Transparent IPSec processing inline between a framer and a network component
First Claim
Patent Images
1. An apparatus comprising:
- a security processor to be inline between a framer and a network processor, the security processor to process an IPsec protocol layer without terminating any other protocol layer.
8 Assignments
0 Petitions
Accused Products
Abstract
A method and apparatus for transparent processing of IPsec network traffic by a security processor in line between a framer and a network processor. Security processor parses packet header and tail information to determine if encryption or decryption is required. After encryption or decryption is completed packet header and tail information is modified to reflect the changes in the packet such as length of the packet. The modified packet is then passed on to the network processor or framer.
-
Citations
25 Claims
-
1. An apparatus comprising:
a security processor to be inline between a framer and a network processor, the security processor to process an IPsec protocol layer without terminating any other protocol layer. - View Dependent Claims (2, 3)
-
4. An apparatus comprising:
-
a first circuit to determine a protocol type of a packet;
at least one execution unit coupled to the first circuit, the at least one execution unit to decrypt an encrypted protocol layer of the packet;
a second circuit to correct protocol layer data after decryption; and
a third circuit coupled to second circuit to communicate with a framer. - View Dependent Claims (5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A method comprising:
-
receiving a packet;
parsing the packet to determine the level two protocol information in the packet;
processing an IPsec protocol layer;
altering the packet to correct header information; and
sending a packet to a framer device. - View Dependent Claims (14, 15)
-
-
16. An apparatus comprising:
-
means for receiving a packet;
means for parsing the packet to determine the level two protocol information in the packet;
means for processing an IPsec protocol layer;
means for correcting protocol layer information after processing; and
means for sending a packet to a framer device. - View Dependent Claims (17, 18)
-
-
19. A system comprising:
-
a framer device;
a network processor; and
a security processor couple between the framer device and the network processor, the security processor to process an IPsec protocol layer without terminating any other protocol layer. - View Dependent Claims (20, 21)
-
-
22. A machine-readable medium that provides instructions, which when executed by a machine cause the machine to perform operations comprising:
-
processing a packet received from a framer device to determine the type of protocol layers included in the packet;
processing the packet to decrypt an IPsec protocol layer; and
modifying the packet to include a decrypted IP protocol layer and protocol layer information based on the decrypted IP protocol layer. - View Dependent Claims (23, 24, 25)
-
Specification