Patent application number | Description | Published |
20120272309 | Method and Apparatus for Fast Check and Update of Anti-Replay Window Without Bit-Shifting in Internet Protocol Security - An apparatus comprising a processor configured to implement an anti-replay check for a plurality of received packets and a plurality of corresponding sequence numbers; and a circular buffer coupled to the processor and comprising a bitmap, wherein the bitmap is slided in a circular manner by updating a low index that points to a first sequence number for a first received packet and a high index that points to a last sequence number for a last received packet without bit-shifting, and wherein, when the update results in the new value of one of the low index and the high index exceeding the end of the circular buffer, the one of the low index and the high index wraps around from the beginning of the circular buffer. | 10-25-2012 |
20130263249 | Enhancing IPSEC Performance and Security Against Eavesdropping - A network element (NE) comprising a memory device configured to store instructions, and a processor configured to execute the instructions by dividing a first plurality of data packets of a data flow into a first plurality of sub-flows, and causing the first plurality of sub-flows to be transmitted to a second NE via a network, wherein the first plurality of sub-flows are transmitted using a first Internet Protocol Security (IPsec) security association (SA) cluster comprising a plurality of parallel sub-SAs. The disclosure also includes a NE comprising a processor configured to create an IPsec SA cluster comprising a first plurality of sub-SAs between the NE and a second NE using an internet key exchange (IKE) or an IKEv2, wherein the first sub-SAs are unidirectional, and wherein the first sub-SAs are configured to transport a first plurality of data packets in a common direction. | 10-03-2013 |
20130269022 | Method and Apparatus for Fast Check and Update of Anti-Replay Window Without Bit-Shifting in Internet Protocol Security - An apparatus comprising a processor configured to implement an anti-replay check for a plurality of received packets and a plurality of corresponding sequence numbers; and a circular buffer coupled to the processor and comprising a bitmap, wherein the bitmap is slided in a circular manner by updating a low index that points to a first sequence number for a first received packet and a high index that points to a last sequence number for a last received packet without bit-shifting, and wherein, when the update results in the new value of one of the low index and the high index exceeding the end of the circular buffer, the one of the low index and the high index wraps around from the beginning of the circular buffer. | 10-10-2013 |
20140101651 | In-Service Software Patch - A method in a network device with a processor that runs multiple software threads for software that needs an update for updating the software while mitigating service disruption, the method comprising installing at least one new function, modifying at least one existing function to point to a synchronization code, wherein the synchronization code indicates whether the multiple software threads use the at least one new function or the at least one existing function, synchronizing software threads in the network device, based on the synchronization code indicating that the synchronization of the software threads is not complete, using, by the multiple software threads, the at least one existing function, and based on the synchronization code indicating that the synchronization of the software threads is complete, using, by the multiple software threads, the at least one new function, wherein the multiple software threads continually run on the network device during the synchronization. | 04-10-2014 |
20140176446 | Adaptive Keyboard for Mobile Devices - A mobile device comprising a processor, and a touch screen coupled to the processor and configured to display a plurality of keyboard pages in a sequential order, wherein the keyboard pages comprise a plurality of relocatable keys, and wherein the relocatable keys are relocatable based on their proportionate frequency of usage. | 06-26-2014 |
20140280864 | Methods of Representing Software Defined Networking-Based Multiple Layer Network Topology Views - A method for network control, comprising receiving a request for a network view from an application at a Software Defined Network (SDN) controller, creating a network view from a network map, wherein the network map comprises a representation of a plurality of network devices and network paths in a SDN-based multiple layer network, and wherein the network view comprises at least a portion of the devices or paths in the network map, and sharing the network view with the application. | 09-18-2014 |
20140281530 | Enhanced IPsec Anti-Replay/Anti-DDOS Performance - A method for authenticating an Internet Protocol Security (IPsec) packet, wherein the method comprises, receiving the IPsec packet via an input port, performing a Sequence-Integrity Check Value (SEQ-ICV) check that validates a sequence number within the IPsec packet, and performing an Integrity Check Value (ICV) check that validates a checksum within the IPsec packet, wherein the SEQ-ICV check is performed before the ICV check. In yet another example embodiment, an apparatus for transmitting an IPsec packet, comprising a processor, and a transmitter coupled to the processor, wherein the transmitter is configured to transmit an IPsec packet that comprises a header that comprises a sequence number field that provides a sequence number, and a payload that comprises one or more SEQ-ICV segments used to authenticate the sequence number within the IPsec packet. | 09-18-2014 |
20150082319 | High-Performance Parallel Traffic Management for Multi-Core Platforms - A method of traffic management implemented in a multi-core device comprising a first core and a second core, the method comprising receiving a first plurality of data flows for the first core and a second plurality of data flows for the second core, assigning a first thread running on the first core to the first plurality of data flows, assigning a second thread running on the second core to the second plurality of data flows, processing the first plurality of data flows using the first thread, and processing the second plurality of data flows using the second thread, wherein at least one of the first plurality of data flows and at least one of the second plurality of data flows are processed in parallel. | 03-19-2015 |