公开(公告)号：US07809827B1

公开(公告)日：2010-10-05

申请号：US11516878

申请日：2006-09-07

申请人： Manoj Apte ,  Sandeep Jain ,  Fritz Budiyanto ,  Senthil Kumar Duraiswamy ,  Saravanan Deenadayalan ,  Yulianto Kokasih Ko

发明人： Manoj Apte ,  Sandeep Jain ,  Fritz Budiyanto ,  Senthil Kumar Duraiswamy ,  Saravanan Deenadayalan ,  Yulianto Kokasih Ko

IPC分类号： G06F15/173

CPC分类号： H04L43/028 ,  H04L45/10 ,  H04L45/38

摘要： A network device comprises a service card (e.g., a lawful intercept (LI) service card) executing a communication protocol to receive, from one or more sources (e.g., law enforcement agents), intercept information specifying at least one destination and criteria for matching one or more packet flows. The network device further includes a network interface card to receive a packet from a network, and a control unit to provide the packet from the interface card to the LI service card. The LI service card executes a flow match detection module that, when the packet matches the criteria of the intercept information, forwards the packet to the destination specified by the intercept information. The network device may provide real-time intercept and relaying of specified network-based communications. Moreover, the techniques described herein allow LEAs to tap packet flows with little delay after specifying intercept information, e.g., within 50 milliseconds, even under high-volume networks.

摘要翻译： 网络设备包括执行通信协议的服务卡（例如合法拦截（LI）服务卡），以从一个或多个来源（例如执法人员）接收指定至少一个目的地的拦截信息和用于匹配的标准 一个或多个分组流。 网络设备还包括从网络接收分组的网络接口卡，以及将接口卡向L1服务卡提供分组的控制单元。 LI服务卡执行流匹配检测模块，当分组符合拦截信息的标准时，将分组转发到由拦截信息指定的目的地。 网络设备可以提供指定的基于网络的通信的实时拦截和中继。 此外，即使在高容量网络下，本文所描述的技术允许LEA在指定拦截信息（例如，在50毫秒内）之后稍微延迟地敲击分组流。

公开(公告)号：US07747737B1

公开(公告)日：2010-06-29

申请号：US11517232

申请日：2006-09-07

申请人： Manoj Apte ,  Sandeep Jain ,  Fritz Budiyanto ,  Senthil Kumar Duraiswamy ,  Saravanan Deenadayalan ,  Yulianto Kokasih Ko

发明人： Manoj Apte ,  Sandeep Jain ,  Fritz Budiyanto ,  Senthil Kumar Duraiswamy ,  Saravanan Deenadayalan ,  Yulianto Kokasih Ko

IPC分类号： G06F15/173

CPC分类号： H04L43/028 ,  H04L45/10 ,  H04L45/38

摘要： A network device comprises a service card (e.g., a dynamic flow capture (DFC) service card) executing a communication protocol to receive, from one or more control sources, flow capture information specifying at least one destination and criteria for matching one or more packet flows. The network device includes a network interface card to receive a packet from a network, a packet replication module to replicate the packet, and a control unit to provide the replicated packet from the interface card to the DFC service card. The network device includes a filter cache that caches flow capture information recently received from the CSs. The network device may provide real-time intercept and relaying of specified network-based communications. Moreover, the techniques described herein allow CSs to tap packet flows with little delay after specifying flow capture information, e.g., within 50 milliseconds, even under high-volume networks.

摘要翻译： 网络设备包括执行通信协议的服务卡（例如，动态流捕获（DFC）服务卡），以从一个或多个控制源接收指定至少一个目的地的流捕获信息和用于匹配一个或多个分组的标准 流动。 网络设备包括从网络接收分组的网络接口卡，用于复制分组的分组复制模块，以及将接收卡的复制分组提供给DFC服务卡的控制单元。 网络设备包括高速缓存从CS接收到的流捕获信息的过滤器高速缓存。 网络设备可以提供指定的基于网络的通信的实时拦截和中继。 此外，本文描述的技术允许CS在指定流捕获信息（例如，在50毫秒内）甚至在高容量网络下，稍微延迟地敲击分组流。

公开(公告)号：US08037175B1

公开(公告)日：2011-10-11

申请号：US12822904

申请日：2010-06-24

申请人： Manoj Apte ,  Sandeep Jain ,  Fritz Budiyanto ,  Senthil Kumar Duraiswamy ,  Saravanan Deenadayalan ,  Yulianto Kokasih Ko

发明人： Manoj Apte ,  Sandeep Jain ,  Fritz Budiyanto ,  Senthil Kumar Duraiswamy ,  Saravanan Deenadayalan ,  Yulianto Kokasih Ko

IPC分类号： G06F15/173

CPC分类号： H04L43/028 ,  H04L45/10 ,  H04L45/38

摘要： A network device comprises a service card (e.g., a dynamic flow capture (DFC) service card) executing a communication protocol to receive, from one or more control sources, flow capture information specifying at least one destination and criteria for matching one or more packet flows. The network device includes a network interface card to receive a packet from a network, a packet replication module to replicate the packet, and a control unit to provide the replicated packet from the interface card to the DFC service card. The network device includes a filter cache that caches flow capture information recently received from the CSs. The network device may provide real-time intercept and relaying of specified network-based communications. Moreover, the techniques described herein allow CSs to tap packet flows with little delay after specifying flow capture information, e.g., within 50 milliseconds, even under high-volume networks.

摘要翻译： 网络设备包括执行通信协议的服务卡（例如，动态流捕获（DFC）服务卡），以从一个或多个控制源接收指定至少一个目的地的流捕获信息和用于匹配一个或多个分组的标准 流动。 网络设备包括从网络接收分组的网络接口卡，用于复制分组的分组复制模块，以及将接收卡的复制分组提供给DFC服务卡的控制单元。 网络设备包括高速缓存从CS接收到的流捕获信息的过滤器高速缓存。 网络设备可以提供指定的基于网络的通信的实时拦截和中继。 此外，本文描述的技术允许CS在指定流捕获信息（例如，在50毫秒内）甚至在高容量网络下，稍微延迟地敲击分组流。