Unlock instant, AI-driven research and patent intelligence for your innovation.

Intelligent integrated network security device for high-availability applications

A technology of security equipment and equipment, applied in the direction of data exchange network, security communication device, instrument, etc., can solve the problems of slow proxy server, difficult to modify, complex implementation of proxy server, etc.

Active Publication Date: 2012-04-25
JUMIPER NETWORKS INC
View PDF8 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Proxy servers can be slow due to the accompanying protocol stack overhead of inspecting packets in the application layer
Also, since a unique proxy server may be required for each application, proxy server implementations can be complex and difficult to modify to support new applications
In addition, since the proxy server only inspects application packets, it is impossible for the proxy server to detect attempted network security intrusions at the TCP or network layer

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Intelligent integrated network security device for high-availability applications
  • Intelligent integrated network security device for high-availability applications
  • Intelligent integrated network security device for high-availability applications

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0023] figure 1 An exemplary network topology diagram is shown comprising a local area network (LAN) 100 comprising a server 102, a plurality of workstations (W / S) 104a-104c (indicated generally by "104"), and a security system 124 . The security system 124 may include a session module 122 and a set of other security devices. In the illustrated embodiment, security system 124 may include two security devices, first security device 106 and second security device 108 . LAN 100 may be connected through security system 124 to an external network, such as the Internet 114b. The second LAN 116 may include a Web server 110 , an Email server 112 , a server 138 , workstations 134 a - 134 f (indicated generally at " 134 "), and a security system 124 . LAN 116 may be connected to Internet 114a via security system 126 . The security system 126 can include a first security device 128 , a second security device 130 , and a session module 132 . Computers, servers, and other devices in a...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

Methods and apparatuses for inspecting packets are provided. A primary security system may be configured for processing packets. The primary security system may be operable to maintain flow information for a group of devices to facilitate processing of the packets. A secondary security system may be designated for processing packets upon a failover event. Flow records may be shared from the primary security system with the secondary security system.

Description

technical field [0001] Systems, devices, and methods consistent with principles of the invention relate generally to controlling computer network security. Background technique [0002] Firewalls and intrusion detection systems are devices that can be used to protect computer networks from unauthorized or disruptive users. A firewall can protect the security of a LAN so that users outside the LAN cannot enter. Firewalls inspect, route, and frequently tag all information sent to or from users outside the LAN. Intrusion Detection Systems (IDS) can be used to examine information transmitted within a network to identify suspicious patterns of behavior. [0003] A flow-based router (FBR) allows network administrators to forward and route data packets according to network policies specified by the network administrator. FBR allows network administrators to implement policies that selectively route packets through specified paths in the network. FBR can also be used to ensure t...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L12/56H04L29/06H04L69/40
CPCH04L69/40H04L29/14H04L63/0236H04L29/06H04L63/0227H04L63/1416H04L63/0428H04L9/40G06F11/2002
Inventor 尼尔·朱克毛宇明科沃斯科·古鲁斯瓦米
Owner JUMIPER NETWORKS INC