-
公开(公告)号:US08199754B2
公开(公告)日:2012-06-12
申请号:US11443490
申请日:2006-05-30
CPC分类号: H04L45/22 , H04L12/5692 , H04L45/00
摘要: A system and method for extending the implementation of one or more Intrusion Prevention Systems (IPSs) such that each user can be placed in the IPS traffic path to create secure containment areas at a granular level, port types and port counts are increased, and higher network connection speeds are supported. In different embodiments of the invention, traffic load is balanced across two or more IPSs, enabling enhanced availability during system failures, replacements or updates. IPS performance is improved by enhancing traffic management of “trusted” (e.g., pass-through) and “known bad” (e.g., discarded) traffic flows and decreasing configuration task workloads. Other embodiments of the invention include, but are not limited to, extending the implementation of proxy devices, virtual private networks (VPNs), session border controllers (SBCs), firewalls, protocol gateways and other bump-in-the-wire systems.
摘要翻译: 一种用于扩展一个或多个入侵防御系统(IPS)的实现的系统和方法,使得每个用户可以被放置在IPS通信路径中以在粒级上创建安全容纳区域,端口类型和端口计数增加,并且更高 支持网络连接速度。 在本发明的不同实施例中,业务负载在两个或更多个IPS之间平衡,从而在系统故障,替换或更新期间增强可用性。 通过增强“信任”(例如,传递)和“已知的坏”(例如丢弃的)业务流和减少的配置任务工作负载的流量管理来提高IPS性能。 本发明的其他实施例包括但不限于扩展代理设备,虚拟专用网络(VPN),会话边界控制器(SBC),防火墙,协议网关和其他电力线上系统的实现。
-
公开(公告)号:US20070280222A1
公开(公告)日:2007-12-06
申请号:US11443490
申请日:2006-05-30
IPC分类号: H04L12/50
CPC分类号: H04L45/22 , H04L12/5692 , H04L45/00
摘要: A system and method for extending the implementation of one or more Intrusion Prevention Systems (IPSs) such that each user can be placed in the IPS traffic path to create secure containment areas at a granular level, port types and port counts are increased, and higher network connection speeds are supported. In different embodiments of the invention, traffic load is balanced across two or more IPSs, enabling enhanced availability during system failures, replacements or updates. IPS performance is improved by enhancing traffic management of “trusted” (e.g., pass-through) and “known bad” (e.g., discarded) traffic flows and decreasing configuration task workloads. Other embodiments of the invention include, but are not limited to, extending the implementation of proxy devices, virtual private networks (VPNs), session border controllers (SBCs), firewalls, protocol gateways and other bump-in-the-wire systems.
摘要翻译: 一种用于扩展一个或多个入侵防御系统(IPS)的实现的系统和方法,使得每个用户可以被放置在IPS通信路径中以在粒级上创建安全的容纳区域,端口类型和端口数量增加,并且更高 支持网络连接速度。 在本发明的不同实施例中,业务负载在两个或更多个IPS之间平衡,从而在系统故障,替换或更新期间增强可用性。 通过增强“信任”(例如,传递)和“已知的坏”(例如丢弃的)业务流和减少的配置任务工作负载的流量管理来提高IPS性能。 本发明的其他实施例包括但不限于扩展代理设备,虚拟专用网络(VPN),会话边界控制器(SBC),防火墙,协议网关和其他电力线上系统的实现。
-
公开(公告)号:US09338021B2
公开(公告)日:2016-05-10
申请号:US11643553
申请日:2006-12-21
申请人: Alexander Sarin , Hazem Kabbara , Chin Yaw Tiew
发明人: Alexander Sarin , Hazem Kabbara , Chin Yaw Tiew
CPC分类号: H04L12/24 , H04L41/00 , H04L41/0213 , H04L41/046 , H04L41/0893 , H04L43/028
摘要: An electronic communication network includes a connectivity subsystem. The connectivity subsystem registers a control subsystem with the connectivity subsystem. The control subsystem requests that network traffic be redirected from the connectivity subsystem to the control subsystem. In response to the request, the connectivity subsystem redirects network traffic from the connectivity subsystem to the control subsystem.
摘要翻译: 电子通信网络包括连接子系统。 连接子系统将连接子系统注册到控制子系统。 控制子系统要求将网络流量从连接子系统重定向到控制子系统。 响应该请求,连接子系统将网络流量从连接子系统重定向到控制子系统。
-
公开(公告)号:US07187648B1
公开(公告)日:2007-03-06
申请号:US10299365
申请日:2002-11-18
申请人: Sampath Rangarajan , Ram Ayyakad , Raghuram A. Devarakonda , Alexander Pavlovsky , Alexander Sarin
发明人: Sampath Rangarajan , Ram Ayyakad , Raghuram A. Devarakonda , Alexander Pavlovsky , Alexander Sarin
CPC分类号: H04L45/00 , H04L45/586 , H04L45/60 , H04L49/557
摘要: An arrangement where a primary traffic management device includes ports that are connected to a network, and a backup device that is connected to the primary device and also to the network provides effective backup support. When a port of the primary become non-operational, a port of the backup device is enlisted to serve the function of the non-operational port, leaving the remaining port of the primary, as well as all of the processors to continue operating normally, employing whatever data has been accumulated in the primary. The enlisting is accomplished through a Layer 2 switch within the primary device and a Layer 2 switch within the secondary device.
摘要翻译: 主要业务管理设备包括连接到网络的端口和连接到主设备以及网络的备份设备提供有效的备份支持的布置。 当主端口不可操作时,备份设备的端口被登记为服务于非操作端口的功能,使主设备的剩余端口以及所有处理器继续正常运行, 采用任何数据已经积累在小学。 通过主设备中的第2层交换机和辅助设备内的第2层交换机来实现。
-
公开(公告)号:US20080151754A1
公开(公告)日:2008-06-26
申请号:US11643553
申请日:2006-12-21
申请人: Alexander Sarin , Hazem Kabbara , Chin Yaw Tiew
发明人: Alexander Sarin , Hazem Kabbara , Chin Yaw Tiew
IPC分类号: G08C15/00
CPC分类号: H04L12/24 , H04L41/00 , H04L41/0213 , H04L41/046 , H04L41/0893 , H04L43/028
摘要: An electronic communication network includes a connectivity subsystem. The connectivity subsystem registers a control subsystem with the connectivity subsystem. The control subsystem requests that network traffic be redirected from the connectivity subsystem to the control subsystem. In response to the request, the connectivity subsystem redirects network traffic from the connectivity subsystem to the control subsystem.
摘要翻译: 电子通信网络包括连接子系统。 连接子系统将连接子系统注册到控制子系统。 控制子系统要求将网络流量从连接子系统重定向到控制子系统。 响应该请求,连接子系统将网络流量从连接子系统重定向到控制子系统。
-
-
-
-
搜索结果
5 条记录 (耗时 0.025 秒)
