Abstract: An acceleration apparatus is adapted to operate in a direct mode and a proxy mode. In the direct mode, the acceleration apparatus decrypts data packets received from a client and forwards the decrypted data packets to a server using a communication session negotiated by the client and the server. In the proxy mode, the acceleration apparatus responds to the client on behalf of the server and forwards the decrypted data packets to the server using a communication session negotiated by the acceleration device and the server. The acceleration apparatus automatically switches from the direct mode to the proxy mode upon detection of a communication error associated with the communication session negotiated by the client and the server.

Abstract: A load balancing SSL acceleration device. The device includes a processor, memory and communications interface. A TCP communications manager capable of interacting with a plurality of client devices and server devices simultaneously is provided, along with a secure communications manager. The apparatus further includes an encryption and decryption engine instructing the processor to encrypt data from a secure communications session and direct it to said second communication session. Still further, the apparatus includes a load balancing engine associating ones of said client devices with ones of said servers for a communications session based on calculated processing loads of each said server. In a further aspect, a method for performing SSL acceleration of data communications between a plurality of customer devices attempting to communicate with an enterprise having a plurality of servers is disclosed.

Abstract: A method for secure communications between a client and one of a plurality of servers performed on an intermediate device coupled to the client and the plurality of servers.

Abstract: A method for enabling secure communication between a client on an open network and a server apparatus on a secure network. The method is generally performed on a intermediary apparatus coupled to the secure network and the open network. The method includes the steps of negotiating a secure communications session with the client apparatus via the open network; negotiating an open communications session with the server via the secure network; receiving encrypted packet application data having a length greater than a packet length via multiple data packets; decrypting the encrypted packet application data in each data packet; forwarding decrypted, unauthenticated application data to the server via the secure network; and authenticating the decrypted packet data on receipt of a final packet of the segment.

Abstract: A method for secure communications between a client and one of a plurality of servers performed on an intermediary device coupled to the client and said plurality of servers. In one aspect, the method comprises: establishing an open communications session between the intermediary device and the client via an open network; negotiating a secure communications session with the client; establishing an open communications session with said one of said plurality of servers via a secure network; receiving encrypted data from the client via the secure communications session; decrypting encrypted application data; forwarding decrypted application data to the server via the secure network; receiving application data from the server via the secure network; encrypting the application data; and sending encrypted application data to the client.

Abstract: A virtual management system for a network facility, such as a data center, or any facility having a plurality of components which can be organized as objects for presentation in a virtualized environment, is disclosed. The system includes a management topology presenting devices, facilities, subscribers, log servers, and services as objects to an administrative interface; and a configuration manager implementing changes to objects in the topology responsive to configuration input from an administrator via the administrative interface. In an exemplary embodiment, the user interface is a graphical user interface designed to work in a platform independent environment. The system may include a management server coupled to the plurality of objects. In one aspect, the management server communicates with the devices, downloading configuration data to and uploading configuration data from, the devices. The management server and the interface may communicate via a LAN, WAN or the Internet.

Abstract: A network service administration system including a plurality of service objects, a plurality of address objects; and a service configuration application for a multifunction appliance running on a client computer coupled to the appliance via a network. The service configuration application includes an interface allowing subscribers to configure at least a subset of application content services provided by the appliance and including a rule set implementing rules in ones of said application content services in said subset based on changes to configurations of any other of said application content services. Each of said service objects may comprise an individual network service definition.

Abstract: A virtual management system for a network facility, such as a data center, or any facility having a plurality of components which can be organized as objects for presentation in a virtualized environment, is disclosed. The system includes a management topology presenting devices, facilities, subscribers, log servers, and services as objects to an administrative interface; and a configuration manager implementing changes to objects in the topology responsive to configuration input from an administrator via the administrative interface. In an exemplary embodiment, the user interface is a graphical user interface designed to work in a platform independent environment. The system may include a management server coupled to the plurality of objects. In one aspect, the management server communicates with the devices, downloading configuration data to and uploading configuration data from, the devices. The management server and the interface may communicate via a LAN, WAN or the Internet.