会员体验
专利管家(专利管理)
工作空间(专利管理)
风险监控(情报监控)
数据分析(专利分析)
侵权分析(诉讼无效)
联系我们
交流群
官方交流:
QQ群: 891211   
微信请扫码    >>>
现在联系顾问~
热词
    • 1. 发明申请
    • METHOD AND APPARATUS FOR DYNAMICALLY SECURING VOICE AND OTHER DELAY-SENSITIVE NETWORK TRAFFIC
    • 用于动态安全语音和其他延迟敏感网络交通的方法和装置
    • US20080229095A1
    • 2008-09-18
    • US12109125
    • 2008-04-24
    • Ramesh KalimuthuYogesh KalleyMichael L. SullenbergerJan Vilhuber
    • Ramesh KalimuthuYogesh KalleyMichael L. SullenbergerJan Vilhuber
    • G06F21/00H04L9/00
    • H04L63/0272H04L63/164
    • A method comprises receiving a request for secure network traffic from a device having a private network address at a source node, obtaining the private network address of a requested destination device at a destination node from a route server based on signaling information associated with the request, obtaining the public network address of the destination node associated with the private network address, creating in response to the request a virtual circuit between the source node and the destination node based on the public network address of the destination node, and encrypting network traffic for transporting at least from the source node to the destination node through the virtual circuit. The process is dynamic in that the virtual circuit is created in response to the request. Hence, the process operates as if a fully meshed network exists but requires less provisioning and maintenance than a fully meshed network architecture. Furthermore, the process is readily scalable as if a hub and spoke network exists but is more suitable for delay-sensitive traffic, such as voice and video, than a hub and spoke network architecture.
    • 一种方法包括从源节点处的具有专用网络地址的设备接收对安全网络业务的请求,基于与该请求相关联的信令信息从路由服务器获得目的地节点上所请求的目的地设备的私有网络地址, 获取与专用网络地址相关联的目的地节点的公共网络地址,根据请求,根据目的地节点的公共网络地址创建源节点和目的地节点之间的虚拟电路,并加密用于传输的网络流量 至少通过虚拟电路从源节点到目的地节点。 该过程是动态的,因为根据请求创建虚拟电路。 因此,该过程就像完全网状网络存在一样,但需要比全网状网络架构更少的配置和维护。 此外,该过程很容易扩展,就好像集线器和分支网络存在,但是比中心和分支网络架构更适合延迟敏感的业务,如语音和视频。
    • 2. 发明授权
    • Method and apparatus for dynamically securing voice and other delay-sensitive network traffic
    • 用于动态保护语音和其他延迟敏感网络流量的方法和装置
    • US07366894B1
    • 2008-04-29
    • US10305762
    • 2002-11-27
    • Ramesh KalimuthuYogesh KalleyMichael L. SullenbergerJan Vilhuber
    • Ramesh KalimuthuYogesh KalleyMichael L. SullenbergerJan Vilhuber
    • H04L9/00G06F9/00
    • H04L63/0272H04L63/164
    • A request is received for secure network traffic from a device having a private network address at a source node. The private network address of a requested destination device is obtained at a destination node from a route server based on signaling information associated with the request. The public network address of the destination node associated with the private network address is obtained. In response to the request, a virtual circuit is created between the source node and the destination node based on the public network address of the destination node. Network traffic is encrypted for transport at least from the source node to the destination node through the virtual circuit. Creating the virtual circuit dynamically in response to the request functions like a fully meshed network but requires less provisioning and maintenance. The process is readily scalable, as with a hub and spoke network but with less delay.
    • 从源节点处具有专用网络地址的设备接收到用于安全网络流量的请求。 基于与请求相关联的信令信息,从路由服务器在目的地节点处获得所请求的目的地设备的私有网络地址。 获取与专用网络地址相关联的目的地节点的公网地址。 响应于该请求,基于目的地节点的公共网络地址,在源节点和目的地节点之间创建虚拟电路。 网络流量被加密以至少通过虚拟电路从源节点传送到目的地节点。 根据请求功能动态创建虚拟电路,如全网状网络,但需要较少的配置和维护。 这个过程很容易扩展,就像中心和辐射网络一样,延迟较少。
    • 5. 发明授权
    • Method and apparatus for dynamically securing voice and other delay-sensitive network traffic
    • 用于动态保护语音和其他延迟敏感网络流量的方法和装置
    • US07917948B2
    • 2011-03-29
    • US12109125
    • 2008-04-24
    • Ramesh KalimuthuYogesh KalleyMichael L. SullenbergerJan Vilhuber
    • Ramesh KalimuthuYogesh KalleyMichael L. SullenbergerJan Vilhuber
    • G06F9/00G06F15/16
    • H04L63/0272H04L63/164
    • A method comprises receiving a request for secure network traffic from a device having a private network address at a source node, obtaining the private network address of a requested destination device at a destination node from a route server based on signaling information associated with the request, obtaining the public network address of the destination node associated with the private network address, creating in response to the request a virtual circuit between the source node and the destination node based on the public network address of the destination node, and encrypting network traffic for transporting at least from the source node to the destination node through the virtual circuit. The process is dynamic in that the virtual circuit is created in response to the request. Hence, the process operates as if a fully meshed network exists but requires less provisioning and maintenance than a fully meshed network architecture. Furthermore, the process is readily scalable as if a hub and spoke network exists but is more suitable for delay-sensitive traffic, such as voice and video, than a hub and spoke network architecture.
    • 一种方法包括从源节点处的具有专用网络地址的设备接收对安全网络业务的请求,基于与该请求相关联的信令信息从路由服务器获得目的地节点上所请求的目的地设备的私有网络地址, 获取与专用网络地址相关联的目的地节点的公共网络地址,根据请求,根据目的地节点的公共网络地址创建源节点和目的地节点之间的虚拟电路,并加密用于传输的网络流量 至少通过虚拟电路从源节点到目的地节点。 该过程是动态的,因为根据请求创建虚拟电路。 因此,该过程就像完全网状网络存在一样,但需要比全网状网络架构更少的配置和维护。 此外,该过程很容易扩展,就好像集线器和分支网络存在,但是比中心和分支网络架构更适合延迟敏感的业务,如语音和视频。
    • 6. 发明授权
    • Method and apparatus for establishing a dynamic multipoint encrypted virtual private network
    • 用于建立动态多点加密虚拟专用网络的方法和装置
    • US07447901B1
    • 2008-11-04
    • US10247695
    • 2002-09-18
    • Michael L. SullenbergerJan Vilhuber
    • Michael L. SullenbergerJan Vilhuber
    • H04L9/00
    • H04L63/0272H04L63/164
    • A process is disclosed in which a security policy is associated with a virtual private network (VPN) interface at a first device, for example, a router. Input is received specifying an association of a VPN endpoint address to a corresponding routable network address of a second device. A message is issued to a security module at the first device, the message including the routable network address of the second device and the security policy. Encryption state information is generated for network traffic from the first device to the second device, based on the message. The process is applicable to a hub-and-spoke network architecture that utilizes a point-to-multipoint GRE tunnel and the IPsec protocol for security. The process is dynamic in that the encryption state is generated for traffic over a VPN link, in response to notification of a virtual address-to-real address mapping, i.e., the association. In an embodiment, the association is an NHRP mapping.
    • 公开了一种过程,其中安全策略与第一设备(例如路由器)处的虚拟专用网(VPN)接口相关联。 接收输入,指定VPN端点地址与第二设备的对应可路由网络地址的关联。 向第一设备的安全模块发出消息,该消息包括第二设备的可路由网络地址和安全策略。 基于该消息,为从第一设备到第二设备的网络流量生成加密状态信息。 该过程适用于使用点对多点GRE隧道和IPsec协议进行安全性的中心辐射网络架构。 该过程是动态的,其中响应于虚拟地址到实际地址映射的通知,即关联,通过VPN链路为业务生成加密状态。 在一个实施例中,关联是NHRP映射。