Abstract: A proxy server receives a synchronization request from an application program resident on a user device. The proxy server determines that the user device requires removal of application program data and synchronizes the application program resident on the user device with a null account that is associated with application program.

Abstract: A proxy server mitigates security risks of user credentials sent across a network in clear text. The proxy server encrypts user credentials within a client application request destined for an application server. The proxy server forwards the client application request to the application server. The application server sends the encrypted user credentials to the proxy server where the proxy server decrypts the user credentials and authenticates the user credentials with an authentication server.

Abstract: A proxy server receives a synchronization request from an application program resident on a user device. The proxy server determines that the user device requires removal of application program data and synchronizes the application program resident on the user device with a null account that is associated with application program.

Abstract: An intermediary device, which behaves as a proxy for two entities after the entities have established a connection between themselves, is disclosed, as is a method that may be performed by such a device. The intermediary device can inspect a complete message, whose parts may be spread among multiple separate packets, without engaging in handshake phases with the message's origin or destination. As a first entity negotiates connection parameters with a second entity, the intermediary device stores the connection parameters as the parameters flow through the intermediary device. After the two entities have established an original connection, the intermediary device uses the intercepted parameters to form two separate connections in the place of the original connection: one between the intermediary device and the first entity, and another between the intermediary device and the second entity. To the entities, the newly formed connections appear to be same as the original connection.

Abstract: A proxy server creates an index of keywords, receives at least a portion of a file, and, when a keyword in the index is encountered in the at least a portion of the file as the at least a portion of the file is being encrypted, associates in the index an encrypted record location identifier with the encountered keyword. The proxy server receives a search query and uses the keyword index to retrieve encrypted records from the server. The encrypted records are decrypted and sent as search results in response to the search query.

Abstract: A proxy server receives a synchronization request from an application program resident on a user device. The proxy server determines that the user device requires removal of application program data and synchronizes the application program resident on the user device with a null account that is associated with application program.

Abstract: A proxy server creates an index of keywords, receives an encrypted record, decrypts the received encrypted record as decrypted data and, when a keyword in the index is encountered in the decrypted data, associates in the index an encrypted record location identifier with the encountered keyword. The proxy server receives a search query and uses the keyword index to retrieve encrypted records from the server. The encrypted records are decrypted and sent as search results in response to the search query.

Abstract: A proxy server creates an index of keywords, receives at least a portion of a file, and, when a keyword in the index is encountered in the at least a portion of the file as the at least a portion of the file is being encrypted, associates in the index an encrypted record location identifier with the encountered keyword. The proxy server receives a search query and uses the keyword index to retrieve encrypted records from the server. The encrypted records are decrypted and sent as search results in response to the search query.

Abstract: A method is disclosed for reproxying connections. According to one aspect, a first connection is established between a client and a proxy device. A second connection is established between the proxy device and a server. The first connection comprises a first endpoint at the client and a second endpoint at the proxy device. The second connection comprises a third endpoint at the proxy device and a fourth endpoint at the server. The first and second connections are unproxied by dissolving the second and third endpoints while maintaining the first and fourth endpoints. After the connections have been unproxied, a packet is received at the proxy device. In response, the first and second connections are reproxied by creating fifth and sixth endpoints at the proxy device, so that the first connection comprises the fifth endpoint and the second connection comprises the sixth endpoint.

Abstract: Resource availability profiles are received, wherein each resource availability profile describes a resource associated with a server. Each resource is assigned a plurality of weights corresponding to a plurality of policies. The weights are determined by, for each of the plurality of the policies, determining a weight for each resource based a given policy and selected information in the resource availability profiles corresponding to the resources. The method further comprises determining a policy from the plurality of the policies corresponding to a given a context associated with a connection request. A first of the load-balanced servers is selected for the connection request based on the weights assigned to the plurality of resources for the policy for the given context.

Abstract: A method of managing servers in a server cluster is disclosed. The health of servers is detected through passive return traffic monitoring. Server failure can be detected through TCP information or HTTP return codes. Various settings affecting number of failure thresholds and the time period to detect failures can be configured. Servers can be mapped to URLs such that passive health monitoring can be performed for URLs instead of server clusters.

Abstract: Network connection switchover is accomplished through a method comprising receiving information defining a first connection between a first network device and a computer; establishing a replication channel between the first network device and a backup device; storing backup control information at the backup device; communicating a message flow between the first network device and the computer on the first transport connection; in response to unavailability of the first network device, communicating messages on the replication channel that cause (a) establishing a second connection between the backup device and the computer; (b) continuing communication of the message flow between the backup device and the computer based on the backup control information. TCP connections, for example, can be switched from an active device to a backup device without reset or re-transmission.

Abstract: Network connection switchover is accomplished through a method comprising receiving information defining a first connection between a first network device and a computer; establishing a replication channel between the first network device and a backup device; storing backup control information at the backup device; communicating a message flow between the first network device and the computer on the first transport connection; in response to unavailability of the first network device, communicating messages on the replication channel that cause (a) establishing a second connection between the backup device and the computer; (b) continuing communication of the message flow between the backup device and the computer based on the backup control information. TCP connections, for example, can be switched from an active device to a backup device without reset or re-transmission.

Abstract: An intermediary device, which behaves as a proxy for two entities after the entities have established a connection between themselves, is disclosed, as is a method that may be performed by such a device. The intermediary device can inspect a complete message, whose parts may be spread among multiple separate packets, without engaging in handshake phases with the message's origin or destination. As a first entity negotiates connection parameters with a second entity, the intermediary device stores the connection parameters as the parameters flow through the intermediary device. After the two entities have established an original connection, the intermediary device uses the intercepted parameters to form two separate connections in the place of the original connection: one between the intermediary device and the first entity, and another between the intermediary device and the second entity. To the entities, the newly formed connections appear to be same as the original connection.

Abstract: Resource availability profiles are received, wherein each resource availability profile describes a resource associated with a server. Each resource is assigned a plurality of weights corresponding to a plurality of policies. The weights are determined by, for each of the plurality of the policies, determining a weight for each resource based a given policy and selected information in the resource availability profiles corresponding to the resources. The method further comprises determining a policy from the plurality of the policies corresponding to a given a context associated with a connection request. A first of the load-balanced servers is selected for the connection request based on the weights assigned to the plurality of resources for the policy for the given context.

Abstract: A data center topology routes traffic between internal sub-nets and between a sub-net and an outside network through a common chain of services. The data center topology employs transparent layer 7 and layer 4 services on a common chassis or platform to provide routing, load balancing and firewall services while reducing the number of devices necessary to implement the data center and simplifying configuration.

Abstract: A method is disclosed for reproxying connections. According to one aspect, a first connection is established between a client and a proxy device. A second connection is established between the proxy device and a server. The first connection comprises a first endpoint at the client and a second endpoint at the proxy device. The second connection comprises a third endpoint at the proxy device and a fourth endpoint at the server. The first and second connections are unproxied by dissolving the second and third endpoints while maintaining the first and fourth endpoints. After the connections have been unproxied, a packet is received at the proxy device. In response, the first and second connections are reproxied by creating fifth and sixth endpoints at the proxy device, so that the first connection comprises the fifth endpoint and the second connection comprises the sixth endpoint.