-
公开(公告)号:US09742732B2
公开(公告)日:2017-08-22
申请号:US13794367
申请日:2013-03-11
申请人: Yi Sun , Meng Xu , Lee Cheung , Choung-Yaw Michael Shieh
发明人: Yi Sun , Meng Xu , Lee Cheung , Choung-Yaw Michael Shieh
IPC分类号: H04L29/06
CPC分类号: H04L63/0209 , H04L63/1458
摘要: A method and apparatus is disclosed herein for TCP SYN flood protection. In one embodiment, a TCP SYN flood protection arrangement comprises a first device operable to process packet input and output functions, including performing sender verification with respect to a connection initiation from a sender for a first TCP connection between the sender and a destination server and a second device, separate from the first device, to perform one or more security processing operations on packets of the first TCP connection from the sender after the first device verifies the sender is legitimate.
-
公开(公告)号:US20130254871A1
公开(公告)日:2013-09-26
申请号:US13849315
申请日:2013-03-22
申请人: Yi Sun , Meng Xu , Lee Cheung , Sean Wang , Chuong-Yaw Michael Shieh
发明人: Yi Sun , Meng Xu , Lee Cheung , Sean Wang , Chuong-Yaw Michael Shieh
IPC分类号: H04L29/06
CPC分类号: H04L63/0209 , H04L63/104
摘要: A method and apparatus is disclosed herein for distributed zone-based security. In one embodiment, the method comprises: determining an ingress security zone associated with an ingress of a first network device based on a first key and a media access control (MAC) address of a source of a packet; determining an egress security zone of a second network device based on a MAC address of a destination for the packet and a second key; performing a policy lookup based on the ingress security zone and the egress security zone to identify a policy to apply to the packet; and applying the policy to the packet.
摘要翻译: 本文公开了一种用于分布式区域安全性的方法和装置。 在一个实施例中,该方法包括:基于分组的源的第一密钥和媒体访问控制(MAC)地址来确定与第一网络设备的入口相关联的入口安全区域; 基于所述分组的目的地的MAC地址和第二密钥来确定第二网络设备的出口安全区域; 基于进入安全区域和出口安全区域执行策略查找,以识别应用于分组的策略; 并将策略应用于数据包。
-
公开(公告)号:US09419941B2
公开(公告)日:2016-08-16
申请号:US13849315
申请日:2013-03-22
申请人: Yi Sun , Meng Xu , Lee Cheung , Hsisheng Wang , Chuong-Yaw Michael Shieh
发明人: Yi Sun , Meng Xu , Lee Cheung , Hsisheng Wang , Chuong-Yaw Michael Shieh
IPC分类号: H04L29/06
CPC分类号: H04L63/0209 , H04L63/104
摘要: A method and apparatus is disclosed herein for distributed zone-based security. In one embodiment, the method comprises: determining an ingress security zone associated with an ingress of a first network device based on a first key and a media access control (MAC) address of a source of a packet; determining an egress security zone of a second network device based on a MAC address of a destination for the packet and a second key; performing a policy lookup based on the ingress security zone and the egress security zone to identify a policy to apply to the packet; and applying the policy to the packet.
摘要翻译: 本文公开了一种用于分布式区域安全性的方法和装置。 在一个实施例中,该方法包括:基于分组的源的第一密钥和媒体访问控制(MAC)地址来确定与第一网络设备的入口相关联的入口安全区域; 基于所述分组的目的地的MAC地址和第二密钥来确定第二网络设备的出口安全区域; 基于进入安全区域和出口安全区域执行策略查找,以识别应用于分组的策略; 并将策略应用于数据包。
-
-
搜索结果
3 条记录 (耗时 0.03 秒)
