×

Systems and methods for implementing a protocol-aware network firewall

  • US 9,077,685 B2
  • Filed: 09/22/2011
  • Issued: 07/07/2015
  • Est. Priority Date: 11/08/2005
  • Status: Expired due to Fees
First Claim
Patent Images

1. A method comprising:

  • receiving packets in a first network device;

    storing a first table including first criteria, wherein the first criteria identify session initiation packets used to create a session or session termination packets used to terminate the session, wherein the first criteria include a destination IP address and an associated destination port;

    storing a second table including second criteria, wherein the second criteria identify packets in the session created by the session initiation packets, wherein the second criteria include a source IP address and an associated source port, and a destination IP address and an associated destination port;

    determining, in a first processor, whether each of the received packets meets the first criteria in the first table;

    determining, in the first processor, that each of a first set of the received packets meets the first criteria;

    transmitting each of the first set of the received packets that the first processor has determined meets the first criteria to a second network device including a second processor different than the first processor;

    determining, in the first processor, that each of a second set of the received packets does not meet the first criteria;

    determining, in the first processor in response to each determination that the corresponding received packet in the second set does not meet the first criteria, whether the corresponding received packet in the second set meets the second criteria; and

    transmitting, in response to each determination that the corresponding received packet in the second set meets the second criteria, the corresponding packet toward a destination.

View all claims
  • 2 Assignments
Timeline View
Assignment View
    ×
    ×