Abstract: Methods and systems for a flexible, scalable hardware and software platform that allows a managed security service provider to easily provide security services to multiple customers are provided. According to one embodiment, a method is provided for delivering customized network services to subscribers of the service provider. A request is received, at a service management system (SMS) of the service provider, to establish an Internet Protocol (IP) connection between a first and second location of a first subscriber of the managed security service provider. Responsive to the request, the SMS causes a tunnel to be established between a first and second service processing switch of the service provider which are coupled in communication via a public network and associated with the first location and the second location, respectively.

Abstract: Methods and systems for a flexible, scalable hardware and software platform that allows a managed security service provider to easily provide security services to multiple customers are provided. According to one embodiment, a method is provided for delivering customized network services to subscribers of the service provider. A request is received, at a service management system (SMS) of the service provider, to establish an Internet Protocol (IP) connection between a first and second location of a first subscriber of the managed security service provider. Responsive to the request, the SMS causes a tunnel to be established between a first and second service processing switch of the service provider which are coupled in communication via a public network and associated with the first location and the second location, respectively.

Abstract: Methods and systems for a flexible, scalable hardware and software platform that allows a managed security service provider to easily provide security services to multiple customers are provided. According to one embodiment, a method is provided for delivering customized network services to subscribers of the service provider. A request is received, at a service management system (SMS) of the service provider, to establish an Internet Protocol (IP) connection between a first and second location of a first subscriber of the managed security service provider. Responsive to the request, the SMS causes a tunnel to be established between a first and second service processing switch of the service provider which are coupled in communication via a public network and associated with the first location and the second location, respectively.

Abstract: Methods and systems for a flexible, scalable hardware and software platform that allows a managed security service provider to easily provide security services to multiple customers are provided. According to one embodiment, a method is provided for delivering customized network services to subscribers of the service provider. A request is received, at a service management system (SMS) of the service provider, to establish an Internet Protocol (IP) connection between a first and second location of a first subscriber of the managed security service provider. Responsive to the request, the SMS causes a tunnel to be established between a first and second service processing switch of the service provider which are coupled in communication via a public network and associated with the first location and the second location, respectively.

Abstract: Methods and systems for managing a service provider switch are provided. According to one embodiment, a method is provided for provisioning a switch with a network-based managed Internet Protocol (IP) service. A network operating system (NOS) is provided on each processor element (PE) of the switch. The NOS includes an object manager (OM) responsible for managing global software object groups, managing software object configurations, managing local software objects and groups and routing control information between address spaces based on locations of software objects. The OM performs management plane communications among software objects by way of system calls. The OM performs data plane communications among software objects by way of object-to-object channels.

Abstract: Methods and systems for a flexible, scalable hardware and software platform that allows a managed security service provider to easily provide security services to multiple customers are provided. According to one embodiment, a method is provided for delivering customized network services to subscribers of the service provider. A request is received, at a service management system (SMS) of the service provider, to establish an Internet Protocol (IP) connection between a first and second location of a first subscriber of the managed security service provider. Responsive to the request, the SMS causes a tunnel to be established between a first and second service processing switch of the service provider which are coupled in communication via a public network and associated with the first location and the second location, respectively.

Abstract: Methods and systems for a flexible, scalable hardware and software platform that allows a managed security service provider to easily provide security services to multiple customers are provided. According to one embodiment, a method is provided for delivering customized network services to subscribers of the service provider. A request is received, at a service management system (SMS) of the service provider, to establish an Internet Protocol (IP) connection between a first and second location of a first subscriber of the managed security service provider. Responsive to the request, the SMS causes a tunnel to be established between a first and second service processing switch of the service provider which are coupled in communication via a public network and associated with the first location and the second location, respectively.

Abstract: Methods and systems for a flexible, scalable hardware and software platform that allows a managed security service provider to easily provide security services to multiple customers are provided. According to one embodiment, a method is provided for delivering customized network services to subscribers of the service provider. A request is received, at a service management system (SMS) of the service provider, to establish an Internet Protocol (IP) connection between a first and second location of a first subscriber of the managed security service provider. Responsive to the request, the SMS causes a tunnel to be established between a first and second service processing switch of the service provider which are coupled in communication via a public network and associated with the first location and the second location, respectively.

Abstract: Methods and systems for a flexible, scalable hardware and software platform that allows a managed security service provider to easily provide security services to multiple customers are provided. According to one embodiment, a method is provided for delivering customized network services to subscribers of the service provider. A request is received, at a service management system (SMS) of the service provider, to establish an Internet Protocol (IP) connection between a first and second location of a first subscriber of the managed security service provider. Responsive to the request, the SMS causes a tunnel to be established between a first and second service processing switch of the service provider which are coupled in communication via a public network and associated with the first location and the second location, respectively.

Abstract: Methods and systems for a flexible, scalable hardware and software platform that allows a managed security service provider to easily provide security services to multiple customers are provided. According to one embodiment, a method is provided for delivering customized network services to subscribers of the service provider. A request is received, at a service management system (SMS) of the service provider, to establish an Internet Protocol (IP) connection between a first and second location of a first subscriber of the managed security service provider. Responsive to the request, the SMS causes a tunnel to be established between a first virtual router (VR) and a second VR running on a first and second service processing switch, respectively, of the service provider which are coupled in communication via a public network and associated with the first location and the second location, respectively.

Abstract: Methods and systems for a flexible, scalable hardware and software platform that allows a managed security service provider to easily provide security services to multiple customers are provided. According to one embodiment, a method is provided for delivering customized network services to subscribers of a service provider. Multiple virtual routers (VRs) are provided within each of multiple service processing switches of a service provider. Each VR is supported by an object group and each object of the object group supports a network service. One or more VRs are assigned to a subscriber of multiple subscribers of the service provider. Customized network services are provided to the subscriber by the one or more VRs assigned to the subscriber.

Abstract: Methods and systems for a flexible, scalable hardware and software platform that allows a managed security service provider to easily provide security services to multiple customers are provided. According to one embodiment, a method is provided for delivering customized network services to subscribers of the service provider. A request is received, at a service management system (SMS) of the service provider, to establish an Internet Protocol (IP) connection between a first and second location of a first subscriber of the managed security service provider. Responsive to the request, the SMS causes a tunnel to be established between a first virtual router (VR) and a second VR running on a first and second service processing switch, respectively, of the service provider which are coupled in communication via a public network and associated with the first location and the second location, respectively.

Abstract: Methods and systems for a flexible, scalable hardware and software platform that allows a managed security service provider to easily provide security services to multiple customers are provided. According to one embodiment, a method is provided for delivering customized network services to subscribers of a service provider. Multiple virtual routers (VRs) are provided within each of multiple service processing switches of a service provider. Each VR is supported by an object group and each object of the object group supports a network service. One or more VRs are assigned to a subscriber of multiple subscribers of the service provider. Customized network services are provided to the subscriber by the one or more VRs assigned to the subscriber.

Abstract: Methods and systems for managing a service provider switch are provided. According to one embodiment, a method is provided for provisioning a switch with a network-based managed Internet Protocol (IP) service. A network operating system (NOS) is provided on each processor element (PE) of the switch. The NOS includes an object manager (OM) responsible for managing global software object groups, managing software object configurations, managing local software objects and groups and routing control information between address spaces based on locations of software objects. The OM performs management plane communications among software objects by way of system calls. The OM performs data plane communications among software objects by way of object-to-object channels.

Abstract: Methods and systems for a flexible, scalable hardware and software platform that allows a managed security service provider to easily provide security services to multiple customers is provided. According to one embodiment, a request to establish an IP connection between two locations of a subscriber is received at a service management system (SMS) of the service provider. A tunnel is established between service processing switches coupled in communication through a public network. First and second packet routing nodes within the service processing switches are associated with the first and second locations, respectively. An encryption configuration decision is bound with a routing configuration of the packet routing nodes, by, when the request is to establish a secure IP connection, configuring, the packet routing nodes to cause all packets transmitted to the other location to be encrypted and to cause all packets received from the other location to be decrypted.

Abstract: Methods and systems for managing a service provider switch are provided. According to one embodiment, a method is provided for provisioning a switch with a network-based managed Internet Protocol (IP) service. A network operating system (NOS) is provided on each processor element (PE) of the switch. The NOS includes an object manager (OM) responsible for managing global software object groups, managing software object configurations, managing local software objects and groups and routing control information between address spaces based on locations of software objects. The OM performs management plane communications among software objects by way of system calls. The OM performs data plane communications among software objects by way of object-to-object channels.

Abstract: Methods and systems for offering network-based managed security services are provided. According to one embodiment, an IP service processing switch includes multiple service blades and one or more packet-passing data rings. The service blades each have multiple processors for providing customized security services to subscribers of a service provider. Upon receipt of a packet by a service blade from the one or more packet-passing data rings, a PEID value within the packet is inspected and when the PEID value corresponds to a PEID assigned to a processor associated with the service blade, the packet is steered to a software entity of a VR on the processor that corresponds to an LQID value within the packet. And, when the PEID value does not correspond to any PEIDs assigned to processors on the service blade, the packet is passed to a next service blade on the one or more packet-passing data rings.

Abstract: Methods and systems for a flexible, scalable hardware and software platform that allows a managed security service provider to easily provide security services to multiple customers is provided. According to one embodiment, a request to establish an IP connection between two locations of a subscriber is received at a service management system (SMS) of the service provider. A tunnel is established between service processing switches coupled in communication through a public network. First and second packet routing nodes within the service processing switches are associated with the first and second locations, respectively. An encryption configuration decision is bound with a routing configuration of the packet routing nodes, by, when the request is to establish a secure IP connection, configuring, the packet routing nodes to cause all packets transmitted to the other location to be encrypted and to cause all packets received from the other location to be decrypted.

Abstract: Methods and systems for offering network-based managed security services are provided. According to one embodiment, an IP service processing switch includes multiple service blades and one or more packet-passing data rings. The service blades each have multiple processors for providing customized security services to subscribers of a service provider. Upon receipt of a packet by a service blade from the one or more packet-passing data rings, a PEID value within the packet is inspected and when the PEID value corresponds to a PEID assigned to a processor associated with the service blade, the packet is steered to a software entity of a VR on the processor that corresponds to an LQID value within the packet. And, when the PEID value does not correspond to any PEIDs assigned to processors on the service blade, the packet is passed to a next service blade on the one or more packet-passing data rings.

Abstract: Methods and systems for managing a service provider switch are provided. According to one embodiment, a method is provided for provisioning a switch with a network-based managed Internet Protocol (IP) service. A network operating system (NOS) is provided on each processor element (PE) of the switch. The NOS includes an object manager (OM) responsible for managing global software object groups, managing software object configurations, managing local software objects and groups and routing control information between address spaces based on locations of software objects. The OM performs management plane communications among software objects by way of system calls. The OM performs data plane communications among software objects by way of object-to-object channels.