Hardware based security groups, firewall load sharing, and firewall redundancy
First Claim
1. A secure telecommunications system comprising:
- an external network on which traffic travels;
a switch connected to the external network;
an internal network connected to the switch;
a first inspection engine connected to the switch and not in line with the internal network and the external network, which receives traffic from the switch, processes the traffic to determine whether it is desired traffic or undesired traffic, which prevents undesired traffic from passing through it and which sends desired traffic back to the switch;
a second inspection engine connected to the switch and not in line with the internal network and the external network, which receives traffic from the switch, processes the traffic to determine whether it is desired traffic or undesired traffic, which prevents undesired traffic from passing through it and which sends desired traffic back to the switch;
a first destination connected to the switch through the internal network which receives desired traffic from the switch that has been processed by the first inspection engine; and
a second destination connected to the switch through the internal network which receives desired traffic from the switch that has been processed by the second inspection engine.
4 Assignments
0 Petitions
Accused Products
Abstract
A secure telecommunications system includes an external network and an internal network on which traffic travels. The system includes a switch connected to the network. The system includes a first inspection engine and a second inspection engine which are connected to the switch, which receive traffic from the switch, process the traffic to determine whether it is desired traffic or undesired traffic, which prevent undesired traffic from passing through it and which sends desired traffic back to the switch. The system includes a first destination connected to the switch which receives desired traffic from the switch that has been processed by the first inspection engine. The system includes a second destination connected to the switch which receives desired traffic from the switch that has been processed by the second inspection engine. A method for sending traffic over a secure telecommunications system.
123 Citations
20 Claims
-
1. A secure telecommunications system comprising:
-
an external network on which traffic travels;
a switch connected to the external network;
an internal network connected to the switch;
a first inspection engine connected to the switch and not in line with the internal network and the external network, which receives traffic from the switch, processes the traffic to determine whether it is desired traffic or undesired traffic, which prevents undesired traffic from passing through it and which sends desired traffic back to the switch;
a second inspection engine connected to the switch and not in line with the internal network and the external network, which receives traffic from the switch, processes the traffic to determine whether it is desired traffic or undesired traffic, which prevents undesired traffic from passing through it and which sends desired traffic back to the switch;
a first destination connected to the switch through the internal network which receives desired traffic from the switch that has been processed by the first inspection engine; and
a second destination connected to the switch through the internal network which receives desired traffic from the switch that has been processed by the second inspection engine. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A method for sending traffic over a secure telecommunications system comprising the steps of:
-
receiving traffic from an external network at a switch connected to the external network and an internal network;
directing traffic to a first inspection engine connected to the switch and not in line with the internal network or the external network, and to a second inspection engine connected to the switch and not in line with the internal network or the external network;
receiving traffic at the first inspection engine;
processing traffic received at the first inspection engine to determine whether it is desired traffic or undesired traffic;
sending the desired traffic back to the switch from the first inspection engine and discarding undesired traffic from the first inspection engine;
transferring desired traffic received by the switch from the first inspection engine to a first destination through the internal network;
processing traffic received at the second inspection engine to determine whether it is desired traffic or undesired traffic;
sending the desired traffic back to the switch from the second inspection engine and discarding undesired traffic from the second inspection engine; and
transferring desired traffic received by the switch from the second inspection engine to a second destination through the internal network. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
-
Specification