Access, priority and bandwidth management based on application identity
First Claim
Patent Images
1. A method of controlling packet flow, comprising:
- receiving, from a sending node by a packet processor of a security node, packets destined for one or more resources, the sending node inserting an application identifier into a respective one of the packets responsive to determining that the respective one of the packets is sent from a first application registered with the security node and that the first registered application is invoked for execution by a second application registered with the security node;
determining, by the packet processor for each of the received packets, whether a respective application identifier has been inserted by the sending node; and
controlling, by the packet processor for the received packets determined to have an inserted application identifier, a packet flow of the corresponding packets being sent from the security node by establishing one or more of a priority or a bandwidth of the corresponding packets to the one or more resources.
8 Assignments
0 Petitions
Accused Products
Abstract
A method or system for managing packet flow is disclosed. The packets each include an inserted application identifier identifying a registered application. The method includes receiving packets destined for one or more resources, determining, by a packet processor, the inserted application identifier for each of the respective packets received and managing the packet flow of each received packet sent from a security node based at least in part on the inserted application identifier of the received packet.
208 Citations
20 Claims
-
1. A method of controlling packet flow, comprising:
-
receiving, from a sending node by a packet processor of a security node, packets destined for one or more resources, the sending node inserting an application identifier into a respective one of the packets responsive to determining that the respective one of the packets is sent from a first application registered with the security node and that the first registered application is invoked for execution by a second application registered with the security node; determining, by the packet processor for each of the received packets, whether a respective application identifier has been inserted by the sending node; and controlling, by the packet processor for the received packets determined to have an inserted application identifier, a packet flow of the corresponding packets being sent from the security node by establishing one or more of a priority or a bandwidth of the corresponding packets to the one or more resources. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A security node for managing packet flow between a sending node and one or more resources on a network, comprising:
-
a registration unit configured for registering applications that are authorized to access the one or more resources on the network; and a packet processor comprising circuitry configured for; receiving, from the sending node, packets destined for the one or more resources, the sending node inserting an application identifier into a respective one of the packets responsive to determining that the respective one of the packets is sent from a first application registered with the security node and that the first registered application is invoked for execution by a second application registered with the security node; determining, for each of the received packets, whether a respective application identifier has been inserted by the sending node; controlling, for the received packets determined to have an inserted application identifier, a packet flow of the packets being sent from the security node by establishing one or more of a priority or a bandwidth of the corresponding packets to the one or more resources. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20)
-
Specification