Riverbed Technology, Inc. Patent applications |
Patent application number | Title | Published |
20150124835 | METHOD AND APPARATUS FOR SCHEDULING A HETEROGENEOUS COMMUNICATION FLOW - A method and apparatus are provided for scheduling a heterogeneous communication flow. A heterogeneous flow is a flow comprising packets with varying classes or levels of service, which may correspond to different priorities, qualities of service or other service characteristics. When a packet is ready for scheduling, it is queued in order in a flow queue that corresponds to the communication flow. The flow queue then migrates among class queues that correspond to the class or level of service of the packet at the head of the flow queue. Thus, after the head packet is scheduled, the flow queue may be dequeued from its current class queue and requeued at the tail of another class queue. If the subsequent packet has the same classification, it may be requeued at the tail of the class queue or may remain in place for another servicing round. | 05-07-2015 |
20140331093 | AUTOMATIC PROMPT DETECTION FOR UNIVERSAL DEVICE SUPPORT - Embodiments provide systems, methods, and computer program products for network management application to automatically determine a session prompt for a network device and perform error handling. After logging in to a network device, the network management application records the first session prompt response. The network management application sends a series of empty carriage returns and random characters and records the session prompt responses. The network management application compares the responses and determines whether the prompt is a static or a dynamic prompt based on the results. The network management application elicits error responses from the network device by sending additional random characters and records the results in an error handling dictionary. The error handling dictionary is used later when running user-provided commands, enabling a determination of whether a command executed successfully. | 11-06-2014 |
20140282431 | NATIVE CODE PROFILER FRAMEWORK - Embodiments provide systems, methods, and computer program products for dynamically hooking multiple levels of application code. A server receives identifying information that identifies a target function of a target application to hook. The server pauses a target process of the target application. The server locates the target function within the target application code based on the received identifying information. The server then hooks the located function outside of the target application, thereby creating hooked code during application runtime. | 09-18-2014 |
20140280929 | MULTI-TIER MESSAGE CORRELATION - A system and method determines correlations within multi-tier communications based on repeated iterations/episodes of executions of a target application. Content-based correlations are determined by encoding the content using a finite alphabet, then searching for similar sequences among the multiple traces. By encoding the content to a finite alphabet, common pattern matching techniques may be used, including, for example, DNA alignment algorithms. To facilitate alignment of the traces, structural and/or semantic breakpoints are defined, and the encoding in each trace is synchronized to these breakpoints. To facilitate efficient processing, a hierarchy of causality among tier-pairs is identified, and messages at lower levels are ranked and temporally filtered, based on activity intervals at higher levels of the hierarchy. | 09-18-2014 |
20140280386 | Persisting Large Volumes of Data in an Efficient, Unobtrusive Manner - Embodiments provide a data persisting mechanism that allows for efficient, unobtrusive persisting of large volumes of data while optimizing the use of system resources by the persisting process. In an embodiment, the persisting process includes a self-tuning algorithm that constantly monitors persistence performance and that adjusts persistence time to maintain performance within user-defined criteria. From one aspect, this allows the persisting process to seamlessly adapt to changes in system environment (speeding up persistence during times of low processor usage and slowing down persistence during times of high processor usage) and to reduce or eliminate CPU spikes caused by persisting process. From another aspect, the persisting process results in the data being persisted as quickly as possible given the system constraints, thereby minimizing the possibility of data loss. | 09-18-2014 |
20140236878 | INFERRING CONNECTIVITY IN THE PRESENCE OF CONFLICTING NETWORK DATA - The connectivity information provided by a variety of inference engines is integrated to provide a set of inferred links within a network. A consolidation is performed among inference engines that operate at a base level of connectivity detail to create a model of the network at this base level. The connectivity information provided by inference engines at each subsequent higher level of connectivity abstraction is then overlaid on the base level connectivity. By separately consolidating the connectivity information at each level of abstraction, the rules for dealing with conflicts can be simplified and/or better focused to resolve the conflict. By assuming that the more detailed lower level information is likely to be more accurate, rules can be developed to modify the connectivity models produced by the higher level techniques to conform to the lower level connectivity details while still maintaining the integrity of the higher level connectivity models. | 08-21-2014 |
20140211805 | NETWORK MULTI-PATH DISCOVERY - Potential paths between a source and destination of a network are identified based on trace-route information, then filtered to eliminate paths or links that are not supported by ancillary information associated with the network so as to identify feasible/actual paths between the source and destination. The ancillary information includes, for example, routing tables and ARP tables. If a feasible path cannot be identified based on the ancillary information, supplemental information regarding nodes further along the potential path is assessed to provide a basis for inferring the nodes that may provide a feasible path. The determined feasible paths are displayed for review, and provided to serve as filters for subsequent path-analysis tools. | 07-31-2014 |
20140201359 | STITCHING TOGETHER PARTIAL NETWORK TOPOLOGIES - A method and system that takes advantage of processes that are efficient for determining the topology of small to medium size networks to determine individual network topologies for such networks, and then merges these individual topologies into a consolidated topology for the entire network. Each of the processes that determines the topology of the smaller networks provides the determined network topology, as well as a list of factors that may be relevant in the determination of how the given topology might be attached to any other given topology, such as the identification of a node that is not included in the given topology, or other indications of external connections. The merging process is configured to substantially restrict its analysis to these factors, thereby limiting the extent, and therefore the time consumed, by this stitching and merging process. | 07-17-2014 |
20140172941 | CAPTURE, ANALYSIS, AND VISUALIZATION OF CONCURRENT SYSTEM AND NETWORK BEHAVIOR OF AN APPLICATION - A first capture system that captures network communication events related to an application, and a second capture system that captures internal processing events related to the application. A visualization system analyzes the data captured by each of the capture systems, synchronizes and correlates the data, and presents an integrated display of these communication and processing events. In a preferred embodiment, the communicated messages include an identifier of the application, and the processing components also associate an identifier of the application to each recorded processing event. To facilitate the integrated display of the events, the visualization system synchronizes the recorded communication and processing events to a common time base. | 06-19-2014 |
20140156836 | COOPERATIVE PROXY AUTO-DISCOVERY AND CONNECTION INTERCEPTION - In a network supporting transactions between clients and servers and proxies that are interposable in a network path, a pair of proxies can modify a packet stream such that packet data from client to server is transformed at a client-side proxy of the pair and untransformed at a server-side of the pair and packet data from server to client is transformed at the server-side proxy and untransformed at the client-side proxy. A discovering proxy transparently discovers its position in a proxy pair by using proxy signals. A discovering proxy might determine that it is a client-side proxy by receipt of a packet from client without a proxy signal, or that it is a server-side proxy by receipt of a packet from server without a return proxy signal. Once a proxy pair is discovered, it might transform traffic from server to client or vice versa, transforming and untransforming the traffic. | 06-05-2014 |
20140153396 | DETECTING OUTLIERS IN NETWORK TRAFFIC TIME SERIES - According to an aspect of the invention, a system and method is configured to detect time series outliers in network traffic. | 06-05-2014 |
20140143306 | Address Manipulation to Provide for the Use of Network Tools Even When Transaction Acceleration is in Use Over a Network - In address-manipulation enabled transaction accelerators, the transaction accelerators include outer-connection addressing information in packets emitted over an inner connection between transaction accelerators and inner-connection addressing information is added in packets sent over the inner connection. The inner-connection addressing information can be carried in TCP option fields, directly in other fields, or indirectly through data structures maintained by the endpoints processing the connection. Address information can be encoded into header fields originally intended for other purposes but that are unused or encoded into used fields, overlaid in combination with other data that is being carried in those used fields. The existence of inner-connection addressing information in a packet can be signaled by a flag in the packet, by a bit or other designated encoding. The flag can be in an unused header field or overlaid. Where replacement and option addition is needed, swappers and unswappers might be used. | 05-22-2014 |
20140137117 | VIRTUALIZATION PLANNING SYSTEM - An interactive virtualization management system provides an assessment of proposed or existing virtualization schemes. A Virtual Technology Overhead Profile (VTOP) is created for each of a variety of configurations of host computer systems and virtualization technologies by measuring the overhead experienced under a variety of conditions. The multi-variate overhead profile corresponding to each target configuration being evaluated is used by the virtualization management system to determine the overhead that is to be expected on the target system, based on the particular set of conditions at the target system. Based on these overhead estimates, and the parameters of the jobs assigned to each virtual machine on each target system, the resultant overall performance of the target system for meeting the performance criteria of each of the jobs in each virtual machine is determined, and over-committed virtual machines and computer systems are identified. | 05-15-2014 |
20140137083 | INSTRUMENTING COMPUTER PROGRAM CODE BY MERGING TEMPLATE AND TARGET CODE METHODS - Embodiments provide systems, methods, and computer program products for instrumenting software application code. A target method and a template method may each be elevated to respective linked lists that maintain offsets in a relative relationship using pointers. The lists are merged and converted back to byte code as an instrumented method. | 05-15-2014 |
20140136691 | APPLICATION MONITORING OF RELATED ACTIVITIES ACROSS MULTIPLE THREADS - Embodiments provide systems, methods, and computer program products for monitoring application performance in multithreaded environments. Monitoring data may be inserted into data structures that propagate and persist between threads involved in a processing event. Data related to specific methods executing on each thread may be output to a trace file. The trace file may be analyzed for application performance by associating the threads that contain the same tracking data from the propagated data structure. | 05-15-2014 |
20140133349 | TRAFFIC FLOW INFERENCE BASED ON LINK LOADS AND GRAVITY MEASURES - Traffic flow between each pair of nodes in a network may be modeled based on loads measured at each link and based on gravity measures associated with each node. Gravity measures correspond to a relative likelihood of the node being a source or a sink of traffic. Gravity objectives are assigned to nodes to serve as an objective for a node's performance. These gravity objectives may be based on qualitative characteristics associated with each node. Because the assigned gravity objectives may be subjective, the gravity measures are used to generate a quantitative function for determining whether a network can achieve these gravity objectives. In one embodiment, link loads are allocated to traffic flows between nodes and current gravity measures are determined. Changes to link loads and traffic flows may then be modeled to minimize a difference between the assigned gravity measures and the gravity measures. | 05-15-2014 |
20140129793 | MEMORY UTILIZATION ANALYSIS - The performance of a monitored system is profiled based on sampling a portion of its operations. In one embodiment, the monitored system allocates memory for objects created as instances of classes and automatically performs regular garbage collection to reclaim memory. A variety of sampling techniques are used to minimize the impact on the performance of the monitored system. Characteristic memory utilization patterns can then be estimated for classes based on the samples. The patterns may be presented to a user for review and analysis. Characteristics of the monitored system's performance may be presented in an interactive interface that allows the user to trace the cause of the presented memory utilization patterns, and provides statistics regarding memory allocation and release to guide the user in this analysis. | 05-08-2014 |
20140122712 | WEB TRANSACTION ANALYSIS - Individual network activities are correlated to interactions with a target web page to facilitate an analysis of the performance of the web page. This correlation is preferably performed using a combination of heuristics and rules developed to filter network activities into those activities that are likely to have been caused by the particular transaction, and those that are unlikely to be associated with that transaction. The activities that are identified as being associated with the transaction are subsequently organized to identify a time-flow of these activities within the transaction, from which performance statistics can be determined and presented to a user. Because the individual activities within the transaction are identified and time-ordered, an analysis of the effects of each activity on the overall performance of the web page can be performed to identify potential problem areas, or to diagnose reported problems. | 05-01-2014 |
20140071824 | SERIAL CLUSTERING - Serial clustering uses two or more network devices connected in series via a local and/or wide-area network to provide additional capacity when network traffic exceeds the processing capabilities of a single network device. When a first network device reaches its capacity limit, any excess network traffic beyond that limit is passed through the first network device unchanged. A network device connected in series with the first network device intercepts and will process the excess network traffic provided that it has sufficient processing capacity. Additional network devices can process remaining network traffic in a similar manner until all of the excess network traffic has been processed or until there are no more additional network devices. Network devices may use rules to determine how to handle network traffic. Rules may be based on the attributes of received network packets, attributes of the network device, or attributes of the network. | 03-13-2014 |
20140056180 | LINK INFERENCE IN LARGE NETWORKS - A network is partitioned into a set of independent partitions, and the topology of each partition is determined, then merged to form a topology of the entire network. Preferably, the partitioning is hierarchical, wherein the network is partitioned to form individual VLAN partitions, and each of the VLAN partitions is further partitioned based on the nodes that are simply connected to each port of one or more selected root switches within the VLAN partition. Simple connections to each port are efficiently determined based on an aggregate address forwarding table associated with each node. Ancillary information, such as spanning tree or CDP data, may be used to facilitate efficient partitioning and/or to validate inferences that are made with incomplete information. | 02-27-2014 |
20140036688 | METHOD AND SYSTEM FOR MANAGING A DISTRIBUTED NETWORK OF NETWORK MONITORING DEVICES - Network traffic information for nodes of a first logical hierarchy is stored at a monitoring device according to ranks of the nodes within the logical hierarchy as determined by each node's position therein and user preferences. At least some of the network traffic information stored at the network monitoring device may then be reported to another network monitoring device, where it can be aggregated with similar information from other network monitoring devices. Such reporting may occur according to rankings of inter-node communication links between nodes of different logical hierarchies of monitored nodes. | 02-06-2014 |
20140022944 | End-to-End Analysis of Transactions in Networks with Traffic-Altering Devices - In a network that includes intermediary nodes, such as WAN accelerators, that transform messages between nodes, an end-to-end path of the messages is determined. The determined end-to-end path is used in subsequent analyses of message traces, to identify timing and other factors related to the performance of the network relative to the propagation of these messages, including the propagation of the transformed messages. A variety of techniques are presented for determining the path of the messages, depending upon the characteristics of the collected trace data. Upon determining the message path, the traces are synchronized in time and correlations between the connections along the path are determined, including causal relationships. In a preferred embodiment, a user identifies an application process between or among particular nodes of a network, and the system provides a variety of formats for viewing statistics related to the performance of the application on the network. | 01-23-2014 |
20140019519 | RELIABILITY AND AVAILABILITY OF DISTRIBUTED SERVERS - A system of network proxies distributes data to multiple servers. Each network proxy is associated with a server. A network proxy intercepts a client request for data. If the network proxy determines that the request can be served using a copy of data stored on the local server, rather than the data stored on a remote server, it diverts the request to the local server. If the network proxy determines that the request cannot be served using a data from the local server, the network proxy diverts the request to a remote server storing the primary copy of the data. A server map specifies the locations of the primary copies of data. When a primary copy of data is updated on one of the servers, the associated network proxy propagates the updated data to the other servers. The servers can provide data from files, e-mail services, databases, or multimedia services. | 01-16-2014 |
20140013310 | Selective Monitoring of Software Applications - Au application monitoring system autonomously selects routines for performance monitoring based on characteristics of the content of the routines. These characteristics are preferably related to aspects of routines that are likely candidates for performance improvement, such as repetitive loops, event waits, synchronized blocks, and on. Routines that appear to be relatively un-improvable are excluded from initial monitoring, and routines that are subsequently determined to be relatively un-improvable, based on performance analysis and/or user feedback, are excluded from future monitoring. The determination of each routine's candidacy for monitoring is maintained over time, so that each subsequent monitoring session need not repeat the determinations. Changed routines are routinely re-monitored and/or re-assessed to affirm or modify the routine's candidacy for subsequent monitoring. | 01-09-2014 |
20130304902 | Cooperative Proxy Auto-Discovery and Connection Interception - In a network supporting transactions between clients and servers and proxies that are interposable in a network path, a pair of proxies can modify a packet stream such that packet data from client to server is transformed at a client-side proxy of the pair and untransformed at a server-side of the pair and packet data from server to client is transformed at the server-side proxy and untransformed at the client-side proxy. A discovering proxy transparently discovers its position in a proxy pair by using proxy signals. A discovering proxy might determine that it is a client-side proxy by receipt of a packet from client without a proxy signal, or that it is a server-side proxy by receipt of a packet from server without a return proxy signal. Once a proxy pair is discovered, it might transform traffic from server to client or vice versa, transforming and untransforming the traffic. | 11-14-2013 |
20130297855 | ENSURING WRITE OPERATION CONSISTENCY USING MULTIPLE STORAGE DEVICES - Relatively small capacity solid-state storage devices (SSD) are combined with larger capacity magnetic disk storage devices for storing storage block write data to ensure data consistency. Write operations are stored in a sequential write buffer in an SSD to guarantee the storage of write data and then copied from the sequential write buffer to the destination address in a magnetic disk storage device. The sequential write buffer store write data in locations corresponding to the order of receipt of write operations. Write data from the sequential write buffer is transferred to the magnetic disk storage device in the same order and a checkpoint index is frequently updated to indicate the completion of some transfers. During system initialization, the most recent value of the checkpoint index is retrieved and used as a starting location for transferring write data from the sequential write buffer to the magnetic disk storage device. | 11-07-2013 |
20130297854 | ENSURING WRITE OPERATION CONSISTENCY USING RAID STORAGE DEVICES - Solid-state storage devices (SSD) are combined with larger capacity magnetic disk-based RAID arrays for storing write data to ensure data consistency across multiple RAID disks. Write operations are stored in a sequential write buffer in at least one SSD to guarantee their storage and then copied from the sequential write buffer to the destination address in RAID array. The sequential write buffer stores write data in locations corresponding to the order of receipt of write operations. Write data from the sequential write buffer is transferred to the RAID array in the same order and a checkpoint index is frequently updated to indicate the completion of some transfers. During system initialization, a copy of the sequential write buffer and its associated checkpoint index are retrieved and used as a starting location for transferring write data from the sequential write buffer to the magnetic disk storage devices in the RAID array. | 11-07-2013 |
20130246508 | TRANSACTION ACCELERATION FOR CLIENT-SERVER COMMUNICATION SYSTEMS - Self-discovering transaction accelerators improve communications between a client and a server. A client directs a message to a server. A client-side transaction accelerator intercepts the message, terminates the connection with the client, and accelerates the request by replacing segments of data with references. The accelerated request is forwarded to a server-side transaction accelerator through a new connection. The server-side transaction accelerator reconstructs the message by replacing the reference with segment data in a persistent segment store accessible to the server-side transaction accelerator. The reconstructed request is then provided to the server. Accelerations may occur in any direction of communication. Persistent segment stores can be pre-populated with segment data from other transaction accelerators and anticipated transactions. The persistent segment store can store segments that are data segmented based on content of the data and can be independent of transaction protocol, application, and device. | 09-19-2013 |
20130232215 | VIRTUALIZED DATA STORAGE SYSTEM ARCHITECTURE USING PREFETCHING AGENT - Virtual storage arrays consolidate data storage from branch locations at data centers. The virtual storage array appears to storage clients as a local data storage; however, the virtual storage array data is actually stored at a data center. To overcome the bandwidth and latency limitations of wide area networks between branch locations and the data center, systems and methods predict, prefetch, and cache at the branch location storage blocks that are likely to be requested in the future by storage clients. When this prediction is successful, storage block requests are fulfilled from branch locations' storage block caches. Predictions may leverage an understanding of the semantics and structure of the high-level data structures associated with the storage blocks. Prefetching agents on storage clients monitor storage requests to determine the associations between requested storage blocks and the corresponding high-level data structures as well as other attributes useful for prediction. | 09-05-2013 |
20130167232 | EVENT DETECTION/ANOMALY CORRELATION HEURISTICS - A system for detecting network intrusions and other conditions in a network is described. The system includes a plurality of collector devices that are disposed to collect data and statistical information on packets that are sent between nodes on a network. An aggregator device is disposed to receive data and statistical information from the plurality of collector devices. The aggregator device produces a connection table that maps each node on the network to a record that stores information about traffic to or from the node. The aggregator runs processes that determine network events from aggregating of anomalies into network events. | 06-27-2013 |
20130145036 | CONNECTION FORWARDING - Two or more network traffic processors connected with the same LAN and WAN are identified as neighbors. Neighboring network traffic processors cooperate to overcome asymmetric routing, thereby ensuring that related sequences of network traffic are processed by the same network proxy. A network proxy can be included in a network traffic processor or as a standalone unit. A network traffic processor that intercepts a new connection initiation by a client assigns a network proxy to handle all messages associated with that connection. The network traffic processor conveys connection information to neighboring network traffic processors. The neighboring network traffic processors use the connection information to redirect network traffic associated with the connection to the assigned network proxy, thereby overcoming the effects of asymmetric routing. The assigned network proxy handles redirected network traffic in much the same way that it would handle network traffic received directly. | 06-06-2013 |
20130114439 | AUTOMATIC FRAMING SELECTION - Network traffic is monitored and an optimal framing heuristic is automatically determined and applied. Framing heuristics specify different rules for framing network traffic. While a framing heuristic is applied to the network traffic, alternative framing heuristics are speculatively evaluated for the network traffic. The results of these evaluations are used to rank the framing heuristics. The framing heuristic with the best rank is selected for framing subsequent network traffic. Each client/server traffic flow may have a separate framing heuristic. The framing heuristics may be deterministic based on byte count and/or time or based on traffic characteristics that indicate a plausible point for framing to occur. The choice of available framing heuristics may be determined partly by manual configuration, which specifies which framing heuristics are available, and partly by automatic processes, which determine the best framing heuristic to apply to the current network traffic from the set of available framing heuristics. | 05-09-2013 |
20130103854 | ROUTING NETWORK TRAFFIC - A traffic manager ( | 04-25-2013 |
20130091273 | Cooperative Proxy Auto-Discovery and Connection Interception Through Network Address Translation - Proxy devices associate their direct connection with a client/server connection passing through one or more NAT devices. First proxy device receives a network connection request from a client. First proxy device stores connection information in association with a connection identifier. Connection information may reflect the usage of NAT devices between the two proxy devices. First proxy device sends a connection response including the connection identifier to the client. Second proxy device sends a direct connection request to first proxy device to establish a direct connection. Direct connection request includes the connection identifier, which is used by first proxy device to associate the direct connection with stored connection information. First proxy device may use the connection information to direct network traffic received via this direct connection to the correct destination and to divert network traffic from the server to the client through the direct connection and first and second proxy devices. | 04-11-2013 |
20130086264 | Optimized Prefetching of Compound Data - Access to compound data over a wide-area network is optimized by analyzing metadata within compound data to identify internal and external data streams to be prefetched. Upon receiving or intercepting a network packet including an access request for a data resource, metadata in this data resource is analyzed to identify associated data streams and their storage locations within and/or outside of the data resource. Data streams may be proactively or reactively prefetched. Proactive prefetching identifies and retrieves data streams or portions thereof likely to be accessed by a client based on attributes associated with the data resource. Reactive prefetching identifies portions of data streams associated with received access requests and retrieves additional portions of these data streams. Prefetched data streams or portions thereof are stored in a data storage on the same local network or near to the local network including the client. | 04-04-2013 |
20130070622 | Distributed Network Traffic Data Collection and Storage - Network traffic information from multiple sources, at multiple time scales, and at multiple levels of detail are integrated so that users may more easily identify relevant network information. The network monitoring system stores and manipulates low-level and higher-level network traffic data separately to enable efficient data collection and storage. Packet traffic data is collected, stored, and analyzed at multiple locations. The network monitoring locations communicate summary and aggregate data to central modules, which combine this data to provide an end-to-end description of network traffic at coarser time scales. The network monitoring system enables users to zoom in on high-level, coarse time scale network performance data to one or more lower levels of network performance data at finer time scales. When high-level network performance data of interest is selected, corresponding low-level network performance data is retrieved from the appropriate distributed network monitoring locations to provide additional detailed information. | 03-21-2013 |
20130070608 | Identifying Related Network Traffic Data for Monitoring and Analysis - Network traffic information from multiple sources, at multiple time scales, and at multiple levels of detail are integrated so that users may more easily identify relevant network information. The network monitoring system stores and manipulates low-level and higher-level network traffic data separately to enable efficient data collection and storage. Packet traffic data is collected, stored, and analyzed at multiple locations. The network monitoring locations communicate summary and aggregate data to central modules, which combine this data to provide an end-to-end description of network traffic at coarser time scales. The network monitoring system enables users to zoom in on high-level, coarse time scale network performance data to one or more lower levels of network performance data at finer time scales. When high-level network performance data of interest is selected, corresponding low-level network performance data is retrieved from the appropriate distributed network monitoring locations to provide additional detailed information. | 03-21-2013 |
20130067034 | Accessing Network Traffic Data at Multiple Time Scales and Levels of Detail - Network traffic information from multiple sources, at multiple time scales, and at multiple levels of detail are integrated so that users may more easily identify relevant network information. The network monitoring system stores and manipulates low-level and higher-level network traffic data separately to enable efficient data collection and storage. Packet traffic data is collected, stored, and analyzed at multiple locations. The network monitoring locations communicate summary and aggregate data to central modules, which combine this data to provide an end-to-end description of network traffic at coarser time scales. The network monitoring system enables users to zoom in on high-level, coarse time scale network performance data to one or more lower levels of network performance data at finer time scales. When high-level network performance data of interest is selected, corresponding low-level network performance data is retrieved from the appropriate distributed network monitoring locations to provide additional detailed information. | 03-14-2013 |
20130064096 | Multilevel Monitoring System Architecture - Network traffic information from multiple sources, at multiple time scales, and at multiple levels of detail are integrated so that users may more easily identify relevant network information. The network monitoring system stores and manipulates low-level and higher-level network traffic data separately to enable efficient data collection and storage. Packet traffic data is collected, stored, and analyzed at multiple locations. The network monitoring locations communicate summary and aggregate data to central modules, which combine this data to provide an end-to-end description of network traffic at coarser time scales. The network monitoring system enables users to zoom in on high-level, coarse time scale network performance data to one or more lower levels of network performance data at finer time scales. When high-level network performance data of interest is selected, corresponding low-level network performance data is retrieved from the appropriate distributed network monitoring locations to provide additional detailed information. | 03-14-2013 |
20130041940 | TRANSACTION ACCELERATOR FOR CLIENT-SERVER COMMUNICATIONS SYSTEMS - For an accelerated transaction, a client directs a request to a client-side transaction handler that forwards the request to a server-side transaction handler, which in turn provides the request, or a representation thereof, to a server for responding to the request. The server sends the response to the client via the server-side transaction handler and the client-side transaction handler. When data is to be sent between handlers, the sending transaction handler compares data segments with segments stored in its persistent segment storage and replaces segments with references to entries in its persistent segment storage that match or closely match the segments to be replaced. The transaction accelerators could handle multiple clients and/or multiple servers and the segments stored in the persistent segment stores can relate to different transactions, different clients and/or different servers. Persistent segment stores can be prepopulated with segment data from other transaction accelerators. | 02-14-2013 |
20120209959 | TRANSACTION ACCELERATOR FOR CLIENT-SERVER COMMUNICATION SYSTEMS - In a network having transaction acceleration, for an accelerated transaction, a client directs a request to a client-side transaction handler that forwards the request to a server-side transaction handler, which in turn provides the request, or a representation thereof, to a server for responding to the request. The server sends the response to the server-side transaction handler, which forwards the response to the client-side transaction handler, which in turn provides the response to the client. | 08-16-2012 |
20120197965 | TRANSACTION ACCELERATOR FOR CLIENT-SERVER COMMUNICATIONS SYSTEMS - Self-discovering transaction accelerators improve communications between a client and a server. A client directs a message to a server. A client-side transaction accelerator intercepts the message, terminates the connection with the client, and accelerates the request by replacing segments of data with references. The accelerated request is forwarded to a server-side transaction accelerator through a new connection. The server-side transaction accelerator reconstructs the message by replacing the reference with segment data in a persistent segment store accessible to the server-side transaction accelerator. The reconstructed request is then provided to the server. Accelerations may occur in any direction of communication. Persistent segment stores can be pre-populated with segment data from other transaction accelerators and anticipated transactions. The persistent segment store can store segments that are data segmented based on content of the data and can be independent of transaction protocol, application, and device. | 08-02-2012 |
20120166661 | CONNECTION FORWARDING - Two or more network traffic processors connected with the same LAN and WAN are identified as neighbors. Neighboring network traffic processors cooperate to overcome asymmetric routing, thereby ensuring that related sequences of network traffic are processed by the same network proxy. A network proxy can be included in a network traffic processor or as a standalone unit. A network traffic processor that intercepts a new connection initiation by a client assigns a network proxy to handle all messages associated with that connection. The network traffic processor conveys connection information to neighboring network traffic processors. The neighboring network traffic processors use the connection information to redirect network traffic associated with the connection to the assigned network proxy, thereby overcoming the effects of asymmetric routing. The assigned network proxy handles redirected network traffic in much the same way that it would handle network traffic received directly. | 06-28-2012 |
20120096237 | METHOD OF IMPROVING PERFORMANCE OF A DATA STORAGE DEVICE - Methods are provided for efficiently storing data to a data storage device or subsystem. The data storage device may be a Solid-State Device (SSD), and may be implemented as part of a RAID (Redundant Array of Independent Disks) or other subsystem. When existing data is read and updated, and must be re-stored, the data is assembled and stored as if it were new data, and is written in a sequential manner, instead of being written to the same storage location. A newer generation number distinguishes it from the previous version. If the storage subsystem employs data striping, stripe size may be matched with the size of a logical collection of data (e.g., an extent), so that each such logical collection of data is wholly stored on just device in the storage subsystem. Concurrent device access may be supported by concurrently writing substripes of data to each device/extent. | 04-19-2012 |
20120084465 | TRANSACTION ACCELERATOR FOR CLIENT-SERVER COMMUNICATIONS SYSTEMS - Transactions are accelerated by the transaction handlers by storing segments of data used in the transactions in persistent segment storage accessible to the server side transaction handler and in persistent segment storage accessible to the client side transaction handler. When data is to be sent between the transaction handlers, the sending transaction handler compares the segments of the data to be sent with segments stored in its persistent segment storage and replaces segments of data with references to entries in its persistent segment storage that match or closely match the segments of data to be replaced. The receiving transaction store reconstructs the data sent by replacing segment references with corresponding segment data from its persistent segment storage. | 04-05-2012 |
20120084261 | CLOUD-BASED DISASTER RECOVERY OF BACKUP DATA AND METADATA - Cloud storage services can be used to facilitate secondary backup and disaster data recovery without the need for specialized backup servers at the secondary location or cloud storage service. Backup data streams are transferred to a cloud storage service. In addition to the backup data streams, backup metadata is generated for each backup data stream. The backup metadata is adapted to configure a backup server to retrieve and access data in the backup data stream. The backup metadata is also transferred to the cloud storage service. To access data from the backup data stream, a recovery backup system is connected with the cloud storage service. Backup metadata is transferred from the cloud storage service to the recovery backup system. The recovery backup system is updated with the backup metadata, which configures the recovery backup system to retrieve and access data in the backup data stream. | 04-05-2012 |
20120078995 | SYSTEM AND METHOD FOR WARMING AN OPTIMIZATION DEVICE - A system and method are provided for warming a network intermediary (e.g., a proxy, a transaction accelerator) to enable it to provide effective optimization (e.g., data reduction) without a cold start. When a pair of network intermediaries cooperate to optimize a communication connection (e.g., between a client and a server), either or both intermediaries may form branch channels with one or more peers. Via these branch channels, the intermediaries may forward optimization information such as data references received from the other intermediary (i.e., in place of data segments, as part of a data reduction scheme), and/or resolve unknown references. | 03-29-2012 |
20120066337 | TIERED STORAGE INTERFACE - The cloud storage services are extended with a cloud storage service access protocol that enables users to specify a desired storage tier for each data stream. In response to receiving storage tier specifiers via the protocol, the cloud storage service performs storage operations to identify target storage devices having attributes matching those associated with the requested storage tier. The cloud storage service stores a data stream from the storage client in the identified target storage device associated with the desired storage tier. Storage tiers can be defined based on criteria including capacity costs; access latency; availability; activation state; bandwidth and/or transfer rates; and data replication. The cloud storage service protocol allows data streams to be transferred between storage tiers, storage devices to be activated or deactivated, and data streams to be prefetched and cached. The cloud storage services may charge storage clients based on storage tier use and associated operations. | 03-15-2012 |
20120030456 | Booting Devices Using Virtual Storage Arrays Over Wide-Area Networks - Virtual storage arrays consolidate data storage at a data center for physical and virtual computer systems at one or more branch network locations. Standalone and virtualized computer systems at a branch network location load, execute, and store their operating systems, applications, and data using virtual storage arrays and do not require any built-in or external non-volatile data storage devices such as hard disk drives or solid-state drives at the branch network location. The virtual disks of the virtual storage array are mapped to physical data storage at the data center and accessed via a WAN using storage block-based protocols. A storage block cache at the branch network location includes storage blocks prefetched based on knowledge about the computer systems at the branch network location and the behavior of their operating systems and applications. | 02-02-2012 |
20110276963 | Virtual Data Storage Devices and Applications Over Wide Area Networks - A virtualization system provides virtualized servers at a branch network location. Virtualized servers are implemented using virtual machine applications within the virtualization system. Data storage for the virtualized servers, including storage of the virtual machine files, is consolidated at a data center network location. The virtual disks of the virtualized servers are mapped to physical data storage at the data center and accessed via a WAN using storage block-based protocols. The virtualization system accesses a storage block cache at the branch network location that includes storage blocks prefetched based on knowledge about the virtualized servers. The virtualization system can include a virtual LAN directing network traffic between the WAN, the virtualized servers, and branch location clients. The virtualized servers, virtual LAN, and virtual disk mapping can be configured remotely via a management application. The management application may use templates to create multiple instances of common branch location configurations. | 11-10-2011 |
20110267207 | CONTENT-BASED SEGMENTATION SCHEME FOR DATA COMPRESSION IN STORAGE AND TRANSMISSION INCLUDING HIERARCHICAL SEGMENT REPRESENTATION - In a coding system, input data within a system is encoded. The input data might include sequences of symbols that repeat in the input data or occur in other input data encoded in the system. The encoding includes determining a target segment size, determining a window size, identifying a fingerprint within a window of symbols at an offset in the input data, determining whether the offset is to be designated as a cut point and segmenting the input data as indicated by the set of cut points. For each segment so identified, the encoder determines whether the segment is to be a referenced segment or an unreferenced segment, replacing the segment data of each referenced segment with a reference label and storing a reference binding in a persistent segment store for each referenced segment, if needed. Hierarchically, the process can be repeated by grouping references into groups, replacing the grouped references with a group label, storing a binding between the grouped references and group label, if one is not already present, and repeating the process. The number of levels of hierarchy can be fixed in advanced or it can be determined from the content encoded. | 11-03-2011 |
20110264810 | ESTABLISHING A SPLIT-TERMINATED COMMUNICATION CONNECTION THROUGH A STATEFUL FIREWALL, WITH NETWORK TRANSPARENCY - A method and apparatus are provided for establishing a split-terminated client-server communication connection through a stateful firewall, with network transparency. In an environment in which a pair of network intermediaries is employed to optimize client-server communications, a first intermediary intercepts a client request for a new connection. The first intermediary probes the network for a counterpart near the server, and opens an optimized communication session with a second intermediary that responds affirmatively. Some or all client-server communications that transit the intermediaries' session are accelerated or otherwise optimized. The first intermediary's probe uses the client's source address, but a different port number, while the optimized intermediary session is opened using the client's source address and source port. Therefore, a network monitoring tool can monitor the end-to-end connection, and the stateful firewall will not reject the optimized session. | 10-27-2011 |
20110238775 | Virtualized Data Storage Applications and Optimizations - Virtual storage arrays consolidate branch data storage at data centers connected via wide area networks. Virtual storage arrays appear to storage clients as local data storage, but actually store data at the data center. Virtual storage arrays may prioritize storage client and prefetching requests for communication over the WAN and/or SAN based on their associated clients, servers, storage clients, and/or applications. A virtual storage array may transfer large data sets from a data center to a branch location while providing branch location users with immediate access to the data set stored at the data center. Virtual storage arrays may be migrated by disabling a virtual storage array interface at a first branch location and then configuring another branch virtual storage array interface at a second branch location to provide its storage clients with access to storage array data stored at the data center. | 09-29-2011 |
20110238738 | Rules-Based Transactions Prefetching Using Connection End-Point Proxies - Network proxies reduce server latency in response to series of requests from client applications. Network proxies intercept messages clients and a server. Intercepted client requests are compared with rules. When client requests match a rule, additional request messages are forwarded to the server on behalf of a client application. In response to the additional request messages, the server provides corresponding response messages. A network proxy intercepts and caches the response messages. Subsequent client requests are intercepted by the network application proxy and compared with the cached messages. If a cached response message corresponds with a client request message, the response message is returned to the client application immediately instead of re-requesting the same information from the server. A server-side network proxy can compare client requests with the rules and send additional request messages. The corresponding response messages can be forwarded to a client-side network proxy for caching. | 09-29-2011 |
20110161723 | DISASTER RECOVERY USING LOCAL AND CLOUD SPANNING DEDUPLICATED STORAGE SYSTEM - A spanning storage interface facilitates the use of cloud storage services by storage clients and may perform data deduplication. The spanning storage interface may include local storage for caching data from storage clients. A disaster recovery application includes at least first and second spanning storage interfaces at first and second network locations. The second spanning storage interface is provided for at least disaster recovery operations. The second spanning storage interface includes second local storage for improving data access performance. A copy of the local cache of the first spanning storage interface is transferred to the second local storage while the first network location is operating. In the event of a disaster affecting the first network location, the second spanning storage interface can provide data access to the first network location's data with improved performance from using the copy of local cache in the second local storage. | 06-30-2011 |
20110161297 | CLOUD SYNTHETIC BACKUPS - Synthetic backups are created without accessing previous backup data or retrieving backup data from a cloud storage service. A backup system provides two or more backup data sets to a cloud spanning storage interface for storage in deduplicated form as label maps and data segments in a cloud storage service. A specification defines portions of two or more previous backup data sets to be copied into the synthetic backup. Labels corresponding with the specified portions of previous backup data sets are identified and added to a new label map to create a deduplicated synthetic backup. The completed label map is transferred to the cloud storage service. To provide access to the synthetic backup, the cloud spanning storage interface reconstructs all or a portion of the synthetic backup from the new label map and the data segments created during deduplication of previous backup data sets. | 06-30-2011 |
20110161291 | WAN-OPTIMIZED LOCAL AND CLOUD SPANNING DEDUPLICATED STORAGE SYSTEM - A spanning storage interface facilitates the use of cloud storage services by storage clients. The spanning storage interface presents one or more data interfaces to storage clients at a network location, such as file, object, data backup, archival, and storage block based interfaces. The data interfaces allows storage clients to store and retrieve data using non-cloud based protocols. The spanning storage interface may perform data deduplication on data received from storage clients. The spanning storage interface may transfer the deduplicated version of the data to the cloud storage service. The spanning storage interface may include local storage for storing a copy or all or a portion of the data from storage clients. The local storage may be used as a local cache of frequently accessed data, which may be stored data in its deduplicated form. | 06-30-2011 |
20110116370 | Service Curve Mapping - A method for configuring service curves for managing the output port of a networking device includes the following steps. A multitude of traffic classes is defined, each traffic class being characterized by a bandwidth and a delay priority. A multitude of traffic service curves is computed, each of the plurality of traffic service curves is associated with a different one of the multitude of traffic classes. At least one of the multitude of traffic classes service curves is characterized by a shifted two-piece linear function shifted such that the service curve limits service to during a nonzero time period prior to the start of the two-piece linear function. | 05-19-2011 |
20110047295 | TRANSACTION ACCELERATOR FOR CLIENT-SERVER COMMUNICATIONS SYSTEMS - In a network having transaction acceleration, for an accelerated transaction, a client directs a request to a client-side transaction handler that forwards the request to a server-side transaction handler, which in turn provides the request, or a representation thereof, to a server for responding to the request. The server sends the response to the server-side transaction handler, which forwards the response to the client-side transaction handler, which in turn provides the response to the client. Transactions are accelerated by the transaction handlers by storing segments of data used in the transactions in persistent segment storage accessible to the server-side transaction handler and in persistent segment storage accessible to the client-side transaction handler. When data is to be sent between the transaction handlers, the sending transaction handler compares the segments of the data to be sent with segments stored in its persistent segment storage and replaces segments of data with references to entries in its persistent segment storage that match or closely match the segments of data to be replaced. The receiving transaction store reconstructs the data sent by replacing segment references with corresponding segment data from its persistent segment storage, requesting missing segments from the sender as needed. The transaction accelerators could handle multiple clients and/or multiple servers and the segments stored in the persistent segment stores can relate to different transactions, different clients and/or different servers. Persistent segment stores can be prepopulated with segment data from other transaction accelerators. | 02-24-2011 |
20110004877 | Maintaining Virtual Machines in a Network Device - Network devices include hosted virtual machines and virtual machine applications. Hosted virtual machines and their applications implement additional functions and services in network devices. Network devices include data taps for directing network traffic to hosted virtual machines and allowing hosted virtual machines to inject network traffic. Network devices include unidirectional data flow specifications, referred to as hyperswitches. Each hyperswitch is associated with a hosted virtual machine and receives network traffic received by the network device from a single direction. Each hyperswitch processes network traffic according to rules and rule criteria. A hosted virtual machine can be associated with multiple hyperswitches, thereby independently specifying the data flow of network traffic to and from the hosted virtual machine from multiple networks. The network device architecture also enables the communication of additional information between the network device and one or more virtual machine applications using an extended non-standard network protocol. | 01-06-2011 |
20110004876 | Network Traffic Processing Pipeline for Virtual Machines in a Network Device - Network devices include hosted virtual machines and virtual machine applications. Hosted virtual machines and their applications implement additional functions and services in network devices. Network devices include data taps for directing network traffic to hosted virtual machines and allowing hosted virtual machines to inject network traffic. Network devices include unidirectional data flow specifications, referred to as hyperswitches. Each hyperswitch is associated with a hosted virtual machine and receives network traffic received by the network device from a single direction. Each hyperswitch processes network traffic according to rules and rule criteria. A hosted virtual machine can be associated with multiple hyperswitches, thereby independently specifying the data flow of network traffic to and from the hosted virtual machine from multiple networks. The network device architecture also enables the communication of additional information between the network device and one or more virtual machine applications using an extended non-standard network protocol. | 01-06-2011 |
20110004698 | Defining Network Traffic Processing Flows Between Virtual Machines - Network devices include hosted virtual machines and virtual machine applications. Hosted virtual machines and their applications implement additional functions and services in network devices. Network devices include data taps for directing network traffic to hosted virtual machines and allowing hosted virtual machines to inject network traffic. Network devices include unidirectional data flow specifications, referred to as hyperswitches. Each hyperswitch is associated with a hosted virtual machine and receives network traffic received by the network device from a single direction. Each hyperswitch processes network traffic according to rules and rule criteria. A hosted virtual machine can be associated with multiple hyperswitches, thereby independently specifying the data flow of network traffic to and from the hosted virtual machine from multiple networks. The network device architecture also enables the communication of additional information between the network device and one or more virtual machine applications using an extended non-standard network protocol. | 01-06-2011 |
20110002346 | Extended Network Protocols for Communicating Metadata with Virtual Machines - Network devices include hosted virtual machines and virtual machine applications. Hosted virtual machines and their applications implement additional functions and services in network devices. Network devices include data taps for directing network traffic to hosted virtual machines and allowing hosted virtual machines to inject network traffic. Network devices include unidirectional data flow specifications, referred to as hyperswitches. Each hyperswitch is associated with a hosted virtual machine and receives network traffic received by the network device from a single direction. Each hyperswitch processes network traffic according to rules and rule criteria. A hosted virtual machine can be associated with multiple hyperswitches, thereby independently specifying the data flow of network traffic to and from the hosted virtual machine from multiple networks. The network device architecture also enables the communication of additional information between the network device and one or more virtual machine applications using an extended non-standard network protocol. | 01-06-2011 |
20100318665 | INTERCEPTION OF A CLOUD-BASED COMMUNICATION CONNECTION - Methods and apparatus are provided for intercepting a client-server communication connection in a computing environment. A first network intermediary configured to facilitate optimization of client-server transactions may be installed in a path of communications between the client and the server. A second network intermediary configured to cooperate with the first network intermediary is not in the path of communications between the client and the server. The first network intermediary intercepts a connection request from the client and forwards a modified request toward the server. A module within the server intercepts the connection request and redirects it to the second network intermediary. The client-server connection is thus split-terminated at the two network intermediaries, which establish cooperative sessions between themselves and with the client and with the server. | 12-16-2010 |
20100299525 | METHOD AND APPARATUS FOR SPLIT-TERMINATING A SECURE NETWORK CONNECTION, WITH CLIENT AUTHENTICATION - A method and apparatus are provided for split-terminating a secure client-server communication connection, with client authentication. During handshaking between the client and the server, cooperating network intermediaries relay the handshaking messages, without altering the messages. At least one of the intermediaries possesses a private key of the server, and extracts a set of data fields from the handshaking messages, including a Client-Key-Exchange message that can be decrypted with the private key. The intermediary uses the extracted data to compute the client-server session key separate from the client's and the server's similar computation, and may transmit the key to the other intermediary via a secure communication channel. The client and the server thus establish the end-to-end client-server connection, and may authenticate each other, after which the network intermediaries may intercept and optimize the client-server communications transparently to the client and the server. | 11-25-2010 |
20100268829 | Selecting proxies from among autodiscovered proxies - Network devices include proxies and where multiple proxies are present on a network, they can probe to determine the existence of other proxies. Where more than two proxies are present and thus different proxy pairings are possible, the proxies are programmed to determine which proxies should form a proxy pair. Marked probe packets are used by proxies to discover each other and probing is done such a connection can be eventually formed even if some probe packets fail due to the marking Asymmetric routing can be detected and proxies configured for connection forwarding as necessary. | 10-21-2010 |
20100241807 | VIRTUALIZED DATA STORAGE SYSTEM CACHE MANAGEMENT - Virtual storage arrays consolidate branch data storage at data centers connected via wide area networks. Virtual storage arrays appear to storage clients as local data storage; however, virtual storage arrays actually store data at the data center. The virtual storage arrays overcomes bandwidth and latency limitations of the wide area network by predicting and prefetching storage blocks, which are then cached at the branch location. Virtual storage arrays leverage an understanding of the semantics and structure of high-level data structures associated with storage blocks to predict which storage blocks are likely to be requested by a storage client in the near future. Virtual storage arrays determine the association between requested storage blocks and corresponding high-level data structure entities to predict additional high-level data structure entities that are likely to be accessed. From this, the virtual storage array identifies the additional storage blocks for prefetching. | 09-23-2010 |
20100241726 | Virtualized Data Storage Over Wide-Area Networks - Virtual storage arrays consolidate branch data storage at data centers connected via wide area networks. Virtual storage arrays appear to storage clients as local data storage; however, virtual storage arrays actually store data at the data center. The virtual storage arrays overcomes bandwidth and latency limitations of the wide area network by predicting and prefetching storage blocks, which are then cached at the branch location. Virtual storage arrays leverage an understanding of the semantics and structure of high-level data structures associated with storage blocks to predict which storage blocks are likely to be requested by a storage client in the near future. Virtual storage arrays determine the association between requested storage blocks and corresponding high-level data structure entities to predict additional high-level data structure entities that are likely to be accessed. From this, the virtual storage array identifies the additional storage blocks for prefetching. | 09-23-2010 |
20100241673 | VIRTUALIZED DATA STORAGE SYSTEM ARCHITECTURE - Virtual storage arrays consolidate branch data storage at data centers connected via wide area networks. Virtual storage arrays appear to storage clients as local data storage; however, virtual storage arrays actually store data at the data center. The virtual storage arrays overcomes bandwidth and latency limitations of the wide area network by predicting and prefetching storage blocks, which are then cached at the branch location. Virtual storage arrays leverage an understanding of the semantics and structure of high-level data structures associated with storage blocks to predict which storage blocks are likely to be requested by a storage client in the near future. Virtual storage arrays determine the association between requested storage blocks and corresponding high-level data structure entities to predict additional high-level data structure entities that are likely to be accessed. From this, the virtual storage array identifies the additional storage blocks for prefetching. | 09-23-2010 |
20100241654 | VIRTUALIZED DATA STORAGE SYSTEM OPTIMIZATIONS - Virtual storage arrays consolidate branch data storage at data centers connected via wide area networks. Virtual storage arrays appear to storage clients as local data storage; however, virtual storage arrays actually store data at the data center. Virtual storage arrays overcome bandwidth and latency limitations of the wide area network by predicting and prefetching storage blocks, which are then cached at the branch location. Virtual storage arrays leverage an understanding of the semantics and structure of high-level data structures associated with storage blocks to predict which storage blocks are likely to be requested by a storage client. Virtual storage arrays may use proximity-based, heuristic-based, and access time-based prefetching to predict high-level data structure entities that are likely to be accessed by the storage client. Virtual storage arrays then identify and prefetch storage blocks corresponding with the predicted high-level data structure entities. | 09-23-2010 |
20100228968 | SPLIT TERMINATION OF SECURE COMMUNICATION SESSIONS WITH MUTUAL CERTIFICATE-BASED AUTHENTICATION - A method and apparatus are provided for split-terminating a secure client-server communication connection when the client and server perform mutual authentication by exchanging certificates, such as within a Lotus Notes environment. When the client submits a certificate to the server, an intermediary device intercepts the certificate and submits to the server a substitute client certificate generated by that intermediary. A certificate authority's private key is previously installed on the intermediary to enable it to generate public keys, private keys and digital certificates. With the private key corresponding to the substitute certificate, the intermediary extracts a temporary key from a subsequent server message. The intermediary uses the temporary key to read a session key issued later by the server. Thereafter, the intermediary shares the session key with another intermediary, and together they use the session keys to access and optimize (e.g., accelerate) messages sent by the client and the server. | 09-09-2010 |
20100228867 | ESTABLISHING A SPLIT-TERMINATED COMMUNICATION CONNECTION THROUGH A STATEFUL FIREWALL, WITH NETWORK TRANSPARENCY - A method and apparatus are provided for establishing a split-terminated client-server communication connection through a stateful firewall, with network transparency. In an environment in which a pair of network intermediaries is employed to optimize client-server communications, a first intermediary intercepts a client request for a new connection. The first intermediary probes the network for a counterpart near the server, and opens an optimized communication session with a second intermediary that responds affirmatively. Some or all client-server communications that transit the intermediaries' session are accelerated or otherwise optimized. The first intermediary's probe uses the client's source address, but a different port number, while the optimized intermediary session is opened using the client's source address and source port. Therefore, a network monitoring tool can monitor the end-to-end connection, and the stateful firewall will not reject the optimized session. | 09-09-2010 |
20100088370 | CONTENT DELIVERY FOR CLIENT SERVER PROTOCOLS WITH USER AFFINITIES USING CONNECTION END-POINT PROXIES - In a network supporting transactions between clients and servers over a network path having operating characteristics to overcome, data is transported to overcome the operating characteristics using user affinities and dynamic user location information to selectively preload data, or representations, signatures, segments, etc. of data, in order to overcome the one or more operating characteristic. Examples of operating characteristics to overcome include bandwidth limitations, errors and latency. The dynamic location information can be stored in data structures accessible by agents of a data server and the data structures are populated based on user activities with respect to proxies associated with user locations, or the dynamic location information can be obtained implicitly as proxies maintain connections after termination by clients and the use of those maintained connections for preloading of data for the users associated with those clients. The data being preloaded can be protocol-specific data or protocol-independent data. | 04-08-2010 |
20100088349 | VIRTUAL FILE SYSTEM STACK FOR DATA DEDUPLICATION - A data virtualization storage appliance performs data deduplication transformations on the data. The original or non-deduplicated file system is used as shell to hold the directory/file hierarchy and file metadata. The data of the file system is stored by a separate data storage in a transformed and deduplicated form. The deduplicated data store may be implemented as one or more hidden files. The shell file system preserves the hierarchy structure and potentially the file metadata of the original, non-deduplicated file system in its original format, allowing clients to access file metadata and hierarchy information easily. The data of a file may be removed from the shell file system and replaced with a data layout that specifies the arrangement of deduplicated data segments needed to reconstruct the file data. The data layout associated with a file may be stored in a separate data stream in the shell file system. | 04-08-2010 |
20100082700 | STORAGE SYSTEM FOR DATA VIRTUALIZATION AND DEDUPLICATION - A data virtualization storage appliance performs data deduplication transformations on the data. The original or non-deduplicated file system is used as shell to hold the directory/file hierarchy and file metadata. The data of the file system is stored by a separate data storage in a transformed and deduplicated form. The deduplicated data store may be implemented as one or more hidden files. The shell file system preserves the hierarchy structure and potentially the file metadata of the original, non-deduplicated file system in its original format, allowing clients to access file metadata and hierarchy information easily. The data of a file may be removed from the shell file system and replaced with a data layout that specifies the arrangement of deduplicated data segments needed to reconstruct the file data. The data layout associated with a file may be stored in a separate data stream in the shell file system. | 04-01-2010 |
20100082547 | Log Structured Content Addressable Deduplicating Storage - A log structured content addressable deduplicated data storage system may be used to store deduplicated data. Data to be stored is partitioned into data segments. Each unique data segment is associated with a label. The storage system maintains a transaction log. Mutating storage operations are initiated by storing transaction records in the transaction log. Additional transaction records are stored in the log when storage operations are completed. Upon restarting an embodiment of the data storage system, the transaction records from the transaction logs are replayed to recreate the state of the data storage system. The data storage system updates file system metadata with transaction information while a storage operation associated with the file is being processed. This transaction information serves as atomically updated transaction commit points, allowing fully internally consistent snapshots of deduplicated volumes to be taken at any time. | 04-01-2010 |
20100082529 | Log Structured Content Addressable Deduplicating Storage - A log structured content addressable deduplicated data storage system may be used to store deduplicated data. Data to be stored is partitioned into data segments. Each unique data segment is associated with a label. The storage system maintains a transaction log. Mutating storage operations are initiated by storing transaction records in the transaction log. Additional transaction records are stored in the log when storage operations are completed. Upon restarting an embodiment of the data storage system, the transaction records from the transaction logs are replayed to recreate the state of the data storage system. The data storage system updates file system metadata with transaction information while a storage operation associated with the file is being processed. This transaction information serves as atomically updated transaction commit points, allowing fully internally consistent snapshots of deduplicated volumes to be taken at any time. | 04-01-2010 |
20090157888 | COOPERATIVE PROXY AUTO-DISCOVERY AND CONNECTION INTERCEPTION - In a network supporting transactions between clients and servers and proxies that are interposable in a network path between at least one client and at least one server, wherein a pair of proxies can modify a packet stream between a client and a server such that packet data from the client to the server is transformed at a client-side proxy of the proxy pair and untransformed at a server-side proxy of proxy pair and such that packet data from the server to the client is transformed at the server-side proxy and untransformed at the client-side proxy, a method and apparatus for a discovering proxy to transparently discover its position in a proxy pair by using proxy signals to indicate to other proxies that could pair with the discovering proxy. A discovering proxy might determine that it is a client-side proxy by receipt of a packet from client without a proxy signal. A discovering proxy might determine that it is a server-side proxy by receipt of a packet from server without a return proxy signal. Once a proxy pair is discovered, that proxy pair might transform traffic from the server to the client or vice versa, transforming the traffic at one proxy of the proxy pair and untransforming the traffic at the other proxy of the pair. | 06-18-2009 |
20090144440 | TRANSACTION ACCELERATION USING APPLICATION-SPECIFIC LOCKING - A data access request from an application for access to a data resource is received from a first application. The data access request is analyzed to identify application-specific behavior indicating a type of data access for the data resource. The WAN acceleration functionality of a first device is configured for network traffic optimization based on the type of data access for the data resource. The analysis of the data access request may be based on attributes of the data access request, the data resource, and/or an access control restriction. The network traffic optimization may be adapted to optimize network traffic to a first portion of the data resource that is different than a second portion of the data resource associated with the data access request or to a second data resource separate from the data resource associated with the data access request. | 06-04-2009 |
20090119504 | INTERCEPTING AND SPLIT-TERMINATING AUTHENTICATED COMMUNICATION CONNECTIONS - Systems and methods are provided for enabling optimization of communications within a networked computing environment requiring secure, authenticated client-server communication connections. Optimization is performed by a pair of intermediary network devices installed in a path of communications between the client and the server. A secure, authenticated communication connection between the client and server is split-terminated at a pair of intermediary network devices by intercepting a request from the client for a client-server connection, authenticating the client at the intermediaries, establishing a first secure, authenticated connection to the client, authenticating the client or an intermediary to the server, and establishing a second secure, authenticate connection to the server. Depending on the operative authentication protocol (e.g., NTLM, Kerberos), an intermediary may interface with a domain controller, key distribution center or other entity. | 05-07-2009 |
20090094371 | CONNECTION FORWARDING - Two or more network traffic processors connected with the same LAN and WAN are identified as neighbors. Neighboring network traffic processors cooperate to overcome asymmetric routing, thereby ensuring that related sequences of network traffic are processed by the same network proxy. A network proxy can be included in a network traffic processor or as a standalone unit. A network traffic processor that intercepts a new connection initiation by a client assigns a network proxy to handle all messages associated with that connection. The network traffic processor conveys connection information to neighboring network traffic processors. The neighboring network traffic processors use the connection information to redirect network traffic associated with the connection to the assigned network proxy, thereby overcoming the effects of asymmetric routing. The assigned network proxy handles redirected network traffic in much the same way that it would handle network traffic received directly. | 04-09-2009 |
20090083538 | REDUCING LATENCY OF SPLIT-TERMINATED SECURE COMMUNICATION PROTOCOL SESSIONS - A method is provided for establishing a split-terminated secure communication connection between a client and a server. A first network intermediary intercepts a secure communication connection request directed from the client to the server. A second intermediary having a digital certificate in the name of the server (and a corresponding private key) acts in place of the server to establish a first secure communication session with the client, during which it receives a secret from the client for generating the session key. The second intermediary supplies the secret and/or the session key to the first intermediary, which allows the first intermediary to establish follow-on secure communication sessions in which the secret is reused. The second intermediary may also supply the first intermediary with a copy of its certificate so that it can respond to new secure communication requests and, yet further, may also supply a copy of the private key. | 03-26-2009 |
20090083537 | SERVER CONFIGURATION SELECTION FOR SSL INTERCEPTION - A network intermediary device such as a transaction accelerator intercepts a client request for a secure communication connection with a server. The intermediary issues a substitute connection request to the server and receives a digital certificate during establishment of a secure communication session between the intermediary and the server. Based on information in the received digital certificate, the intermediary selects an appropriate operational configuration for responding to the client's request. The intermediary consults an ordered list or other collection of digital certificates it possesses, and chooses one having a common name that matches the server's common name. The match may comprise the first matching name, the longest match, the best match, the broadest match (e.g., a certificate having a name that includes one or more wildcard characters), etc. The intermediary then uses the selected certificate (and corresponding private key) to establish a secure communication session with the client. | 03-26-2009 |
20090079597 | CONTENT-BASED SEGMENTATION SCHEME FOR DATA COMPRESSION IN STORAGE AND TRANSMISSION INCLUDING HIERARCHICAL SEGMENT REPRESENTATION - In a coding system, input data within a system is encoded. The input data might include sequences of symbols that repeat in the input data or occur in other input data encoded in the system. The encoding includes determining a target segment size, determining a window size, identifying a fingerprint within a window of symbols at an offset in the input data, determining whether the offset is to be designated as a cut point and segmenting the input data as indicated by the set of cut points. For each segment so identified, the encoder determines whether the segment is to be a referenced segment or an unreferenced segment, replacing the segment data of each referenced segment with a reference label and storing a reference binding in a persistent segment store for each referenced segment, if needed. Hierarchically, the process can be repeated by grouping references into groups, replacing the grouped references with a group label, storing a binding between the grouped references and group label, if one is not already present, and repeating the process. The number of levels of hierarchy can be fixed in advanced or it can be determined from the content encoded. | 03-26-2009 |
20090010166 | SERVICE CURVE MAPPING - A method for configuring service curves for managing the output port of a networking device includes the following steps. A multitude of traffic classes is defined, each traffic class being characterized by a bandwidth and a delay priority. A multitude of traffic service curves is computed, each of the plurality of traffic service curves is associated with a different one of the multitude of traffic classes. At least one of the multitude of traffic classes service curves is characterized by a shifted two-piece linear function shifted such that the service curve limits service to during a nonzero time period prior to the start of the two-piece linear function. | 01-08-2009 |
20080320154 | COOPERATIVE PROXY AUTO-DISCOVERY AND CONNECTION INTERCEPTION - In a network supporting transactions between clients and servers and proxies that are interposable in a network path between at least one client and at least one server, wherein a pair of proxies can modify a packet stream between a client and a server such that packet data from the client to the server is transformed at a client-side proxy of the proxy pair and untransformed at a server-side proxy of proxy pair and such that packet data from the server to the client is transformed at the server-side proxy and untransformed at the client-side proxy, a method and apparatus for a discovering proxy to transparently discover its position in a proxy pair by using proxy signals to indicate to other proxies that could pair with the discovering proxy. A discovering proxy might determine that it is a client-side proxy by receipt of a packet from client without a proxy signal. A discovering proxy might determine that it is a server-side proxy by receipt of a packet from server without a return proxy signal. Once a proxy pair is discovered, that proxy pair might transform traffic from the server to the client or vice versa, transforming the traffic at one proxy of the proxy pair and untransforming the traffic at the other proxy of the pair. | 12-25-2008 |
20080320151 | TRANSACTION ACCELERATOR FOR CLIENT-SERVER COMMUNICATIONS SYSTEMS - Self-discovering transaction accelerators improve communications between a client and a server. A client directs a message to a server. A client-side transaction accelerator intercepts the message, terminates the connection with the client, and accelerates the request by replacing segments of data with references. The accelerated request is forwarded to a server-side transaction accelerator through a new connection. The server-side transaction accelerator reconstructs the message by replacing the reference with segment data in a persistent segment store accessible to the server-side transaction accelerator. The reconstructed request is then provided to the server. Accelerations may occur in any direction of communication. Persistent segment stores can be pre-populated with segment data from other transaction accelerators and anticipated transactions. The persistent segment store can store segments that are data segmented based on content of the data and can be independent of transaction protocol, application, and device. | 12-25-2008 |
20080320106 | TRANSACTION ACCELERATOR FOR CLIENT-SERVER COMMUNICATIONS SYSTEMS - In a network having transaction acceleration, for an accelerated transaction, a client directs a request to a client-side transaction handler that forwards the request to a server-side transaction handler, which in turn provides the request, or a representation thereof, to a server for responding to the request. The server sends the response to the server-side transaction handler, which forwards the response to the client-side transaction handler, which in turn provides the response to the client. Transactions are accelerated by the transaction handlers by storing segments of data used in the transactions in persistent segment storage accessible to the server-side transaction handler and in persistent segment storage accessible to the client-side transaction handler. When data is to be sent between the transaction handlers, the sending transaction handler compares the segments of the data to be sent with segments stored in its persistent segment storage and replaces segments of data with references to entries in its persistent segment storage that match or closely match the segments of data to be replaced. The receiving transaction store reconstructs the data sent by replacing segment references with corresponding segment data from its persistent segment storage, requesting missing segments from the sender as needed. The transaction accelerators could handle multiple clients and/or multiple servers and the segments stored in the persistent segment stores can relate to different transactions, different clients and/or different servers. Persistent segment stores can be prepopulated with segment data from other transaction accelerators. | 12-25-2008 |
20080281908 | HYBRID SEGMENT-ORIENTED FILE SERVER AND WAN ACCELERATOR - In a network including WAN accelerators and segment-oriented file servers, a method comprises responding to a client request to manipulate a file via a network file protocol by receiving a first request at a first WAN accelerator, wherein the request is a request to open a file located at a file server that is a segment-oriented file server, sending a local request for the file, corresponding to the first request, from the WAN accelerator to the file server, using a segment-aware network request protocol, returning at least a portion of the requested file in the form of a representation of a data map corresponding to the at least a portion of the requested file stored on the file server and using a data map for reconstruction of the requested file. | 11-13-2008 |
20080222244 | METHOD AND APPARATUS FOR ACCELERATION BY PREFETCHING ASSOCIATED OBJECTS - Association information is used to build association trees to associate base pages and embedded objects at a proxy. An association tree has a root node containing a URL for a base page, and zero or more leaf nodes each containing a URL for an embedded object. In most cases, an association tree will maintain the invariant that all leaves contain distinct URLs. However, it is also possible to have an association tree in which the same URL appears in multiple nodes. An association tree may optionally contain one or more internal nodes, each of which contains a URL that is an embedded object for some other base page, but which may also be fetched as a base page itself. Given a number of association trees and a base-page URL, a prefetch system finds the root or interior node corresponding to that URL (if any) and traverses the tree from that node, prefetching URLs until the URL of the last leaf node is prefetched. The prefetching starts the process of bringing over the various embedded objects before the user or program would ordinarily fetch them. | 09-11-2008 |