Unlock instant, AI-driven research and patent intelligence for your innovation.

A firewall device based on ACP framework

A firewall and device technology, applied in the field of network security, can solve the problems of difficulty in increasing the new connection rate of the firewall, occupying the PCI bus bandwidth, and the configuration execution time of the session connection table is long, so as to shorten the sending execution time, save the resources of the CPU, save the Effects of configuring execution time

Active Publication Date: 2010-04-21
深圳市恒扬数据股份有限公司
View PDF2 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0010] The purpose of the present invention is to provide a hardware firewall device based on the ACP architecture, aiming to solve the existing problem in the prior art. The number of reported first packets that can be processed within the network is reduced, and the PCI bus is operated multiple times, occupying the bandwidth of the PCI bus, resulting in a long execution time for the configuration of the session connection table, and it is difficult to increase the new connection rate of the firewall

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A firewall device based on ACP framework
  • A firewall device based on ACP framework
  • A firewall device based on ACP framework

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0027] In order to make the object, technical solution and advantages of the present invention clearer, the present invention will be further described in detail below in conjunction with the accompanying drawings and embodiments. It should be understood that the specific embodiments described here are only used to explain the present invention, not to limit the present invention.

[0028] Such as figure 2 As shown, the CPU 12 regularly obtains the free address pointer of the external RAM 16 of the PCI bridge, and writes the free address pointer into the address RAM 214 by the PCI Target module 206 through the PCI bridge 14 . When the packet sending module 202 receives a first packet packet for which no session connection has been established, it writes the first packet packet into the cache module 204 . The DMA control module 212 obtains the free address pointer of the PCI bridge chip external RAM 16 from the address RAM 214, and then writes the first packet message in the ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

This invention provides a hardware fire wall device based on an ACP structure, in which, CPU prepares session connection lists and a first package of messages in RAM of PCI and sends related information of its address pointer and data length to chip ASIC, which finishes the successive work only in stead of CPU, so that CPU resource is saved, at the same time, chip ASIC reads session connection list in the way of Burst Read to increase data transmission efficiency of PCI bus line and reduce configuration time of session connection lists, after that, chip ASIC reads messages in the mode of BurstRead and it' s not necessary for CPU to inquire if the session connection lists are configured so as to reduce transmission time of the first package of messages.

Description

technical field [0001] The invention belongs to the field of network security, in particular to a firewall device based on the ACP architecture. Background technique [0002] The new connection rate (Connection Per Second, CPS) is the maximum number of Transmission Control Protocol (Transmission Control Protocol, TCP) or User Datagram Protocol (User Datagram Protocol, UDP) connections that the firewall can create per second, and it is a measure of the state An important performance indicator for detecting firewalls. The new connection rate of the firewall directly affects the firewall's response to service requests from the Internet. If the new connection rate of the firewall is not high enough, when many Internet users request network services at the same time, the firewall will discard the requests that have not established connections, so that some users cannot access the target network. [0003] Such as figure 1 As shown, in the ACP (ASIC chip+CPU+PCI bus) architectur...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L12/56H04L12/22H04L9/00
Inventor 陈龙森陈鹏王峻邓子星
Owner 深圳市恒扬数据股份有限公司
Features
  • R&D
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More