Home | Links | Contact Us | More About Intellectual Property | Bookmark

Search patents:

Home

Television

Stateful-packet-forwarding-in-a-firewall-cluster

Method and apparatus for information labeling and control

Referring now to FIG. 1, an exemplary information labeling and control apparatus adapted for ...

System and method for establishing TV channel

A system for automatically establishing virtual TV channels based on a geographic location of a TV, ...

Method and apparatus for controlling time-scale modification during multi-media broadcasts

FIG. 2 shows a block diagram of embodiment 1000 of the present invention which provides ...

Unified presentation of programming from different physical sources

The invention includes steps of gathering programming data for a plurality of different program ...

Good quality video for the internet at very low bandwidth

What is claimed is: 1. A method for processing digitized video material comprising the steps of: a. ...

Delayed decision recording device

What is claimed is: 1. Apparatus for recording program material from a source of program material ...

System for generating, distributing and receiving an interactive user interface

The invention is an information distribution system comprising a head end wherein a user interface ...

MPEG transport stream remultiplexer

OF THE INVENTION FIG. 2 shows a remultiplexer 100 according to an embodiment of the present ...

MPEG transport stream remultiplexer

OF THE INVENTION FIG. 2 shows a remultiplexer 100 according to an embodiment of the present ...

Remultiplexer for video program bearing transport streams with program clock reference time stamp adjustment

OF THE INVENTION For sake of clarity, the description of the invention is divided into sections. R...

Stateful packet forwarding in a firewall cluster

Details

Inventors: Cheng, Lebin; Horowitz, Samuel D.; Jemes, Brian L.;
Assignee: Hewlett-Packard Development Company, L.P. (Houston, TX)
Primary Examiner: Moise; Emmanuel L.
Assistant Examiner: Fields; Courtney
Attorney, Agent or Firm:

A method is disclosed for processing data using multiple interconnected firewall devices. A connection is initiated between an internal host and an external network, through a home firewall device. A separate, receiving firewall device may then receive a data packet for the internal host as part of a flow. The receiving device attempts to determine the home device for the packet. The receiving device sends a multicast to all other firewall devices in the firewall cluster. The multicast includes the data packet and information about the receiving device. The home device receives the multicast and responds, indicating that it is the home device. The home device extracts the data packet from the multicast and forwards it to the internal host. The receiving device stores the response information along with other forwarding information that is used to automatically forward to the home device subsequent data packets for the flow.

DETAILED DESCRIPTION FIG.
1 shows a system on which the firewall method may be applied.
An enterprise includes an internal network 30, such as a wide area network (WAN), 30 having computer terminals 40, such as personal computers 40, or other internal hosts 40 that access the Internet 20 or other global computer network 20, through a firewall at the boundary of the internal network 30.
The internal host 40 may connect to an external host by various types of communications protocols, including conventional transmission control protocol/Internet protocol (TCP/IP).
As used herein, an internal host 40 refers to any device connected to the internal network 30 that connects to an external network 20 through the firewall cluster 10.
In the example of FIG.
1, the firewall consists of multiple firewall devices 12, 14, 16, 18 referred to collectively as a firewall cluster 10.
The firewall devices 12, 14, 16, 18 are interconnected by the network 30, and it is possible for a single internal host 40 to access the Internet 20 through more than one firewall device 12, 14, 16, 18.
For example, the network 30 may have multiple sub-HP networks 32, 34, 36, such as the local area networks (LANS) 32, 34, 36 shown in FIG.
1.
These sub-networks 32, 34, 36 may be geographically separated, in which case it may be desirable to have separate firewall devices 12, 14, 16, 18 for each sub-network 32, 34, 36.
In the example shown, even a sub-network 34 that is geographically contained, such as the LAN 34, might have more than one firewall device 14, 16.
FIG.
2 shows the method 100 used to process packets of information transferred between an internal host 40 and an external network 20 through the firewall cluster 10.
As used herein, a packet refers to any data element capable of being transferred through a firewall between an internal network 30 and an external network 20.
In use, a particular internal host 40 may access the Internet 20 by initiating 110 a connection that sends a data flow through a particular firewall device 12, for example firewall device A 12

Related patents

	Serial data receiving device It is therefore an object of the present invention to provide a serial data receiving device which is capable of identifying the data correctly even though the received ...
	Slot reception synchronization circuit What is claimed is: 1. A time slot reception synchronization circuit for detecting a unique word which is included in one time slot data and for receiving the one time ...
	Method and apparatus for multiplexing complete MPEG transport streams from multiple sources using a PLL coupled to both the PCR and the transport encoder clock The present invention is a method and apparatus for splicing transport streams from multiple sources without violating the clock slew rates specified for a receiver. The ...
	System and method for searching patterns in real-time over a shared media It is an object of the present invention to provide a system and method for performing real-time search of a bit pattern over a shared media supporting multiple ...
	Method and system for accessing packetized elementary stream data OF THE DRAWINGS In a specific embodiment of the present invention a method for storing data is disclosed. The method comprises receiving a first transport packet of a ...
	Interactive television program guide system with pay program package promotion This and other objects of the invention are accomplished in accordance with the principles of the present invention by providing a system that allows a user to select a ...
	Digital coupons for pay televisions In accordance with the present invention, an apparatus and method are presented for allowing users of services such as pay television to obtain credits when viewing ...
	Method and apparatus for automatically accessing web pages based on television programming information OF THE PREFERRED EMBODIMENTS FIG. 1 shows a generalized block diagram of a Web/television hybrid network at 10 in accordance with the present invention, the network ...
	System for filtering content from videos This and other objects of the invention are accomplished in accordance with the principles of the present invention by providing a filtering system in which certain ...
	Method and apparatus for automatically identifying and selectively altering segments of a television broadcast signal in real-time In accordance with the invention, a method and apparatus, intended to be marketed under the mark Sound!Off.TM., is provided for identifying selected segments of a ...

0.014
Archive: All patents - Links Copyright (c)2006 Eipa-patents.org - All rights reserved