VPN network client for mobile device having fast reconnect
First Claim
1. A cellular mobile device comprising:
- a transmitter and receiver to send and receive cellular communications in the form of radio frequency signals;
a microprocessor;
a virtual private network (VPN) network client executing on the microprocessor to establish a secure VPN connection with a remote VPN security device, wherein the VPN network client processes network packets for securely tunneling the network packets between the cellular mobile device and the remote VPN security device,wherein the VPN network client establishes a secure control channel with the remote VPN security device for the secure VPN connection and, upon a successful authentication, receives a session cookie with a unique identifier,wherein, in the event communication with the remote VPN security device is temporarily lost, the VPN network client performs a fast reconnect without requiring re-authentication of the cellular mobile device by communicating the session cookie to the remote VPN security device, andwherein, prior to performing the fast reconnect, the VPN network client identifies a set of transport mechanisms currently available to the cellular mobile device and, when only a cellular network is available and not a wireless packet-based connection, the VPN network client defers the fast reconnect to the cellular network until application-layer data is received from a user application and is ready to be sent to the remote VPN security device via the VPN connection.
13 Assignments
0 Petitions
Accused Products
Abstract
A virtual private network client for cellular mobile devices is described. The VPN network client establishes a secure VPN connection with a remote VPN security device. The VPN network client establishes a secure control channel with the secure VPN gateway and, upon a successful authentication, receives a session cookie with a unique identifier. In the event communication with the secure VPN gateway is subsequently temporarily lost, the VPN network client performs a fast reconnect without requiring re-authentication of the cellular mobile device by communicating the session cookie to the secure VPN gateway. Prior to performing the fast reconnect, the VPN network client identifies a set of transport mechanisms currently available to the cellular mobile device and, when only a cellular network is available and not a wireless packet-based connection, the VPN network client defers the fast reconnect until application-layer data is received from a user application and is ready to be sent to the remote VPN security device via the VPN connection.
105 Citations
23 Claims
-
1. A cellular mobile device comprising:
-
a transmitter and receiver to send and receive cellular communications in the form of radio frequency signals; a microprocessor; a virtual private network (VPN) network client executing on the microprocessor to establish a secure VPN connection with a remote VPN security device, wherein the VPN network client processes network packets for securely tunneling the network packets between the cellular mobile device and the remote VPN security device, wherein the VPN network client establishes a secure control channel with the remote VPN security device for the secure VPN connection and, upon a successful authentication, receives a session cookie with a unique identifier, wherein, in the event communication with the remote VPN security device is temporarily lost, the VPN network client performs a fast reconnect without requiring re-authentication of the cellular mobile device by communicating the session cookie to the remote VPN security device, and wherein, prior to performing the fast reconnect, the VPN network client identifies a set of transport mechanisms currently available to the cellular mobile device and, when only a cellular network is available and not a wireless packet-based connection, the VPN network client defers the fast reconnect to the cellular network until application-layer data is received from a user application and is ready to be sent to the remote VPN security device via the VPN connection. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 22, 23)
-
-
16. A system comprising:
-
a virtual private network (VPN) security device coupled to a packet network; a cellular mobile device comprising a microprocessor and a virtual private network (VPN) network client executing on the microprocessor to establish a VPN connection with the VPN security device, wherein the VPN handler establishes a secure control channel with the VPN security device for the secure VPN connection and, upon a successful authentication, receives a session cookie with a unique identifier, wherein, in the event communication with the VPN security device is temporarily lost, the VPN handler performs a fast reconnect without requiring re-authentication of the cellular mobile device by communicating the session cookie to the secure VPN gateway, and wherein, prior to performing the fast reconnect, the VPN handler identifies a set of transport mechanisms currently available to the cellular mobile device and, when only a cellular network is available and not a wireless packet-based connection, the VPN handler defers the fast reconnect to the cellular network until application-layer data is received from a user application and is ready to be sent to the VPN security device via the VPN connection.
-
-
17. A method comprising:
-
executing a virtual private network (VPN) network client on a processor of a cellular mobile device; establishing, with the VPN network client, a secure VPN connection with a secure VPN gateway; upon a successful authentication, receiving from the secure VPN gateway a session cookie with a unique identifier with the VPN client; detecting with the VPN network client that communication with the secure VPN gateway is temporarily lost and, in response, identifying a set of transport mechanisms currently available to the cellular mobile device; when a wireless local area network connection is available to the cellular mobile device, performing a fast reconnect without requiring re-authentication of the cellular mobile device by communicating the session cookie to the secure VPN gateway via the wireless packet-based network connection; and when only a cellular packet-based network connection is available to the cellular mobile device and not the wireless local area network connection, deferring the fast reconnect to the cellular network until application-layer data is received from a user application and is ready to be sent to the secure VPN gateway via the VPN connection over the cellular packet-based network connection. - View Dependent Claims (18)
-
-
19. A non-transitory computer-readable medium storing a downloadable distribution package comprising software program code to execute a virtual private network (VPN) network client on a processor within a cellular device, wherein the multi-service network client comprises:
-
wherein the VPN network client is programmed to establish a secure control channel with a secure VPN gateway for a secure VPN connection and, upon a successful authentication, receives a session cookie with a unique identifier, wherein the VPN network client is programmed to, in the event communication with the secure VPN gateway is temporarily lost, performs a fast reconnect of the secure VPN connection without requiring re-authentication of the cellular mobile device by communicating the session cookie to the secure VPN gateway, and wherein the VPN network client is programmed to, prior to performing the fast reconnect, identify a set of transport mechanisms currently available to the cellular mobile device and, when only a cellular network is available and not a wireless packet-based connection, defer the fast reconnect to the cellular network until application-layer data is received from a user application and is ready to be sent to the secure VPN gateway via the secure VPN connection.
-
-
20. A method comprising:
-
receiving, with a cellular mobile device, a distribution software package from an electronic repository, wherein the distribution software package includes a virtual private network (VPN) network client programmed to;
(1) establish a secure communication session with a secure VPN gateway for a secure VPN connection and, upon a successful authentication, receive a session cookie with a unique identifier, (2), in the event communication with the secure VPN gateway is temporarily lost, perform a fast reconnect without requiring re-authentication of the cellular mobile device by communicating the session cookie to the secure VPN gateway, (3) prior to performing the fast reconnect, identify a set of transport mechanisms currently available to the cellular mobile device and, (4) when only a cellular network is available and not a wireless packet-based connection, defer the fast reconnect to the cellular network until application-layer data is received from a user application and is ready to be sent to the secure VPN gateway via the secure VPN connection; andinstalling the network client on the cellular mobile device including registering the VPN handler with an operating system of the cellular mobile device, wherein the VPN handler provides a single point of entry for network packets from the operating system to apply VPN services with the VPN handler and security services with the security manager.
-
-
21. A method comprising:
-
receiving, from a cellular mobile device, a request to download a single distribution software package that includes a virtual private network (VPN) network client, wherein the VPN network client is programmed to;
(1) establish a secure VPN connection with a secure VPN gateway and, upon a successful authentication, receive a session cookie with a unique identifier, (2), in the event communication with the secure VPN gateway is temporarily lost, perform a fast reconnect without requiring re-authentication of the cellular mobile device by communicating the session cookie to the secure VPN gateway, (3) prior to performing the fast reconnect, identify a set of transport mechanisms currently available to the cellular mobile device and, (4) when only a cellular network is available and not a wireless packet-based connection, defer the fast reconnect until application-layer data is received from a user application and is ready to be sent to the secure VPN gateway via the VPN connection; andoutputting the multi-service network client from a software repository to be installed on the cellular mobile device.
-
Specification