-
公开(公告)号:US10917285B2
公开(公告)日:2021-02-09
申请号:US15805487
申请日:2017-11-07
申请人: Gigamon Inc.
发明人: Anil Rao
IPC分类号: H04L12/24 , H04L12/46 , H04L29/08 , H04L12/26 , H04L12/931 , H04L12/751 , H04L12/851
摘要: A visibility platform can be used to monitor traffic traversing private cloud infrastructures and/or public cloud infrastructures. In some instances, the traffic is provided to a set of network services that are accessible to the visibility platform. These network services can be provisioned in a serial or parallel fashion. Network service chaining can be used to ensure that traffic streams skip unnecessary network services and receive only those network services that are needed. For example, an email service chain can include virus, spam, and phishing detection, while a video streaming service chain can include traffic shaping policies to satisfy quality of service (QoS) guarantees. When the visibility platform is represented as a graph that makes use of action sets, network service chains can be readily created or destroyed on demand.
-
公开(公告)号:US10764162B2
公开(公告)日:2020-09-01
申请号:US14668813
申请日:2015-03-25
申请人: Gigamon Inc.
发明人: Anil Rao
IPC分类号: H04L12/26 , H04L12/24 , H04L12/721 , H04L12/815 , H04L12/947
摘要: An apparatus for a network includes: a processing unit having a filter generation module configured for: receiving an indication that a packet matches a user-defined filter; and creating one or more derivative filters based at least in part on the received indication, wherein a first derivative filter of the one or more derivative filters provides a finer grade of filtration compared to the user-defined filter; and a non-transitory medium configured for storing the one or more derivative filters.
-
公开(公告)号:US10659392B2
公开(公告)日:2020-05-19
申请号:US16203485
申请日:2018-11-28
申请人: Gigamon Inc.
发明人: Zbigniew Sufleta , Hung Nguyen
IPC分类号: H04L12/947
摘要: An inline-bypass switch system includes: a first inline-bypass switch appliance having a first bypass component, a first switch coupled to the first bypass component, and a first controller; and a second inline-bypass switch appliance having a second bypass component, a second switch coupled to the second bypass component, and a second controller; wherein the first controller in the first inline-bypass switch appliance is configured to provide a state signal that is associated with a state of the first inline-bypass switch appliance; and wherein the second controller in the second inline-bypass switch appliance is configured to control the second bypass component based at least in part on the state signal.
-
公开(公告)号:US10341368B2
公开(公告)日:2019-07-02
申请号:US15003453
申请日:2016-01-21
申请人: Gigamon Inc.
发明人: Navin C. Tekchandani
摘要: A network appliance may be coupled to a network tool configured to monitor the traffic within a computer network. Often, the network tool is operable in two modes (i.e., an inline mode and an out-of-band mode). Before the network tool is deployed as an inline device, however, it is desirable to verify that the network tool is secure. Described herein are systems and techniques for verifying network tools prior to deployment as inline devices. More specifically, the network appliance may be configured to modify the content of a data packet (e.g., by altering a bit) and transmit the modified data packet downstream to a network tool. The network appliance can monitor the network tool to make sure the network tool drops or returns the modified data packet. These techniques allow the network appliance to controllably simulate the receipt of malicious traffic by the network tool.
-
公开(公告)号:US10243862B2
公开(公告)日:2019-03-26
申请号:US14213659
申请日:2014-03-14
申请人: Gigamon Inc.
IPC分类号: H04L12/851 , H04L12/26
摘要: A method for sampling packets for a network flow, includes: receiving a packet at a network port of a network switch appliance, the network switch appliance comprising an instrument port for communication with a network monitoring instrument; determining whether the packet belongs to a network flow that is desired to be monitored, wherein the act of determining is performed based at least in part on one or more information in a control plane using a processing unit; and passing the packet to the instrument port if the packet belongs to the network flow.
-
公开(公告)号:US10230612B2
公开(公告)日:2019-03-12
申请号:US15801158
申请日:2017-11-01
申请人: Gigamon Inc.
摘要: A method of packet processing, includes: providing a plurality of network appliances that form a cluster, wherein two or more of the plurality of network appliances in the cluster are located at different geographical locations, are communicatively coupled via a private network or an Internet, and are configured to collectively perform out-of-band packet processing; receiving a packet by one of the network appliances in the cluster; processing the packet using two or more of the plurality of the appliances in the cluster; and passing the packet to one or more network monitoring tools after the packet is processed.
-
公开(公告)号:US10154323B2
公开(公告)日:2018-12-11
申请号:US15828872
申请日:2017-12-01
申请人: Gigamon Inc.
发明人: Sitti Amarittapark
IPC分类号: H04J14/00 , H04Q11/00 , H04B10/2581
摘要: A network appliance may include a signal splitter that splits an incoming signal into multiple portions. The signal splitter can direct one portion of the incoming signal to a switching fabric and another portion of the incoming signal to an optical switch. By monitoring the power intensity of the portion of the incoming signal received by the switching fabric, the network appliance can seamlessly switch between a bypass traffic path and a pass-through traffic path without losing network traffic caused by gaps in network connectivity. Such a configuration also enables the network appliance to maintain an accurate record of the logical connectivity state even when the network appliance is in the bypass state (i.e., when network traffic bypasses the switching fabric of the network appliance).
-
公开(公告)号:US10142130B2
公开(公告)日:2018-11-27
申请号:US15815225
申请日:2017-11-16
申请人: Gigamon Inc.
发明人: Zbigniew Sufleta , Hung Nguyen
IPC分类号: B23K11/24 , H02B1/24 , H04L12/54 , H04L12/931 , H04L12/26
摘要: An inline-bypass switch system includes: a first inline-bypass switch appliance having a first bypass component, a second bypass component, a first switch coupled to the first bypass component and the second bypass component, and a first controller; and a second inline-bypass switch appliance having a third bypass component, a fourth bypass component, a second switch coupled to the third bypass component and the fourth bypass component, and a second controller; wherein the first controller in the first inline-bypass switch appliance is configured to provide one or more state signals that is associated with a state of the first inline-bypass switch appliance; and wherein the second controller in the second inline-bypass switch appliance is configured to control the second bypass component based at least in part on the one or more state signals.
-
公开(公告)号:US20160285713A1
公开(公告)日:2016-09-29
申请号:US14671048
申请日:2015-03-27
申请人: Gigamon Inc.
发明人: Shehzad MERCHANT , David CHEUNG , Murali BOMMANA
IPC分类号: H04L12/26
CPC分类号: H04L43/12 , H04L43/028
摘要: A method performed by a network device includes: receiving a first packet by the network device, wherein the first packet is tapped from a network; identifying a session to which the first packet belongs when the first packet has one or more values that at least partially match one or more terms, wherein the act of identifying the session is performed by the network device; receiving a second packet by the network device; determining whether the second packet belongs to the session; and performing a packet processing action by the network device based on the identified session; wherein the session is identified based on a first criterion, and the act of determining whether the second packet belongs to the session is performed based on a second criterion that is different from the first criterion.
摘要翻译: 一种由网络设备执行的方法包括:由网络设备接收第一分组,其中,从网络点击第一分组; 当所述第一分组具有至少部分匹配一个或多个术语的一个或多个值时,识别所述第一分组所属的会话,其中所述识别所述会话的动作由所述网络设备执行; 由所述网络设备接收第二分组; 确定所述第二分组是否属于所述会话; 以及基于所识别的会话,由所述网络设备执行分组处理动作; 其中基于第一标准来识别所述会话,并且基于与所述第一标准不同的第二标准来执行确定所述第二分组是否属于所述会话的动作。
-
公开(公告)号:US09413859B2
公开(公告)日:2016-08-09
申请号:US14157856
申请日:2014-01-17
申请人: Gigamon Inc.
发明人: Shehzad Merchant , Qi Ming Ng , Ning Wang
IPC分类号: H04L12/28 , H04L12/56 , H04L29/06 , H04L12/741 , H04L12/721 , H04L12/761
CPC分类号: H04L69/22 , H04L45/16 , H04L45/566 , H04L45/74
摘要: A network switch apparatus, includes: a network port configured to receive a packet; instrument ports configured to communicate with respective network monitoring instruments; a packet duplication module configured to copy the packet to provide multiple packets that are identical to each other; a tagging module configured to tag the multiple packets with different respective identifiers to obtain tagged packets; and a processing unit coupled to the instrument ports; wherein the processing unit is configured to determine whether a first one of the tagged packets satisfies a first criterion, whether a second one of the tagged packets satisfies a second criterion, process the first one of the tagged packets in a first manner if the first one of the tagged packets satisfies the first criterion, and process the second one of the tagged packets in a second manner if the second one of the tagged packets satisfies the second criterion.
摘要翻译: 一种网络交换设备,包括:被配置为接收分组的网络端口; 仪器端口配置为与相应的网络监控仪器通信; 分组复制模块,被配置为复制所述分组以提供彼此相同的多个分组; 标签模块,被配置为用不同的相应标识符来标记所述多个分组,以获得标记的分组; 以及耦合到所述仪器端口的处理单元; 其中所述处理单元被配置为确定所述经标记的分组中的第一个是否满足第一准则,所述有标签的分组中的第二个是否满足第二准则,如果所述第一标准的第一个处理所述第一标签分组, 的标签分组满足第一准则,并且如果标记分组中的第二个满足第二准则,则以第二方式处理标记分组中的第二个。
-
-
-
-
-
-
-
-
-
搜索结果
140 条记录 (耗时 0.023 秒)
