Patents by Inventor Asaf Wexler

Asaf Wexler has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 8892737
    Abstract: A network sniffer where the sniffer learns the structure of a web application, monitors the operation of the application, and optionally controls the processing of incoming requests to achieve optimal performance as defined in a service level agreement (SLA). The network sniffer is operative for example in enterprise web applications and in enterprise data centers that deploy web applications and optimally is adapted to maintain a consistent level of service of web applications.
    Type: Grant
    Filed: March 6, 2007
    Date of Patent: November 18, 2014
    Assignee: VMware, Inc.
    Inventors: Asaf Wexler, Yoav Dembak
  • Patent number: 8683041
    Abstract: A method for controlling and maintaining a level of service of web applications is disclosed. The method includes generating a context for each request sent from a client to a web server and for each reply sent from a web server to a client. Then it is determined whether the context belongs to an identified transaction. Statistics respective of the identified transaction is then gathered. Further, a determination is made whether at least one policy predefined for the identified application is violated. A plurality of corrective actions are performed if at least one policy is determined to be violated.
    Type: Grant
    Filed: December 11, 2009
    Date of Patent: March 25, 2014
    Assignee: VMware, Inc.
    Inventors: Asaf Wexler, Yoav Dembak
  • Patent number: 8656000
    Abstract: A service level management (SLM) system where the system learns the structure of a web application, monitors the operation of the application, and controls the processing of incoming requests to achieve optimal performance as defined in a service level agreement (SLA). The system is operative for example in enterprise web applications and in enterprise data centers that deploy web applications and optimally is capable of controlling and maintaining a level of service of web applications.
    Type: Grant
    Filed: August 21, 2009
    Date of Patent: February 18, 2014
    Assignee: VMware, Inc.
    Inventors: Asaf Wexler, Yoav Dembak
  • Patent number: 8635330
    Abstract: A method and system for automatically learning and identifying web applications. The method discovers and identifies transactions, web applications, their modules, interfaces, and relationship between the modules. The method further includes dynamically creating application definers is provided.
    Type: Grant
    Filed: April 23, 2007
    Date of Patent: January 21, 2014
    Assignee: VMware, Inc.
    Inventors: Asaf Wexler, Yoav Dembak
  • Patent number: 8595835
    Abstract: Systems and methods for identification of network attacks are disclosed. An example system includes an adaptor module to route a received encrypted packet to a decryption module, receive a decrypted packet corresponding to the encrypted packet from the decryption module, and transmit the decrypted packet and the encrypted packet to a sensor module. The decryption module is to receive an encrypted packet, decrypt the encrypted packet to form the decrypted packet, and transmit the decrypted packet to the adaptor module. The sensor module is to inspect the decrypted packet and the encrypted packet received from the adaptor module to determine when an attack is detected.
    Type: Grant
    Filed: January 13, 2011
    Date of Patent: November 26, 2013
    Assignee: Trustwave Holdings, Inc.
    Inventors: Doron Kolton, Adi Stav, Asaf Wexler, Ariel Ernesto Frydman, Yoram Zahavi
  • Patent number: 8595369
    Abstract: A system and method for correlating front-end and back-end transactions in a data center. The method includes gathering front-end and back-end transactions; analyzing pairs of transactions to detect correlated front-end and back-end transactions; saving correlated pairs in a database; and displaying the correlated pairs on a graphical user interface (GUI). In accordance with an embodiment of the invention the detection of correlated pairs may be performed using content matching analysis, time proximity analysis, and attributes analysis.
    Type: Grant
    Filed: April 17, 2008
    Date of Patent: November 26, 2013
    Assignee: VMware, Inc.
    Inventors: Asaf Wexler, Ronen Heled
  • Patent number: 8204986
    Abstract: A method for monitoring performance of a data center that includes: (a) a performance monitor analyzing packets that flow between a client and a web or application server; (b) assigning packets to contexts where a context is a request-reply entity; (c) determining one or more of application, network, and back-end latency measures wherein: (i) the application latency measure is a time it takes for an application to respond to a request, (ii) the network latency measure is a time that it takes for packets to go through a network between the client and the web or application server, and (iii) the back-end latency is a time required for a back-end system to execute a request and respond to the application server.
    Type: Grant
    Filed: July 28, 2008
    Date of Patent: June 19, 2012
    Assignee: VMware, Inc.
    Inventors: Asaf Wexler, Netta Gavrieli
  • Publication number: 20110283101
    Abstract: A system and method for detecting network attacks within encrypted network traffic received by a protected network includes a decryption module and an adaptor module. This system and method can be inserted and used with multiple types of operating systems.
    Type: Application
    Filed: January 13, 2011
    Publication date: November 17, 2011
    Applicant: TRUSTWAVE HOLDINGS, INC.
    Inventors: Doron Kolton, Adi Stav, Asaf Wexler, Ariel Ernesto Frydman, Yoram Zahavi
  • Patent number: 7934253
    Abstract: A system and method for protection of Web based applications are described. The techniques described provide an enterprise wide approach to preventing attacks of Web based applications. Individual computer networks within the enterprise monitor network traffic to identify anomalous traffic. The anomalous traffic can be identified by comparing the traffic to a profile of acceptable user traffic when interacting with the application. The anomalous traffic, or security events, identified at the individual computer networks are communicated to a central security manager. The central security manager correlates the security events at the individual computer networks to determine if there is an enterprise wide security threat. The central security manager can then communicate instructions to the individual computer networks so as to provide an enterprise wide solution to the threat.
    Type: Grant
    Filed: September 14, 2006
    Date of Patent: April 26, 2011
    Assignee: TrustWave Holdings, Inc.
    Inventors: Kevin Overcash, Kate Delikat, Rami Mizrahi, Galit Efron, Doron Kolton, Asaf Wexler, Netta Gavrieli, Yoram Zahavi
  • Patent number: 7895652
    Abstract: A system and method for detecting network attacks within encrypted network traffic received by a protected network includes a decryption module and an adaptor module. This system and method can be inserted and used with multiple types of operating systems.
    Type: Grant
    Filed: January 4, 2006
    Date of Patent: February 22, 2011
    Assignee: Trustwave Holdings, Inc.
    Inventors: Doron Kolton, Adi Stav, Asaf Wexler, Ariel Ernesto Frydman, Yoram Zahavi
  • Publication number: 20100094916
    Abstract: A method for controlling and maintaining a level of service of web applications is disclosed. The method includes generating a context for each request sent from a client to a web server and for each reply sent from a web server to a client. Then it is determined whether the context belongs to an identified transaction. Statistics respective of the identified transaction is then gathered. Further, a determination is made whether at least one policy predefined for the identified application is violated. A plurality of corrective actions are performed if at least one policy is determined to be violated.
    Type: Application
    Filed: December 11, 2009
    Publication date: April 15, 2010
    Applicant: VMWARE, INC.
    Inventors: Asaf WEXLER, Yoav DEMBAK
  • Patent number: 7693996
    Abstract: A service level management (SLM) system where the system learns the structure of a web application, monitors the operation of the application, and controls the processing of incoming requests to achieve optimal performance as defined in a service level agreement (SLA). The system is operative for example in enterprise web applications and in enterprise data centers that deploy web applications and optimally is capable of controlling and maintaining a level of service of web applications.
    Type: Grant
    Filed: March 6, 2007
    Date of Patent: April 6, 2010
    Assignee: VMware, Inc.
    Inventors: Asaf Wexler, Yoav Dembak
  • Publication number: 20090313273
    Abstract: A service level management (SLM) system where the system learns the structure of a web application, monitors the operation of the application, and controls the processing of incoming requests to achieve optimal performance as defined in a service level agreement (SLA). The system is operative for example in enterprise web applications and in enterprise data centers that deploy web applications and optimally is capable of controlling and maintaining a level of service of web applications.
    Type: Application
    Filed: August 21, 2009
    Publication date: December 17, 2009
    Applicant: VMWARE, INC.
    Inventors: Asaf WEXLER, Yoav DEMBAK
  • Publication number: 20090125532
    Abstract: A system and method for correlating front-end and back-end transactions in a data center. The method includes gathering front-end and back-end transactions; analyzing pairs of transactions to detect correlated front-end and back-end transactions; saving correlated pairs in a database; and displaying the correlated pairs on a graphical user interface (GUI). In accordance with an embodiment of the invention the detection of correlated pairs may be performed using content matching analysis, time proximity analysis, and attributes analysis.
    Type: Application
    Filed: April 17, 2008
    Publication date: May 14, 2009
    Applicant: B-HIVE NETWORKS, INC
    Inventors: Asaf Wexler, Ronen Heled
  • Publication number: 20090125496
    Abstract: A network device and method for learning and monitoring transactions executed by back-end systems in data servers. Specifically, it allows learning and monitoring at least standard query language (SQL) transactions sent from an application server hosting a web application to a database server and executed thereon. Monitoring of SQL transactions allows measuring performance parameters with regards to databases, databases' tables, operations and queries that are part of the transactions. Furthermore, the measurement of performance parameters with respect to HTTP requests of the respective SQL transactions is provided.
    Type: Application
    Filed: April 17, 2008
    Publication date: May 14, 2009
    Applicant: B-HIVE NETWORKS, INC
    Inventors: Asaf Wexler, Mayan Weiss, Or Kroyzer, Ronen Heled
  • Publication number: 20090031022
    Abstract: A method for monitoring performance of a data center that includes: (a) a performance monitor analyzing packets that flow between a client and a web or application server; (b) assigning packets to contexts where a context is a request-reply entity; (c) determining one or more of application, network, and back-end latency measures wherein: (i) the application latency measure is a time it takes for an application to respond to a request, (ii) the network latency measure is a time that it takes for packets to go through a network between the client and the web or application server, and (iii) the back-end latency is a time required for a back-end system to execute a request and respond to the application server.
    Type: Application
    Filed: July 28, 2008
    Publication date: January 29, 2009
    Applicant: VMWARE, INC.
    Inventors: Asaf WEXLER, Netta GAVRIELI
  • Publication number: 20080047009
    Abstract: A system and method for protection of Web based applications are described. A Web application security system is included within a computer network to monitor traffic received from a wide area network, such as the Internet, and determine if there is a threat to the Web application. The Web application security system monitors web traffic in a non-inline configuration and identifies any anomalous traffic against a profile that identifies acceptable behavior of a user of the application. Any anomalous traffic is analyzed and appropriate protective action is taken to secure the Web application against an attack.
    Type: Application
    Filed: July 20, 2006
    Publication date: February 21, 2008
    Inventors: Kevin Overcash, Kate Delikat, Rami Mizrahi, Galit Efron (Njtzan), Doron Kolton, Asaf Wexler, Netta Gavrieli, Yoram Zahavi
  • Publication number: 20080034424
    Abstract: A system and method for protection of Web based applications are described. An agent is included in a web server such that traffic is routed through the agent. A security module is also in communication with the agent. The agent receives information about the application profile, and patterns of acceptable traffic behavior, from the security module. The agent acts as a gatekeeper, holding up suspicious traffic that does not match the pattern of acceptable traffic behavior until the suspicious traffic has been analyzed by the security module. Using the agent, malicious traffic can dropped before it can reach the application, or the user can be logged out, or both.
    Type: Application
    Filed: September 14, 2006
    Publication date: February 7, 2008
    Inventors: Kevin Overcash, Kate Delikate, Rami Mizrahi, Galit Efron, Doron Kolton, Asaf Wexler, Netta Gavrieli, Yoram Zahavi
  • Publication number: 20080034425
    Abstract: A system and method for protection of Web based applications are described. The techniques described provide an enterprise wide approach to preventing attacks of Web based applications. Individual computer networks within the enterprise monitor network traffic to identify anomalous traffic. The anomalous traffic can be identified by comparing the traffic to a profile of acceptable user traffic when interacting with the application. The anomalous traffic, or security events, identified at the individual computer networks are communicated to a central security manager. The central security manager correlates the security events at the individual computer networks to determine if there is an enterprise wide security threat.
    Type: Application
    Filed: September 14, 2006
    Publication date: February 7, 2008
    Inventors: Kevin Overcash, Kate Delikate, Rami Mizrahi, Galit Efron, Doron Kolton, Asaf Wexler, Netta Gavrieli, Yoram Zahavi
  • Publication number: 20070250624
    Abstract: A method and system for automatically learning and identifying web applications. The method discovers and identifies transactions, web applications, their modules, interfaces, and relationship between the modules. The method further includes dynamically creating application definers is provided.
    Type: Application
    Filed: April 23, 2007
    Publication date: October 25, 2007
    Applicant: B-HIVE NETWORKS, INC.
    Inventors: Asaf Wexler, Yoav Dembak