System and Method for Redundancy in a Communication Network
First Claim
1. A network fail-over system comprising:
- first and second secure proxy servers;
first and second authentication servers, each communicatively coupled to the first and second proxy servers;
a first service monitor configured to monitor an operating status of the first authentication server; and
a second service monitor configured to monitor an operating status of the second authentication server, the second service monitor configured to set an operating status of the second authentication server and to accept communication traffic from the first proxy server based on the operating status of the first authentication server;
wherein the first service monitor is configured to set an operating status of the first authentication server and to accept communication traffic from the second proxy server based on the operating status of the second authentication server; and
wherein each of the first and second authentication servers is configured to determine an access privilege of a client device to a virtual private network by authenticating a client identifier received from the client device, the client identifier derived from a combination of at least one user-configurable parameter and at least one non-user-configurable parameter resident in the client device.
4 Assignments
0 Petitions
Accused Products
Abstract
A network fail-over system provides redundant first and second secure proxy servers, first and second authentication servers each communicatively coupled to the proxy servers, first and second service monitors configured to monitor, respectively, operating status of the first and second authentication servers, the second service monitor configured to set an operating status of the second authentication server and to accept communication traffic from the first proxy server based on the operating status of the first authentication server, wherein the first service monitor is configured to set an operating status of the first authentication server and to accept communication traffic from the second proxy server based on the operating status of the second authentication server, and wherein the authentication servers are each configured to determine an access privilege of a client device by authenticating a client identifier received from the client device, the client identifier derived from a user-configurable parameter and a non-user-configurable parameter resident in the client device.
89 Citations
20 Claims
-
1. A network fail-over system comprising:
-
first and second secure proxy servers; first and second authentication servers, each communicatively coupled to the first and second proxy servers; a first service monitor configured to monitor an operating status of the first authentication server; and a second service monitor configured to monitor an operating status of the second authentication server, the second service monitor configured to set an operating status of the second authentication server and to accept communication traffic from the first proxy server based on the operating status of the first authentication server; wherein the first service monitor is configured to set an operating status of the first authentication server and to accept communication traffic from the second proxy server based on the operating status of the second authentication server; and wherein each of the first and second authentication servers is configured to determine an access privilege of a client device to a virtual private network by authenticating a client identifier received from the client device, the client identifier derived from a combination of at least one user-configurable parameter and at least one non-user-configurable parameter resident in the client device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method for providing redundancy, comprising:
-
setting a first authentication server to active mode and a second authentication server to standby mode, wherein the first and second authentication servers are configured to use separate power sources; establishing a virtual private network (VPN) connection between a client device via and the first authentication server based on an access privilege determination of the client device to the VPN by authenticating a device identifier received from the client device, the device identifier being based on a combination of at least one user-configurable parameter and at least one non-user-configurable parameter resident in the client device; monitoring an operating status of the first authentication server with a first monitor; setting the second authentication server to active mode when the operating status of the first authentication server is inactive; and establishing a VPN connection between the proxy server and the second authentication server when the second authentication server is active. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
-
-
18. A computer readable medium having stored thereon, computer executable instructions that, if executed by a device, cause the device to perform a method comprising:
-
setting a first authentication server to active mode and a second authentication server to standby mode, wherein the first and second authentication servers are configured to use separate power sources; establishing a virtual private network (VPN) connection between a client device and the first authentication server based on an access privilege determination of the client device to the VPN by authenticating a device identifier received from an extended trust device, the device identifier being based on a combination of at least one user-configurable parameter and at least one non-user-configurable parameter resident in the client device; monitoring an operating status of the first authentication server with a first monitor; setting the second authentication server to active mode when the operating status of the first authentication server is inactive; and establishing a VPN connection between the proxy server and the second authentication server when the second authentication server is active. - View Dependent Claims (19, 20)
-
Specification