Security association updates in a packet load-balanced system
First Claim
Patent Images
1. A packet processing method comprising:
- receiving a plurality of packets;
generating header information for the packets;
adding the header information to the packets to generate encapsulated packets; and
distributing the encapsulated packets to a plurality of encryption processors.
7 Assignments
0 Petitions
Accused Products
Abstract
Methods and associated systems for providing secured data transmission over a data network are disclosed. Security association updates may be provided in a load-balanced system. Before encryption, the system may calculate values for header fields that need to be updated as a result of an encryption process. Encrypted packets may be decrypted by a parallel decryption system. After decryption, the system may calculates value for fields in the header information that need to be updated as a result of the decryption process.
-
Citations
31 Claims
-
1. A packet processing method comprising:
-
receiving a plurality of packets;
generating header information for the packets;
adding the header information to the packets to generate encapsulated packets; and
distributing the encapsulated packets to a plurality of encryption processors. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A packet processing method comprising:
-
receiving a plurality of packets;
identifying security association information associated with the packets;
retrieving the security association information from a data memory;
modifying at least a portion of the security association information;
adding header information to the packets to generate encapsulated packets, wherein the header information comprises the modified at least a portion of the security association information; and
distributing the encapsulated packets to a plurality of encryption processors. - View Dependent Claims (8, 9, 10, 11, 12, 13)
-
-
14. A packet processing method comprising:
-
receiving a plurality of encrypted packets comprising header information;
distributing the encrypted packets to a plurality of decryption processors;
modifying, by a common processing component, at least a portion of the header information of the decrypted packets; and
transmitting the decrypted packets. - View Dependent Claims (15, 16, 17, 18, 19)
-
-
20. A packet processing method comprising:
-
receiving a plurality of encrypted packets;
identifying security association information associated with the packets;
distributing the encrypted packets to a plurality of decryption processors to generate decrypted packets;
modifying, by a common processing component, at least a portion of the security association information; and
transmitting the decrypted packets comprising the modified security association information. - View Dependent Claims (21, 22, 23, 24, 25, 26, 27)
-
-
28. A packet processing system comprising:
-
at least one media access controller for receiving a plurality of packets;
at least one data memory for storing security association information;
a header processor for modifying at least a portion of the security association information and adding header information to the packets to generate encapsulated packets, wherein the header information comprises the modified at least a portion of the security association information; and
a plurality of encryption processors for encrypting the encapsulated packets. - View Dependent Claims (29)
-
-
30. A packet processing system comprising:
-
at least one media access controller for receiving a plurality of encrypted packets;
at least one data memory for storing security association information;
a plurality of decryption processors for decrypting the encrypted packets to generate decrypted packets;
a header processor for modifying at least a portion of the security association information and modifying header information for the decrypted packets, wherein the header information comprises the modified at least a portion of the security association information. - View Dependent Claims (31)
-
Specification