SYSTEMS AND METHODS FOR INTEGRATION BETWEEN APPLICATION FIREWALL AND CACHING
First Claim
1. A method of integrating an application firewall with a cache in an intermediary device, the method comprising:
- a) storing, by the intermediary device, to a cache an HTTP response received from a server to a first request of a user for a page;
b) generating, by an application firewall configured on the intermediary device, metadata from the HTTP response, the metadata identifying information to enforce a plurality of security rules by the application firewall;
c) storing, by the intermediary device, the metadata in the cache with the HTTP response;
d) receiving, by the intermediary device, a second request for the page;
e) determining, by a cache manager of the intermediary device, that the HTTP response is stored in the cache; and
f) providing, by the cache manager, a reference to the metadata in the cache for inclusion with session data associated with the second request.
7 Assignments
0 Petitions
Accused Products
Abstract
The present invention is directed towards systems and methods for integrating cache managing and application firewall processing in a networked system. In various embodiments, an integrated cache/firewall system comprises an application firewall operating in conjunction with a cache managing system in operation on an intermediary device. In various embodiments, the application firewall processes a received HTTP response to a request by a networked entity serviced by the intermediary device. The application firewall generates metadata from the HTTP response and stores the metadata in cache with the HTTP response. When a subsequent request hits in the cache, the metadata is identified to a user session associated with the subsequent request. In various embodiments, the application firewall can modify a cache-control header of the received HTTP response, and can alter the cookie-setting header of the cached HTTP response. The system and methods can significantly reduce processing time associated with application firewall processing of web content exchanged over a network.
68 Citations
22 Claims
-
1. A method of integrating an application firewall with a cache in an intermediary device, the method comprising:
-
a) storing, by the intermediary device, to a cache an HTTP response received from a server to a first request of a user for a page; b) generating, by an application firewall configured on the intermediary device, metadata from the HTTP response, the metadata identifying information to enforce a plurality of security rules by the application firewall; c) storing, by the intermediary device, the metadata in the cache with the HTTP response; d) receiving, by the intermediary device, a second request for the page; e) determining, by a cache manager of the intermediary device, that the HTTP response is stored in the cache; and f) providing, by the cache manager, a reference to the metadata in the cache for inclusion with session data associated with the second request. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A system for integrating an application firewall with a cache comprising:
-
an application firewall generating metadata from an HTTP response received from a server to a first request of a user for a page, the metadata identifying information to enforce a plurality of security rules by the application firewall; an intermediary device storing to a cache the HTTP response and storing the metadata in the cache with the HTTP response; and a cache manager operating in conjunction with the intermediary device and application firewall, the cache manager adapted to determine that the HTTP response is stored in the cache and provide a reference to the metadata in the cache for inclusion with session data associated with the second request, wherein the intermediary device further receives a second request for the page. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
-
Specification