Patent 8621627

Prior art

Earlier patents, publications, and products that may anticipate or render the claims unpatentable.

Active provider: Google · gemini-2.5-flash

Prior art

Earlier patents, publications, and products that may anticipate or render the claims unpatentable.

✓ Generated

To identify the most relevant prior art for US patent 8,621,627, I will examine the "Citations" section of the patent itself, as this lists the prior art considered by the patent examiner during prosecution.

Most Relevant Prior Art for US Patent 8,621,627

Below are the patent citations listed for US Patent 8,621,627, along with their publication/filing dates, a brief description, and which claim(s) they potentially anticipate under 35 U.S.C. § 102. The current date is April 26, 2026.

Note: The analysis of which claims are potentially anticipated is based on the descriptions provided in US8621627 and the cited patents' titles/abstracts. A full anticipation analysis would require a detailed claim-by-claim comparison.

Cited US Patents:

  1. US6594268B1 (Lucent Technologies Inc.)

    • Full Citation: US6594268B1, "Adaptive routing system and method for QOS packet networks".
    • Publication Date: July 15, 2003.
    • Filing Date: March 11, 1999.
    • Brief Description: This patent generally relates to adaptive routing and quality of service (QoS) in packet networks. While not directly addressing virtual machine intrusion detection, it deals with packet handling and routing based on network conditions and QoS requirements.
    • Potential Anticipation (35 U.S.C. § 102): Claims 1, 7, 24 (potentially, concerning the general concept of steering frames in a network, but likely not the specific virtual machine/intrusion detection context).

  2. US6798743B1 (Cisco Technology, Inc.)

    • Full Citation: US6798743B1, "Packet prioritization processing technique for routing traffic in a packet-switched computer network".
    • Publication Date: September 28, 2004.
    • Filing Date: March 22, 1999.
    • Brief Description: This patent describes techniques for prioritizing packet processing and routing in a packet-switched network. Similar to US6594268B1, it focuses on network traffic management rather than virtualized security.
    • Potential Anticipation (35 U.S.C. § 102): Claims 1, 7, 24 (potentially, regarding general packet processing and routing, but less likely the specific security offload to a VM).

  3. US20020039366A1 (Nec Corporation)

    • Full Citation: US20020039366A1, "Packet switch and multicasting control system used for the same".
    • Publication Date: April 4, 2002.
    • Filing Date: October 4, 2000.
    • Brief Description: This patent application details a packet switch and a multicasting control system. It covers aspects of switching and replication of data frames, which is relevant to the MPS functionality in US8621627.
    • Potential Anticipation (35 U.S.C. § 102): Claims 1, 7, 20, 21, 24 (potentially, concerning the replication and steering of frames to multiple destinations, particularly in the context of multicast, but without the specific intrusion detection component).

  4. US6792502B1 (Freescale Semiconductor, Inc.)

    • Full Citation: US6792502B1, "Microprocessor having a content addressable memory (CAM) device as a functional unit therein and method of operation".
    • Publication Date: September 14, 2004.
    • Filing Date: October 12, 2000.
    • Brief Description: This patent describes a microprocessor incorporating a CAM for various operations. While CAMs can be used in packet filtering, this patent does not specifically detail their use for intrusion detection offload in a virtualized NIC context.
    • Potential Anticipation (35 U.S.C. § 102): May be relevant to the underlying hardware mechanisms for filter processing (e.g., Claim 5, 22, 28) if such filtering relies on CAMs for rule matching, but unlikely to anticipate the overall system and method.

  5. US7031267B2 (802 Systems Llc)

    • Full Citation: US7031267B2, "PLD-based packet filtering methods with PLD configuration data update of filtering rules".
    • Publication Date: April 18, 2006.
    • Filing Date: December 21, 2000.
    • Brief Description: This patent discusses packet filtering methods using Programmable Logic Devices (PLDs) and dynamic updates of filtering rules. This is highly relevant to the "filter functionality" (Claim 5, 22, 28) and configurable rules (Claim 6, 23, 29) described in US8621627.
    • Potential Anticipation (35 U.S.C. § 102): Claims 5, 6, 22, 23, 28, 29 (highly relevant to the concept of NIC-based filtering and dynamically configurable rules, although not explicitly tied to intrusion detection in a virtual machine environment as the primary goal).

  6. US20060209693A1 (Pmc-Sierra Ltd.)

    • Full Citation: US20060209693A1, "Feedback priority modulation rate controller".
    • Publication Date: September 21, 2006.
    • Filing Date: January 31, 2001.
    • Brief Description: This patent generally describes a rate controller for modulating feedback priority, likely in a communication system. Its relevance to US8621627's core claims appears limited.
    • Potential Anticipation (35 U.S.C. § 102): Unlikely to directly anticipate any of the independent claims.

  7. US20040003094A1 (Michael See)

    • Full Citation: US20040003094A1, "Method and apparatus for mirroring traffic over a network".
    • Publication Date: January 1, 2004.
    • Filing Date: June 27, 2002.
    • Brief Description: This patent application describes mirroring network traffic, which could be used for monitoring or intrusion detection purposes by sending a copy of traffic to a security appliance. This has some conceptual overlap with sending frames for "additional processing" (Claim 1, 7, 24).
    • Potential Anticipation (35 U.S.C. § 102): Claims 1, 7, 24 (to the extent that "additional processing" could involve mirroring, but it lacks the explicit steering and host-based VM processing unique to US8621627).

  8. US7474670B2 (Brooktree Broadband Holding, Inc.)

    • Full Citation: US7474670B2, "Method and system for allocating bandwidth".
    • Publication Date: January 6, 2009.
    • Filing Date: July 8, 2002.
    • Brief Description: This patent is about allocating bandwidth. It does not directly relate to intrusion detection or offloading security processing to a NIC in a virtualized environment.
    • Potential Anticipation (35 U.S.C. § 102): Unlikely to directly anticipate any of the independent claims.

  9. US6717946B1 (Cisco Technology Inc.)

    • Full Citation: US6717946B1, "Methods and apparatus for mapping ranges of values into unique values of particular use for range matching operations using an associative memory".
    • Publication Date: April 6, 2004.
    • Filing Date: October 31, 2002.
    • Brief Description: This patent focuses on mapping value ranges for efficient matching using associative memory, likely for routing or filtering. Similar to US6792502B1, it describes a mechanism that could be used for filtering but not the specific application described in US8621627.
    • Potential Anticipation (35 U.S.C. § 102): May be relevant to the underlying hardware mechanisms for filter processing (e.g., Claim 5, 22, 28) if such filtering relies on associative memory for rule matching, but unlikely to anticipate the overall system and method.

  10. US20040213235A1 (Marshall John W.)

    • Full Citation: US20040213235A1, "Programmable packet classification system using an array of uniform content-addressable memories".
    • Publication Date: October 28, 2004.
    • Filing Date: April 8, 2003.
    • Brief Description: This patent application describes a programmable packet classification system using CAMs. This is highly relevant to the filtering capabilities of a NIC.
    • Potential Anticipation (35 U.S.C. § 102): Claims 5, 6, 22, 23, 28, 29 (relevant to the technical means for implementing filter processing with configurable rules).

  11. US20050083935A1 (Kounavis Michael E.)

    • Full Citation: US20050083935A1, "Method and apparatus for two-stage packet classification using most specific filter matching and transport level sharing".
    • Publication Date: April 21, 2005.
    • Filing Date: October 20, 2003.
    • Brief Description: This patent application details a two-stage packet classification method using specific filter matching. This is another example of advanced packet filtering that could be relevant to the NIC's filter functionality.
    • Potential Anticipation (35 U.S.C. § 102): Claims 5, 6, 22, 23, 28, 29 (relevant to advanced filter processing techniques).

  12. US20050135412A1 (Fan Kan F.)

    • Full Citation: US20050135412A1, "Method and system for transmission control protocol (TCP) retransmit processing".
    • Publication Date: June 23, 2005.
    • Filing Date: December 19, 2003.
    • Brief Description: This patent application is concerned with TCP retransmit processing. It relates to protocol offload functions (Claim 2, 3, 8, 9, 14, 25, 26) but not directly to intrusion detection or the specific steering mechanism.
    • Potential Anticipation (35 U.S.C. § 102): Claims 2, 3, 8, 9, 14, 25, 26 (relevant to the concept of protocol offload processing on the NIC).

  13. US20050135396A1 (Mcdaniel Scott)

    • Full Citation: US20050135396A1, "Method and system for transmit scheduling for multi-layer network interface controller (NIC) operation".
    • Publication Date: June 23, 2005.
    • Filing Date: December 19, 2003.
    • Brief Description: This patent application describes transmit scheduling for multi-layer NIC operations, which is related to NIC functionality and data handling.
    • Potential Anticipation (35 U.S.C. § 102): Could broadly relate to general NIC operation and data handling (Claim 1, 7, 24) but lacks the specific security and VM offloading aspects.

  14. US20050135378A1 (Nortel Networks Limited)

    • Full Citation: US20050135378A1, "Service aware policer with efficient handling of in-profile traffic".
    • Publication Date: June 23, 2005.
    • Filing Date: December 22, 2003.
    • Brief Description: This patent application discusses a service-aware policer for traffic management. It's related to network control and filtering.
    • Potential Anticipation (35 U.S.C. § 102): Claims 5, 22, 28 (general filtering and traffic management on a NIC).

  15. US20050289246A1 (International Business Machines Corporation)

    • Full Citation: US20050289246A1, "Interpreting I/O operation requests from pageable guests without host intervention".
    • Publication Date: December 29, 2005.
    • Filing Date: May 27, 2004.
    • Brief Description: This patent application relates to handling I/O requests from virtual machine "guests" without host intervention. This touches on virtualized environments and offloading host tasks, which is a foundational concept in US8621627.
    • Potential Anticipation (35 U.S.C. § 102): Claims 1, 7, 24 (relevant to the concept of offloading processing from the host in a virtualized environment).

  16. US7583596B1 (Juniper Networks, Inc.)

    • Full Citation: US7583596B1, "Priority scheduling using per-priority memory structures".
    • Publication Date: September 1, 2009.
    • Filing Date: June 28, 2004.
    • Brief Description: This patent focuses on priority scheduling in network devices. Its direct relevance to intrusion detection offload is limited.
    • Potential Anticipation (35 U.S.C. § 102): Unlikely to directly anticipate any of the independent claims.

  17. US7408883B2 (Nettest, Inc.)

    • Full Citation: US7408883B2, "Apparatus and method for performing a loopback test in a communication system".
    • Publication Date: August 5, 2008.
    • Filing Date: September 1, 2004.
    • Brief Description: This patent describes a loopback test in a communication system. While US8621627 utilizes a "loopback" to send frames to a VM for intrusion detection, this patent refers to a diagnostic test, not a security processing mechanism.
    • Potential Anticipation (35 U.S.C. § 102): Not directly anticipating the purpose or function of the loopback in US8621627, but conceptually relates to the idea of a frame being sent back within the system.

  18. US20060075480A1 (Noehring Lee P)

    • Full Citation: US20060075480A1, "System and method for controlling a flow of data a network interface controller to a host processor".
    • Publication Date: April 6, 2006.
    • Filing Date: October 1, 2004.
    • Brief Description: This patent application describes controlling data flow between a NIC and a host processor, which is fundamental to US8621627's interaction between the NIC and the host for additional processing.
    • Potential Anticipation (35 U.S.C. § 102): Claims 1, 7, 24 (highly relevant to the interaction and data transfer between the NIC and the host for processing).

  19. US20060080733A1 (International Business Machines Corporation)

    • Full Citation: US20060080733A1, "Offline analysis of packets".
    • Publication Date: April 13, 2006.
    • Filing Date: October 8, 2004.
    • Brief Description: This patent application relates to offline analysis of packets, which could involve intrusion detection, but doesn't explicitly describe offloading the decision and steering to a NIC in a virtualized environment.
    • Potential Anticipation (35 U.S.C. § 102): Could broadly relate to the concept of analyzing packets for security, but lacks the specific NIC-based steering and host-based VM processing.

  20. US20060133267A1 (Utstarcom, Inc.)

    • Full Citation: US20060133267A1, "Processing platform selection method for data packet filter installation".
    • Publication Date: June 22, 2006.
    • Filing Date: December 21, 2004.
    • Brief Description: This patent application describes selecting processing platforms for packet filter installation. This is relevant to the configurability and deployment of filtering rules.
    • Potential Anticipation (35 U.S.C. § 102): Claims 5, 6, 22, 23, 28, 29 (relevant to the configuration of filter processing).

  21. US20060206300A1 (Microsoft Corporation)

    • Full Citation: US20060206300A1, "VM network traffic monitoring and filtering on the host".
    • Publication Date: September 14, 2006.
    • Filing Date: March 11, 2005.
    • Brief Description: This patent application specifically addresses monitoring and filtering VM network traffic on the host. This is highly relevant as it describes a problem that US8621627 aims to solve by offloading some of this to the NIC. It anticipates the need for such processing for VMs.
    • Potential Anticipation (35 U.S.C. § 102): Claims 1, 7, 24 (highly relevant to the context of VM network security, but likely describes host-based solutions that US8621627 seeks to improve upon by offloading to the NIC).

  22. US20060221832A1 (Sun Microsystems, Inc.)

    • Full Citation: US20060221832A1, "Virtualized partitionable shared network interface".
    • Publication Date: October 5, 2006.
    • Filing Date: April 4, 2005.
    • Brief Description: This patent application discusses a virtualized and partitionable shared network interface. This relates to NICs in virtualized environments, a core context for US8621627.
    • Potential Anticipation (35 U.S.C. § 102): Claims 1, 7, 24 (relevant to the general architecture of a NIC supporting virtual machines).

  23. US20060281451A1 (Zur Uri E)

    • Full Citation: US20060281451A1, "Method and system for handling connection setup in a network".
    • Publication Date: December 14, 2006.
    • Filing Date: June 14, 2005.
    • Brief Description: This patent application describes handling connection setup. Its direct relevance to intrusion detection offload is limited.
    • Potential Anticipation (35 U.S.C. § 102): Unlikely to directly anticipate any of the independent claims.

  24. US20070070901A1 (Eliezer Aloni)

    • Full Citation: US20070070901A1, "Method and system for quality of service and congestion management for converged network interface devices".
    • Publication Date: March 29, 2007.
    • Filing Date: September 29, 2005.
    • Brief Description: This patent application deals with QoS and congestion management in converged NICs. While related to NIC functionality, it doesn't address the specific security offload described in US8621627.
    • Potential Anticipation (35 U.S.C. § 102): Unlikely to directly anticipate any of the independent claims.

  25. US7899864B2 (Microsoft Corporation)

    • Full Citation: US7899864B2, "Multi-user terminal services accelerator".
    • Publication Date: March 1, 2011.
    • Filing Date: November 1, 2005.
    • Brief Description: This patent relates to accelerating multi-user terminal services. While it deals with efficiency in a multi-user context, its relevance to NIC-based intrusion detection for VMs is not direct.
    • Potential Anticipation (35 U.S.C. § 102): Unlikely to directly anticipate any of the independent claims.

  26. US7660306B1 (Chelsio Communications, Inc.)

    • Full Citation: US7660306B1, "Virtualizing the operation of intelligent network interface circuitry".
    • Publication Date: February 9, 2010.
    • Filing Date: January 12, 2006.
    • Brief Description: This patent, assigned to the same entity as US8621627, describes virtualizing the operation of intelligent network interface circuitry. This is extremely relevant as it lays groundwork for NICs operating in virtualized environments.
    • Potential Anticipation (35 U.S.C. § 102): Claims 1, 7, 24 (highly relevant to the general concept of intelligent NICs in virtualized environments, and likely foundational to the problem solved by US8621627).

  27. US7925795B2 (Broadcom Corporation)

    • Full Citation: US7925795B2, "Method and system for configuring a plurality of network interfaces that share a physical interface".
    • Publication Date: April 12, 2011.
    • Filing Date: April 30, 2007.
    • Brief Description: This patent focuses on configuring multiple network interfaces that share a physical interface. This is relevant to NIC architecture in virtualized or multi-function scenarios.
    • Potential Anticipation (35 U.S.C. § 102): Claims 1, 7, 24 (relevant to the configuration and management of NICs in a shared environment, potentially contributing to the architecture enabling US8621627).

  28. US20090254990A1 (Mcgee William Gerald)

    • Full Citation: US20090254990A1, "System and method for intelligent coordination of host and guest intrusion prevention in virtualized environment".
    • Publication Date: October 8, 2009.
    • Filing Date: April 5, 2008.
    • Brief Description: This patent application is highly relevant as it directly addresses intelligent coordination of host and guest intrusion prevention in a virtualized environment. This clearly describes the problem domain and solutions that US8621627 aims to improve upon.
    • Potential Anticipation (35 U.S.C. § 102): Claims 1, 7, 24, and dependent claims related to intrusion detection and virtual machines (very high relevance, likely anticipates the need and general concept of coordinating intrusion prevention between host and guest, even if the specific NIC-offload mechanism differs).

Most Directly Relevant Prior Art:

Based on the descriptions, the following patents appear to be most directly relevant to the core innovations of US8621627:

  • US7031267B2 (802 Systems Llc): Highly relevant to NIC-based filtering and dynamically configurable rules.
  • US20040213235A1 (Marshall John W.): Relevant to programmable packet classification systems using CAMs for filtering.
  • US20050289246A1 (International Business Machines Corporation): Relevant to offloading processing from the host in a virtualized environment.
  • US20060075480A1 (Noehring Lee P): Highly relevant to the interaction and data transfer between the NIC and the host for processing.
  • US20060206300A1 (Microsoft Corporation): Highly relevant to the context of VM network security and the problem US8621627 addresses.
  • US7660306B1 (Chelsio Communications, Inc.): Extremely relevant as it describes virtualizing intelligent NIC operations, likely a foundational patent for the assignee.
  • US20090254990A1 (Mcgee William Gerald): Most directly relevant as it addresses intelligent coordination of host and guest intrusion prevention in a virtualized environment, directly anticipating the problem space.

These documents collectively establish a prior art landscape that includes NIC-based packet filtering, offloading host tasks in virtualized environments, and the need for intrusion prevention in virtual machine settings. The novelty of US8621627 likely resides in the specific architectural design and methods for efficiently steering data frames for intrusion detection processing to a host-based VM and receiving them back for final routing, specifically leveraging NIC functionality to offload and optimize this process.

Generated 5/30/2026, 12:49:03 PM