-
公开(公告)号:US20180198735A1
公开(公告)日:2018-07-12
申请号:US15912798
申请日:2018-03-06
发明人: Yaniv Ben-Itzhak , Amitabha Biswas , Anna Levin , Eran Raichstein
IPC分类号: H04L12/935 , H04L12/703 , H04L12/715 , H04L12/24 , H04L12/741
CPC分类号: H04L49/30 , H04L41/5025 , H04L41/5051 , H04L41/5058 , H04L45/28 , H04L45/64 , H04L45/745
摘要: Embodiments of the present invention provide methods, computer program products, and systems for fulfilling a service chain request. Embodiments of the present invention can be used to collect network data of a plurality of instances of services and connections between the plurality of instances of services and redefine service chains to direct flow to an alternative instance of a service responsive to determining that an instance of a service in a service chain has become inaccessible. Embodiments of the present invention can be used to fulfill a service chain request and avoid one or more instances of services (and/or connections there between) that could cause a delay between transmitting data packets through the service chain.
-
公开(公告)号:US09954901B2
公开(公告)日:2018-04-24
申请号:US15397892
申请日:2017-01-04
发明人: Katherine Barabash , Yaniv Ben-Itzhak , Hani T. Jamjoom , Anna Levin , Eran Raichstein , Shriram Rajagopalan
IPC分类号: H04L29/06
CPC分类号: H04L63/20 , H04L63/0218 , H04L63/0236 , H04L63/1408 , H04L63/1416 , H04L63/1425 , H04L63/1441
摘要: A learning-based computer network security system may include a service delivery controller executing on one or more of hardware processors that receives requests for transmitting network flows to one or more destination machines via a communication network. The service delivery controller may group the network flows into one or more similarity groups, and direct the network flows in a particular similarity group to a learning-based security appliance instance designated for the particular similarity group. Based on receiving feedback from the security appliance instance, the service delivery controller may regroup the similarity groups, and/or redirect the network flows, and/or redistribute the training results between the appliances, and/or modify assignment of appliances to similarity groups.
-
公开(公告)号:US09578050B1
公开(公告)日:2017-02-21
申请号:US15010637
申请日:2016-01-29
发明人: Katherine Barabash , Yaniv Ben-Itzhak , Hani T. Jamjoom , Anna Levin , Eran Raichstein , Shriram Rajagopalan
IPC分类号: H04L29/06
CPC分类号: H04L63/20 , H04L63/0218 , H04L63/0236 , H04L63/1408 , H04L63/1416 , H04L63/1425 , H04L63/1441
摘要: A learning-based computer network security system may include a service delivery controller executing on one or more of hardware processors that receives requests for transmitting network flows to one or more destination machines via a communication network. The service delivery controller may group the network flows into one or more similarity groups, and direct the network flows in a particular similarity group to a learning-based security appliance instance designated for the particular similarity group. Based on receiving feedback from the security appliance instance, the service delivery controller may regroup the similarity groups, and/or redirect the network flows, and/or redistribute the training results between the appliances, and/or modify assignment of appliances to similarity groups.
摘要翻译: 基于学习的计算机网络安全系统可以包括在一个或多个硬件处理器上执行的服务递送控制器,所述硬件处理器经由通信网络接收向一个或多个目的地机器发送网络流的请求。 服务传递控制器可以将网络流分组成一个或多个相似性组,并将特定相似性组中的网络流引导到为特定相似组指定的基于学习的安全设备实例。 基于接收到来自安全设备实例的反馈,服务传送控制器可以重新组合相似性组,和/或重定向网络流,和/或在设备之间重新分配训练结果,和/或修改设备到相似组的分配。
-
14.发明授权Propagating a flow policy by control packet in a software defined network (SDN) based network 有权在基于软件定义网络(SDN)的网络中通过控制分组传播流策略公开(公告)号:US09407541B2
公开(公告)日:2016-08-02
申请号:US14260305
申请日:2014-04-24
发明人: Katherine Barabash , Yaniv Ben-Itzhak , Rami Cohen
IPC分类号: H04L12/00 , H04L12/721 , H04L12/717 , H04L12/725
CPC分类号: H04L45/26 , H04L45/306 , H04L45/38 , H04L45/42 , H04L49/70
摘要: Propagating a flow policy within a software defined network (SDN) includes sending a route path request for a flow from a first forwarding node to an SDN controller of the SDN, receiving route path information specifying a route path for the flow from the SDN controller, and generating, using a processor of the first forwarding node, a control packet including the route path. The control packet is communicated from the first forwarding node to a second forwarding node.
摘要翻译: 传播软件定义网络(SDN)内的流策略包括:从第一转发节点向SDN的SDN控制器发送流的路由请求,接收指定来自SDN控制器的流的路由路径信息, 以及使用所述第一转发节点的处理器生成包括所述路由路径的控制分组。 控制分组从第一转发节点传送到第二转发节点。
-
15.发明申请Reducing network and appliances load through cooperative control plane decisions 有权通过协同控制平面决策减少网络和设备负载公开(公告)号:US20150365327A1
公开(公告)日:2015-12-17
申请号:US14301349
申请日:2014-06-11
发明人: Katherine Barabash , Yaniv Ben-Itzhak , Rami Cohen
IPC分类号: H04L12/803 , H04L12/801 , H04L12/813
摘要: Systems and methods for forwarding data packets in a communications network, the method comprising: providing information included in a first portion of a data packet to a network policy unit, in response to a forwarding device receiving a data packet to be forwarded over one or more network routes; forwarding the data packet according to a flow policy, in response to the forwarding device receiving the flow policy from the network policy unit, wherein the flow policy applied to the data packet by the forwarding device is determined by the network policy unit based on the network policy unit performing an analysis of the information included in the first portion of the data packet in view of policy information provided to the network policy unit.
摘要翻译: 用于在通信网络中转发数据分组的系统和方法,所述方法包括:响应于转发设备接收要在一个或多个上转发的数据分组,向网络策略单元提供包括在数据分组的第一部分中的信息 网路; 响应于所述转发设备从所述网络策略单元接收到流策略,根据流策略转发所述数据分组,其中由所述转发设备应用于所述数据分组的流策略由所述网络策略单元基于所述网络 策略单元考虑到提供给网络策略单元的策略信息来执行对包括在数据分组的第一部分中的信息的分析。
-
-
-
-
搜索结果
15 条记录 (耗时 0.019 秒)
