Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Distributed firewall system and method for realizing content diction of firewall

A distributed firewall and content technology, applied in the field of network security, can solve problems such as poor system stability, low throughput, network congestion, etc., and achieve the effect of improving performance, throughput and stability

Inactive Publication Date: 2007-08-08
NEW H3C TECH CO LTD
View PDF0 Cites 20 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The present invention provides a distributed firewall system and a method for realizing firewall content detection, which solves the problems of network congestion, low throughput and poor system stability in firewall deep detection in the prior art

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Distributed firewall system and method for realizing content diction of firewall
  • Distributed firewall system and method for realizing content diction of firewall
  • Distributed firewall system and method for realizing content diction of firewall

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0034] With the development of chip technology and network technology, multi-core CPU processors and multi-CPU processors have been increasingly used in network equipment to process more services and improve the performance of network equipment. Based on the multi-core CPU processor and the multi-CPU processor, the present invention proposes a distributed firewall system and a method for realizing firewall content detection. Described separately below.

[0035] In order to meet the requirements of firewalls for content detection, the present invention provides a distributed firewall system that separates content monitoring and filtering and firewall session forwarding functions. See Figure 3, which is a block diagram of Embodiment 1 of the distributed firewall system provided by the present invention, including The session forwarding system 1 and the content monitoring and filtering module 2 are connected to each other. The session forwarding system 1 runs in the first CPU process...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses one distribution firewall system, which comprises dialogue transfer system and connected content monitor filter module, wherein, the content monitor filter module is to monitor filter condition according to preset content and to filter on the message content and to send the filter result to the dialogue transfer system; the content monitor filter module and dialogue transfer system are operated in first and second processors. The invention also discloses one method to realize firewall content test.

Description

Technical field [0001] The invention relates to the field of network security, in particular to a distributed firewall system and a method for realizing firewall content detection. Background technique [0002] With the development of network technology, the requirements for firewalls are also increasing. The hardware logic diagram of the existing firewall is shown in Figure 1. The detection and forwarding of the received message content is completed by a single-core CPU processor. That is, all the software of the firewall runs on a single-core CPU processor to form a session forwarding system. As shown in Figure 2, the process of firewall detection is: the message receiving module receives the message and caches it, and sends it at the same time. Interrupt notification packet filtering module; the packet filtering module filters the packets according to the filtering rules configured by the management control module, such as checking each incoming packet and viewing the basic in...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06H04L12/56H04L12/26
Inventor 王松波周顺林
Owner NEW H3C TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com