专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

US20130262651A1 METHODS AND APPARATUS FOR IMPROVING COMPATIBILITY BETWEEN NETWORK DEVICES 有权
标题翻译：提高网络设备之间兼容性的方法和设备
公开(公告)号：US20130262651A1
公开(公告)日：2013-10-03
申请号：US13431128
申请日：2012-03-27
申请人： Sandip Shah , Surinder Singh
发明人： Sandip Shah , Surinder Singh
IPC分类号： G06F15/173
CPC分类号： G06F8/63 , G06F8/65 , G06F8/658 , G06F17/30268 , H04L41/0853 , H04L41/0866 , H04L41/0873 , H04L63/123
摘要： In some embodiments, an apparatus includes a network device configured to receive an anomaly database of a first image that stores a set of differences between the first image and a base image. The network device is configured to compare the anomaly database of the first image with an anomaly database of a second image storing a set of differences between the second image and the base image to determine if the first and second images include at least one incompatible critical feature or incompatible non-critical feature. The network device is configured to send a signal associated with a first action if the first and second images include the at least one incompatible critical feature. The network device is configured to send a signal associated with a second action different from the first action if the first and second images include the at least one incompatible non-critical feature.
摘要翻译：在一些实施例中，一种装置包括被配置为接收存储第一图像和基本图像之间的一组差异的第一图像的异常数据库的网络装置。网络设备被配置为将第一图像的异常数据库与存储第二图像和基本图像之间的一组差异的第二图像的异常数据库进行比较，以确定第一和第二图像是否包括至少一个不兼容的关键特征或不兼容的非关键功能。如果第一和第二图像包括至少一个不兼容的关键特征，则网络设备被配置为发送与第一动作相关联的信号。网络设备被配置为如果第一和第二图像包括至少一个不兼容的非关键特征，则发送与不同于第一动作的第二动作相关联的信号。

2. 发明授权

US09148343B2 Methods and apparatus for improving compatibility between network devices 有权
标题翻译：提高网络设备兼容性的方法和设备
公开(公告)号：US09148343B2
公开(公告)日：2015-09-29
申请号：US13431128
申请日：2012-03-27
申请人： Sandip Shah , Surinder Singh
发明人： Sandip Shah , Surinder Singh
IPC分类号： H04L12/24 , G06F9/445 , G06F9/44
CPC分类号： G06F8/63 , G06F8/65 , G06F8/658 , G06F17/30268 , H04L41/0853 , H04L41/0866 , H04L41/0873 , H04L63/123
摘要： In some embodiments, an apparatus includes a network device configured to receive an anomaly database of a first image that stores a set of differences between the first image and a base image. The network device is configured to compare the anomaly database of the first image with an anomaly database of a second image storing a set of differences between the second image and the base image to determine if the first and second images include at least one incompatible critical feature or incompatible non-critical feature. The network device is configured to send a signal associated with a first action if the first and second images include the at least one incompatible critical feature. The network device is configured to send a signal associated with a second action different from the first action if the first and second images include the at least one incompatible non-critical feature.
摘要翻译：在一些实施例中，一种装置包括被配置为接收存储第一图像和基本图像之间的一组差异的第一图像的异常数据库的网络装置。网络设备被配置为将第一图像的异常数据库与存储第二图像和基本图像之间的一组差异的第二图像的异常数据库进行比较，以确定第一和第二图像是否包括至少一个不兼容的关键特征或不兼容的非关键功能。如果第一和第二图像包括至少一个不兼容的关键特征，则网络设备被配置为发送与第一动作相关联的信号。网络设备被配置为如果第一和第二图像包括至少一个不兼容的非关键特征，则发送与不同于第一动作的第二动作相关联的信号。

3. 发明授权

US08767526B1 Supplicant framework to handle clientless devices on a dot1x platform 有权
标题翻译：请求框架来处理dot1x平台上的无客户端设备
公开(公告)号：US08767526B1
公开(公告)日：2014-07-01
申请号：US12978987
申请日：2010-12-27
申请人： Manjunath Jagannatharao , Nipa Kumar , Sandip Shah , Nagendra Krishna Sundaranathan
发明人： Manjunath Jagannatharao , Nipa Kumar , Sandip Shah , Nagendra Krishna Sundaranathan
IPC分类号： H04L29/06
CPC分类号： H04L63/205 , H04L63/162 , H04W12/06
摘要： A network device may include a supplicant framework to generate a first 802.1x packet using a MAC address, associated with a first device as a first username and password in the first 802.1x packet; and generate a second 802.1x packet using a second username and password received from a second device via a captive-portal web page. The network device may further include an authenticator state machine to authenticate the first device with a Remote Authentication Dial In User Service (RADIUS) server using a first Extensible Authentication Protocol (EAP) packet that includes the first 802.1x packet; authenticate the second device with the RADIUS server using a second EAP packet that includes the second 802.1x packet; receive a third EAP packet from a third device; and authenticate the third device with the RADIUS server using the third EAP packet.
摘要翻译：网络设备可以包括请求方框架，以使用与第一设备相关联的MAC地址生成第一802.1x分组作为第一802.1x分组中的第一用户名和密码; 以及使用从第二设备经由捕获门户网页接收的第二用户名和密码生成第二802.1x分组。网络设备还可以包括认证器状态机，以使用包括第一802.1x分组的第一可扩展认证协议（EAP）分组来使用远程认证拨入用户服务（RADIUS）服务器来认证第一设备; 使用包括第二802.1x分组的第二EAP分组来向RADIUS服务器认证第二设备; 从第三设备接收第三EAP分组; 并使用第三个EAP数据包使用RADIUS服务器认证第三个设备。

4. 发明授权

US08880869B1 Secure wireless local area network (WLAN) for data and control traffic 有权
标题翻译：安全无线局域网（WLAN），用于数据和控制流量
公开(公告)号：US08880869B1
公开(公告)日：2014-11-04
申请号：US12951497
申请日：2010-11-22
申请人： Sandip Shah , Jeffrey L Pochop, Jr.
发明人： Sandip Shah , Jeffrey L Pochop, Jr.
IPC分类号： H04L29/06 , H04L9/32
CPC分类号： H04W12/08 , H04L9/0637 , H04L9/0838 , H04L9/3242 , H04L29/06 , H04L45/72 , H04L63/0464 , H04L63/0876 , H04L63/162 , H04L63/205 , H04W12/00 , H04W12/02 , H04W12/04 , H04W76/14 , H04W84/12
摘要： A device receives capability information associated with a next hop device of a wireless local area network (WLAN). The device also determines, based on the capability information, whether the next hop device is capable of implementing security for traffic, where the security includes a media access control (MAC) security standard and a layer 2 link security standard. The device further creates, via the MAC security standard, a secure channel with the next hop device when the next hop device is capable of providing security for traffic.
摘要翻译：设备接收与无线局域网（WLAN）的下一跳设备相关联的能力信息。该设备还基于能力信息确定下一跳设备是否能够实现业务的安全性，其中安全性包括媒体接入控制（MAC）安全标准和第2层链路安全标准。当下一跳设备能够为业务提供安全性时，设备还通过MAC安全标准创建具有下一跳设备的安全信道。

5. 发明授权

US08332927B1 Merging filter rules to reduce forwarding path lookup cycles 有权
标题翻译：合并过滤器规则以减少转发路径查找周期
公开(公告)号：US08332927B1
公开(公告)日：2012-12-11
申请号：US13294031
申请日：2011-11-10
申请人： Sandip Shah
发明人： Sandip Shah
IPC分类号： G06F15/16
CPC分类号： H04L63/0263 , H04L63/02 , H04L63/0209
摘要： The invention is directed to techniques for managing filter rules applied to network traffic at a network device. A network device merges multiple filter rules associated with separate filter matching modules to reduce lookup cycles in a forwarding path of the network device. The network device may thus simultaneously apply multiple filter rules in a reduced number of clock cycles. A network device comprises an interface that receives packets from a network, a filter memory that stores a plurality of filters, and a plurality of filter matching modules that apply the filters to packets in a forwarding path of the network device. A filter control module merges two or more filters each associated with a different one of the filter matching modules into a single merged filter, and stores the merged filter to the filter memory. The network device applies the merged filter to packets in the forwarding path.
摘要翻译：本发明涉及用于管理应用于网络设备上的网络业务的过滤规则的技术。网络设备合并与单独的过滤器匹配模块相关联的多个过滤规则，以减少网络设备的转发路径中的查找周期。因此，网络设备可以以减少数量的时钟周期同时应用多个过滤器规则。网络设备包括从网络接收分组的接口，存储多个过滤器的过滤器存储器和将过滤器应用于网络设备的转发路径中的分组的多个过滤器匹配模块。滤波器控制模块将与滤波器匹配模块中的不同滤波器匹配模块相关联的两个或更多个滤波器合并为单个合并的滤波器，并将合并的滤波器存储到滤波器存储器。网络设备将合并的过滤器应用于转发路径中的报文。

6. 发明授权

US08874838B2 Providing dynamic databases for a TCAM 有权
标题翻译：为TCAM提供动态数据库
公开(公告)号：US08874838B2
公开(公告)日：2014-10-28
申请号：US12647802
申请日：2009-12-28
申请人： Sandip Shah , Jing Ai
发明人： Sandip Shah , Jing Ai
IPC分类号： G06F12/00
CPC分类号： H04L49/10
摘要： A network device allocates a particular number of memory blocks in a ternary content-addressable memory (TCAM) of the network device to each database of multiple databases, and creates a list of additional memory blocks in an external TCAM of the network device. The network device also receives, by the external TCAM, a request for an additional memory block to provide one or more rules from one of the multiple databases, and allocates, by the external TCAM and to the requesting database, an additional memory block from the list of additional memory blocks.
摘要翻译：网络设备将网络设备的三元内容可寻址存储器（TCAM）中的特定数量的存储器块分配给多个数据库的每个数据库，并且在网络设备的外部TCAM中创建附加存储器块的列表。网络设备还通过外部TCAM接收对附加存储器块的请求，以从多个数据库之一提供一个或多个规则，并由外部TCAM和请求数据库分配来自所述多个数据库的附加存储器块附加内存块列表。

7. 发明授权

US08205040B1 Storing content in a ternary content addressable memory 有权
标题翻译：将内容存储在三进制内容可寻址内存中
公开(公告)号：US08205040B1
公开(公告)日：2012-06-19
申请号：US12021994
申请日：2008-01-29
申请人： Atul Mahamuni , Sandip Shah , Rudramahesh Rugge
发明人： Atul Mahamuni , Sandip Shah , Rudramahesh Rugge
IPC分类号： G06F13/00 , G06F13/28
CPC分类号： G06F13/28 , G11C15/00
摘要： A device may select a longest run of contiguous unwritten pages from multiple runs of contiguous unwritten pages provided in a ternary content addressable memory, and may write a rule on a page that is located at a middle portion of the longest run to create two runs of contiguous unwritten pages. The device may also receive a packet, and may apply the rule to the packet.
摘要翻译：设备可以从在三进制内容可寻址存储器中提供的多个连续的未写入页面中选择连续的未写入页面的最长行程，并且可以在位于最长行程的中间部分的页面上写入规则，以创建两次连续不成文的页面。设备还可以接收分组，并且可以将规则应用于分组。

8. 发明授权

US08065721B1 Merging filter rules to reduce forwarding path lookup cycles 有权
标题翻译：合并过滤器规则以减少转发路径查找周期
公开(公告)号：US08065721B1
公开(公告)日：2011-11-22
申请号：US11837081
申请日：2007-08-10
申请人： Sandip Shah
发明人： Sandip Shah
IPC分类号： G06F15/16
CPC分类号： H04L63/0263 , H04L63/02 , H04L63/0209
摘要： The invention is directed to techniques for managing filter rules applied to network traffic at a network device. A network device merges multiple filter rules associated with separate filter matching modules to reduce lookup cycles in a forwarding path of the network device. The network device may thus simultaneously apply multiple filter rules in a reduced number of clock cycles. A network device comprises an interface that receives packets from a network, a filter memory that stores a plurality of filters, and a plurality of filter matching modules that apply the filters to packets in a forwarding path of the network device. A filter control module merges two or more filters each associated with a different one of the filter matching modules into a single merged filter, and stores the merged filter to the filter memory. The network device applies the merged filter to packets in the forwarding path.
摘要翻译：本发明涉及用于管理应用于网络设备上的网络业务的过滤规则的技术。网络设备合并与单独的过滤器匹配模块相关联的多个过滤规则，以减少网络设备的转发路径中的查找周期。因此，网络设备可以以减少数量的时钟周期同时应用多个过滤器规则。网络设备包括从网络接收分组的接口，存储多个过滤器的过滤器存储器和将过滤器应用于网络设备的转发路径中的分组的多个过滤器匹配模块。滤波器控制模块将与滤波器匹配模块中的不同滤波器匹配模块相关联的两个或更多个滤波器合并为单个合并的滤波器，并将合并的滤波器存储到滤波器存储器。网络设备将合并的过滤器应用于转发路径中的报文。

9. 发明申请

US20090125470A1 System and Method for Managing Access Control Lists 审中-公开
标题翻译：用于管理访问控制列表的系统和方法
公开(公告)号：US20090125470A1
公开(公告)日：2009-05-14
申请号：US11938060
申请日：2007-11-09
申请人： Sandip Shah , Sandeep Bajaj
发明人： Sandip Shah , Sandeep Bajaj
IPC分类号： G06F17/00 , G06F21/00 , G06N5/00
CPC分类号： H04L63/0263 , G06N5/025
摘要： Systems and methods consistent with the present invention provide better scheme for updating access control list (ACL) rule entries in a ternary content addressable memory (TCAM). In a firewall, ACL rules are scanned for each packet arriving in a router or switch to determine if a match exists between the packet and any of the patterns. Depending on the pattern matched, the corresponding action may be either to accept or to deny the packet. These rules are stored in a TCAM, and new or updated rules may be added to the TCAM. Systems and methods consistent with the present invention determine whether the new or updated rule has a dependency conflict with existing rules in the TCAM. If not, the rule can be inserted anywhere in the TCAM. Accordingly, the TCAM associated with a firewall's ACL can be updated more quickly and efficiently.
摘要翻译：与本发明一致的系统和方法为更新三元内容可寻址存储器（TCAM）中的访问控制列表（ACL）规则条目提供了更好的方案。在防火墙中，对于到达路由器或交换机的每个数据包扫描ACL规则，以确定数据包与任何模式之间是否存在匹配。根据匹配的模式，相应的动作可能是接受或拒绝数据包。这些规则存储在TCAM中，新的或更新的规则可以添加到TCAM。与本发明一致的系统和方法确定新的或更新的规则是否具有与TCAM中现有规则的依赖冲突。如果没有，该规则可以插入TCAM的任何地方。因此，可以更快更有效地更新与防火墙ACL相关联的TCAM。

10. 发明申请

US20080209438A1 METHOD AND APPARATUS FOR A SERVICE CONTROL LAYER 有权
标题翻译：一种服务控制层的方法和装置
公开(公告)号：US20080209438A1
公开(公告)日：2008-08-28
申请号：US12039100
申请日：2008-02-28
申请人： Callum Peter Jackson , Lee Keith Longmore , Sandip Shah , Yuk-Lun Wong
发明人： Callum Peter Jackson , Lee Keith Longmore , Sandip Shah , Yuk-Lun Wong
IPC分类号： G06F13/14
CPC分类号： H04L67/2823 , G06Q10/107 , H04L65/1016 , H04L65/40 , H04L67/28 , H04L67/327
摘要： This invention relates to a method, system and computer program product for managing a service message in a service oriented architecture system including a service provider, a service consumer and a set of control services, the method, system and computer program product comprising the following steps: receiving a service message; selecting a group of rules from a set of rule groups depending on the type of service message; selecting a control service from a set of control services and instructing the selected control service according to one or more of the rules from the selected rules group applied to the service message.
摘要翻译：本发明涉及一种用于在面向服务的架构系统中管理服务消息的方法，系统和计算机程序产品，该系统包括服务提供商，服务使用者和一组控制服务，所述方法，系统和计算机程序产品包括以下步骤：接收服务消息; 根据服务消息的类型从一组规则组中选择一组规则; 从一组控制服务中选择一个控制服务，并根据应用于服务消息的所选择的规则组中的一个或多个规则来指示所选择的控制服务。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式