FIREWALL INCLUDING LOCAL BUS
0 Assignments
0 Petitions
Accused Products
Abstract
A gateway for screening packets transferred over a network. The gateway includes a plurality of network interfaces, a memory and a memory controller. Each network interface receives and forwards messages from a network through the gateway. The memory temporarily stores packets received from a network. The memory controller couples each of the network interfaces and is configured to coordinate the transfer of received packets to and from the memory using a memory bus. The gateway includes a firewall engine coupled to the memory bus. The firewall engine is operable to retrieve packets from the memory and screen each packet prior to forwarding a given packet through the gateway and out an appropriate network interface. A local bus is coupled between the firewall engine and the memory providing a second path for retrieving packets from memory when the memory bus is busy.
-
Citations
34 Claims
-
1-14. -14. (canceled)
-
15. A network device comprising:
-
a first memory to store packets received at the network device; a controller to transfer the packets to the first memory via a first bus; a processor including a plurality of processing units and a second memory to store a first plurality of rules; and a third memory to store a second plurality of rules, wherein the processor is configured to; retrieve a first one of the packets from the first memory via the first bus or a second bus, inspect the first packet to identify a set of rules associated with the first packet, match ones of the identified set of rules to ones of the first plurality of rules, and match at least one other one of the identified set of rules to at least one of the second plurality of rules, and wherein at least one of the processing units is configured to process the first packet using the matched ones of the identified set of rules and the matched at least one other one of the identified set of rules. - View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23, 24)
-
-
25. A network device comprising:
-
an interface to receive a plurality of packets from a first network which are destined for a second network; a controller to transfer, via a first bus, a first one of the received packets for storage within the network device; and a processor configured to; retrieve, via a second bus, the first packet from storage, and perform a plurality of security-related packet processing operations on the retrieved packet, wherein the controller is configured to concurrently transfer, via the first bus, a second one of the received packets for storage within the network device. - View Dependent Claims (26, 27, 28, 29, 30)
-
-
31. A communication system comprising:
-
means for storing packets received at the communication system; means for transferring, via a first bus, the packets to the means for storing packets; means for storing a first plurality of rules; means for storing a second plurality of rules; and means for; retrieving, via the first bus or a second bus, a first one of the packets from the means for storing packets, inspecting the first packet to identify a set of rules associated with the first packet, matching ones of the identified set of rules to ones of the first plurality of rules, matching at least one other one of the identified set of rules to at least one of the second plurality of rules, and processing the first packet using the matched ones of the identified set of rules and the matched at least one other one of the identified set of rules. - View Dependent Claims (32, 33, 34)
-
Specification