Patents by Inventor Akshat Choudhary
Akshat Choudhary has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 10726029Abstract: The present application is directed towards systems and methods for selecting a database from a plurality of databases to forward a SQL query request based on a property of the SQL request. A device intermediary to a plurality of clients and databases may establish a plurality of connections to the plurality of databases. The device may receive, from a client of the plurality of clients, a request to execute a SQL query. The device may evaluate one or more properties of the request to execute the SQL query responsive to a policy. The device may select a database from the plurality of databases based on a result of evaluation of the one or more properties of the request to execute the SQL query. The device may forward the request to execute the SQL query to the selected database via a connection of the plurality of connections.Type: GrantFiled: February 8, 2017Date of Patent: July 28, 2020Assignee: Citrix Systems, Inc.Inventors: Akshat Choudhary, Pratap Ramachandra
-
Patent number: 9871853Abstract: The present disclosure presents systems and methods for policy based redirection of network traffic, by an intermediary device, to a horizontally deployed WAN device. An intermediary receives a request from a client to access a server. The request was previously modified by a first WAN device to include information in a first option field of a transport layer. The intermediary may determine, responsive to a redirection policy, to send the request to a second WAN optimization device deployed horizontally from the intermediary, instead of the server. The intermediary transmits the request to the second WAN optimization device, while maintaining the information from the first option field. The intermediary device receives the request including the information in the first option field identifying the first WAN optimization device to the second WAN optimization device.Type: GrantFiled: February 17, 2015Date of Patent: January 16, 2018Assignee: Citrix Systems, Inc.Inventors: Mugdha Agarwal, Akshat Choudhary, Ajay Soni
-
Publication number: 20170147656Abstract: The present application is directed towards systems and methods for selecting a database from a plurality of databases to forward a SQL query request based on a property of the SQL request. A device intermediary to a plurality of clients and databases may establish a plurality of connections to the plurality of databases. The device may receive, from a client of the plurality of clients, a request to execute a SQL query. The device may evaluate one or more properties of the request to execute the SQL query responsive to a policy. The device may select a database from the plurality of databases based on a result of evaluation of the one or more properties of the request to execute the SQL query. The device may forward the request to execute the SQL query to the selected database via a connection of the plurality of connections.Type: ApplicationFiled: February 8, 2017Publication date: May 25, 2017Inventors: Akshat Choudhary, Pratap Ramachandra
-
Patent number: 9589029Abstract: The present application is directed towards systems and methods for selecting a database from a plurality of databases to forward a SQL query request based on a property of the SQL request. A device intermediary to a plurality of clients and databases may establish a plurality of connections to the plurality of databases. The device may receive, from a client of the plurality of clients, a request to execute a SQL query. The device may evaluate one or more properties of the request to execute the SQL query responsive to a policy. The device may select a database from the plurality of databases based on a result of evaluation of the one or more properties of the request to execute the SQL query. The device may forward the request to execute the SQL query to the selected database via a connection of the plurality of connections.Type: GrantFiled: December 15, 2011Date of Patent: March 7, 2017Assignee: Citrix Systems, Inc.Inventors: Akshat Choudhary, Pratap Ramachandra
-
Patent number: 9571456Abstract: The present disclosure provides solutions that may enable an enterprise providing services to a number of clients to determine whether to establish a client based SSL VPN session or a clientless SSL VPN session with a client based on an information associated with the client. An intermediary establishing SSL VPN sessions between clients and servers may receive a request from a client to access a server. The intermediary may identify a session policy based on the request. The session policy may indicate whether to establish a client based SSL VPN session or clientless SSL VPN session with the server. The intermediary may determine, responsive to the policy, to establish a clientless or client based SSL VPN session between the client and the server.Type: GrantFiled: November 12, 2014Date of Patent: February 14, 2017Assignee: Citrix Systems, Inc.Inventors: Puneet Agarwal, Srinivasan Thirunarayanan, Saibal Kumar Adhya, Akshat Choudhary
-
Patent number: 9282097Abstract: The solution of the present application addresses the problem of authentication across disparately hosted systems by providing a single authentication domain across SaaS and cloud hosted applications as well as traditional enterprise hosted applications. An application delivery controller intermediary to a plurality of clients and the disparately hosted applications providing single sign on management, integration and control. A user may log in via an interface provided, controlled or managed by the ADC, which in turns, authenticates the user to the application in accordance with policy and the host of the application. As such, the user may login once to gain access to a plurality of disparately hosted applications. From the user's perspective, the user seamlessly and transparently gains access to different hosted systems with different passwords and authentication via the remote access provided by the system of the present solution.Type: GrantFiled: May 6, 2011Date of Patent: March 8, 2016Assignee: CITRIX SYSTEMS, INC.Inventors: Mugdha Agarwal, Akshat Choudhary, Puneet Agarwal, Arkesh Kumar, Nirdosh Shah, Ajay Soni
-
Patent number: 9264429Abstract: The present invention provides a system and method of managing traffic traversing an intermediary based on a result of end point auditing. An authentication virtual server of an intermediary may determine a result of an end point analysis scan of a client. Responsive to the determination, the traffic management virtual server can obtain the result from the authentication virtual server. Further, the traffic management virtual server may apply the result in one or more traffic management policies to manage network traffic of a connection of the client traversing the intermediary. In some embodiments, the authentication virtual server may receive one or more expressions evaluated by the client. The one or more expressions identifies one or more attributes of the client. The traffic management virtual server can also determine a type of compression or encryption for the connection based on applying the one or more traffic management policies using the result.Type: GrantFiled: August 18, 2014Date of Patent: February 16, 2016Assignee: CITRIX SYSTEMS, INC.Inventors: James Harris, Rui Li, Arkesh Kumar, Ravindranath Thakur, Puneet Agarwal, Akshat Choudhary, Punit Gupta
-
Patent number: 9237208Abstract: The present disclosure presents systems and methods for maintaining original source and destination IP addresses of a request while performing intermediary cache redirection. An intermediary receives a request from a client destined to a server identifying a client IP address as a source IP address and a server IP address as a destination IP address. The intermediary transmits the request to a cache server, the request maintaining original IP addresses and identifying a MAC address of the cache server as the destination MAC address. The intermediary receives the request from the cache server responsive to a cache miss, the received request maintaining the original source and destination IP addresses. The intermediary identifying that the third request is coming from the cache server via one or more data link layer properties of the third transport layer connection.Type: GrantFiled: May 23, 2014Date of Patent: January 12, 2016Assignee: CITRIX SYSTEMS, INC.Inventors: Saravanakumar Annamalaisami, Anil Shetty, Josephine Suganthi, Akshat Choudhary
-
Publication number: 20150244781Abstract: The present disclosure presents systems and methods for policy based redirection of network traffic, by an intermediary device, to a horizontally deployed WAN device. An intermediary receives a request from a client to access a server. The request was previously modified by a first WAN device to include information in a first option field of a transport layer. The intermediary may determine, responsive to a redirection policy, to send the request to a second WAN optimization device deployed horizontally from the intermediary, instead of the server. The intermediary transmits the request to the second WAN optimization device, while maintaining the information from the first option field. The intermediary device receives the request including the information in the first option field identifying the first WAN optimization device to the second WAN optimization device.Type: ApplicationFiled: February 17, 2015Publication date: August 27, 2015Applicant: CITRIX SYSTEMS, INC.Inventors: Mugdha Agarwal, Akshat Choudhary, Ajay Soni
-
Patent number: 9065866Abstract: The present disclosure presents systems and methods for policy-based redirection of network traffic, by an intermediary device, to a horizontally deployed WAN device. An intermediary receives a request from a client to access a server. The request was previously modified by a first WAN device to include information in an option field of a transport layer. The intermediary may determine, responsive to a redirection policy, to send the request to a second WAN device deployed horizontally from the intermediary, instead of the server. The intermediary transmits the request to the second WAN device, while maintaining the information from the option field. The intermediary device receives the request including the information identifying the first WAN optimization device to the second WAN device. The intermediary receives a modified request from the second WAN device, the modified request determined by the intermediary to be sent to the destination server.Type: GrantFiled: December 27, 2011Date of Patent: June 23, 2015Assignee: CITRIX SYSTEMS, INC.Inventors: Mugdha Agarwal, Akshat Choudhary
-
Patent number: 9009327Abstract: The SSL VPN session failover solution of the appliance and/or client agent described herein provides an environment for handling IP address assignment and end point re-authorization upon failover. The appliances may be deployed to provide a session failover environment in which a second appliance is a backup to a first appliance when a failover condition is detected, such as failure in operation of the first appliance. The backup appliance takes over responsibility for SSL VPN sessions provided by the first appliance. In the failover environment, the first appliance propagates SSL VPN session information including user IP address assignment and end point authorization information to the backup appliance. The backup appliance maintains this information. Upon detection of failover of the first appliance, the backup appliance activates the transferred SSL VPN session and maintains the user assigned IP addresses. The backup appliance may also re-authorize the client for the transferred SSL VPN session.Type: GrantFiled: August 3, 2007Date of Patent: April 14, 2015Assignee: Citrix Systems, Inc.Inventors: Saibal Adhya, Akshat Choudhary, Shashi Nanjundaswamy, Sergey Verzunov, Arkesh Kumar, Amarnath Mullick
-
Patent number: 8996614Abstract: The present disclosure describes systems and methods for load balancing multiple application delivery controllers (ADCs) in multiple tiers. An upper layer of the tier comprises ADCs that load balance the plurality of ADCs of a lower layer of the tier. In order to appropriately share and maintain client IPs for transparent cache redirection scenarios, the transport layer (Transport Control Protocol (TCP)) port range is split among the ADCs of the lower tier. The lower tier ADCs would then create a connection only using a source port assigned to them. The response from the origin will then be sent to the upper level ADC which looks at the destination port and forward the packet to the correct lower tier ADC. Hence, the ADCs at two levels will work in conjunction to provide transparent cache direction.Type: GrantFiled: February 8, 2012Date of Patent: March 31, 2015Assignee: Citrix Systems, Inc.Inventors: Akshat Choudhary, Anil Kumar Gavini, Anil Shetty
-
Publication number: 20150074751Abstract: The present disclosure provides solutions that may enable an enterprise providing services to a number of clients to determine whether to establish a client based SSL VPN session or a clientless SSL VPN session with a client based on an information associated with the client. An intermediary establishing SSL VPN sessions between clients and servers may receive a request from a client to access a server. The intermediary may identify a session policy based on the request. The session policy may indicate whether to establish a client based SSL VPN session or clientless SSL VPN session with the server. The intermediary may determine, responsive to the policy, to establish a clientless or client based SSL VPN session between the client and the server.Type: ApplicationFiled: November 12, 2014Publication date: March 12, 2015Applicant: CITIRX SYSTEMS, INC.Inventors: Puneet Agarwal, Srinivasan Thirunarayanan, Saibal Kumar Adhya, Akshat Choudhary
-
Patent number: 8965955Abstract: The present disclosure presents systems and methods for policy based redirection of network traffic, by an intermediary device, to a horizontally deployed WAN device. An intermediary receives a request from a client to access a server. The request was previously modified by a first WAN device to include information in a first option field of a transport layer. The intermediary may determine, responsive to a redirection policy, to send the request to a second WAN optimization device deployed horizontally from the intermediary, instead of the server. The intermediary transmits the request to the second WAN optimization device, while maintaining the information from the first option field. The intermediary device receives the request including the information in the first option field identifying the first WAN optimization device to the second WAN optimization device.Type: GrantFiled: December 23, 2009Date of Patent: February 24, 2015Assignee: Citrix Systems, Inc.Inventors: Mugdha Agarwal, Akshat Choudhary, Ajay Soni
-
Patent number: 8893259Abstract: The present disclosure provides solutions that may enable an enterprise providing services to a number of clients to determine whether to establish a client based SSL VPN session or a clientless SSL VPN session with a client based on an information associated with the client. An intermediary establishing SSL VPN sessions between clients and servers may receive a request from a client to access a server. The intermediary may identify a session policy based on the request. The session policy may indicate whether to establish a client based SSL VPN session or clientless SSL VPN session with the server. The intermediary may determine, responsive to the policy, to establish a clientless or client based SSL VPN session between the client and the server.Type: GrantFiled: January 26, 2009Date of Patent: November 18, 2014Assignee: Citrix Systems, Inc.Inventors: Puneet Agarwal, Saibal Kumar Adhya, Srinivasan Thirunarayanan, Akshat Choudhary
-
Patent number: 8856369Abstract: In a multi-core system, multiple packet engines across corresponding cores may be working concurrently processing data packets from data flows of SSL VPN sessions. For example, a first core may establish a SSL VPN session with a client. Any one of the other cores, such as a second core, may received packets related to the session owned by the first core. Embodiments of the systems and method described below provide management of IIP addresses for the multi-core/multi-packet engine approach to providing SSL VPN service. In some embodiments, the approach to managing IIP addresses is to have one packet engine on a core act as a master or controller of the IIPs for the remaining packet engines and cores. The packet engines/cores use a protocol for communications regarding IIP management.Type: GrantFiled: November 15, 2013Date of Patent: October 7, 2014Assignee: Citrix Systems, Inc.Inventors: Pratap Ramachandra, Akshat Choudhary, Mugdah Agarwal, Arkesh Kumar
-
Patent number: 8844040Abstract: The present invention provides a system and method of managing traffic traversing an intermediary based on a result of end point auditing. An authentication virtual server of an intermediary may determine a result of an end point analysis scan of a client. Responsive to the determination, the traffic management virtual server can obtain the result from the authentication virtual server. Further, the traffic management virtual server may apply the result in one or more traffic management policies to manage network traffic of a connection of the client traversing the intermediary. In some embodiments, the authentication virtual server may receive one or more expressions evaluated by the client. The one or more expressions identifies one or more attributes of the client. The traffic management virtual server can also determine a type of compression or encryption for the connection based on applying the one or more traffic management policies using the result.Type: GrantFiled: March 23, 2009Date of Patent: September 23, 2014Assignee: Citrix Systems, Inc.Inventors: James Harris, Rui Li, Arkesh Kumar, Ravindranath Thakur, Puneet Agarwal, Akshat Choudhary, Punit Gupta
-
Publication number: 20140258390Abstract: The present disclosure presents systems and methods for maintaining original source and destination IP addresses of a request while performing intermediary cache redirection. An intermediary receives a request from a client destined to a server identifying a client IP address as a source IP address and a server IP address as a destination IP address. The intermediary transmits the request to a cache server, the request maintaining original IP addresses and identifying a MAC address of the cache server as the destination MAC address. The intermediary receives the request from the cache server responsive to a cache miss, the received request maintaining the original source and destination IP addresses. The intermediary identifying that the third request is coming from the cache server via one or more data link layer properties of the third transport layer connection.Type: ApplicationFiled: May 23, 2014Publication date: September 11, 2014Applicant: Citrix Systems, Inc.Inventors: Saravanakumar Annamalaisami, Anil Shetty, Josephine Suganthi, Akshat Choudhary
-
Patent number: 8782755Abstract: The present invention provides a system and method for dynamically selecting an authentication virtual server from a plurality of authentication virtual servers. A traffic management virtual server may determine from a request received from a client to access content of a server that the client has not been authenticated. The traffic management virtual server can identify a policy for selecting an authentication virtual server to provide authentication of the client. Responsive to the identification, the traffic management virtual server can select, via the policy, an authentication virtual server of the plurality of authentication virtual servers to authenticate the client. Responsive to the request, the traffic management virtual server may transmit a response to the client The response includes an instruction to redirect to the selected authentication virtual server.Type: GrantFiled: March 23, 2009Date of Patent: July 15, 2014Assignee: Citrix Systems, Inc.Inventors: James Harris, Rui Li, Arkesh Kumar, Ravindranath Thakur, Puneet Agarwal, Akshat Choudhary
-
Patent number: 8769156Abstract: The present disclosure presents systems and methods for maintaining original source and destination IP addresses of a request while performing intermediary cache redirection. An intermediary receives a request from a client destined to a server identifying a client IP address as a source IP address and a server IP address as a destination IP address. The intermediary transmits the request to a cache server, the request maintaining original IP addresses and identifying a MAC address of the cache server as the destination MAC address. The intermediary receives the request from the cache server responsive to a cache miss, the received request maintaining the original source and destination IP addresses. The intermediary identifying that the third request is coming from the cache server via one or more data link layer properties of the third transport layer connection.Type: GrantFiled: December 23, 2009Date of Patent: July 1, 2014Assignee: Citrix Systems, Inc.Inventors: Saravanakumar Annamalaisami, Anil Shetty, Josephine Suganthi, Akshat Choudhary