Routing of communications to one or more processors performing one or more services according to a load balancing function
First Claim
Patent Images
1. A method for reconfiguring policy enforcement appliances in a computer network, the method comprising:
- configuring a topology of a cluster of appliances in the computer network, wherein a management console server assigns the cluster of appliances to enforce one or more policy rules;
providing the policy rules from the management console server to a first appliance of the cluster, wherein the first appliance is assigned responsibility for replicating the policy rules within the cluster and sends the policy rules to at least a second appliance in the cluster;
detecting that one of the appliances in the cluster has failed;
modifying the topology of remaining appliances in the cluster in response to detecting the failed appliance, wherein the cluster of remaining appliances continues to enforce the policy rules in accordance with the modified topology;
receiving a first communication related to an Internet Protocol (IP) Address;
identifying that the first communication includes a virtual private network protocol (VPN) frame;
sending the first communication to a first platform service based on the identification of the VPN frame;
receiving a reply relating to the first communication from the first platform service;
receiving a second communication relating to the IP address;
identifying that the second communication includes a secure socket layer (SSL) HELO message;
sending the second communication to a second platform service based on identifying that the second communication includes the SSL HELO message; and
receiving a reply relating to the second communication from the second platform service.
5 Assignments
0 Petitions
Accused Products
Abstract
The present disclosure identifies topologies of a computer network where one network appliance may be configured as a master network appliance and where that master network appliance may communicate over a network communication interface with one or more slave network appliances. Computer networks of the present disclosure may include a switch and a firewall where the switch may be coupled to several network appliances via different network communication interfaces.
-
Citations
16 Claims
-
1. A method for reconfiguring policy enforcement appliances in a computer network, the method comprising:
-
configuring a topology of a cluster of appliances in the computer network, wherein a management console server assigns the cluster of appliances to enforce one or more policy rules; providing the policy rules from the management console server to a first appliance of the cluster, wherein the first appliance is assigned responsibility for replicating the policy rules within the cluster and sends the policy rules to at least a second appliance in the cluster; detecting that one of the appliances in the cluster has failed; modifying the topology of remaining appliances in the cluster in response to detecting the failed appliance, wherein the cluster of remaining appliances continues to enforce the policy rules in accordance with the modified topology; receiving a first communication related to an Internet Protocol (IP) Address; identifying that the first communication includes a virtual private network protocol (VPN) frame; sending the first communication to a first platform service based on the identification of the VPN frame; receiving a reply relating to the first communication from the first platform service; receiving a second communication relating to the IP address; identifying that the second communication includes a secure socket layer (SSL) HELO message; sending the second communication to a second platform service based on identifying that the second communication includes the SSL HELO message; and receiving a reply relating to the second communication from the second platform service. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A non-transitory computer-readable storage medium having embodied thereon a program for performing a method for reconfiguring policy enforcement appliances in a computer network, the method comprising:
-
configuring a topology of a cluster of appliances in the computer network, wherein a management console server assigns the cluster of appliances to enforce one or more policy rules; providing the policy rules from the management console server to a first appliance of the cluster, wherein the first appliance is assigned responsibility for replicating the policy rules within the cluster and sends the policy rules to at least a second appliance in the cluster;
detecting that one of the appliances in the cluster has failed;modifying the topology of remaining appliances in the cluster in response to detecting the failed appliance, wherein the cluster of remaining appliances continues to enforce the policy rules in accordance with the modified topology; receiving a first communication relating to an Internet Protocol (IP) Address; identifying that the first communication includes a virtual private network protocol (VPN) frame; sending the first communication to a first platform service based on the identification of the VPN frame; receiving a reply relating to the first communication from the first platform service; receiving a second communication relating to the IP address; identifying that the second communication includes a secure socket layer (SSL) HELO message; sending the second communication to a second platform service based on the identifying that the second communication includes the SSL Helo message; and receiving a reply relating to the second communication from the second platform service. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
Specification