IPSec acceleration method, apparatus and system

A technology for configuring parameters and forwarding modules, applied in the field of network security, can solve the problems of slow IKE chain establishment and data forwarding, and achieve the effect of solving the slow IKE chain establishment, solving the slow data forwarding, and improving the speed and flexibility.

Active Publication Date: 2016-10-05
HUAWEI TECH CO LTD
View PDF3 Cites 10 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0007] Embodiments of the present invention provide an IPSec acceleration method, device and system to solve the problems of slow IKE link establishment and data forwarding speed in existing IPSec

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • IPSec acceleration method, apparatus and system
  • IPSec acceleration method, apparatus and system
  • IPSec acceleration method, apparatus and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0072] In order to make the purpose, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below in conjunction with the drawings in the embodiments of the present invention. Obviously, the described embodiments It is a part of embodiments of the present invention, but not all embodiments. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the protection scope of the present invention.

[0073] The basic idea of ​​the embodiment of the present invention is to separate the logic of IKE link building and data forwarding, and the physical deployment is unlimited. For example, different devices, such as accelerator cards, virtual machines, servers, clusters, etc., can respectively accelerate the speed of IKE link building and The...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The embodiment of the invention provides an IPSec (Internet Protocol Security) acceleration method, apparatus and system. The IPSec acceleration method includes the steps: an IKE (Internet Key Exchange) module generates an IKE chain building session message, based on an IPSec configuration parameter and a safety strategy in an SPD (Security Policy Database); the IKE module sends the IKE chain building session message to opposite-end equipment, and establishes SA (Security Association) with the opposite-end equipment; and the IKE module sends the SA to a data forwarding module, wherein the IKE module and the data forwarding module are discrete modules. The embodiment of the IPSec acceleration method, apparatus and system discretely sets the IKE module and the data forwarding module, so that the IKE module and the data forwarding module can be arranged in different equipment to improve the IPSec speed.

Description

technical field [0001] Embodiments of the present invention relate to network security technologies, and in particular to an Internet Security Protocol (English: Internet Protocol Security, IPSec for short) acceleration method, device and system. Background technique [0002] With the rapid development of network services, the requirements for network information security are getting higher and higher. The Internet Engineering Task Force (English: Internet Engineering Task Force, referred to as: IETF) developed IPSec to ensure communication security. [0003] Among them, the workflow of IPSec is divided into two stages: [0004] The first stage: Internet Key Exchange (English: Internet Key Exchange Protocol, referred to as: IKE) chain building. IKE link building provides IPSec with the service of automatically negotiating and exchanging keys and establishing a Security Association (English: Security Association, referred to as: SA). IKE link building includes IKESA payload...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06
CPCH04L63/061H04L63/164H04L63/205H04L41/0893H04W76/10H04L9/0841H04L41/0286
Inventor 谢于明胡新宇赵宇萍杨凡
Owner HUAWEI TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap