-
1.发明授权公开(公告)号:US09230213B2
公开(公告)日:2016-01-05
申请号:US13836545
申请日:2013-03-15
发明人: Michael Rash , Patrick Bosa , Richard Graham
CPC分类号: G06N5/02 , H04L43/026 , H04L43/04 , H04L63/1416 , H04L63/1425 , H04L63/20
摘要: A function is provided for effectively identifying computer applications running on a network. The function receives information related to frames of packets moving through the network. The information is compared to known information about computer applications. The known information is obtained from a plurality of mechanisms, including the option of obtaining it through custom mechanisms. The comparison information is scored for each of the plurality of mechanisms and those scores are combined to establish a single score indicative of the likely computer application associated with the received frames. One or more mathematical operations can be used to combine the scores. The mechanisms may be weighted for likely accuracy and the score that is established may include with it an indication of the level of confidence in that score. One or more of the plurality of mechanisms may be used to weight others of the types of mechanisms.
摘要翻译: 提供了有效识别在网络上运行的计算机应用程序的功能。 该功能接收与通过网络移动的数据包相关的信息。 将信息与有关计算机应用程序的已知信息进行比较。 从多种机制获得已知的信息,包括通过定制机制获得已知信息的选项。 对于多个机构中的每个机构对比较信息进行评分,并且将这些分数组合以建立指示与所接收的帧相关联的可能的计算机应用的单个分数。 可以使用一个或多个数学运算来组合分数。 可能对可能的准确性加权机制,并且确定的分数可以包括其中该得分的置信水平的指示。 可以使用多个机构中的一个或多个来加权机构类型中的其他机构。
-
公开(公告)号:US20140280829A1
公开(公告)日:2014-09-18
申请号:US13835815
申请日:2013-03-15
发明人: David Kjendal , Markus Nispel , Ernie Eaton , Richard Graham , Jeffrey Haskell
IPC分类号: H04L12/24
CPC分类号: H04L67/1095 , H04L41/0213 , H04L43/028 , H04L43/12
摘要: A function is provided in a network system for the dynamic mirroring of network traffic for a variety of purposes including the identification of characteristics of the traffic. Multiple criteria are established for when, what and where to mirror the traffic. The criteria include what frames of traffic to mirror, what portions of the selected frames to mirror, one or more portals through which to mirror the selected frames, a destination for the mirroring and the establishment of a mirror in a device to carry out the mirroring. The criteria may also include when to stop the mirroring. The mirroring instructions can be changed based on the detection of a triggering event, such as authentication, device type or status, ownership of an attached function attached to the device, flow status, but not limited to that. The function may be established in one or more devices of the network.
摘要翻译: 在网络系统中提供用于各种目的的动态镜像网络业务的功能,包括识别业务的特征。 为何时,何地和何地反映流量建立多个标准。 标准包括要镜像的流量的镜像类型,要镜像的所选帧的哪些部分,用于镜像所选帧的一个或多个门户,用于镜像的目的地和在设备中建立镜像以执行镜像 。 标准还可能包括什么时候停止镜像。 可以基于触发事件的检测(例如认证,设备类型或状态,附加到设备的附加功能的所有权,流量状态,但不限于此)来更改镜像指令。 该功能可以在网络的一个或多个设备中建立。
-
3.发明申请DEVICE AND RELATED METHOD FOR ESTABLISHING NETWORK POLICY BASED ON APPLICATIONS 有权基于应用建立网络政策的设备及相关方法公开(公告)号:US20140282823A1
公开(公告)日:2014-09-18
申请号:US13836048
申请日:2013-03-15
发明人: Michael Rash , Markus Nispel , Jamie Woodhead , Richard Graham
IPC分类号: H04L29/06
CPC分类号: H04L63/20
摘要: A function is provided in a network system for adjusting network policies associated with the operation of network infrastructure devices of the network system. Network policies are established on network devices including packet forwarding devices. The network has a capability to identify computer applications associated with traffic running on the network. A network policy controller of the network is arranged to change one or more policies of one or more network devices based on computer application information acquired. The policies changed may be network policies as well as mirroring policies. An example policy to change is direct a network device to mirror traffic to an application identification appliance for the purpose of identifying applications running on the network through a plurality of mechanisms. The function may be provided in one or more devices of the network.
摘要翻译: 在网络系统中提供用于调整与网络系统的网络基础设施设备的操作相关联的网络策略的功能。 在包括分组转发设备的网络设备上建立网络策略。 该网络具有识别与在网络上运行的流量相关联的计算机应用的能力。 网络的网络策略控制器被设置为基于获取的计算机应用信息来改变一个或多个网络设备的一个或多个策略。 更改的策略可能是网络策略以及镜像策略。 要更改的示例策略是指示网络设备将流量镜像到应用程序标识设备,以通过多个机制来识别在网络上运行的应用程序。 该功能可以在网络的一个或多个设备中提供。
-
4.发明申请SYSTEM AND RELATED METHOD FOR NETWORK MONITORING AND CONTROL BASED ON APPLICATIONS 有权基于应用的网络监控与控制系统及相关方法公开(公告)号:US20140280889A1
公开(公告)日:2014-09-18
申请号:US13836371
申请日:2013-03-15
发明人: Markus Nispel , David Kjendal , Michael Rash , Richard Graham
IPC分类号: H04L12/26
CPC分类号: H04L63/20 , H04L41/0893 , H04L43/026 , H04L43/04 , H04L63/0245 , H04L63/029 , H04L63/1416 , H04L63/1425
摘要: A network architecture system that expands the control network administrators have on existing networks. The system provides application identification and usage data by user, by device and network location. Dynamic traffic mirroring of the system allows for the efficient use of a tool to identify computer applications running on the network. The system includes the ability to embed the tool where needed rather than pervasively based on the use of the dynamic mirroring to bring the packets to the tool. The architecture implemented functions allow the ability to start small with a single application identification tool added to a network management server, examine flows from throughout the network (via mirroring) and upgrade policy control based on real application identification data and usage, then grow to pervasive deployment where virtually all new flows could be identified and controlled via policy. This architecture enables substantially complete application visibility and control.
摘要翻译: 扩展控制网络管理员的网络架构系统在现有网络上。 系统按用户,设备和网络位置提供应用程序识别和使用数据。 系统的动态流量镜像允许有效使用工具来识别在网络上运行的计算机应用程序。 该系统包括基于使用动态镜像将数据包带到工具而在需要而不是普遍嵌入工具的能力。 架构实现的功能允许通过添加到网络管理服务器的单个应用程序标识工具启动小型功能,检查来自整个网络(通过镜像)的流量,并根据实际应用程序标识数据和使用情况升级策略控制,然后增长到普及 通过政策可以识别和控制几乎所有新流量的部署。 这种架构可以实现基本上完整的应用程序的可见性和控制。
-
公开(公告)号:US20140280887A1
公开(公告)日:2014-09-18
申请号:US13835679
申请日:2013-03-15
发明人: David Kjendal , Markus Nispel , Richard Graham
IPC分类号: H04L12/26
CPC分类号: H04L43/12 , H04L29/0854
摘要: A function is provided in a network system for policy-based dynamic mirroring for network traffic. The function monitors events, topology and status of the network and installs, enables, selects or changes traffic mirrors associated with the operation of one or more devices of the network. The mirror policies are established based on network polices and/or rules. The mirror policies and the enablement, installation, selection or changing of them are based on multiple criteria. The function provides for the selection of traffic to mirror, how much of it to mirror, where to mirror it and when to stop the mirroring. The function may be established in network entry devices as well as core switching devices of the network. The function can select portals for the mirroring activity and can secure the mirroring.
摘要翻译: 在网络系统中提供了一种功能,用于网络流量的基于策略的动态镜像。 该功能监视网络的事件,拓扑和状态,并安装,启用,选择或更改与网络的一个或多个设备的操作相关联的流量镜像。 镜像策略是基于网络策略和/或规则建立的。 镜像策略及其启用,安装,选择或更改均基于多个标准。 该功能用于选择要镜像的流量,镜像多少,镜像位置以及何时停止镜像。 该功能可以在网络入口设备以及网络的核心交换设备中建立。 该功能可以选择镜像活动的门户,并可以保护镜像。
-
公开(公告)号:US20140280211A1
公开(公告)日:2014-09-18
申请号:US13836195
申请日:2013-03-15
发明人: Michael Rash , Patrick Bosa , Richard Graham
IPC分类号: G06F17/30
CPC分类号: G06F17/30386 , G06F17/2785 , G06F17/30861
摘要: A function is provided for identifying computer applications running on a network. Information obtained from frames having content associated with computer applications is examined and compared to information stored on the network. The stored information is obtained from a plurality of mechanisms including computer application signatures. An application identification engine of the function compares examined content with the known application information and determines an indication of the likely computer application associated with the examined frames. The determination output may include a level of confidence in the accuracy of the determination. The function includes an application programming interface to allow the introduction into the engine of custom mechanisms for application identification. The different mechanisms may be weighted. The function may be provided in one or more devices of the network including a standalone appliance.
摘要翻译: 提供了一种用于识别在网络上运行的计算机应用程序的功能。 从具有与计算机应用相关联的内容的帧获得的信息被检查并与存储在网络上的信息进行比较。 所存储的信息从包括计算机应用签名的多种机制获得。 该功能的应用识别引擎将检查的内容与已知的应用信息进行比较,并确定与所检查的帧相关联的可能的计算机应用的指示。 确定输出可以包括对确定的准确性的置信度。 该功能包括一个应用程序编程界面,允许引入定制机制引擎以进行应用程序识别。 不同的机制可能被加权。 该功能可以在网络的一个或多个设备中提供,包括独立设备。
-
公开(公告)号:US09256636B2
公开(公告)日:2016-02-09
申请号:US13836195
申请日:2013-03-15
发明人: Michael Rash , Patrick Bosa , Richard Graham
IPC分类号: G06F17/30
CPC分类号: G06F17/30386 , G06F17/2785 , G06F17/30861
摘要: A function is provided for identifying computer applications running on a network. Information obtained from frames having content associated with computer applications is examined and compared to information stored on the network. The stored information is obtained from a plurality of mechanisms including computer application signatures. An application identification engine of the function compares examined content with the known application information and determines an indication of the likely computer application associated with the examined frames. The determination output may include a level of confidence in the accuracy of the determination. The function includes an application programming interface to allow the introduction into the engine of custom mechanisms for application identification. The different mechanisms may be weighted. The function may be provided in one or more devices of the network including a standalone appliance.
摘要翻译: 提供了一种用于识别在网络上运行的计算机应用程序的功能。 从具有与计算机应用相关联的内容的帧获得的信息被检查并与存储在网络上的信息进行比较。 所存储的信息从包括计算机应用签名的多种机制获得。 该功能的应用识别引擎将检查的内容与已知的应用信息进行比较,并确定与所检查的帧相关联的可能的计算机应用的指示。 确定输出可以包括对确定的准确性的置信度。 该功能包括一个应用程序编程界面,允许引入定制机制引擎以进行应用程序识别。 不同的机制可能被加权。 该功能可以在网络的一个或多个设备中提供,包括独立设备。
-
公开(公告)号:US09172627B2
公开(公告)日:2015-10-27
申请号:US13835815
申请日:2013-03-15
发明人: David Kjendal , Markus Nispel , Ernie Eaton , Richard Graham , Jeffrey Haskell
CPC分类号: H04L67/1095 , H04L41/0213 , H04L43/028 , H04L43/12
摘要: A function is provided in a network system for the dynamic mirroring of network traffic for a variety of purposes including the identification of characteristics of the traffic. Multiple criteria are established for when, what and where to mirror the traffic. The criteria include what frames of traffic to mirror, what portions of the selected frames to mirror, one or more portals through which to mirror the selected frames, a destination for the mirroring and the establishment of a mirror in a device to carry out the mirroring. The criteria may also include when to stop the mirroring. The mirroring instructions can be changed based on the detection of a triggering event, such as authentication, device type or status, ownership of an attached function attached to the device, flow status, but not limited to that. The function may be established in one or more devices of the network.
摘要翻译: 在网络系统中提供用于各种目的的动态镜像网络业务的功能,包括识别业务的特征。 为何时,何地和何地反映流量建立多个标准。 标准包括要镜像的流量的镜像类型,要镜像的所选帧的哪些部分,用于镜像所选帧的一个或多个门户,用于镜像的目的地和在设备中建立镜像以执行镜像 。 标准还可能包括什么时候停止镜像。 可以基于触发事件的检测(例如认证,设备类型或状态,附加到设备的附加功能的所有权,流量状态,但不限于此)来更改镜像指令。 该功能可以在网络的一个或多个设备中建立。
-
9.发明授权公开(公告)号:US09130826B2
公开(公告)日:2015-09-08
申请号:US13836371
申请日:2013-03-15
发明人: Markus Nispel , David Kjendal , Michael Rash , Richard Graham
CPC分类号: H04L63/20 , H04L41/0893 , H04L43/026 , H04L43/04 , H04L63/0245 , H04L63/029 , H04L63/1416 , H04L63/1425
摘要: A network architecture system that expands the control network administrators have on existing networks. The system provides application identification and usage data by user, by device and network location. Dynamic traffic mirroring of the system allows for the efficient use of a tool to identify computer applications running on the network. The system includes the ability to embed the tool where needed rather than pervasively based on the use of the dynamic mirroring to bring the packets to the tool. The architecture implemented functions allow the ability to start small with a single application identification tool added to a network management server, examine flows from throughout the network (via mirroring) and upgrade policy control based on real application identification data and usage, then grow to pervasive deployment where virtually all new flows could be identified and controlled via policy. This architecture enables substantially complete application visibility and control.
摘要翻译: 扩展控制网络管理员的网络架构系统在现有网络上。 系统按用户,设备和网络位置提供应用程序识别和使用数据。 系统的动态流量镜像允许有效使用工具来识别在网络上运行的计算机应用程序。 该系统包括基于使用动态镜像将数据包带到工具而在需要而不是普遍嵌入工具的能力。 架构实现的功能允许通过添加到网络管理服务器的单个应用程序标识工具启动小型功能,检查来自整个网络(通过镜像)的流量,并根据实际应用程序标识数据和使用情况升级策略控制,然后增长到普及 通过政策可以识别和控制几乎所有新流量的部署。 这种架构可以实现基本上完整的应用程序的可见性和控制。
-
10.发明申请公开(公告)号:US20140279768A1
公开(公告)日:2014-09-18
申请号:US13836545
申请日:2013-03-15
发明人: Michael Rash , Patrick Bosa , Richard Graham
IPC分类号: G06N5/02
CPC分类号: G06N5/02 , H04L43/026 , H04L43/04 , H04L63/1416 , H04L63/1425 , H04L63/20
摘要: A function is provided for effectively identifying computer applications running on a network. The function receives information related to frames of packets moving through the network. The information is compared to known information about computer applications. The known information is obtained from a plurality of mechanisms, including the option of obtaining it through custom mechanisms. The comparison information is scored for each of the plurality of mechanisms and those scores are combined to establish a single score indicative of the likely computer application associated with the received frames. One or more mathematical operations can be used to combine the scores. The mechanisms may be weighted for likely accuracy and the score that is established may include with it an indication of the level of confidence in that score. One or more of the plurality of mechanisms may be used to weight others of the types of mechanisms.
摘要翻译: 提供了有效识别在网络上运行的计算机应用程序的功能。 该功能接收与通过网络移动的数据包相关的信息。 将信息与有关计算机应用程序的已知信息进行比较。 从多种机制获得已知的信息,包括通过定制机制获得已知信息的选项。 对于多个机构中的每个机构对比较信息进行评分,并且将这些分数组合以建立指示与所接收的帧相关联的可能的计算机应用的单个分数。 可以使用一个或多个数学运算来组合分数。 可能对可能的准确性加权机制,并且确定的分数可以包括其中该得分的置信水平的指示。 可以使用多个机构中的一个或多个来加权机构类型中的其他机构。
-
-
-
-
-
-
-
-
-
搜索结果
10 条记录 (耗时 0.026 秒)
