摘要:
All of the transit services that each device is expected to provide are determined and contrasted with the transit configuration of each device. Because the transit configuration of each device may be state-dependent, the service items within each application service are processed in sequential order. Sequences of service items are associated with connection groups, and each of the routes associated with each connection group is determined based on the sequential order of the service items. The configuration of each device along each route is processed to determine the services that will be permitted or denied, based on its current configuration. Each desired transit service item is compared to the transit configuration provided by each device to identify any inconsistencies and/or violations
摘要:
A security policy database identifies the intended security policies within a network, a traffic generator provides test traffic that is configured to test each defined security policy, and a simulator simulates the propagation of this traffic on a model of the network. The model of the network includes the configuration data associated with each device, and thus, if devices are properly configured to enforce the intended security policies, the success/failure of the simulated test traffic will conform to the intended permit/deny policy of each connection. Differences between the simulated message propagation and the intended security policies are reported to the user, and diagnostic tools are provided to facilitate identification of the device configuration data that accounts for the observed difference. Additionally, if a network's current security policy is unknown, test traffic is generated to reveal the actual policy in effect, to construct a baseline intended security policy.
摘要:
A contextual and semantic analysis of network entities facilitates a mapping and comparison of the entities between network models. The system includes a plurality of refine handler and match handler pairs that use rules that are specific to the type of network entities being analyzed. The refine handler analyzes the network model to identify the entities for which its rules apply, and the match handler processes these identified entities to establish a pairing between corresponding entities in each model. A sequence of refine-match processes are applied to the network models, typically in accordance with a hierarchy of rules until each entity is identified as a matched, added, or removed entity. A difference handler processes the identified pairings to provide a difference analysis that facilitates a meaningful interpretation of the configuration changes, and a user interface provides an interactive environment to view the differences from different perspectives.
摘要:
The present invention provides a gallium-containing composition for coating/impregnating a device or device surface to prevent biofilm growth formation. The present invention also provides a method of preventing or inhibiting biofilm growth formation. The present invention also provides methods for killing established biofilms.
摘要:
The invention presented herein provides methods and compositions for the prevention and treatment of bacterial infections. The methods are based on the discovery that depletion of bioavailable iron stimulates surface motility in bacteria thus inhibiting the ability of a bacterial population to develop into a biofilm.
摘要:
A network analysis system invokes an application specific, or source-destination specific, path discovery process. The application specific path discovery process determines the path(s) used by the application, collects performance data from the nodes along the path, and communicates this performance data to the network analysis system for subsequent performance analysis. The system may also maintain a database of prior network configurations to facilitate the identification of nodes that are off the path that may affect the current performance of the application. The system may also be specifically controlled so as to identify the path between any pair of specified nodes, and to optionally collect performance data associated with the path.
摘要:
Channel access delays and reception uncertainty are modeled as protocol-independent generic processes that are optimized for improved simulation performance. The generic process components are designed such that each different protocol can be modeled using an arrangement of these components that is specific to the protocol. In this way, speed and/or accuracy improvements to the generic process components are reflected in each of such protocol models. If an accurate analytic model is not available for the generic process component, a prediction engine, such as a neural network, is preferably used. The prediction engine is trained using the existing detailed models of network devices. Once trained, the prediction engine is used to model the generic process, and the protocol model that includes the generic component is used in lieu of the detailed models, thereby saving substantial processing time.
摘要:
Traffic flows through an administered network from an off-network source and/or to an off-network destination are simulated and analyzed by selecting an ingress and/or egress node within the administered network, the ingress node capable of collecting traffic from an off-network source, and the egress node capable of routing traffic to an off-network destination. Traffic flow is mapped from the source or ingress node through the administered network to the egress node. The traffic flow may be simulated and analyzed. The ingress and/or egress nodes may be selected in a variety of ways.
摘要:
Channel access delays and reception uncertainty are modeled as protocol-independent generic processes that are optimized for improved simulation performance. The generic process components are designed such that each different protocol can be modeled using an arrangement of these components that is specific to the protocol. In this way, speed and/or accuracy improvements to the generic process components are reflected in each of such protocol models. If an accurate analytic model is not available for the generic process component, a prediction engine, such as a neural network, is preferably used. The prediction engine is trained using the existing detailed models of network devices. Once trained, the prediction engine is used to model the generic process, and the protocol model that includes the generic component is used in lieu of the detailed models, thereby saving substantial processing time.
摘要:
Devices and methods for modeling and analysis of services provided over a common network include a processor configured to track services connected to the common network through nodes and links; run service models associated with the services under selected conditions, the selected conditions including failure and repair of one of the nodes or links; and propose corrective action and/or change of network resources of the common network to minimize impact of the failure. The processor may also run Network model(s). The models may be executed successively or simultaneously, and outputs of one model may be used as input to other models, including any necessary conversions for compatibility.