×

Intelligent integrated network security device for high-availability applications

DC
  • US 7,734,752 B2
  • Filed: 10/12/2004
  • Issued: 06/08/2010
  • Est. Priority Date: 02/08/2002
  • Status: Active Grant
First Claim
Patent Images

1. A method in a computer network, comprising:

  • processing packets, by a primary security system, the primary security system including a first device-implemented session module to maintain flow information for the primary security system to facilitate processing of the packets, where the first device-implemented session module includes a first flow table having a primary portion that stores information associated with the operation of the first device-implemented session module, when the primary security system is functioning in a primary security system mode, and a secondary portion that stores information associated with the operation of the first device-implemented session module, when the primary security system is functioning in a failover mode;

    designating a secondary security system for processing packets upon a failover event, the secondary security system including a second device-implemented session module to maintain flow information for the secondary security system to facilitate processing of the packets, where the second device-implemented session module includes a second flow table having a primary portion that stores information associated with the operation of the second device-implemented session module, when the secondary security system is functioning in a primary security system mode, and a secondary portion that stores information associated with the operation of the second device-implemented session module, when the secondary security system is functioning in a failover mode;

    sharing flow records from the primary security system with the secondary security system;

    sharing flow records from the secondary security system with the primary security system;

    using the primary security system to provide failover support for the secondary security system, based on the information stored in the secondary portion of the first flow table; and

    using the secondary security system to provide failover support for the primary security system, based on the information stored in the secondary portion of the second flow table.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×