-
21.发明授权Network device having service card for intercept and monitoring of packet flows 有权具有用于拦截和监视分组流的业务卡的网络设备公开(公告)号:US08037175B1
公开(公告)日:2011-10-11
申请号:US12822904
申请日:2010-06-24
申请人: Manoj Apte , Sandeep Jain , Fritz Budiyanto , Senthil Kumar Duraiswamy , Saravanan Deenadayalan , Yulianto Kokasih Ko
发明人: Manoj Apte , Sandeep Jain , Fritz Budiyanto , Senthil Kumar Duraiswamy , Saravanan Deenadayalan , Yulianto Kokasih Ko
IPC分类号: G06F15/173
CPC分类号: H04L43/028 , H04L45/10 , H04L45/38
摘要: A network device comprises a service card (e.g., a dynamic flow capture (DFC) service card) executing a communication protocol to receive, from one or more control sources, flow capture information specifying at least one destination and criteria for matching one or more packet flows. The network device includes a network interface card to receive a packet from a network, a packet replication module to replicate the packet, and a control unit to provide the replicated packet from the interface card to the DFC service card. The network device includes a filter cache that caches flow capture information recently received from the CSs. The network device may provide real-time intercept and relaying of specified network-based communications. Moreover, the techniques described herein allow CSs to tap packet flows with little delay after specifying flow capture information, e.g., within 50 milliseconds, even under high-volume networks.
摘要翻译: 网络设备包括执行通信协议的服务卡(例如,动态流捕获(DFC)服务卡),以从一个或多个控制源接收指定至少一个目的地的流捕获信息和用于匹配一个或多个分组的标准 流动。 网络设备包括从网络接收分组的网络接口卡,用于复制分组的分组复制模块,以及将接收卡的复制分组提供给DFC服务卡的控制单元。 网络设备包括高速缓存从CS接收到的流捕获信息的过滤器高速缓存。 网络设备可以提供指定的基于网络的通信的实时拦截和中继。 此外,本文描述的技术允许CS在指定流捕获信息(例如,在50毫秒内)甚至在高容量网络下,稍微延迟地敲击分组流。
-
公开(公告)号:US08010085B2
公开(公告)日:2011-08-30
申请号:US12274222
申请日:2008-11-19
IPC分类号: H04M1/66
CPC分类号: H04L63/102 , G06F21/577 , G06F2221/2141
摘要: Systems, methods and apparatus for tunneling in a cloud based security system. Management of tunnels, such as data tunnels, between enterprises and processing nodes for a security service is facilitate by the use of virtual gateway nodes and migration failover to minimize traffic impacts when a tunnel is migrated from one processing node to another processing node.
摘要翻译: 用于基于云的安全系统中隧道的系统,方法和装置。 通过使用虚拟网关节点和迁移故障转移来管理隧道,如数据隧道,企业和处理节点之间的隧道,可以通过隧道从一个处理节点迁移到另一个处理节点来最大限度地减少流量影响。
-
公开(公告)号:US20100125903A1
公开(公告)日:2010-05-20
申请号:US12274222
申请日:2008-11-19
IPC分类号: G06F15/173
CPC分类号: H04L63/102 , G06F21/577 , G06F2221/2141
摘要: Systems, methods and apparatus for tunneling in a cloud based security system. Management of tunnels, such as data tunnels, between enterprises and processing nodes for a security service is facilitate by the use of virtual gateway nodes and migration failover to minimize traffic impacts when a tunnel is migrated from one processing node to another processing node.
摘要翻译: 用于基于云的安全系统中隧道的系统,方法和装置。 通过使用虚拟网关节点和迁移故障转移来管理隧道,如数据隧道,企业和处理节点之间的隧道,可以通过隧道从一个处理节点迁移到另一个处理节点来最大限度地减少流量影响。
-
-
搜索结果
23 条记录 (耗时 0.033 秒)
