-
公开(公告)号:US08208370B1
公开(公告)日:2012-06-26
申请号:US10814572
申请日:2004-03-31
申请人: Albert H. Mitchell, Jr. , Pritesh N. Patel , April Chou , Mauricio Arregoces , Christopher Spain
发明人: Albert H. Mitchell, Jr. , Pritesh N. Patel , April Chou , Mauricio Arregoces , Christopher Spain
CPC分类号: H04L41/0659 , H04L41/0668 , H04L45/04 , H04L45/28 , H04Q3/0075 , H04Q2213/13145 , H04Q2213/13166 , H04Q2213/13167 , H04Q2213/13345
摘要: A method and system for fast link failover is disclosed. According to one embodiment, a method is provided in which a failure of a first link between a network element and an upstream portion of a communications network is detected, and a second link or group of links between the network element and a downstream portion of the communications network is responsively disabled to maintain a communications channel between the downstream and upstream portions of the communications network.
摘要翻译: 公开了用于快速链路故障切换的方法和系统。 根据一个实施例,提供了一种方法,其中检测到网络元件和通信网络的上游部分之间的第一链路的故障,并且网络元件与网络元件的下游部分之间的第二链路或链路组 响应地禁用通信网络以维持通信网络的下游部分和上游部分之间的通信信道。
-
公开(公告)号:US20060095960A1
公开(公告)日:2006-05-04
申请号:US11084311
申请日:2005-03-17
申请人: Mauricio Arregoces , Maurizio Portolani , Pere Monclus , Anurag Kahol , Venkateshwar Pullela , Saravanakumar Rajendran , Dileep Devireddy
发明人: Mauricio Arregoces , Maurizio Portolani , Pere Monclus , Anurag Kahol , Venkateshwar Pullela , Saravanakumar Rajendran , Dileep Devireddy
IPC分类号: G06F15/16
CPC分类号: H04L63/0254 , H04L67/1002
摘要: A data center topology routes traffic between internal sub-nets and between a sub-net and an outside network through a common chain of services. The data center topology employs transparent layer 7 and layer 4 services on a common chassis or platform to provide routing, load balancing and firewall services while reducing the number of devices necessary to implement the data center and simplifying configuration.
摘要翻译: 数据中心拓扑通过公共服务链路在内部子网之间以及子网与外部网络之间路由流量。 数据中心拓扑在通用机箱或平台上采用透明层7和第4层服务,以提供路由,负载平衡和防火墙服务,同时减少实现数据中心所需的设备数量并简化配置。
-
公开(公告)号:US07558261B2
公开(公告)日:2009-07-07
申请号:US11133799
申请日:2005-05-21
IPC分类号: H04L12/28
CPC分类号: H04L67/1006 , H04L67/1002 , H04L67/1014
摘要: An architecture, arrangement, system, and method for providing service access in a data center are disclosed. In one embodiment, an arrangement can include: an aggregation switch configured to transfer data between a network and an access layer; and service modules coupled to the aggregation switch, where each service module is configured to provide a service for the data when selected. The service modules can include: firewall, load balancer, secure sockets layer (SSL) offloader, intrusion detection system (IDS), and cache, for example. Further, the service selection can be substantially transparent to an associated server.
摘要翻译: 公开了一种在数据中心中提供服务访问的架构,布置,系统和方法。 在一个实施例中,一种配置可以包括:聚合交换机,被配置为在网络和接入层之间传输数据; 以及耦合到聚合交换机的服务模块,其中每个服务模块被配置为在选择时为数据提供服务。 服务模块可以包括:例如防火墙,负载平衡器,安全套接字层(SSL)卸载程序,入侵检测系统(IDS)和缓存。 此外,服务选择对于相关联的服务器可以是基本透明的。
-
公开(公告)号:US20060095579A1
公开(公告)日:2006-05-04
申请号:US11089754
申请日:2005-03-24
IPC分类号: G06F15/16
CPC分类号: H04L63/0227 , H04L63/20 , H04L67/1002 , H04L67/1014
摘要: A one-arm data center topology routes traffic between internal sub-nets and between a sub-net and an outside network through a common chain of services. The data center topology employs layer 4 services on a common chassis or platform to provide routing and firewall services while reducing the number of devices necessary to implement the data center and simplifying configuration. Load balancing is provided by a load balancing device. In the one-arm topology, policy based routing or client network address translations or NAT pushes traffic to the CSM.
-
5.发明申请Architecture and method having redundancy in active/active stateful devices based on symmetric global load balancing protocol (sGLBP) 审中-公开基于对称全局负载平衡协议(sGLBP)的主动/主动状态设备中的冗余的架构和方法公开(公告)号:US20060092950A1
公开(公告)日:2006-05-04
申请号:US11141808
申请日:2005-05-31
IPC分类号: H04L12/56
CPC分类号: H04L45/24 , G06F11/2007 , G06F11/2038 , H04L45/28 , H04L63/0254
摘要: An architecture, arrangement, system, and method for or controlling traffic flow into and out of a server farm having active-active stateful devices. A symmetric Gateway Load Balancing Protocol (sGLBP) eliminates asymmetric traffic flow for out-bound traffic. Load distribution for in-bound traffic is balanced between a redundant pair of aggregation switches using either static host routes, Route Health Injection or in a more general manner, with external routes with a mask longer than the connected subnet advertised by the routing protocol. The return traffic is symmetric because it returns through the same aggregation switch that it came from. Similarly, traffic originating from a server farm exits from one of the redundant aggregation switches and returns from the same aggregation switch.
摘要翻译: 用于或控制流入和流出具有主动 - 有状态的设备的服务器场的架构,安排,系统和方法。 对称网关负载平衡协议(sGLBP)消除了出站流量的不对称流量。 入站流量的负载分配在使用静态主机路由,路由健康注入或更通用的冗余对聚合交换机之间进行平衡,外部路由的掩码长于路由协议发布的连接子网。 返回流量是对称的,因为它返回通过它来自相同的聚合交换机。 类似地,源自服务器场的业务从一个冗余聚合交换机退出,并从同一聚合交换机返回。
-
公开(公告)号:US07657940B2
公开(公告)日:2010-02-02
申请号:US11124003
申请日:2005-05-06
申请人: Maurizio Portolani , Mauricio Arregoces , David W. Chang , Nagaraj A. Bagepalli , Stefano Testa
发明人: Maurizio Portolani , Mauricio Arregoces , David W. Chang , Nagaraj A. Bagepalli , Stefano Testa
CPC分类号: H04L63/0254 , H04L63/0464 , H04L63/166 , H04L67/1002 , H04L67/1006 , H04L67/101 , H04L67/1027
摘要: A data center provides secure handling of HTTPS traffic using backend SSL decryption and encryption in combination with a load balancer such as a content switch. The load balancer detects HTTPS traffic and redirects it to an SSL offloading device for decryption and return to the load balancer. The load balancer then uses the clear text traffic for load balancing purposes before it redirects the traffic back to the SSL offloading device for re-encryption. Thereafter, the re-encrypted traffic is sent to the destination servers in the data center. In one embodiment, the combination with the back-end SSL with an intrusion detection system improves security by performing intrusion detection on the decrypted HTTPS traffic.
摘要翻译: 数据中心使用后端SSL解密和加密以及诸如内容交换机之类的负载平衡器来提供对HTTPS流量的安全处理。 负载平衡器检测HTTPS流量并将其重定向到SSL卸载设备进行解密并返回到负载均衡器。 然后,负载平衡器在将流量重定向到SSL卸载设备以进行重新加密之前,使用明文流量进行负载平衡。 此后,重新加密的流量被发送到数据中心中的目的地服务器。 在一个实施例中,与具有入侵检测系统的后端SSL的组合通过对解密的HTTPS业务进行入侵检测来提高安全性。
-
公开(公告)号:US07643468B1
公开(公告)日:2010-01-05
申请号:US11227377
申请日:2005-09-14
IPC分类号: H04L12/28
CPC分类号: H04L12/462 , H04L67/1097
摘要: A data-center network architecture. The data-center network architecture incorporates a front end having an aggregation layer exhibiting integrated service-module intelligence. A server farm connects the front end with a storage network. In a specific embodiment, the aggregation layer includes plural interconnected multilayer switches incorporating service-module intelligence implemented via one or more service modules. Plural layer-2 switches communicate with the plural multilayer switches. The server farm includes one or more servers that are dual homed or multihomed with the plural layer-2 switches. The storage network includes plural interconnected multilayer directors and one or more Fibre Channel hosts using Host Bus Adapters (HBAs) that interface one or more data-storage devices to the server farm.
摘要翻译: 数据中心网络架构。 数据中心网络架构包含具有展示集成服务模块智能的聚合层的前端。 服务器场将前端连接到存储网络。 在具体实施例中,聚合层包括多个互连多层交换机,其包括通过一个或多个服务模块实现的业务模块智能。 多层二层交换机与多层多层交换机进行通信。 服务器场包括一个或多个双重归属或多重第二层交换机的服务器。 存储网络包括多个互连多层导向器和使用主机总线适配器(HBA)的一个或多个光纤通道主机,其将一个或多个数据存储设备连接到服务器场。
-
公开(公告)号:US20060095969A1
公开(公告)日:2006-05-04
申请号:US11124003
申请日:2005-05-06
IPC分类号: G06F12/14
CPC分类号: H04L63/0254 , H04L63/0464 , H04L63/166 , H04L67/1002 , H04L67/1006 , H04L67/101 , H04L67/1027
摘要: A data center provides secure handling of HTTPS traffic using backend SSL decryption and encryption in combination with a load balancer such as a content switch. The load balancer detects HTTPS traffic and redirects it to an SSL offloading device for decryption and return to the load balancer. The load balancer then uses the clear text traffic for load balancing purposes before it redirects the traffic back to the SSL offloading device for re-encryption. Thereafter, the re-encrypted traffic is sent to the destination servers in the data center. In one embodiment, the combination with the back-end SSL with an intrusion detection system improves security by performing intrusion detection on the decrypted HTTPS traffic.
摘要翻译: 数据中心使用后端SSL解密和加密以及诸如内容交换机之类的负载平衡器来提供对HTTPS流量的安全处理。 负载平衡器检测HTTPS流量并将其重定向到SSL卸载设备进行解密并返回到负载均衡器。 然后,负载平衡器在将流量重定向到SSL卸载设备以进行重新加密之前,使用明文流量进行负载平衡。 此后,重新加密的流量被发送到数据中心中的目的地服务器。 在一个实施例中,与具有入侵检测系统的后端SSL的组合通过对解密的HTTPS业务进行入侵检测来提高安全性。
-
公开(公告)号:US07610375B2
公开(公告)日:2009-10-27
申请号:US11090083
申请日:2005-03-25
IPC分类号: G06F15/173
CPC分类号: H04L63/0218 , H04L63/1408 , H04L63/1416 , H04L63/1425 , H04L63/1441
摘要: An intrusion detection system (IDS) is capable of identifying the source of traffic, filtering the traffic to classify it as either safe or suspect and then applying sophisticated detection techniques such as stateful pattern recognition, protocol parsing, heuristic detection or anomaly detection either singularly or in combination based on the traffic type. In a network environment, each traffic source is provided with at least one IDS sensor that is dedicated to monitoring a specific type of traffic such as RPC, HTTP, SMTP, DNS, or others. Traffic from each traffic source is filtered to remove known safe traffic to improve efficiency and increase accuracy by keeping each IDS sensor focused on a specific traffic type.
摘要翻译: 入侵检测系统(IDS)能够识别流量来源,过滤流量以将其分类为安全或可疑,然后应用复杂的检测技术,例如状态模式识别,协议解析,启发式检测或异常检测,单独或异常检测 基于流量类型组合。 在网络环境中,每个流量源都提供至少一个专用于监视特定类型的流量(如RPC,HTTP,SMTP,DNS或其他)的IDS传感器。 过滤每个流量来源的流量,以清除已知的安全流量,从而通过将每个IDS传感器集中在特定流量类型上来提高效率并提高准确性。
-
公开(公告)号:US07571470B2
公开(公告)日:2009-08-04
申请号:US11089754
申请日:2005-03-24
IPC分类号: G06F21/00
CPC分类号: H04L63/0227 , H04L63/20 , H04L67/1002 , H04L67/1014
摘要: A one-arm data center topology routes traffic between internal sub-nets and between a sub-net and an outside network through a common chain of services. The data center topology employs layer 4 services on a common chassis or platform to provide routing and firewall services while reducing the number of devices necessary to implement the data center and simplifying configuration. Load balancing is provided by a load balancing device. In the one-arm topology, policy based routing or client network address translations or NAT pushes traffic to the CSM.
摘要翻译: 单臂数据中心拓扑通过公共服务链路在内部子网之间以及子网和外部网络之间路由流量。 数据中心拓扑在公共机箱或平台上采用第4层服务,以提供路由和防火墙服务,同时减少实现数据中心所需的设备数量并简化配置。 负载平衡由负载平衡设备提供。 在单臂拓扑中,基于策略的路由或客户端网络地址转换或NAT将流量推送到CSM。
-
-
-
-
-
-
-
-
-
搜索结果
12 条记录 (耗时 0.017 秒)
