Abstract: A system (20) includes a network interface (32) and a processor (34). The processor is configured to (i) receive, via the network interface, a request originating from a request-origin application and directed to a request-destination application (24b) that runs on a request-destination device (24), (ii) subsequently to receiving the request, communicate the request to the request-destination device, (iii) subsequently to communicating the request to the request-destination device, receive a response, from the request-destination application, to the request, (iv) while holding the response, identify information contained in at least one log entry that was recorded by the request-destination application responsively to the request, and (v) perform a function in response to the information. Other embodiments are also described.

Abstract: Described embodiments include an apparatus, comprising a communication interface and a processor. The processor is configured to obtain an NT Local Area Network Manager (NTLM) authentication token, which authenticates a client device to a service using an NTLM authentication protocol. The processor is further configured to, subsequently to obtaining the NTLM authentication token, receive, via the communication interface, from another processor that belongs to the client device, a challenge that was sent to the client device by the service in response to a request, from the client device, to access the service. The processor is further configured to, using the NTLM authentication token, compute a response to the received challenge, and to communicate the computed response to the client device, without exposing the NTLM authentication token to the client device. Other embodiments are also described.

Abstract: Described embodiments include an apparatus (40), comprising a communication interface (42) and a processor (44). The processor is configured to obtain an NT Local Area Network Manager (NTLM) authentication token, which authenticates a client device (22) to a service using an NTLM authentication protocol. The processor is further configured to, subsequently to obtaining the NTLM authentication token, receive, via the communication interface, from another processor (30) that belongs to the client device, a challenge that was sent to the client device by the service in response to a request, from the client device, to access the service. The processor is further configured to, using the NTLM authentication token, compute a response to the received challenge, and to communicate the computed response to the client device, without exposing the NTLM authentication token to the client device. Other embodiments are also described.

Abstract: A system (20) includes a network interface (32) and a processor (34). The processor is configured to (i) receive, via the network interface, a request originating from a request-origin application and directed to a request-destination application (24b) that runs on a request-destination device (24), (ii) subsequently to receiving the request, communicate the request to the request-destination device, (iii) subsequently to communicating the request to the request-destination device, receive a response, from the request-destination application, to the request, (iv) while holding the response, identify information contained in at least one log entry that was recorded by the request-destination application responsively to the request, and (v) perform a function in response to the information. Other embodiments are also described.

Abstract: A method includes receiving a message belonging to an access request or to a response to the access request, the access request originating from a request-origin device and directed to a request-destination application. The method further includes, without using the request-destination application, subsequently to receiving the message, forwarding the message to a traffic-management server before communicating the message to a destination of the message, subsequently to forwarding the message, receiving the message from the traffic-management server, and subsequently to receiving the message from the traffic-management server, communicating the message to the destination of the message. Other embodiments are also described.