Systems and methods for bridging a WAN accelerator with a security gateway
First Claim
1. A method comprising:
- (a) receiving, at a first network layer of a device, a network packet from a source, the network packet comprising a destination media access control address identifying a destination for the network packet and a source media access control address identifying an adapter type;
(b) determining, by the device, that the adapter type of the source is a physical network interface card instead of a local network interface of the device;
(c) modifying, by the device in response to the determination, the destination media access control address of the network packet to identify the local network interface of the device;
(d) applying, at the second network layer of the device, a policy to the network packet received from the first network layer;
(e) modifying, at the first network layer of the device, the destination media access control address of the network packet, received from the second network layer, to identify the media access control address of the destination; and
(f) transmitting, by the device, the network packet to the destination.
7 Assignments
0 Petitions
Accused Products
Abstract
The solution described herein provides systems and methods for the interoperability of network processing programs that process network packets at different levels of the network stack. This solution bridges the communications of a network packet between a first network processing program operating at a first level of a network stack in an intermediary and a second network processing program operating at a second level of the network stack of the intermediary. The first network processing program may modify an incoming network packet so that the packet may traverse the network stack to an upper level of the stack to the second network processing program. After processing the network packet at the upper layers of the stack or by the second network processing program, the first network processing program modifies the network pack in order to transmit the packet to the intended destination while traversing the intermediary.
116 Citations
20 Claims
-
1. A method comprising:
-
(a) receiving, at a first network layer of a device, a network packet from a source, the network packet comprising a destination media access control address identifying a destination for the network packet and a source media access control address identifying an adapter type; (b) determining, by the device, that the adapter type of the source is a physical network interface card instead of a local network interface of the device; (c) modifying, by the device in response to the determination, the destination media access control address of the network packet to identify the local network interface of the device; (d) applying, at the second network layer of the device, a policy to the network packet received from the first network layer; (e) modifying, at the first network layer of the device, the destination media access control address of the network packet, received from the second network layer, to identify the media access control address of the destination; and (f) transmitting, by the device, the network packet to the destination. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A system comprising:
-
a device configured to receive a network packet from a source, the network packet comprising a destination media access control address identifying a destination for the network packet and a source media access control address identifying an adapter type; a network optimization engine of the device configured to perform network acceleration techniques on network packets at the first network layer; a security gateway of the device configured to perform security functions on network packets at a second network layer different than the first network layer; wherein the network optimization engine is configured to determine that the adapter type of the source is a physical network interface card instead of a local network interface of the device and responsive to the determination, modify the destination media access control address of the network packet to identify the local network interface of the device; wherein the security gateway is configured to apply at the second network layer policy to the network packet received from the network optimization engine; wherein the network optimization engine is configured to modify at the first network layer, the destination media access control address of the network packet, received from the second network layer, to identify the media access control address of the destination; and wherein the device is configured to transmit the network packet to the destination. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
Specification