Method and apparatus for intelligent sorting and process determination of data packets destined to a central processing unit of a router or server on a data packet network
DCFirst Claim
1. A system for managing packets on a data network comprising;
- a network node having one or more packet processors enabled to sort specific types of packets into categories for processing;
a network access controller (NAC) operating in the node;
a queue set for receiving processed packets from the NAC; and
a CPU for pulling packets for processing from the queue set;
wherein the packet processors provide enhanced security in the network by categorizing incoming packets destined for the CPU into three or more categories, being at least one category for packets received from known, trusted sources, one category for suspect sources, and one category for packets received from unsure sources and forwards the categorized packets to the queue set and the CPU pulls packets for processing from the queue set according to a priority listing of the categories.
3 Assignments
Litigations
2 Petitions
Accused Products
Abstract
In a network node having one or more packet processors and at least one CPU required to process specific types of packets, a system for managing the specific types of packets for CPU processing has one or more packet processors enabled to sort the specific types of packets into two or more categories of different priority for processing; and a queue set for queuing the sorted packets according to priority ahead of the CPU. The system is characterized in that the CPU processes the queued packets according to priority. In a special case the queues are a part of network access controller (NAC). Also in some cases a software component is provided for configuring the hardware.
9 Citations
11 Claims
-
1. A system for managing packets on a data network comprising;
-
a network node having one or more packet processors enabled to sort specific types of packets into categories for processing; a network access controller (NAC) operating in the node; a queue set for receiving processed packets from the NAC; and a CPU for pulling packets for processing from the queue set; wherein the packet processors provide enhanced security in the network by categorizing incoming packets destined for the CPU into three or more categories, being at least one category for packets received from known, trusted sources, one category for suspect sources, and one category for packets received from unsure sources and forwards the categorized packets to the queue set and the CPU pulls packets for processing from the queue set according to a priority listing of the categories. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A method for processing CPU-destined data packets in a network node, comprising the steps of;
-
(a) providing a CPU in the node for receiving and processing incoming packets from the network; (b) providing a network access controller (NAC) in the node; (c) processing incoming packets destined for the CPU into three or more categories, the categories consisting of known, trusted sources;
suspect sources and unsure sources, thereby providing enhanced security in the network;(d) queuing the categorized packets into a queue set; and (e) pulling the packets from the queue set by the CPU for processing according to a priority listing of the categories. - View Dependent Claims (9, 10, 11)
-
- 7. The method of 6 wherein the priories set forte categories in step (c) are highest, lowest and intermediate, respectively.
Specification