This disclosure relates generally to packet processing on data networks and, more specifically to controlling access to network devices.
Packet-based networks have grown in number and size over the years. In these networks, a sender communicates with a recipient by placing data packets on the network. Each data packet generally contains a source address and a destination address. These addresses may be used by a network packet processor to direct the packet to its final destination on the network.
Network packet processors may also play a role in maintaining network security. Network security can involve processing data packets to verify whether they should be allowed to reach their destination. For example, a network packet processor may determine whether a particular host should be allowed to access a particular server.
Conventional packet processors may not perform all of these functions or may perform these functions in a limited manner. Additionally, conventional packet processors may not be able to respond dynamically to changing conditions on the network. Thus, there is a need in the art for a network packet processor that can respond dynamically to conditions and that can direct data packets to their final destination while maintaining network security.