-
公开(公告)号:US08438252B2
公开(公告)日:2013-05-07
申请号:US13335745
申请日:2011-12-22
申请人: Nir Zuk , Ravi Ithal , Anupam Bharali
发明人: Nir Zuk , Ravi Ithal , Anupam Bharali
IPC分类号: G06F15/177
CPC分类号: H04L41/08 , H04L12/4679 , H04L41/0853 , H04L63/0272 , H04L67/10
摘要: Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for managing network devices. A central management system stores shared configuration objects in a central configuration database. A network device stores shared configuration objects and device-specific configuration objects in a local configuration database. The local configuration database's shared configuration objects correspond to shared configuration objects in the central configuration database. The network device can be configured locally or using the central management system.
摘要翻译: 方法,系统和装置,包括在计算机存储介质上编码的计算机程序,用于管理网络设备。 中央管理系统将共享配置对象存储在中央配置数据库中。 网络设备将共享的配置对象和设备特定的配置对象存储在本地配置数据库中。 本地配置数据库的共享配置对象与中央配置数据库中的共享配置对象相对应。 网络设备可以在本地配置或使用中央管理系统。
-
公开(公告)号:US20130074184A1
公开(公告)日:2013-03-21
申请号:US13617729
申请日:2012-09-14
申请人: Nir Zuk , Yu Ming Mao
发明人: Nir Zuk , Yu Ming Mao
IPC分类号: G06F21/00
CPC分类号: H04L63/0227
摘要: Packet processing is provided in a multiple processor system including a first processor to processing a packet and to create a tag associated with the packet. The tag includes information about the processing of the packet. A second processor receives the packet subsequent to the first processor and processes the packet using the tag information.
摘要翻译: 在包括第一处理器的多处理器系统中提供分组处理以处理分组并创建与分组相关联的标签。 标签包括有关数据包处理的信息。 第二处理器接收第一处理器之后的分组,并使用标签信息处理分组。
-
33.发明授权Detection of network security breaches based on analysis of network record logs 有权基于网络记录日志的分析检测网络安全漏洞公开(公告)号:US08326881B2
公开(公告)日:2012-12-04
申请号:US13014339
申请日:2011-01-26
申请人: Nir Zuk
发明人: Nir Zuk
CPC分类号: H04L63/1425 , Y10S707/99943
摘要: Computer program products and methods of inspecting a log of security records in a computer network are provided. The method includes retrieving a log record, processing the log record including deriving a key to a table, determining a data value from information in the log record and adding the data value to a list of data values associated with the key if the data value is unique. One or more entries of the table are evaluated based on predetermined criteria to detect attempted security breaches.
摘要翻译: 提供计算机程序产品和检查计算机网络中安全记录日志的方法。 该方法包括检索日志记录,处理日志记录,包括向表导出密钥,从日志记录中的信息确定数据值,并将数据值添加到与密钥相关联的数据值的列表中,如果数据值为 独特。 基于预定标准评估表中的一个或多个条目以检测尝试的安全漏洞。
-
34.发明授权Detection of network security breaches based on analysis of network record logs 有权基于网络记录日志的分析检测网络安全漏洞公开(公告)号:US07904479B2
公开(公告)日:2011-03-08
申请号:US11951518
申请日:2007-12-06
申请人: Nir Zuk
发明人: Nir Zuk
CPC分类号: H04L63/1425 , Y10S707/99943
摘要: Computer program products and methods of inspecting a log of security records in a computer network are provided. The method includes retrieving a log record, processing the log record including deriving a key to a table, determining a data value from information in the log record and adding the data value to a list of data values associated with the key if the data value is unique. One or more entries of the table are evaluated based on predetermined criteria to detect attempted security breaches.
摘要翻译: 提供计算机程序产品和检查计算机网络中安全记录日志的方法。 该方法包括检索日志记录,处理日志记录,包括向表导出密钥,从日志记录中的信息确定数据值,并将数据值添加到与密钥相关联的数据值的列表中,如果数据值为 独特。 基于预定标准评估表中的一个或多个条目以检测尝试的安全漏洞。
-
公开(公告)号:US20080253366A1
公开(公告)日:2008-10-16
申请号:US11734198
申请日:2007-04-11
申请人: Nir Zuk , Yuming Mao , Haoying Xu , Arnit Green
发明人: Nir Zuk , Yuming Mao , Haoying Xu , Arnit Green
IPC分类号: H04L12/56
CPC分类号: H04L69/22 , H04L45/04 , H04L45/308 , H04L45/54 , H04L45/56 , H04L45/60 , H04L45/66 , H04L45/745
摘要: Methods and apparatus for processing data packets in a computer network are described. One general method includes receiving a data packet; examining the data packet to classify the data packet including classifying the data packet as a L2 or L3 packet and including determining at least one zone associated with the packet; processing the packet in accordance with one or more policies associated with the zone; determining forwarding information associated with the data packet; and if one or more policies permit, forwarding the data packet toward an intended destination using the forwarding information.
摘要翻译: 描述了在计算机网络中处理数据分组的方法和装置。 一种一般方法包括接收数据包; 检查所述数据分组以对所述数据分组进行分类,包括将所述数据分组分类为L2或L3分组,并且包括确定与所述分组相关联的至少一个区域; 根据与该区域相关联的一个或多个策略来处理分组; 确定与所述数据分组相关联的转发信息; 并且如果一个或多个策略允许,则使用转发信息将数据分组转发到预期目的地。
-
公开(公告)号:US20070297333A1
公开(公告)日:2007-12-27
申请号:US11475393
申请日:2006-06-26
申请人: Nir Zuk , Song Wang , Siu-Wang Leung , Fengmin Gong
发明人: Nir Zuk , Song Wang , Siu-Wang Leung , Fengmin Gong
CPC分类号: H04L63/0227 , H04L63/1416
摘要: Methods and apparatuses are described for inspecting data packets in a computer network. One or more data packets through the network have associated header data and content. One method includes receiving a data packet, examining the data packet to classify the data packet including classifying the data packet using information included in the header and content, determining flow instructions for processing the packet based on both the header information and the content and processing of the packet using the flow instructions.
摘要翻译: 描述了用于检查计算机网络中的数据分组的方法和装置。 通过网络的一个或多个数据包具有相关联的头部数据和内容。 一种方法包括接收数据分组,检查数据分组以对数据分组进行分类,包括使用包括在报头和内容中的信息对数据分组进行分类,确定基于报头信息和内容的处理分组的流指令,以及处理 该包使用流程指令。
-
公开(公告)号:US08873556B1
公开(公告)日:2014-10-28
申请号:US12344067
申请日:2008-12-24
申请人: Nir Zuk , Yonghui Cheng , Wilson Xu , Monty S. Gill
发明人: Nir Zuk , Yonghui Cheng , Wilson Xu , Monty S. Gill
CPC分类号: H04L45/306 , H04L45/38 , H04L45/74
摘要: Methods, systems, and apparatus, including computer program products, featuring receiving at a network device a plurality of packets associated with a flow, one or more of the plurality of packets having associated header data and content. Based on the content of one or more first packets in the plurality of packets, the network device identifies an application associated with the flow, where none of the first packets is addressed to the network device. For one or more second packets associated with the flow, the network device determines a forwarding destination for the second packets based on the application associated with the flow and forwards the packet according to the determined forwarding destination.
摘要翻译: 方法,系统和装置,包括计算机程序产品,其特征在于,在网络设备处接收与流相关联的多个分组,所述多个分组中的一个或多个具有相关联的报头数据和内容。 基于多个分组中的一个或多个第一分组的内容,网络设备识别与流相关联的应用,其中没有第一分组被寻址到网络设备。 对于与流相关联的一个或多个第二分组,网络设备基于与流相关联的应用来确定第二分组的转发目的地,并根据确定的转发目的地转发分组。
-
公开(公告)号:US08798065B2
公开(公告)日:2014-08-05
申请号:US13617729
申请日:2012-09-14
申请人: Nir Zuk , Yu Ming Mao
发明人: Nir Zuk , Yu Ming Mao
IPC分类号: H04L12/28
CPC分类号: H04L63/0227
摘要: Packet processing is provided in a multiple processor system including a first processor to processing a packet and to create a tag associated with the packet. The tag includes information about the processing of the packet. A second processor receives the packet subsequent to the first processor and processes the packet using the tag information.
摘要翻译: 在包括第一处理器的多处理器系统中提供分组处理以处理分组并创建与分组相关联的标签。 标签包括有关数据包处理的信息。 第二处理器接收第一处理器之后的分组,并使用标签信息处理分组。
-
公开(公告)号:US08565093B2
公开(公告)日:2013-10-22
申请号:US13193239
申请日:2011-07-28
申请人: Nir Zuk , Song Wang , Siu-Wang Leung , Fengmin Gong
发明人: Nir Zuk , Song Wang , Siu-Wang Leung , Fengmin Gong
IPC分类号: G06F15/16
CPC分类号: H04L63/0227 , H04L63/1416
摘要: Methods and apparatuses are described for inspecting data packets in a computer network. One or more data packets through the network have associated header data and content. One method includes receiving a data packet, examining the data packet to classify the data packet including classifying the data packet using information included in the header and content, determining flow instructions for processing the packet based on both the header information and the content and processing of the packet using the flow instructions.
-
公开(公告)号:US08443434B1
公开(公告)日:2013-05-14
申请号:US12852902
申请日:2010-08-09
申请人: Nir Zuk
发明人: Nir Zuk
IPC分类号: G06F17/00
CPC分类号: H04L63/0227
摘要: Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for processing a first plurality of packets using one or more processors and maintaining one or more flow records associated with the first plurality of packets, and processing a second plurality of packets without maintaining flow records associated with the second plurality of packets and allowing the second plurality of packets to pass to one or more destinations.
-
-
-
-
-
-
-
-
-
搜索结果
46 条记录 (耗时 0.016 秒)
