Integrated firewall, IPS, and virus scanner system and method
First Claim
Patent Images
1. A method, comprising:
- processing content received at a router with a security sub-system, wherein the security sub-system includes a plurality of virtual firewalls, a plurality of virtual intrusion prevention systems (IPSs), a plurality of virtual virus scanners, and a plurality of content filtering modules, wherein each of the virtual firewalls, IPSs, virus scanners, and content filtering modules are assigned to at least one of a plurality of users;
exchanging state information with a different security sub-system on a different router to support a failover, the state information including an active status or a standby status per port;
renegotiating a respective status of each security sub-system component for a port if the exchange state information indicates that both the security sub-system component and the different security sub-system are active for the port; and
prohibiting certain details associated with policies applied above a user'"'"'s domain from being displayed to a particular one of the users, wherein the policies relate to the virtual firewalls, IPSs, virus scanners, and content filtering modules.
9 Assignments
0 Petitions
Accused Products
Abstract
A system, method and computer program product are provided including a router and a security sub-system coupled to the router. Such security sub-system includes a plurality of virtual firewalls, a plurality of virtual intrusion prevention systems (IPSs), and a plurality of virtual virus scanners. Further, each of the virtual firewalls, IPSs, and virus scanners is assigned to at least one of a plurality of user and is configured in a user-specific.
-
Citations
20 Claims
-
1. A method, comprising:
-
processing content received at a router with a security sub-system, wherein the security sub-system includes a plurality of virtual firewalls, a plurality of virtual intrusion prevention systems (IPSs), a plurality of virtual virus scanners, and a plurality of content filtering modules, wherein each of the virtual firewalls, IPSs, virus scanners, and content filtering modules are assigned to at least one of a plurality of users; exchanging state information with a different security sub-system on a different router to support a failover, the state information including an active status or a standby status per port; renegotiating a respective status of each security sub-system component for a port if the exchange state information indicates that both the security sub-system component and the different security sub-system are active for the port; and prohibiting certain details associated with policies applied above a user'"'"'s domain from being displayed to a particular one of the users, wherein the policies relate to the virtual firewalls, IPSs, virus scanners, and content filtering modules. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. Logic encoded in non-transitory media that includes code for execution and when executed by a processor operable to perform operations comprising:
-
processing content received at a router with a security sub-system component of the router, wherein the security sub-system includes a plurality of virtual firewalls, a plurality of virtual intrusion prevention systems (IPSs), a plurality of virtual virus scanners, and a plurality of content filtering modules, wherein each of the virtual firewalls, IPSs, virus scanners, and content filtering modules are assigned to at least one of a plurality of users; and exchanging state information with a different security sub-system on a different router to support a failover, the state information including an active status or a standby status per port; renegotiating a respective status of each security sub-system component for a port if the exchange state information indicates that both the security sub-system component and the different security sub-system are active for the port; and prohibiting certain details associated with policies applied above a user'"'"'s domain from being displayed to a particular one of the users, wherein the policies relate to the virtual firewalls, IPSs, virus scanners, and content filtering modules. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. An apparatus, comprising:
-
a memory element; a processor coupled to the memory element; and an analyzer module configured to interface with the processor such that the apparatus is configured for; processing content received at a router with a security sub-system component of the router, wherein the security sub-system includes a plurality of virtual firewalls, a plurality of virtual intrusion prevention systems (IPSs), a plurality of virtual virus scanners, and a plurality of content filtering modules, wherein each of the virtual firewalls, IPSs, virus scanners, and content filtering modules are assigned to at least one of a plurality of users; and exchanging state information with a different security sub-system on a different router to support a failover, the state information including an active status or a standby status per port; renegotiating a respective status of each security sub-system component for a port if the exchange state information indicates that both the security sub-system component and the different security sub-system are active for the port; and prohibiting certain details associated with policies applied above a user'"'"'s domain from being displayed to a particular one of the users, wherein the policies relate to the virtual firewalls, IPSs, virus scanners, and content filtering modules. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification