-
公开(公告)号:US09021547B1
公开(公告)日:2015-04-28
申请号:US13333439
申请日:2011-12-21
申请人: Tsai-Zong Lin , Chih-Wei Chao , Jin Shang , Dongyi Jiang , Anchung Chung
发明人: Tsai-Zong Lin , Chih-Wei Chao , Jin Shang , Dongyi Jiang , Anchung Chung
CPC分类号: H04L63/20 , H04L63/0227 , H04L63/164 , H04L63/166
摘要: This disclosure is directed toward an integrated switching and routing security device that provides zone-based security directly between layer two (L2) interfaces of L2 bridge domains and/or layer three (L3) interfaces of L3 routing instances within the security device. The integrated switching and routing security device supports both switching and routing functionalities for packets on L2 and L3 interfaces, and supports security within and between L2 bridge domains and L3 routing instances. The integrated switching and routing security device configures L2 security zones for one or more L2 interfaces and configures L3 security zones for one or more L3 interfaces. The integrated switching and routing security device then applies security policies to incoming packets according to the L2 security zones and/or the L3 security zones associated with the incoming interface and an outgoing interface for the packets to provide end-to-end security within the security device.
摘要翻译: 本公开涉及集成的交换和路由安全设备,其直接在L2网桥域的第二层(L2)接口和/或L3路由实例的第三层(L3)接口之间提供基于区域的安全性。 集成交换和路由安全设备支持L2和L3接口上的数据包的交换和路由功能,并支持L2桥接域和L3路由实例之间的安全性。 集成交换路由安全设备为一个或多个L2接口配置L2安全区域,并为一个或多个L3接口配置L3安全区域。 集成交换和路由安全设备然后根据与入局接口相关联的L2安全区域和/或L3安全区域对传入的分组应用安全策略,以及用于分组的输出接口,以提供安全性内的端到端安全性 设备。
搜索结果
1 条记录 (耗时 0.008 秒)
