Packet classification in a network security device
First Claim
1. A method for inspecting data packets in a computer network, one or more data packets having associated header data and content, the method comprising the steps of:
- receiving a data packet;
examining the data packet to classify the data packet including classifying the data packet using information included in the header and content;
determining flow instructions for processing the packet based on both the header information and the content; and
processing of the packet using the flow instructions.
1 Assignment
0 Petitions
Accused Products
Abstract
Methods and apparatuses are described for inspecting data packets in a computer network. One or more data packets through the network have associated header data and content. One method includes receiving a data packet, examining the data packet to classify the data packet including classifying the data packet using information included in the header and content, determining flow instructions for processing the packet based on both the header information and the content and processing of the packet using the flow instructions.
90 Citations
18 Claims
-
1. A method for inspecting data packets in a computer network, one or more data packets having associated header data and content, the method comprising the steps of:
-
receiving a data packet; examining the data packet to classify the data packet including classifying the data packet using information included in the header and content; determining flow instructions for processing the packet based on both the header information and the content; and processing of the packet using the flow instructions. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A method for inspecting data packets in a computer network, one or more data packets having associated header data and content, the method comprising the steps of:
-
receiving the data packet; examining the data packet to classify the data packet including classifying the data packet using information included in a header portion of the data packet and separately classifying the data packet based on a content portion of the data packet; determining flow instructions for processing the data packet based on the header information; determining special processing instructions for processing the data packet based on the content portion; determining selected instructions from among the flow and special processing instructions for processing the data packet; and processing the data packet in accordance with the selected instructions. - View Dependent Claims (8, 9, 10, 11)
-
-
12. A device comprising:
-
A multi-mode classification engine for classifying received data packets, the multi-mode classification engine including A header classification engine for classifying data packets in accordance with header data associated therewith, the header classification engine generating first classification data; and A content classification engine for classifying data packets in accordance with content of the data packets, the content classification engine generating second classification data; and A security block for evaluating the data packets including evaluating the data packets using one or both of the first and the second classification data. - View Dependent Claims (13, 14, 15, 16, 17, 18)
-
Specification