-
公开(公告)号:US07681236B2
公开(公告)日:2010-03-16
申请号:US10790655
申请日:2004-03-01
申请人: Naohiro Tamura , Takuya Habu , Mayuko Morita , Satoru Torii , Osamu Koyano
发明人: Naohiro Tamura , Takuya Habu , Mayuko Morita , Satoru Torii , Osamu Koyano
CPC分类号: H04L63/1441 , H04L63/1458
摘要: An unauthorized access prevention system that includes a search unit searching the flowing-in path of the unauthorized access to the services by a Web system disclosed by a user's ISP, a determination unit determining the place to implement a countermeasure for protecting the services from the unauthorized access based on the result of the search, and a notification unit notifying, according to a determination that that the countermeasure is implemented in the flow source that makes the unauthorized access flow into the user's communication network, the determination to the flow source.
摘要翻译: 一种未经授权的访问防止系统,包括搜索单元,用于通过用户ISP公开的Web系统来搜索未经授权访问服务的流入路径;确定单元,确定用于保护服务免受未经许可的对策 基于搜索结果的访问,以及通知单元,根据在流入源中实施了将未经授权的访问流进入用户的通信网络的对策的确定,通知流向源的确定。
-
公开(公告)号:US07653942B2
公开(公告)日:2010-01-26
申请号:US10794097
申请日:2004-03-04
申请人: Naohiro Tamura , Takuya Habu , Mayuko Morita , Satoru Torii , Osamu Koyano
发明人: Naohiro Tamura , Takuya Habu , Mayuko Morita , Satoru Torii , Osamu Koyano
CPC分类号: H04L63/1458 , H04L63/10 , H04L63/1441
摘要: An unauthorized access prevention system includes a countermeasure method determination unit determining a method of taking countermeasures to protect a destination against unauthorized access based on a rate indicating a probability that predetermined traffic is unauthorized access. The rate is determined by calculating a number of times that the countermeasures were taken and subtracting a number of times that countermeasures were suspended, and dividing the resultant number of times that countermeasures were taken without suspension by the number of times that countermeasures were taken, for the predetermined traffic. The system also includes a storage device storing the number of times that countermeasures were taken and the number of times that countermeasures were taken without suspension. A countermeasure execution control unit controls when to take the countermeasures in the determined method. The countermeasure method determination unit selects an appropriate method of taking countermeasures by comparing the rate to predetermined threshold values.
摘要翻译: 未经授权的访问预防系统包括对策方法确定单元,其基于指示预定流量是未授权访问的概率的速率来确定采取防御目的地以防止未经授权访问的对策的方法。 通过计算采取反措施的次数,减去反措施暂停的次数来确定该比例,并将所采取的对抗措施的次数除以暂停的次数,采取反措施的次数,为 预定流量。 该系统还包括存储采取对策的次数的存储装置和没有暂停的对策的次数。 对策执行控制单元控制何时以所确定的方法采取对策。 对策方法确定单元通过将速率与预定阈值进行比较来选择采取对策的适当方法。
-
3.发明授权Apparatus and method of generating network simulation model, and storage medium storing program for realizing the method 失效生成网络仿真模型的装置和方法,以及用于实现该方法的存储介质存储程序公开(公告)号:US07031895B1
公开(公告)日:2006-04-18
申请号:US09572937
申请日:2000-05-18
申请人: Eiichi Takahashi , Ken Yokoyama , Naohiro Tamura
发明人: Eiichi Takahashi , Ken Yokoyama , Naohiro Tamura
IPC分类号: G06F17/50 , G06F7/62 , G06F15/173
CPC分类号: H04L41/147 , G06F17/5009 , G06F2217/04 , H04L41/0853 , H04L41/145
摘要: Upon receipt of an end point list, a model setting unit requests the measurement/information collection unit to search a path. The model setting unit receives a path appliance list from the measurement/information collection unit, and generates the configuration of a simulation model of a network. The model setting unit selects an appropriate model for each component of the configuration of the simulation model. Then, the model setting unit sets the parameter value of the model based on the measurement result and the collected information received from the measurement/information collection unit, and automatically generates the simulation model of the network.
摘要翻译: 在接收到终点列表时,模型设置单元请求测量/信息收集单元搜索路径。 模型设置单元从测量/信息收集单元接收路径装置列表,并且生成网络的仿真模型的配置。 模型设置单元为仿真模型配置的每个组件选择适当的模型。 然后,模型设定单元基于测量结果和从测量/信息收集单元接收的收集信息来设定模型的参数值,并自动生成网络的仿真模型。
-
公开(公告)号:US07457965B2
公开(公告)日:2008-11-25
申请号:US10898749
申请日:2004-07-26
申请人: Naohiro Tamura , Takuya Habu , Mayuko Morita , Osamu Koyano
发明人: Naohiro Tamura , Takuya Habu , Mayuko Morita , Osamu Koyano
IPC分类号: G06F9/00
CPC分类号: H04L63/1408 , H04L63/0236 , H04L63/0263 , H04L63/1458 , H04L63/1466
摘要: This invention is to minimize influence to other network by preventing unauthorized accesses such as DDoS attacks and probing by worms. When the blocking apparatuses 10a and 10b detect outbound packets by the DDoS attacks or by the probing by the worm, they carry out the Egress filtering for such outbound packets to prevent the packets relating to the unauthorized access from being sent to the backbone network 1000. Moreover, because a notice to the effect that the unauthorized access is detected is sent to other blocking apparatuses 10c and 10d via the management apparatus 16, for example, the blocking apparatuses 10c and 10d precautionarily carry out the Ingress filtering to prevent the packets relating to the unauthorized access from being sent to the network C and D.
摘要翻译: 本发明通过防止诸如DDoS攻击和蠕虫探测等未经授权的访问来最小化对其他网络的影响。 当阻塞装置10a和10b通过DDoS攻击或蠕虫探测来检测出站分组时,它们对出站分组进行出口过滤,以防止与未经授权的访问相关的分组被发送到骨干网 1000。 此外,由于例如通过管理装置16向其他阻止装置10c和10d发送了将未经授权的访问检测到的通知,所以阻止装置10c和10d预防性地执行入侵过滤以防止 与未经授权的访问有关的数据包发送到网络C和D.
-
5.发明申请Method, apparatus, and program for configuring networks with consistent route and bandwidth settings 有权用于配置具有一致的路由和带宽设置的网络的方法,设备和程序公开(公告)号:US20070189152A1
公开(公告)日:2007-08-16
申请号:US11482473
申请日:2006-07-07
申请人: Naohiro Tamura , Junichi Sakuma
发明人: Naohiro Tamura , Junichi Sakuma
CPC分类号: H04L43/0882 , H04L41/0873 , H04L45/24
摘要: An apparatus and method for verifying route and bandwidth settings of multiple services provided over networks. The apparatus has an extractor and a verifier. Based on input data describing services each having primary and secondary routes between specific locations, an available bandwidth of each network, and a guaranteed bandwidth of each service, the extractor selects a first network to be verified and extracts first services that use the first network as their respective primary routes. The extractor then selects at least one second network from among the networks that the first services specify as their respective secondary routes. The extractor extracts second services that use the second network as their primary routes and specify the first network as their secondary routes. The verifier sums up guaranteed bandwidths that the first and second services should provide, and determines whether the sum is smaller than an available bandwidth of the first network.
摘要翻译: 一种用于验证通过网络提供的多个服务的路由和带宽设置的装置和方法。 该装置具有提取器和验证器。 基于描述服务的输入数据,每个具有特定位置之间的主要和次要路由,每个网络的可用带宽和每个服务的保证带宽的服务,提取器选择要被验证的第一网络,并且将使用第一网络的第一服务提取为 各自的主要路线。 然后,提取器从第一服务指定的网络中选择至少一个第二网络作为它们各自的辅助路由。 提取器提取使用第二个网络的第二个服务作为其主要路由,并指定第一个网络作为其次要路由。 验证者总结了第一和第二服务应提供的保证带宽,并确定和是否小于第一网络的可用带宽。
-
6.发明授权Method, apparatus, and program for configuring networks with consistent route and bandwidth settings 有权用于配置具有一致的路由和带宽设置的网络的方法,设备和程序公开(公告)号:US08243621B2
公开(公告)日:2012-08-14
申请号:US11482473
申请日:2006-07-07
申请人: Naohiro Tamura , Junichi Sakuma
发明人: Naohiro Tamura , Junichi Sakuma
IPC分类号: H04L12/28
CPC分类号: H04L43/0882 , H04L41/0873 , H04L45/24
摘要: An apparatus and method for verifying route and bandwidth settings of multiple services provided over networks. The apparatus has an extractor and a verifier. Based on input data describing services each having primary and secondary routes between specific locations, an available bandwidth of each network, and a guaranteed bandwidth of each service, the extractor selects a first network to be verified and extracts first services that use the first network as their respective primary routes. The extractor then selects at least one second network from among the networks that the first services specify as their respective secondary routes. The extractor extracts second services that use the second network as their primary routes and specify the first network as their secondary routes. The verifier sums up guaranteed bandwidths that the first and second services should provide, and determines whether the sum is smaller than an available bandwidth of the first network.
摘要翻译: 一种用于验证通过网络提供的多个服务的路由和带宽设置的装置和方法。 该装置具有提取器和验证器。 基于描述服务的输入数据,每个具有特定位置之间的主要和次要路由,每个网络的可用带宽和每个服务的保证带宽的服务,提取器选择要被验证的第一网络,并且将使用第一网络的第一服务提取为 各自的主要路线。 然后,提取器从第一服务指定的网络中选择至少一个第二网络作为它们各自的辅助路由。 提取器提取使用第二个网络的第二个服务作为其主要路由,并指定第一个网络作为其次要路由。 验证者总结了第一和第二服务应提供的保证带宽,并确定和是否小于第一网络的可用带宽。
-
公开(公告)号:US07184945B1
公开(公告)日:2007-02-27
申请号:US09671120
申请日:2000-09-28
申请人: Eiichi Takahashi , Ken Yokoyama , Naohiro Tamura
发明人: Eiichi Takahashi , Ken Yokoyama , Naohiro Tamura
CPC分类号: G06F9/5083 , H04L67/1002 , H04L67/1008 , H04L67/1012 , H04L67/1017 , H04L67/1019 , H04L67/1029
摘要: A service distribution device and method for balancing load distribution among servers without placing the servers in a high load or overloaded state. Models of the servers and services are generated from the record of monitored packets. Simulations are performed to predict the server load, and based on the results of the predictions, settings are determined to distribute the services among the servers so that load is balanced.
摘要翻译: 一种用于在不使服务器处于高负载或过载状态的情况下平衡服务器之间的负载分配的服务分发设备和方法。 服务器和服务的模型是从监控数据包的记录生成的。 执行模拟以预测服务器负载,并且基于预测的结果,确定设置以在服务器之间分布服务以使负载平衡。
-
公开(公告)号:US20050198519A1
公开(公告)日:2005-09-08
申请号:US10898749
申请日:2004-07-26
申请人: Naohiro Tamura , Takuya Habu , Mayuko Morita , Osamu Koyano
发明人: Naohiro Tamura , Takuya Habu , Mayuko Morita , Osamu Koyano
CPC分类号: H04L63/1408 , H04L63/0236 , H04L63/0263 , H04L63/1458 , H04L63/1466
摘要: This invention is to minimize influence to other network by preventing unauthorized accesses such as DDoS attacks and probing by worms. When the blocking apparatuses 10a and 10b detect outbound packets by the DDoS attacks or by the probing by the worm, they carry out the Egress filtering for such outbound packets to prevent the packets relating to the unauthorized access from being sent to the backbone network 1000. Moreover, because a notice to the effect that the unauthorized access is detected is sent to other blocking apparatuses 10c and 10d via the management apparatus 16, for example, the blocking apparatuses 10c and 10d precautionarily carry out the Ingress filtering to prevent the packets relating to the unauthorized access from being sent to the network C and D.
摘要翻译: 本发明通过防止诸如DDoS攻击和蠕虫探测等未经授权的访问来最小化对其他网络的影响。 当阻塞装置10a和10b通过DDoS攻击或蠕虫探测来检测出站分组时,它们对出站分组进行出口过滤,以防止与未经授权的访问相关的分组被发送到骨干网 1000。 此外,由于例如通过管理装置16向其他阻止装置10c和10d发送了将未经授权的访问检测到的通知,所以阻止装置10c和10d预防性地执行入侵过滤以防止 与未经授权的访问有关的数据包发送到网络C和D.
-
公开(公告)号:US08788636B2
公开(公告)日:2014-07-22
申请号:US12408891
申请日:2009-03-23
申请人: Naohiro Tamura , Sawao Iwatani , Kaoru Miyamoto
发明人: Naohiro Tamura , Sawao Iwatani , Kaoru Miyamoto
IPC分类号: G06F15/177 , G06F11/00 , G06F9/44
CPC分类号: G06F9/4416
摘要: A managed server (srv-10) is powered on by a power controlling unit. The managed server executes a POST process, and transfers a PXE request to a boot controlling unit. The boot controlling unit transfers an HBA vendor determining program. In the managed server, the WWN is set by an HBA vendor-dedicated program corresponding to an HBA vendor, and when a PCI initialization code can not be loaded, the POST process is re-started, and the PXE request is transferred again. The boot controlling unit transfers an NOP program, and the managed server starts an OS with a SAN boot.
摘要翻译: 受控服务器(srv-10)由电源控制单元通电。 受管服务器执行POST进程,并将PXE请求传输到引导控制单元。 引导控制单元传送HBA供应商确定程序。 在受管服务器中,WWN由与HBA供应商相对应的HBA供应商专用程序设置,当PCI初始化代码无法加载时,POST进程重新启动,PXE请求再次传输。 引导控制单元传送NOP程序,被管理服务器启动具有SAN引导的OS。
-
公开(公告)号:US20090282142A1
公开(公告)日:2009-11-12
申请号:US12408891
申请日:2009-03-23
申请人: Naohiro Tamura , Sawao Iwatani , Kaoru Miyamoto
发明人: Naohiro Tamura , Sawao Iwatani , Kaoru Miyamoto
IPC分类号: G06F15/16 , G06F15/177
CPC分类号: G06F9/4416
摘要: A managed server (srv-10) is powered on by a power controlling unit. The managed server executes a POST process, and transfers a PXE request to a boot controlling unit. The boot controlling unit transfers an HBA vendor determining program. In the managed server, the WWN is set by an HBA vendor-dedicated program corresponding to an HBA vendor, and when a PCI initialization code can not be loaded, the POST process is re-started, and the PXE request is transferred again. The boot controlling unit transfers an NOP program, and the managed server starts an OS with a SAN boot.
摘要翻译: 受控服务器(srv-10)由电源控制单元通电。 受管服务器执行POST进程,并将PXE请求传输到引导控制单元。 引导控制单元传送HBA供应商确定程序。 在受管服务器中,WWN由与HBA供应商相对应的HBA供应商专用程序设置,当PCI初始化代码无法加载时,POST进程重新启动,PXE请求再次传输。 引导控制单元传送NOP程序,被管理服务器启动具有SAN引导的OS。
-
-
-
-
-
-
-
-
-
搜索结果
11 条记录 (耗时 0.016 秒)
