Patent · US Active

Security agent for distributed network security system

US9930010B2 · kind B2 · utility

14Cited by

5References

20Claims

0Family size

Assignee

Nicira, Inc. · US

Inventors

Keyong Sun · Beijing, CN
Yonggang Wang · Beijing, CN
Frank Guo · Danville, US
Liang Li · Shanghai, CN
Zikang Chen · Beijing, CN

Key dates

Filing date	Jul 28, 2015
Grant date	Mar 27, 2018
Priority date	—
Expiry date	Oct 1, 2035

Classification

Technology area (CPC H)Electricity
CPC primaryH04L69/22
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

Some embodiments of the invention provide a method that performs security operations for packets that are processed by a forwarding element. The method of some embodiments receives, at a security agent operating on a physical machine, a packet from a forwarding element that also operates on the physical machine. The method then determines whether a security rule is stored for the packet at the security agent. When no security rule is stored for the packet, the method transmits the packet to a default security controller of several security controllers that store security rules for a network and process packets according to the stored security rules. When the security rule is stored for the packet, the method processes the packet according to the stored security rule for the packet.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.