Method and system for including security information with a packet
First Claim
Patent Images
1. A method comprising:
- determining whether a packet is to be sent from a first network node to a second network node, whereinthe determining whether the packet is to be sent is performed at the first network node,the first network node is configured to support a network security technique, andthe second network node is not configured to support the network security technique;
in response to determining that the packet is to be sent from the first network node to the second network node, determining whether the packet will traverse a network node capable of processing packet security information after traversing the second network node, whereinthe determining whether the packet will traverse is performed at the first network node;
including packet security information with the packet, if it is determined that the packet will traverse the network node capable of processing packet security information after traversing the second network node, whereinthe packet security information is associated with the network security technique; and
forwarding the packet to the second network node, whereinthe forwarding the packet is performed regardless of whether the packet will traverse the network node capable of processing packet security information.
0 Assignments
0 Petitions
Accused Products
Abstract
A method and system for including security information with a packet is disclosed. A packet is detected as it exits a first network and enters a second network. The first network is configured to support a network security technique, and the second network is not configured to support the network security technique. Network security information associated with the network security technique is included with the packet. A network device is configured to include network security information in overhead of a packet. A method for identifying a first network device in a network is also disclosed. Identification information of the first network is communicated to a second network device.
83 Citations
45 Claims
-
1. A method comprising:
-
determining whether a packet is to be sent from a first network node to a second network node, wherein the determining whether the packet is to be sent is performed at the first network node, the first network node is configured to support a network security technique, and the second network node is not configured to support the network security technique; in response to determining that the packet is to be sent from the first network node to the second network node, determining whether the packet will traverse a network node capable of processing packet security information after traversing the second network node, wherein the determining whether the packet will traverse is performed at the first network node; including packet security information with the packet, if it is determined that the packet will traverse the network node capable of processing packet security information after traversing the second network node, wherein the packet security information is associated with the network security technique; and forwarding the packet to the second network node, wherein the forwarding the packet is performed regardless of whether the packet will traverse the network node capable of processing packet security information. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. An apparatus comprising:
-
a processor; hardware configured to determine whether a packet is to be sent from a first network node to a second network node, wherein the first network node comprises the hardware configured to determine, the first network node is configured to support a network security technique, and the second network node is not configured to support the network security technique; second hardware configured to determine whether the packet will traverse a network node capable of processing packet security information after traversing the second network node, if the hardware configured to determine determines that the packet is to be sent from the first network node to the second network node, wherein the second hardware configured to determine is coupled to the hardware configured to determine hardware configured to include packet security information with the packet, if the second hardware configured to determine determines that the packet will traverse the network node capable of processing packet security information after traversing the second network node, wherein the processor is coupled to control the hardware configured to include, the hardware configured to include is coupled to the second hardware configured to determine, and the packet security information is associated with the network security technique; and hardware configured to forward the packet, wherein the hardware configured to forward is coupled to the hardware configured to include, and the forwarding the packet is performed regardless of whether the packet will traverse the network node capable of processing packet security information. - View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30)
-
-
31. A computer program product comprising:
-
a first set of instructions, executable on a processor, configured to determine whether a packet is to be sent from a first network node to a second network node, wherein the determining whether the packet is to be sent is performed at the first network node, the first network node comprises the processor, the first network node is configured to support a network security technique, and the second network node is not configured to support the network security technique; a second set of instructions, executable on the processor, configured to determine whether the packet will traverse a network node capable of processing packet security information after traversing the second network node, if the first set of instructions indicates that the packet is to be sent from the first network node to the second network node, wherein the determining whether the packet is to be sent is performed at the first network node; a third set of instructions, executable on the processor, configured to include packet security information with the packet, if the second set of instructions indicates that the packet will traverse the network node capable of processing packet security information after traversing the second network node, wherein the packet security information is associated with the network security technique; a fourth set of instructions, executable on the processor, configured to forward the packet to the second network node, wherein the fourth set of instructions is configured to forward the packet regardless of whether the packet will traverse the network node capable of processing packet security information; and computer readable media, wherein the computer program product is encoded in the computer readable media. - View Dependent Claims (32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45)
-
Specification