Efficient Use of IPSEC Tunnels in Multi-Path Environment
First Claim
1. A system for securing network traffic over one or more connections to a computing device, the system comprising:
- an IPsec encoder configured to obtain a datagram and encode a datagram, wherein the IPsec encoder includes at least one IPsec security association that is associated with a computing entity;
a packet analyzer configured to associate a first set of metadata with the encoded datagram; and
a gateway to transmit the encoded datagram using one of a plurality of connections to the computing device.
7 Assignments
0 Petitions
Accused Products
Abstract
A system and method is provided for securing network traffic across a plurality of connections to a computing device without requiring each connection to have its own security association. The system can include an IPsec encoder configured to obtain a datagram and encode a datagram, wherein the IPsec encoder includes a security association that is associated with a computing entity, a packet analyzer configured to associate metadata with the encoded datagram, and a gateway to transmit the encoded datagram using one of the plurality of connections to the computing device.
-
Citations
20 Claims
-
1. A system for securing network traffic over one or more connections to a computing device, the system comprising:
-
an IPsec encoder configured to obtain a datagram and encode a datagram, wherein the IPsec encoder includes at least one IPsec security association that is associated with a computing entity; a packet analyzer configured to associate a first set of metadata with the encoded datagram; and a gateway to transmit the encoded datagram using one of a plurality of connections to the computing device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method for securing network traffic over one or more connections to a computing device, the method being performed by one or more processors and comprising:
-
obtaining a datagram; encoding the datagram using an encoding consistent with IPsec wherein at least one IPsec security association is associated with a first computing entity; associating metadata with the encoded datagram; and transmitting the encoded datagram across one of a plurality of connections to the computing device. - View Dependent Claims (10, 11, 12, 13, 14)
-
-
15. A non-transitory computer readable storage medium storing instructions that are executable by one or more processors of a first computing device to cause the first computing device to perform a method for securing network traffic over one or more connections to a second computing device, the method comprising:
-
obtaining a datagram; encoding the datagram using an encoding consistent with IPsec wherein at least one IPsec security association is associated with a first computing entity; associating metadata with the encoded datagram; and transmitting the encoded datagram across one of a plurality of connections to the second computing device. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification