Method and apparatus for a distributed firewall
1 Assignment
0 Petitions
Accused Products
Abstract
A method and apparatus for implementing a distributed firewall is described. A packet filter processor receives a packet sent from a first device to a second device. The packet filter processor authenticates an identifier for the packet. For example, authentication could be performed using a cryptographically-verifiable identifier. The packet filter processor determines whether to send the packet to the second device, based on the authentication and a set of policy rules. The packet filter processor sends the packet to the second device in accordance with the determination
99 Citations
31 Claims
-
1-2. -2. (canceled)
-
3. A method for filtering packets, comprising:
-
receiving a packet sent from a first device to a second device;
authenticating an identifier for said packet;
determining whether to send said packet to said second device; and
sending said packet to said second device in accordance with said determination wherein said identifier is a common host identifier.
-
-
4-22. -22. (canceled)
-
23. A method for filtering packets, comprising:
-
receiving a packet sent from a first device to a second device;
authenticating an identifier for said packet;
determining whether to send said packet to said second device; and
sending said packet to said second device in accordance with said determination further comprising a second buffer for storing said compared data packet prior to forwarding said compared data packet to the second device wherein said random access memory comprises dynamic random access memory. - View Dependent Claims (24, 25, 26, 27)
-
-
29. A distributed firewall system, comprising:
-
a first network device;
a second network device in communication with said first network device;
a packet filter processor for each network device;
an encryption means coupled to said packet filter processor, said encryption means for decrypting and authenticating a packet sent between said first network device and said second network device; and
a system management module to manage said packet filter processors. - View Dependent Claims (30, 31)
-
Specification