Routing device having integrated MPLS-aware firewall

A firewall and stateful firewall technology, applied in the field of computer networks, can solve the problems of increasing the number of devices, increasing the configuration and management burden of service providers, etc.

Active Publication Date: 2010-02-24
JUMIPER NETWORKS INC
View PDF2 Cites 20 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, the deployment of these firewall appliances increases the number of appliances that service providers must manage and deploy
This increases the

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Routing device having integrated MPLS-aware firewall
  • Routing device having integrated MPLS-aware firewall
  • Routing device having integrated MPLS-aware firewall

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0030] figure 1 is a block diagram illustrating an exemplary network environment 2 in which a service provider network 4 provides connectivity between customer virtual private network (VPN) sites 6A-6N (collectively VPN sites 6). exist figure 1 In the example of , VPN site 6 includes customer edge (CE) routers 8A-8N connected to provider edge (PE) routers 10A-10N of service provider network 4 via network links 16A-16N.

[0031] In one example, the service provider network 4 supports a provider provisioned VPN (PPVPN). PE routers 10A-10N (collectively PE routers 10) route messages for customer VPN sites 6 through service provider network 4 and possibly through other intermediate networks. The service provider network typically includes a set of PE routers 10 at the edge of the network interconnected with internal routers and other network devices via high-speed network links. Such as figure 1 As shown, the internal router may be a Label Switching Router (LSR) providing a Mu...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

An MPLS-aware firewall allows firewall security policies to be applied to MPLS traffic. The firewall, which may be integrated within a routing device, can be configured into multiple virtual security systems. The routing device provides a user interface by which a user specifies one or more zones to be recognized by the integrated firewall when applying stateful firewall services to the packets. The user interface allows the user to define different zones and policies for different ones of the virtual security systems. In addition, the user interface supports a syntax that allows the user to define the zones for the firewall by specifying the customer VPNs as interfaces associated with the zones. The routing device generates mapping information for the integrated firewall to map the customer VPNs to specific MPLS labels for the MPLS tunnels carrying the customer's traffic.

Description

technical field [0001] The present invention relates to computer networks, and more particularly, to network devices for routing data packets within computer networks. Background technique [0002] A computer network is a collection of interconnected computing devices that exchange data and share resources. In packet-based networks, such as the Internet, computing devices communicate data by dividing the data into small chunks called packets. The data packets are respectively routed from the source device to the destination device through the network. The destination device extracts the data from the packets and assembles the data into its original form. Dividing the data into packets enables the source device to retransmit only those individual packets that may have been lost during transmission. [0003] A private network may include multiple devices, such as computers, owned or managed by a single enterprise. These devices may be grouped into site networks, and these ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L12/56H04L29/10H04L12/46H04L45/50H04L45/60
CPCH04L45/04H04L12/4633H04L45/50H04L63/0272H04L63/0227H04L12/4641H04L45/60
Inventor 卡纳安·瓦拉德汉若昂·坎佩洛·F·N·戈梅斯
Owner JUMIPER NETWORKS INC
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap