US20220217126A1 - Apparatus and method for secure router device - Google Patents

Apparatus and method for secure router device Download PDF

Info

Publication number
US20220217126A1
US20220217126A1 US17/547,960 US202117547960A US2022217126A1 US 20220217126 A1 US20220217126 A1 US 20220217126A1 US 202117547960 A US202117547960 A US 202117547960A US 2022217126 A1 US2022217126 A1 US 2022217126A1
Authority
US
United States
Prior art keywords
ports
virtual machine
encrypted data
layer encrypted
data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
US17/547,960
Inventor
Keiron Christopher Tomasso
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Sigma Defense Systems LLC
Original Assignee
KCT HOLDINGS LLC
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by KCT HOLDINGS LLC filed Critical KCT HOLDINGS LLC
Priority to US17/547,960 priority Critical patent/US20220217126A1/en
Assigned to PENNANTPARK LOAN AGENCY SERVICING, LLC, AS ADMINISTRATIVE AGENT reassignment PENNANTPARK LOAN AGENCY SERVICING, LLC, AS ADMINISTRATIVE AGENT SECURITY INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: SIGMA DEFENSE SYSTEMS LLC
Publication of US20220217126A1 publication Critical patent/US20220217126A1/en
Assigned to SIGMA DEFENSE SYSTEMS LLC reassignment SIGMA DEFENSE SYSTEMS LLC ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: KCT HOLDINGS LLC
Assigned to OAKTREE FUND ADMINISTRATION, LLC, AS ADMINISTRATIVE AGENT reassignment OAKTREE FUND ADMINISTRATION, LLC, AS ADMINISTRATIVE AGENT SECURITY INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: SIGMA DEFENSE SYSTEMS LLC
Abandoned legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0485Networking architectures for enhanced packet encryption processing, e.g. offloading of IPsec packet processing or efficient security association look-up
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/60Software deployment
    • G06F8/65Updates
    • G06F8/654Updates using techniques specially adapted for alterable solid state memories, e.g. for EEPROM or flash memories
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/58Association of routers
    • H04L45/586Association of routers of virtual routers
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0478Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload applying multiple layers of encryption, e.g. nested tunnels or encrypting the content with a first key and then with at least a second key
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • G06F2009/45579I/O management, e.g. providing access to device drivers or storage
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • G06F2009/45595Network integration; Enabling network access in virtual machine instances

Definitions

  • the present application is directed to networking and electronic secure communication using a router.
  • routers relate to intelligent decision making for deciding where packets should be sent based on a specified protocol.
  • a router is typically connected to a network, such as the internet or a local area network. A need may arise for a multi-function router device that provides functionality beyond what is currently available.
  • a router may receive and forward data packets at a physical network interface.
  • the router may also run a virtualized router using a logical network interface mapped statically or dynamically to the physical network interface.
  • FIG. 1 shows an example of the hardware of a router device
  • FIG. 2 shows a high level diagram of an example router configuration
  • FIG. 3 shows a high level diagram of an example router configuration
  • FIG. 4 shows a high level diagram of an example router configuration
  • FIG. 5 shows a high level diagram of an example router configuration.
  • FIG. 1 shows an example router.
  • the router 101 may have one or more hardware components such as one or more processors 102 and/or microcontrollers operatively connected to memory (e.g., storage mediums, hard drives, solid state drives, ROM, RAM, etc.) 103 , 104 and a physical interface.
  • the memory 103 may contain computer code that may be executed by the processor and utilize the hardware of the router 101 .
  • the physical interface may have one or more I/O ports 105 such as: a USB port (e.g. USB 1.0, 2.0, 3.0, 3.1, Type-C, etc.), a serial port (e.g. RS-232), parallel port, Small Computer Systems Interface port (SCSI), FireWire (i.e.
  • NIC network interface controller
  • modem port i.e. telephone jack RJ-11
  • wireless card e.g., WIFI IEEE 802.11 standards, Bluetooth, NFC, cell phone modem based on 3GPP standards, etc.
  • optical data port laser, infrared, etc.
  • audio ports display ports (e.g. HDMI, VGA, DisplayPort, etc.), and human interface ports (e.g. keyboard, mouse, PS/2, etc.).
  • a networking port may be an Ethernet port. There may be multiple iterations of one type of port, such as a set of networking ports which include at least two Ethernet ports. A set of networking ports may comprise a set of the same type or different types of ports.
  • FIG. 2 shows a high level diagram of an example router configuration.
  • the router hardware 201 may run router firmware 202 , software 203 , operating systems (OS) 204 , and/or applications.
  • the router 201 may run firmware 202 that supports/enables/executes router firmware virtualization infrastructure (RFVI) 203 that creates one or more virtualized environments 204 .
  • the RFVI 203 may support/enable/execute one or more virtual machines 204 such as a virtualized guest operating system (OS), firmware, and/or software.
  • the virtual machine 204 may be an operating system based on Microsoft Windows, Linux, Unix, MacOS, or the like.
  • the virtual machine 204 may be a software OS performing the role of a Domain Controller.
  • the RFVI 203 may be an application specific server.
  • the operating system 204 may run software that performs specific functionalities and/or emulates the functionality of a specialized device, such as a virtual server or router.
  • the router 201 and/or virtual server 204 may be connected to one or more logical or physical networks, such as the internet, and may assist in the management and/or forwarding of data packets within and/or between networks, and/or virtual machines, and or hardware.
  • FIG. 3 shows a high level diagram of an example router configuration.
  • the one or more virtual machines 304 may have virtual interfaces, also known as logical interfaces 305 , connected to the physical interfaces 306 , as described herein.
  • the RFVI 301 via the router firmware 302 may facilitate a connection between the logical interface 305 and the physical interface 306 .
  • the logical interface 305 may include a virtualized version of physical interface ports 306 . Additionally/alternatively, the virtual machine logical interface 305 may connect with a host router firmware logical interface.
  • FIG. 4 shows a high level diagram of an example router configuration.
  • the physical interface may be a Physical Network Interface (PNI) 406 , which is a wired and/or wireless port such as those described herein.
  • the logical interface may be a virtualized network interface, also known as a Logical Network Interface (LNI) 405 , which may simulate a wired or wireless network port such as any of those described herein.
  • the PNI 406 may be used by the RFVI 403 via the router firmware 402 to facilitate a connection to the LNI 405 .
  • FIG. 5 shows a high level diagram of an example router configuration.
  • the virtual machine 504 communicates with the PNI 506 .
  • the operating system of the virtual machine 504 may see a LNI 505 and treat is as a PNI 506 without knowing that it is virtualized.
  • the RFVI 503 may also have a Logical Network Bridge (LNB) 507 that bridges one or more connections within the router 501 .
  • LNB Logical Network Bridge
  • the RFVI 503 may be configured to have a static mapping of a specific LNI 505 to a specific PNI 506 and/or may have a dynamic mapping of one or more LNIs 505 to one or more PNIs 506 .
  • the routing of information from the ports of the PNI 506 and/or LNI 505 may happen simultaneously or near simultaneously.
  • the router 101 may implement directly and/or indirectly various levels of security.
  • the router 101 may be used in a Commercial Solutions for Classified (CSfC) program as instituted by the National Security Agency (NSA).
  • CSfC provides secure solutions leveraging layered encryption solutions to provide adequate protection of classified data.
  • the router 101 may be used as, in conjunction with, or may assist with: IPsec Virtual Private Network (VPN) Gateway, IPsec VPN Gateway, WLAN Access System, Certificate Authority, IPSec VPN Client, Wireless Local Area Network (WLAN) Client, Session Initiation Protocol (SIP) Server, Mobile Platform, Mobile Device Management (MDM), Software Full Drive Encryption (SW FDE), Hardware Full Drive Encryption, VoIP Applications, Transport Layer Security (TLS) Software Applications; E-mail Clients; Internet Protocol Security (IPS), Traffic Filtering Firewall, Web Browsers, File Encryption, TLS Protected Servers, Session Border Controller, Authentication Server, Medium Access Control Security (MACSEC) Ethernet Encryption Devices, and/or Virtualized Servers.
  • VPN IPsec Virtual Private Network
  • WLAN Wireless Local Area Network
  • SSL Session Initiation Protocol
  • MDM Mobile Device Management
  • SW FDE Software Full Drive Encryption
  • TLS Transport Layer Security
  • E-mail Clients Internet Protocol Security (IPS), Traffic Fil
  • the router 101 may run a first IPSEC VPN alongside a second virtualized IPSEC VPN thereby providing two functions in one device that reduces costs and increases efficiency of one device solution.
  • the first IPSEC VPN may be mapped to a first set of networking ports of a PNI 105 of the router 101 and the second virtualized IPSEC VPN may be mapped to a second set of networking ports of the PNI 105 of the router 101 .
  • a router 101 may host software to facilitate network access to an eNodeB (eNB) that results in two functionalities in one hardware solution in support of network access to an eNodeB.
  • eNB eNodeB

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Telephonic Communication Services (AREA)

Abstract

Method, systems, and devices for providing a multi-function router. A router may receive and forward data packets at a physical network interface. The router may also run a virtualized server or router using a logical network interface mapped statically or dynamically to the physical network interface.

Description

  • This application is a continuation of U.S. patent application Ser. No. 15/994,469, filed May 31, 2018, which claims the benefit of U.S. Provisional Application No. 62/513,853, filed Jun. 1, 2017 which is incorporated by reference as if fully set forth.
    • FIELD OF INVENTION
  • The present application is directed to networking and electronic secure communication using a router.
    • BACKGROUND
  • The concept of a router has been employed in some of the first known versions of computer networking. Routers relate to intelligent decision making for deciding where packets should be sent based on a specified protocol. A router is typically connected to a network, such as the internet or a local area network. A need may arise for a multi-function router device that provides functionality beyond what is currently available.
    • SUMMARY
  • Method, systems, and devices for providing a multi-function router. A router may receive and forward data packets at a physical network interface. The router may also run a virtualized router using a logical network interface mapped statically or dynamically to the physical network interface.
    • BRIEF DESCRIPTION OF THE DRAWINGS
  • FIG. 1 shows an example of the hardware of a router device;
  • FIG. 2 shows a high level diagram of an example router configuration;
  • FIG. 3 shows a high level diagram of an example router configuration;
  • FIG. 4 shows a high level diagram of an example router configuration; and
  • FIG. 5 shows a high level diagram of an example router configuration.
    •  DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENT(S)
  • The present application is written with various examples, embodiments, scenarios, and situations that are meant to present non-limiting exemplary descriptions of the present application. Further, it is envisioned that any of the examples, embodiments, scenarios, or situations may be used separately, combined, or in any possible configuration as may be possible despite the description herein.
  • FIG. 1 shows an example router. The router 101 may have one or more hardware components such as one or more processors 102 and/or microcontrollers operatively connected to memory (e.g., storage mediums, hard drives, solid state drives, ROM, RAM, etc.) 103, 104 and a physical interface. The memory 103 may contain computer code that may be executed by the processor and utilize the hardware of the router 101. The physical interface may have one or more I/O ports 105 such as: a USB port (e.g. USB 1.0, 2.0, 3.0, 3.1, Type-C, etc.), a serial port (e.g. RS-232), parallel port, Small Computer Systems Interface port (SCSI), FireWire (i.e. IEEE 1394), Thunderbolt (e.g. Thunderbolt 1, 2, 3), Peripheral Component Interconnect (PCI), PCI express (PCIe), Coaxial port, network interface controller (NIC) (e.g. Ethernet RJ-45), modem port (i.e. telephone jack RJ-11), wireless card (e.g., WIFI IEEE 802.11 standards, Bluetooth, NFC, cell phone modem based on 3GPP standards, etc.), optical data port (laser, infrared, etc.), audio ports, display ports (e.g. HDMI, VGA, DisplayPort, etc.), and human interface ports (e.g. keyboard, mouse, PS/2, etc.). For example, a networking port may be an Ethernet port. There may be multiple iterations of one type of port, such as a set of networking ports which include at least two Ethernet ports. A set of networking ports may comprise a set of the same type or different types of ports.
  • FIG. 2 shows a high level diagram of an example router configuration. In one embodiment the router hardware 201 may run router firmware 202, software 203, operating systems (OS) 204, and/or applications. The router 201 may run firmware 202 that supports/enables/executes router firmware virtualization infrastructure (RFVI) 203 that creates one or more virtualized environments 204. The RFVI 203 may support/enable/execute one or more virtual machines 204 such as a virtualized guest operating system (OS), firmware, and/or software. The virtual machine 204 may be an operating system based on Microsoft Windows, Linux, Unix, MacOS, or the like. In one example the virtual machine 204 may be a software OS performing the role of a Domain Controller. In one example the RFVI 203 may be an application specific server. The operating system 204 may run software that performs specific functionalities and/or emulates the functionality of a specialized device, such as a virtual server or router. The router 201 and/or virtual server 204 may be connected to one or more logical or physical networks, such as the internet, and may assist in the management and/or forwarding of data packets within and/or between networks, and/or virtual machines, and or hardware.
  • FIG. 3 shows a high level diagram of an example router configuration. In one embodiment the one or more virtual machines 304 may have virtual interfaces, also known as logical interfaces 305, connected to the physical interfaces 306, as described herein. The RFVI 301 via the router firmware 302 may facilitate a connection between the logical interface 305 and the physical interface 306. The logical interface 305 may include a virtualized version of physical interface ports 306. Additionally/alternatively, the virtual machine logical interface 305 may connect with a host router firmware logical interface.
  • FIG. 4 shows a high level diagram of an example router configuration. In one embodiment the physical interface may be a Physical Network Interface (PNI) 406, which is a wired and/or wireless port such as those described herein. The logical interface may be a virtualized network interface, also known as a Logical Network Interface (LNI) 405, which may simulate a wired or wireless network port such as any of those described herein. The PNI 406 may be used by the RFVI 403 via the router firmware 402 to facilitate a connection to the LNI 405.
  • FIG. 5 shows a high level diagram of an example router configuration. In one embodiment the virtual machine 504 communicates with the PNI 506. The operating system of the virtual machine 504 may see a LNI 505 and treat is as a PNI 506 without knowing that it is virtualized. The RFVI 503 may also have a Logical Network Bridge (LNB) 507 that bridges one or more connections within the router 501. The RFVI 503 may be configured to have a static mapping of a specific LNI 505 to a specific PNI 506 and/or may have a dynamic mapping of one or more LNIs 505 to one or more PNIs 506. The routing of information from the ports of the PNI 506 and/or LNI 505 may happen simultaneously or near simultaneously.
  • The router 101 may implement directly and/or indirectly various levels of security. The router 101 may be used in a Commercial Solutions for Classified (CSfC) program as instituted by the National Security Agency (NSA). CSfC provides secure solutions leveraging layered encryption solutions to provide adequate protection of classified data. The router 101 may be used as, in conjunction with, or may assist with: IPsec Virtual Private Network (VPN) Gateway, IPsec VPN Gateway, WLAN Access System, Certificate Authority, IPSec VPN Client, Wireless Local Area Network (WLAN) Client, Session Initiation Protocol (SIP) Server, Mobile Platform, Mobile Device Management (MDM), Software Full Drive Encryption (SW FDE), Hardware Full Drive Encryption, VoIP Applications, Transport Layer Security (TLS) Software Applications; E-mail Clients; Internet Protocol Security (IPS), Traffic Filtering Firewall, Web Browsers, File Encryption, TLS Protected Servers, Session Border Controller, Authentication Server, Medium Access Control Security (MACSEC) Ethernet Encryption Devices, and/or Virtualized Servers.
  • In one embodiment the router 101 may run a first IPSEC VPN alongside a second virtualized IPSEC VPN thereby providing two functions in one device that reduces costs and increases efficiency of one device solution. In this embodiment the first IPSEC VPN may be mapped to a first set of networking ports of a PNI 105 of the router 101 and the second virtualized IPSEC VPN may be mapped to a second set of networking ports of the PNI 105 of the router 101.
  • In another embodiment a router 101 may host software to facilitate network access to an eNodeB (eNB) that results in two functionalities in one hardware solution in support of network access to an eNodeB.

Claims (20)

1. A device comprising:
a processor configured to run a first virtual machine, wherein the first virtual machine is configured to establish a first IP security (IPSEC) Virtual Private Network (VPN) and receive data, apply a first encryption to the data thereby generating one-layer encrypted data, and send the one-layer encrypted data to a first set of ports; and
the processor is further configured to run a second virtual machine, wherein the second virtual machine is configured to establish a second IPSEC VPN and receive the one-layer encrypted data at the first set of ports, apply a second encryption to the one-layer encrypted data thereby generating two-layer encrypted data, and send the two-layer encrypted data to a second set of ports.
2. The device of claim 1, wherein the processor is further configured to run Router Firmware Virtualization Infrastructure (RFVI) for the first virtual machine or the second virtual machine.
3. The device of claim 1, wherein the device sends the two-layer encrypted data connected over the internet to a remote second device via the second set of ports.
4. The device of claim 1, wherein the device receives the data from an external source, or an internal source, wherein the external source comprises a computer, a laptop, a tablet, a cell phone, a cellular base station, wherein the internal source includes a keyboard of the device, a USB port of the device, or a network port of the device.
5. The device of claim 1, wherein the device comprises a set of physical ports mapped to a set of logical ports, wherein the mapping is static or dynamic.
6. The device of claim 1, wherein the first virtual machine or the second virtual machine implements a virtual server, router, or switch to control the sending and receiving of any data.
7. The device of claim 1, wherein the device is a laptop, a computer, a smartphone, or a tablet.
8. The device of claim 1, wherein a set of physical ports includes the first set of ports, wherein a set of logical ports includes the second set of ports.
9. The device of claim 1, wherein the first set of ports include a wired connection and the second set of ports include a wireless connection.
10. The device of claim 1, wherein the device is a component of an apparatus, wherein the apparatus is a laptop, a computer, a smartphone, or a tablet.
11. A method implemented by a device, the method comprising:
establishing, by a first virtual machine running on the device, a first IP security (IPSEC) Virtual Private Network (VPN) and receive data;
applying, by the first virtual machine running on the device, a first encryption to the data thereby generating one-layer encrypted data;
sending, by the first virtual machine running on the device, the one-layer encrypted data to a first set of ports;
establishing, by a second virtual machine running on the device, a second IPSEC VPN and receive the one-layer encrypted data at the first set of ports,
applying, by the second virtual machine running on the device, a second encryption to the one-layer encrypted data thereby generating two-layer encrypted data, and
sending, by the second virtual machine running on the device, the two-layer encrypted data to a second set of ports.
12. The method of claim 11, wherein the processor is further configured to run Router Firmware Virtualization Infrastructure (RFVI) for the first virtual machine or the second virtual machine.
13. The method of claim 11, wherein the device sends the two-layer encrypted data connected over the internet to a remote second device via the second set of ports.
14. The method of claim 11, wherein the device receives the data from an external source, or an internal source, wherein the external source comprises a computer, a laptop, a tablet, a cell phone, a cellular base station, wherein the internal source includes a keyboard of the device, a USB port of the device, or a network port of the device.
15. The method of claim 11, wherein the device comprises a set of physical ports mapped to a set of logical ports, wherein the mapping is static or dynamic.
16. The method of claim 11, wherein the first virtual machine or the second virtual machine implements a virtual server, router, or switch to control the sending and receiving of any data.
17. The method of claim 11, wherein the device is a laptop, a computer, a smartphone, or a tablet.
18. The method of claim 11, wherein a set of physical ports includes the first set of ports, wherein a set of logical ports includes the second set of ports.
19. The method of claim 11, wherein the first set of ports include a wired connection and the second set of ports include a wireless connection.
20. The method of claim 11, wherein the device is a component of an apparatus, wherein the apparatus is a laptop, a computer, a smartphone, or a tablet.
US17/547,960 2017-06-01 2021-12-10 Apparatus and method for secure router device Abandoned US20220217126A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
US17/547,960 US20220217126A1 (en) 2017-06-01 2021-12-10 Apparatus and method for secure router device

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US201762513853P 2017-06-01 2017-06-01
US15/994,469 US11201858B2 (en) 2017-06-01 2018-05-31 Apparatus and method for secure router device
US17/547,960 US20220217126A1 (en) 2017-06-01 2021-12-10 Apparatus and method for secure router device

Related Parent Applications (1)

Application Number Title Priority Date Filing Date
US15/994,469 Continuation US11201858B2 (en) 2017-06-01 2018-05-31 Apparatus and method for secure router device

Publications (1)

Publication Number Publication Date
US20220217126A1 true US20220217126A1 (en) 2022-07-07

Family

ID=64460127

Family Applications (2)

Application Number Title Priority Date Filing Date
US15/994,469 Active 2038-09-12 US11201858B2 (en) 2017-06-01 2018-05-31 Apparatus and method for secure router device
US17/547,960 Abandoned US20220217126A1 (en) 2017-06-01 2021-12-10 Apparatus and method for secure router device

Family Applications Before (1)

Application Number Title Priority Date Filing Date
US15/994,469 Active 2038-09-12 US11201858B2 (en) 2017-06-01 2018-05-31 Apparatus and method for secure router device

Country Status (1)

Country Link
US (2) US11201858B2 (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109873769A (en) * 2018-12-28 2019-06-11 安徽中瑞通信科技股份有限公司 A kind of intelligent router based on 5G communication
CN110191084A (en) * 2019-03-27 2019-08-30 青岛海信电子设备股份有限公司 The encapsulation of IPsec data, method of reseptance and device

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7389534B1 (en) * 2003-06-27 2008-06-17 Nortel Networks Ltd Method and apparatus for establishing virtual private network tunnels in a wireless network
US20150281042A1 (en) * 2014-03-27 2015-10-01 Nicira, Inc. Address resolution using multiple designated instances of a logical router
US20160112495A1 (en) * 2012-02-09 2016-04-21 Connectify, Inc. Secure remote computer network
US20160182458A1 (en) * 2014-12-17 2016-06-23 Cisco Technology, Inc. End-to-end security for virtual private service chains
US20170097842A1 (en) * 2015-10-06 2017-04-06 Centurylink Intellectual Property Llc Virtual Machine-To-Port Peripheral Device Driver
US20180302243A1 (en) * 2016-12-19 2018-10-18 Huawei Technologies Co., Ltd. Data Packet Processing Method, Host, and System

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100061366A1 (en) * 2008-09-08 2010-03-11 Verizon Corporate Services Group Inc. Method and apparatus for link sharing among logical routers
US9600421B2 (en) * 2009-05-20 2017-03-21 Conexant Systems, Inc. Systems and methods for low-latency encrypted storage
US10361952B2 (en) * 2015-06-30 2019-07-23 Nicira, Inc. Intermediate logical interfaces in a virtual distributed router environment
US10547588B2 (en) * 2016-04-30 2020-01-28 Nicira, Inc. Method of translating a logical switch into a set of network addresses

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7389534B1 (en) * 2003-06-27 2008-06-17 Nortel Networks Ltd Method and apparatus for establishing virtual private network tunnels in a wireless network
US20160112495A1 (en) * 2012-02-09 2016-04-21 Connectify, Inc. Secure remote computer network
US20150281042A1 (en) * 2014-03-27 2015-10-01 Nicira, Inc. Address resolution using multiple designated instances of a logical router
US20160182458A1 (en) * 2014-12-17 2016-06-23 Cisco Technology, Inc. End-to-end security for virtual private service chains
US20170097842A1 (en) * 2015-10-06 2017-04-06 Centurylink Intellectual Property Llc Virtual Machine-To-Port Peripheral Device Driver
US20180302243A1 (en) * 2016-12-19 2018-10-18 Huawei Technologies Co., Ltd. Data Packet Processing Method, Host, and System

Also Published As

Publication number Publication date
US11201858B2 (en) 2021-12-14
US20180351924A1 (en) 2018-12-06

Similar Documents

Publication Publication Date Title
US11190489B2 (en) Methods and systems for establishing a connection between a first device and a second device across a software-defined perimeter
US11032248B2 (en) Guest thin agent assisted host network encryption
US9094400B2 (en) Authentication in virtual private networks
US9203807B2 (en) Private cloud server and client architecture without utilizing a routing server
US10601810B2 (en) Private cloud routing server connection mechanism for use in a private communication architecture
JP2018513505A (en) How to divide data operation functions between system layers
US20220217126A1 (en) Apparatus and method for secure router device
JP2018525858A (en) Micro VPN tunneling for mobile platforms
US9781087B2 (en) Private and secure communication architecture without utilizing a public cloud based routing server
US20140359704A1 (en) Private cloud routing server, private network service and smart device client architecture without utilizing a public cloud based routing server
EP3286889B1 (en) Secure in-band service detection
US20160087941A1 (en) Techniques for providing services to multiple tenants via a shared end-point
WO2018010146A1 (en) Response method, apparatus and system in virtual network computing authentication, and proxy server
US10200354B2 (en) Switching between networks
US11659058B2 (en) Provider network connectivity management for provider network substrate extensions
US20130117836A1 (en) Auto discovery of virtual machines
US20170111269A1 (en) Secure, anonymous networking
TWI632465B (en) Method for use with a public cloud network, private cloud routing server and smart device client
US20150195270A1 (en) Private and secure communication architecture without utilizing a public cloud based routing server
US20140189357A1 (en) Encryption and authentication based network management method and apparatus
WO2023179715A1 (en) Data channel construction method and apparatus
TWI537744B (en) Private cloud routing server, private network service and smart device client architecture without utilizing a public cloud based routing server
GB2531831A (en) Private and secure communication architecture without utilizing a public cloud based routing server
US11374789B2 (en) Provider network connectivity to provider network substrate extensions
WO2020264323A1 (en) Provider network connectivity management for provider network substrate extensions

Legal Events

Date Code Title Description
STPP Information on status: patent application and granting procedure in general

Free format text: DOCKETED NEW CASE - READY FOR EXAMINATION

AS Assignment

Owner name: PENNANTPARK LOAN AGENCY SERVICING, LLC, AS ADMINISTRATIVE AGENT, NEW YORK

Free format text: SECURITY INTEREST;ASSIGNOR:SIGMA DEFENSE SYSTEMS LLC;REEL/FRAME:060124/0461

Effective date: 20220607

STPP Information on status: patent application and granting procedure in general

Free format text: NON FINAL ACTION MAILED

AS Assignment

Owner name: SIGMA DEFENSE SYSTEMS LLC, GEORGIA

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:KCT HOLDINGS LLC;REEL/FRAME:062204/0463

Effective date: 20220517

STCB Information on status: application discontinuation

Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION

AS Assignment

Owner name: OAKTREE FUND ADMINISTRATION, LLC, AS ADMINISTRATIVE AGENT, NEW YORK

Free format text: SECURITY INTEREST;ASSIGNOR:SIGMA DEFENSE SYSTEMS LLC;REEL/FRAME:065764/0157

Effective date: 20231204