WO2008091384A3 - Systems and methods for using a client agent to manage icmp traffic in a virtual private network environment - Google Patents

Systems and methods for using a client agent to manage icmp traffic in a virtual private network environment Download PDF

Info

Publication number
WO2008091384A3
WO2008091384A3 PCT/US2007/075036 US2007075036W WO2008091384A3 WO 2008091384 A3 WO2008091384 A3 WO 2008091384A3 US 2007075036 W US2007075036 W US 2007075036W WO 2008091384 A3 WO2008091384 A3 WO 2008091384A3
Authority
WO
WIPO (PCT)
Prior art keywords
client
virtual private
private network
client agent
methods
Prior art date
Application number
PCT/US2007/075036
Other languages
French (fr)
Other versions
WO2008091384A2 (en
Inventor
Amarnath Mullick
Charu Venkatraman
Junxiao He
Shashi Nanjundaswami
Ajay Soni
Roy Rajan
Original Assignee
Citrix Systems Inc
Amarnath Mullick
Charu Venkatraman
Junxiao He
Shashi Nanjundaswami
Ajay Soni
Roy Rajan
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Citrix Systems Inc, Amarnath Mullick, Charu Venkatraman, Junxiao He, Shashi Nanjundaswami, Ajay Soni, Roy Rajan filed Critical Citrix Systems Inc
Priority to EP07872265A priority Critical patent/EP2070259B1/en
Publication of WO2008091384A2 publication Critical patent/WO2008091384A2/en
Publication of WO2008091384A3 publication Critical patent/WO2008091384A3/en
Priority to IL196852A priority patent/IL196852A/en
Priority to HK09111777.7A priority patent/HK1131847A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4641Virtual LANs, VLANs, e.g. virtual private networks [VPN]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/04Network management architectures or arrangements
    • H04L41/046Network management architectures or arrangements comprising network management agents or mobile agents therefor
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • H04L41/0894Policy-based network configuration management
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0272Virtual private networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/16Implementing security features at a particular protocol layer
    • H04L63/166Implementing security features at a particular protocol layer at the transport layer
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • H04L41/0893Assignment of logical groups to network elements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/40Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks using virtualisation of network functions or resources, e.g. SDN or NFV entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/08Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
    • H04L43/0805Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters by checking availability
    • H04L43/0811Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters by checking availability by checking connectivity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/08Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
    • H04L43/0805Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters by checking availability
    • H04L43/0817Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters by checking availability by checking functioning
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/10Active monitoring, e.g. heartbeat, ping or trace-route

Abstract

Systems and methods are described for using a client agent (120a) executing on a client (102a) to send ICMP messages to an appliance (200) connected via a virtual private network Methods include: establishing, via a client agent executing on a client, a transport layer virtual private network connection with an appliance; intercepting, by the client agent at the network layer, an ICMP request originating from the client; and transmitting, by the client agent via a transport layer connection, the ICMP request to the appliance. Addition methods describe determining, by the appliance, the address identified by the ICMP request corresponds to a second client, the second client also connected via a virtual private network to.the remote machine; and transmitting, by the appliacne to the second client via the virtual private network connection, the ICMP request. Corresponding systems are also described.
PCT/US2007/075036 2006-08-03 2007-08-02 Systems and methods for using a client agent to manage icmp traffic in a virtual private network environment WO2008091384A2 (en)

Priority Applications (3)

Application Number Priority Date Filing Date Title
EP07872265A EP2070259B1 (en) 2006-08-03 2007-08-02 Systems and methods for using a client agent to manage icmp traffic in a virtual private network environment
IL196852A IL196852A (en) 2006-08-03 2009-02-02 Systems and methods for using a client agent to manage icmp traffic in a virtual private network environment
HK09111777.7A HK1131847A1 (en) 2006-08-03 2009-12-15 Systems and methods for using a client agent to manage icmp traffic in a virtual private network environment

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US11/462,253 US7907621B2 (en) 2006-08-03 2006-08-03 Systems and methods for using a client agent to manage ICMP traffic in a virtual private network environment
US11/462,253 2006-08-03

Publications (2)

Publication Number Publication Date
WO2008091384A2 WO2008091384A2 (en) 2008-07-31
WO2008091384A3 true WO2008091384A3 (en) 2008-11-13

Family

ID=39029116

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2007/075036 WO2008091384A2 (en) 2006-08-03 2007-08-02 Systems and methods for using a client agent to manage icmp traffic in a virtual private network environment

Country Status (5)

Country Link
US (1) US7907621B2 (en)
EP (1) EP2070259B1 (en)
HK (1) HK1131847A1 (en)
IL (1) IL196852A (en)
WO (1) WO2008091384A2 (en)

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8094560B2 (en) * 2008-05-19 2012-01-10 Cisco Technology, Inc. Multi-stage multi-core processing of network packets
US9054913B1 (en) 2009-11-30 2015-06-09 Dell Software Inc. Network protocol proxy
US9137104B2 (en) * 2011-05-26 2015-09-15 Kaseya Limited Method and apparatus of performing remote management of a managed machine
CN104301184B (en) * 2014-10-31 2017-10-27 北京百度网讯科技有限公司 The health examination method and device of link
US10171582B2 (en) * 2015-02-23 2019-01-01 Barracuda Networks, Inc. Method and apparatus for client to content appliance (CA) synchronization
US10015162B2 (en) * 2015-05-11 2018-07-03 Huawei Technologies Co., Ltd. Firewall authentication of controller-generated internet control message protocol (ICMP) echo requests
CN108701004A (en) * 2017-01-25 2018-10-23 华为技术有限公司 A kind of system of data processing, method and corresponding intrument
US11063857B2 (en) * 2018-05-25 2021-07-13 Microsoft Technology Licensing, Llc Monitoring connectivity and latency of a virtual network

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020042875A1 (en) * 2000-10-11 2002-04-11 Jayant Shukla Method and apparatus for end-to-end secure data communication
US6976071B1 (en) * 2000-05-03 2005-12-13 Nortel Networks Limited Detecting if a secure link is alive
WO2006012612A1 (en) * 2004-07-23 2006-02-02 Citrix Systems, Inc. A method and systems for securing remote access to private networks
WO2006074072A2 (en) * 2004-12-30 2006-07-13 Citrix Systems, Inc. Systems and methods for providing client-side acceleration techniques

Family Cites Families (67)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US3909708A (en) * 1974-01-02 1975-09-30 Keith S Champlin Electronic battery testing device
US5442633A (en) 1992-07-08 1995-08-15 International Business Machines Corporation Shortcut network layer routing for mobile hosts
US6909708B1 (en) 1996-11-18 2005-06-21 Mci Communications Corporation System, method and article of manufacture for a communication system architecture including video conferencing
US5999525A (en) 1996-11-18 1999-12-07 Mci Communications Corporation Method for video telephony over a hybrid network
US7145898B1 (en) 1996-11-18 2006-12-05 Mci Communications Corporation System, method and article of manufacture for selecting a gateway of a hybrid communication system architecture
US6335927B1 (en) 1996-11-18 2002-01-01 Mci Communications Corporation System and method for providing requested quality of service in a hybrid network
US5867494A (en) 1996-11-18 1999-02-02 Mci Communication Corporation System, method and article of manufacture with integrated video conferencing billing in a communication system architecture
US6754181B1 (en) 1996-11-18 2004-06-22 Mci Communications Corporation System and method for a directory service supporting a hybrid communication system architecture
US6731625B1 (en) 1997-02-10 2004-05-04 Mci Communications Corporation System, method and article of manufacture for a call back architecture in a hybrid network with support for internet telephony
US6775692B1 (en) 1997-07-31 2004-08-10 Cisco Technology, Inc. Proxying and unproxying a connection using a forwarding agent
US6158007A (en) 1997-09-17 2000-12-05 Jahanshah Moreh Security system for event based middleware
JPH11163947A (en) 1997-09-22 1999-06-18 Toshiba Corp Gateway device, radio terminal, router device and gateway control method for communication network
AU1421799A (en) 1997-11-25 1999-06-15 Packeteer, Inc. Method for automatically classifying traffic in a packet communications network
US6157955A (en) 1998-06-15 2000-12-05 Intel Corporation Packet processing system including a policy engine having a classification unit
US6640248B1 (en) 1998-07-10 2003-10-28 Malibu Networks, Inc. Application-aware, quality of service (QoS) sensitive, media access control (MAC) layer
US6452915B1 (en) 1998-07-10 2002-09-17 Malibu Networks, Inc. IP-flow classification in a wireless point to multi-point (PTMP) transmission system
WO2000026750A1 (en) 1998-11-05 2000-05-11 NEUVIS, Inc Method for controlling access to information
US6760748B1 (en) 1999-01-20 2004-07-06 Accenture Llp Instructional system grouping student terminals
US6742045B1 (en) 1999-07-02 2004-05-25 Cisco Technology, Inc. Handling packet fragments in a distributed network service environment
US7100195B1 (en) 1999-07-30 2006-08-29 Accenture Llp Managing user information on an e-commerce system
US6718535B1 (en) 1999-07-30 2004-04-06 Accenture Llp System, method and article of manufacture for an activity framework design in an e-commerce based environment
US6601233B1 (en) 1999-07-30 2003-07-29 Accenture Llp Business components framework
US6523027B1 (en) 1999-07-30 2003-02-18 Accenture Llp Interfacing servers in a Java based e-commerce architecture
US6609128B1 (en) 1999-07-30 2003-08-19 Accenture Llp Codes table framework design in an E-commerce architecture
US6704873B1 (en) 1999-07-30 2004-03-09 Accenture Llp Secure gateway interconnection in an e-commerce based environment
US6633878B1 (en) 1999-07-30 2003-10-14 Accenture Llp Initializing an ecommerce database framework
US6731325B1 (en) * 1999-09-08 2004-05-04 Intel Corporation Methods and apparatus for selecting wire video size
US6571285B1 (en) 1999-12-23 2003-05-27 Accenture Llp Providing an integrated service assurance environment for a network
US6985901B1 (en) 1999-12-23 2006-01-10 Accenture Llp Controlling data collection, manipulation and storage on a network with service assurance capabilities
US7246370B2 (en) 2000-01-07 2007-07-17 Security, Inc. PDstudio design system and method
AU2001253189B2 (en) 2000-04-03 2004-08-19 Quova, Inc. Geographic location estimation method for network addresses entities
US7028333B2 (en) * 2000-04-12 2006-04-11 Corente, Inc. Methods and systems for partners in virtual networks
JP3557998B2 (en) 2000-04-28 2004-08-25 日本電気株式会社 Fragmentation processing device and fragmentation processing apparatus using the same
US7028083B2 (en) 2000-05-26 2006-04-11 Akomai Technologies, Inc. Method for extending a network map
US7213077B2 (en) 2000-07-21 2007-05-01 Hughes Network Systems, Inc. Method and system for providing buffer management in a performance enhancing proxy architecture
US7707305B2 (en) 2000-10-17 2010-04-27 Cisco Technology, Inc. Methods and apparatus for protecting against overload conditions on nodes of a distributed network
US7865596B2 (en) 2000-11-02 2011-01-04 Oracle America, Inc. Switching system for managing storage in digital networks
US20040073512A1 (en) 2001-02-23 2004-04-15 David Maung Unique session storage design
IL141855A0 (en) * 2001-03-07 2002-03-10 Onetiercommunications Inc A method and apparatus for providing an improved quality of service for data transfer over the internet
US20030074206A1 (en) 2001-03-23 2003-04-17 Restaurant Services, Inc. System, method and computer program product for utilizing market demand information for generating revenue
US6954736B2 (en) 2001-03-23 2005-10-11 Restaurant Services, Inc. System, method and computer program product for order confirmation in a supply chain management framework
US7120596B2 (en) 2001-03-23 2006-10-10 Restaurant Services, Inc. System, method and computer program product for landed cost reporting in a supply chain management framework
US7171379B2 (en) 2001-03-23 2007-01-30 Restaurant Services, Inc. System, method and computer program product for normalizing data in a supply chain management framework
US7039606B2 (en) 2001-03-23 2006-05-02 Restaurant Services, Inc. System, method and computer program product for contract consistency in a supply chain management framework
US7072843B2 (en) 2001-03-23 2006-07-04 Restaurant Services, Inc. System, method and computer program product for error checking in a supply chain management framework
US20020143798A1 (en) 2001-04-02 2002-10-03 Akamai Technologies, Inc. Highly available distributed storage system for internet content with storage site redirection
US6738933B2 (en) 2001-05-09 2004-05-18 Mercury Interactive Corporation Root cause analysis of server system performance degradations
US7197559B2 (en) 2001-05-09 2007-03-27 Mercury Interactive Corporation Transaction breakdown feature to facilitate analysis of end user performance of a server system
US7117504B2 (en) 2001-07-10 2006-10-03 Microsoft Corporation Application program interface that enables communication for a network software platform
US7207062B2 (en) 2001-08-16 2007-04-17 Lucent Technologies Inc Method and apparatus for protecting web sites from distributed denial-of-service attacks
US20030131079A1 (en) 2001-11-13 2003-07-10 Ems Technologies, Inc. Performance enhancing proxy techniques for internet protocol traffic
US7054944B2 (en) 2001-12-19 2006-05-30 Intel Corporation Access control management system utilizing network and application layer access control lists
US7769997B2 (en) 2002-02-25 2010-08-03 Network Resonance, Inc. System, method and computer program product for guaranteeing electronic transactions
US7512702B1 (en) 2002-03-19 2009-03-31 Cisco Technology, Inc. Method and apparatus providing highly scalable server load balancing
US7047315B1 (en) 2002-03-19 2006-05-16 Cisco Technology, Inc. Method providing server affinity and client stickiness in a server load balancing device without TCP termination and without keeping flow states
US7499401B2 (en) 2002-10-21 2009-03-03 Alcatel-Lucent Usa Inc. Integrated web cache
US7489700B2 (en) 2002-11-20 2009-02-10 Hitachi Communication Technologies, Ltd. Virtual access router
US20040103194A1 (en) 2002-11-21 2004-05-27 Docomo Communicatios Laboratories Usa, Inc. Method and system for server load balancing
US7389462B1 (en) 2003-02-14 2008-06-17 Istor Networks, Inc. System and methods for high rate hardware-accelerated network protocol processing
CA2425442A1 (en) * 2003-04-15 2004-10-15 Felix Katz Connectivity verification for internet protocol/multi-protocol label switching data communications networks
US7453852B2 (en) 2003-07-14 2008-11-18 Lucent Technologies Inc. Method and system for mobility across heterogeneous address spaces
US20050262357A1 (en) 2004-03-11 2005-11-24 Aep Networks Network access using reverse proxy
US20050251856A1 (en) 2004-03-11 2005-11-10 Aep Networks Network access using multiple authentication realms
US20050273849A1 (en) 2004-03-11 2005-12-08 Aep Networks Network access using secure tunnel
US7454479B2 (en) 2004-05-28 2008-11-18 Microsoft Corporation Flexible teleport architecture
US8136149B2 (en) 2004-06-07 2012-03-13 Check Point Software Technologies, Inc. Security system with methodology providing verified secured individual end points
US7937756B2 (en) 2005-08-19 2011-05-03 Cpacket Networks, Inc. Apparatus and method for facilitating network security

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6976071B1 (en) * 2000-05-03 2005-12-13 Nortel Networks Limited Detecting if a secure link is alive
US20020042875A1 (en) * 2000-10-11 2002-04-11 Jayant Shukla Method and apparatus for end-to-end secure data communication
WO2006012612A1 (en) * 2004-07-23 2006-02-02 Citrix Systems, Inc. A method and systems for securing remote access to private networks
WO2006074072A2 (en) * 2004-12-30 2006-07-13 Citrix Systems, Inc. Systems and methods for providing client-side acceleration techniques

Also Published As

Publication number Publication date
IL196852A0 (en) 2009-11-18
EP2070259A2 (en) 2009-06-17
US20080031265A1 (en) 2008-02-07
EP2070259B1 (en) 2013-02-13
HK1131847A1 (en) 2010-02-05
IL196852A (en) 2013-01-31
US7907621B2 (en) 2011-03-15
WO2008091384A2 (en) 2008-07-31

Similar Documents

Publication Publication Date Title
WO2008091384A3 (en) Systems and methods for using a client agent to manage icmp traffic in a virtual private network environment
WO2007016839A8 (en) Method and system for carrying out hierarchical virtual private switch services
TW200718090A (en) System and method for remote management
WO2007080558A3 (en) Communications network system and methods for using same
WO2004095269A3 (en) System and method for managing distributed objects as a single representation
WO2001080488A3 (en) Methods and systems for managing virtual addresses for virtual networks
WO2009076047A3 (en) Client for use with an appliance network
WO2006116449A3 (en) Trans-network roaming and resolution with web services for devices
WO2004086725A3 (en) Network service architecture
WO2009067443A3 (en) Geographic trunk groups
WO2009038677A3 (en) High level instruction convergence function
WO2008013745A3 (en) Techniques for exchanging dhcp information among dhcp relay agents and dhcp servers
WO2007002443A3 (en) Control of service workload management
TW200642395A (en) Methods, systems and computer program products for bypassing routing stacks using mobile internet protocol
WO2007075258A3 (en) Satellite switch communication over a network
WO2007047639A3 (en) Discovering network services
WO2007149206A3 (en) Communicating packets between forwarding contexts using virtual interfaces
WO2007143717A3 (en) Methods, computer readable medium and apparatus for using short addresses in a communication system
WO2005117548A3 (en) Systems and methods for multi-level gateway provisioning based on a device’s location
CA2469713A1 (en) System and method of message transport selection
WO2010080533A3 (en) Multipurpose storage system based upon a distributed hashing mechanism with transactional support and failover capability
WO2008001205A3 (en) Contention window management for relay networks
GB2439572B (en) Remote connection between intermediary device and computing device via central authority software
WO2007133854A3 (en) System and method for distributing proxying error information in wireless networks
TW200715762A (en) Method for managing a network appliance and transparent configurable network appliance

Legal Events

Date Code Title Description
WWE Wipo information: entry into national phase

Ref document number: 196852

Country of ref document: IL

NENP Non-entry into the national phase

Ref country code: DE

WWE Wipo information: entry into national phase

Ref document number: 2007872265

Country of ref document: EP

NENP Non-entry into the national phase

Ref country code: RU