公开(公告)号：US20230031654A1

公开(公告)日：2023-02-02

申请号：US17390860

申请日：2021-07-30

Applicant: Keysight Technologies, Inc.

Inventor： Shardendu Pandey ,  Stefan Jan Johansson ,  Jeffrey L. Pochop, JR. ,  Jonathan Lee Harrod

IPC: H04L12/26 ,  H04L29/08 ,  G06N20/00

Abstract: A method for network flow metadata processing at a network packet broker is described herein. The method includes, receiving, as input at a network packet broker, network traffic flow data, aggregating the network traffic flow data over a predefined time period to generate Internet protocol (IP) flow feature vectors containing metadata parameters associated with one or more particular endpoint devices, and providing the IP flow feature vectors to a machine learning element in the network packet broker. The method further includes identifying, by the machine learning element, anomalies existing in the metadata parameters included in the IP flow feature vectors, and automatically configuring one or more filter elements in the network packet broker in response to detecting the identified anomalies of the IP flow feature vectors.

公开(公告)号：US20190222965A1

公开(公告)日：2019-07-18

申请号：US15880110

申请日：2018-01-25

Applicant: Keysight Technologies, Inc.

Inventor： Robin O'Connor ,  Shardendu Pandey ,  Bogdan Tenea

IPC: H04W4/06 ,  H04W8/18 ,  H04W4/20

Abstract: Systems and methods are disclosed for subscriber sampling for network packet forwarding based upon unique subscriber identifiers. Control packets within input packets are processed to identify unique subscriber identifiers and related session identifiers, which are stored in records within a tracking table. Each input packet is analyzed to extract a session identifier and a unique subscriber identifier if present within the input packet. When a unique subscriber identifier is not present, the tracking table is accessed to determine a unique subscriber identifier associated with the session identifier extracted from the packet. The input packet is sampled based upon the unique subscriber identifier to determine whether or not to output the input packet as a sampled packet. The subscriber sampling can include hash-based sampling, dynamic function based sampling, and/or other subscriber/call based sampling methods. Sampled packets are forwarded to egress port(s) for further processing.

公开(公告)号：US12255794B2

公开(公告)日：2025-03-18

申请号：US17695759

申请日：2022-03-15

Applicant: Keysight Technologies, Inc.

Inventor： Jonathan Lee Harrod ,  Shardendu Pandey ,  Jonathan Glenn Stroud ,  Stefan Jan Johansson

IPC: H04L43/062 ,  H04L43/00 ,  H04L43/028

Abstract: A method for selectively processing a packet flow using a flow inspection engine is disclosed. The method includes receiving, by at least one hardware data plane processor component in a network packet broker, a plurality of packets associated with a packet flow, and forwarding, by the at least one hardware data plane processor component to at least one flow inspection engine, a copy of at least a portion of one or more of the initial packets of the packet flow. The method further includes providing, by the at least one hardware data plane processor component to the at least one flow inspection engine, packet flow statistical data resulting from a high throughput processing of the plurality of packets by the at least one hardware data plane processor component and generating, by the at least one flow inspection engine, metadata records using the copy at least a portion of the of the one or more of the initial packets and the packet flow statistical data, wherein the at least one hardware data plane processor component generates the statistical data from the plurality of packets independent of any instruction from the at least one flow inspection engine.

公开(公告)号：US11039338B2

公开(公告)日：2021-06-15

申请号：US16538585

申请日：2019-08-12

Applicant: Keysight Technologies, Inc.

Inventor： Stefan Jan Johansson ,  Robin Lee O'Connor ,  Fred Strelzoff ,  Shardendu Pandey ,  Salomon Noubieli Tatang ,  Jason Chia-Suan Wang

IPC: H04W28/06 ,  H04W28/02 ,  H04W76/12 ,  H04W8/08 ,  H04W68/00

Abstract: According to one method for control plane traffic filtering in a control and user plane separation (CUPS) environment, the method occurs at a network node implemented using at least one processor and at least one memory. The method includes receiving, from one or more sources, network location information associated with a first network location; receiving control plane messages for different network locations; filtering the control plane messages based on the network location information; and sending traffic including data from the filtered control plane messages to at least one network tool.

公开(公告)号：US20230300045A1

公开(公告)日：2023-09-21

申请号：US17695759

申请日：2022-03-15

Applicant: Keysight Technologies, Inc.

Inventor： Jonathan Lee Harrod ,  Shardendu Pandey ,  Jonathan Glenn Stroud ,  Stefan Jan Johansson

IPC: H04L43/062 ,  H04L43/028 ,  H04L43/00

CPC classification number: H04L43/062 ,  H04L43/028 ,  H04L43/14

Abstract: A method for selectively processing a packet flow using a flow inspection engine is disclosed. The method includes receiving, by at least one hardware data plane processor component in a network packet broker, a plurality of packets associated with a packet flow, and forwarding, by the at least one hardware data plane processor component to at least one flow inspection engine, a copy of at least a portion of one or more of the initial packets of the packet flow. The method further includes providing, by the at least one hardware data plane processor component to the at least one flow inspection engine, packet flow statistical data resulting from a high throughput processing of the plurality of packets by the at least one hardware data plane processor component and generating, by the at least one flow inspection engine, metadata records using the copy at least a portion of the of the one or more of the initial packets and the packet flow statistical data, wherein the at least one hardware data plane processor component generates the statistical data from the plurality of packets independent of any instruction from the at least one flow inspection engine.

公开(公告)号：US10764722B2

公开(公告)日：2020-09-01

申请号：US15880110

申请日：2018-01-25

Applicant: Keysight Technologies, Inc.

Inventor： Robin O'Connor ,  Shardendu Pandey ,  Bogdan Tenea

IPC: H04W4/06 ,  H04W4/20 ,  H04W8/18 ,  H04W4/60 ,  H04L29/06

Abstract: Systems and methods are disclosed for subscriber sampling for network packet forwarding based upon unique subscriber identifiers. Control packets within input packets are processed to identify unique subscriber identifiers and related session identifiers, which are stored in records within a tracking table. Each input packet is analyzed to extract a session identifier and a unique subscriber identifier if present within the input packet. When a unique subscriber identifier is not present, the tracking table is accessed to determine a unique subscriber identifier associated with the session identifier extracted from the packet. The input packet is sampled based upon the unique subscriber identifier to determine whether or not to output the input packet as a sampled packet. The subscriber sampling can include hash-based sampling, dynamic function based sampling, and/or other subscriber/call based sampling methods. Sampled packets are forwarded to egress port(s) for further processing.

公开(公告)号：US11949570B2

公开(公告)日：2024-04-02

申请号：US17390860

申请日：2021-07-30

Applicant: Keysight Technologies, Inc.

Inventor： Shardendu Pandey ,  Stefan Jan Johansson ,  Jeffrey L. Pochop, Jr. ,  Jonathan Lee Harrod

IPC: H04L43/04 ,  G06N20/00 ,  H04L43/028 ,  H04L67/562

CPC classification number: H04L43/028 ,  G06N20/00 ,  H04L67/562

Abstract: A method for network flow metadata processing at a network packet broker is described herein. The method includes, receiving, as input at a network packet broker, network traffic flow data, aggregating the network traffic flow data over a predefined time period to generate Internet protocol (IP) flow feature vectors containing metadata parameters associated with one or more particular endpoint devices, and providing the IP flow feature vectors to a machine learning element in the network packet broker. The method further includes identifying, by the machine learning element, anomalies existing in the metadata parameters included in the IP flow feature vectors, and automatically configuring one or more filter elements in the network packet broker in response to detecting the identified anomalies of the IP flow feature vectors.

公开(公告)号：US20210051517A1

公开(公告)日：2021-02-18

申请号：US16538585

申请日：2019-08-12

Applicant: Keysight Technologies, Inc.

Inventor： Stefan Jan Johansson ,  Robin Lee O'Connor ,  Fred Strelzoff ,  Shardendu Pandey ,  Salomon Noubieli Tatang ,  Jason Chia-Suan Wang

IPC: H04W28/06 ,  H04W28/02 ,  H04W68/00 ,  H04W8/08 ,  H04W76/12

Abstract: According to one method for control plane traffic filtering in a control and user plane separation (CUPS) environment, the method occurs at a network node implemented using at least one processor and at least one memory. The method includes receiving, from one or more sources, network location information associated with a first network location; receiving control plane messages for different network locations; filtering the control plane messages based on the network location information; and sending traffic including data from the filtered control plane messages to at least one network tool.