INTELLIGENT INTEGRATED NETWORK SECURITY DEVICE
0 Assignments
0 Petitions
Accused Products
Abstract
Methods, computer program products and apparatus for processing data packets are described. Methods include receiving the data packet, examining the data packet, determining a single flow record associated with the packet and extracting flow instructions for two or more devices from the single flow record.
86 Citations
76 Claims
-
1-50. -50. (canceled)
-
51. A method for inspecting data packets associated with a flow in a computer network, the computer network including two or more security devices for processing the data packets, each of the data packets having associated header data, the method comprising:
-
receiving a data packet; examining the data packet; determining a single flow record associated with the data packets; extracting flow instructions, which determine whether the data packet should be forwarded, for the two or more security devices, from the single flow record and forwarding the flow instructions to the respective ones of the two or more security devices to facilitate processing of the data packet; receiving, from each of the two or more security devices, evaluation information, the evaluation information being generated by a respective one of the two or more security devices when processing the data packet; and processing the data packet using the evaluation information. - View Dependent Claims (52, 53, 54, 55, 56, 57, 58, 59, 60)
-
-
61. A memory device incorporating instructions for inspecting data packets associated with a flow in a computer network, the computer network including two or more security devices for processing the data packets, each data packet having associated header data, the instructions to:
-
receive a data packet; examine the data packet; determine a single flow record associated with the data packet; extract flow instructions, which determine whether the data packet should be forwarded, for the two or more security devices, from the single flow record and forward the flow instructions to the respective ones of the two or more security devices to facilitate processing of the data packet; receive, from each of the two or more security devices, evaluation information, the evaluation information being generated by a respective one of the two or more security devices when processing the data packet; and process the data packet using the evaluation information. - View Dependent Claims (62, 63, 64, 65, 66, 67, 68, 69, 70)
-
-
71. An apparatus for processing data packets comprising:
-
a session module to determine flow information for each received data packet and evaluate packet information that identifies a particular flow associated with a given data packet; a flow table that includes flow records for each flow having information determined by the session module, each particular flow record including flow information for a plurality of security devices coupled to the apparatus; where the session module is further to; receive, from each of the plurality of security devices, evaluation information based on a session ID and flow information associated with the particular flow, the evaluation information being generated by a respective one of the plurality of security devices in processing the data packets, and process the data packets using the evaluation information. - View Dependent Claims (72, 73, 74, 75, 76)
-
Specification