Systems and methods for listening policies for virtual servers of appliance
First Claim
1. A method of using a listening policy for a virtual server on an intermediary device, the method comprising:
- (a) establishing for a first virtual server executing on an intermediary device deployed between a plurality of clients and one or more servers, a first listen policy, the first listen policy comprising an expression for evaluating packets received by the intermediary device to determine whether the packets may access the first virtual server;
(b) listening, by a packet engine of the intermediary device for a plurality of packets to be received at a network interface card of the intermediary device at a first internet protocol (IP) address and a first port specified for the first virtual server;
(c) evaluating, by a policy engine of the intermediary device, the expression of the first listen policy of the first virtual server and a second listen policy of a second virtual server to a first packet of the plurality of packets received by the packet engine at the first IP address and the first port; and
(d) determining, by the intermediary device responsive to the first packet matching both the first listen policy and the second listen policy, whether to provide the first packet received by the packet engine to the first virtual server or the second virtual server based on a result of the evaluation.
7 Assignments
0 Petitions
Accused Products
Abstract
The present invention is directed towards a method for using a listening policy for a virtual server on an intermediary device. An intermediary device establishes for a first virtual server a first listening policy with an expression for evaluating packets received by the intermediary device to determine whether the packet may access the first virtual server. The intermediary device listens for packets at a first internet protocol (IP) address and a first port specified for the first virtual server. Then, the intermediary device evaluates the expression of the first listening policy to a first packet received at the first IP address and first port and determines whether to provide the first packet to the first virtual server based on a result of the evaluation.
22 Citations
18 Claims
-
1. A method of using a listening policy for a virtual server on an intermediary device, the method comprising:
-
(a) establishing for a first virtual server executing on an intermediary device deployed between a plurality of clients and one or more servers, a first listen policy, the first listen policy comprising an expression for evaluating packets received by the intermediary device to determine whether the packets may access the first virtual server; (b) listening, by a packet engine of the intermediary device for a plurality of packets to be received at a network interface card of the intermediary device at a first internet protocol (IP) address and a first port specified for the first virtual server; (c) evaluating, by a policy engine of the intermediary device, the expression of the first listen policy of the first virtual server and a second listen policy of a second virtual server to a first packet of the plurality of packets received by the packet engine at the first IP address and the first port; and (d) determining, by the intermediary device responsive to the first packet matching both the first listen policy and the second listen policy, whether to provide the first packet received by the packet engine to the first virtual server or the second virtual server based on a result of the evaluation. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A system of using a listening policy for a virtual server on an intermediary device, the system comprising:
-
a first virtual server executing on an intermediary device deployed between a plurality of clients and one or more servers, the first virtual server configured to have a first listen policy, the first listen policy comprising an expression for evaluating packets received by the intermediary device to determine whether the packets may access the first virtual server; a packet engine of the intermediary device listening for a plurality of packets to be received at a network interface card of the intermediary device at a first internet protocol (IP) address and a first port specified for the first virtual server; a policy engine of the intermediary device evaluating the expression of the first listen policy of the first virtual server and a second listen policy of a second virtual server to a first packet of the plurality of packets received by the packet engine at the first IP address and the first port; and wherein the intermediary device determines responsive to the first packet matching both the first listen policy and the second listen policy, whether to provide the first packet received by the packet engine to the first virtual server or the second virtual server based on a result of the evaluation. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
Specification