公开(公告)号：US09258277B1

公开(公告)日：2016-02-09

申请号：US13534095

申请日：2012-06-27

Applicant: Yan Zhuang ,  Xiao Ping Zhu ,  Rakesh Nair Gopala Krishnan Nair ,  Dongyi Jiang ,  Yong Tian ,  Jinfeng Yu ,  Haiyu Wang

Inventor： Yan Zhuang ,  Xiao Ping Zhu ,  Rakesh Nair Gopala Krishnan Nair ,  Dongyi Jiang ,  Yong Tian ,  Jinfeng Yu ,  Haiyu Wang

IPC: G06F17/00 ,  H04L29/06 ,  H04L12/851

CPC classification number: H04L63/0236 ,  H04L47/2483 ,  H04L61/2517 ,  H04L61/2539 ,  H04L61/255

Abstract: In general, techniques are described for performing decentralized packet dispatch. A network device comprising one or more service processing units (SPUs) and an interface may implement the techniques. The interface receives a packet associated with a session and selects a first one of SPUs to dispatch the packet based on first information extracted from the packet. The first one of the SPUs dispatches the packet to a second one of the SPUs based on second information extracted from the packet. The second one of the SPUs performs first pass processing to configure the network security device to perform fast path processing of the packet such that second one of the SPUs applies one or more services to the packet and subsequent packets associated with the same session without application of services to the packets by the first one of the service processing units.

Abstract translation: 一般来说，描述了执行分散式分组调度的技术。 包括一个或多个服务处理单元（SPU）和接口的网络设备可以实现这些技术。 该接口接收与会话关联的分组，并根据从该分组提取的第一信息选择一个SPU中的第一个分组来分组。 基于从分组中提取的第二信息，第一个SPU将分组分派到第二个SPU。 第二个SPU执行第一遍处理以配置网络安全设备来执行分组的快速路径处理，使得第二个SPU将一个或多个服务应用于与相同会话关联的分组和后续分组，而不应用 由第一个服务处理单元向数据包提供服务。

公开(公告)号：US20140149569A1

公开(公告)日：2014-05-29

申请号：US13685639

申请日：2012-11-26

Applicant: Andreas Wittenstein ,  Mike Eynon ,  Rakesh Nair ,  Richard Chiles ,  Brian Campbell

Inventor： Andreas Wittenstein ,  Mike Eynon ,  Rakesh Nair ,  Richard Chiles ,  Brian Campbell

IPC: H04L29/08

CPC classification number: H04L43/12 ,  H04L41/12 ,  H04L43/028 ,  H04L43/106

Abstract: Methods and devices for correlative monitoring, analysis, and control of multi-service, multi-network systems are provided herein. Exemplary methods may include generating a network topology graph of a metanetwork using traffic records obtained from the metanetwork, generating a causal digraph of the metanetwork using the traffic records and the network topology graph, and transmitting one or more of the network topology graph and the causal digraph to a computing system.

Abstract translation: 本文提供了多业务多网络系统相关监控，分析和控制的方法和设备。 示例性方法可以包括使用从元网络获得的业务记录来生成元网络的网络拓扑图，使用业务记录和网络拓扑图生成元网络的因果有向图，并且发送网络拓扑图和因果关系中的一个或多个 有向图到计算系统。

公开(公告)号：US07941837B1

公开(公告)日：2011-05-10

申请号：US11751731

申请日：2007-05-22

Applicant: Dongyi Jiang ,  Chih-Wei Chao ,  Rakesh Nair ,  Daniel Hirschberg

Inventor： Dongyi Jiang ,  Chih-Wei Chao ,  Rakesh Nair ,  Daniel Hirschberg

IPC: G06F9/00

CPC classification number: H04L63/0209 ,  H04L63/0236

Abstract: Techniques are described to enable two or more layer two (L2) firewall devices to be configured as a high availability (HA) cluster in an active-active configuration. A first layer two (L2) firewall and a second L2 firewall are positioned within the same L2 network. The first L2 firewall and the second L2 firewall are concurrently configured with active virtual security devices (VSDs) within the L2 network, and concurrently apply L2 firewall services to packets within the L2 network. A VSD of one of the L2 firewalls automatically switches to an active VSD status for a VSD group in place of a VSD of another L2 firewall when the other L2 firewall fails.

Abstract translation: 描述技术以使得两个或多个第二层（L2）防火墙设备能够被配置为主动 - 主动配置中的高可用性（HA）群集。 第一层二层（L2）防火墙和第二层L2防火墙位于同一L2网络内。 第一个L2防火墙和第二个L2防火墙同时配置在L2网络内的主动虚拟安全设备（VSD），并对L2网络内的报文同时应用L2防火墙业务。 当另一个L2防火墙发生故障时，其中一个L2防火墙的VSD自动切换到VSD组的主动VSD状态，代替另一个L2防火墙的VSD。

公开(公告)号：US20240134873A1

公开(公告)日：2024-04-25

申请号：US17971329

申请日：2022-10-20

Applicant: Udit Mehta ,  Thomas Pelleteir ,  Max Luster ,  Brooks Taylor ,  Hanhan Wang ,  Ranjith Govindan ,  Rakesh Nair

Inventor： Udit Mehta ,  Thomas Pelleteir ,  Max Luster ,  Brooks Taylor ,  Hanhan Wang ,  Ranjith Govindan ,  Rakesh Nair

IPC: G06F16/25 ,  G06F16/22

CPC classification number: G06F16/254 ,  G06F16/2282

Abstract: A data warehouse connector service is described. The data warehouse connector service integrates with an identity resolution system of a customer data platform to systematically communicate identity-resolved customer profile data from the customer data platform to a cloud-based data warehouse. Operation of the data warehouse connector is managed through various configuration settings accessible to an end-user of the customer data platform via a user interface.

公开(公告)号：US08762534B1

公开(公告)日：2014-06-24

申请号：US13105206

申请日：2011-05-11

Applicant: Xinhua Hong ,  Hongbin Wang ,  Ying Zhang ,  Krishna Narayanaswamy ,  Rakesh Nair ,  Henry Han

Inventor： Xinhua Hong ,  Hongbin Wang ,  Ying Zhang ,  Krishna Narayanaswamy ,  Rakesh Nair ,  Henry Han

IPC: G06F15/173

CPC classification number: G06F9/505 ,  H04L67/10

Abstract: A fair weighted-hashing technique may be used in load balancing among a group of modules. In one implementation, a device may maintain a table that relates how incoming client resource requests are to be distributed among the modules. The device may update the table, in response to an indication that an additional module, associated with a module identifier, is to be included in the group of modules. The updating may include determining a number of entries to add to the table for the additional module, calculating a first hash value for each of the number of entries, and modifying the table by writing the module identifier to one or more sequential entries of the table, beginning at an index into the table corresponding to the first hash value.

Abstract translation: 在一组模块之间的负载平衡中可以使用公平的加权散列技术。 在一个实现中，设备可以维护关于如何在模块之间分发传入的客户端资源请求的表。 响应于与模块标识符相关联的附加模块将包括在模块组中的指示，设备可以更新表。 更新可以包括确定要添加到附加模块的表的条目的数量，为每个条目数量计算第一散列值，并通过将模块标识符写入表的一个或多个顺序条目来修改该表 ，从索引开始到与第一个哈希值对应的表中。