FAST UPDATE FILTER
Granted: May 9, 2013
Application Number:
20130117837
A method may include defining a filter for a network device, the filter including a rule and a particular number of prioritized fields, where at least one of the prioritized fields is formatted to accept input as a range of values. The method may also include receiving a rule modification for the filter, the rule modification including at least one input as a range of values, and performing a check for conflicts of the rule modification with the rule in the filter. The method may further…
ARRANGEMENTS AND METHODS FOR ACCESS TO STORED DATA
Granted: May 9, 2013
Application Number:
20130117450
An access server generates a handshake with storage servers resulting in more rapid access to the stored data, for example, video data, by a user. The handshake also results in load balancing effects.
ARBITER CIRCUIT AND METHOD OF CARRYING OUT ARBITRATION
Granted: May 9, 2013
Application Number:
20130114605
A method of carrying out arbitration in a packet exchanger including an input buffer temporarily storing a packet having arrived at an input port, and a packet switch which switches a packet between a specific input port and a specific output port, includes the steps of (a) concurrently carrying out a first plurality of sequences in each of the sequences basic processes for at least one of the input buffer and the output port are carried out in a predetermined order, and (b) making an…
FLEXIBLE PIN ALLOCATION
Granted: May 2, 2013
Application Number:
20130111156
A system includes a memory and a controller. The controller may include a group of pads and an allocation register. The controller is configured to receive input signals corresponding to the group and allocate each one of the pads to output one of the input signals based on a configuration of pins of the memory. The controller is also configured to redirect the input signals, within the controller, based on the allocation of the pads and output the input signals from the controller into…
TRANSFERRING DATA IN A NETWORK
Granted: May 2, 2013
Application Number:
20130107886
A method for transferring an MPOA packet which is capable of permitting address resolution based on layer 3 packet filter information and capable of preventing establishing an undesirable short cut path. In an ATM network, an MPOA server 20 which received an address resolution request packet from an MPOA client 10 determines whether or not the address resolution request packet be forwarded to the other MPOA server or the other MPOA client based on a layer 3 packet filter information.
USING A WAVEGUIDE TO DISPLAY INFORMATION ON ELECTRONIC DEVICES
Granted: April 25, 2013
Application Number:
20130100543
An electronic device includes an instrument panel that includes a display opening, where the instrument panel is located in a first plane; a circuit board located inside the electronic device, where the circuit board includes a display device that includes a display area, and where the display area is located in a second plane that is different from the first plane; and a waveguide that couples the display area to the display opening and guides light, and/or an image displayed in the…
ROUTE CONTROL SYSTEM AND ROUTE CONTROL METHOD IN A SWITCHING APPARATUS
Granted: March 21, 2013
Application Number:
20130070585
A system includes a cell handler, a virtual path handler, a virtual channel handler, a trunk. and a controller. The controller initiates, based on issuing an instruction to the cell handler, a loop-back control test. The loop-back control test involving transmission of an operation and maintenance (OAM) cell from the cell handler, via the virtual path handler, the virtual channel handler, and the trunk, and back to the cell handler. The controller further monitors the OAM cell, detects a…
OPTIMIZATION OF PACKET BUFFER MEMORY UTILIZATION
Granted: March 21, 2013
Application Number:
20130073931
A method performed by an I/O unit connected to another I/O unit in a network device. The method includes receiving a packet; segmenting the packet into a group of data blocks; storing the group of data blocks in a data memory; generating data protection information for a data block of the group of data blocks; creating a control block for the data block; storing, in a control memory, a group of data items for the control block, the group of data items including information associated…
APPLICATION IDENTIFICATION
Granted: March 21, 2013
Application Number:
20130074144
A method may include receiving a communication from a client device and identifying a port number, a protocol and a destination associated with the communication. The method may also include identifying a first application being executed by the first client device based on the port number, the protocol and the destination associated with the first communication.
ROUTING DEVICE HAVING INTEGRATED MPLS-AWARE FIREWALL
Granted: March 21, 2013
Application Number:
20130074177
An MPLS-aware firewall allows firewall security policies to be applied to MPLS traffic. The firewall, which may be integrated within a routing device, can be configured into multiple virtual security systems. The routing device provides a user interface by which a user specifies one or more zones to be recognized by the integrated firewall when applying stateful firewall services to the packets. The user interface allows the user to define different zones and policies for different ones…
PACKET PROCESSING IN A MULTIPLE PROCESSOR SYSTEM
Granted: March 21, 2013
Application Number:
20130074184
Packet processing is provided in a multiple processor system including a first processor to processing a packet and to create a tag associated with the packet. The tag includes information about the processing of the packet. A second processor receives the packet subsequent to the first processor and processes the packet using the tag information.
INTELLIGENT INTEGRATED NETWORK SECURITY DEVICE
Granted: March 14, 2013
Application Number:
20130067561
Methods, computer program products and apparatus for processing data packets are described. Methods include receiving the data packet, examining the data packet, determining a single flow record associated with the packet and extracting flow instructions for two or more devices from the single flow record.
DETECTION OF NETWORK SECURITY BREACHES BASED ON ANALYSIS OF NETWORK RECORD LOGS
Granted: March 14, 2013
Application Number:
20130067575
Computer program products and methods of inspecting a log of security records in a computer network are provided. The method includes retrieving a log record, processing the log record including deriving a key to a table, determining a data value from information in the log record and adding the data value to a list of data values associated with the key if the data value is unique. One or more entries of the table are evaluated based on predetermined criteria to detect attempted…
MULTI-METHOD GATEWAY-BASED NETWORK SECURITY SYSTEMS AND METHODS
Granted: March 14, 2013
Application Number:
20130067560
Systems and methods for detecting and preventing network security breaches are described. The systems and methods present a gateway-based packet-forwarding network security solution to not only detect security breaches but also prevent them by directly dropping suspicious packets and connections. The systems and methods employ multiple techniques to detect and prevent network security breaches, including stateful signature detection, traffic signature detection, and protocol anomaly…
INTELLIGENT INTEGRATED NETWORK SECURITY DEVICE FOR HIGH-AVAILABILITY APPLICATIONS
Granted: March 14, 2013
Application Number:
20130067268
Methods and apparatuses for inspecting packets are provided. A primary security system may be configured for processing packets. The primary security system may be operable to maintain flow information for a group of devices to facilitate processing of the packets. A secondary security system may be designated for processing packets upon a failover event. Flow records may be shared from the primary security system with the secondary security system.
MULTIPLE CONTROL CHANNELS FOR MULTICAST REPLICATION IN A NETWORK
Granted: March 7, 2013
Application Number:
20130058336
Network devices, such as a router and a downstream multicast distribution device, may use multiple control channels when setting up a multicast stream for a multicast request. For example, first messages may be transmitted using a first protocol to an upstream device over a first channel, the first messages indicating when a first multicast media stream is being requested by at least one of a number of client devices. Second messages may be transmitted using a second protocol over a…
ORDERING WRITE BURSTS TO MEMORY
Granted: March 7, 2013
Application Number:
20130061010
A device may receive requests intended for a memory that includes a number of banks, determine a number of the requests intended for each of the banks, determine an order for the requests based on the determined number of the requests intended for each of the banks, and send one of the requests to the memory based on the determined order.
HIGH AVAILABILITY FOR NETWORK SECURITY DEVICES
Granted: February 14, 2013
Application Number:
20130042323
In one example, a backup intrusion detection and prevention (IDP) device includes one or more network interfaces to receive a state update message from a primary IDP device, wherein the state update message indicates a network session being inspected by the primary IDP device and an identified application-layer protocol for the device, to receive an indication that the primary device has switched over or failed over to the backup device, and to receive a plurality of packets of the…
DISASTER RESPONSE SYSTEM
Granted: February 7, 2013
Application Number:
20130036175
A disaster response system receives location data and status data from participating devices in an area affected by a disaster. The disaster response system provides data to client devices outside the affected area. The data indicate statuses of people within the affected area. Disaster response system also instructs routers to perform actions to adjust bandwidth available for a particular use during and after the disaster.
VIRTUAL PRIVATE NETWORKING WITH MOBILE COMMUNICATION CONTINUITY
Granted: January 31, 2013
Application Number:
20130031271
In general, a mobile virtual private network (VPN) is described in which service provider networks cooperate to dynamically extend a virtual routing area of a home service provider network to the edge of a visited service provider network and thereby enable IP address continuity for a roaming wireless device. In one example, a home service provider network allocates an IP address to a wireless device and establishes a mobile VPN. The home service provider network dynamically provisions a…
