Apparatus and method for processing encrypted packets in a computer network device
First Claim
1. An architecture for a network access server, the architecture comprising:
- a first network interface device for communicating with a first network having a first protocol type, where the first network interface device has a first interface terminal for coupling to the first network and a second interface terminal, and where the first network device is configured to perform processing for the first protocol type for data packets exchanged between the first and second interface terminals of the first network device;
a second network interface device for communicating with a second network having a second protocol type, where the second network interface device has a first interface terminal for coupling to the second network and a second interface terminal coupled to the second interface terminal of the first network device, and where the second network device is configured to perform processing for the second protocol type for a first type of data packet exchanged between the first and second interface terminals of the second network device;
a third network interface device for communicating with the second network, where the third network interface device has a first interface terminal for coupling to the second network, a second interface terminal coupled to the second interface terminal of the first network device, and a third interface terminal coupled to the first interface terminal of the second network device, and where the third network device is configured to perform processing for the second protocol type for a second type of data packet exchanged between the first and second interface terminals of the third network device, the third network interface device being further configured to detect reception of the firs type of data packet at the first interface terminal of the third network interface device and route the first type of data packet to the third interface terminal of the third network interface device; and
wherein the first protocol type of the first network is a first real-time sensitive protocol and the second protocol type is a second real-time sensitive protocol configured to route each data packet to a destination address included in each data packet.
7 Assignments
0 Petitions
Accused Products
Abstract
Disclosed is an architecture for a network access server wherein a switching device is placed between a network gateway device and a first network, where the switching device detects the presence or absence of a security protocol field in the header information of data packets received from the first network and routes the data packets accordingly. When the security protocol field is absent, the switching device routes the data packet to the network gateway device for processing in accordance with a protocol service provided by the network access server. When the security protocol field is present, the switching device decrypts the data packet, processes the data packet in accordance with the protocol service provided by the network access server, and routes the data packet to another device within the network access server on the basis of decrypted address information within the data packet.
70 Citations
21 Claims
-
1. An architecture for a network access server, the architecture comprising:
-
a first network interface device for communicating with a first network having a first protocol type, where the first network interface device has a first interface terminal for coupling to the first network and a second interface terminal, and where the first network device is configured to perform processing for the first protocol type for data packets exchanged between the first and second interface terminals of the first network device; a second network interface device for communicating with a second network having a second protocol type, where the second network interface device has a first interface terminal for coupling to the second network and a second interface terminal coupled to the second interface terminal of the first network device, and where the second network device is configured to perform processing for the second protocol type for a first type of data packet exchanged between the first and second interface terminals of the second network device; a third network interface device for communicating with the second network, where the third network interface device has a first interface terminal for coupling to the second network, a second interface terminal coupled to the second interface terminal of the first network device, and a third interface terminal coupled to the first interface terminal of the second network device, and where the third network device is configured to perform processing for the second protocol type for a second type of data packet exchanged between the first and second interface terminals of the third network device, the third network interface device being further configured to detect reception of the firs type of data packet at the first interface terminal of the third network interface device and route the first type of data packet to the third interface terminal of the third network interface device; and wherein the first protocol type of the first network is a first real-time sensitive protocol and the second protocol type is a second real-time sensitive protocol configured to route each data packet to a destination address included in each data packet. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method for processing data packets in a network access device, the method comprising the steps of:
-
receiving a data packet from a first network; determining whether the data packet has a first protocol type field in a header of the data packet; routing the data packet to a first gateway device for processing when the data packet has the first protocol type field; routing the data packet to a second gateway device for processing when the data packet does not have the first protocol type field; processing the data packet for a real-time sensitive protocol in the first gateway device; and processing the data packet for a security protocol and for the real-time sensitive protocol in the second gateway device. - View Dependent Claims (10, 11, 12, 13, 14)
-
-
15. A network access server for communicating between first and second networks, the server comprising:
-
a first gateway device for processing data flow between the first network and the network access server; a second gateway device for processing data flow between the first gateway device and the second network; a switching device interposed between the second gateway device and the second network for routing a first type of data packet from the second network to the second gateway device and for processing a second type of data packet from the second network and routing the second type of data packet to the first gateway; and where the second type of data packet is an encrypted packet and where the switching device is configured to decrypt the second type of packet and route the second type of packet to the first gateway device based upon decrypted header information. - View Dependent Claims (16, 17, 18, 19, 20, 21)
-
Specification