会员体验
专利管家(专利管理)
工作空间(专利管理)
风险监控(情报监控)
数据分析(专利分析)
侵权分析(诉讼无效)
联系我们
交流群
官方交流:
QQ群: 891211   
微信请扫码    >>>
现在联系顾问~
热词
    • 1. 发明申请
    • Packet diversion in switching fabrics and multiple forwarding instructions for packets
    • 交换结构中的数据包转移和数据包的多个转发指令
    • US20060203816A1
    • 2006-09-14
    • US11121192
    • 2005-05-03
    • Edele O'MalleyEugene O'NeillKam ChoiDaniel O'Keeffe
    • Edele O'MalleyEugene O'NeillKam ChoiDaniel O'Keeffe
    • H04L12/56H04L12/54
    • H04L63/1408H04L49/3009H04L49/354H04L49/355H04L2012/5687
    • A cascade system of network units includes forwarding units which have external ports, a communication fabric connecting the units and at least one processing unit which needs no forwarding database. The processing unit may perform a security operation such as intrusion prevention or encryption. Each forwarding unit on receipt of a packet performs a look-up to determine an egress port, to determine whether the packet must be diverted to a processing unit, to provide the packet with a first forwarding instruction identifying the egress port uniquely within the system and a second forwarding instruction identifying a diversion port by which the packet can reach the processing unit and to set an order field which determines which of the forwarding instructions shall be performed first. The processing unit is operative on receipt of the packet by way of the diversion port to change the order field to specify that the packet should now be sent to the egress port.
    • 网络单元的级联系统包括具有外部端口的转发单元,连接单元的通信结构以及不需要转发数据库的至少一个处理单元。 处理单元可以执行诸如入侵防御或加密的安全操作。 每个转发单元在接收到分组时执行查找以确定出口端口,以确定分组是否必须被转移到处理单元,以向分组提供识别系统内唯一的出口端口的第一转发指令,以及 识别分组可以到达处理单元的转移端口的第二转发指令,以及设置首先执行哪个转发指令的顺序字段。 处理单元通过转移端口接收到分组,以改变订单字段以指定该分组现在应该被发送到出口端口。
    • 2. 发明申请
    • Rules engine for access control lists in network units
    • 以网络为单位的访问控制列表的规则引擎
    • US20060092947A1
    • 2006-05-04
    • US11064227
    • 2005-02-22
    • Daniel O'KeeffeEugene O'NeillEdele O'MalleyKam Choi
    • Daniel O'KeeffeEugene O'NeillEdele O'MalleyKam Choi
    • H04L12/56H04L12/28
    • H04L45/00H04L45/60H04L45/7453H04L47/20
    • A rules engine for the examination of selected fields in an addressed data packet, has an access control list table of which the entries each define an access control list rule, an action and a chain identifier. The access control list rule is a basic rule which refers to a TCP flow. The engine also has an extension rule table of which the entries each define an extension rule, a respective action and a respective rule identifier. The extension rule may refer to a particular flag in a TCP header. When a packet arrives the engine searches both tales. This search is made independently of the usual address lookup. If there is a match in both tables, and the chain identifier matches the extension rule identifier the engine prescribes the action associated with the extension rule. If the chain identifier of a matched access control list rule does not match a rule identifier of a matched extension rule the engine prescribes the action associates with the access control list rule. In the absence of a match with any access control list rule the action on a packet is based on the result from a lookup engine.
    • 用于检查寻址数据分组中的所选字段的规则引擎具有访问控制列表表,其中条目各自定义访问控制列表规则,动作和链标识符。 访问控制列表规则是引用TCP流的基本规则。 引擎还具有扩展规则表,其中条目各自定义扩展规则,相应的动作和相应的规则标识符。 扩展规则可以指TCP头中的特定标志。 当一个包到达时,引擎搜索这两个故事。 该搜索是独立于通常的地址查找。 如果两个表中都有匹配,并且链标识符与扩展规则标识符匹配,则引擎规定与扩展规则相关联的操作。 如果匹配的访问控制列表规则的链标识符与匹配的扩展规则的规则标识符不匹配,则引擎规定与访问控制列表规则相关联的动作。 在没有与任何访问控制列表规则匹配的情况下,数据包上的操作基于查找引擎的结果。
    • 5. 发明授权
    • Packet diversion in switching fabrics and multiple forwarding instructions for packets
    • 交换结构中的数据包转移和数据包的多个转发指令
    • US08081630B2
    • 2011-12-20
    • US11121192
    • 2005-05-03
    • Edele O'MalleyEugene O'NeillKam ChoiDaniel Martin O'Keeffe
    • Edele O'MalleyEugene O'NeillKam ChoiDaniel Martin O'Keeffe
    • H04L12/56
    • H04L63/1408H04L49/3009H04L49/354H04L49/355H04L2012/5687
    • A cascade system of network units includes forwarding units which have external ports, a communication fabric connecting the units and at least one processing unit which needs no forwarding database. The processing unit may perform a security operation such as intrusion prevention or encryption. Each forwarding unit on receipt of a packet performs a look-up to determine an egress port, to determine whether the packet must be diverted to a processing unit, to provide the packet with a first forwarding instruction identifying the egress port uniquely within the system and a second forwarding instruction identifying a diversion port by which the packet can reach the processing unit and to set an order field which determines which of the forwarding instructions shall be performed first. The processing unit is operative on receipt of the packet by way of the diversion port to change the order field to specify that the packet should now be sent to the egress port.
    • 网络单元的级联系统包括具有外部端口的转发单元,连接单元的通信结构以及不需要转发数据库的至少一个处理单元。 处理单元可以执行诸如入侵防御或加密的安全操作。 每个转发单元在接收到分组时执行查找以确定出口端口,以确定分组是否必须被转移到处理单元,以向分组提供识别系统内唯一的出口端口的第一转发指令,以及 识别分组可以到达处理单元的转移端口的第二转发指令,以及设置首先执行哪个转发指令的顺序字段。 处理单元通过转移端口接收到分组,以改变订单字段以指定该分组现在应该被发送到出口端口。
    • 6. 发明授权
    • Rules engine for access control lists in network units
    • 以网络为单位的访问控制列表的规则引擎
    • US07480299B2
    • 2009-01-20
    • US11064227
    • 2005-02-22
    • Daniel Martin O'KeeffeEugene O'NeillEdele O'MalleyKam Choi
    • Daniel Martin O'KeeffeEugene O'NeillEdele O'MalleyKam Choi
    • H04L12/28G06F7/04
    • H04L45/00H04L45/60H04L45/7453H04L47/20
    • A rules engine for the examination of selected fields in an addressed data packet has an access control list table of which the entries each define an access control list rule, an action and a chain identifier. The access control list rule may be a basic rule which refers to network addresses and transport layer port numbers. The rules engine also has an extension rule table of which the entries each define an extension rule, a respective action and a respective rule identifier. The extension rule may refer to a particular TCP flag. When a packet arrives, the engine searches both tables. This search is made independently of the ordinary network layer or link layer address lookup. If there is a match in both tables, and the chain identifier matches the extension rule identifier, the rules engine prescribes the action associated with the extension rule. If the chain identifier of a matched access control list rule does not match a rule identifier of a matched extension rule the rules engine prescribes the action associated with the basic rule. In the absence of a match with any access control list rule the action on a packet is based on the result from the ordinary address lookup.
    • 用于检查寻址数据分组中的所选字段的规则引擎具有访问控制列表,其中条目各自定义访问控制列表规则,动作和链标识符。 访问控制列表规则可以是参考网络地址和传输层端口号的基本规则。 规则引擎还具有扩展规则表,其中条目各自定义扩展规则,相应的动作和相应的规则标识符。 扩展规则可以指特定的TCP标志。 当数据包到达时,引擎将搜索两个表。 该搜索独立于普通网络层或链路层地址查找。 如果两个表中都有匹配,并且链标识符与扩展规则标识符匹配,则规则引擎规定与扩展规则相关联的操作。 如果匹配的访问控制列表规则的链标识符与匹配的扩展规则的规则标识符不匹配,则规则引擎规定与基本规则相关联的动作。 在没有与任何访问控制列表规则匹配的情况下,数据包上的操作基于普通地址查找的结果。
    • 10. 发明授权
    • Cascade system for network units
    • 级联系统为网络单元
    • US07289496B2
    • 2007-10-30
    • US10067738
    • 2002-02-08
    • Bryan J DonoghueQuang T TranEugene O'NeillDavid J LawPaul J MoranEdele O'MalleyJerome NolanKam ChoiMaurice A Goodfellow
    • Bryan J DonoghueQuang T TranEugene O'NeillDavid J LawPaul J MoranEdele O'MalleyJerome NolanKam ChoiMaurice A Goodfellow
    • H04L12/50
    • H04L12/433
    • Network units such as switches for use in a cascaded stack are organised to provide a cascade connection in the form of a dual unidirectional connection so that, in its ordinary configuration, there is at least one and preferably more than one unidirectional ring for each direction around the cascade, each ring including a respective port on each unit. For each ring, each port on a unit is connected by a respective link to a corresponding port on the preceding unit and the following unit. The units provide a self-healing operation in the event of various kinds of operational failure. The self-healing operation includes loop-back of packets in units adjacent the failure and bypass of a packet switching process for other units. The units include control logic for passing control frames containing status information relating to the units and links between them and for co-operation with a CPU to control a switching engine to perform the self-healing operation in accordance with that status information. The units forward on the cascade packets with headers that identify a destination port and the unit on which that port is located and also indicate which units have and have not been traversed by a packet.
    • 网络单元(例如用于级联堆叠中的开关)被组织以提供双向单向连接形式的级联连接,使得在其普通配置中,每个方向周围存在至少一个并且优选地多于一个单向环 级联,每个环包括每个单元上的相应端口。 对于每个环,单元上的每个端口通过相应的链路连接到前一单元上的相应端口和随后的单元。 在各种操作故障的情况下,这些单元提供自愈操作。 自修复操作包括以故障为单位的分组的环回,并且对其他单元进行分组交换过程的旁路。 这些单元包括控制逻辑,用于传递包含与它们之间的单元和链接相关的状态信息的控制帧,并且用于与CPU协作以控制切换引擎以根据该状态信息执行自愈操作。 单元在级联数据包上转发标识目的端口和该端口所在单元的报头,并指示哪些单元已经和没有被数据包遍历。