Rule swapping in a packet network
DC CAFCFirst Claim
Patent Images
1. A method comprising:
- preprocessing, by a network device, a first rule set and a second rule set;
configuring the network device to process packets in accordance with the first rule set;
receiving, after the preprocessing and the configuring, by the network device, a plurality of packets;
processing, by the network device, a first portion of the plurality of packets in accordance with the first rule set;
signaling the network device to process packets in accordance with the second rule set; and
responsive to the signaling;
ceasing processing of one or more packets;
caching the one or more packets;
reconfiguring the network device to process packets in accordance with the second rule set;
signaling completion of reconfiguration to process packets in accordance with the second rule set; and
responsive to the signaling completion of reconfiguration, processing the one or more cached packets in accordance with the second rule set.
2 Assignments
Litigations
1 Petition
Accused Products
Abstract
In some variations, first and second rule sets may be received by a network protection device. The first and second rule sets may be preprocessed. The network protection device may be configured to process packets in accordance with the first rule set. Packets may be received by the network protection device. A first portion of the packets may be processed in accordance with the first rule set. The network protection device may be reconfigured to process packets in accordance with the second rule set. A second portion of the packets may be processed in accordance with the second rule set.
-
Citations
20 Claims
-
1. A method comprising:
-
preprocessing, by a network device, a first rule set and a second rule set; configuring the network device to process packets in accordance with the first rule set; receiving, after the preprocessing and the configuring, by the network device, a plurality of packets; processing, by the network device, a first portion of the plurality of packets in accordance with the first rule set; signaling the network device to process packets in accordance with the second rule set; and responsive to the signaling; ceasing processing of one or more packets; caching the one or more packets; reconfiguring the network device to process packets in accordance with the second rule set; signaling completion of reconfiguration to process packets in accordance with the second rule set; and responsive to the signaling completion of reconfiguration, processing the one or more cached packets in accordance with the second rule set. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A system comprising:
-
a plurality of processors; and a memory comprising instructions that when executed by at least one processor of the plurality of processors cause the system to; preprocess a first rule set and a second rule set; configure the system to process packets in accordance with the first rule set; receive, after the preprocess and the configure, a plurality of packets; process a first portion of the plurality of packets in accordance with the first rule set; signal to process packets in accordance with the second rule set; and responsive to the signal to process packets in accordance with the second rule set; cease processing of one or more packets; cache the one or more packets; reconfigure the system to process packets in accordance with the second rule set; signal completion of reconfiguration to process packets in accordance with the second rule set; and responsive to the signal of completion of reconfiguration, process the one or more cached packets in accordance with the second rule set. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
-
17. One or more non-transitory computer-readable media comprising instructions that when executed by a computing system cause the computing system to:
-
preprocess a first rule set and a second rule set; configure the computing system to process packets in accordance with the first rule set; receive a plurality of packets; process a first portion of the plurality of packets in accordance with the first rule set; signal to process packets in accordance with the second rule set; and responsive to the signal to process packets in accordance with the second rule set; cease processing of one or more packets; cache the one or more packets; reconfigure the computing system to process packets in accordance with the second rule set; signal completion of reconfiguration to process packets in accordance with the second rule set; and responsive to the signal of completion of reconfiguration, process the one or more cached packets in accordance with the second rule set. - View Dependent Claims (18, 19, 20)
-
Specification