US2016191571A1PendingUtilityA1

Applications processing in a network apparatus

Assignee: BLUE COAT SYSTEMS INCPriority: Sep 25, 2000Filed: Jan 14, 2016Published: Jun 30, 2016
Est. expirySep 25, 2020(expired)· nominal 20-yr term from priority
H04L 63/20G06F 9/5027H04L 67/306H04L 67/10H04L 69/329H04L 67/34H04L 63/1416H04L 63/10H04L 67/63H04L 67/62H04L 9/40G06F 9/00G06F 9/5055G06F 9/5033G06F 9/505
54
PatentIndex Score
0
Cited by
0
References
0
Claims

Abstract

A method and system for distributing flows between a multiple processors. The flows can be received from an external source such as a network, by a front-end processor that recognizes the flow and the associated request, and identifies at least one internal applications processor to process the request/flow. The front-end processor utilizes a flow scheduling vector related to the identified applications processor(s), and the flow scheduling vector can be based on intrinsic data from the applications processor(s) that can include CPU utilization, memory utilization, packet loss, and queue length or buffer occupation. In some embodiments, applications processors can be understood to belong to a group, wherein applications processors within a group can be configured identically. A flow schedule vector can be computed for the different applications processor groups.

Claims

exact text as granted — not AI-modified
What is claimed is: 
     
         1 . A system of intrusion detection in a network comprising:
 a flow processing facility that is configured to detect and process intrusions in network data flowing through the facility, the facility comprising at least one network processor module having at least one processor, a plurality of network ports for connecting network devices for communicating network data, and instructions to cause the at least one processor to recognize one or more data packets in the network data that contain data, including profile information, for processing by an application executing on the flow processing facility by applying a policy to the data, and directing a portion of the network data to at least one flow processor module for executing the application based on the profile information and the policy;   the at least one flow processor module having at least one processor and at least one memory for storing the application for execution by the at least one flow processor module processor, the at least one flow processor module including instructions to receive the portion of the network data from the at least one network processor module, to process the data in the one or more data packets for detecting intrusions, thereby providing one or more data packets with processed data, and to return the one or more data packets with processed data to the at least one network processor module for facilitating prevention of a detected intrusion from being propagated to the network; and   at least one control processor module in communication with the at least one flow processor module and the at least one network processor module, and having at least one control processor module processor, and instructions for causing the at least one control processor module processor to manage the applications in the flow processor module memories.   
     
     
         2 . The system of  claim 1 , wherein the control processor module instructions for causing the at least one control processor module processor to manage the applications in the flow processor module memories further comprise instructions to cause the at least one control processor module to perform a step from the group consisting of, downloading applications to the flow processor module memories, and deleting applications from the flow processor module memories. 
     
     
         3 . The system of  claim 1 , further comprising a management server module in communication with the at least one control processor module and having at least one management server module processor. 
     
     
         4 . The system of  claim 3 , wherein the management server module further comprises instructions for causing the at least one management server module processor to cause the at least one control processor module to perform a step from the group consisting of, downloading applications from the management server module to the flow processor module memories, and deleting applications from the flow processor module memories. 
     
     
         5 . The system of  claim 1 , further comprising a local memory device coupled to the at least one of control processor module. 
     
     
         6 . The system of  claim 1 , further comprising a remote memory device coupled to the at least one of control processor module. 
     
     
         7 . The system of  claim 1 , wherein the at least one control processor module further comprises instructions to cause the at least one control processor module processor to transfer data between a management server module and the at least one flow processor module. 
     
     
         8 . The system of  claim 1 , further comprising at least one storage device coupled to the at least one of flow processor module. 
     
     
         9 . The system of  claim 1 , further comprising at least one storage device coupled to the at least one of network processor module. 
     
     
         10 . A method of intrusion detection in a network, comprising:
 providing a flow processing facility in-line in a network;   configuring the flow processing facility to detect intrusions received by the flow processing facility by recognizing with a network processor module of the flow processing facility one or more data packets in a data flow that contain data, including profile information, for processing by an application executing on the flow processing facility by applying a policy to the data;   directing the one or more data packets associated with a data flow that includes detected intrusions from the network processor module to at least one application processor module, based on the profile information and the policy, to process the data thereby providing one or more data packets with processed data; and   executing the application on the at least one application processor module, thereby taking an action on the one or more data packets with processed data such that the data flow of the detected intrusion is not propagated to the network.   
     
     
         11 . The method of  claim 10 , further including managing the application executing on the at least one application processor with a control processor module that is in communication with the network processor module and the at least one application processor module. 
     
     
         12 . The method of  claim 10 , wherein executing the application on the at least one application processor module further comprises selecting the at least one application based on the subscriber profile information. 
     
     
         13 . The method of  claim 12 , further comprising configuring the at least one application processor module for the at least one selected application. 
     
     
         14 . The method of  claim 12 , further comprising selecting at least one application processor module based on the at least one identified application. 
     
     
         15 . The method of  claim 10 , further comprising selecting at least one application processor module based on application processor module loading. 
     
     
         16 . The method of  claim 10 , further comprising selecting at least one application processor module based on applying the policy to the data. 
     
     
         17 . The method of  claim 10 , wherein directing the one or more data packets further comprises identifying a source of the stream of data packets and retrieving an application subscriber profile based on the data source.

Join the waitlist — get patent alerts

Track US2016191571A1 — get alerts on status changes and closely related new filings.

We store only your email — no account needed. See our privacy policy.