Protocol exchange and policy enforcement for a terminal server session
First Claim
Patent Images
1. A method of instantiating multiple protocols over a single terminal session, comprising:
- receiving from a client device a request for a terminal server session;
establishing a socket connection with a terminal server over a remote access port in response to receiving the request;
instantiating a first protocol over the socket connection, further comprising establishing a security and authentication mechanism with the terminal server and transmitting a capabilities request to said terminal server after establishing the security and authentication mechanism;
receiving from said terminal server a capabilities response in response to the capabilities request;
resetting the established security and authentication mechanism by resetting a security filter and returning the terminal server to a security state before exchange of the capabilities request and the capabilities response while maintaining the socket connection;
instantiating a second protocol over the socket connection after resetting the established security and authentication mechanism; and
transmitting packets from said client device to said terminal server according to the second protocol and the capabilities response over the socket connection.
2 Assignments
0 Petitions
Accused Products
Abstract
Example embodiments of the present disclosure provide techniques for performing multiple protocol exchanges over a single socket connection, one preceding another, in order to provide a platform for policy exchange between terminal servers and a gateway. The protocol exchanges may occur without using additional ports while ensuring that the terminal server state is restored to the previous state. In an embodiment, such a method may adhere to terminal server security levels and perform an exchange with the terminal servers by replicating remote access security layer exchanges and authenticating the gateway to the terminal server.
-
Citations
18 Claims
-
1. A method of instantiating multiple protocols over a single terminal session, comprising:
-
receiving from a client device a request for a terminal server session; establishing a socket connection with a terminal server over a remote access port in response to receiving the request; instantiating a first protocol over the socket connection, further comprising establishing a security and authentication mechanism with the terminal server and transmitting a capabilities request to said terminal server after establishing the security and authentication mechanism; receiving from said terminal server a capabilities response in response to the capabilities request; resetting the established security and authentication mechanism by resetting a security filter and returning the terminal server to a security state before exchange of the capabilities request and the capabilities response while maintaining the socket connection; instantiating a second protocol over the socket connection after resetting the established security and authentication mechanism; and transmitting packets from said client device to said terminal server according to the second protocol and the capabilities response over the socket connection. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method of implementing a remote access communication session between a client device and at least one terminal server, comprising:
-
establishing a first connection between a gateway server and the client device, wherein the gateway server is part of a domain and the client device is outside the domain; establishing a second connection between the gateway server and the at least one terminal server over a remote access port, wherein the at least one terminal server is part of the domain; instantiating a first protocol over the second connection; activating a security and authentication mechanism between the gateway server and the at least one terminal server over the second connection; exchanging policies between the at least one terminal server and the gateway server over the second connection, wherein policies pertain to communication between the client device and the at least one terminal server; resetting the activated security and authentication mechanism by resetting a security filter and returning the at least one terminal server to a security state before exchanging the policies while maintaining the second connection; and informing the at least one terminal server that packets over the second connection will originate from clients outside the domain. - View Dependent Claims (11, 12, 13, 14, 15, 16)
-
-
17. A computing system configured to establish a network policy for a client accessing a terminal server over a remote network connection, comprising:
-
at least one processor; and a memory communicatively coupled to said at least one processor when said computing system is operational;
said memory having stored therein computer instructions that upon execution by the at least one processor cause;receiving a remote connection request from a client device; establishing a socket communication connection with the terminal server over a remote access port in response to receiving the remote connection request; sending a session connection request to the terminal server over the socket communication connection; negotiating and exchanging protocol information, and establishing a security and authentication mechanism with the terminal server; exchanging remote access policies with the terminal server over the socket connection after establishing the security and authentication mechanism; resetting security and system states by resetting a security filter and returning the terminal server to a security state before exchanging the protocol information while maintaining the socket communication connection; and initiating a remote access protocol between the client and terminal server over the socket communication connection after resetting the security and system states. - View Dependent Claims (18)
-
Specification