Legal claims defining the scope of protection, as filed with the USPTO.
1. A method for balancing load among firewall security devices in a network, the method comprising: causing, by a switching device on the network, a plurality of firewall security devices arranged in one or more clusters on the network to enter into a load balancing mode by sending one or more control messages to the plurality of firewall security devices; receiving, by the switching device, heartbeat signals from the plurality of firewall security devices; including, by the switching device, information regarding the plurality of firewall security devices into a load balancing table; configuring a load balancing function in the switching device based on information received from a network administrator indicative of (i) a number of bits to be used as an input to the load balancing function and (ii) bit positions of the number of bits within one or more of a packet type, a source port, a destination port, a source address and a destination address of packets to be load balanced, wherein the number of bits may be fewer than that of the source address or the destination address, wherein the bit positions are not limited to being contiguous and wherein the load balancing function enables the switching device to manage more than eight firewall security devices in a cluster; receiving, by the switching device, a data packet from one or more client devices; and forwarding, by the switching device, the data packet to a firewall security device of the plurality of firewall security devices based on the load balancing function.
2. The method of claim 1 , wherein the load balancing function comprises a hash function or an emulated hash function.
3. The method of claim 1 , further comprising configuring one or more rules to generate one or more outcomes, wherein the one or more outcomes are generated based on the number of bits.
4. The method of claim 3 , further comprising specifying one or more ports corresponding to the one or more outcomes on the switching device.
5. The method of claim 4 , further comprising directing the data packet to one of the one or more ports based on (i) an outcome of applying the hash function to the bit positions and (ii) the load balancing table.
6. The method of claim 1 , further comprising assigning a Virtual Local Area Network (VLAN) tag to the data packet.
7. A non-transitory computer-readable storage medium readable by one or more processors of a switching device, the computer-readable storage medium tangibly embodying a set of instructions executable by the one or more processors to perform a method for balancing load among firewall security devices, the method comprising: directing a plurality of firewall security devices arranged in one or more clusters on a network to enter into a load balancing mode by sending one or more control messages to the plurality of firewall security devices; receiving heartbeat signals from the plurality of firewall security devices; including information regarding the plurality of firewall security devices into a load balancing table; configuring a load balancing function in the switching device based on information received from a network administrator indicative of (i) a number of bits to be used as an input to the load balancing function and (ii) bit positions of the number of bits within one or more of a packet type, a source port, a destination port, a source address and a destination address of packets to be load balanced, wherein the number of bits may be fewer than that of the source address or the destination address, wherein the bit positions are not limited to being contiguous and wherein the load balancing function enables the switching device to manage more than eight firewall security devices in a cluster; receiving a data packet from one or more client devices; and forwarding the data packet to a firewall security device of the plurality of firewall security devices based on the load balancing function.
8. The non-transitory computer-readable storage medium of claim 7 , wherein the load balancing function comprises a hash function or an emulated hash function.
9. The non-transitory computer-readable storage medium of claim 7 , wherein the method further comprises configuring one or more rules to generate one or more outcomes, wherein the one or more outcomes are generated based on the number of bits.
10. The non-transitory computer-readable storage medium of claim 9 , wherein the method further comprises specifying one or more ports corresponding to the one or more outcomes on the switching device.
11. The non-transitory computer-readable storage medium of claim 10 , wherein the method further comprises directing the data packet to one of the one or more ports based on (i) an outcome of applying the hash function to the bit positions and (ii) the load balancing table.
12. The non-transitory computer-readable storage medium of claim 7 , wherein the method further comprises assigning a Virtual Local Area Network (VLAN) tag to the data packet.
Unknown
February 23, 2016
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.