System and method for routing data over an internet protocol security network
First Claim
1. A method of communicating data over an Internet Protocol security network, the method comprising:
- receiving packets for transmission over the Internet Protocol security network;
controlling order of processing of the packets;
determining whether each packet requires security features;
feeding the packets to a post-queue line interface module according to the order of processing of the packets;
allocating, in response to the determination that a packet requires security features, a sequence number to each packet in the order of feeding of packets to the post-queue line interface module;
providing said packet with appropriate security features; and
transmitting said packet over the Internet Protocol security network.
1 Assignment
0 Petitions
Accused Products
Abstract
A method of routing data over an Internet Protocol security (IPSec) network, the method comprising: receiving packets for transmission over the IPSec network, controlling the order of processing of the packets, determining whether each packet requires security features, feeding of the packets to a post-queue line interface module according to the order of processing the packets and allocating a sequence number to each packet in the order of feeding of packets to the post-queue line interface module. A packet requiring security features are provided with such features, which may be AH or ESP protocol, before it is transmitted over the Internet Protocol security network. As the queueing of the packet is done before the packet is provided with security features, the quality of service of the IPSec network is improved with the packets being received at the anti-replay window according to the order of the allocated sequence numbers.
37 Citations
17 Claims
-
1. A method of communicating data over an Internet Protocol security network, the method comprising:
-
receiving packets for transmission over the Internet Protocol security network;
controlling order of processing of the packets;
determining whether each packet requires security features;
feeding the packets to a post-queue line interface module according to the order of processing of the packets;
allocating, in response to the determination that a packet requires security features, a sequence number to each packet in the order of feeding of packets to the post-queue line interface module;
providing said packet with appropriate security features; and
transmitting said packet over the Internet Protocol security network. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A system for routing data over an Internet Protocol security network, the system comprising:
-
a traffic management module to control the order of processing of packets;
a sequence number allocator to allocate sequence numbers to packets in the order of processing of packets in the traffic management module and feeding the packets to a post-queue line interface module;
a post-queue line interface module to provide packets with the appropriate security features; and
a transmitter to transmit packets over the Internet Protocol security network. - View Dependent Claims (11, 12, 13, 14, 15)
-
-
16. A machine-readable medium comprising instructions, which when executed by a machine, cause the machine to:
-
receive packets for transmission over an Internet Protocol security network;
control an order of processing of the packets;
determine whether each packet requires security features;
feed the packets to a post-queue line interface module according to the order of processing of the packets;
allocate, in response to the determination that a packet requires security features, a sequence number to each packet in the order of feeding of packets to the post-queue line interface module;
provide said packet with appropriate security features; and
transmit said packet over the Internet Protocol security network.
-
-
17. A system for routing data over an Internet Protocol security network, the system comprising:
-
means for controlling the order of processing of packets;
means for allocating sequence numbers to packets in the order of processing of packets in the traffic management module and for feeding the packets to the post-queue line interface module;
means for providing packets with the appropriate security features; and
means for transmitting packets over the Internet Protocol security network.
-
Specification