WO2002079949A3 - Internet security system - Google Patents

Internet security system Download PDF

Info

Publication number
WO2002079949A3
WO2002079949A3 PCT/US2002/009876 US0209876W WO02079949A3 WO 2002079949 A3 WO2002079949 A3 WO 2002079949A3 US 0209876 W US0209876 W US 0209876W WO 02079949 A3 WO02079949 A3 WO 02079949A3
Authority
WO
WIPO (PCT)
Prior art keywords
security system
internet security
internet
data packet
area network
Prior art date
Application number
PCT/US2002/009876
Other languages
French (fr)
Other versions
WO2002079949A2 (en
Inventor
Yan Ke
Yuming Mao
Wilson Wu
Leu Brian Yean-Shiang
Original Assignee
Netscreen Technologies Inc
Yan Ke
Yuming Mao
Wilson Wu
Leu Brian Yean-Shiang
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Family has litigation
First worldwide family litigation filed litigation Critical https://patents.darts-ip.com/?family=26960459&utm_source=google_patent&utm_medium=platform_link&utm_campaign=public_patent_search&patent=WO2002079949(A3) "Global patent litigation dataset” by Darts-ip is licensed under a Creative Commons Attribution 4.0 International License.
Application filed by Netscreen Technologies Inc, Yan Ke, Yuming Mao, Wilson Wu, Leu Brian Yean-Shiang filed Critical Netscreen Technologies Inc
Priority to AU2002254456A priority Critical patent/AU2002254456A1/en
Publication of WO2002079949A2 publication Critical patent/WO2002079949A2/en
Publication of WO2002079949A3 publication Critical patent/WO2002079949A3/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4641Virtual LANs, VLANs, e.g. virtual private networks [VPN]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L49/00Packet switching elements
    • H04L49/35Switches specially adapted for specific applications
    • H04L49/354Switches specially adapted for specific applications for supporting virtual local area networks [VLAN]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0272Virtual private networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4641Virtual LANs, VLANs, e.g. virtual private networks [VPN]
    • H04L12/4645Details on frame tagging
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4641Virtual LANs, VLANs, e.g. virtual private networks [VPN]
    • H04L12/467Arrangements for supporting untagged frames, e.g. port-based VLANs
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L49/00Packet switching elements
    • H04L49/25Routing or path finding in a switch fabric
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L49/00Packet switching elements
    • H04L49/35Switches specially adapted for specific applications
    • H04L49/351Switches specially adapted for specific applications for local area network [LAN], e.g. Ethernet switches
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0209Architectural arrangements, e.g. perimeter networks or demilitarized zones
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities

Abstract

A method and system (500) for receiving data packet (505) in a virtual local area network (525).
PCT/US2002/009876 2001-03-30 2002-03-28 Internet security system WO2002079949A2 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
AU2002254456A AU2002254456A1 (en) 2001-03-30 2002-03-28 Internet security system

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
US28068401P 2001-03-30 2001-03-30
US60/280,684 2001-03-30
US09/967,893 US7093280B2 (en) 2001-03-30 2001-09-27 Internet security system
US09/967,893 2001-09-27

Publications (2)

Publication Number Publication Date
WO2002079949A2 WO2002079949A2 (en) 2002-10-10
WO2002079949A3 true WO2002079949A3 (en) 2003-04-24

Family

ID=26960459

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2002/009876 WO2002079949A2 (en) 2001-03-30 2002-03-28 Internet security system

Country Status (3)

Country Link
US (2) US7093280B2 (en)
AU (1) AU2002254456A1 (en)
WO (1) WO2002079949A2 (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8910241B2 (en) 2002-04-25 2014-12-09 Citrix Systems, Inc. Computer security system
US8943575B2 (en) 2008-04-30 2015-01-27 Citrix Systems, Inc. Method and system for policy simulation
US8990573B2 (en) 2008-11-10 2015-03-24 Citrix Systems, Inc. System and method for using variable security tag location in network communications
US8990910B2 (en) 2007-11-13 2015-03-24 Citrix Systems, Inc. System and method using globally unique identities
US9240945B2 (en) 2008-03-19 2016-01-19 Citrix Systems, Inc. Access, priority and bandwidth management based on application identity
CN105391704A (en) * 2015-10-29 2016-03-09 国网智能电网研究院 Configuration port isolation exchange equipment based on service type and application method

Families Citing this family (136)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7301946B2 (en) * 2000-11-22 2007-11-27 Cisco Technology, Inc. System and method for grouping multiple VLANs into a single 802.11 IP multicast domain
GB0109299D0 (en) * 2001-04-12 2001-05-30 British Telecomm Hybrid network
US7305492B2 (en) * 2001-07-06 2007-12-04 Juniper Networks, Inc. Content service aggregation system
US7200662B2 (en) 2001-07-06 2007-04-03 Juniper Networks, Inc. Integrated rule network management system
US7194622B1 (en) * 2001-12-13 2007-03-20 Cisco Technology, Inc. Network partitioning using encryption
US8185943B1 (en) * 2001-12-20 2012-05-22 Mcafee, Inc. Network adapter firewall system and method
US7761605B1 (en) 2001-12-20 2010-07-20 Mcafee, Inc. Embedded anti-virus scanner for a network adapter
US7546338B2 (en) * 2002-02-25 2009-06-09 Ascentive Llc Method and system for screening remote site connections and filtering data based on a community trust assessment
US7428590B2 (en) * 2002-06-10 2008-09-23 Akonix Systems, Inc. Systems and methods for reflecting messages associated with a target protocol within a network
US7818565B2 (en) * 2002-06-10 2010-10-19 Quest Software, Inc. Systems and methods for implementing protocol enforcement rules
NO317294B1 (en) * 2002-07-11 2004-10-04 Birdstep Tech Asa Seamless Ip mobility across security boundaries
US7457277B1 (en) * 2002-09-20 2008-11-25 Mahi Networks, Inc. System and method for network layer protocol routing in a peer model integrated optical network
US7587587B2 (en) 2002-12-05 2009-09-08 Broadcom Corporation Data path security processing
US9015467B2 (en) * 2002-12-05 2015-04-21 Broadcom Corporation Tagging mechanism for data path security processing
WO2004071038A1 (en) * 2003-02-05 2004-08-19 Nippon Telegraph And Telephone Corporation Firewall device
US20040177157A1 (en) * 2003-02-13 2004-09-09 Nortel Networks Limited Logical grouping of VPN tunnels
US7293238B1 (en) * 2003-04-04 2007-11-06 Raytheon Company Graphical user interface for an enterprise intrusion detection system
US7895649B1 (en) 2003-04-04 2011-02-22 Raytheon Company Dynamic rule generation for an enterprise intrusion detection system
US20040202185A1 (en) * 2003-04-14 2004-10-14 International Business Machines Corporation Multiple virtual local area network support for shared network adapters
US20040208197A1 (en) * 2003-04-15 2004-10-21 Swaminathan Viswanathan Method and apparatus for network protocol bridging
US7523485B1 (en) 2003-05-21 2009-04-21 Foundry Networks, Inc. System and method for source IP anti-spoofing security
US7516487B1 (en) * 2003-05-21 2009-04-07 Foundry Networks, Inc. System and method for source IP anti-spoofing security
CA2527501A1 (en) 2003-05-28 2004-12-09 Caymas Systems, Inc. Multilayer access control security system
WO2004107131A2 (en) 2003-05-28 2004-12-09 Caymas Systems, Inc. Policy based network address translation
US20040255154A1 (en) * 2003-06-11 2004-12-16 Foundry Networks, Inc. Multiple tiered network security system, method and apparatus
US7876772B2 (en) * 2003-08-01 2011-01-25 Foundry Networks, Llc System, method and apparatus for providing multiple access modes in a data communications network
US7735114B2 (en) * 2003-09-04 2010-06-08 Foundry Networks, Inc. Multiple tiered network security system, method and apparatus using dynamic user policy assignment
US7774833B1 (en) 2003-09-23 2010-08-10 Foundry Networks, Inc. System and method for protecting CPU against remote access attacks
US7451483B2 (en) * 2003-10-09 2008-11-11 International Business Machines Corporation VLAN router with firewall supporting multiple security layers
US8146148B2 (en) * 2003-11-19 2012-03-27 Cisco Technology, Inc. Tunneled security groups
US8528071B1 (en) 2003-12-05 2013-09-03 Foundry Networks, Llc System and method for flexible authentication in a data communications network
US8782654B2 (en) 2004-03-13 2014-07-15 Adaptive Computing Enterprises, Inc. Co-allocating a reservation spanning different compute resources types
US20050223214A1 (en) * 2004-03-31 2005-10-06 Intel Corporation Security measures in a reconfigurable communication system
US20050256935A1 (en) * 2004-05-06 2005-11-17 Overstreet Matthew L System and method for managing a network
US20070266388A1 (en) 2004-06-18 2007-11-15 Cluster Resources, Inc. System and method for providing advanced reservations in a compute environment
EP1759551B1 (en) * 2004-06-24 2009-08-19 Spyder Navigations L.L.C. Transfer of packet data in system comprising mobile terminal, wireless local network and mobile network
US9407643B1 (en) * 2004-08-03 2016-08-02 Spirent Communications, Inc. System and method for consolidating network streams for network analysis
US8176490B1 (en) 2004-08-20 2012-05-08 Adaptive Computing Enterprises, Inc. System and method of interfacing a workload manager and scheduler with an identity manager
US7877786B2 (en) * 2004-10-21 2011-01-25 Alcatel-Lucent Usa Inc. Method, apparatus and network architecture for enforcing security policies using an isolated subnet
CA2586763C (en) 2004-11-08 2013-12-17 Cluster Resources, Inc. System and method of providing system jobs within a compute environment
US8261337B1 (en) * 2004-11-17 2012-09-04 Juniper Networks, Inc. Firewall security between network devices
US7602731B2 (en) * 2004-12-22 2009-10-13 Intruguard Devices, Inc. System and method for integrated header, state, rate and content anomaly prevention with policy enforcement
US7626940B2 (en) * 2004-12-22 2009-12-01 Intruguard Devices, Inc. System and method for integrated header, state, rate and content anomaly prevention for domain name service
US7703138B2 (en) * 2004-12-29 2010-04-20 Intel Corporation Use of application signature to identify trusted traffic
US7827608B2 (en) * 2005-02-08 2010-11-02 International Business Machines Corporation Data leak protection system, method and apparatus
US7808897B1 (en) * 2005-03-01 2010-10-05 International Business Machines Corporation Fast network security utilizing intrusion prevention systems
US9075657B2 (en) 2005-04-07 2015-07-07 Adaptive Computing Enterprises, Inc. On-demand access to compute resources
US8863143B2 (en) 2006-03-16 2014-10-14 Adaptive Computing Enterprises, Inc. System and method for managing a hybrid compute environment
US9231886B2 (en) 2005-03-16 2016-01-05 Adaptive Computing Enterprises, Inc. Simple integration of an on-demand compute environment
US8572733B1 (en) 2005-07-06 2013-10-29 Raytheon Company System and method for active data collection in a network security system
US7581241B2 (en) * 2005-07-15 2009-08-25 Microsoft Corporation Generating an outbound connection security policy based on an inbound connections security policy
US8224761B1 (en) 2005-09-01 2012-07-17 Raytheon Company System and method for interactive correlation rule design in a network security system
US7950058B1 (en) 2005-09-01 2011-05-24 Raytheon Company System and method for collaborative information security correlation in low bandwidth environments
US7870602B2 (en) * 2005-09-14 2011-01-11 At&T Intellectual Property I, L.P. System and method for reducing data stream interruption during failure of a firewall device
US7606232B1 (en) 2005-11-09 2009-10-20 Juniper Networks, Inc. Dynamic virtual local area network (VLAN) interface configuration
US7966654B2 (en) * 2005-11-22 2011-06-21 Fortinet, Inc. Computerized system and method for policy-based content filtering
JP4622835B2 (en) * 2005-12-07 2011-02-02 株式会社日立製作所 Virtual computer system and network communication method thereof
US7849185B1 (en) 2006-01-10 2010-12-07 Raytheon Company System and method for attacker attribution in a network security system
US7633956B1 (en) * 2006-01-19 2009-12-15 Cisco Technology, Inc. System and method for providing support for multipoint L2VPN services in devices without local bridging
US7987264B1 (en) * 2006-01-27 2011-07-26 Juniper Networks, Inc. Testing policies in a network
US8479275B1 (en) * 2006-02-01 2013-07-02 Cisco Technology, Inc. Secure high-throughput data-center network employing routed firewalls
US7492766B2 (en) * 2006-02-22 2009-02-17 Juniper Networks, Inc. Dynamic building of VLAN interfaces based on subscriber information strings
US7808994B1 (en) * 2006-02-22 2010-10-05 Juniper Networks, Inc. Forwarding traffic to VLAN interfaces built based on subscriber information strings
US8009566B2 (en) 2006-06-26 2011-08-30 Palo Alto Networks, Inc. Packet classification in a network security device
WO2008017011A2 (en) * 2006-08-03 2008-02-07 Citrix Systems, Inc. Systems and methods for application-based interception and authorization of ssl/vpn traffic
US8869262B2 (en) 2006-08-03 2014-10-21 Citrix Systems, Inc. Systems and methods for application based interception of SSL/VPN traffic
US7843912B2 (en) 2006-08-03 2010-11-30 Citrix Systems, Inc. Systems and methods of fine grained interception of network communications on a virtual private network
US8495181B2 (en) 2006-08-03 2013-07-23 Citrix Systems, Inc Systems and methods for application based interception SSI/VPN traffic
US8104082B2 (en) * 2006-09-29 2012-01-24 Certes Networks, Inc. Virtual security interface
US8811156B1 (en) 2006-11-14 2014-08-19 Raytheon Company Compressing n-dimensional data
US7912050B2 (en) * 2006-12-05 2011-03-22 Electronics And Telecommunications Research Institute Method for classifying downstream packet in cable modem termination system at head-end supporting channel bonding mode, and cable modem termination system
US8594085B2 (en) * 2007-04-11 2013-11-26 Palo Alto Networks, Inc. L2/L3 multi-mode switch including policy processing
US7952999B1 (en) * 2007-05-08 2011-05-31 Juniper Networks, Inc. Feedback control of processor use in virtual systems
US8108924B1 (en) * 2007-05-24 2012-01-31 Sprint Communications Company L.P. Providing a firewall's connection data in a comprehendible format
KR101323852B1 (en) * 2007-07-12 2013-10-31 삼성전자주식회사 Virtual Firewall system and the control method for using based on commonness security policy
US8041773B2 (en) 2007-09-24 2011-10-18 The Research Foundation Of State University Of New York Automatic clustering for self-organizing grids
US8635440B2 (en) * 2007-12-13 2014-01-21 Microsoft Corporation Proxy with layer 3 security
US7813344B2 (en) * 2008-12-17 2010-10-12 At&T Intellectual Property I, Lp End user circuit diversity auditing methods
US8873556B1 (en) 2008-12-24 2014-10-28 Palo Alto Networks, Inc. Application based packet forwarding
US8125985B1 (en) * 2008-12-29 2012-02-28 Juniper Networks, Inc. Methods and apparatus for chaining access switches coupled to a switch fabric
CN101500012B (en) * 2009-02-27 2012-08-22 中国人民解放军信息工程大学 Packet classification method and system
US8867349B2 (en) * 2009-05-18 2014-10-21 Cisco Technology, Inc. Regulation of network traffic in virtual private networks
US9069929B2 (en) 2011-10-31 2015-06-30 Iii Holdings 2, Llc Arbitrating usage of serial port in node card of scalable and modular servers
US20110103391A1 (en) 2009-10-30 2011-05-05 Smooth-Stone, Inc. C/O Barry Evans System and method for high-performance, low-power data center interconnect fabric
US9054990B2 (en) 2009-10-30 2015-06-09 Iii Holdings 2, Llc System and method for data center security enhancements leveraging server SOCs or server fabrics
US20130107444A1 (en) 2011-10-28 2013-05-02 Calxeda, Inc. System and method for flexible storage and networking provisioning in large scalable processor installations
US9465771B2 (en) 2009-09-24 2016-10-11 Iii Holdings 2, Llc Server on a chip and node cards comprising one or more of same
US9876735B2 (en) 2009-10-30 2018-01-23 Iii Holdings 2, Llc Performance and power optimized computer system architectures and methods leveraging power optimized tree fabric interconnect
US9077654B2 (en) 2009-10-30 2015-07-07 Iii Holdings 2, Llc System and method for data center security enhancements leveraging managed server SOCs
US8599863B2 (en) 2009-10-30 2013-12-03 Calxeda, Inc. System and method for using a multi-protocol fabric module across a distributed server interconnect fabric
US10877695B2 (en) 2009-10-30 2020-12-29 Iii Holdings 2, Llc Memcached server functionality in a cluster of data processing nodes
US9311269B2 (en) 2009-10-30 2016-04-12 Iii Holdings 2, Llc Network proxy for high-performance, low-power data center interconnect fabric
US11720290B2 (en) 2009-10-30 2023-08-08 Iii Holdings 2, Llc Memcached server functionality in a cluster of data processing nodes
US9648102B1 (en) 2012-12-27 2017-05-09 Iii Holdings 2, Llc Memcached server functionality in a cluster of data processing nodes
US9680770B2 (en) 2009-10-30 2017-06-13 Iii Holdings 2, Llc System and method for using a multi-protocol fabric module across a distributed server interconnect fabric
US8615014B2 (en) * 2010-03-03 2013-12-24 Iwebgate Technology Limited System and method for multiple concurrent virtual networks
US9425986B2 (en) 2010-03-03 2016-08-23 Iwebgate Technology Limited System and method for multiple concurrent virtual networks
US8904511B1 (en) 2010-08-23 2014-12-02 Amazon Technologies, Inc. Virtual firewalls for multi-tenant distributed services
US8645730B2 (en) * 2010-09-21 2014-02-04 International Business Machines Corporation Systems and methods to improve power efficiency in hybrid storage clusters
US9077683B2 (en) * 2010-12-08 2015-07-07 At&T Intellectual Property I, L.P. Architecture for network management in a multi-service network
US8972555B2 (en) 2011-03-04 2015-03-03 Unisys Corporation IPsec connection to private networks
US8763075B2 (en) * 2011-03-07 2014-06-24 Adtran, Inc. Method and apparatus for network access control
US8973088B1 (en) 2011-05-24 2015-03-03 Palo Alto Networks, Inc. Policy enforcement using host information profile
US9047441B2 (en) 2011-05-24 2015-06-02 Palo Alto Networks, Inc. Malware analysis system
US8695096B1 (en) 2011-05-24 2014-04-08 Palo Alto Networks, Inc. Automatic signature generation for malicious PDF files
IL214830A0 (en) 2011-08-25 2012-02-29 Elta Systems Ltd Network environment separation
US8875223B1 (en) * 2011-08-31 2014-10-28 Palo Alto Networks, Inc. Configuring and managing remote security devices
US9129124B2 (en) * 2012-04-12 2015-09-08 Hewlett-Packard Development Company, L.P. Dynamic provisioning of virtual systems
US9258234B1 (en) 2012-12-28 2016-02-09 Juniper Networks, Inc. Dynamically adjusting liveliness detection intervals for periodic network communications
US8438631B1 (en) 2013-01-24 2013-05-07 Sideband Networks, Inc. Security enclave device to extend a virtual secure processing environment to a client device
US8953460B1 (en) 2012-12-31 2015-02-10 Juniper Networks, Inc. Network liveliness detection using session-external communications
CN103997479B (en) * 2013-02-17 2018-06-15 新华三技术有限公司 A kind of asymmetric services IP Proxy Methods and equipment
US9419879B2 (en) * 2013-06-20 2016-08-16 International Business Machines Corporation Selectively refreshing address registration information
US9276904B2 (en) 2014-02-20 2016-03-01 Nicira, Inc. Specifying point of enforcement in a firewall rule
US9769017B1 (en) 2014-09-26 2017-09-19 Juniper Networks, Inc. Impending control plane disruption indication using forwarding plane liveliness detection protocols
US9806948B2 (en) 2015-06-30 2017-10-31 Nicira, Inc. Providing firewall rules for workload spread across multiple data centers
US10491569B1 (en) * 2015-11-10 2019-11-26 Alterednets Cyber Solutions LLC Secure transfer of independent security domains across shared media
US10148696B2 (en) * 2015-12-18 2018-12-04 Nicira, Inc. Service rule console for creating, viewing and updating template based service rules
US10341297B2 (en) 2015-12-18 2019-07-02 Nicira, Inc. Datapath processing of service rules with qualifiers defined in terms of template identifiers and/or template matching criteria
US10305858B2 (en) 2015-12-18 2019-05-28 Nicira, Inc. Datapath processing of service rules with qualifiers defined in terms of dynamic groups
US10469450B2 (en) 2015-12-18 2019-11-05 Nicira, Inc. Creating and distributing template based service rules
US9973528B2 (en) 2015-12-21 2018-05-15 Fortinet, Inc. Two-stage hash based logic for application layer distributed denial of service (DDoS) attack attribution
US10374936B2 (en) 2015-12-30 2019-08-06 Juniper Networks, Inc. Reducing false alarms when using network keep-alive messages
US10348685B2 (en) 2016-04-29 2019-07-09 Nicira, Inc. Priority allocation for distributed service rules
US10135727B2 (en) 2016-04-29 2018-11-20 Nicira, Inc. Address grouping for distributed service rules
US11171920B2 (en) 2016-05-01 2021-11-09 Nicira, Inc. Publication of firewall configuration
US10944722B2 (en) 2016-05-01 2021-03-09 Nicira, Inc. Using activities to manage multi-tenant firewall configuration
US20170324707A1 (en) * 2016-05-03 2017-11-09 At&T Intellectual Property I, L.P. Network service provider architecture with internet-route-free control plane
US11088990B2 (en) 2016-06-29 2021-08-10 Nicira, Inc. Translation cache for firewall configuration
US11258761B2 (en) 2016-06-29 2022-02-22 Nicira, Inc. Self-service firewall configuration
US10397085B1 (en) 2016-06-30 2019-08-27 Juniper Networks, Inc. Offloading heartbeat responses message processing to a kernel of a network device
US10757105B2 (en) * 2017-06-12 2020-08-25 At&T Intellectual Property I, L.P. On-demand network security system
US10887130B2 (en) 2017-06-15 2021-01-05 At&T Intellectual Property I, L.P. Dynamic intelligent analytics VPN instantiation and/or aggregation employing secured access to the cloud network device
US11750441B1 (en) 2018-09-07 2023-09-05 Juniper Networks, Inc. Propagating node failure errors to TCP sockets
US11394693B2 (en) * 2019-03-04 2022-07-19 Cyxtera Cybersecurity, Inc. Establishing network tunnel in response to access request
US11310202B2 (en) 2019-03-13 2022-04-19 Vmware, Inc. Sharing of firewall rules among multiple workloads in a hypervisor

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20010009025A1 (en) * 2000-01-18 2001-07-19 Ahonen Pasi Matti Kalevi Virtual private networks
US20010034831A1 (en) * 2000-04-19 2001-10-25 Brustoloni Jose C. Method and apparatus for providing internet access to client computers over a lan
US20020049902A1 (en) * 1999-02-19 2002-04-25 Ian Rhodes Network arrangement for communication
US20020066036A1 (en) * 2000-11-13 2002-05-30 Gowri Makineni System and method for secure network mobility
US20020067831A1 (en) * 2000-12-05 2002-06-06 Sony Corporation IP-based architecture for mobile computing networks
US20020078384A1 (en) * 1999-01-14 2002-06-20 Lassi Hippelainen Interception method and system

Family Cites Families (49)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5781550A (en) 1996-02-02 1998-07-14 Digital Equipment Corporation Transparent and secure network gateway
US5842040A (en) 1996-06-18 1998-11-24 Storage Technology Corporation Policy caching method and apparatus for use in a communication device based on contents of one data unit in a subset of related data units
US6591303B1 (en) 1997-03-07 2003-07-08 Sun Microsystems, Inc. Method and apparatus for parallel trunking of interfaces to increase transfer bandwidth
US5909686A (en) 1997-06-30 1999-06-01 Sun Microsystems, Inc. Hardware-assisted central processing unit access to a forwarding database
US6088356A (en) 1997-06-30 2000-07-11 Sun Microsystems, Inc. System and method for a multi-layer network element
US6049528A (en) 1997-06-30 2000-04-11 Sun Microsystems, Inc. Trunking ethernet-compatible networks
US6775692B1 (en) 1997-07-31 2004-08-10 Cisco Technology, Inc. Proxying and unproxying a connection using a forwarding agent
US6172980B1 (en) * 1997-09-11 2001-01-09 3Com Corporation Multiple protocol support
US6170012B1 (en) 1997-09-12 2001-01-02 Lucent Technologies Inc. Methods and apparatus for a computer network firewall with cache query processing
US6141749A (en) 1997-09-12 2000-10-31 Lucent Technologies Inc. Methods and apparatus for a computer network firewall with stateful packet filtering
US7143438B1 (en) 1997-09-12 2006-11-28 Lucent Technologies Inc. Methods and apparatus for a computer network firewall with multiple domain support
US6098172A (en) 1997-09-12 2000-08-01 Lucent Technologies Inc. Methods and apparatus for a computer network firewall with proxy reflection
US6154775A (en) 1997-09-12 2000-11-28 Lucent Technologies Inc. Methods and apparatus for a computer network firewall with dynamic rule processing with the ability to dynamically alter the operations of rules
US6453419B1 (en) * 1998-03-18 2002-09-17 Secure Computing Corporation System and method for implementing a security policy
US6226751B1 (en) * 1998-04-17 2001-05-01 Vpnet Technologies, Inc. Method and apparatus for configuring a virtual private network
WO2000003516A1 (en) * 1998-07-08 2000-01-20 Broadcom Corporation Network switching architecture with multiple table synchronization, and forwarding of both ip and ipx packets
US6078586A (en) * 1998-08-03 2000-06-20 Mci Communications Corporation ATM virtual private networks
US6219786B1 (en) * 1998-09-09 2001-04-17 Surfcontrol, Inc. Method and system for monitoring and controlling network access
US6167445A (en) * 1998-10-26 2000-12-26 Cisco Technology, Inc. Method and apparatus for defining and implementing high-level quality of service policies in computer networks
US6625150B1 (en) * 1998-12-17 2003-09-23 Watchguard Technologies, Inc. Policy engine architecture
US6789118B1 (en) * 1999-02-23 2004-09-07 Alcatel Multi-service network switch with policy based routing
US7145869B1 (en) 1999-03-17 2006-12-05 Broadcom Corporation Method for avoiding out-of-ordering of frames in a network switch
US7643481B2 (en) 1999-03-17 2010-01-05 Broadcom Corporation Network switch having a programmable counter
US6556578B1 (en) * 1999-04-14 2003-04-29 Lucent Technologies Inc. Early fair drop buffer management method
EP1145519B1 (en) * 1999-06-10 2005-08-31 Alcatel Internetworking, Inc. System and method for policy-based network management of virtual private networks
US6650641B1 (en) 1999-07-02 2003-11-18 Cisco Technology, Inc. Network address translation using a forwarding agent
US6970913B1 (en) 1999-07-02 2005-11-29 Cisco Technology, Inc. Load balancing using distributed forwarding agents with application based feedback for different virtual machines
US6606315B1 (en) 1999-07-02 2003-08-12 Cisco Technology, Inc. Synchronizing service instructions among forwarding agents using a service manager
US6735169B1 (en) 1999-07-02 2004-05-11 Cisco Technology, Inc. Cascading multiple services on a forwarding agent
US6704278B1 (en) 1999-07-02 2004-03-09 Cisco Technology, Inc. Stateful failover of service managers
US6742045B1 (en) 1999-07-02 2004-05-25 Cisco Technology, Inc. Handling packet fragments in a distributed network service environment
US6633560B1 (en) 1999-07-02 2003-10-14 Cisco Technology, Inc. Distribution of network services among multiple service managers without client involvement
US7051066B1 (en) 1999-07-02 2006-05-23 Cisco Technology, Inc. Integrating service managers into a routing infrastructure using forwarding agents
US6549516B1 (en) 1999-07-02 2003-04-15 Cisco Technology, Inc. Sending instructions from a service manager to forwarding agents on a need to know basis
US6597956B1 (en) * 1999-08-23 2003-07-22 Terraspring, Inc. Method and apparatus for controlling an extensible computing system
US6693878B1 (en) * 1999-10-15 2004-02-17 Cisco Technology, Inc. Technique and apparatus for using node ID as virtual private network (VPN) identifiers
US6952728B1 (en) * 1999-12-01 2005-10-04 Nortel Networks Limited Providing desired service policies to subscribers accessing internet
US7117530B1 (en) * 1999-12-07 2006-10-03 Watchguard Technologies, Inc. Tunnel designation system for virtual private networks
US6892237B1 (en) * 2000-03-28 2005-05-10 Cisco Technology, Inc. Method and apparatus for high-speed parsing of network messages
US7096495B1 (en) * 2000-03-31 2006-08-22 Intel Corporation Network session management
US7055171B1 (en) * 2000-05-31 2006-05-30 Hewlett-Packard Development Company, L.P. Highly secure computer system architecture for a heterogeneous client environment
US7047561B1 (en) * 2000-09-28 2006-05-16 Nortel Networks Limited Firewall for real-time internet applications
US6975592B1 (en) * 2000-11-22 2005-12-13 Nortel Networks Limited Configurable rule-engine for layer-7 and traffic characteristic-based classification
US7296291B2 (en) * 2000-12-18 2007-11-13 Sun Microsystems, Inc. Controlled information flow between communities via a firewall
US7239636B2 (en) 2001-07-23 2007-07-03 Broadcom Corporation Multiple virtual channels for use in network devices
US20030033463A1 (en) 2001-08-10 2003-02-13 Garnett Paul J. Computer system storage
US7895431B2 (en) 2004-09-10 2011-02-22 Cavium Networks, Inc. Packet queuing, scheduling and ordering
US7535907B2 (en) 2005-04-08 2009-05-19 Oavium Networks, Inc. TCP engine
US8032413B2 (en) * 2009-04-22 2011-10-04 Visa U.S.A. Inc. Auctioning of announcements

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020078384A1 (en) * 1999-01-14 2002-06-20 Lassi Hippelainen Interception method and system
US20020049902A1 (en) * 1999-02-19 2002-04-25 Ian Rhodes Network arrangement for communication
US20010009025A1 (en) * 2000-01-18 2001-07-19 Ahonen Pasi Matti Kalevi Virtual private networks
US20010034831A1 (en) * 2000-04-19 2001-10-25 Brustoloni Jose C. Method and apparatus for providing internet access to client computers over a lan
US20020066036A1 (en) * 2000-11-13 2002-05-30 Gowri Makineni System and method for secure network mobility
US20020067831A1 (en) * 2000-12-05 2002-06-06 Sony Corporation IP-based architecture for mobile computing networks

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8910241B2 (en) 2002-04-25 2014-12-09 Citrix Systems, Inc. Computer security system
US8990910B2 (en) 2007-11-13 2015-03-24 Citrix Systems, Inc. System and method using globally unique identities
US9240945B2 (en) 2008-03-19 2016-01-19 Citrix Systems, Inc. Access, priority and bandwidth management based on application identity
US8943575B2 (en) 2008-04-30 2015-01-27 Citrix Systems, Inc. Method and system for policy simulation
US8990573B2 (en) 2008-11-10 2015-03-24 Citrix Systems, Inc. System and method for using variable security tag location in network communications
CN105391704A (en) * 2015-10-29 2016-03-09 国网智能电网研究院 Configuration port isolation exchange equipment based on service type and application method

Also Published As

Publication number Publication date
WO2002079949A2 (en) 2002-10-10
US20060209836A1 (en) 2006-09-21
US9185075B2 (en) 2015-11-10
US20030041266A1 (en) 2003-02-27
AU2002254456A1 (en) 2002-10-15
US7093280B2 (en) 2006-08-15

Similar Documents

Publication Publication Date Title
WO2002079949A3 (en) Internet security system
AU2002350759A1 (en) Application gateway system, and method for maintaining security in a packet-switched information network
AU2001269794A1 (en) Method and apparatus for enhancing network security protection server performance
AU2001286975A1 (en) Network data transfer acceleration system and method
AU2002344308A1 (en) Method and system for implementing security devices in a network
AU2001287044A1 (en) System and method for personalization implemented on multiple networks and multiple interfaces
AU2001268274A1 (en) Network interface having client-specific information and associated method
AU2001232988A1 (en) A system and method for increasing data packet transfer rate in a computer network
AU6027999A (en) Method and apparatus for data routing, delivery, and authentication in a packet data network
AU2001224603A1 (en) System and method for providing an information network on the internet
AU2001231060A1 (en) System and method for facilitating secure payment with privacy over a computer network including the internet
AU2002357142A1 (en) Method and system for sharing information with users in a network
AU2002352874A1 (en) Method and system for path identification in packet networks
AU2001275447A1 (en) System and method for sharing information via a virtual shared area in a communication network
AU2002213275A1 (en) Method and system for authenticating a network user
AU5245201A (en) System and method for highly secure data communications
AU2002258931A1 (en) Method and system for virtual addressing in a communications network
AU5514298A (en) System, device, and method for routing dhcp packets in a public data network
HK1051415A1 (en) Information processing apparatus, information processing method and network system
AU2001265210A1 (en) Method and system for providing an online collections services marketplace
AU2002366170A1 (en) System and method for determining correlations in a communications network
EP1182533A3 (en) Apparatus, system and method for enhancing data security
AU2001279736A1 (en) A method of and a system for data exchange over a data network such as the public internet
AU2001258123A1 (en) Server and method for providing specific network services
AU2002212799A1 (en) The electronic business system based on a bank network and the operating method thereof

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG US UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase

Ref country code: JP

WWW Wipo information: withdrawn in national office

Country of ref document: JP