High availability for network security devices

A technology of network equipment and high availability, which is applied in the field of computer networks, and can solve problems such as preventing the active use of high availability of IDP equipment
CN102123076AActive Publication Date: 2011-07-13JUMIPER NETWORKS INC
8 Cites 23 Cited by

Patent Information

Authority / Receiving Office
CN · China
Current Assignee / Owner
JUMIPER NETWORKS INC
Publication Date
2011-07-13

Smart Images

  • Figure 1
    Figure 1
  • Figure 2
    Figure 2
  • Figure 3
    Figure 3
Patent Text Reader

Abstract

The invention provides methods, devices and systems of high availability for network security devices. In one example, a backup intrusion detection and prevention (IDP) device includes one or more network interfaces to receive a state update message from a primary IDP device, wherein the state update message indicates a network session being inspected by the primary IDP device and an identified application-layer protocol for the device, to receive an indication that the primary device has switched over or failed over to the backup device, and to receive a plurality of packets of the network session after receiving the indication, each of the plurality of packets comprising a respective payload including application-layer data, a protocol decoder to detect a beginning of a new transaction from the application-layer data of one of the plurality of packets, and a control unit to statefully process only the application-layer data of the network session that include and follow the beginning of the new transaction.
Need to check novelty before this filing date? Find Prior Art

Description

Technical field

[0001] The present disclosure relates to computer networks, and more specifically, to security devices used in computer networks. Background technique

[0002] The goal of a high-availability computer network environment is to provide users and other entities with "always-on" services. That is, a high-availability computer network environment should provide reliable, continuous-running services. In order to achieve this goal, network devices in a high-availability environment perform error detection and perform recoverability from detected errors. Unfortunately, network equipment sometimes fails. For example, a software or hardware problem or power failure in the security device can cause all or part of the security device to stop working.

[0003] When a network device fails, all network communication flows through the failed network device will stop. For companies that rely on such network traffic, even if such failures only occur for a short time, this is una...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More