Abstract: An apparatus and method for determining a program neighborhood of a client node in a client-server network is described. The program neighborhood of the client node includes application programs hosted by application servers on the network. The present invention enables a user of a client node to learn of these application programs. The user is not required to know where to find such applications or to manually establish links to such applications. To make the client node aware of its program neighborhood, a host server collects application-related information corresponding to application programs hosted by the servers in the network. The application-related information can include the application name, the server location of the application, minimum capabilities required of client nodes for executing the application, and those users who are authorized to use that application. User credentials are received from the client system. The user credentials are used to filter the application-related information.

Abstract: Methods and apparatus for providing remote access to two or more application sessions in which authentication information associated with a user is received, a plurality of application sessions already associated with the user are identified in response to the information, and a client computer operated by the user is connected to the plurality of application sessions.

Abstract: Methods and apparatus for providing remote access to two or more application sessions in which authentication information associated with a user is received, a plurality of application sessions already associated with the user are identified in response to the information, and a client computer operated by the user is connected to the plurality of application sessions.

Abstract: The present invention is directed towards the acceleration of delivery of a computing environment to a remote user of a client at a remote location. The computing environment may include an application and a data file used or processed by the application. The application and data file may be stored or provided via a server remote to the client. The user can request a computing environment from the server that provides for execution of the application by the user via the remote computer. For example, the server may stream the application to the remote client. The client and server may communicate via an appliance that accelerates communications between the client and server. For example, the appliance may accelerate the streaming of the application to the remote user. In some cases, the application or remote user may also request a data file from the server, and the appliance accelerates the delivery of the data file to the remote user.

Abstract: A method for executing, by a virtual machine, an application program requested by a client machine includes the step of receiving a file including access information for accessing a plurality of application files and for executing a first client capable of receiving an application stream. An identification of the plurality of application files is retrieved, responsive to the received file. At least one characteristic required for execution of the plurality of application files is retrieved, responsive to the file. A determination is made as to whether a client machine includes the at least one characteristic. A second client is executed, responsive to a determination that the client machine lacks the at least one characteristic, the second client requesting execution of the plurality of application files on a remote machine comprising a virtual machine providing a computing environment having the at least one characteristic.

Abstract: A method for selecting a method of execution for an application includes the step of receiving credentials. A plurality of applications available to a client machine is enumerated responsive to the received credentials. A request to execute an enumerated application is received. One of a predetermined number of methods for executing the requested application is selected responsive to a policy, the predetermined number of methods including a method for executing the requested application in a computing environment provided by a virtual machine.

Abstract: A system for granting access to resources includes a client machine, a collection agent, a policy engine, and a broker server. The client machine requests access to a resource. The collection agent gathers information about the client machine. The policy engine receives the gathered information and assigns one of a plurality of levels of access responsive to application of a policy to the received information. The broker server establishes, responsive to the assigned level of access, a connection between the client machine and a computing environment providing the requested resource, the computing environment provided by a virtual machine.

Abstract: A method for providing remote access to a computer environment provided by a virtual machine includes the step of receiving authentication information associated with a user of a client machine. Based on the received authentication information, a computer environment provided by a virtualized operating system and already associated with the user is identified.

Abstract: A method for providing authorized remote access to a computing environment provided by a virtual machine, includes the step of requesting, by a client machine, access to a resource. A collection agent gathers information about the client machine. A policy engine receives the gathered information. The policy engine makes an access control decision based on the received information. A computing environment already associated with the user is identified in response to the received information, the identified computing environment provided by a virtual machine. A broker server establishes, responsive to the access control decision, a connection between the client machine and the identified computing environment.

Abstract: A method for selecting, by a remote machine, a method of execution for an application program includes receiving a request to execute an application. Credentials associated with a local machine are gathered. One of a predetermined number of methods for executing the requested application is selected responsive to a policy, the predetermined number of methods including a method for application streaming of the requested application.

Abstract: A method for selecting between a predetermined number of execution methods for an application program includes selecting, by a remote machine, a method of execution for an application program. Credentials associated with a local machine are received. An enumeration of a plurality of applications available to the local machine is provided, responsive to the received credentials. A request to execute an enumerated application is received. One of a predetermined number of methods for executing the enumerated application is selected responsive to a policy, the predetermined number of methods including a method for application streaming of the enumerated application.

Abstract: A method and system for accessing a file in a directory structure associated with an application includes a method of accessing a file in a directory structure associated with an application. A request by an application for access to a file is intercepted. The request is redirected to a first isolation environment. A determination is made that the requested file does not exist in the first isolation environment. The request is redirected to a second isolation environment responsive to a determination that the file is identified in an enumeration of a directory structure including a plurality of application files residing on a remote machine. The requested file is retrieved from a file server, responsive to a determination that the second isolation environment does not contain the file and that the file is identified in the enumeration.

Abstract: The present invention relates to systems and methods for network communication between a client and server via multiple proxies. A network protocol is used to establish and control an end-to-end connection between the client and the server via a single handshake mechanism. Through the protocol and end-to-end handshake, the proxies can participate in the establishment of the end-to-end connection. The present invention also provides a method and system by which a connection from one end-point to another end-point can be independently controlled and configured by the proxies along the connection path. Furthermore, the protocol is forward-compatible so that different proxies can be upgraded to different protocol versions at different times and the end-to-end connection control continues to operate.

Abstract: The invention relates to methods and systems for reconnecting a client and providing user authentication across a reliable and persistent communication session. A first protocol that encapsulates a plurality of secondary protocols is used to communicate over a network. A first protocol service, using the first protocol, provides session persistence and a reliable connection between a client and a server. An operation may be executed or transacted between the client and the server. When there is a disruption in the network connection between the client and the server that interrupts the operation, the connection is automatically reestablished and the operation is continued.

Abstract: The invention relates to methods and systems for reconnecting a client and providing user authentication across a reliable and persistent communication session. A first protocol that encapsulates a plurality of secondary protocols is used to communicate over a network. A first protocol service, using the first protocol, provides session persistence and a reliable connection between a client and a host service. When there is a disruption in the network connection between a client and a host service when a client roams between networks, the connection is reestablished and the client's network connection is maintained thru a change in a network identifier assigned to the client.

Abstract: The invention relates to methods and systems for reconnecting a client and providing user authentication across a reliable and persistent communication session. A first protocol that encapsulates a plurality of secondary protocols is used to communicate over a network. A first protocol service, using the first protocol, provides session persistence and a reliable connection between a client and a host service. When there is a disruption in the network connection between a client and a host service, the connection is reestablished and the user's session with the host service is maintained through the connection being reestablished.

Abstract: An apparatus and method for determining a program neighborhood of a client node in a client-server network is described. The program neighborhood of the client node includes application programs hosted by application servers on the network. The present invention enables a user of a client node to learn of these application programs. The user is not required to know where to find such applications or to manually establish links to such applications. To make the client node aware of its program neighborhood, a host server collects application-related information corresponding to application programs hosted by the servers in the network. The application-related information can include the application name, the server location of the application, minimum capabilities required of client nodes for executing the application, and those users who are authorized to use that application. User credentials are received from the client system. The user credentials are used to filter the application-related information.

Abstract: The invention relates to methods and systems for reconnecting a client and providing user authentication across a reliable and persistent communication session. A first protocol that encapsulates a plurality of secondary protocols is used to communicate over a network. A first protocol service, using the first protocol, provides session persistence and a reliable connection between a client and a host service.

Abstract: The invention relates to systems and methods for reestablishing client communications by securely traversing network components using an encapsulating communication protocol to provide session persistence and reliability. A first protocol that encapsulates a plurality of secondary protocols is used to communicate over a network to provide session persistence and a reliable connection between a client and a host service via a first protocol service. A ticket authority generates a first ticket and a second ticket associated with the client. The first ticket is provided to the client and the client uses the first ticket to establish a communication session with the first protocol service. The second ticket is provided to the first protocol service and the first protocol service uses the second ticket to establish a communication session with the host service.

Abstract: The invention relates to network communications. A first protocol that encapsulates a plurality of secondary protocols is used to communicate over a network. Use of the first protocol provides session persistence and a reliable connection between a client and a host service.