Distributed multi-processing security gateway
First Claim
Patent Images
1. A network gateway system comprising:
- a plurality of processors; and
a memory communicatively coupled to the processors, the memory storing instructions, the instruction being executable by at least one of the processors to perform a method comprising;
receiving a session request for a session between a host and a server, the session request including a first network address and a second network address;
selecting a proxy network address for the host using at least one of the first network address and a network gateway network address;
associating a first processor with a first processor identity, the first processorprocessing a first data packet received from a host side session,modifying the first data packet by substituting the first network address in the first data packet with the selected proxy network address, andproviding the modified first data packet to a server side session; and
associating a second processor with a second processor identity, the second processor processing a second data packet received from the server side session.
1 Assignment
0 Petitions
Accused Products
Abstract
Systems and methods for a distributed multi-processing security gateway establishes a host side session, selects a proxy network address for a server based on network information, and using the proxy network address to establish a server side session. The proxy network address is selected such that a same processing element is assigned to process data packets from the server side session and the host side session. The network information includes a security gateway network address and a host network address. By assigning processing elements in this manner, higher capable security gateways are provided.
-
Citations
20 Claims
-
1. A network gateway system comprising:
-
a plurality of processors; and a memory communicatively coupled to the processors, the memory storing instructions, the instruction being executable by at least one of the processors to perform a method comprising; receiving a session request for a session between a host and a server, the session request including a first network address and a second network address; selecting a proxy network address for the host using at least one of the first network address and a network gateway network address; associating a first processor with a first processor identity, the first processor processing a first data packet received from a host side session, modifying the first data packet by substituting the first network address in the first data packet with the selected proxy network address, and providing the modified first data packet to a server side session; and associating a second processor with a second processor identity, the second processor processing a second data packet received from the server side session. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method for providing a network gateway comprising:
-
receiving by the network gateway a session request for a session between a host and a server, the network gateway including a plurality of processors, the session request including a first network address and a second network address; selecting by the network gateway a proxy network address for the host using at least one of the first network address and a network gateway network address; associating a first processor with a first processor identity, the first processor processing a first data packet received from a host side session, modifying the first data packet by substituting the first network address in the first data packet with the selected proxy network address, and providing the modified first data packet to a server side session; and associating a second processor with a second processor identity, the second processor processing a second data packet received from the server side session. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A non-transitory computer-readable storage medium having embodied thereon a program, the program being executable by a processor to perform a method for providing a network gateway, the method comprising:
-
receiving a session request for a session between a host and a server, the network gateway including a plurality of processors, the session request including a first network address and a second network address; selecting a proxy network address for the host using at least one of the first network address and a network gateway network address; associating a first processor with a first processor identity, the first processor processing a first data packet received from a host side session, modifying the first data packet by substituting the first network address in the first data packet with the selected proxy network address, and providing the modified first data packet to a server side session; and associating a second processor with a second processor identity, the second processor processing a second data packet received from the server side session.
-
Specification