Abstract: A method comprising: receiving, by a first network packet scheduler, from each other network packet scheduler of a plurality of network packet schedulers, a virtual packet for each traffic class of a plurality of traffic classes defining relative transmission priority of network packets; receiving, by the first network packet scheduler, a network packet of a first traffic class of the plurality of traffic classes; transmitting, by the first network packet scheduler, each virtual packet into a virtual connection of a plurality of virtual connections created for each traffic class; scheduling, by the first network packet scheduler, a network packet or a virtual packet as a next packet in a buffer for transmission; determining, by the first network packet scheduler, that the next packet in the buffer is a virtual packet; and discarding, by the first network packet scheduler, the virtual packet, responsive to the determination that the next packet in the buffer is a virtual packet.

Abstract: A method comprising: receiving, by a first network packet scheduler, from each other network packet scheduler of a plurality of network packet schedulers, a virtual packet for each traffic class of a plurality of traffic classes defining relative transmission priority of network packets; receiving, by the first network packet scheduler, a network packet of a first traffic class of the plurality of traffic classes; transmitting, by the first network packet scheduler, each virtual packet into a virtual connection of a plurality of virtual connections created for each traffic class; scheduling, by the first network packet scheduler, a network packet or a virtual packet as a next packet in a buffer for transmission; determining, by the first network packet scheduler, that the next packet in the buffer is a virtual packet; and discarding, by the first network packet scheduler, the virtual packet, responsive to the determination that the next packet in the buffer is a virtual packet.

Abstract: A method comprising: receiving, by a first network packet scheduler, from each other network packet scheduler of a plurality of network packet schedulers, a virtual packet for each traffic class of a plurality of traffic classes defining relative transmission priority of network packets; receiving, by the first network packet scheduler, a network packet of a first traffic class of the plurality of traffic classes; transmitting, by the first network packet scheduler, each virtual packet into a virtual connection of a plurality of virtual connections created for each traffic class; scheduling, by the first network packet scheduler, a network packet or a virtual packet as a next packet in a buffer for transmission; determining, by the first network packet scheduler, that the next packet in the buffer is a virtual packet; and discarding, by the first network packet scheduler, the virtual packet, responsive to the determination that the next packet in the buffer is a virtual packet.

Abstract: A method comprising: receiving, by a first network packet scheduler, from each other network packet scheduler of a plurality of network packet schedulers, a virtual packet for each traffic class of a plurality of traffic classes defining relative transmission priority of network packets; receiving, by the first network packet scheduler, a network packet of a first traffic class of the plurality of traffic classes; transmitting, by the first network packet scheduler, each virtual packet into a virtual connection of a plurality of virtual connections created for each traffic class; scheduling, by the first network packet scheduler, a network packet or a virtual packet as a next packet in a buffer for transmission; determining, by the first network packet scheduler, that the next packet in the buffer is a virtual packet; and discarding, by the first network packet scheduler, the virtual packet, responsive to the determination that the next packet in the buffer is a virtual packet.

Abstract: The present invention is directed towards systems and methods for providing discovery of applications for classification of a network packet for performing QoS and acceleration techniques. Remote display protocol traffic associated with a new application not previously included in a list of predetermined applications may be parsed for application information, and the new application may be added to the application list. The remote display protocol traffic may then be classified according to the new application, and network performance may be enhanced and optimized by providing QoS and acceleration engines with packet- or data-specific information corresponding to the newly identified application.

Abstract: The present disclosure is directed towards systems and methods for using a filter for groups. The includes a device, intermediary to a plurality of clients and a plurality of servers, receiving a request to access an application from a user. The intermediary device can identify a filter corresponding to a number of bits in an index of values. The number of bits in the index may correspond to a number of groups, a bit position in the index may correspond to an index value identifying a respective group, and a bit value may determine if the application corresponds to the respective group. The intermediary device may determine, from the filter and using the index of values, identification of the groups corresponding to the request and apply policies to the request based on the identified groups.

Abstract: The present invention is directed towards systems and methods for providing Quality of Service (QoS) via a flow controlled tunnel. Traffic from a plurality of applications may be directed into a single connection or flow-controlled tunnel and QoS policies may be applied across the plurality of applications without configuration of individual link speeds, enabling QoS scheduling to dynamically adjust traffic transmission and reception rates to ensure priority management of applications regardless of a final endpoint of the application communications. Accordingly, traffic of different types, including VPN, HTTP, Voice-over-IP (VoIP), remote desktop protocol traffic, or other traffic may be easily balanced and prioritized. In many embodiments, the tunnel may be transparent to applications, such that without any application configuration, application traffic may still be prioritized by QoS requirements.

Abstract: The present invention is directed towards systems and methods for providing classification of an encrypted network packet for performing QoS and acceleration techniques. Encrypted packets may be classified by a first classifier at a first portion of a network stack of a device as corresponding to a first predetermined application, and an application identifier may be included with the packet. In some embodiments, the packets may be decrypted in an order dependent on a first classification of the encrypted network packet. After decryption, packets may be reclassified as corresponding to a second predetermined application by a second classifier operating at a second portion of a network stack of the device above the first portion. Thus, network performance may be enhanced and optimized by providing QoS and acceleration engines with packet- or data-specific information corresponding to the application, while avoiding inefficiencies due to a lack of prioritization of decryption.

Abstract: A network shaping engine can be used to optimize network traffic by employing means to prioritize data packets assigned to a network traffic class over other network traffic. The network shaping engine accomplishes network traffic optimization by determining whether received data packets comprise a traffic class mark or indicia that indicates the data packets are part of a minimum latency traffic class. After analyzing the packets, the network optimization engine sorts the data packets according to the identified traffic classes and transmits the packets. Data packets comprising a traffic class marking are transmitted according to a first transmission scheme while data packets that do not comprise a traffic class marking are transmitted according to a second transmission scheme that differs from the first transmission scheme.

Abstract: The present invention is directed towards systems and methods for providing discovery of applications for classification of a network packet for performing QoS and acceleration techniques. Remote display protocol traffic associated with a new application not previously included in a list of predetermined applications may be parsed for application information, and the new application may be added to the application list. The remote display protocol traffic may then be classified according to the new application, and network performance may be enhanced and optimized by providing QoS and acceleration engines with packet- or data-specific information corresponding to the newly identified application.

Abstract: The present invention is directed towards systems and methods for providing multi-level classification of a network packet. In some embodiments, network performance may be enhanced and optimized by providing QoS and acceleration engines with packet- or data-specific information. In addition to source and destination IP addresses and port numbers, packet- or data-specific information can include direction of traffic (client to host or server; server or host to client; or both), Virtual LAN (VLAN) ID, source or destination application or associated application, service class, ICA priority, type of service, differentiated service code point (DSCP), or other information. Some or all of this information may be used to classify the network packet at a plurality of layers of a network stack, allowing for deep inspection of the packet and multiple levels of granularity of classification.

Abstract: The present invention is directed towards systems and methods for providing discovery of applications for classification of a network packet for performing QoS and acceleration techniques. Remote display protocol traffic associated with a new application not previously included in a list of predetermined applications may be parsed for application information, and the new application may be added to the application list. The remote display protocol traffic may then be classified according to the new application, and network performance may be enhanced and optimized by providing QoS and acceleration engines with packet- or data-specific information corresponding to the newly identified application.

Abstract: A network optimization engine can be used to optimize the transmission of network traffic by employing means to prioritize highly compressed network traffic over other network traffic. The network optimization engine accomplishes network traffic optimization by calculating a compression ratio for received data packets and determining whether the calculated compression ratios exceed a compression ratio threshold. The predetermined compression ratio threshold can be a hard coded value or an empirically determined compression ratio threshold that is calculated using a sample of the received network packets. Network packets having a compression ratio that exceeds the compression ratio threshold are classified as highly compressed network traffic and transmitted according to a transmission scheme that is different than a transmission scheme used to transmit non-highly compressed network traffic.

Abstract: The present invention is directed towards systems and methods for providing multi-level classification of a network packet. In some embodiments, network performance may be enhanced and optimized by providing QoS and acceleration engines with packet- or data-specific information. In addition to source and destination IP addresses and port numbers, packet- or data-specific information can include direction of traffic (client to host or server; server or host to client; or both), Virtual LAN (VLAN) ID, source or destination application or associated application, service class, ICA priority, type of service, differentiated service code point (DSCP), or other information. Some or all of this information may be used to classify the network packet at a plurality of layers of a network stack, allowing for deep inspection of the packet and multiple levels of granularity of classification.

Abstract: The present invention is directed towards systems and methods for providing multi-level classification of a network packet. In some embodiments, network performance may be enhanced and optimized by providing QoS and acceleration engines with packet- or data-specific information. In addition to source and destination IP addresses and port numbers, packet- or data-specific information can include direction of traffic (client to host or server; server or host to client; or both), Virtual LAN (VLAN) ID, source or destination application or associated application, service class, ICA priority, type of service, differentiated service code point (DSCP), or other information. Some or all of this information may be used to classify the network packet at a plurality of layers of a network stack, allowing for deep inspection of the packet and multiple levels of granularity of classification.

Abstract: The present invention is directed towards systems and methods for providing classification of an encrypted network packet for performing QoS and acceleration techniques. Encrypted packets may be classified by a first classifier at a first portion of a network stack of a device as corresponding to a first predetermined application, and an application identifier may be included with the packet. In some embodiments, the packets may be decrypted in an order dependent on a first classification of the encrypted network packet. After decryption, packets may be reclassified as corresponding to a second predetermined application by a second classifier operating at a second portion of a network stack of the device above the first portion. Thus, network performance may be enhanced and optimized by providing QoS and acceleration engines with packet- or data-specific information corresponding to the application, while avoiding inefficiencies due to a lack of prioritization of decryption.

Abstract: The present invention is directed towards systems and methods for providing classification of an encrypted network packet for performing QoS and acceleration techniques. Encrypted packets may be classified by a first classifier at a first portion of a network stack of a device as corresponding to a first predetermined application, and an application identifier may be included with the packet. In some embodiments, the packets may be decrypted in an order dependent on a first classification of the encrypted network packet. After decryption, packets may be reclassified as corresponding to a second predetermined application by a second classifier operating at a second portion of a network stack of the device above the first portion. Thus, network performance may be enhanced and optimized by providing QoS and acceleration engines with packet- or data-specific information corresponding to the application, while avoiding inefficiencies due to a lack of prioritization of decryption.

Abstract: The present invention is directed towards systems and methods for providing Quality of Service (QoS) via a flow controlled tunnel. Traffic from a plurality of applications may be directed into a single connection or flow-controlled tunnel and QoS policies may be applied across the plurality of applications without configuration of individual link speeds, enabling QoS scheduling to dynamically adjust traffic transmission and reception rates to ensure priority management of applications regardless of a final endpoint of the application communications. Accordingly, traffic of different types, including VPN, HTTP, Voice-over-IP (VoIP), remote desktop protocol traffic, or other traffic may be easily balanced and prioritized. In many embodiments, the tunnel may be transparent to applications, such that without any application configuration, application traffic may still be prioritized by QoS requirements.

Abstract: A network optimization engine can be used to optimize the transmission of network traffic by employing means to prioritize highly compressed network traffic over other network traffic. The network optimization engine accomplishes network traffic optimization by calculating a compression ratio for received data packets and determining whether the calculated compression ratios exceed a compression ratio threshold. The predetermined compression ratio threshold can be a hard coded value or an empirically determined compression ratio threshold that is calculated using a sample of the received network packets. Network packets having a compression ratio that exceeds the compression ratio threshold are classified as highly compressed network traffic and transmitted according to a transmission scheme that is different than a transmission scheme used to transmit non-highly compressed network traffic.

Abstract: A network shaping engine can be used to optimize network traffic by employing means to prioritize data packets assigned to a network traffic class over other network traffic. The network shaping engine accomplishes network traffic optimization by determining whether received data packets comprise a traffic class mark or indicia that indicates the data packets are part of a minimum latency traffic class. After analyzing the packets, the network optimization engine sorts the data packets according to the identified traffic classes and transmits the packets. Data packets comprising a traffic class marking are transmitted according to a first transmission scheme while data packets that do not comprise a traffic class marking are transmitted according to a second transmission scheme that differs from the first transmission scheme.