System and method for virtual interfaces and advanced smart routing in a global virtual network

Patent No. US10659256 (titled "System and method for virtual interfaces and advanced smart routing in a global virtual network") on Apr 7, 2016. The application was issued on May 19, 2020.

'256 is related to the field of network optimization, specifically addressing the problem of unreliable internet connections and high latency. Existing solutions like WAN optimizers and VPNs often lack control over traffic routes and struggle with unstable connections, leading to poor user experience. The patent aims to provide a secure and reliable network optimization service on top of standard internet connections.

The underlying idea behind '256 is to create a virtual global network (GVN) that intelligently routes traffic through multiple tunnels between an endpoint device and an access point server. This involves establishing multiple tunnels, monitoring their performance, and dynamically switching traffic between them to maintain optimal connectivity. A key aspect is the use of virtual interfaces (VIFs) as logical access points for these tunnels, enabling efficient management and routing.

The claims of '256 focus on a network system comprising an endpoint device with a tunnel manager and a first virtual interface, and an access point server with a tunnel listener and a second virtual interface. The system establishes one or more tunnels between the tunnel manager and listener. Critically, at least two tunnels are kept in an active state, allowing for seamless failover. The virtual interfaces are configured to detect tunnel failures, create new tunnels if needed, and switch traffic accordingly. During periods of low packet loss, the active tunnels send unique data streams, while during high packet loss, they send duplicate streams.

In practice, the system continuously monitors the quality of the active tunnels. If a tunnel fails or its performance degrades, the system automatically switches traffic to another active tunnel, ensuring uninterrupted connectivity. If no suitable tunnel is available, a new tunnel is dynamically created. The use of multiple tunnels and the ability to switch between them on the fly significantly improves network resilience and reduces the impact of network disruptions.

The invention differentiates itself from prior approaches by actively managing multiple tunnels and adapting to changing network conditions. Unlike traditional VPNs or WAN optimizers that rely on a single, fixed connection, the GVN dynamically selects the best path for traffic based on real-time performance metrics. The use of virtual interfaces further streamlines the routing process, allowing for efficient management of multiple tunnels and enabling advanced features like stormy weather mode, where duplicate streams are sent to mitigate packet loss.

How does this patent fit in bigger picture?

Technical Landscape

In the mid-2010s when ’256 was filed, wide area networking was typically implemented using hardware-based edge devices to establish static point-to-point tunnels or expensive dedicated circuits with fixed routing policies. At a time when systems commonly relied on standard encrypted tunnels that lacked granular control over the underlying internet transit paths, software-defined approaches were beginning to address the latency and reliability issues inherent in long-distance peering. Hardware and software constraints of the era made it non-trivial to dynamically shift resource-intensive routing operations away from individual tunnels to higher-level virtual interfaces that could manage multiple concurrent communication paths automatically.

Prosecution Position

The examiner allowed the application because the prior art did not demonstrate the specific combination of structural elements used to manage data flow across multiple active tunnels. Specifically, the approval was based on the system's ability to use at least two active tunnels to simultaneously transmit unique data streams when packet loss is low, while switching to transmit identical duplicate data streams across those same tunnels when high packet loss is detected. The examiner determined that this specific method of alternating between unique and redundant data transmission based on real-time network quality was novel and non-obvious.

Claims

This patent contains 21 claims, of which claims 1, 8, and 9 are independent. The independent claims generally focus on a network system and access point server utilizing multiple tunnels for network communication, including dynamic tunnel creation and traffic switching based on tunnel failure. The dependent claims generally elaborate on specific configurations, states, and functionalities of the tunnels within the network system.

Key Claim Terms New

Definitions of key terms used in the patent claims.

Term (Source)	Support for Specification	Interpretation
Advanced smart routing (Claim 9)	Traffic routing in the GVN is always via best communication path governed by Advanced Smart Routing (ASR) powered by automated systems which combine builders, managers, testers, algorithmic analysis and other methodologies to adapt to changing conditions and learning over time to configure and reconfigure the system. Advanced Smart Routing in an EPD and in an SRV_AP ensure that traffic flows via the most ideal path from origin to destination through an as simple as possible “Third Layer” of the GVN.	A module configured to manage routing over the plurality of communication paths between the endpoint device and the plurality of access point servers.
Communication path (Claim 1, Claim 8, Claim 9)	Traffic routing in the GVN is always via best communication path governed by Advanced Smart Routing (ASR) powered by automated systems which combine builders, managers, testers, algorithmic analysis and other methodologies to adapt to changing conditions and learning over time to configure and reconfigure the system.	A path comprising one or more tunnels connecting a tunnel manager and a tunnel listener.
Tunnel listener (Claim 1, Claim 8, Claim 9)	A GVN is a combination of a hardware (HW) End Point Device (EPD) with installed software (SW), databases (DB) and other automated modules of the GVN system such as Neutral Application Programming Interface Mechanism (NAPIM), back channel manager, tunnel manager, and more features which connect the EPD to distributed infrastructure devices such as access point server (SRV_AP) and central server (SRV_CNTRL) within the GVN.	A component within the access point server that listens for and connects to tunnels.
Tunnel manager (Claim 1, Claim 9)	A GVN is a combination of a hardware (HW) End Point Device (EPD) with installed software (SW), databases (DB) and other automated modules of the GVN system such as Neutral Application Programming Interface Mechanism (NAPIM), back channel manager, tunnel manager, and more features which connect the EPD to distributed infrastructure devices such as access point server (SRV_AP) and central server (SRV_CNTRL) within the GVN.	A component within the endpoint device responsible for managing tunnels.
Virtual interface (Claim 1, Claim 8, Claim 9)	The GVN also allows for the automated construction of virtual interfaces (VIFs) and structures of VIFs acting as hook points for multiple tunnels. These VIFs allow for the shifting of time- and resource-intensive operations such as routing upstream to the VIF which were typically applied to tunnels.	A logical point of access to one or more tunnels, providing an interface for the endpoint device or access point server.

Litigation Cases New

US Latest litigation cases involving this patent.

Case Number	Filing Date	Title
2:25-cv-00635	Jun 13, 2025	UMBRA Technologies Ltd. (UK) et al v. Palo Alto Networks, Inc.
2:25-cv-00329	Apr 2, 2025	UMBRA Technologies Ltd. UK et al v. Fortinet, Inc.

Patent Family

File Wrapper

The dossier documents provide a comprehensive record of the patent's prosecution history - including filings, correspondence, and decisions made by patent offices - and are crucial for understanding the patent's legal journey and any challenges it may have faced during examination.

Get instant alerts for new documents

US10659256

Application Number: US15563246A
Filing Date: Apr 7, 2016
Publication Date: May 19, 2020
External Links: Slate, USPTO, Google Patents

IP Verse