Edge adapter architecture apparatus and method
First Claim
1. An architecture for intercepting and processing packets transmitted from a source to a destination over a network, the architecture comprising:
- a packet interceptor coupled with said network and operative to selectively intercept said packets prior to receipt by said destination;
at least one primary processor coupled with said packet interceptor and operative to perform primary processing tasks on said intercepted packets, said at least one stateless processor including;
at least two primary packet processors coupled in parallel, said processing of said intercepted packets being distributed among said at least two primary packet processors;
at least one secondary processor coupled with said at least one stateless processor and operative to perform stateful processing tasks on said intercepted packets, said at least one secondary processor including;
at least two secondary packet processors coupled in series with each other, each of said at least two secondary packet processors operative to perform a portion of said stateful processing tasks on said intercepted packets, a last one in said series of said at least two secondary packet processors being coupled with said network and operative to selectively release said intercepted packet back to said network.
16 Assignments
0 Petitions
Accused Products
Abstract
An architecture for intercepting and processing packets from a network is disclosed. The architecture provides both stateful and stateless processing of packets in the bi-directional network flow. Further, stateless processing is provided by a parallel arrangement of network processors while stateful processing is provided by a serial arrangement of network processors. The architecture permits leveraging existing bi-directional devices to process packets in a uni-directional flow, thereby increasing the throughput of the device. The ability to share state among the stateless processor, among the stateful processors of each packet flow direction and between the stateless and stateful processors provides for dynamic adaptability and analysis of both historical and bi-directional packet activity.
-
Citations
38 Claims
-
1. An architecture for intercepting and processing packets transmitted from a source to a destination over a network, the architecture comprising:
-
a packet interceptor coupled with said network and operative to selectively intercept said packets prior to receipt by said destination;
at least one primary processor coupled with said packet interceptor and operative to perform primary processing tasks on said intercepted packets, said at least one stateless processor including;
at least two primary packet processors coupled in parallel, said processing of said intercepted packets being distributed among said at least two primary packet processors;
at least one secondary processor coupled with said at least one stateless processor and operative to perform stateful processing tasks on said intercepted packets, said at least one secondary processor including;
at least two secondary packet processors coupled in series with each other, each of said at least two secondary packet processors operative to perform a portion of said stateful processing tasks on said intercepted packets, a last one in said series of said at least two secondary packet processors being coupled with said network and operative to selectively release said intercepted packet back to said network. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A method of intercepting and processing packets transmitted from a source to a destination over a network, said method comprising:
-
(a) intercepting, selectively, said packets prior to receipt by said destination;
(b) distributing said intercepted packets to at least two primary packet processors each operative to perform stateless processing tasks on said intercepted packets;
(c) performing said stateless processing task in parallel by said at least two stateless packet processors;
(d) receiving said intercepted packets from said at least two primary packet processors by a first secondary packet processor operative to perform a first stateful packet processing task on said intercepted packets;
(e) receiving said intercepted packets from said first secondary packet processor by a second secondary packet processor operative to perform a second stateful processing task on said intercepted packets; and
(f) releasing, selectively, said intercepted packets. - View Dependent Claims (21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36)
-
-
37. An apparatus for intercepting and processing packets transmitted from a source to a destination over a network, the apparatus comprising:
-
means for selectively intercepting said packets prior to receipt by said destination;
means for performing stateless processing tasks on said intercepted packets, said means including;
parallel processing means for distributing and processing said intercepted packets in parallel;
means for performing stateful processing tasks on said intercepted packets, said means including;
serial processing means operative to distribute said stateful processing tasks on said intercepted packets and selectively release said intercepted packet back to said network.
-
-
38. An apparatus for intercepting and processing packets transmitted from a source to a destination over a network, the apparatus comprising:
-
a packet interceptor operative to intercept packets from said network;
a packet processor coupled with said packet interceptor and operative to process said intercepted packets; and
wherein said packet interceptor is further operative to filter said packets to determine which of said packets to intercept and said packet processor is further operative to monitor said intercepted packets for pre-defined conditions and at least one of delete, modify and log packets which meet said pre-defined conditions.
-
Specification