Concurrent security processing of network packets by multiple in-line network security tools

Assignee

• KEYSIGHT TECHNOLOGIES SINGAPORE (SALES) Pte. Ltd. · SG

Inventors

• Scott Register · Austin, US
• Shardendu Pandey · Cedar Park, US
• Glenn Chagnot · Southlake, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L45/16
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

Systems and methods provide concurrent security processing for multiple network security tools. An input packet is received at a network packet forwarding system from a network packet source, and the network packet forwarding system concurrently sends an output packet based upon the input packet to multiple security tools. Return packets are received based upon the output packet from the security tools after their respective security processing. Once return packets are received from each of the security tools, the network packet forwarding system forwards a secure packet to a packet destination. If a timeout occurs before all return packets are received, the network packet forwarding system can assume that the original packet was unsafe and discard information stored for the input packet. If security tools are configured to modify packets, these modifications can also be tracked.