System, device and method for rapid packet filtering and processing
US6496935B1 · kind B1 · utility
Assignee
Inventors
Key dates
| Filing date | Mar 2, 2000 |
| Grant date | Dec 17, 2002 |
| Priority date | — |
| Expiry date | Mar 2, 2020 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/1466
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A system, a device and a method for accelerating packet filtration by supplementing a firewall with a pre-filtering module. The pre-filtering module performs a limited set of actions with regard to the packets, according to whether the packets are received from a connection which has been previously permitted by the firewall. If the packets are received from such a permitted connection, then the pre-filtering module forwards the packets to their destination, optionally performing one or more actions on the packets. Otherwise, the packets are forwarded to the firewall for handling. Preferably, once the firewall has transferred responsibility for the connection to the pre-filtering module, or “off-loaded” the connection, the firewall does not receive further packets from this connection until a timeout occurs for the connection, or a packet is received with particular session-control field values, such that the connection is closed. Optionally and preferably, the pre-filtering module is implemented as hardware.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.