FIREWALL INCLUDING LOCAL BUS
First Claim
1. A network device comprising:
- an interface to receive, from a first network, a plurality of packets that are destined for a second network;
a controller to transfer, via a first bus, a first packet, of the plurality of packets, from the interface to a storage device within the network device; and
a processor to;
retrieve, via a second bus, the first packet from the storage device, andperform a plurality of security-related packet processing operations on the first packet, wherein the controller is to concurrently transfer, via the first bus, a second packet, of the plurality packets, from the interface to the storage device.
0 Assignments
0 Petitions
Accused Products
Abstract
A gateway for screening packets transferred over a network. The gateway includes a plurality of network interfaces, a memory and a memory controller. Each network interface receives and forwards messages from a network through the gateway. The memory temporarily stores packets received from a network. The memory controller couples each of the network interfaces and is configured to coordinate the transfer of received packets to and from the memory using a memory bus. The gateway includes a firewall engine couples to the memory bus. The firewall engine is operable to retrieve packets from the memory and screen each packet prior to forwarding a given packet through the gateway and out an appropriate network interface. A local bus is coupled between the firewall engine and the memory providing a second path for retrieving packets from memory when the memory bus is busy.
-
Citations
1 Claim
-
1. A network device comprising:
-
an interface to receive, from a first network, a plurality of packets that are destined for a second network; a controller to transfer, via a first bus, a first packet, of the plurality of packets, from the interface to a storage device within the network device; and a processor to; retrieve, via a second bus, the first packet from the storage device, and perform a plurality of security-related packet processing operations on the first packet, wherein the controller is to concurrently transfer, via the first bus, a second packet, of the plurality packets, from the interface to the storage device.
-
Specification
-
- Resources
-
Current AssigneeJuniper Networks Incorporated
-
Original AssigneeJuniper Networks Incorporated
-
InventorsLUO, Dongping, KE, Yan, DENG, Feng
-
Granted Patent
-
Time in Patent OfficeDays
-
Field of Search
-
US Class Current726/11
-
CPC Class CodesH04L 49/90 Buffering arrangementsH04L 49/901 using storage descriptor, e...H04L 49/9057 Arrangements for supporting...H04L 63/02 for separating internal fro...H04L 69/16 Implementation or adaptatio...H04L 69/22 Parsing or analysis of headersH04L 9/40 Network security protocols
