公开(公告)号：US08243611B2

公开(公告)日：2012-08-14

申请号：US11566464

申请日：2006-12-04

申请人： Michael H. Nolterieke ,  David B. Rhoades ,  Norman C. Strole

发明人： Michael H. Nolterieke ,  David B. Rhoades ,  Norman C. Strole

IPC分类号： H04L12/26

CPC分类号： H04L41/0803 ,  H04L29/1232 ,  H04L61/2015 ,  H04L61/2092 ,  H04L69/40

摘要： Method and system for configuring a device that has failed to obtain a network address. In one aspect of the invention, a method for remotely configuring a device includes attempting to obtain a network address from a network server over a network, and receiving a valid network address over the network from a remote device connected to the network in response to failing to obtain the network address from the network server.

摘要翻译： 配置无法获取网络地址的设备的方法和系统。 在本发明的一个方面，用于远程配置设备的方法包括尝试通过网络从网络服务器获得网络地址，以及响应于失败从连接到网络的远程设备通过网络接收有效的网络地址 从网络服务器获取网络地址。

公开(公告)号：US07940696B2

公开(公告)日：2011-05-10

申请号：US11960870

申请日：2007-12-20

申请人： Eric R. Kern ,  William G. Pagan ,  Norman C. Strole

发明人： Eric R. Kern ,  William G. Pagan ,  Norman C. Strole

IPC分类号： H04L12/28

CPC分类号： H04L12/12 ,  Y02D50/40

摘要： Methods, apparatus, and products are disclosed for remotely booting computing nodes in a switching domain, the switching domain capable of connecting to other switching domains through a network switch, that include: receiving, in the switch, a wakeup request packet that requests activation of one or more computing nodes in the switching domain, the wakeup request packet having a process port value specifying physical ports on the switch to which the one or more computing nodes are physically connected; identifying, by the switch, a network address for each computing node in dependence upon the physical port on the switch to which each computing node to be activated is physically connected; generating, by the switch, a wakeup packet for each computing node in dependence upon the identified network address for that computing node; and transmitting, by the switch to each computing node to be activated, the wakeup packet for that computing node.

摘要翻译： 公开了用于远程启动交换域中的计算节点的方法，装置和产品，所述交换域能够通过网络交换机连接到其他交换域，其包括：在所述交换机中接收请求激活的唤醒请求分组 所述切换域中的一个或多个计算节点，所述唤醒请求分组具有指定所述一个或多个计算节点物理连接​​到的交换机上的物理端口的处理端口值; 根据交换机上要激活的每个计算节点物理连接​​的物理端口，通过交换机识别每个计算节点的网络地址; 通过交换机根据所识别的该计算节点的网络地址为每个计算节点生成唤醒分组; 并且通过切换到要激活的每个计算节点，发送用于该计算节点的唤醒分组。

公开(公告)号：US07689295B2

公开(公告)日：2010-03-30

申请号：US11942319

申请日：2007-11-19

申请人： Norman C. Strole

发明人： Norman C. Strole

IPC分类号： G05B11/01 ,  G05B9/02 ,  G06F15/177 ,  G06F15/173 ,  G08B29/00

CPC分类号： G05B23/0221 ,  B64F5/00 ,  G06F11/0736 ,  G06F11/0739 ,  G06F11/0793 ,  G21D3/001 ,  H04L12/413

摘要： A method and apparatus for monitoring and control of a system is disclosed. The method and apparatus include providing a plurality of sensors, a table, and a network processor. The sensors monitor attributes of the system. The table includes a plurality of entries. Each of the entries indicates at least one action to be taken in response to a portion attributes having particular values. The network processor is coupled with the sensors and with the table. The network processor receives from the sensors a plurality of statuses for the attributes. The network processor further determines at least one entry of the entries to access based upon the statuses and accesses the at least one entry to determine a corresponding action.

摘要翻译： 公开了一种用于监视和控制系统的方法和装置。 该方法和装置包括提供多个传感器，表和网络处理器。 传感器监控系统的属性。 该表包括多个条目。 每个条目指示响应于具有特定值的部分属性而采取的至少一个动作。 网络处理器与传感器和桌子相连。 网络处理器从传感器接收属性的多个状态。 网络处理器还基于状态进一步确定条目的至少一个条目以访问，并访问至少一个条目以确定相应的动作。

公开(公告)号：US07278162B2

公开(公告)日：2007-10-02

申请号：US10405671

申请日：2003-04-01

申请人： Charles Steven Lingafelt ,  Norman C. Strole

发明人： Charles Steven Lingafelt ,  Norman C. Strole

IPC分类号： H04L29/00

CPC分类号： H04L63/1408 ,  H04L67/1002 ,  H04L2029/06054

摘要： A method and system for detecting attempted intrusions into a network, including: providing a network processor for monitoring packets transmitted over a communications link of the network; receiving a plurality of packets from the communications link by the network processor; and pre-filtering the plurality of packets by the network processor to identify packets potentially with patterns of interest. These packets are forwarded to a NIDS. The NIDS then examines the forwarded packets to identify the packets that have the pattern of interest. By using the network processor to pre-filter the packets, the number of packets examined by the NIDS is significantly reduced. Also, the capacity of the NIDS can be increased without requiring changes in the NIDS.

摘要翻译： 一种用于检测尝试入侵到网络中的方法和系统，包括：提供网络处理器，用于监视通过所述网络的通信链路发送的分组; 由所述网络处理器从所述通信链路接收多个分组; 并且由网络处理器对该多个分组进行预过滤，以便以感兴趣的模式识别分组。 这些数据包将转发给NIDS。 然后，NIDS检查转发的分组以识别具有感兴趣模式的分组。 通过使用网络处理器对数据包进行预过滤，NIDS检查的数据包数量显着减少。 此外，NIDS的能力可以增加，而不需要改变NIDS。

公开(公告)号：US5524052A

公开(公告)日：1996-06-04

申请号：US322898

申请日：1994-10-13

申请人： Kurt E. Augustine ,  James E. Neeley, Sr. ,  Norman C. Strole

发明人： Kurt E. Augustine ,  James E. Neeley, Sr. ,  Norman C. Strole

IPC分类号： G06F13/00 ,  G06F21/20 ,  H04L9/32 ,  H04L9/36 ,  H04L12/24 ,  H04L29/06 ,  H04K1/00

CPC分类号： H04L41/28 ,  H04L41/046 ,  H04L63/123 ,  H04L2463/121 ,  H04L63/0435

摘要： A network management frame contains a clear text (unencrypted) management command field and a security field. The management frame is sent to a data communications network by an authorized managing entity (manager). The management frame is addressed to a managing agent (agent). The security field includes two sub fields. The first sub field is a clear text time stamp. The second sub field includes this same time stamp value concatenated with a checksum that is calculated by the manager for the specific clear text management command contained within the management frame. The concatenated value is then encrypted under a secret cryptographic key that is shared by the manager and the agent. The agent receives the management frame, calculates a checksum of the clear text management command, and appends this checksum to the clear text time stamp as contained in the received management frame. This value is then encrypted using the shared cryptographic code. If the result matches the second sub field of the received management command, integrity of the received management command is assured. Next, the clear text value of time stamp contained within the received management command is checked against a common clock within the agent. If the value of this time stamp falls within an predetermined time window, the authenticity of the received management command has been verified.

公开(公告)号：US08194661B2

公开(公告)日：2012-06-05

申请号：US12570663

申请日：2009-09-30

申请人： Joseph E. Bolan ,  Keith M. Campbell ,  Phuong T. Nguyen ,  Norman C. Strole

发明人： Joseph E. Bolan ,  Keith M. Campbell ,  Phuong T. Nguyen ,  Norman C. Strole

IPC分类号： H04L12/28 ,  H04L12/56 ,  H04L12/54 ,  H04J3/26 ,  G06F15/16 ,  G06F15/173

CPC分类号： H04L41/0886 ,  H04L45/60

摘要： Autoconfiguration of an IPv6 component in a segmented network including receiving an IPv6 packet; determining whether the received IPv6 packet is a router advertisement or a router solicitation; if the received IPv6 packet is a router advertisement, then retrieving through an out-of-band link a MAC address for the IPv6 component, removing a MAC address of a sending router, inserting in the packet instead an internal MAC address for forwarding packets to the IPv6 component, removing a multicast destination MAC address, inserting in the packet the destination MAC address of the IPv6 component, and forwarding the packet to the IPv6 component as a unicast message; if the received IPv6 packet is a router solicitation, then removing the MAC address of the sending IPv6 component, inserting in the packet instead an external MAC address for forwarding packets to the router, and forwarding the packet to the router as a multicast message.

摘要翻译： 在分段网络中自动配置IPv6组件，包括接收IPv6分组; 确定接收的IPv6分组是路由器广告还是路由器招揽; 如果接收到的IPv6报文是路由器通告，则通过带外链路检索IPv6组件的MAC地址，删除发送路由器的MAC地址，插入数据包，而不是将内部MAC地址转发到 IPv6组件，去除组播目的MAC地址，在报文中插入IPv6组播组的目的MAC地址，并将报文转发到IPv6组件作为单播报文; 如果接收到的IPv6报文是路由器请求，则删除发送IPv6组件的MAC地址，插入数据包而不是将外部MAC地址转发给路由器，并将数据包转发到路由器作为组播消息。

公开(公告)号：US20110182299A1

公开(公告)日：2011-07-28

申请号：US13080776

申请日：2011-04-06

申请人： Mitchell L. Loeb ,  Harry Cheselka ,  William G. Holland ,  Norman C. Strole ,  Edward S. Suffern

发明人： Mitchell L. Loeb ,  Harry Cheselka ,  William G. Holland ,  Norman C. Strole ,  Edward S. Suffern

IPC分类号： H04L12/56

CPC分类号： H04L47/10 ,  H04L47/22 ,  H04L47/2441 ,  H04L47/30 ,  H04L47/31

摘要： An improved solution for limiting the transmission rate of data over a network is provided according to an aspect of the invention. In particular, the transmission rate for a port is limited by rate limiting one of a plurality of queues (e.g., class/quality of service queues) for the port, and directing all data (e.g., packets) for transmission through the port to the single rate limited queue. In this manner, the transmission rate for the port can be effectively limited to accommodate, for example, a lower transmission rate for a port on a destination node.

摘要翻译： 根据本发明的一个方面提供了一种用于限制网络上的数据传输速率的改进的解决方案。 特别地，端口的传输速率受限于端口的多个队列（例如，服务队列的类别/服务质量）之一的速率限制，并且引导所有数据（例如，分组）通过端口传输到 单速限制队列 以这种方式，可以有效地限制端口的传输速率，以适应例如目的地节点上的端口的较低传输速率。

公开(公告)号：US20110075666A1

公开(公告)日：2011-03-31

申请号：US12570663

申请日：2009-09-30

申请人： Joseph E. Bolan ,  Keith M. Campbell ,  Phuong T. Nguyen ,  Norman C. Strole

发明人： Joseph E. Bolan ,  Keith M. Campbell ,  Phuong T. Nguyen ,  Norman C. Strole

IPC分类号： H04L12/56

CPC分类号： H04L41/0886 ,  H04L45/60

摘要： Autoconfiguration of an IPv6 component in a segmented network including receiving an IPv6 packet; determining whether the received IPv6 packet is a router advertisement or a router solicitation; if the received IPv6 packet is a router advertisement, then retrieving through an out-of-band link a MAC address for the IPv6 component, removing a MAC address of a sending router, inserting in the packet instead an internal MAC address for forwarding packets to the IPv6 component, removing a multicast destination MAC address, inserting in the packet the destination MAC address of the IPv6 component, and forwarding the packet to the IPv6 component as a unicast message; if the received IPv6 packet is a router solicitation, then removing the MAC address of the sending IPv6 component, inserting in the packet instead an external MAC address for forwarding packets to the router, and forwarding the packet to the router as a multicast message.

摘要翻译： 在分段网络中自动配置IPv6组件，包括接收IPv6分组; 确定接收的IPv6分组是路由器广告还是路由器招揽; 如果接收到的IPv6报文是路由器通告，则通过带外链路检索IPv6组件的MAC地址，删除发送路由器的MAC地址，插入数据包，而不是将内部MAC地址转发到 IPv6组件，去除组播目的MAC地址，在报文中插入IPv6组播组的目的MAC地址，并将报文转发到IPv6组件作为单播报文; 如果接收到的IPv6报文是路由器请求，则删除发送IPv6组件的MAC地址，插入数据包而不是将外部MAC地址转发给路由器，并将数据包转发到路由器作为组播消息。

公开(公告)号：US20090161667A1

公开(公告)日：2009-06-25

申请号：US11960870

申请日：2007-12-20

申请人： Eric R. Kern ,  William G. Pagan ,  Norman C. Strole

发明人： Eric R. Kern ,  William G. Pagan ,  Norman C. Strole

IPC分类号： H04L12/28

CPC分类号： H04L12/12 ,  Y02D50/40

摘要： Methods, apparatus, and products are disclosed for remotely booting computing nodes in a switching domain, the switching domain capable of connecting to other switching domains through a network switch, that include: receiving, in the switch, a wakeup request packet that requests activation of one or more computing nodes in the switching domain, the wakeup request packet having a process port value specifying physical ports on the switch to which the one or more computing nodes are physically connected; identifying, by the switch, a network address for each computing node in dependence upon the physical port on the switch to which each computing node to be activated is physically connected; generating, by the switch, a wakeup packet for each computing node in dependence upon the identified network address for that computing node; and transmitting, by the switch to each computing node to be activated, the wakeup packet for that computing node.

摘要翻译： 公开了用于远程启动交换域中的计算节点的方法，装置和产品，所述交换域能够通过网络交换机连接到其他交换域，其包括：在所述交换机中接收请求激活的唤醒请求分组 所述切换域中的一个或多个计算节点，所述唤醒请求分组具有指定所述一个或多个计算节点物理连接​​到的交换机上的物理端口的处理端口值; 根据交换机上要激活的每个计算节点物理连接​​的物理端口，通过交换机识别每个计算节点的网络地址; 通过交换机根据所识别的该计算节点的网络地址为每个计算节点生成唤醒分组; 并且通过切换到要激活的每个计算节点，发送用于该计算节点的唤醒分组。

公开(公告)号：US07548753B2

公开(公告)日：2009-06-16

申请号：US12050260

申请日：2008-03-18

申请人： Thomas A. Millard ,  Charles J. Sannipoli ,  Norman C. Strole

发明人： Thomas A. Millard ,  Charles J. Sannipoli ,  Norman C. Strole

IPC分类号： H04W24/00

CPC分类号： H04W4/02 ,  G01S5/0027 ,  H04L67/18 ,  H04W12/10 ,  H04W28/06 ,  H04W28/14 ,  H04W40/00 ,  H04W64/00 ,  H04W74/00 ,  H04W80/00 ,  Y10S707/99933

摘要： A method and system is provided for tracking mobile devices combining packet processing technology with Global Positioning System (GPS) technology. A central network system comprising a packet processing subsystem receives transmitted GPS location data from a mobile device transmitting GPS location data, wherein the packet processing subsystem uses a table access scheme to process the GPS location data and produce responsive mapping data, and the central network processing system compares the mapping data to a map and identifies a corresponding map location. Embodiments may also correlate device identification data, tracking table entries, and/or billing zone charges. In some embodiments a look-up key is built responsive to the GPS location data and used to identify map locations. The table access scheme may be a key hashing scheme and, in particular, a longest prefix match type scheme.

摘要翻译： 提供了一种方法和系统，用于跟踪将分组处理技术与全球定位系统（GPS）技术相结合的移动设备。 包括分组处理子系统的中央网络系统从发送GPS位置数据的移动设备接收发送的GPS定位数据，其中分组处理子系统使用表访问方案来处理GPS位置数据并产生响应映射数据，以及中央网络处理 系统将映射数据与映射进行比较，并识别相应的映射位置。 实施例还可以将设备识别数据，跟踪表条目和/或计费区域费用相关联。 在一些实施例中，响应于GPS位置数据构建查找密钥并用于识别地图位置。 表访问方案可以是密钥散列方案，特别是最长前缀匹配类型方案。