摘要:
An adjunct network device includes several ports, an uplink interface, and an adjunct forwarding engine coupled to the ports and the uplink interface. A first port is configured to receive a packet, which includes a destination address. The adjunct forwarding engine is configured to send the packet to the uplink interface if the destination address is not associated with any of the ports. The packet is sent to one of the ports if the destination address is associated with the one of the ports.
摘要:
A virtual network device includes several different virtual network device sub-units, which collectively operate as a single logical network device. An interface bundle includes interfaces in more than one of the different virtual network device sub-units included in the virtual network device. The interface bundle is coupled to a virtual link bundle, which connects the virtual network device to another device. The interface bundle is managed as a single logical interface.
摘要:
Method and devices are provided to form virtual switches for data networks. As noted above, the term “switch” as used herein will apply to switches, routers and similar network devices. Each virtual switch acts as a single logical unit, while encompassing at least two physical chassis. Accordingly, each virtual switch may be treated as a single point of management. Each virtual switch includes a master chassis and at least one slave chassis. The master chassis is configured to control the slave chassis. The master chassis includes at least one master supervisor card and the slave chassis includes at least one slave supervisor card. The master chassis and the slave chassis communicate via a virtual switch link according to a virtual switch link protocol.
摘要:
Various methods and systems for detecting whether a network device supports a protocol, which defines a supplemental header, are disclosed. One method involves detecting a value within a preamble generated by a sending device and verifying that a header format of a header, also generated by the sending device, conforms to a header format definition of a protocol. The header format definition of the protocol defines a supplemental header. The preamble can be an Ethernet preamble. In one embodiment, the preamble is a converged data link (CDL) preamble or other type of preamble that is used to convey operation, administration and management (OAM) information.
摘要:
Method and devices are provided to form virtual switches for data networks. As noted above, the term “switch” as used herein will apply to switches, routers and similar network devices. Each virtual switch acts as a single logical unit, while encompassing at least two physical chassis. Accordingly, each virtual switch may be treated as a single point of management. Each virtual switch includes a master chassis and at least one slave chassis. The master chassis is configured to control the slave chassis. The master chassis includes at least one master supervisor card and the slave chassis includes at least one slave supervisor card. The master chassis and the slave chassis communicate via a virtual switch link according to a virtual switch link protocol.
摘要:
A virtual network device sub-unit includes an interface to a virtual network device link and a distributed forwarding module. The interface receives a packet, and the distributed forwarding module forwards the packet received by the interface. The distributed forwarding module performs an ingress lookup if the packet includes a multicast destination address and an egress lookup if the packet includes a unicast destination address. If the packet includes a multicast destination address, the distributed forwarding module replicates the packet for each of several outgoing VLANs associated with the multicast destination address. If an additional multicast packet is received via an interface that is not coupled to a virtual network device link, the distributed forwarding module sends at most one copy of the additional multicast packet via the virtual network device link.
摘要:
Systems and methods for virtualization and emulation assisted malware detection are described. In some embodiments, a method comprises intercepting an object; instantiating and processing the object in a virtualization environment; tracing operations of the object while processing within the virtualization environment; detecting suspicious behavior associated with the object; instantiating an emulation environment in response to the detected suspicious behavior; processing, recording responses to, and tracing operations of the object within the emulation environment; detecting a divergence between the traced operations of the object within the virtualization environment to the traced operations of the object within the emulation environment; re-instantiating the virtualization environment; providing the recorded response from the emulation environment to the object in the virtualization environment; monitoring the operations of the object within the re-instantiation of the virtualization environment; identifying untrusted actions from the monitored operations; and generating a report regarding the identified untrusted actions of the object.
摘要:
Systems and methods for virtualized malware enabled detection are described. In some embodiments, a method comprises intercepting an object provided from a first digital device, determining one or more resources the object requires, instantiating a virtual environment with the one or more resources, processing the object within the virtual environment, tainting operations of the object within the virtual environment, monitoring the operations of the object, identifying an additional resource of the object while processing that is not provided in the virtual environment, re-instantiating the virtual environment with the additional resource, monitoring the operations of the object while processing within the re-instantiated virtual environment, identifying untrusted actions from the monitored operations, and generating a report identifying the operations and the untrusted actions of the object.
摘要:
Systems and methods for virtualization and emulation malware enabled detection are described. In some embodiments, a method comprises intercepting an object, instantiating and processing the object in a virtualization environment, tracing operations of the object while processing within the virtualization environment, detecting suspicious behavior associated with the object, instantiating an emulation environment in response to the detected suspicious behavior, processing, recording responses to, and tracing operations of the object within the emulation environment, detecting a divergence between the traced operations of the object within the virtualization environment to the traced operations of the object within the emulation environment, re-instantiating the virtualization environment, providing the recorded response from the emulation environment to the object in the virtualization environment, monitoring the operations of the object within the re-instantiation of the virtualization environment, identifying untrusted actions from the monitored operations, and generating a report regarding the identified untrusted actions of the object.
摘要:
An adjunct network device includes several ports, an uplink interface, and an adjunct forwarding engine coupled to the ports and the uplink interface. A first port is configured to receive a packet, which includes a destination address. The adjunct forwarding engine is configured to send the packet to the uplink interface if the destination address is not associated with any of the ports. The packet is sent to one of the ports if the destination address is associated with the one of the ports.