Abstract: Services in a network device are added through providing virtual environments. Virtualization allows services based on other platforms or architectures to be run with minimum modification and in a secure manner. Connecting services to the host through a stateful firewall allows dynamic integration, and passes only traffic of interest to the service. Virtualization allows services written for different instruction architectures to be supported. Multiple virtualized environments each supporting a service may be run.

Abstract: Services in a network device are added through providing virtual environments. Virtualization allows services based on other platforms or architectures to be run with minimum modification and in a secure manner. Connecting services to the host through a stateful firewall allows dynamic integration, and passes only traffic of interest to the service. Virtualization allows services written for different instruction architectures to be supported. Multiple virtualized environments each supporting a service may be run.

Abstract: Services in a network device are added through providing virtual environments. Virtualization allows services based on other platforms or architectures to be run with minimum modification and in a secure manner. Connecting services to the host through a stateful firewall allows dynamic integration, and passes only traffic of interest to the service. Virtualization allows services written for different instruction architectures to be supported. Multiple virtualized environments each supporting a service may be run.

Abstract: According to one embodiment of the invention, a method comprises an operation of commencing a first phrase and passing control of an authentication handshaking protocol. The first phase is commenced for establishing a secure communication path by a data path processor within a first network device. The first phrase comprises an exchange of data during an authentication handshaking protocol. The passing of control for authentication handshaking protocol by the data path processor to a control path processor is conducted to complete the authentication handshaking protocol.

Abstract: According to one embodiment of the invention, a method comprises an operation of commencing a first phrase and transfer processing of an authentication handshaking protocol. The first state is commenced for establishing a secure communication path by a first processor within a first network device. The first phrase comprises an exchange of data during a networking protocol. The transfer of processing for the networking protocol by the first processor to a second processor is conducted to complete the networking protocol.

Abstract: According to one embodiment of the invention, a method comprises an operation of commencing a first phrase and passing control of an authentication handshaking protocol. The first phase is commenced for establishing a secure communication path by a data path processor within a first network device. The first phrase comprises an exchange of data during an authentication handshaking protocol. The passing of control for authentication handshaking protocol by the data path processor to a control path processor is conducted to complete the authentication handshaking protocol.

Abstract: According to one embodiment of the invention, a network device comprises a first processing element and a second processing element. The first processing element is adapted to handle an authentication handshaking protocol, such as the SSL/TLS Handshake, and upon receipt of a Client Key Exchange message, passes control of the authentication handshaking protocol to the second processing element. The second processing element completes the authentication handshaking protocol.

Abstract: According to one embodiment of the invention, a network device comprises a first processing element and a second processing element. The first processing element is adapted to handle an authentication handshaking protocol, such as the SSL/TLS Handshake, and upon receipt of a Client Key Exchange message, passes control of the authentication handshaking protocol to the second processing element. The second processing element completes the authentication handshaking protocol.

Abstract: Services in a network device are added through providing virtual environments. Virtualization allows services based on other platforms or architectures to be run with minimum modification and in a secure manner. Connecting services to the host through a stateful firewall allows dynamic integration, and passes only traffic of interest to the service. Virtualization allows services written for different instruction architectures to be supported. Multiple virtualized environments each supporting a service may be run.

Abstract: According to one embodiment of the invention, a method for securely extending a private network to include one or more remote access points (APs) comprises a first operation of establishing a secure communication path with a destination device. Then, the information received from a source device is prepared for transmission to the destination device. This involves the received information undergoing Layer 3 (L3) encryption prior to encapsulation into a message for transmission to the destination device if the received information constitutes control information. If the received information constitutes data, the received information optionally undergoes L3 encryption, since the payload data might be already L2 encrypted by the source device, prior to encapsulation into the message.

Abstract: In some embodiments, an apparatus includes a switch to interface between clients, the switch including an authentication server to perform client authentication for at least one of the clients. Other embodiments are described.

Abstract: According to one embodiment of the invention, a method for securely extending a private network to include one or more remote access points (APs) comprises a first operation of establishing a secure communication path with a destination device. Then, the information received from a source device is prepared for transmission to the destination device. This involves the received information undergoing Layer 3 (L3) encryption prior to encapsulation into a message for transmission to the destination device if the received information constitutes control information. If the received information constitutes data, the received information optionally undergoes L3 encryption, since the payload data might be already L2 encrypted by the source device, prior to encapsulation into the message.