公开(公告)号：EP4459944A1

公开(公告)日：2024-11-06

申请号：EP24159899.4

申请日：2024-02-27

申请人： NetScout Systems, Inc.

发明人： SINGHAL, Anil ,  BYRAPURAM, Narendra ,  PHARANDE, Prashant ,  NADKARNI, Rajeev ,  HTWE YI, Ah

IPC分类号： H04L43/062 ,  H04L43/12 ,  H04L47/125 ,  H04L41/0893

摘要： A cluster load balancer can be coupled to a network for monitoring network traffic. The cluster load balancer can include one or more computing devices. The one or more computing devices can be configured to receive a data packet, the data packet comprising a device identifier of a first device connected to a network for a communication session, wherein the data packet is a user plane data packet or a control plane data packet; generate a probe identification based on the device identifier of the first device in the data packet; add the probe identification to the data packet; and transmit the data packet with the probe identification to a second device in communication with a plurality of network probes. The second device can be configured to forward the data packet to a network probe of the plurality of network probes based on the probe identification in the data packet.

公开(公告)号：EP3367630A1

公开(公告)日：2018-08-29

申请号：EP18157699.2

申请日：2018-02-20

申请人： Netscout Systems, Inc.

发明人： KELLEY, Bruce A ,  NADKARNI, Rajeev ,  SARASWATI, Abhishek ,  UYSAL, Erdem ,  PRASAD, Sandeep

IPC分类号： H04L29/06 ,  H04L12/24 ,  H04L12/26

CPC分类号： H04M7/0084 ,  H04L43/026 ,  H04L43/04 ,  H04L43/18 ,  H04L65/1006 ,  H04L65/80

摘要： A system and method is provided for calculating session initiation protocol (SIP) key performance indicators (KPIs) for multimedia communication in a network accessing network packets monitored over time. The method includes accessing network packets monitored over time, detecting a SIP response message of the monitored network packets, and accounting for the detected SIP response message in a time window of a series of consecutive time windows that includes the SIP response message's associated observed time. The SIP response message has an associated observed time at which the monitored SIP message was observed during monitoring. The method further includes pairing a SIP request message expected to be paired with the detected SIP response message with the detected SIP response message and accounting for the paired SIP request message in the time window with which the detected SIP response message is accounted. The method further includes calculating a KPI for the time window using the detected SIP response message and its paired SIP request message that are accounted for in the time window.

公开(公告)号：EP3364627A1

公开(公告)日：2018-08-22

申请号：EP18157560.6

申请日：2018-02-20

申请人： Netscout Systems, Inc.

发明人： WANG, Jinfeng ,  JENKINS, Catherine ,  TAY, Kok Pheng ,  THOMPSON, Ted

IPC分类号： H04L29/06 ,  H04L12/24 ,  H04L12/26 ,  H04L29/08

CPC分类号： H04L69/16 ,  G06F9/466 ,  G06F11/3409 ,  G06F2201/87 ,  H04L41/5009 ,  H04L41/5067 ,  H04L43/18 ,  H04L67/22 ,  H04L69/02 ,  H04L69/329

摘要： A method for monitoring performance of customized applications at transaction level in a computer network is provided. The method includes receiving, from a user, information related to a customized application. The received information includes at least an application definition and information related to customized application protocol. A template is generated for the customized application based on the received information. Performance of the customized application is monitored at transaction level using the generated template.

公开(公告)号：EP3127301A4

公开(公告)日：2017-11-01

申请号：EP15772728

申请日：2015-03-12

申请人： NETSCOUT SYSTEMS INC

发明人： SINGHAL ANIL K ,  NAKAMOTO SHU ,  BRIGGS DEBORAH

IPC分类号： H04L29/06

CPC分类号： H04L63/1416 ,  H04L63/0218 ,  H04L63/0227 ,  H04L63/08 ,  H04L63/102 ,  H04L63/1408 ,  H04L63/1425 ,  H04L63/1441

摘要： Actions of servers and other network devices within a network are monitored to detect whether the servers and network devices are performing tasks, using protocols, and communicating through ports that are consistent with legitimate (or “permissible”) purposes. That is, rather than attempting to belatedly identify malware signatures and screen all traffic into and out of a network for these signatures, embodiments of the present invention scrutinize devices (such as servers and other network infrastructure elements) for malware behavior that is inconsistent with an identified set of actions known to be consistent with legitimate tasks performed by the network device.

公开(公告)号：EP2556632A4

公开(公告)日：2014-07-23

申请号：EP11766300

申请日：2011-02-09

申请人： NETSCOUT SYSTEMS INC

发明人： SINGHAL ANIL K ,  KELLEY BRUCE A ,  NADKARNI RAJEEV ,  BYRAPURAM NARENDRA ,  SARASWATI ABHISHEK ,  SINGHAL ASHWANI

IPC分类号： H04L12/26 ,  H04L12/24 ,  H04L12/28 ,  H04L29/06

CPC分类号： H04L43/028 ,  H04L41/069 ,  H04L43/026 ,  H04L43/062 ,  H04L43/08 ,  H04L43/0829 ,  H04L43/087 ,  H04L43/0876 ,  H04L43/0882 ,  H04L43/16 ,  H04L69/22 ,  Y02D50/30

摘要： A network monitoring system that summarizes a plurality of data packets of a session into a compact session record for storage and processing. Each session record may be produced in real-time and made available during the session and/or after the termination of the session. Depending on protocols, a network monitoring system extracts different sets of information, removes redundant information from the plurality of data packets, and adds performance information to produce the session record. The network monitoring system may retrieve and process a single session record or multiple session records for the same or different protocols to determine cause of events, resolve issues in a network or evaluate network performance or conditions. The session record enables analysis in the units of session instead of individual packets. Hence, the network monitoring system can analyze events, issues or performance of the network more efficiently and effectively.

摘要翻译： 一种网络监视系统，其将会话的多个数据分组汇集成紧凑会话记录以进行存储和处理。 每个会话记录可以实时生成并在会话期间和/或在会话终止之后提供。 根据协议，网络监控系统提取不同的信息集，从多个数据分组中去除冗余信息，并添加性能信息以产生会话记录。 网络监控系统可以检索和处理相同或不同协议的单个会话记录或多个会话记录，以确定事件的原因，解决网络中的问题或评估网络性能或条件。 会话记录能够以会话为单位而不是单个数据包进行分析。 因此，网络监控系统可以更有效地分析网络的事件，问题或性能。

公开(公告)号：EP3383086B1

公开(公告)日：2020-08-05

申请号：EP18163532.7

申请日：2018-03-23

申请人： Netscout Systems, Inc.

发明人： Kollipara, Anilkumar

IPC分类号： H04W24/00 ,  H04W36/00 ,  H04L12/26

公开(公告)号：EP3484101A1

公开(公告)日：2019-05-15

申请号：EP18204877.7

申请日：2018-11-07

申请人： Netscout Systems, Inc.

发明人： Kelley, Bruce A ,  Mayo, Gregory

IPC分类号： H04L12/26 ,  H04L12/24

摘要： A method for determining Over-The-Top (OTT) applications includes receiving, by an active agent, a list of OTT service platforms to be monitored. The received list includes URLs associated with various applications that are delivered by the OTT service platforms. The active agent connects to the URLs to determine information uniquely identifying OTT applications. The active agent stores the information in a repository. A network monitor monitors data flows between a plurality of sources and destinations on a network. Each of the data flows includes a plurality of data packets of the various applications that are delivered OTT. The network monitor extracts at least a portion of header information from each of monitored data packets. The network monitor identifies an OTT application occurring on the network based on the extracted header information and based on the information uniquely identifying various applications stored in the repository.

公开(公告)号：EP3460769A1

公开(公告)日：2019-03-27

申请号：EP18196775.3

申请日：2018-09-26

申请人： Netscout Systems, Inc.

发明人： Abdulghani, Amin Arshad ,  Liu, Chris Yongxing ,  Sharma, Sushma

IPC分类号： G08B1/00 ,  H04L12/24

摘要： A system and computer-implemented method to manage alerts, wherein the method includes receiving anomaly triggers associated with detected anomalies, associating an anomaly trigger of the received anomaly triggers with an alert, tracking the alert using a state machine, determining whether to change a state of the state machine if a subsequent anomaly trigger associated with the alert is received or if a predetermined amount of time passes without receiving trigger information, and generating an alarm based on the state of the state machine.

公开(公告)号：EP3379419A3

公开(公告)日：2018-12-05

申请号：EP18163385.0

申请日：2018-03-22

申请人： Netscout Systems, Inc.

发明人： Mendes, Ubaldo Anthony ,  Agrawal, Amreesh ,  Abdulghani, Amin Arshad ,  Kumar, Gaurava

IPC分类号： G06F11/34 ,  G06F11/07 ,  G06F11/30 ,  H04L12/24 ,  G06F11/32

CPC分类号： G06F11/079 ,  G06F11/0709 ,  G06F11/0751 ,  G06F11/0793 ,  G06F11/3006 ,  G06F11/3065 ,  G06F11/328 ,  G06F11/3409 ,  G06F11/3419 ,  G06F11/3452 ,  G06F11/3495 ,  G06F2201/86 ,  G06F2201/875 ,  H04L41/06

摘要： A method for performing root cause analysis of failures in a computer network is provided. The method includes receiving an Adaptive Service Intelligence (ASI) data set related to one or more failures reported in the computer network from a plurality of interfaces. One or more impact events associated with the reported failures are identified based on the received ASI data set. Each of the identified impact events is correlated with one or more cause events. A situation record is selectively generated based on the correlation results.

公开(公告)号：EP3364603A1

公开(公告)日：2018-08-22

申请号：EP18157094.6

申请日：2018-02-16

申请人： Netscout Systems, Inc.

发明人： Narayana, Chittaranjan ,  Nanjaiah, Vijayalakshmi

IPC分类号： H04L12/26 ,  H04L29/06 ,  H04L12/851

CPC分类号： H04L49/9057 ,  H04L43/02 ,  H04L45/74 ,  H04L47/2483 ,  H04L47/32 ,  H04L69/166 ,  H04L69/22

摘要： A method for processing a plurality of fragments of IP packet flows in a communication network includes receiving the plurality of packet fragments. The received packet fragments are associated with one or more packet flows. A first set of packet flows is selected from the one or more received packet flows. The first set of packet flows corresponds to a subset of the plurality of packet segments received during a first predetermined time interval. Only packet fragments associated with the first set of packet flows are reassembled into full packets.