公开(公告)号：US08776207B2

公开(公告)日：2014-07-08

申请号：US13356399

申请日：2012-01-23

申请人： Joe Mihelich ,  Son Pham ,  Jun Li

发明人： Joe Mihelich ,  Son Pham ,  Jun Li

IPC分类号： G06F17/00 ,  H04L29/08 ,  G06F15/16 ,  H04L29/06

CPC分类号： H04L63/0236 ,  G06F17/30589 ,  G06F17/30952 ,  H04L45/74 ,  H04L47/125 ,  H04L47/196 ,  H04L47/726 ,  H04L49/354 ,  H04L61/2007 ,  H04L63/02 ,  H04L63/0218 ,  H04L63/0227 ,  H04L63/0272 ,  H04L63/029 ,  H04L63/1408 ,  H04L63/1458 ,  H04L67/1002 ,  H04L67/1004 ,  H04L67/1027 ,  H04L67/142

摘要： Methods and systems for balancing load among firewall security devices are provided. According to one embodiment, a switch maintains a session table the session entries of which represent established traffic sessions between a source and a destination and form an association between the traffic session and a particular firewall security device (FSD). Responsive to receiving a packet of a first traffic session on a first port, a determination is made whether there exists a matching session entry. Responsive to a negative determination, a load balancing function is performed to select an FSD with which to associate the first traffic session and a corresponding reverse second traffic session. After processing of the packet by the selected FSD and receipt of the packet at a second port, a session entry is installed within the session table for the second traffic session and which associates the selected FSD with the second traffic session.

摘要翻译： 提供了在防火墙安全设备之间平衡负载的方法和系统。 根据一个实施例，交换机维护会话表，其会话表项表示源和目的地之间建立的业务会话，并形成业务会话与特定防火墙安全设备（FSD）之间的关联。 响应于在第一端口上接收到第一通信会话的分组，确定是否存在匹配的会话条目。 响应于否定确定，执行负载平衡功能以选择与第一业务会话关联的FSD和相应的反向第二业务会话。 在通过所选择的FSD处理分组并在第二端口接收到分组之后，在第二业务会话的会话表中安装会话条目，并且将所选择的FSD与第二业务会话相关联。

公开(公告)号：US20120210416A1

公开(公告)日：2012-08-16

申请号：US13356399

申请日：2012-01-23

申请人： Joe Mihelich ,  Son Pham ,  Jun Li

发明人： Joe Mihelich ,  Son Pham ,  Jun Li

IPC分类号： G06F21/00

CPC分类号： H04L63/0236 ,  G06F17/30589 ,  G06F17/30952 ,  H04L45/74 ,  H04L47/125 ,  H04L47/196 ,  H04L47/726 ,  H04L49/354 ,  H04L61/2007 ,  H04L63/02 ,  H04L63/0218 ,  H04L63/0227 ,  H04L63/0272 ,  H04L63/029 ,  H04L63/1408 ,  H04L63/1458 ,  H04L67/1002 ,  H04L67/1004 ,  H04L67/1027 ,  H04L67/142

摘要： Methods and systems for balancing load among firewall security devices are provided. According to one embodiment, a switch maintains a session table the session entries of which represent established traffic sessions between a source and a destination and form an association between the traffic session and a particular firewall security device (FSD). Responsive to receiving a packet of a first traffic session on a first port, a determination is made whether there exists a matching session entry. Responsive to a negative determination, a load balancing function is performed to select an FSD with which to associate the first traffic session and a corresponding reverse second traffic session. After processing of the packet by the selected FSD and receipt of the packet at a second port, a session entry is installed within the session table for the second traffic session and which associates the selected FSD with the second traffic session.

摘要翻译： 提供了在防火墙安全设备之间平衡负载的方法和系统。 根据一个实施例，交换机维护会话表，其会话表项表示源和目的地之间建立的业务会话，并形成业务会话与特定防火墙安全设备（FSD）之间的关联。 响应于在第一端口上接收到第一通信会话的分组，确定是否存在匹配的会话条目。 响应于否定确定，执行负载平衡功能以选择与第一业务会话关联的FSD和相应的反向第二业务会话。 在通过所选择的FSD处理分组并在第二端口接收到分组之后，在第二业务会话的会话表中安装会话条目，并且将所选择的FSD与第二业务会话相关联。