Intelligent integrated network security device for high-availability applications

US 8,631,113 B2
Filed: 09/14/2012
Issued: 01/14/2014
Est. Priority Date: 02/08/2002
Status: Expired due to Term

First Claim

Patent Images

1. A method comprising:

storing, by a first device and in a memory of the first device, first information relating to the first device operating as a primary security system;

storing, by the first device and in the memory of the first device, second information relating to the first device operating as a secondary security system,the first device operating as the secondary security system when a failover event, associated with a second device, has occurred,the second device being different than the first device;

determining, by the first device, whether the failover event has occurred;

processing, by the first device and using the first information, first packets when the failover event has not occurred; and

processing, by the first device and using the second information, second packets when the failover event has occurred,the second packets being intended for the second device.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods and apparatuses for inspecting packets are provided. A primary security system may be configured for processing packets. The primary security system may be operable to maintain flow information for a group of devices to facilitate processing of the packets. A secondary security system may be designated for processing packets upon a failover event. Flow records may be shared from the primary security system with the secondary security system.

79 Citations

View as Search Results

20 Claims

1. A method comprising:
- storing, by a first device and in a memory of the first device, first information relating to the first device operating as a primary security system;
  
  storing, by the first device and in the memory of the first device, second information relating to the first device operating as a secondary security system,the first device operating as the secondary security system when a failover event, associated with a second device, has occurred,the second device being different than the first device;
  
  determining, by the first device, whether the failover event has occurred;
  
  processing, by the first device and using the first information, first packets when the failover event has not occurred; and
  
  processing, by the first device and using the second information, second packets when the failover event has occurred,the second packets being intended for the second device.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, where determining whether the failover event has occurred includes:
    - receiving status information relating to the second device; and
      
      determining whether the failover event has occurred based on receiving the status information.
  - 3. The method of claim 1, where storing the second information includes:
    - receiving the second information from the second device; and
      
      storing the second information after receiving the second information.
  - 4. The method of claim 1, further comprising:
    - transmitting a portion of the first information to the second device at particular time intervals,the second device providing failover support, for the first device, using the portion of the first information.
  - 5. The method of claim 1, further comprising:
    - updating the first information to obtain updated first information; and
      
      transmitting the updated first information to the second device,the second device providing failover support, for the first device, based on the updated first information.
  - 6. The method of claim 1, further comprising:
    - determining that the failover event has occurred,where processing the second packets includes;
      
      receiving, after determining that the failover event has occurred, the second packets,the second packets being associated with a session processed by the second device prior to the failover event.
  - 7. The method of claim 1, where determining whether the failover event has occurred includes determining whether the failover event has occurred after the second information has been received.

8. A device comprising:
- a memory to store;
  
  first information relating to the device processing packets in a first flow of packets, andsecond information relating to the device processing packets in a second flow of packets,the second flow of packets being different than the first flow of packets,the packets, in the second flow of packets, being intended for processing by another device; and
  
  one or more processors to;
  
  determine whether a failover event, associated with the other device, has occurred,process, using the first information, the packets in the first flow of packets when the failover event has not occurred, andprocess, using the second information, the packets in the second flow of packets when the failover event has occurred.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The device of claim 8, where, when determining whether the failover event has occurred, the one or more processors are to:
    - determine that status information, relating to the other device, has not been received; and
      
      determine that the failover event has occurred based on determining that the status information has not been received.
  - 10. The device of claim 8, where the one or more processors are further to:
    - determine that the failover event has occurred based on one of;
      
      a failure of the other device, ora failure of a link to the other device.
  - 11. The device of claim 8, where the one or more processors are further to:
    - receive the second information prior to the failover event occurring.
  - 12. The device of claim 8, where the one or more processors are further to:
    - transmit, at particular time intervals, a portion of the first information to the other device,the other device processing, using the portion of the first information, the packets in the first flow of packets when a failover event, associated with the device, occurs.
  - 13. The device of claim 8, where, when transmitting the portion of the first information, the one or more processors are further to:
    - update the first information to obtain updated first information, andtransmit a portion of the updated first information to the other device.
  - 14. The device of claim 8, where the one or more processors are further to:
    - determine that the failover event has occurred,the packets in the second flow of packets being processed, using the second information, based on determining that the failover event has occurred, andresume processing the packets in the first flow of packets when the failover event is corrected.

15. A non-transitory computer-readable medium storing instructions, the instructions comprising:
- one or more instructions which, when executed by a first device, cause the first device to store first information relating to the first device processing packets in a first flow of packets;
  
  one or more instructions which, when executed by the first device, cause the first device to store second information relating to the first device processing packets in a second flow of packets,the second flow of packets being different than the first flow of packets,the packets, in the second flow of packets, being intended for processing by a second device that is different than the first device;
  
  one or more instructions which, when executed by the first device, cause the first device to determine whether a failover event, associated with the second device, has occurred;
  
  one or more instructions which, when executed by the first device, cause the first device to process, using the first information, the packets in the first flow of packets when the failover event has not occurred; and
  
  one or more instructions which, when executed by the first device, cause the first device to process, using the second information, the packets in the second flow of packets when the failover event has occurred.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The non-transitory computer-readable medium of claim 15, the instructions further comprising:
    - one or more instructions which, when executed by the first device, cause the first device to determine that the failover event has occurred;
      
      one or more instructions which, when executed by the first device, cause the first device to determine that the failover event is corrected; and
      
      one or more instructions which, when executed by the first device, cause the first device to resume processing the packets in the first flow of packets based on determining that the failover event is corrected.
  - 17. The non-transitory computer-readable medium of claim 15, the instructions further comprising:
    - one or more instructions which, when executed by the first device, cause the first device to receive the second information, from the second device, prior to the failover event occurring.
  - 18. The non-transitory computer-readable medium of claim 15, where the one or more instructions to determine whether the failover event has occurred include:
    - one or more instructions which, when executed by the first device, cause the first device to transmit information to the second device to determine whether the second device is operational; and
      
      one or more instructions which, when executed by the first device, cause the first device to determine whether the failover event has occurred based on transmitting the information to the second device.
  - 19. The non-transitory computer-readable medium of claim 15, the instructions further comprising:
    - one or more instructions which, when executed by the first device, cause the first device to receive information, relating to a failure of the second device, from a third device that monitors the second device,the third device being different than the first device and the second device; and
      
      one or more instructions which, when executed by the first device, cause the first device to determine that the failover event has occurred based on receiving the information relating to the failure of the second device.
  - 20. The non-transitory computer-readable medium of claim 15, the instructions further comprising:
    - one or more instructions which, when executed by the first device, cause the first device to determine that the failover event has occurred,where the one or more instructions to process, using the second information, the packets in the second flow of packets when the failover event has occurred include;
      
      one or more instructions which, when executed by the first device, cause the first device to receive, after determining that the failover event has occurred, the packets in the second flow of packets,where the packets, in the second flow of packets, are associated with a session processed by the second device prior to the failover event.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Juniper Networks Incorporated
Original Assignee
Juniper Networks Incorporated
Inventors
Zuk, Nir, Mao, Yu Ming, Guruswamy, Kowsik
Primary Examiner(s)
Duong, Oanh

Application Number

US13/616,706
Publication Number

US 20130067268A1
Time in Patent Office

487 Days
Field of Search

709223-224, 709/238, 709/248, 709/250, 711/1, 711/2, 711/4.11, 370/392, 370/401, 714/1, 714/2, 714/4.11
US Class Current

709/223
CPC Class Codes

G06F 11/2002   where interconnections or c...

H04L 63/0227   Filtering policies mail mes...

H04L 63/0236   Filtering by address, proto...

H04L 63/0428   wherein the data content is...

H04L 63/1416   Event detection, e.g. attac...

H04L 69/40   for recovering from a failu...

H04L 9/40   Network security protocols

Intelligent integrated network security device for high-availability applications

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

79 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Intelligent integrated network security device for high-availability applications

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

79 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links