Computer system and network interface with hardware based rule checking for embedded firewall

Assignee

• Hewlett-Packard Company, L.P. · US

Inventors

• Chi-Lie Wang · Milpitas, US
• BaoDong Hu · Milpitas, US
• Scott W. Mitchell · San Jose, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L69/16
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

A data processing system adapted for high-speed network communications, a method for managing a network interface and a network interface for such system, are provided, in which processing of packets received over the network is achieved by embedded logic at the network interface level. Incoming packets on the network interface are parsed and classified as they are stored in a buffer memory. Functional logic coupled to the buffer memory on the network interface is enabled to access any data field within a packet in a single cycle, using pointers and packet classification information produced by the parsing and classifying step. Results of operations on the data fields in the packets are available before the packets are transferred out of the buffer memory. A data processing system, a method for management of a network interface and a network interface are also provided by the present invention that include an embedded firewall at the network interface level of the system, which protects against inside and outside attacks on the security of data processing system. Furthermore, a data processing system, a method for management of a network interface and a network interface are a prov…