摘要:
A method of securing a network from vulnerability exploits, including the steps of a traffic analysis engine receiving a plurality of packets destined for an internal operating system; the traffic analysis engine selectively forwarding the packets to at least one virtual machine emulating the internal operating system; the virtual machine processing each forwarded packet; a rapid analysis engine identifying a malicious packet from the processed packets; and the rapid analysis engine creating a new signature to identify the malicious packet.
摘要:
Methods, systems and computer readable mediums storing computer executable programs for managing network traffic within a virtual network system. A virtual network system defined within a physical network device is identified. A first virtual network device defined within the virtual network system is identified. A virtual network appliance within the physical network device is defined. The virtual network appliance is communicatively coupled to the first virtual network device. The virtual network appliance is communicatively coupled to the virtual network system. The virtual network appliance is operable to manage network traffic associated with the first virtual network device.
摘要:
A method for detection of a network address translation (NAT) device in a network is described herein. An edge network device detects a first packet at an edge port of the edge network device. A second packet is detected at the edge port of the edge network device. It is determined whether a time to live (TTL) value associated with the first packet is different from a TTL value associated with the second packet. Where the TTL value associated with the first packet is different from a TTL value associated with the second packet, it is determined that a NAT device is connected to the edge port. Where the TTL value associated with the first packet is the same as a TTL value associated with the second packet, it is determined that a NAT device is not connected to the edge port.
摘要:
Embodiments of the invention provide a network device for detecting email worms having a port for receiving packets and a processing engine configured to inspect packets received on the port, wherein if a predetermined number of packets sent from a client represent DNS queries, the client is identified as being infected.
摘要:
A method of securing a network from vulnerability exploits, including the steps of a traffic analysis engine receiving a plurality of packets destined for an internal operating system; the traffic analysis engine selectively forwarding the packets to at least one virtual machine emulating the internal operating system; the virtual machine processing each forwarded packet; a rapid analysis engine identifying a malicious packet from the processed packets; and the rapid analysis engine creating a new signature to identify the malicious packet.
摘要:
A method for detection of a network address translation (NAT) device in a network is described herein. An edge network device detects a first packet at an edge port of the edge network device. A second packet is detected at the edge port of the edge network device. It is determined whether a time to live (TTL) value associated with the first packet is different from a TTL value associated with the second packet. Where the TTL value associated with the first packet is different from a TTL value associated with the second packet, it is determined that a NAT device is connected to the edge port. Where the TTL value associated with the first packet is the same as a TTL value associated with the second packet, it is determined that a NAT device is not connected to the edge port.
摘要:
Methods, systems and computer readable mediums storing computer executable programs for managing network traffic within a virtual network system. A virtual network system defined within a physical network device is identified. A first virtual network device defined within the virtual network system is identified. A virtual network appliance within the physical network device is defined. The virtual network appliance is communicatively coupled to the first virtual network device. The virtual network appliance is communicatively coupled to the virtual network system. The virtual network appliance is operable to manage network traffic associated with the first virtual network device.