Intrusion detection and prevention processing within network interface circuitry
First Claim
1. A network interface controller (NIC) configured to couple a host to a network, the NIC coupled to the host via a host bus, and the host configured to operate a plurality of virtual machines, the NIC configured to:
- receive at least one data frame, the at least one data frame including at least a source network address and indication of at least one destination network address,determine if the received data frame is a frame on which additional processing should occur;
based on a result of the determining step, cause the frame to be provided to the host, via the host bus, for the host to perform the additional processing; and
receive, via the host bus, the frame on which additional processing has been performed and steer the frame to a destination based on the at least one destination address.
9 Assignments
0 Petitions
Accused Products
Abstract
A network interface controller (NIC) is configured to couple a host to a network. The NIC coupled to the host via a host bus, and the host is configured to operate a plurality of virtual machines. The NIC is configured to receive at least one data frame, the at least one data frame including at least a source network address and indication of at least one destination network address; determine if the received data frame is a frame on which additional processing should occur; based on a result of the determining step, cause the frame to be provided to the host, via the host bus, for the host to perform the additional processing; and receive, via the host bus, the frame on which additional processing has been performed and steer the frame to a destination based on the at least one destination address.
-
Citations
29 Claims
-
1. A network interface controller (NIC) configured to couple a host to a network, the NIC coupled to the host via a host bus, and the host configured to operate a plurality of virtual machines, the NIC configured to:
-
receive at least one data frame, the at least one data frame including at least a source network address and indication of at least one destination network address, determine if the received data frame is a frame on which additional processing should occur; based on a result of the determining step, cause the frame to be provided to the host, via the host bus, for the host to perform the additional processing; and receive, via the host bus, the frame on which additional processing has been performed and steer the frame to a destination based on the at least one destination address. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A network interface controller (NIC) configured to couple a host to a network, the NIC coupled to the host via a host bus, and the host configured to operate a plurality of virtual machines, the NIC including a data frame processing pipeline configured to:
-
receive at least one data frame, the at least one data frame including at least a source network address and indication of at least one destination network address, based on an indication in the data frame, determine if the received data frame is a frame on which additional processing should occur; based on a result of the determining step, cause the frame to be provided to the host, via the host bus, for the host to perform the additional processing; and receive, via the host bus, the frame on which additional processing has been performed and provide the frame to a destination based on the indication of the at least one destination address. - View Dependent Claims (8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23)
-
-
24. A network interface controller (NIC) configured to couple a host to a network, the NIC coupled to the host via a host bus, and the host configured to operate a plurality of virtual machines, the NIC configured to:
-
receive at least one data frame, the at least one data frame including at least a source network address and indication of at least one destination network address, determine if the received data frame is a frame on which additional processing should occur; based on a result of the determining step, cause the frame to be provided for additional processing prior to providing the frame to a destination; and receive the frame on which additional processing has been performed and steer the frame to the destination based on the at least one destination address. - View Dependent Claims (25, 26, 27, 28, 29)
-
Specification