Security processing in active security devices
First Claim
Patent Images
1. A method for processing packets at a first security device, the method comprising:
- receiving a packet at the first security device;
determining whether the packet is associated with a previously assigned flow;
in the event that the packet is not associated with the previously assigned flow;
storing a new flow relating to the packet in the first security device; and
notifying a distinct second security device that the new flow is stored in the first security device;
in the event that the packet is associated with the previously assigned flow;
determining whether the packet is associated with a flow assigned to the distinct second security device;
in the event that the packet is determined to be associated with the flow assigned to the distinct second security device;
sending the packet to the distinct second security device;
after the distinct second security device performs security processing using the packet, receiving from the distinct second security device a message regarding the packet; and
transmitting the packet;
in the event that the packet is not associated with the flow assigned to the distinct second security device, classifying, using the first security device, a second flow according to an application associated with the second flow, the packet being associated with the second flow.
1 Assignment
0 Petitions
Accused Products
Abstract
Methods, systems, and apparatus, including computer program products, featuring receiving at a first security device a packet. The first security device determines that the packet is associated with a flow assigned to a distinct second security device. The first security device sends the packet to the second security device. After the second security device performs security processing using the packet, the first security device receives from the second security device a message regarding the packet. The first security device transmits the packet.
39 Citations
32 Claims
-
1. A method for processing packets at a first security device, the method comprising:
-
receiving a packet at the first security device; determining whether the packet is associated with a previously assigned flow; in the event that the packet is not associated with the previously assigned flow; storing a new flow relating to the packet in the first security device; and notifying a distinct second security device that the new flow is stored in the first security device; in the event that the packet is associated with the previously assigned flow; determining whether the packet is associated with a flow assigned to the distinct second security device; in the event that the packet is determined to be associated with the flow assigned to the distinct second security device; sending the packet to the distinct second security device; after the distinct second security device performs security processing using the packet, receiving from the distinct second security device a message regarding the packet; and transmitting the packet; in the event that the packet is not associated with the flow assigned to the distinct second security device, classifying, using the first security device, a second flow according to an application associated with the second flow, the packet being associated with the second flow. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 32)
-
-
11. A computer program product, encoded on a non-transitory computer-readable medium, comprising computer instructions that when executed cause a first security device to perform operations comprising:
-
receiving a packet at the first security device; determining whether the packet is associated with a previously assigned flow; in the event that the packet is not associated with the previously assigned flow; storing a new flow relating to the packet in the first security device; and notifying a distinct second security device that the new flow is stored in the first security device; in the event that the packet is associated with the previously assigned flow; determining whether the packet is associated with a flow assigned to the distinct second security device; in the event that the packet is determined to be associated with the flow assigned to the distinct second security device; sending the packet to the distinct second security device; after the distinct second security device performs security processing using the packet, receiving from the distinct second security device a message regarding the packet; and transmitting the packet; in the event that the packet is not associated with the flow assigned to the distinct second security device, classifying a second flow according to an application associated with the second flow, the packet being associated with the second flow. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
-
21. A system comprising:
-
a first security device comprising one or more processors and one or more network interfaces; where the first security device has encoded on a computer-readable medium instructions operable to cause one or more of the processors of the first security device to perform operations comprising; receiving a packet at the first security device using one of the network interfaces; determining whether the packet is associated with a previously assigned flow; in the event that the packet is not associated with the previously assigned flow; storing a new flow relating to the packet in the first security device; and notifying a distinct second security device that the new flow is stored in the first security device; in the event that the packet is associated with the previously assigned flow; determining whether the packet is associated with a flow assigned to the distinct second security device; in the event that the packet is determined to be associated with the flow assigned to the distinct second security device; sending the packet to the distinct second security device; after the distinct second security device performs security processing using the packet, receiving from the distinct second security device a message regarding the packet; and transmitting the packet using one of the network interfaces; in the event that the packet is not associated with the flow assigned to the distinct second security device, classifying a second flow according to an application associated with the second flow, the packet being associated with the second flow. - View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30, 31)
-
Specification