专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

US20080229095A1 METHOD AND APPARATUS FOR DYNAMICALLY SECURING VOICE AND OTHER DELAY-SENSITIVE NETWORK TRAFFIC 有权
标题翻译：用于动态安全语音和其他延迟敏感网络交通的方法和装置
公开(公告)号：US20080229095A1
公开(公告)日：2008-09-18
申请号：US12109125
申请日：2008-04-24
申请人： Ramesh Kalimuthu , Yogesh Kalley , Michael L. Sullenberger , Jan Vilhuber
发明人： Ramesh Kalimuthu , Yogesh Kalley , Michael L. Sullenberger , Jan Vilhuber
IPC分类号： G06F21/00 , H04L9/00
CPC分类号： H04L63/0272 , H04L63/164
摘要： A method comprises receiving a request for secure network traffic from a device having a private network address at a source node, obtaining the private network address of a requested destination device at a destination node from a route server based on signaling information associated with the request, obtaining the public network address of the destination node associated with the private network address, creating in response to the request a virtual circuit between the source node and the destination node based on the public network address of the destination node, and encrypting network traffic for transporting at least from the source node to the destination node through the virtual circuit. The process is dynamic in that the virtual circuit is created in response to the request. Hence, the process operates as if a fully meshed network exists but requires less provisioning and maintenance than a fully meshed network architecture. Furthermore, the process is readily scalable as if a hub and spoke network exists but is more suitable for delay-sensitive traffic, such as voice and video, than a hub and spoke network architecture.
摘要翻译：一种方法包括从源节点处的具有专用网络地址的设备接收对安全网络业务的请求，基于与该请求相关联的信令信息从路由服务器获得目的地节点上所请求的目的地设备的私有网络地址，获取与专用网络地址相关联的目的地节点的公共网络地址，根据请求，根据目的地节点的公共网络地址创建源节点和目的地节点之间的虚拟电路，并加密用于传输的网络流量至少通过虚拟电路从源节点到目的地节点。该过程是动态的，因为根据请求创建虚拟电路。因此，该过程就像完全网状网络存在一样，但需要比全网状网络架构更少的配置和维护。此外，该过程很容易扩展，就好像集线器和分支网络存在，但是比中心和分支网络架构更适合延迟敏感的业务，如语音和视频。

2. 发明授权

US07366894B1 Method and apparatus for dynamically securing voice and other delay-sensitive network traffic 有权
标题翻译：用于动态保护语音和其他延迟敏感网络流量的方法和装置
公开(公告)号：US07366894B1
公开(公告)日：2008-04-29
申请号：US10305762
申请日：2002-11-27
申请人： Ramesh Kalimuthu , Yogesh Kalley , Michael L. Sullenberger , Jan Vilhuber
发明人： Ramesh Kalimuthu , Yogesh Kalley , Michael L. Sullenberger , Jan Vilhuber
IPC分类号： H04L9/00 , G06F9/00
CPC分类号： H04L63/0272 , H04L63/164
摘要： A request is received for secure network traffic from a device having a private network address at a source node. The private network address of a requested destination device is obtained at a destination node from a route server based on signaling information associated with the request. The public network address of the destination node associated with the private network address is obtained. In response to the request, a virtual circuit is created between the source node and the destination node based on the public network address of the destination node. Network traffic is encrypted for transport at least from the source node to the destination node through the virtual circuit. Creating the virtual circuit dynamically in response to the request functions like a fully meshed network but requires less provisioning and maintenance. The process is readily scalable, as with a hub and spoke network but with less delay.
摘要翻译：从源节点处具有专用网络地址的设备接收到用于安全网络流量的请求。基于与请求相关联的信令信息，从路由服务器在目的地节点处获得所请求的目的地设备的私有网络地址。获取与专用网络地址相关联的目的地节点的公网地址。响应于该请求，基于目的地节点的公共网络地址，在源节点和目的地节点之间创建虚拟电路。网络流量被加密以至少通过虚拟电路从源节点传送到目的地节点。根据请求功能动态创建虚拟电路，如全网状网络，但需要较少的配置和维护。这个过程很容易扩展，就像中心和辐射网络一样，延迟较少。

3. 发明授权

US08499095B1 Methods and apparatus for providing shortcut switching for a virtual private network 有权
标题翻译：为虚拟专用网提供快捷切换的方法和装置
公开(公告)号：US08499095B1
公开(公告)日：2013-07-30
申请号：US11440551
申请日：2006-05-25
申请人： Michael L. Sullenberger , Manikchand R. Bafna , Frederic R. P. Detienne
发明人： Michael L. Sullenberger , Manikchand R. Bafna , Frederic R. P. Detienne
IPC分类号： G06F15/173 , G06F15/16 , H04L12/28 , H04B7/212
CPC分类号： H04L12/4641 , H04L12/4633 , H04L45/04
摘要： A system receives a request at a hub. The request is received from a first spoke regarding a packet to be transmitted from the first spoke to a second spoke. The system identifies, at the time of the request, a preferred route from the first spoke to the second spoke. The system sends a redirect message to the first spoke, the redirect message directing the packet along the preferred route. The system transmits, from a first spoke to a hub, a first request associated with a packet. In response, the system receives, at the first spoke, a redirect message from the hub. The redirect message identifies a preferred route by which the first spoke transmits the packet to a second spoke. The system creates, at the first spoke, a second request containing a destination address of the second spoke, and transmits the second request along the preferred route.
摘要翻译：系统在集线器处接收请求。从关于要从第一辐条传送到第二辐条的包的第一个辐条接收到该请求。该系统在请求时识别从第一轮辐到第二轮辐的优选路线。系统向第一个辐条发送重定向消息，重定向消息沿着优选路由指示数据包。系统从第一分支发送与分组相关联的第一请求。作为响应，系统在第一个讲话处接收到来自集线器的重定向消息。重定向消息标识首选路由的首选路由，将该分组发送到第二个辐条。该系统在第一个辐条处创建包含第二个辐条的目标地址的第二个请求，并沿着首选路由发送第二个请求。

4. 发明授权

US08019889B1 Method and apparatus for making end-host network address translation (NAT) global address and port ranges aware 有权
标题翻译：终端主机网络地址转换（NAT）全局地址和端口范围的方法和设备
公开(公告)号：US08019889B1
公开(公告)日：2011-09-13
申请号：US10160321
申请日：2002-05-31
申请人： Kaushik P. Biswas , Siva S. Jayasenan , Michael L. Sullenberger , Mark A. Denny
发明人： Kaushik P. Biswas , Siva S. Jayasenan , Michael L. Sullenberger , Mark A. Denny
IPC分类号： G06F15/16
CPC分类号： H04L61/2575 , H04L29/12226 , H04L29/12528 , H04L61/2015
摘要： Disclosed are methods and apparatus for handling data having an embedded address (and port). In general terms, a host of a private network is operable to obtain from its corresponding edge router a global address (GA) and optionally an additional global port range (GPR). When the host then wishes to transmit data out of the private network, the obtained GA (and GPR) may then be used for an embedded address (and port) within data sent by the host to a public network. The obtained GA (and GPR) may also be used by the host to translate its own source address and port in its IP and/or TCP/UDP header if needed.
摘要翻译：公开了用于处理具有嵌入地址（和端口）的数据的方法和装置。一般来说，专用网络的主机可操作以从其对应的边缘路由器获得全局地址（GA）和可选的附加全局端口范围（GPR）。当主机希望从私有网络发送数据时，获得的GA（和GPR）然后可以用于由主机发送到公共网络的数据内的嵌入式地址（和端口）。如果需要，所获得的GA（和GPR）也可以被主机用于在其IP和/或TCP / UDP报头中翻译其自己的源地址和端口。

5. 发明授权

US07917948B2 Method and apparatus for dynamically securing voice and other delay-sensitive network traffic 有权
标题翻译：用于动态保护语音和其他延迟敏感网络流量的方法和装置
公开(公告)号：US07917948B2
公开(公告)日：2011-03-29
申请号：US12109125
申请日：2008-04-24
申请人： Ramesh Kalimuthu , Yogesh Kalley , Michael L. Sullenberger , Jan Vilhuber
发明人： Ramesh Kalimuthu , Yogesh Kalley , Michael L. Sullenberger , Jan Vilhuber
IPC分类号： G06F9/00 , G06F15/16
CPC分类号： H04L63/0272 , H04L63/164
摘要： A method comprises receiving a request for secure network traffic from a device having a private network address at a source node, obtaining the private network address of a requested destination device at a destination node from a route server based on signaling information associated with the request, obtaining the public network address of the destination node associated with the private network address, creating in response to the request a virtual circuit between the source node and the destination node based on the public network address of the destination node, and encrypting network traffic for transporting at least from the source node to the destination node through the virtual circuit. The process is dynamic in that the virtual circuit is created in response to the request. Hence, the process operates as if a fully meshed network exists but requires less provisioning and maintenance than a fully meshed network architecture. Furthermore, the process is readily scalable as if a hub and spoke network exists but is more suitable for delay-sensitive traffic, such as voice and video, than a hub and spoke network architecture.
摘要翻译：一种方法包括从源节点处的具有专用网络地址的设备接收对安全网络业务的请求，基于与该请求相关联的信令信息从路由服务器获得目的地节点上所请求的目的地设备的私有网络地址，获取与专用网络地址相关联的目的地节点的公共网络地址，根据请求，根据目的地节点的公共网络地址创建源节点和目的地节点之间的虚拟电路，并加密用于传输的网络流量至少通过虚拟电路从源节点到目的地节点。该过程是动态的，因为根据请求创建虚拟电路。因此，该过程就像完全网状网络存在一样，但需要比全网状网络架构更少的配置和维护。此外，该过程很容易扩展，就好像集线器和分支网络存在，但是比中心和分支网络架构更适合延迟敏感的业务，如语音和视频。

6. 发明授权

US07447901B1 Method and apparatus for establishing a dynamic multipoint encrypted virtual private network 有权
标题翻译：用于建立动态多点加密虚拟专用网络的方法和装置
公开(公告)号：US07447901B1
公开(公告)日：2008-11-04
申请号：US10247695
申请日：2002-09-18
申请人： Michael L. Sullenberger , Jan Vilhuber
发明人： Michael L. Sullenberger , Jan Vilhuber
IPC分类号： H04L9/00
CPC分类号： H04L63/0272 , H04L63/164
摘要： A process is disclosed in which a security policy is associated with a virtual private network (VPN) interface at a first device, for example, a router. Input is received specifying an association of a VPN endpoint address to a corresponding routable network address of a second device. A message is issued to a security module at the first device, the message including the routable network address of the second device and the security policy. Encryption state information is generated for network traffic from the first device to the second device, based on the message. The process is applicable to a hub-and-spoke network architecture that utilizes a point-to-multipoint GRE tunnel and the IPsec protocol for security. The process is dynamic in that the encryption state is generated for traffic over a VPN link, in response to notification of a virtual address-to-real address mapping, i.e., the association. In an embodiment, the association is an NHRP mapping.
摘要翻译：公开了一种过程，其中安全策略与第一设备（例如路由器）处的虚拟专用网（VPN）接口相关联。接收输入，指定VPN端点地址与第二设备的对应可路由网络地址的关联。向第一设备的安全模块发出消息，该消息包括第二设备的可路由网络地址和安全策略。基于该消息，为从第一设备到第二设备的网络流量生成加密状态信息。该过程适用于使用点对多点GRE隧道和IPsec协议进行安全性的中心辐射网络架构。该过程是动态的，其中响应于虚拟地址到实际地址映射的通知，即关联，通过VPN链路为业务生成加密状态。在一个实施例中，关联是NHRP映射。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式