logo

For the Inventor, By the Inventor

The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.

The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.

Patent No.:

US 7724728 B1

PDFFull Text
Date of Patent:
May. 25, 2010

Filed:

May. 05, 2005

Policy-based processing of packets

Applicants:

Venkateshwar Rao Pullela, San Jose, CA (US);

Ambarish Kenghe, Aurora, CO (US);

Ramesh V N Ponnapalli, Karnataka, IN;

Dileep Kumar Devireddy, San Jose, CA (US);

Suresh Gurajapu, Santa Clara, CA (US);

Inventors:

Venkateshwar Rao Pullela, San Jose, CA (US);

Ambarish Kenghe, Aurora, CO (US);

Ramesh V N Ponnapalli, Karnataka, IN;

Dileep Kumar Devireddy, San Jose, CA (US);

Suresh Gurajapu, Santa Clara, CA (US);

Assignee:

Cisco Technology, Inc., San Jose, CA (US);

Attorney:

The Law Office of Kirk D. Williams

Primary Examiner:

Huy D Vu

Assistant Examiner:

Brandon Renner

Int. Cl.
CPC ...
H04L 12/66 (2006.01); H04L 12/28 (2006.01); G06F 7/04 (2006.01); G06F 9/00 (2006.01);
U.S. Cl.
CPC ...
Abstract

Disclosed are, inter alia, methods, apparatus, data structures, computer-readable media, and mechanisms, for policy-based processing of packets, including mechanisms for managing the policies. A user is authenticated and its user group identifier is identified. A packet is received and is associated with the user group identifier, and one or more fields (typically other than the source address field) of the packet are used to identify a second group identifier. A lookup operation is then performed on a policy based on the first and second group identifiers to identify a packet processing action to be performed on the packet. These identifiers are typically not network addresses, which disassociates the policy from physical network addresses (which often are dynamically assigned and may also vary based on the access point into the network of a user), and allows a switching device to process packets based on a policy stated using group identifiers.

Find Patent Forward Citations

Loading…