公开(公告)号：US20060085548A1

公开(公告)日：2006-04-20

申请号：US10967470

申请日：2004-10-18

申请人： Robert Maher ,  Aswinkumar Rana ,  Milton Lie ,  James Deerman

发明人： Robert Maher ,  Aswinkumar Rana ,  Milton Lie ,  James Deerman

IPC分类号： G06F15/16

CPC分类号： H04L63/029 ,  H04L29/06027 ,  H04L65/1006

摘要： An apparatus and method for traversing a network address translation/firewall device to maintain a registration between first and second devices separated by the firewall device are provided. In one example, the method includes intercepting a registration message from the first device to the second device. A determination is made based on a first timeout period defined by the second device as to whether it is time to renew the first device's registration. If it is time to renew the first device's registration, the registration message is forwarded to the second device. A response message that includes the first timeout period is intercepted, and the first timeout period is replaced with a second timeout period based on a binding lifetime of the firewall device before forwarding the response message to the first device.

摘要翻译： 提供了一种用于遍历网络地址转换/防火墙设备以维护由防火墙设备分离的第一和第二设备之间的注册的装置和方法。 在一个示例中，该方法包括从第一设备截取注册消息到第二设备。 基于由第二设备定义的关于是否需要续订第一设备的注册的第一超时时段进行确定。 如果是更新第一个设备的注册的时间，则注册消息被转发到第二个设备。 拦截包含第一超时期间的响应消息，并且在将响应消息转发给第一设备之前，基于防火墙设备的绑定寿命，第一超时时段被替换为第二超时时段。

公开(公告)号：US20060013211A1

公开(公告)日：2006-01-19

申请号：US10890888

申请日：2004-07-14

申请人： James Deerman ,  Milton Lie ,  Aswinkumar Rana ,  Robert Maher

发明人： James Deerman ,  Milton Lie ,  Aswinkumar Rana ,  Robert Maher

IPC分类号： H04L12/56

CPC分类号： H04L61/2514 ,  H04L29/12009 ,  H04L29/12367

摘要： A method and system are described for resolving problems created by implementing multiple networks using private IP addresses and layer two tunneling protocols is described. A network processing system is operable to map flows from private IP addresses and ports on layer two tunneling protocol networks to public IP addresses and ports using the private IP addresses and ports and identifiers for the layer two tunneling protocol network. The network processing system uses its own public IP addresses and ports to anchor the traffic from the private network and performs the required mapping to pass traffic between the public and private networks.

摘要翻译： 描述了解决通过使用专用IP地址实现多个网络而创建的问题的方法和系统，并且描述了第二层隧道协议。 网络处理系统可操作以使用专用IP地址和第二层隧道协议网络的标识符将来自第二层隧道协议网络上的私有IP地址和端口的流映射到公共IP地址和端口。 网络处理系统使用其自己的公共IP地址和端口来锚定来自专用网络的流量，并执行所需的映射以在公共和专用网络之间传递流量。

公开(公告)号：US20050050171A1

公开(公告)日：2005-03-03

申请号：US10652265

申请日：2003-08-29

申请人： James Deerman ,  Ramanamurthy Dantu ,  Aswinkumar Rana ,  Keung Yue

发明人： James Deerman ,  Ramanamurthy Dantu ,  Aswinkumar Rana ,  Keung Yue

IPC分类号： G06F11/20 ,  H04L12/24 ,  H04L29/08 ,  H04L29/14 ,  G06F15/16

CPC分类号： G06F11/2048 ,  G06F11/2007 ,  G06F11/2023 ,  G06F11/2038 ,  G06F11/2097 ,  H04L41/0668 ,  H04L41/5003 ,  H04L43/0811 ,  H04L67/14 ,  H04L69/40

摘要： A redundancy architecture is described for network processing systems which allows the network to recover from failure of a network processing system without interruption in service. The redundancy architecture allows network processing systems that use state information to associate network traffic into discrete flows, to provide system level redundancy to prevent service outages, or loss of network traffic resulting from a failure in any single network processing system. The redundancy architecture includes an out-of-band network link between the redundant network processing systems. The out-of-band network link allows the network processing systems to exchange state and other data as necessary. By maintaining the state data not only for the network traffic being processed by the network processing system, but also the state data for the network traffic being processed by its mate network processing system, either network processing system can assume the network traffic of its redundant mate in the event of a failure.

摘要翻译： 描述了用于网络处理系统的冗余架构，其允许网络从网络处理系统的故障中恢复而不会中断服务。 冗余架构允许使用状态信息的网络处理系统将网络流量与离散流相关联，以提供系统级冗余以防止服务中断或由任何单个网络处理系统中的故障导致的网络流量的丢失。 冗余架构包括冗余网络处理系统之间的带外网络链路。 带外网络链路允许网络处理系统根据需要交换状态和其他数据。 通过不仅为网络处理系统正在处理的网络流量而维护状态数据，而且还通过其配对网络处理系统处理的网络流量的状态数据，网络处理系统可以承担其冗余配对的网络流量 如果发生故障。

公开(公告)号：US20140157405A1

公开(公告)日：2014-06-05

申请号：US13693226

申请日：2012-12-04

申请人： Bill Joll ,  Keith Rhodes ,  James Deerman

发明人： Bill Joll ,  Keith Rhodes ,  James Deerman

IPC分类号： H04L29/06

CPC分类号： H04L63/1425

摘要： A scalable cyber-security system, method and architecture for the identification of malware and malicious behavior in a computer network. Host flow, host port usage, host information and network data at the application, transport and network layers are aggregated from within the network and correlated to identify a network behavior such as the presence of malicious code.

摘要翻译： 可扩展的网络安全系统，方法和架构，用于识别计算机网络中的恶意软件和恶意行为。 主机流量，主机端口使用情况，应用，传输和网络层的主机信息和网络数据从网络中进行聚合，并进行相关联，以识别网络行为，如恶意代码的存在。

公开(公告)号：US20060168266A1

公开(公告)日：2006-07-27

申请号：US10989878

申请日：2004-11-20

申请人： Leland Phillips ,  Sachin Vengurlekar ,  James Deerman ,  Miguel Garcia

发明人： Leland Phillips ,  Sachin Vengurlekar ,  James Deerman ,  Miguel Garcia

IPC分类号： G06F15/16

CPC分类号： H04L65/1043 ,  H04L29/06027 ,  H04L65/1006 ,  H04L69/08

摘要： An apparatus and method are described that provide signaling mediation between different protocols, or different implementations of the same protocol, at network boundaries for voice over Internet Protocol telephony. The signaling mediation device translates control messages from one protocol, or implementation of a protocol, into another protocol, or implementation of a protocol based on the type of networks to which the signaling mediation device is connected. The signaling mediation device also includes profiles for the networks to which it is connected based on the type of equipment in those networks. The profiles provide additional mapping and translation based on implementation specific characteristics of the network equipment connected to the signaling mediation device.

摘要翻译： 描述了在互联网协议电话语音的网络边界处提供不同协议或相同协议的不同实现之间的信令中介的装置和方法。 信令中介设备将来自一个协议的控制消息或协议的实现转换为另一个协议，或者基于信令中介设备连接的网络类型来实现协议。 信令中介设备还包括基于这些网络中的设备类型而连接到其的网络的简档。 该简档基于连接到信令中介设备的网络设备的实现特定特征提供额外的映射和转换。