Edge adapter architecture apparatus and method
First Claim
1. An architecture for intercepting and processing packets transmitted from a source to a destination over a network, the architecture comprising:
- a packet interceptor coupled with said network and operative to selectively intercept said packets prior to receipt by said destination based on a first criteria;
at least one primary processor coupled with said packet interceptor and operative to perform stateless processing tasks on said intercepted packets, said stateless processing tasks comprising tasks which are not directly dependent on a previously intercepted packet, said at least one primary processor including;
at least two stateless packet processors coupled in parallel, said processing of said intercepted packets being distributed among said at least two stateless packet processors;
at least one secondary processor coupled with said at least one primary processor and operative to perform stateful processing tasks on said statelessly processed intercepted packets, said stateful processing tasks comprising tasks which are based at least on a previously intercepted packet, said at least one secondary processor including;
at least two stateful packet processors coupled in series with each other, each of said at least two stateful packet processors operative to perform a portion of said stateful processing tasks on said statelessly processed intercepted packets, a last one in said series of said at least two stateful packet processors being coupled with said network and operative to selectively release said statefully processed and statelessly processed intercepted packet back to said network.
16 Assignments
0 Petitions
Accused Products
Abstract
An architecture for intercepting and processing packets from a network is disclosed. The architecture provides both stateful and stateless processing of packets in the bi-directional network flow. Further, stateless processing is provided by a parallel arrangement of network processors while stateful processing is provided by a serial arrangement of network processors. The architecture permits leveraging existing bi-directional devices to process packets in a uni-directional flow, thereby increasing the throughput of the device. The ability to share state among the stateless processor, among the stateful processors of each packet flow direction and between the stateless and stateful processors provides for dynamic adaptability and analysis of both historical and bi-directional packet activity.
-
Citations
40 Claims
-
1. An architecture for intercepting and processing packets transmitted from a source to a destination over a network, the architecture comprising:
-
a packet interceptor coupled with said network and operative to selectively intercept said packets prior to receipt by said destination based on a first criteria; at least one primary processor coupled with said packet interceptor and operative to perform stateless processing tasks on said intercepted packets, said stateless processing tasks comprising tasks which are not directly dependent on a previously intercepted packet, said at least one primary processor including; at least two stateless packet processors coupled in parallel, said processing of said intercepted packets being distributed among said at least two stateless packet processors; at least one secondary processor coupled with said at least one primary processor and operative to perform stateful processing tasks on said statelessly processed intercepted packets, said stateful processing tasks comprising tasks which are based at least on a previously intercepted packet, said at least one secondary processor including; at least two stateful packet processors coupled in series with each other, each of said at least two stateful packet processors operative to perform a portion of said stateful processing tasks on said statelessly processed intercepted packets, a last one in said series of said at least two stateful packet processors being coupled with said network and operative to selectively release said statefully processed and statelessly processed intercepted packet back to said network. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 38)
-
-
20. A method of intercepting and processing packets transmitted from a source to a destination over a network, said method comprising:
-
(a) intercepting, selectively, said packets prior to receipt by said destination based on a first criteria; (b) distributing said intercepted packets to at least two primary packet processors each operative to perform a stateless processing task on said intercepted packets, said stateless processing task comprising a task which is not directly dependent on a previously intercepted packet; (c) performing said stateless processing task on said distributed said intercepted packets in parallel by said at least two stateless packet processors; (d) receiving said statelessly processed intercepted packets from said at least two primary packet processors by a first secondary packet processor operative to perform a first portion of a stateful packet processing task on said statelessly processed intercepted packets; (e) receiving said partially statefully processed and statelessly processed intercepted packets from said first secondary packet processor by a second secondary packet processor operative to perform a second portion of the stateful processing task on said partially statefully processed and statelessly processed intercepted packets, said stateful processing task comprising a task which is based at least on a previously intercepted packet; and (f) releasing, selectively, said statefully processed and statelessly processed intercepted packets upon completion of said stateful processing task. - View Dependent Claims (21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 39)
-
-
37. An apparatus for intercepting and processing packets transmitted from a source to a destination over a network, the apparatus comprising:
- means for selectively intercepting said packets prior to receipt by said destination based on a first criteria;
means for performing stateless processing tasks on said intercepted packets, said stateless processing tasks comprising tasks which are not directly dependent on a previously intercepted packet, said means for performing stateless processing tasks including;
parallel processing means for distributing and processing said intercepted packets in parallel coupled with said stateless processing means;
means for performing stateful processing tasks on said statelessly processed intercepted packets, said stateful processing tasks comprising tasks which are based at least on a previously intercepted packet, said means for performing stateful processing tasks including;
serial processing means operative to distribute said stateful processing tasks on said statelessly processed intercepted packets and selectively release said statefully processed and statelessly processed intercepted packet back to said network. - View Dependent Claims (40)
- means for selectively intercepting said packets prior to receipt by said destination based on a first criteria;
Specification