Abstract: Reducing vulnerability to a server is provided. A device intermediary to a client and a server can receive a RPC message from the RPC based client to the RPC based server, the RPC message having a plurality of fields to execute one or more routines on the server. The device can detect that one or more fields of the plurality of fields exploits a vulnerability of the RPC based server. The device can modify the RPC message to remove the one or more fields from the RPC message. The device can forward the modified RPC message to the RPC server.

Abstract: Reducing vulnerability to a server is provided. A device intermediary to a client and a server can receive a RPC message from the RPC based client to the RPC based server, the RPC message having a plurality of fields to execute one or more routines on the server. The device can detect that one or more fields of the plurality of fields exploits a vulnerability of the RPC based server. The device can modify the RPC message to remove the one or more fields from the RPC message. The device can forward the modified RPC message to the RPC server.

Abstract: Systems and methods for autonomous program management include a device which may receive a first request from a client for a server. The device may transmit one or more data packets to the client. The data packet(s) may include a response to the request from the server and an attribute collector script which executes on the client to automatically transmit one or more attributes corresponding to at least one of the client or a browser of the client to the device. The device may receive a second request from the client which includes one or more attributes collected using the attribute collector script. The device may determine whether the client is associated with an autonomous program using the attribute(s). The device may block one or more subsequent requests from the client to the server responsive to determining that the client is associated with an autonomous program.

Abstract: The embodiments are directed to methods and appliances for scheduling a packet transmission. The methods and appliances can assign received data packets or a representation of data packets to one or more connection nodes of a classification tree having a link node and first and second intermediary nodes associated with the link node via one or more semi-sorted queues, wherein the one or more connection nodes correspond with the first intermediary node. The methods and appliances can process the one or more connection nodes using a credit-based round robin queue. The methods and appliances can authorize the sending of the received data packets based on the processing.

Abstract: A system and method is provided for optimizing network traffic. The system includes a packet engine of a plurality of packet engines configured to acquire a data packet, to store the data packet in a queue, and to provide a request including a packet token representing the data packet, information regarding the size of the data packet, and a connection token. The system also includes a packet scheduler configured to receive the request; schedule the data packet using the connection token and the information regarding the size of the data packet; and provide the packet token and a notification to the packet engine for allowing the packet engine for transmitting the data packet.

Abstract: The embodiments are directed to methods and appliances for scheduling a packet transmission. The methods and appliances can assign received data packets or a representation of data packets to one or more connection nodes of a classification tree having a link node and first and second intermediary nodes associated with the link node via one or more semi-sorted queues, wherein the one or more connection nodes correspond with the first intermediary node. The methods and appliances can process the one or more connection nodes using a credit-based round robin queue. The methods and appliances can authorize the sending of the received data packets based on the processing.

Abstract: The embodiments are directed to methods and appliances for scheduling a packet transmission. The methods and appliances can assign received data packets or a representation of data packets to one or more connection nodes of a classification tree having a link node and first and second intermediary nodes associated with the link node via one or more semi-sorted queues, wherein the one or more connection nodes correspond with the first intermediary node. The methods and appliances can process the one or more connection nodes using a credit-based round robin queue. The methods and appliances can authorize the sending of the received data packets based on the processing.

Abstract: A system and method is provided for scheduling data packets. The system includes one or more packet engines configured to provide one or more congestion indications for a plurality of connections of a communication link. The system also includes a packet scheduler configured to receive the one or more congestion indications, estimate a link rate of the communication link using the one or more congestion indications and classification information, and schedule the data packets for transmission via the plurality of connections using the estimated link rate and the classification information.

Abstract: The embodiments are directed to methods and appliances for configuring a classification tree. The methods and appliances, can receive data packets having a source media access control (MAC) address. The methods and appliances can encode the source MAC address based on a determination of a message type. The methods and appliances can provide the encoded source MAC address to a quality-of-service (QoS) engine, wherein the encoded source MAC address configures the classification tree used by the QoS engine for authorizing the transmission of one or more data packets.

Abstract: A system and method is provided for optimizing network traffic. The system includes a packet engine of a plurality of packet engines configured to acquire a data packet, to store the data packet in a queue, and to provide a request including a packet token representing the data packet, information regarding the size of the data packet, and a connection token. The system also includes a packet scheduler configured to receive the request; schedule the data packet using the connection token and the information regarding the size of the data packet; and provide the packet token and a notification to the packet engine for allowing the packet engine for transmitting the data packet.

Abstract: A system and method is provided for optimizing network traffic. The system includes a packet engine of a plurality of packet engines configured to acquire a data packet, to store the data packet in a queue, and to provide a request including a packet token representing the data packet, information regarding the size of the data packet, and a connection token. The system also includes a packet scheduler configured to receive the request; schedule the data packet using the connection token and the information regarding the size of the data packet; and provide the packet token and a notification to the packet engine for allowing the packet engine for transmitting the data packet.

Abstract: The embodiments are directed to methods and appliances for scheduling a packet transmission. The methods and appliances can assign received data packets or a representation of data packets to one or more connection nodes of a classification tree having a link node and first and second intermediary nodes associated with the link node via one or more semi-sorted queues, wherein the one or more connection nodes correspond with the first intermediary node. The methods and appliances can process the one or more connection nodes using a credit-based round robin queue. The methods and appliances can authorize the sending of the received data packets based on the processing.

Abstract: The embodiments are directed to methods and appliances for configuring a classification tree. The methods and appliances, can receive data packets having a source media access control (MAC) address. The methods and appliances can encode the source MAC address based on a determination of a message type. The methods and appliances can provide the encoded source MAC address to a quality-of-service (QoS) engine, wherein the encoded source MAC address configures the classification tree used by the QoS engine for authorizing the transmission of one or more data packets.

Abstract: A system and method is provided for scheduling data packets. The system includes one or more packet engines configured to provide one or more congestion indications for a plurality of connections of a communication link. The system also includes a packet scheduler configured to receive the one or more congestion indications, estimate a link rate of the communication link using the one or more congestion indications and classification information, and schedule the data packets for transmission via the plurality of connections using the estimated link rate and the classification information.

Abstract: A system and method is provided for optimizing network traffic. The system includes a packet engine of a plurality of packet engines configured to acquire a data packet, to store the data packet in a queue, and to provide a request including a packet token representing the data packet, information regarding the size of the data packet, and a connection token. The system also includes a packet scheduler configured to receive the request; schedule the data packet using the connection token and the information regarding the size of the data packet; and provide the packet token and a notification to the packet engine for allowing the packet engine for transmitting the data packet.

Abstract: IP packets are scheduled at source devices such as cell phones on a private network that connect to the Internet at an edge device. A private traffic controller by the edge device detects pre-Internet congestion on the private network. The private traffic controller uses in-band piggybacked signaling of policy changes by intercepting return packets to the source devices and modifying bits such as DSCP bits in the header. Source traffic controllers in the source devices read the modified DSCP bits and implement specified policy changes, dropping or delaying packets at the source device before transmission. Congestion on RF links from cell phones is reduced by the source traffic controllers dropping packets before transmission. The source device limits or drops future packets in response to the policies signaled by the DSCP bits. Rather than indicate the existing packet's priority, private DSCP bits signal policy changes to the source device.