Object-aware transport-layer network processing engine
First Claim
Patent Images
1. A network communication unit, comprising:
- an application-layer rule specification interface operative to define rules that each include a predicate that defines one or more conditions within an application layer construct and an action associated with that condition, condition detection logic responsive to the rule specification logic and operative to detect the conditions according to the rules, and implementation logic responsive to the rule specification interface and to the condition detection logic operative to perform an action specified in a rule when a condition for that rule is satisfied.
1 Assignment
0 Petitions
Accused Products
Abstract
In one general aspect, a network communication unit is disclosed that includes connection servicing logic that is responsive to transport-layer headers and is operative to service virtual, error-free network connections. A programmable parser is responsive to the connection servicing logic and is operative to parse application-level information received by the connection servicing logic for at least a first of the connections. Also included is application processing logic that is responsive to the parser and operative to operate on information received through at least the first of the connections based on parsing results from the parser.
207 Citations
46 Claims
-
1. A network communication unit, comprising:
-
an application-layer rule specification interface operative to define rules that each include a predicate that defines one or more conditions within an application layer construct and an action associated with that condition, condition detection logic responsive to the rule specification logic and operative to detect the conditions according to the rules, and implementation logic responsive to the rule specification interface and to the condition detection logic operative to perform an action specified in a rule when a condition for that rule is satisfied. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. A network communication unit, comprising:
-
means for defining application-layer rules that each include a predicate that defines one or more conditions within an application layer construct and an action associated with that condition, condition detecting means responsive to the rule defining means for detecting the conditions according to the rules, and means responsive to the rule defining means and to the condition detecting means for performing an action specified in a rule when a condition for that rule is satisfied.
-
-
19. Logic for processing a stream of transport layer data, comprising:
-
a full parser for parsing the stream and extracting content of interest in an object in the stream; and
a policy-based mechanism for determining how to process the object based at least in part on the content in the extracted content. - View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31)
-
-
32. A device for directing network traffic between clients and servers, comprising:
-
a parser for parsing streams of transport layer data in the network traffic, said parser parsing out underlying objects in said streams;
a policy-based mechanism for determining how to process the underlying object based at least in part on content in the parsed out underlying objects; and
logic for processing the underlying object as determined by the policy-based mechanism. - View Dependent Claims (33, 34, 35, 43, 44)
-
-
36. A method of processing a stream of transport layer data, comprising the steps of:
-
parsing the stream to identify content in an underlying object in the stream; and
applying a policy-based mechanism to determine how to process the stream based at least in part on content in the underlying object. - View Dependent Claims (37, 38, 39, 40, 41, 42)
-
-
45. In a device for forwarding network traffic from clients to servers, a method, comprising the steps of:
-
identifying real services provided by the servers;
grouping the real services into service groups;
providing a policy that includes object rules for matching object values to service groups;
examining an object in a stream of transport level data and applying the policy to determine a selected one of the service groups to send the object to. - View Dependent Claims (46)
-
Specification