Packet firewalls of particular use in packet switching devices

Assignee

• Cisco Technology, Inc. · US

Inventors

• Doron Oz · Even Yehuda, IL
• Nir Ben-Dvora · Herzliya, IL
• Eldad Bar Eli · Ramat HaSharon, IL

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L63/0227
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

One or more firewalls are used to perform firewall functionality on packets based on the entry and exit accesses of each of the one or more firewalls being applied to a packet. For example, when firewalls are included in a router, the interfaces of the router are typically mapped to virtual firewalls and access thereof. Based on the determined routing of a particular packet, the firewalls to apply and their corresponding entry and exit accesses are identified. In order to decouple the application by the firewall itself of the security policies from the network topology and routing architecture (e.g., the network routing address information which is typically relied upon by current firewalls), the firewall functionality is defined based on the identified entry and exit accesses of a firewall, rather than based on network defined addresses, for example.