-
公开(公告)号:US07792047B2
公开(公告)日:2010-09-07
申请号:US12255561
申请日:2008-10-21
申请人: Tom Gallatin , Denny K. Miu , King L. Won , Patrick Pak Tak Leong , Ted C. Ho
发明人: Tom Gallatin , Denny K. Miu , King L. Won , Patrick Pak Tak Leong , Ted C. Ho
IPC分类号: G01R31/08
CPC分类号: H04L49/351 , H04L12/4641 , H04L12/4645 , H04L41/0213 , H04L41/046 , H04L41/0896 , H04L43/028 , H04L43/0823 , H04L43/0882 , H04L43/12 , H04L43/16 , H04L43/18 , H04L49/201 , H04L49/354 , H04L49/555 , H04L63/0227 , H04L63/1408
摘要: The present invention relates to a packet switch and a packet switching method. An example embodiment of the present invention comprises at least three network ports, at least one instrument port, a mux-switch, a packet switch fabric, and an address table. The embodiment updates the address table to include the source address of each ingress packet of each network port and associate the source address with that network port. The mux-switch routes the ingress packet traffic of each network port according to the identity of the network port so that at least a copy of the packet traffic of one of the network ports is routed to an instrument port. The packet switch fabric routes the packets from the instrument ports to the network ports according the destination address of the packet and the identity of the network port that is associated with the destination address as recorded in the address table.
摘要翻译: 分组交换机和分组交换方法技术领域本发明涉及分组交换机和分组交换方法。 本发明的示例性实施例包括至少三个网络端口,至少一个仪器端口,多路复用交换机,分组交换结构和地址表。 该实施例更新地址表以包括每个网络端口的每个入口分组的源地址,并将源地址与该网络端口相关联。 多路复用交换机根据网络端口的身份对每个网络端口的入口报文流量进行路由,使得一个网络端口的报文流量的至少一个副本路由到仪器端口。 分组交换结构根据报文的目的地址和与地址表中记录的目的地址相关联的网络端口的标识,将报文从仪器端口路由到网络端口。
-
公开(公告)号:US20050265248A1
公开(公告)日:2005-12-01
申请号:US11123465
申请日:2005-05-05
申请人: Tom Gallatin , Denny Miu , King Won , Patrick Leong , Ted Ho
发明人: Tom Gallatin , Denny Miu , King Won , Patrick Leong , Ted Ho
CPC分类号: H04L49/351 , H04L12/4641 , H04L12/4645 , H04L41/0213 , H04L41/046 , H04L41/0896 , H04L43/028 , H04L43/0823 , H04L43/0882 , H04L43/12 , H04L43/16 , H04L43/18 , H04L49/201 , H04L49/354 , H04L49/555 , H04L63/0227 , H04L63/1408
摘要: The present invention relates to a packet switch and a packet switching method. An example embodiment of the present invention comprises at least three network ports, at least one instrument port, a mux-switch, a packet switch fabric, and an address table. The embodiment updates the address table to include the source address of each ingress packet of each network port and associate the source address with that network port. The mux-switch routes the ingress packet traffic of each network port according to the identity of the network port so that at least a copy of the packet traffic of one of the network ports is routed to an instrument port. The packet switch fabric routes the packets from the instrument ports to the network ports according the destination address of the packet and the identity of the network port that is associated with the destination address as recorded in the address table.
摘要翻译: 本发明涉及分组交换机和分组交换方法。 本发明的示例性实施例包括至少三个网络端口,至少一个仪器端口,多路复用交换机,分组交换结构和地址表。 该实施例更新地址表以包括每个网络端口的每个入口分组的源地址,并将源地址与该网络端口相关联。 多路复用交换机根据网络端口的身份对每个网络端口的入口报文流量进行路由,使得一个网络端口的报文流量的至少一个副本路由到仪器端口。 分组交换结构根据报文的目的地址和与地址表中记录的目的地址相关联的网络端口的标识,将报文从仪器端口路由到网络端口。
-
公开(公告)号:US20110216771A1
公开(公告)日:2011-09-08
申请号:US12870731
申请日:2010-08-27
申请人: Tom GALLATIN , Denny K. MIU , King L. WON , Patrick Pak Tak LEONG , Ted HO
发明人: Tom GALLATIN , Denny K. MIU , King L. WON , Patrick Pak Tak LEONG , Ted HO
IPC分类号: H04L12/56
CPC分类号: H04L49/351 , H04L12/4641 , H04L12/4645 , H04L41/0213 , H04L41/046 , H04L41/0896 , H04L43/028 , H04L43/0823 , H04L43/0882 , H04L43/12 , H04L43/16 , H04L43/18 , H04L49/201 , H04L49/354 , H04L49/555 , H04L63/0227 , H04L63/1408
摘要: The present invention relates to a packet switch and a packet switching method. An example embodiment of the present invention comprises at least three network ports, at least one instrument port, a mux-switch, a packet switch fabric, and an address table. The embodiment updates the address table to include the source address of each ingress packet of each network port and associate the source address with that network port. The mux-switch routes the ingress packet traffic of each network port according to the identity of the network port so that at least a copy of the packet traffic of one of the network ports is routed to an instrument port. The packet switch fabric routes the packets from the instrument ports to the network ports according the destination address of the packet and the identity of the network port that is associated with the destination address as recorded in the address table.
摘要翻译: 分组交换机和分组交换方法技术领域本发明涉及分组交换机和分组交换方法。 本发明的示例性实施例包括至少三个网络端口,至少一个仪器端口,多路复用交换机,分组交换结构和地址表。 该实施例更新地址表以包括每个网络端口的每个入口分组的源地址,并将源地址与该网络端口相关联。 多路复用交换机根据网络端口的身份对每个网络端口的入口报文流量进行路由,使得一个网络端口的报文流量的至少一个副本路由到仪器端口。 分组交换结构根据报文的目的地址和与地址表中记录的目的地址相关联的网络端口的标识,将报文从仪器端口路由到网络端口。
-
公开(公告)号:US20110044349A1
公开(公告)日:2011-02-24
申请号:US12939849
申请日:2010-11-04
申请人: Tom GALLATIN , Denny K. MIU , King L. WON , Patrick Pak Tak LEONG , Ted HO
发明人: Tom GALLATIN , Denny K. MIU , King L. WON , Patrick Pak Tak LEONG , Ted HO
IPC分类号: H04L12/56
CPC分类号: H04L49/351 , H04L12/4641 , H04L12/4645 , H04L41/0213 , H04L41/046 , H04L41/0896 , H04L43/028 , H04L43/0823 , H04L43/0882 , H04L43/12 , H04L43/16 , H04L43/18 , H04L49/201 , H04L49/354 , H04L49/555 , H04L63/0227 , H04L63/1408
摘要: The present invention relates to a packet switch and a packet switching method. An example embodiment of the present invention comprises at least three network ports, at least one instrument port, a mux-switch, a packet switch fabric, and an address table. The embodiment updates the address table to include the source address of each ingress packet of each network port and associate the source address with that network port. The mux-switch routes the ingress packet traffic of each network port according to the identity of the network port so that at least a copy of the packet traffic of one of the network ports is routed to an instrument port. The packet switch fabric routes the packets from the instrument ports to the network ports according the destination address of the packet and the identity of the network port that is associated with the destination address as recorded in the address table.
摘要翻译: 分组交换机和分组交换方法技术领域本发明涉及分组交换机和分组交换方法。 本发明的示例性实施例包括至少三个网络端口,至少一个仪器端口,多路复用交换机,分组交换结构和地址表。 该实施例更新地址表以包括每个网络端口的每个入口分组的源地址,并将源地址与该网络端口相关联。 多路复用交换机根据网络端口的身份对每个网络端口的入口报文流量进行路由,使得一个网络端口的报文流量的至少一个副本路由到仪器端口。 分组交换结构根据报文的目的地址和与地址表中记录的目的地址相关联的网络端口的标识,将报文从仪器端口路由到网络端口。
-
公开(公告)号:US07440467B2
公开(公告)日:2008-10-21
申请号:US11123273
申请日:2005-05-05
申请人: Tom Gallatin , Denny K. Miu , King L. Won , Patrick Pak Tak Leong , Ted Ho
发明人: Tom Gallatin , Denny K. Miu , King L. Won , Patrick Pak Tak Leong , Ted Ho
IPC分类号: H04L12/28
CPC分类号: H04L49/351 , H04L12/4641 , H04L12/4645 , H04L41/0213 , H04L41/046 , H04L41/0896 , H04L43/028 , H04L43/0823 , H04L43/0882 , H04L43/12 , H04L43/16 , H04L43/18 , H04L49/201 , H04L49/354 , H04L49/555 , H04L63/0227 , H04L63/1408
摘要: The present invention relates to a packet switch and a packet switching method. An example embodiment of the present invention comprises at least three network ports, at least one instrument port, a mux-switch, a packet switch fabric, and an address table. The embodiment updates the address table to include the source address of each ingress packet of each network port and associate the source address with that network port. The mux-switch routes the ingress packet traffic of each network port according to the identity of the network port so that at least a copy of the packet traffic of one of the network ports is routed to an instrument port. The packet switch fabric routes the packets from the instrument ports to the network ports according the destination address of the packet and the identity of the network port that is associated with the destination address as recorded in the address table.
-
公开(公告)号:US20050271065A1
公开(公告)日:2005-12-08
申请号:US11123273
申请日:2005-05-05
申请人: Tom Gallatin , Denny Miu , King Won , Patrick Leong , Ted Ho
发明人: Tom Gallatin , Denny Miu , King Won , Patrick Leong , Ted Ho
CPC分类号: H04L49/351 , H04L12/4641 , H04L12/4645 , H04L41/0213 , H04L41/046 , H04L41/0896 , H04L43/028 , H04L43/0823 , H04L43/0882 , H04L43/12 , H04L43/16 , H04L43/18 , H04L49/201 , H04L49/354 , H04L49/555 , H04L63/0227 , H04L63/1408
摘要: The present invention relates to a packet switch and a packet switching method. An example embodiment of the present invention comprises at least three network ports, at least one instrument port, a mux-switch, a packet switch fabric, and an address table. The embodiment updates the address table to include the source address of each ingress packet of each network port and associate the source address with that network port. The mux-switch routes the ingress packet traffic of each network port according to the identity of the network port so that at least a copy of the packet traffic of one of the network ports is routed to an instrument port. The packet switch fabric routes the packets from the instrument ports to the network ports according the destination address of the packet and the identity of the network port that is associated with the destination address as recorded in the address table.
-
公开(公告)号:US06898632B2
公开(公告)日:2005-05-24
申请号:US10409006
申请日:2003-04-07
IPC分类号: G06F9/44 , G06F15/16 , G06F15/173
CPC分类号: H04L63/1408 , H04L63/0227
摘要: A system and method is presented for analyzing information in a communication line for unwanted intrusions and for allowing information to be transmitted back into the communication line without disrupting the communication traffic when an intrusion is detected. The system and method includes a security tap connected to a firewall. The security tap is also connected to an intrusion detection device. The intrusion detection device analyzes the information in the communication line for indicia of attempts to compromise the network. When such indicia is detected, the intrusion detection device sends a “kill” data packet back through the security tap and directed back to the communication line to the firewall to instruct the firewall to prevent further communications into the network by the intrusive source. An Ethernet switch or field programmable gate array (FPGA) is incorporated in the security tap to coordinate the transmission of the “kill” data packet to avoid data collisions with data transmissions already existing in the communication line.
-
公开(公告)号:US20050005031A1
公开(公告)日:2005-01-06
申请号:US10409006
申请日:2003-04-07
申请人: Stephen Gordy , Henry Poelstra , Robert Otis , Tom Gallatin
发明人: Stephen Gordy , Henry Poelstra , Robert Otis , Tom Gallatin
IPC分类号: G06F9/44 , G06F15/16 , G06F15/173
CPC分类号: H04L63/1408 , H04L63/0227
摘要: A system and method is presented for analyzing information in a communication line for unwanted intrusions and for allowing information to be transmitted back into the communication line without disrupting the communication traffic when an intrusion is detected. The system and method includes a security tap connected to a firewall. The security tap is also connected to an intrusion detection device. The intrusion detection device analyzes the information in the communication line for indicia of attempts to compromise the network. When such indicia is detected, the intrusion detection device sends a “kill” data packet back through the security tap and directed back to the communication line to the firewall to instruct the firewall to prevent further communications into the network by the intrusive source. An Ethernet switch or field programmable gate array (FPGA) is incorporated in the security tap to coordinate the transmission of the “kill” data packet to avoid data collisions with data transmissions already existing in the communication line.
摘要翻译: 提出了一种系统和方法,用于分析通信线路中不需要入侵的信息,并允许在检测到入侵时不中断通信流量,将信息发送回通信线路。 系统和方法包括连接到防火墙的安全抽头。 安全抽头也连接到入侵检测设备。 入侵检测设备分析通信线路中的信息,以便企图破坏网络。 当检测到这种标记时,入侵检测设备通过安全抽头发回“杀死”数据包,并将其引导回到防火墙的通信线路,以指示防火墙防止由入侵源进一步进入网络。 以太网交换机或现场可编程门阵列(FPGA)被并入安全抽头中以协调“杀死”数据分组的传输,以避免与通信线路中已经存在的数据传输的数据冲突。
-
-
-
-
-
-
-
搜索结果
18 条记录 (耗时 0.016 秒)
