Embedded filtering policy manager using system-on-chip
First Claim
1. A packet filter for filtering data packets in a communications network, comprising:
- an input port for receiving data packets;
an output port for transmitting filtered data packets;
a data filter coupled between the input and output ports, and being operable to selectively pass data packets from the input port to the output port in accordance with packet filtering policies; and
a policy manager coupled to the data filter and input port, and having an interface adapted for exchanging policy information with other policy managers and having means for determining the packet filtering policies, the policy manager being operable to control operation of the data filter by effecting changes to the packet filtering policies.
1 Assignment
0 Petitions
Accused Products
Abstract
A packet filter for filtering data packets in a communications network is described. The packet filter has input and output ports for receiving and transmitting respective data packets. A data filter selectively passes packets from the input port to the output port in accordance with filtering policies. A policy manager determines filtering policies and controls operation of the data filter. The policy manager is independent of its implementation and not related to any particular operating system. This independence allows for a generic path of managing policies across devices implementing a system and for more flexibility in the implementation of packet filters. Flexibility may be enhanced by implementing the policy manager in system-on-chip technology.
51 Citations
9 Claims
-
1. A packet filter for filtering data packets in a communications network, comprising:
-
an input port for receiving data packets;
an output port for transmitting filtered data packets;
a data filter coupled between the input and output ports, and being operable to selectively pass data packets from the input port to the output port in accordance with packet filtering policies; and
a policy manager coupled to the data filter and input port, and having an interface adapted for exchanging policy information with other policy managers and having means for determining the packet filtering policies, the policy manager being operable to control operation of the data filter by effecting changes to the packet filtering policies. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
Specification