Riverbed Technology Patent Applications

OPTIMIZATION OF A SECURE CONNECTION WITH ENHANCED SECURITY FOR PRIVATE CRYPTOGRAPHIC KEYS

Granted: September 22, 2016
Application Number: 20160277372
A system, method, and apparatus are provided for establishing a secure, split-terminated, communication connection between a client and a server (or two other communicants), without exposing to possible compromise one or more private keys used at an intermediate device to establish the communication connection. The private key(s) is or are stored on a key server that is separate from the intermediate device and from any other devices whose private keys are also stored on the key server.…

DISTRIBUTED NETWORK TRAFFIC DATA COLLECTION AND STORAGE

Granted: June 18, 2015
Application Number: 20150172143
Network traffic information from multiple sources, at multiple time scales, and at multiple levels of detail are integrated so that users may more easily identify relevant network information. The network monitoring system stores and manipulates low-level and higher-level network traffic data separately to enable efficient data collection and storage. Packet traffic data is collected, stored, and analyzed at multiple locations. The network monitoring locations communicate summary and…

METHOD AND APPARATUS FOR SCHEDULING A HETEROGENEOUS COMMUNICATION FLOW

Granted: May 7, 2015
Application Number: 20150124835
A method and apparatus are provided for scheduling a heterogeneous communication flow. A heterogeneous flow is a flow comprising packets with varying classes or levels of service, which may correspond to different priorities, qualities of service or other service characteristics. When a packet is ready for scheduling, it is queued in order in a flow queue that corresponds to the communication flow. The flow queue then migrates among class queues that correspond to the class or level of…

AUTOMATIC PROMPT DETECTION FOR UNIVERSAL DEVICE SUPPORT

Granted: November 6, 2014
Application Number: 20140331093
Embodiments provide systems, methods, and computer program products for network management application to automatically determine a session prompt for a network device and perform error handling. After logging in to a network device, the network management application records the first session prompt response. The network management application sends a series of empty carriage returns and random characters and records the session prompt responses. The network management application…

Persisting Large Volumes of Data in an Efficient, Unobtrusive Manner

Granted: September 18, 2014
Application Number: 20140280386
Embodiments provide a data persisting mechanism that allows for efficient, unobtrusive persisting of large volumes of data while optimizing the use of system resources by the persisting process. In an embodiment, the persisting process includes a self-tuning algorithm that constantly monitors persistence performance and that adjusts persistence time to maintain performance within user-defined criteria. From one aspect, this allows the persisting process to seamlessly adapt to changes in…

MULTI-TIER MESSAGE CORRELATION

Granted: September 18, 2014
Application Number: 20140280929
A system and method determines correlations within multi-tier communications based on repeated iterations/episodes of executions of a target application. Content-based correlations are determined by encoding the content using a finite alphabet, then searching for similar sequences among the multiple traces. By encoding the content to a finite alphabet, common pattern matching techniques may be used, including, for example, DNA alignment algorithms. To facilitate alignment of the traces,…

NATIVE CODE PROFILER FRAMEWORK

Granted: September 18, 2014
Application Number: 20140282431
Embodiments provide systems, methods, and computer program products for dynamically hooking multiple levels of application code. A server receives identifying information that identifies a target function of a target application to hook. The server pauses a target process of the target application. The server locates the target function within the target application code based on the received identifying information. The server then hooks the located function outside of the target…

INFERRING CONNECTIVITY IN THE PRESENCE OF CONFLICTING NETWORK DATA

Granted: August 21, 2014
Application Number: 20140236878
The connectivity information provided by a variety of inference engines is integrated to provide a set of inferred links within a network. A consolidation is performed among inference engines that operate at a base level of connectivity detail to create a model of the network at this base level. The connectivity information provided by inference engines at each subsequent higher level of connectivity abstraction is then overlaid on the base level connectivity. By separately consolidating…

INFERRING CONNECTIVITY AMONG NETWORK SEGMENTS IN THE ABSENCE OF CONFIGURATION INFORMATION

Granted: August 14, 2014
Application Number: 20140226528
The present system includes a system, method and device for inferring connectivity between unconnected network segments. In operation, unconnected network segments are identified. Configuration data related to the unconnected network segments may be examined to facilitate inferring configuration data for an external network connected between the unconnected network segments. The inferred configuration data may be rendered, such as exported or visualized. The inferred configuration data…

NETWORK TOPOLOGY GENERATION USING TRACEROUTE DATA

Granted: August 14, 2014
Application Number: 20140229612
Embodiments provide systems, methods, and computer program products for inferring node and link information from traceroute data in order to generate topology information. A system receives traceroute data for a data packet that traverses a path from a source to a destination. The system infers port types for the addresses in the traceroute data and groups subsets of the addresses in the traceroute data into logical nodes based on neighbor relationships demonstrated in backward and…

NETWORK MULTI-PATH DISCOVERY

Granted: July 31, 2014
Application Number: 20140211805
Potential paths between a source and destination of a network are identified based on trace-route information, then filtered to eliminate paths or links that are not supported by ancillary information associated with the network so as to identify feasible/actual paths between the source and destination. The ancillary information includes, for example, routing tables and ARP tables. If a feasible path cannot be identified based on the ancillary information, supplemental information…

STITCHING TOGETHER PARTIAL NETWORK TOPOLOGIES

Granted: July 17, 2014
Application Number: 20140201359
A method and system that takes advantage of processes that are efficient for determining the topology of small to medium size networks to determine individual network topologies for such networks, and then merges these individual topologies into a consolidated topology for the entire network. Each of the processes that determines the topology of the smaller networks provides the determined network topology, as well as a list of factors that may be relevant in the determination of how the…

CAPTURE, ANALYSIS, AND VISUALIZATION OF CONCURRENT SYSTEM AND NETWORK BEHAVIOR OF AN APPLICATION

Granted: June 19, 2014
Application Number: 20140172941
A first capture system that captures network communication events related to an application, and a second capture system that captures internal processing events related to the application. A visualization system analyzes the data captured by each of the capture systems, synchronizes and correlates the data, and presents an integrated display of these communication and processing events. In a preferred embodiment, the communicated messages include an identifier of the application, and…

DETECTING OUTLIERS IN NETWORK TRAFFIC TIME SERIES

Granted: June 5, 2014
Application Number: 20140153396
According to an aspect of the invention, a system and method is configured to detect time series outliers in network traffic.

COOPERATIVE PROXY AUTO-DISCOVERY AND CONNECTION INTERCEPTION

Granted: June 5, 2014
Application Number: 20140156836
In a network supporting transactions between clients and servers and proxies that are interposable in a network path, a pair of proxies can modify a packet stream such that packet data from client to server is transformed at a client-side proxy of the pair and untransformed at a server-side of the pair and packet data from server to client is transformed at the server-side proxy and untransformed at the client-side proxy. A discovering proxy transparently discovers its position in a…

Address Manipulation to Provide for the Use of Network Tools Even When Transaction Acceleration is in Use Over a Network

Granted: May 22, 2014
Application Number: 20140143306
In address-manipulation enabled transaction accelerators, the transaction accelerators include outer-connection addressing information in packets emitted over an inner connection between transaction accelerators and inner-connection addressing information is added in packets sent over the inner connection. The inner-connection addressing information can be carried in TCP option fields, directly in other fields, or indirectly through data structures maintained by the endpoints processing…

TRAFFIC FLOW INFERENCE BASED ON LINK LOADS AND GRAVITY MEASURES

Granted: May 15, 2014
Application Number: 20140133349
Traffic flow between each pair of nodes in a network may be modeled based on loads measured at each link and based on gravity measures associated with each node. Gravity measures correspond to a relative likelihood of the node being a source or a sink of traffic. Gravity objectives are assigned to nodes to serve as an objective for a node's performance. These gravity objectives may be based on qualitative characteristics associated with each node. Because the assigned gravity objectives…

APPLICATION MONITORING OF RELATED ACTIVITIES ACROSS MULTIPLE THREADS

Granted: May 15, 2014
Application Number: 20140136691
Embodiments provide systems, methods, and computer program products for monitoring application performance in multithreaded environments. Monitoring data may be inserted into data structures that propagate and persist between threads involved in a processing event. Data related to specific methods executing on each thread may be output to a trace file. The trace file may be analyzed for application performance by associating the threads that contain the same tracking data from the…

INSTRUMENTING COMPUTER PROGRAM CODE BY MERGING TEMPLATE AND TARGET CODE METHODS

Granted: May 15, 2014
Application Number: 20140137083
Embodiments provide systems, methods, and computer program products for instrumenting software application code. A target method and a template method may each be elevated to respective linked lists that maintain offsets in a relative relationship using pointers. The lists are merged and converted back to byte code as an instrumented method.

VIRTUALIZATION PLANNING SYSTEM

Granted: May 15, 2014
Application Number: 20140137117
An interactive virtualization management system provides an assessment of proposed or existing virtualization schemes. A Virtual Technology Overhead Profile (VTOP) is created for each of a variety of configurations of host computer systems and virtualization technologies by measuring the overhead experienced under a variety of conditions. The multi-variate overhead profile corresponding to each target configuration being evaluated is used by the virtualization management system to…