Patents by Inventor Marco Murgia
Marco Murgia has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11582282Abstract: The systems and methods of the present disclosure are directed towards a dynamic system that is configured to identify and map networked traffic, such as that of video, voice, file transfer, and web based applications to predetermined Quality of Service (QoS) classes. The different QoS classes can be associated with different traffic priorities. The networked traffic can be encrypted, which can prevent an intermediate device from processing or otherwise reading the packet headers of the traffic. The systems and methods of the present disclosure can predict QoS classes for encrypted traffic based on traffic patterns and other characteristics of the encrypted traffic.Type: GrantFiled: August 13, 2020Date of Patent: February 14, 2023Assignee: Citrix Systems, Inc.Inventors: Marco Murgia, Praveen Raja Dhanabalan, Anup Lal Gupta
-
Patent number: 11349751Abstract: The systems and methods discussed herein provide for faster communications, particularly for high priority traffic, across a distributed network with multiple exit points to a Wide Area Network. Rather than simply routing traffic based on internal or external destination, an intelligent router may measure latency to an endpoint destination via multiple paths, both external and internal, and direct traffic accordingly. Steering high priority traffic via the internal connection to an exit point near the destination server, and then to the server via the external network, may be faster than simply forwarding the connection via the external network from the exit point closest to the source device. Additionally, to reduce bandwidth requirements of the nearby exit point and provide capability for higher priority traffic, low priority traffic may be redirected back via the internal connection and transmitted via a distant exit point.Type: GrantFiled: November 26, 2019Date of Patent: May 31, 2022Assignee: Citrix Systems, Inc.Inventors: Marco Murgia, Praveen Raja Dhanabalan
-
Patent number: 10924372Abstract: A computing system may include point of presence (PoP) servers coupled to a wide area network (WAN) and configured to receive client requests for a Software as a service (SaaS) application(s) from different network branches coupled to the WAN, and connect the network branches with a given SaaS host server from among different SaaS host servers coupled to the WAN and providing the SaaS application(s). The system may also include a PoP selection controller (PSC) coupled to the WAN and cooperating with the PoP servers to determine first network health metrics for connections between the PoP servers and the network branches, determine second network health metrics for connections between the PoP servers and the SaaS host servers, and select a respective PoP server for each network branch to be connected with for providing the SaaS application(s) based upon the first and second network health metrics.Type: GrantFiled: June 13, 2018Date of Patent: February 16, 2021Assignee: CITRIX SYSTEMS, INC.Inventors: Karthick Srivatsan, Marco Murgia, Chaitra Maraliga Ramaiah
-
Publication number: 20200374336Abstract: The systems and methods of the present disclosure are directed towards a dynamic system that is configured to identify and map networked traffic, such as that of video, voice, file transfer, and web based applications to predetermined Quality of Service (QoS) classes. The different QoS classes can be associated with different traffic priorities. The networked traffic can be encrypted, which can prevent an intermediate device from processing or otherwise reading the packet headers of the traffic. The systems and methods of the present disclosure can predict QoS classes for encrypted traffic based on traffic patterns and other characteristics of the encrypted traffic.Type: ApplicationFiled: August 13, 2020Publication date: November 26, 2020Inventors: Marco Murgia, Praveen Raja Dhanabalan, Anup Lal Gupta
-
Patent number: 10757161Abstract: The systems and methods of the present disclosure are directed towards a dynamic system that is configured to identify and map networked traffic, such as that of video, voice, file transfer, and web based applications to predetermined Quality of Service (QoS) classes. The different QoS classes can be associated with different traffic priorities. The networked traffic can be encrypted, which can prevent an intermediate device from processing or otherwise reading the packet headers of the traffic. The systems and methods of the present disclosure can predict QoS classes for encrypted traffic based on traffic patterns and other characteristics of the encrypted traffic.Type: GrantFiled: January 9, 2017Date of Patent: August 25, 2020Assignee: Citrix Systems, Inc.Inventors: Marco Murgia, Praveen Raja Dhanabalan, Anup Lal Gupta
-
Publication number: 20200099612Abstract: The systems and methods discussed herein provide for faster communications, particularly for high priority traffic, across a distributed network with multiple exit points to a Wide Area Network. Rather than simply routing traffic based on internal or external destination, an intelligent router may measure latency to an endpoint destination via multiple paths, both external and internal, and direct traffic accordingly. Steering high priority traffic via the internal connection to an exit point near the destination server, and then to the server via the external network, may be faster than simply forwarding the connection via the external network from the exit point closest to the source device. Additionally, to reduce bandwidth requirements of the nearby exit point and provide capability for higher priority traffic, low priority traffic may be redirected back via the internal connection and transmitted via a distant exit point.Type: ApplicationFiled: November 26, 2019Publication date: March 26, 2020Inventors: Marco Murgia, Praveen Raja Dhanabalan
-
Patent number: 10516601Abstract: The systems and methods discussed herein provide for faster communications, particularly for high priority traffic, across a distributed network with multiple exit points to a Wide Area Network. Rather than simply routing traffic based on internal or external destination, an intelligent router may measure latency to an endpoint destination via multiple paths, both external and internal, and direct traffic accordingly. Steering high priority traffic via the internal connection to an exit point near the destination server, and then to the server via the external network, may be faster than simply forwarding the connection via the external network from the exit point closest to the source device. Additionally, to reduce bandwidth requirements of the nearby exit point and provide capability for higher priority traffic, low priority traffic may be redirected back via the internal connection and transmitted via a distant exit point.Type: GrantFiled: January 19, 2018Date of Patent: December 24, 2019Assignee: CITRIX SYSTEMS, INC.Inventors: Marco Murgia, Praveen Raja Dhanabalan
-
Publication number: 20190386904Abstract: A computing system may include point of presence (PoP) servers coupled to a wide area network (WAN) and configured to receive client requests for a Software as a service (SaaS) application(s) from different network branches coupled to the WAN, and connect the network branches with a given SaaS host server from among different SaaS host servers coupled to the WAN and providing the SaaS application(s). The system may also include a PoP selection controller (PSC) coupled to the WAN and cooperating with the PoP servers to determine first network health metrics for connections between the PoP servers and the network branches, determine second network health metrics for connections between the PoP servers and the SaaS host servers, and select a respective PoP server for each network branch to be connected with for providing the SaaS application(s) based upon the first and second network health metrics.Type: ApplicationFiled: June 13, 2018Publication date: December 19, 2019Inventors: KARTHICK SRIVATSAN, MARCO MURGIA, CHAITRA MARALIGA RAMAIAH
-
Publication number: 20190230027Abstract: The systems and methods discussed herein provide for faster communications, particularly for high priority traffic, across a distributed network with multiple exit points to a Wide Area Network. Rather than simply routing traffic based on internal or external destination, an intelligent router may measure latency to an endpoint destination via multiple paths, both external and internal, and direct traffic accordingly. Steering high priority traffic via the internal connection to an exit point near the destination server, and then to the server via the external network, may be faster than simply forwarding the connection via the external network from the exit point closest to the source device. Additionally, to reduce bandwidth requirements of the nearby exit point and provide capability for higher priority traffic, low priority traffic may be redirected back via the internal connection and transmitted via a distant exit point.Type: ApplicationFiled: January 19, 2018Publication date: July 25, 2019Inventors: Marco Murgia, Praveen Raja Dhanabalan
-
Patent number: 10122627Abstract: Computer networking device obtains route information including route attributes specifying characteristics for each of a plurality of routes through a first network. A routing algorithm is applied to choose an optimal route to one of a plurality of peer computer networking devices comprising a second network which is an overlay upon the first network. The optimal route is chosen based on the type of data contained in the data packet and the plurality of route attributes associated with the routes. The routes traverse paths through the first computer network which include network nodes other than the peer networking devices.Type: GrantFiled: August 31, 2016Date of Patent: November 6, 2018Assignee: Citrix Systems, Inc.Inventors: Marco Murgia, Praveen R. Dhanabalan
-
Publication number: 20180198838Abstract: The systems and methods of the present disclosure are directed towards a dynamic system that is configured to identify and map networked traffic, such as that of video, voice, file transfer, and web based applications to predetermined Quality of Service (QoS) classes. The different QoS classes can be associated with different traffic priorities. The networked traffic can be encrypted, which can prevent an intermediate device from processing or otherwise reading the packet headers of the traffic. The systems and methods of the present disclosure can predict QoS classes for encrypted traffic based on traffic patterns and other characteristics of the encrypted traffic.Type: ApplicationFiled: January 9, 2017Publication date: July 12, 2018Inventors: Marco Murgia, Praveen Raja Dhanabalan, Anup Lal Gupta
-
Patent number: 9923826Abstract: Systems and methods of the present solution provide a more optimal solution by dynamically and automatically reacting to changing network workload. A system that starts slowly, either by just examining traffic passively or by doing sub-optimal acceleration can learn over time, how many peer WAN optimizers are being serviced by an appliance, how much traffic is coming from each peer WAN optimizers, and the type of traffic being seen. Knowledge from this learning can serve to provide a better or improved baseline for the configuration of an appliance. In some embodiments, based on resources (e.g., CPU, Memory, Disk), the system from this knowledge may determine how many WAN optimization instances should be used and of what size, and how the load should be distributed across the instances of the WAN optimizer.Type: GrantFiled: October 10, 2012Date of Patent: March 20, 2018Assignee: Citrix Systems, Inc.Inventor: Marco Murgia
-
Publication number: 20180062986Abstract: Computer networking device obtains route information including route attributes specifying characteristics for each of a plurality of routes through a first network. A routing algorithm is applied to choose an optimal route to one of a plurality of peer computer networking devices comprising a second network which is an overlay upon the first network. The optimal route is chosen based on the type of data contained in the data packet and the plurality of route attributes associated with the routes. The routes traverse paths through the first computer network which include network nodes other than the peer networking devices.Type: ApplicationFiled: August 31, 2016Publication date: March 1, 2018Inventors: Marco Murgia, Praveen R. Dhanabalan
-
Patent number: 9363292Abstract: The present invention is directed towards systems and methods for establishing and applying a policy group to control a user's access to an identified resource. A policy group representing an aggregate of one or more access configurations for a user to access one or more identified resources may be established via a policy manager. The policy group may include a login point component representing an entry point to access the identified resource. The login point may be configured via the policy manager to specify a uniform resource locator for the entry point. One or more authentication and authorization methods may be selected for the login point component. The device may receive a request to access the uniform resource locator. The device may initiate the policy group for evaluation. The device may initiate, with the user, one or more authentication and authorization methods specified by the login point component.Type: GrantFiled: August 25, 2014Date of Patent: June 7, 2016Assignee: CITRIX SYSTEMS, INC.Inventors: Marco Murgia, Larry Tomlin, Ivan Bojer, Jong Kann, Pierre Rafiq
-
Publication number: 20140373090Abstract: The present invention is directed towards systems and methods for establishing and applying a policy group to control a user's access to an identified resource. A policy group representing an aggregate of one or more access configurations for a user to access one or more identified resources may be established via a policy manager. The policy group may include a login point component representing an entry point to access the identified resource. The login point may be configured via the policy manager to specify a uniform resource locator for the entry point. One or more authentication and authorization methods may be selected for the login point component. The device may receive a request to access the uniform resource locator. The device may initiate the policy group for evaluation. The device may initiate, with the user, one or more authentication and authorization methods specified by the login point component.Type: ApplicationFiled: August 25, 2014Publication date: December 18, 2014Applicant: CITRIX SYSTEMS, INC.Inventors: Marco Murgia, Larry Tomlin, Ivan Bojer, Jong Kann, Pierre Rafiq
-
Patent number: 8839346Abstract: The present invention is directed towards systems and methods for establishing and applying a policy group to control a user's access to an identified resource. A policy group representing an aggregate of one or more access configurations for a user to access one or more identified resources may be established via a policy manager. The policy group may include a login point component representing an entry point to access the identified resource. The login point may be configured via the policy manager to specify a uniform resource locator for the entry point. One or more authentication and authorization methods may be selected for the login point component. The device may receive a request to access the uniform resource locator. The device may initiate the policy group for evaluation. The device may initiate, with the user, one or more authentication and authorization methods specified by the login point component.Type: GrantFiled: July 21, 2010Date of Patent: September 16, 2014Assignee: Citrix Systems, Inc.Inventors: Marco Murgia, Larry Tomlin, Ivan Bojer, Jong Kann, Pierre Rafiq
-
Publication number: 20140101306Abstract: Systems and methods of the present solution provide a more optimal solution by dynamically and automatically reacting to changing network workload. A system that starts slowly, either by just examining traffic passively or by doing sub-optimal acceleration can learn over time, how many peer WAN optimizers are being serviced by an appliance, how much traffic is coming from each peer WAN optimizers, and the type of traffic being seen. Knowledge from this learning can serve to provide a better or improved baseline for the configuration of an appliance. In some embodiments, based on resources (e.g., CPU, Memory, Disk), the system from this knowledge may determine how many WAN optimization instances should be used and of what size, and how the load should be distributed across the instances of the WAN optimizer.Type: ApplicationFiled: October 10, 2012Publication date: April 10, 2014Inventor: Marco Murgia
-
Patent number: 8543726Abstract: A method, system, and apparatus are presented in which a web relay/client proxy module is downloaded to a client browser from a Network Security Appliance (NSA). The web relay module intercepts requests from the browser for network resources, and redefines the addresses within those requests so that the NSA can access protected resources on behalf of the client.Type: GrantFiled: April 8, 2005Date of Patent: September 24, 2013Assignee: Citrix Systems, Inc.Inventors: Jong J. Kann, Pierre P. Rafiq, Marco A. Murgia
-
Patent number: 8528047Abstract: A computer-based system provides secure, configurable access to computer network resources. A human-readable language is provided for defining access policy rules. Rules in this language are converted in an automated fashion into filters applied within the various subsystems and components in a multi-layer security system. Network users are authenticated by an access control security system that obtains basic information about that user. Based on the user ID, a set of abstract policies can be retrieved. The retrieved policies are associated with the user and the groups associated with that user. Based on the retrieved rules, a set of rules for multiple layers of the network are generated and applied to those subsystems. Two or more of the subsystems may be placed in series with different types of processing occurring in each of the subsystems, reducing the workload of subsequent subsystems.Type: GrantFiled: August 31, 2010Date of Patent: September 3, 2013Assignee: Citrix Systems, Inc.Inventors: Andreas Terzis, Marco A. Murgia, Ashwin Baskaran
-
Patent number: 8194673Abstract: A system and method is described for providing policy-based Network Address Translation (NAT) configurations wherein each user/resource policy within a network protection device may use a different set of address translation mappings.Type: GrantFiled: June 7, 2010Date of Patent: June 5, 2012Assignee: Citrix Systems, Inc.Inventors: Pyda Srisuresh, Marco A. Murgia, Ramakanth Gunuganti