×

Computerized system and method for handling network traffic

  • US 8,495,200 B2
  • Filed: 07/26/2012
  • Issued: 07/23/2013
  • Est. Priority Date: 01/13/2006
  • Status: Active Grant
First Claim
Patent Images

1. A method comprising:

  • initiating a service daemon process within a firewall coupled to a plurality of virtual domains, wherein the service daemon process handles content processing of network traffic for all of the plurality of virtual domains by aggregating communication channels associated with the plurality of virtual domains and by applying to the network traffic an appropriate content processing policy corresponding to a virtual domain of the plurality of virtual domains with which the network traffic is associated;

    receiving, by the firewall, a first connection request involving a first network entity of a first virtual domain of the plurality of virtual domains;

    establishing a first communication channel for the first virtual domain between a kernel of the firewall and the service daemon process to transfer at least a portion of network traffic for the first virtual domain between the service daemon process and the kernel;

    configuring the service daemon process to perform content processing in accordance with a first content processing policy of the first virtual domain;

    performing, by the service daemon process, content processing of the transferred network traffic for the first virtual domain based on the first content processing policy;

    receiving, by the firewall, a second connection request involving a second network entity of a second virtual domain of the plurality of virtual domains;

    establishing a second communication channel for the second virtual domain between the kernel and the service daemon process to transfer at least a portion of network traffic for the second virtual domain between the service daemon process and the kernel;

    configuring the service daemon process to perform content processing in accordance with a second content processing policy of the second virtual domain; and

    performing, by the service daemon process, content processing of the transferred network traffic for the second virtual domain based on the second content processing policy; and

    causing to be retrieved, by the firewall, information regarding the first content processing policy from a configuration database based on an attribute of the first communication channel.

View all claims
  • 0 Assignments
Timeline View
Assignment View
    ×
    ×