the received cookie. 9. A Traffic Management Device (TMD) interposed between a client device and a plurality of gateways for managing a communication over a network, comprising: a transceiver for communicating data over the network; anda processor operable to perform actions comprising: establishing an active network session with the client device;communicating with the client device over the active network session using an Hyper-Text Transfer Protocol (HTTP) application layer protocol;selecting a gateway from the plurality of gateways to receive a request from the client device over HTTP;providing a cookie to the client device, wherein the cookie is employable to establish a persistent connection between the client device and the selected gateway; andtransitioning from HTTP application layer protocol to a non-HTTP based application protocol between the client device and the selected gateway in part by sending an HTTP disable command, disabling the HTTP application layer protocol with the client device for the active network session, while maintaining the active network session with the client device wherein transitioning further comprises: terminating the HTTP communication at the Traffic Management Device (TMD); andsending network traffic from the terminated HTTP connection to the selected gateway. 10. The TMD of claim 9, wherein transitioning to a non-HTTP based application protocol further comprises establishing a tunneled connection between the client device and the selected gateway. 11. The TMD of claim 9, wherein the cookie is generated by at least one of the TMD or the selected gateway. 12. The TMD of claim 9, wherein the non-HTTP based application protocol comprises at least one of a Secure Shell (SSH), telnet, File Transfer Protocol (FTP), or Point-to-Point (PPP) protocol connection. 13. The TMD of claim 9, wherein transitioning from HTTP application layer protocol further comprises the TMD receiving a transition request from the client device. 14. A system for managing a communication over a network, comprising: a client device operable to perform actions comprising: establishing an Hyper-Text Transfer Protocol Secure (HTTPS) application layer protocol connection over the network, wherein the HTTPS connection is established over an active network connection with a Traffic Management Device (TMD); andthe TMD operable to perform actions comprising: establishing the active network connection with the client device with an HTTPS connection over the active network connection;establishing a connection with a selected gateway; andtransitioning from the HTTPS application layer protocol to a non-HTTP based application protocol to establish a tunneled connection between the selected gateway and the client device in part by sending an HTTP disable command, disabling an HTTP application layer protocol with the client device, while maintaining the active network connection to the client device during the transition wherein transitioning further comprises: terminating the HTTP communication at the Traffic Management Device (TMD); andsending network traffic from the terminated HTTP connection to the selected gateway. 15. The system of claim 14, wherein the non-HTTP based application protocol comprises at least one of a Secure Shell (SSH), telnet, File Transfer Protocol (FTP), or Point-to-Point (PPP) protocol connection that is selected from a list provided to the user from the selected gateway. 16. The system of claim 14, wherein maintaining an underlying active connection to the client device during the transition further comprises not dropping the TCP/IP connection with the client device. 17. The system of claim 14, wherein the client device is further operable to perform actions comprising sending a transition request to the TMD. 18. The system of claim 14, wherein establishing a connection with the selected gateway further comprises using a cookie to persist a connection between the selected gateway and the client device.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.