Computerized system and method for handling network traffic
First Claim
1. A computer-implemented method for handling network traffic associated with a plurality of virtual domains, the method comprising:
- a. defining a plurality of interfaces, each of the interfaces corresponding to a virtual domain of the plurality of virtual domains;
b. initiating a service process for handling network traffic based on a predetermined policy;
c. in response to a connection request involving a network entity associated with a virtual domain, opening a communication channel between the service process and a kernel;
d. using the opened communication channel to transfer at least a portion of network traffic associated with the virtual domain between service process and the kernel; and
e. handling the transferred network traffic in the service process based on the policy.
1 Assignment
0 Petitions
Accused Products
Abstract
A computerized system and method for processing network content associated with multiple virtual domains. The processing may include anti-malware scanning and/or content filtering. The content associated with multiple domains may be processed in the same daemon process. In response to connection requests from virtual domains, the service process creates separate sockets to communicate with each virtual domain. A global configuration management module is used to provide configuration parameters for each session to the service process. A logging manager processes both the global logs and the logs from each virtual domain. Alternatively, the service process may initiate other service processes to handle incoming connections from one or more virtual domains, in order to better utilize resources in a multiple-CPU environment. Different service processes may be used to handle various aspects of content processes, for example one process may handle anti-malware scanning, while another process may handle content filtering.
-
Citations
41 Claims
-
1. A computer-implemented method for handling network traffic associated with a plurality of virtual domains, the method comprising:
-
a. defining a plurality of interfaces, each of the interfaces corresponding to a virtual domain of the plurality of virtual domains;
b. initiating a service process for handling network traffic based on a predetermined policy;
c. in response to a connection request involving a network entity associated with a virtual domain, opening a communication channel between the service process and a kernel;
d. using the opened communication channel to transfer at least a portion of network traffic associated with the virtual domain between service process and the kernel; and
e. handling the transferred network traffic in the service process based on the policy. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24)
-
-
25. A computerized system for handling network traffic associated with a plurality of virtual domains, the system comprising:
-
a. a plurality of interfaces, each of the interfaces corresponding to a virtual domain of the plurality of virtual domains; and
b. a CPU executing a kernel and a service process for handling network traffic based on a predetermined policy;
wherein, in response to a connection request involving a network entity associated with a virtual domain, the CPU;
i. opens a communication channel between the service process and the kernel;
ii. uses the opened communication channel to transfer network traffic associated with the virtual domain between service process and the kernel; and
iii. handles the transferred network traffic in the service process based on the policy.
-
-
26. A computerized system for handling network traffic associated with a plurality of virtual domains, the system comprising:
-
a. a plurality of interfaces, each of the interfaces corresponding to a virtual domain of the plurality of virtual domains;
b. a processing unit executing a kernel and a service process for handling network traffic based on a predetermined policy;
c. a configuration server for providing configuration information to the service process in response to a configuration request from the service process; and
d. a log server for logging information in response to a logging request from the service process;
- View Dependent Claims (27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40)
-
-
41. A computer-readable medium embodying one or more sequences of instructions, which when executed by one or more processors, causes the one or more processors to perform a method comprising:
-
a. defining a plurality of interfaces, each of the interfaces corresponding to a virtual domain of the plurality of virtual domains;
b. initiating a service process for handling network traffic based on a predetermined policy;
c. in response to a connection request involving a network entity associated with a virtual domain, opening a communication channel between the service process and a kernel;
d. using the opened communication channel to transfer network traffic associated with the virtual domain between service process and the kernel; and
e. handling the transferred network content in the service process based on the policy.
-
Specification