Devin J Heitmueller

US Patent:

20050251856, Nov 10, 2005

Filed:

Mar 11, 2005

Appl. No.:

11/077980

Inventors:

Kenneth Araujo - Somerset NJ, US
Devin Heitmueller - Bridgewater NJ, US

Assignee:

AEP Networks - Somerset NJ

International Classification:

H04L009/00

US Classification:

726012000

Abstract:

A security platform connected to a private network permits access to the private network from a public network (such as the Internet) through a variety of mechanisms. A reverse proxy system operating as part of the security platform provides access to web-enabled applications from a browser connected to the public network. The reverse proxy rewrites requests and responses so that the browser directs requests to the reverse proxy, from which the requests can be directed to the appropriate server on the public network or the private network. Responses come back to the reverse proxy, and are then forwarded to the browser. An SSL tunneling system permits fat clients to access the private network through an SSL connection. The SSL tunneling system employs a server component operating on the security platform and components downloaded to the client computer from the security platform. The client components include a control component operating in a browser window, a server-proxy component that sets up secure communications with the private network, and an adapter component between the server-proxy and the fat client. The adapter component operates in kernel space. Data is directed from the fat client to the adapter, and then forwarded to the server-proxy; data from the server-proxy is directed to the adapter, and then forwarded to the fat client. Security is provided through the use of multiple authentication realms, each of which provides a set of authentication stages for authenticating users and providing client integrity validation.

US Patent:

20050262357, Nov 24, 2005

Filed:

Mar 11, 2005

Appl. No.:

11/078001

Inventors:

Kenneth Araujo - Somerset NJ, US
Reginald Best - Somerset NJ, US
Devin Heitmueller - Bridgewater NJ, US
Dmitri Tikhonov - South Bound Brook NJ, US

Assignee:

AEP Networks - Somerset NJ

International Classification:

H04K001/00

US Classification:

713182000

Abstract:

A security platform connected to a private network permits access to the private network from a public network (such as the Internet) through a variety of mechanisms. A reverse proxy system operating as part of the security platform provides access to web-enabled applications from a browser connected to the public network. The reverse proxy rewrites requests and responses so that the browser directs requests to the reverse proxy, from which the requests can be directed to the appropriate server on the public network or the private network. Responses come back to the reverse proxy, and are then forwarded to the browser. An SSL tunneling system permits fat clients to access the private network through an SSL connection. The SSL tunneling system employs a server component operating on the security platform and components downloaded to the client computer from the security platform. The client components include a control component operating in a browser window, a server-proxy component that sets up secure communications with the private network, and an adapter component between the server-proxy and the fat client. The adapter component operates in kernel space. Data is directed from the fat client to the adapter, and then forwarded to the server-proxy; data from the server-proxy is directed to the adapter, and then forwarded to the fat client. Security is provided through the use of multiple authentication realms, each of which provides a set of authentication stages for authenticating users and providing client integrity validation.

US Patent:

20050273849, Dec 8, 2005

Filed:

Mar 11, 2005

Appl. No.:

11/077958

Inventors:

Kenneth Araujo - Somerset NJ, US
C. Douglas - Somerset NJ, US
Devin Heitmueller - Bridgewater NJ, US

Assignee:

AEP Networks - Somerset NJ

International Classification:

H04L009/00

US Classification:

726012000

Abstract:

A security platform connected to a private network permits access to the private network from a public network (such as the Internet) through a variety of mechanisms. A reverse proxy system operating as part of the security platform provides access to web-enabled applications from a browser connected to the public network. The reverse proxy rewrites requests and responses so that the browser directs requests to the reverse proxy, from which the requests can be directed to the appropriate server on the public network or the private network. Responses come back to the reverse proxy, and are then forwarded to the browser. An SSL tunneling system permits fat clients to access the private network through an SSL connection. The SSL tunneling system employs a server component operating on the security platform and components downloaded to the client computer from the security platform. The client components include a control component operating in a browser window, a server-proxy component that sets up secure communications with the private network, and an adapter component between the server-proxy and the fat client. The adapter component operates in kernel space. Data is directed from the fat client to the adapter, and then forwarded to the server-proxy; data from the server-proxy is directed to the adapter, and then forwarded to the fat client. Security is provided through the use of multiple authentication realms, each of which provides a set of authentication stages for authenticating users and providing client integrity validation.

US Patent:

20010047406, Nov 29, 2001

Filed:

Apr 13, 2001

Appl. No.:

09/835075

Inventors:

Kenneth Araujo - Somerset NJ, US
Reginald Best - Somerset NJ, US
Christopher Douglas - Matawan NJ, US
Devin Heitmueller - Neptune City NJ, US
Siuling Zhang - Stony Brook NY, US
Gamid Isayev - Monmouth Junction NJ, US

Assignee:

Netilla Networks Inc.

International Classification:

G06F015/173

US Classification:

709/223000, 709/249000

Abstract:

Apparatus and accompanying methods for use therein for implementing an integrated, virtual office user environment, through an office server(s), through which a remotely stationed user can access typical office network-based applications, including e-mail, file sharing and hosted thin-client programs, through a remotely located network, e.g., WAN, connected web browser. Specifically, a front end, namely a service enablement platform (SEP), to one or more office servers on a LAN is connected to both the WAN and LAN and acts both as a bridge between the user and his(her) office applications and as a protocol translator to enable bi-directional, web-based, real-time communication to occur between the browser and each such application. The SEP translates user input originating from the browser into application-specific protocols and applies a result to a corresponding office application server.