Patents by Inventor Asaf Wexler
Asaf Wexler has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 8892737Abstract: A network sniffer where the sniffer learns the structure of a web application, monitors the operation of the application, and optionally controls the processing of incoming requests to achieve optimal performance as defined in a service level agreement (SLA). The network sniffer is operative for example in enterprise web applications and in enterprise data centers that deploy web applications and optimally is adapted to maintain a consistent level of service of web applications.Type: GrantFiled: March 6, 2007Date of Patent: November 18, 2014Assignee: VMware, Inc.Inventors: Asaf Wexler, Yoav Dembak
-
Patent number: 8683041Abstract: A method for controlling and maintaining a level of service of web applications is disclosed. The method includes generating a context for each request sent from a client to a web server and for each reply sent from a web server to a client. Then it is determined whether the context belongs to an identified transaction. Statistics respective of the identified transaction is then gathered. Further, a determination is made whether at least one policy predefined for the identified application is violated. A plurality of corrective actions are performed if at least one policy is determined to be violated.Type: GrantFiled: December 11, 2009Date of Patent: March 25, 2014Assignee: VMware, Inc.Inventors: Asaf Wexler, Yoav Dembak
-
Patent number: 8656000Abstract: A service level management (SLM) system where the system learns the structure of a web application, monitors the operation of the application, and controls the processing of incoming requests to achieve optimal performance as defined in a service level agreement (SLA). The system is operative for example in enterprise web applications and in enterprise data centers that deploy web applications and optimally is capable of controlling and maintaining a level of service of web applications.Type: GrantFiled: August 21, 2009Date of Patent: February 18, 2014Assignee: VMware, Inc.Inventors: Asaf Wexler, Yoav Dembak
-
Patent number: 8635330Abstract: A method and system for automatically learning and identifying web applications. The method discovers and identifies transactions, web applications, their modules, interfaces, and relationship between the modules. The method further includes dynamically creating application definers is provided.Type: GrantFiled: April 23, 2007Date of Patent: January 21, 2014Assignee: VMware, Inc.Inventors: Asaf Wexler, Yoav Dembak
-
Patent number: 8595369Abstract: A system and method for correlating front-end and back-end transactions in a data center. The method includes gathering front-end and back-end transactions; analyzing pairs of transactions to detect correlated front-end and back-end transactions; saving correlated pairs in a database; and displaying the correlated pairs on a graphical user interface (GUI). In accordance with an embodiment of the invention the detection of correlated pairs may be performed using content matching analysis, time proximity analysis, and attributes analysis.Type: GrantFiled: April 17, 2008Date of Patent: November 26, 2013Assignee: VMware, Inc.Inventors: Asaf Wexler, Ronen Heled
-
Patent number: 8595835Abstract: Systems and methods for identification of network attacks are disclosed. An example system includes an adaptor module to route a received encrypted packet to a decryption module, receive a decrypted packet corresponding to the encrypted packet from the decryption module, and transmit the decrypted packet and the encrypted packet to a sensor module. The decryption module is to receive an encrypted packet, decrypt the encrypted packet to form the decrypted packet, and transmit the decrypted packet to the adaptor module. The sensor module is to inspect the decrypted packet and the encrypted packet received from the adaptor module to determine when an attack is detected.Type: GrantFiled: January 13, 2011Date of Patent: November 26, 2013Assignee: Trustwave Holdings, Inc.Inventors: Doron Kolton, Adi Stav, Asaf Wexler, Ariel Ernesto Frydman, Yoram Zahavi
-
Patent number: 8204986Abstract: A method for monitoring performance of a data center that includes: (a) a performance monitor analyzing packets that flow between a client and a web or application server; (b) assigning packets to contexts where a context is a request-reply entity; (c) determining one or more of application, network, and back-end latency measures wherein: (i) the application latency measure is a time it takes for an application to respond to a request, (ii) the network latency measure is a time that it takes for packets to go through a network between the client and the web or application server, and (iii) the back-end latency is a time required for a back-end system to execute a request and respond to the application server.Type: GrantFiled: July 28, 2008Date of Patent: June 19, 2012Assignee: VMware, Inc.Inventors: Asaf Wexler, Netta Gavrieli
-
Publication number: 20110283101Abstract: A system and method for detecting network attacks within encrypted network traffic received by a protected network includes a decryption module and an adaptor module. This system and method can be inserted and used with multiple types of operating systems.Type: ApplicationFiled: January 13, 2011Publication date: November 17, 2011Applicant: TRUSTWAVE HOLDINGS, INC.Inventors: Doron Kolton, Adi Stav, Asaf Wexler, Ariel Ernesto Frydman, Yoram Zahavi
-
Patent number: 7934253Abstract: A system and method for protection of Web based applications are described. The techniques described provide an enterprise wide approach to preventing attacks of Web based applications. Individual computer networks within the enterprise monitor network traffic to identify anomalous traffic. The anomalous traffic can be identified by comparing the traffic to a profile of acceptable user traffic when interacting with the application. The anomalous traffic, or security events, identified at the individual computer networks are communicated to a central security manager. The central security manager correlates the security events at the individual computer networks to determine if there is an enterprise wide security threat. The central security manager can then communicate instructions to the individual computer networks so as to provide an enterprise wide solution to the threat.Type: GrantFiled: September 14, 2006Date of Patent: April 26, 2011Assignee: TrustWave Holdings, Inc.Inventors: Kevin Overcash, Kate Delikat, Rami Mizrahi, Galit Efron, Doron Kolton, Asaf Wexler, Netta Gavrieli, Yoram Zahavi
-
Patent number: 7895652Abstract: A system and method for detecting network attacks within encrypted network traffic received by a protected network includes a decryption module and an adaptor module. This system and method can be inserted and used with multiple types of operating systems.Type: GrantFiled: January 4, 2006Date of Patent: February 22, 2011Assignee: Trustwave Holdings, Inc.Inventors: Doron Kolton, Adi Stav, Asaf Wexler, Ariel Ernesto Frydman, Yoram Zahavi
-
Publication number: 20100094916Abstract: A method for controlling and maintaining a level of service of web applications is disclosed. The method includes generating a context for each request sent from a client to a web server and for each reply sent from a web server to a client. Then it is determined whether the context belongs to an identified transaction. Statistics respective of the identified transaction is then gathered. Further, a determination is made whether at least one policy predefined for the identified application is violated. A plurality of corrective actions are performed if at least one policy is determined to be violated.Type: ApplicationFiled: December 11, 2009Publication date: April 15, 2010Applicant: VMWARE, INC.Inventors: Asaf WEXLER, Yoav DEMBAK
-
Patent number: 7693996Abstract: A service level management (SLM) system where the system learns the structure of a web application, monitors the operation of the application, and controls the processing of incoming requests to achieve optimal performance as defined in a service level agreement (SLA). The system is operative for example in enterprise web applications and in enterprise data centers that deploy web applications and optimally is capable of controlling and maintaining a level of service of web applications.Type: GrantFiled: March 6, 2007Date of Patent: April 6, 2010Assignee: VMware, Inc.Inventors: Asaf Wexler, Yoav Dembak
-
Publication number: 20090313273Abstract: A service level management (SLM) system where the system learns the structure of a web application, monitors the operation of the application, and controls the processing of incoming requests to achieve optimal performance as defined in a service level agreement (SLA). The system is operative for example in enterprise web applications and in enterprise data centers that deploy web applications and optimally is capable of controlling and maintaining a level of service of web applications.Type: ApplicationFiled: August 21, 2009Publication date: December 17, 2009Applicant: VMWARE, INC.Inventors: Asaf WEXLER, Yoav DEMBAK
-
Publication number: 20090125532Abstract: A system and method for correlating front-end and back-end transactions in a data center. The method includes gathering front-end and back-end transactions; analyzing pairs of transactions to detect correlated front-end and back-end transactions; saving correlated pairs in a database; and displaying the correlated pairs on a graphical user interface (GUI). In accordance with an embodiment of the invention the detection of correlated pairs may be performed using content matching analysis, time proximity analysis, and attributes analysis.Type: ApplicationFiled: April 17, 2008Publication date: May 14, 2009Applicant: B-HIVE NETWORKS, INCInventors: Asaf Wexler, Ronen Heled
-
Publication number: 20090125496Abstract: A network device and method for learning and monitoring transactions executed by back-end systems in data servers. Specifically, it allows learning and monitoring at least standard query language (SQL) transactions sent from an application server hosting a web application to a database server and executed thereon. Monitoring of SQL transactions allows measuring performance parameters with regards to databases, databases' tables, operations and queries that are part of the transactions. Furthermore, the measurement of performance parameters with respect to HTTP requests of the respective SQL transactions is provided.Type: ApplicationFiled: April 17, 2008Publication date: May 14, 2009Applicant: B-HIVE NETWORKS, INCInventors: Asaf Wexler, Mayan Weiss, Or Kroyzer, Ronen Heled
-
Publication number: 20090031022Abstract: A method for monitoring performance of a data center that includes: (a) a performance monitor analyzing packets that flow between a client and a web or application server; (b) assigning packets to contexts where a context is a request-reply entity; (c) determining one or more of application, network, and back-end latency measures wherein: (i) the application latency measure is a time it takes for an application to respond to a request, (ii) the network latency measure is a time that it takes for packets to go through a network between the client and the web or application server, and (iii) the back-end latency is a time required for a back-end system to execute a request and respond to the application server.Type: ApplicationFiled: July 28, 2008Publication date: January 29, 2009Applicant: VMWARE, INC.Inventors: Asaf WEXLER, Netta GAVRIELI
-
Publication number: 20080047009Abstract: A system and method for protection of Web based applications are described. A Web application security system is included within a computer network to monitor traffic received from a wide area network, such as the Internet, and determine if there is a threat to the Web application. The Web application security system monitors web traffic in a non-inline configuration and identifies any anomalous traffic against a profile that identifies acceptable behavior of a user of the application. Any anomalous traffic is analyzed and appropriate protective action is taken to secure the Web application against an attack.Type: ApplicationFiled: July 20, 2006Publication date: February 21, 2008Inventors: Kevin Overcash, Kate Delikat, Rami Mizrahi, Galit Efron (Njtzan), Doron Kolton, Asaf Wexler, Netta Gavrieli, Yoram Zahavi
-
Publication number: 20080034424Abstract: A system and method for protection of Web based applications are described. An agent is included in a web server such that traffic is routed through the agent. A security module is also in communication with the agent. The agent receives information about the application profile, and patterns of acceptable traffic behavior, from the security module. The agent acts as a gatekeeper, holding up suspicious traffic that does not match the pattern of acceptable traffic behavior until the suspicious traffic has been analyzed by the security module. Using the agent, malicious traffic can dropped before it can reach the application, or the user can be logged out, or both.Type: ApplicationFiled: September 14, 2006Publication date: February 7, 2008Inventors: Kevin Overcash, Kate Delikate, Rami Mizrahi, Galit Efron, Doron Kolton, Asaf Wexler, Netta Gavrieli, Yoram Zahavi
-
Publication number: 20080034425Abstract: A system and method for protection of Web based applications are described. The techniques described provide an enterprise wide approach to preventing attacks of Web based applications. Individual computer networks within the enterprise monitor network traffic to identify anomalous traffic. The anomalous traffic can be identified by comparing the traffic to a profile of acceptable user traffic when interacting with the application. The anomalous traffic, or security events, identified at the individual computer networks are communicated to a central security manager. The central security manager correlates the security events at the individual computer networks to determine if there is an enterprise wide security threat.Type: ApplicationFiled: September 14, 2006Publication date: February 7, 2008Inventors: Kevin Overcash, Kate Delikate, Rami Mizrahi, Galit Efron, Doron Kolton, Asaf Wexler, Netta Gavrieli, Yoram Zahavi
-
Publication number: 20070250624Abstract: A method and system for automatically learning and identifying web applications. The method discovers and identifies transactions, web applications, their modules, interfaces, and relationship between the modules. The method further includes dynamically creating application definers is provided.Type: ApplicationFiled: April 23, 2007Publication date: October 25, 2007Applicant: B-HIVE NETWORKS, INC.Inventors: Asaf Wexler, Yoav Dembak