Invention Grant
- Patent Title: Integrating service insertion architecture and virtual private network
- Patent Title (中): 集成服务插入架构和虚拟专用网络
-
Application No.: US12507422Application Date: 2009-07-22
-
Publication No.: US08650618B2Publication Date: 2014-02-11
- Inventor: Rajiv Asati , Mohamed Khalid , Sunil Cherukuri , Kenneth A. Durazzo , Shree Murthy
- Applicant: Rajiv Asati , Mohamed Khalid , Sunil Cherukuri , Kenneth A. Durazzo , Shree Murthy
- Applicant Address: US CA San Jose
- Assignee: Cisco Technology, Inc.
- Current Assignee: Cisco Technology, Inc.
- Current Assignee Address: US CA San Jose
- Agency: Hickman Palermo Truong Becker Bingham Wong LLP
- Main IPC: G06F7/04
- IPC: G06F7/04
Abstract:
Apparatus, methods, and other embodiments associated with providing service insertion architecture (SIA) differentiated services in a virtual private network (VPN) environment are described. Embodiments may provision an authentication, authorization, and accounting (AAA) server with user-to-SIA service-context mapping information. With the AAA server provisioned, embodiments may acquire, in an IPSec VPN hub, during IPSec tunnel user authentication, from the AAA server, the user-to-SIA service-context mapping information. With the mapping information available, embodiments may dynamically map an SIA service to an IPSec VPN tunnel user based on the service information acquired from the Service Broker or Pseudo-Service Broker. The dynamic mapping facilitates providing differentiated services in the SIA by facilitating forwarding an IPSec packet received on the IPSec VPN tunnel from the user to a service node associated with the SIA service based, at least in part, on the IPSec SADB entry modified using the service information.
Public/Granted literature
- US20110023090A1 INTEGRATING SERVICE INSERTION ARCHITECTURE AND VIRTUAL PRIVATE NETWORK Public/Granted day:2011-01-27
Information query
