Invention Grant
US09591011B2 Techniques for separating the processing of clients' traffic to different zones in software defined networks
有权
用于将客户端流量处理分离到软件定义网络中的不同区域的技术
- Patent Title: Techniques for separating the processing of clients' traffic to different zones in software defined networks
- Patent Title (中): 用于将客户端流量处理分离到软件定义网络中的不同区域的技术
-
Application No.: US14957876Application Date: 2015-12-03
-
Publication No.: US09591011B2Publication Date: 2017-03-07
- Inventor: Yehuda Zisapel , Avi Chesla , Shay Naeh , David Aviv , Ehud Doron
- Applicant: RADWARE, LTD.
- Applicant Address: IL Tel Aviv
- Assignee: RADWARE, LTD.
- Current Assignee: RADWARE, LTD.
- Current Assignee Address: IL Tel Aviv
- Agency: M&B IP Analysts, LLC
- Main IPC: G06F11/00
- IPC: G06F11/00 ; G06F12/14 ; G06F12/16 ; G08B23/00 ; H04L29/06
Abstract:
A central controller and a method for separation of traffic processing in a software defined network (SDN). The method comprises: identifying, based on at least one zoning trigger parameter, a potential cyber-attack; triggering a zoning mode for mitigating the potential cyber-attack; dynamically allocating, based on a load profile, a first group of computing resources of a computing farm to a trusted zone and a second group of computing resources to an un-trusted zone; assigning the computing resources in the first group with a first address and the computing resources in the second group with a second address, wherein only the second address is advertised; and causing at least one network element in the SDN to divert incoming traffic to the first group and to the second group of computing resources based on a plurality of zoning rules implemented by the at least one network element.
Public/Granted literature
Information query
