Merging firewall filters using merge graphs
US8719917B1 · kind B1 · utility
Assignee
Inventor
Key dates
| Filing date | Feb 17, 2009 |
| Grant date | May 6, 2014 |
| Priority date | — |
| Expiry date | May 26, 2032 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/0263
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A network device may be configured to filter network traffic using multiple different filters bound to different interfaces of the network device. The network device may include logic to identify a relationship map that describes a topology of bind-points associated with the network device. Additionally, the network device may include logic to generate a merge graph based on the relationship map, the merge graph including one or more nodes, where each node represents a walk through the relationship map and includes one or more merge-points, where each merge-point is defined as a filter associated with a bind-point. The network device may also include a ternary content-addressable memory (TCAM) programmed to include entries based on the nodes of the merge graph.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.