-
公开(公告)号:US20100043068A1
公开(公告)日:2010-02-18
申请号:US12271605
申请日:2008-11-14
CPC分类号: H04L63/0272 , H04L12/4633 , H04L12/4641 , H04L45/04 , H04L45/50 , H04L45/60 , H04L63/0227
摘要: An MPLS-aware firewall allows firewall security policies to be applied to MPLS traffic. The firewall, which may be integrated within a routing device, can be configured into multiple virtual security systems. The routing device provides a user interface by which a user specifies one or more zones to be recognized by the integrated firewall when applying stateful firewall services to the packets. The user interface allows the user to define different zones and policies for different ones of the virtual security systems. In addition, the user interface supports a syntax that allows the user to define the zones for the firewall by specifying the customer VPNs as interfaces associated with the zones. The routing device generates mapping information for the integrated firewall to map the customer VPNs to specific MPLS labels for the MPLS tunnels carrying the customer's traffic.
摘要翻译: 支持MPLS的防火墙允许将防火墙安全策略应用于MPLS流量。 可以集成在路由设备中的防火墙可以被配置成多个虚拟安全系统。 路由设备提供用户界面,当用户界面向应用状态的防火墙服务应用时,用户指定一个或多个被集成防火墙识别的区域。 用户界面允许用户为不同的虚拟安全系统定义不同的区域和策略。 此外,用户界面支持语法,允许用户通过将客户VPN指定为与区域相关联的接口来定义防火墙的区域。 路由设备生成集成防火墙的映射信息,将客户VPN映射到承载客户流量的MPLS隧道的特定MPLS标签。
搜索结果
1 条记录 (耗时 0.014 秒)
筛选
AND
AND
过滤
NOT
NOT
扫码加群
