Method for implementing several network security functions with one chip

A network security and chip technology, applied in the direction of network interconnection, data exchange network, data exchange details, etc., can solve the problems that the size of the routing table and NAT table cannot be too large, limit the scope of application, limit performance, etc., and achieve high speed Effects of processing power, CPU resource saving, and system cost reduction

Inactive Publication Date: 2008-07-02
BEIJING TOPSEC NETWORK SECURITY TECH
View PDF1 Cites 14 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The disadvantage of this scheme is: to process each message, the route in the routing table must be searched again to match the address translation rules in the NAT table, so the performance will be greatly limited; in addition, the size of the routing table and the NAT table are not It may be too large, which also seriously limits its practical application range
[0009] The above solutions have shortcomings, either their performance is not high, or the performance in complex applications is not high, and they cannot meet the growing needs of customers.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for implementing several network security functions with one chip

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0028] The specific implementation of the present invention will be further described below in conjunction with accompanying drawing:

[0029] The present invention proposes a method for realizing multiple network security functions with a single chip, the method is based on the firewall of the FPGA (Field Programmable Gate Array) / ASIC (Application Specific Integrated Circuit, Application Specific Integrated Circuit) chip architecture, to overcome CPU (Central Processing Unit, central processing unit), PCI (Peripheral Controller Interface, peripheral controller interface) bus bandwidth limits the performance of network security equipment, realizes a breakthrough in the performance of network security equipment, reduces the cost of network security solutions, and reduces Networking cost.

[0030] The invention simultaneously realizes two-layer exchange and firewall connection table on one chip, and realizes multiple network security functions with a single chip. Layer 2 switch...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method of realizing multiterm network safety function by using a single chip. The method comprises the following steps: the chip carries out an analysis to the received message and obtains the content of the crucial fields about inputting the message; according to the analysis result, double layer process is carried out and the MAC table is used for research; if the research of the MAC table hits target, then a source IP, ,a target IP, a source port, a target port and a protocol in the analyzed message are used for looking for the firewall connection table; if not hit target, then the content is sent to the CPU and the CPU make a further process; if the research for the firewall connection table hits target, the message is carried out the corresponding process according to the marks in the firewall connection table; if failing not hit target, then be sent to the CPU and the CPU makes a further process. The invention improves the system performance of the network and reduces the system cost.

Description

technical field [0001] The invention relates to the technical field of network security and networking, in particular to a method for realizing multiple network security functions with a single chip. Background technique [0002] With the continuous development of network technology, the network has become an indispensable tool in social life. Enterprises as small as soho (home office) and as large as tens of thousands of people have established their own networks. What happened is that the harm caused by network viruses and hackers is getting bigger and bigger, each time is more frequent, the scope of influence is getting bigger every time, and the losses caused are getting more serious every time. Faced with this situation, all enterprises with networks have to seriously consider the security of their own networks. To solve network security, of course, cannot do without network security equipment. Currently, the network security equipment on the market adopts the followi...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L12/04H04L12/24H04L29/02H04L29/06H04L12/46H04L12/56
Inventor 沈利军万鹤林邹希良曾涛王万亭
Owner BEIJING TOPSEC NETWORK SECURITY TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap