Dynamic network security apparatus and methods for network processors
First Claim
Patent Images
1. A method of loading a security algorithm in a fast path of a network processor, comprising:
- generating a statistic associated with a plurality of communication packets received by the network processor;
determining a security attack on the network processor is in progress based at least in part on the statistic; and
loading the security algorithm in the fast path of the network processor.
2 Assignments
0 Petitions
Accused Products
Abstract
Methods and apparatus for loading a security algorithm in a fast path of a network processor are disclosed. In an example method, a network processor generates a statistic associated with a plurality of communication packets received by the network processor, determines a security attack on the network processor is in progress based on the statistic and loads the security algorithm in the fast path of the network processor.
92 Citations
50 Claims
-
1. A method of loading a security algorithm in a fast path of a network processor, comprising:
-
generating a statistic associated with a plurality of communication packets received by the network processor;
determining a security attack on the network processor is in progress based at least in part on the statistic; and
loading the security algorithm in the fast path of the network processor. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A system for dynamically responding to a network security attack, comprising:
-
a memory containing a plurality of security algorithms; and
a processor coupled to the memory and programmed to;
generate a statistic associated with a plurality of communication packets received by the processor;
determine the security attack on the processor is in progress based at least in part on the statistic; and
load one of the plurality of security algorithms in the processor. - View Dependent Claims (10, 11, 12, 13, 14)
-
-
15. An apparatus for dynamically responding to a network security attack, comprising:
-
a machine accessible medium; and
instructions stored on the machine accessible medium and adapted to be executed by a processor to;
generate a statistic associated with a plurality of communication packets received by the processor;
determine a security attack on the processor is in progress based on the statistic; and
load one of a plurality of security algorithms in the processor. - View Dependent Claims (16, 17, 18, 19, 20)
-
-
21. A machine accessible medium having associated data that, when accessed, causes a machine to:
-
generate a statistic associated with a plurality of communication packets received by the processor;
determine a security attack on the processor is in progress based on the statistic; and
load one of a plurality of security algorithms in the processor. - View Dependent Claims (22, 23, 24, 25, 26)
-
-
27. A method of loading a security algorithm in a fast path of a network processor, comprising:
-
receiving a request for a connection to the network processor from a network client;
presenting a plurality of available security algorithms to the network client;
determining which one of the plurality of available security algorithms is to be used for communications with the network client; and
downloading the one of the plurality of available security algorithms to be used for communications with the network client to the network processor. - View Dependent Claims (28, 29, 30, 31, 32)
-
-
33. A network communication device, comprising,
a memory containing a plurality of security algorithms; - and
a processor coupled to the memory and programmed to;
receive a request for a connection to the processor from a network client;
present a set of the plurality of security algorithms to the network client;
determine which one of the plurality of security algorithms is to be used for communications with the network client; and
download the one of the plurality of security algorithms to be used for communications with the network client to the processor. - View Dependent Claims (34, 35, 36, 37)
- and
-
38. An apparatus for loading a security algorithm in a fast path of a network processor, comprising:
-
a machine accessible medium; and
instructions stored on the machine accessible medium and adapted to be executed by the network processor to;
receive a request for a connection to the network processor from a network client;
present a plurality of available security algorithms to the network client;
determine which one of the plurality of available security algorithms is to be used for communications with the network client; and
download the one of the plurality of available security algorithms to be used for communications with the network client to the network processor. - View Dependent Claims (39, 40)
-
-
41. A machine accessible medium having associated data that, when accessed, causes a machine to:
-
receive a request for a connection to the network processor from a network client;
present a plurality of available security algorithms to the network client;
determine which one of the plurality of available security algorithms is to be used for communications with the network client; and
download the one of the plurality of available security algorithms to be used for communications with the network client to the network processor. - View Dependent Claims (42, 43)
-
-
44. A method of responding to a network security attack, comprising:
-
monitoring a characteristic of communications on a network;
detecting the network security attack based at least in part on the monitored characteristic; and
loading a security algorithm in a network processor. - View Dependent Claims (45, 46)
-
-
47. A computer system, comprising:
-
a memory containing a plurality of security algorithms; and
a network processor coupled to the memory and programmed to;
monitor communications on a network; and
load one of the plurality of security algorithms in the network processor based on the monitored communications. - View Dependent Claims (48, 49, 50)
-
Specification