×

Method and apparatus for reducing the number of tunnels used to implement a security policy on a network

  • US 7,107,613 B1
  • Filed: 03/27/2002
  • Issued: 09/12/2006
  • Est. Priority Date: 03/27/2002
  • Status: Expired due to Fees
First Claim
Patent Images

1. A method for reducing a number of tunnels used to implement a security policy on a network, the method comprising:

  • selecting a set of tunnels for exchanging data packets between a first security device and a second security device;

    each tunnel in the set of tunnels specifying a dimensional range for data packets that are subject to that tunnel;

    determining a super tunnel for the set of tunnels, so that a dimensional range of the data packets that would be made subject to the super tunnel encompasses a dimensional range of the data packets that are subject to the set of tunnels;

    determining that the super tunnel would, if implemented, tunnel data packets that are subject only to tunnels in the set of tunnels; and

    in response to determining that the super tunnel would, if implemented, tunnel data packets that are subject only to tunnels in the set of tunnels, implementing the super tunnel between the first security device and the second security device;

    wherein implementing the super tunnel reduces the number of tunnels used to implement the security policy on the network.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×