DETECTION OF UNDESIRED COMPUTER FILES IN ARCHIVES
Granted: June 12, 2008
Application Number:
20080141373
Systems and methods for an anti-virus detection module that can detect known undesired computer files in encrypted, compressed, password-protected and/or damaged archives are provided. According to one embodiment, an archive file is scanned without decrypting and without decompressing contents of the archive file. A type and associated structure of the archive file are identified. Then, based on the identified type and the associated structure, descriptive information from the archive…
Method and apparatus for managing subscriber profiles
Granted: May 22, 2008
Application Number:
20080117917
Methods and apparatus for managing subscriber profiles are described herein. In one embodiment, the method includes receiving, from a requester, a request to determine an operation to be performed on a data packet. The method also includes determining profile identifiers associated with the requester, wherein the profile identifiers include, a first-level profile identifier associated with a lower-level profile identifier that defines the operation. The method also includes determining,…
USE OF AUTHENTICATION INFORMATION TO MAKE ROUTING DECISIONS
Granted: January 31, 2008
Application Number:
20080028445
Methods and systems for utilizing authentication attributes to determine how to direct traffic flows are provided. In one embodiment, an augmented authentication database is provided, which includes routing information for multiple users. The routing information is intended to be used to facilitate routing of traffic flows to appropriate virtual networks of a network. A request on behalf of one of the users is received at an authentication interface of the network for access to a service…
FAULT TOLERANT ROUTING IN A NETWORK ROUTING SYSTEM BASED ON A PASSIVE REPLICATION APPROACH
Granted: January 17, 2008
Application Number:
20080016389
Passive replication methods and systems to facilitate fault tolerance in a network routing system are provided. In one embodiment, a fault associated with a processing engine (PE) of a network routing system is detected by monitoring the health of the network routing system PEs. Responsive to detecting a fault (e.g., a link failure, a failure of a virtual router (VR) or a failure of the PE): VRs that were operating on the PE prior to detection of the fault are identified; configuration…
HARDWARE-ACCELERATED PACKET MULTICASTING IN A VIRTUAL ROUTING SYSTEM
Granted: December 20, 2007
Application Number:
20070291755
Methods and systems are provided for hardware-accelerated packet multicasting in a virtual routing system. According to one embodiment, a multicast packet is received at an ingress system of a packet-forwarding engine (PFE). The ingress system identifies flow classification indices for the multicast packet. Then, for each instance of multicasting, the ingress system sends a single copy of the multicast packet and the flow classification indices to an egress system of the PFE. The single…
Network advertising system
Granted: November 15, 2007
Application Number:
20070266091
Systems and methods for transmitting content to a client via a communication network are provided. In one embodiment, a method of transmitting unsolicited content, such as an advertisement, to a client via the Internet may include one or more of the following steps: 1) intercepting a data transfer protocol request/response; 2) analyzing information contained within the data transfer protocol request/response; 3) selecting advertising content to send to the client; and 4) sending the…
Delegated network management system and method of using the same
Granted: September 27, 2007
Application Number:
20070226358
A method for providing a management function requested by a user that uses a managed device includes establishing a session on a managed device in response to a user logging into an account on the managed device, establishing a delegated management session on a management device, the delegated management session corresponding to the session on the managed device, receiving a management message on the management device, the management message being related to a management function…
Electronic message and data tracking system
Granted: September 6, 2007
Application Number:
20070208850
Systems and methods for tracking electronic messages and data are provided. According to one embodiment, steps for tracking an email message, or other electronic message, may include identifying an email message for tracking, associating a linking object with the tracked message, and responsive to activation of the linking object by a receiver of the electronic message, automatically submitting information regarding the electronic message to be tracked to a designated resource. According…
SYSTEM AND METHOD FOR VIRTUAL ROUTER FAILOVER IN A NETWORK ROUTING SYSTEM
Granted: July 12, 2007
Application Number:
20070162783
In a network routing system,a control blade provides for redundancy and failover of virtual routers (VRs) instantiated by objects running on processing engines of the several virtual routing engines (VREs). When the control blade detects a failure of one processing engines, it may identify the virtual private networks (VPNs) and/or VRs operating on the failed processing engine. The control blade identifies a set of command lines corresponding with the identified VPNs and VRs, and replays…
NETWORK PACKET STEERING VIA CONFIGURABLE ASSOCIATION OF PROCESSING RESOURCES AND NETMODS OR LINE INTERFACE PORTS
Granted: June 28, 2007
Application Number:
20070147368
Methods and systems are provided for steering network packets. According to one embodiment, a mapping associates a processing resource with a network interface module (netmod) and/or a number of line interface ports included within the netmod. In one embodiment, the mapping is configurable within the processing resource and pushed to the netmod. The netmod uses the mapping to steer network packets to the processing resource when the packets conform to the mapping. The mapping may be…
ROUTING TRAFFIC THROUGH A VIRTUAL ROUTER-BASED NETWORK SWITCH
Granted: June 7, 2007
Application Number:
20070127382
Methods and systems are provided for routing traffic through a virtual router-based network switch. According to one embodiment, a method for routing packets in a router includes establishing a flow data structure, which identifies a packet flow through a virtual router in the router. When a packet is received, a comparison is performed between a subset of at least one packet header associated with the packet and a subset of the flow data structure. If the subset of the packet header…
PACKET ROUTING SYSTEM AND METHOD
Granted: May 31, 2007
Application Number:
20070121579
A flexible, scalable hardware and software platform that allows a service provider to easily provide internet services, virtual private network services, firewall services, etc., to a plurality of customers. One aspect provides a method and system for delivering security services. This includes connecting a plurality of processors in a ring configuration within a first processing system, establishing a secure connection between the processors in the ring configuration across an internet…
Method and apparatus for managing subscriber profiles
Granted: May 24, 2007
Application Number:
20070115979
Methods and apparatus for managing subscriber profiles in a network environment are described herein. In one embodiment, the method includes receiving a connection request from a subscriber, wherein the subscriber is associated with a first-level profile identifier, and wherein more than one subscriber can be associated with the first-level profile identifier. The method also includes determining lower-level profile identifiers using the first-level profile identifier. The method further…
HIERARCHICAL METERING IN A VIRTUAL ROUTER-BASED NETWORK SWITCH
Granted: May 17, 2007
Application Number:
20070109968
Methods and systems are provided for applying metering and rate-limiting in a virtual router environment and supporting a hierarchy of metering/rate-limiting contexts per packet flow. According to one embodiment, multiple first level metering options and multiple second level metering options associated with a hierarchy of metering levels are provided. A virtual routing engine receives packets associated with a first packet flow and packets associated with a second packet flow. The…
SYSTEM AND METHOD FOR MANAGING AND PROVISIONING VIRTUAL ROUTERS
Granted: May 10, 2007
Application Number:
20070104119
Site reachability information is determined for a service processing switch that is communicably coupled to one or more sites. In addition, global routing profiles, customer site profiles and OSPF profiles are defined. The profile data, in addition to or instead of the reachability information is used to generate routing configuration data for one or more Virtual Routers and Virtual Private Networks implemented within the service processing switch.
SWITCH MANAGEMENT SYSTEM AND METHOD
Granted: April 12, 2007
Application Number:
20070083528
A system and method of managing a switch includes installing a switch having a plurality of processor elements, installing an operating system on each processor element, creating a system virtual router and configuring the processor elements from the system virtual router.
SYNCHRONIZED BACKUP OF AN OBJECT MANAGER GLOBAL DATABASE AS PART OF A CONTROL BLADE REDUNDANCY SERVICE
Granted: March 29, 2007
Application Number:
20070073733
A system and method of managing a switch includes installing a switch having a plurality of processor elements, installing an operating system on each processor element, creating a system virtual router and configuring the processor elements from the system virtual router.
METHODS AND SYSTEMS FOR A DISTRIBUTED PROVIDER EDGE
Granted: March 22, 2007
Application Number:
20070064704
Methods and Systems are provided for a distributed Provider Edge (PE). A single Virtual Routing and Forwarding device (VRF) is associated with a single customer site. The VRF includes a single routing table (RIB) and a single forwarding table (FIB). The VRF also includes a plurality of Virtual Private Network (VPN) Protocol Instance Modules (VRP), where each VRP is associated with a different VPN from the customer site. Each VRP accesses the RIB directly and the FIB indirectly to…
IDENTIFYING NODES IN A RING NETWORK
Granted: March 15, 2007
Application Number:
20070058648
A master node in a packet ring network periodically sends packet containing a discovery marker into the packet ring network. As each node in turn receives the packet, each adds its own discovery marker, which contains its topology information, to the packer, saves the topology information of others, and resends the packet to the next node in the ring. Eventually, the master node receives the packer containing a chain of discovery markers for all active nodes terminated by the master's…
Logging method, system, and device with analytical capabilities for the network traffic
Granted: March 1, 2007
Application Number:
20070050846
A logging device, system and a method for managing network packets. The logging device includes a traffic capturing device receiving the network packets and filtering the network packets by selecting some of the network packets based on a predefined criteria. The logging device also includes a storage device storing the selected network packets and an analyzing component organizing the stored network packets in accordance with a user specified parameters. The traffic capturing component,…
