Patents by Inventor Snigdhendu Mukhopadhyay
Snigdhendu Mukhopadhyay has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11831758Abstract: A system and method for securely encrypting and booting a headless appliance. A method includes providing the headless appliance with content stored in a memory, wherein the content is encrypted with a key, and wherein the key is separately stored on a remote computing device; booting the headless appliance and loading a fallback configuration; in response to a user device connecting to the headless appliance, directing the user device to a captive portal and capturing credentials of a user; forwarding the credentials to the remote computing device for verification by an identity provider; in response to the credentials being verified as a non-administrator, granting access to a public network for the user; and in response to the credentials being verified as an administrator, obtaining the key from the remote computing device to decrypt the content to provide access to a private network for the user.Type: GrantFiled: July 20, 2022Date of Patent: November 28, 2023Inventors: Ioannis Beredimas, Snigdhendu Mukhopadhyay, Adam Phillip Schultz
-
Publication number: 20220353065Abstract: A system and method for securely encrypting and booting a headless appliance. A method includes providing the headless appliance with content stored in a memory, wherein the content is encrypted with a key, and wherein the key is separately stored on a remote computing device; booting the headless appliance and loading a fallback configuration; in response to a user device connecting to the headless appliance, directing the user device to a captive portal and capturing credentials of a user; forwarding the credentials to the remote computing device for verification by an identity provider; in response to the credentials being verified as a non-administrator, granting access to a public network for the user; and in response to the credentials being verified as an administrator, obtaining the key from the remote computing device to decrypt the content to provide access to a private network for the user.Type: ApplicationFiled: July 20, 2022Publication date: November 3, 2022Inventors: Ioannis Beredimas, Snigdhendu Mukhopadhyay, Adam Phillip Schultz
-
Patent number: 11431482Abstract: A system and method for securely encrypting and booting a headless appliance. A computerized method is disclosed that includes: providing the network appliance with content encrypted with a secret key; launching the network appliance in a fallback configuration that provides limited operational capabilities; forwarding a request for the secret key to an online service that independently utilizes an identity provider to establish trust with an appliance administrator; receiving the secret key from the online service upon establishment of trust with the appliance administrator; decrypting the content with the secret key received from the online service; and utilizing the content to launch the network appliance in a full configuration.Type: GrantFiled: February 8, 2021Date of Patent: August 30, 2022Assignee: CITRIX SYSTEMS, INC.Inventors: Ioannis Beredimas, Snigdhendu Mukhopadhyay, Adam Phillip Schultz
-
Publication number: 20220239473Abstract: A system and method for securely encrypting and booting a headless appliance. A computerized method is disclosed that includes: providing the network appliance with content encrypted with a secret key; launching the network appliance in a fallback configuration that provides limited operational capabilities; forwarding a request for the secret key to an online service that independently utilizes an identity provider to establish trust with an appliance administrator; receiving the secret key from the online service upon establishment of trust with the appliance administrator; decrypting the content with the secret key received from the online service; and utilizing the content to launch the network appliance in a full configuration.Type: ApplicationFiled: February 8, 2021Publication date: July 28, 2022Inventors: Ioannis Beredimas, Snigdhendu Mukhopadhyay, Adam Phillip Schultz
-
Publication number: 20220224684Abstract: Described embodiments provide systems and methods for validating session tokens using network properties. A first device having one or more processors coupled with memory may identify a session token from an initiation of a session between the first device and a second device via a network path of a plurality of network paths. The first device may determine that the first network path is to be trusted based at least on a property of the network path. The first device may validate the session token for use over the plurality of network paths, responsive to determining that the network path is to be trusted. The first device may provide, responsive to validating, the session token to the second device for use in communications over the plurality of network paths.Type: ApplicationFiled: February 24, 2021Publication date: July 14, 2022Applicant: Citrix Systems, Inc.Inventors: Adam Schultz, Snigdhendu Mukhopadhyay, Ioannis Beredimas
-
Patent number: 11343185Abstract: Described embodiments provide systems and methods for steering network traffic using dynamically generated configuration scripts. A first device may generate a configuration script for an application on the client for connecting with a server. The configuration script may specify the application to establish a direct connection or an indirect connection with the server. The first device may provide the configuration script to be invoked by the application to identify a first address to access the server based on a determination to establish the direct connection or the indirect connection. The first device may receive, from the client, an initiation request to connect with the server including the first address. The first device may determine second address by applying a routing policy to the first address. The first device may establish one of the direct connection or the indirect connection using the second address.Type: GrantFiled: May 19, 2020Date of Patent: May 24, 2022Assignee: Citrix Systems, Inc.Inventors: Vladimir Vysotsky, Snigdhendu Mukhopadhyay
-
Patent number: 11296991Abstract: Methods and systems for changing communication paths in a network based on predicted Quality of Experience metrics are described herein. Computing devices in a network may communicate via one or more communication paths and using one or more applications. One or more Quality of Experience metrics may be determined for the one or more applications. Network metrics for the network may be measured and, based on one or more Quality of Service policies for the network, predicted Quality of Experience metrics may be determined using, e.g., a model network. A communication path recommendation may be output based on the predicted Quality of Experience metrics. For example, the recommendation may cause an application to change from a first communication path to a second communication path.Type: GrantFiled: October 29, 2020Date of Patent: April 5, 2022Assignee: Citrix Systems, Inc.Inventors: Praveen Raja Dhanabalan, Sachin Shelar, Snigdhendu Mukhopadhyay
-
Publication number: 20210092062Abstract: Techniques are disclosed for enhancing quality of experience (QoE) being provided by an application executing in a network based on a determined current QoE of the application. An example methodology implementing the techniques includes determining one or more characteristics of a data flow for an application, computing a score for the execution of the application based on the determined one or more characteristics of the data flow, the score being indicative of a quality of a user experience associated with the application and responsive to determination that the score does not satisfy a threshold, adjusting the data flow so that execution of the application results in a user experience that is satisfactory based on the computed score. In one example, adjusting the data flow includes packet duplication. In another example, adjusting the data flow includes forward error correction.Type: ApplicationFiled: September 20, 2019Publication date: March 25, 2021Inventors: Praveen Raja Dhanabalan, Naveen Yerramneni, Ramanjaneya Reddy Kamalapuram, Snigdhendu Mukhopadhyay
-
Publication number: 20210044530Abstract: Methods and systems for changing communication paths in a network based on predicted Quality of Experience metrics are described herein. Computing devices in a network may communicate via one or more communication paths and using one or more applications. One or more Quality of Experience metrics may be determined for the one or more applications. Network metrics for the network may be measured and, based on one or more Quality of Service policies for the network, predicted Quality of Experience metrics may be determined using, e.g., a model network. A communication path recommendation may be output based on the predicted Quality of Experience metrics. For example, the recommendation may cause an application to change from a first communication path to a second communication path.Type: ApplicationFiled: October 29, 2020Publication date: February 11, 2021Inventors: Praveen Raja Dhanabalan, Sachin Shelar, Snigdhendu Mukhopadhyay
-
Patent number: 10911310Abstract: Described embodiments provide systems and methods for steering network traffic using dynamically generated configuration scripts. A first device may generate a configuration script for an application on the client for connecting with a server. The configuration script may specify the application to establish a direct connection or an indirect connection with the server. The first device may provide the configuration script to be invoked by the application to identify a first address to access the server based on a determination to establish the direct connection or the indirect connection. The first device may receive, from the client, an initiation request to connect with the server including the first address. The first device may determine second address by applying a routing policy to the first address. The first device may establish one of the direct connection or the indirect connection using the second address.Type: GrantFiled: May 20, 2019Date of Patent: February 2, 2021Assignee: Citrix Systems, Inc.Inventors: Vladimir Vysotsky, Snigdhendu Mukhopadhyay
-
Publication number: 20210029043Abstract: Methods and systems for changing communication paths in a network based on predicted Quality of Experience metrics are described herein. Computing devices in a network may communicate via one or more communication paths and using one or more applications. One or more Quality of Experience metrics may be determined for the one or more applications. Network metrics for the network may be measured and, based on one or more Quality of Service policies for the network, predicted Quality of Experience metrics may be determined using, e.g., a model network. A communication path recommendation may be output based on the predicted Quality of Experience metrics. For example, the recommendation may cause an application to change from a first communication path to a second communication path.Type: ApplicationFiled: July 24, 2019Publication date: January 28, 2021Inventors: Praveen Raja Dhanabalan, Sachin Shelar, Snigdhendu Mukhopadhyay
-
Patent number: 10897424Abstract: Methods and systems for changing communication paths in a network based on predicted Quality of Experience metrics are described herein. Computing devices in a network may communicate via one or more communication paths and using one or more applications. One or more Quality of Experience metrics may be determined for the one or more applications. Network metrics for the network may be measured and, based on one or more Quality of Service policies for the network, predicted Quality of Experience metrics may be determined using, e.g., a model network. A communication path recommendation may be output based on the predicted Quality of Experience metrics. For example, the recommendation may cause an application to change from a first communication path to a second communication path.Type: GrantFiled: July 24, 2019Date of Patent: January 19, 2021Assignee: Citrix Systems, Inc.Inventors: Praveen Raja Dhanabalan, Sachin Shelar, Snigdhendu Mukhopadhyay
-
Publication number: 20200374197Abstract: Described embodiments provide systems and methods for steering network traffic using dynamically generated configuration scripts. A first device may generate a configuration script for an application on the client for connecting with a server. The configuration script may specify the application to establish a direct connection or an indirect connection with the server. The first device may provide the configuration script to be invoked by the application to identify a first address to access the server based on a determination to establish the direct connection or the indirect connection. The first device may receive, from the client, an initiation request to connect with the server including the first address. The first device may determine second address by applying a routing policy to the first address. The first device may establish one of the direct connection or the indirect connection using the second address.Type: ApplicationFiled: May 20, 2019Publication date: November 26, 2020Inventors: Vladimir Vysotsky, Snigdhendu Mukhopadhyay
-
Publication number: 20200374229Abstract: Described embodiments provide systems and methods for steering network traffic using dynamically generated configuration scripts. A first device may generate a configuration script for an application on the client for connecting with a server. The configuration script may specify the application to establish a direct connection or an indirect connection with the server. The first device may provide the configuration script to be invoked by the application to identify a first address to access the server based on a determination to establish the direct connection or the indirect connection. The first device may receive, from the client, an initiation request to connect with the server including the first address. The first device may determine second address by applying a routing policy to the first address. The first device may establish one of the direct connection or the indirect connection using the second address.Type: ApplicationFiled: May 19, 2020Publication date: November 26, 2020Inventors: Vladimir Vysotsky, Snigdhendu Mukhopadhyay
-
Patent number: 8677480Abstract: Embodiments of the present disclosure provide techniques for distributing information about possible anomalies in a network. A sensor in a network may detect packets with payloads that match an anomaly signature. Address dispersion information, for example, in the form of source and address bitmaps, may be gathered at the sensor. The address dispersion information may be distributed to one or more peer sensors if the information indicates that the number of different addresses of the detected matching packets exceeds a threshold.Type: GrantFiled: September 3, 2008Date of Patent: March 18, 2014Assignee: Cisco Technology, Inc.Inventors: Chui-Tin Yen, Saumyavapuh Lugani, Snigdhendu Mukhopadhyay, Rajiv Raghunarayan, Sumeet Singh
-
Patent number: 8661544Abstract: A method is disclosed for distributed detection of botnets via a plurality of sensors on a network. According to embodiments, DNS information, including domain names and addresses, is received at a sensor, the number of unique subnets corresponding to a domain name is determined and an alert is sent to other sensors when the number of unique subnets exceeds a first threshold. Other embodiments are also disclosed.Type: GrantFiled: August 31, 2010Date of Patent: February 25, 2014Assignee: Cisco Technology, Inc.Inventors: Chui-Tin Yen, Saumyavapuh Lugani, Snigdhendu Mukhopadhyay, Kuntal Daftary
-
Publication number: 20120054869Abstract: A method is disclosed for distributed detection of botnets via a plurality of sensors on a network. According to embodiments, DNS information, including domain names and addresses, is received at a sensor, the number of unique subnets corresponding to a domain name is determined and an alert is sent to other sensors when the number of unique subnets exceeds a first threshold. Other embodiments are also disclosed.Type: ApplicationFiled: August 31, 2010Publication date: March 1, 2012Inventors: Chui-Tin Yen, Saumyavapuh Lugani, Snigdhendu Mukhopadhyay, Kuntal Daftary
-
Publication number: 20100058469Abstract: Embodiments of the present disclosure provide techniques for distributing information about possible anomalies in a network. A sensor in a network may detect packets with payloads that match an anomaly signature. Address dispersion information, for example, in the form of source and address bitmaps, may be gathered at the sensor. The address dispersion information may be distributed to one or more peer sensors if the information indicates that the number of different addresses of the detected matching packets exceeds a threshold.Type: ApplicationFiled: September 3, 2008Publication date: March 4, 2010Inventors: Chui-Tin Yen, Saumyavapuh Lugani, Snigdhendu Mukhopadhyay, Rajiv Raghunarayan, Sumeet Singh