-
公开(公告)号:US20230064731A1
公开(公告)日:2023-03-02
申请号:US17852743
申请日:2022-06-29
申请人: Rapid7, Inc.
发明人: John Brosnan , Jeff Myers , Andriy Lyubka , Darragh Delaney , Erran Carey , Martin Hutchings , Ralph McTeggart , Ryan Williams , Daniel Skelton , Luke Coughlan , Gianpaolo Tedesco , Luis Ramos dos Santos Lopes , Lars-Kristian Svenoy , Dan-Adrian Moinescu , Niall Cochrane , Morgan Doyle , Sarah Addis
IPC分类号: H04L43/0894 , H04L47/35 , H04L9/40 , H04L47/36 , H04L67/12 , H04L47/2441 , G06F9/445 , G06F9/455
摘要: Disclosed herein are methods, systems, and processes for centralized containerized deployment of network traffic sensors to network sensor hosts for deep packet inspection (DPI) that supports various other cybersecurity operations. A network sensor package containing a pre-configured network sensor container is received by a network sensor host from a network sensor deployment server. Installation of the network sensor package on the network sensor host causes execution of the network sensor container that further causes deployment of an on-premise network sensor along with a network sensor management system, a DPI system, and an intrusion detection/prevention (IDS/IPS) system. The configurable on-premise network sensor is deployed on multiple operating system distributions of the network sensor host and generates actionable network metadata using DPI techniques for optimized log search and management and improved intrusion detection and response (IDR) operations.
-
公开(公告)号:US11522773B1
公开(公告)日:2022-12-06
申请号:US17060666
申请日:2020-10-01
申请人: Rapid7, Inc.
发明人: Gianpaolo Tedesco
IPC分类号: H04L43/028 , H04L69/16
摘要: Disclosed herein are methods, systems, and processes for performing optimized batched packet processing in deep packet inspection (DPI) computing systems. A batch of network packets is received. A stateless processing operation is performed for the batch that includes updating a current time for the batch, decoding the network packets in the batch, creating a flow-hash lookup key for each decoded network packet, and generating a first output that includes the current time and corresponding flow-hash lookup keys for the decoded network packets. Next, a stateful processing operation is performed for the batch that includes accessing the first output of the stateless processing operation, dividing the batch into multiple sub-batches, performing a parallel flow-hash table lookup operation on the network packets that are part of the sub-batches, and generating a second output that includes the sub-batches with associated packet flows. Finally, a batch-optimized DPI processing operation is performed that includes accessing the second output of the stateful processing operation and performing the DPI processing operation on a per-packet basis or on a per-flow basis.
-
公开(公告)号:US11855869B2
公开(公告)日:2023-12-26
申请号:US17852754
申请日:2022-06-29
申请人: Rapid7, Inc.
发明人: John Brosnan , Jeff Myers , Andriy Lyubka , Darragh Delaney , Erran Carey , Martin Hutchings , Ralph McTeggart , Ryan Williams , Daniel Skelton , Luke Coughlan , Gianpaolo Tedesco , Luis Ramos Dos Santos Lopes , Lars-Kristian Svenoy , Dan-Adrian Moinescu , Niall Cochrane , Morgan Doyle , Sarah Addis
IPC分类号: G06F9/445 , G06F9/455 , H04L41/046 , H04L41/0806 , H04L43/0894 , H04L9/40 , H04L43/028 , H04L69/16
CPC分类号: H04L43/0894 , G06F9/445 , G06F9/455 , H04L43/028 , H04L63/14 , H04L69/16 , H04L41/046 , H04L41/0806
摘要: Disclosed herein are methods, systems, and processes for centralized containerized deployment of network traffic sensors to network sensor hosts for deep packet inspection (DPI) that supports various other cybersecurity operations. A network sensor package containing a pre-configured network sensor container is received by a network sensor host from a network sensor deployment server. Installation of the network sensor package on the network sensor host causes execution of the network sensor container that further causes deployment of an on-premise network sensor along with a network sensor management system, a DPI system, and an intrusion detection/prevention (IDS/IPS) system. The configurable on-premise network sensor is deployed on multiple operating system distributions of the network sensor host and generates actionable network metadata using DPI techniques for optimized log search and management and improved intrusion detection and response (IDR) operations.
-
公开(公告)号:US11411851B2
公开(公告)日:2022-08-09
申请号:US17462100
申请日:2021-08-31
申请人: Rapid7, Inc.
发明人: John Brosnan , Jeff Myers , Andriy Lyubka , Darragh Delaney , Erran Carey , Martin Hutchings , Ralph McTeggart , Ryan Williams , Daniel Skelton , Luke Coughlan , Gianpaolo Tedesco , Luis Ramos dos Santos Lopes , Lars-Kristian Svenoy , Dan-Adrian Moinescu , Niall Cochrane , Morgan Doyle , Sarah Addis
IPC分类号: H04L67/12 , H04L41/046 , H04L43/0894 , H04L47/35 , H04L9/40 , H04L47/36 , H04L47/2441 , G06F9/445 , G06F9/455 , H04L41/0806
摘要: Disclosed herein are methods, systems, and processes for centralized containerized deployment of network traffic sensors to network sensor hosts for deep packet inspection (DPI) that supports various other cybersecurity operations. A network sensor package containing a pre-configured network sensor container is received by a network sensor host from a network sensor deployment server. Installation of the network sensor package on the network sensor host causes execution of the network sensor container that further causes deployment of an on-premise network sensor along with a network sensor management system, a DPI system, and an intrusion detection/prevention (IDS/IPS) system. The configurable on-premise network sensor is deployed on multiple operating system distributions of the network sensor host and generates actionable network metadata using DPI techniques for optimized log search and management and improved intrusion detection and response (IDR) operations.
-
公开(公告)号:US20240333614A1
公开(公告)日:2024-10-03
申请号:US18738137
申请日:2024-06-10
申请人: Rapid7, Inc.
发明人: Gianpaolo Tedesco
IPC分类号: H04L43/028 , H04L69/16
CPC分类号: H04L43/028 , H04L69/16
摘要: Disclosed herein are methods, systems, and processes for performing optimized batched packet processing in deep packet inspection (DPI) computing systems. A batch of network packets is received. A stateless processing operation is performed for the batch that includes updating a current time for the batch, decoding the network packets in the batch, creating a flow-hash lookup key for each decoded network packet, and generating a first output that includes the current time and corresponding flow-hash lookup keys for the decoded network packets. Next, a stateful processing operation is performed for the batch that includes accessing the first output of the stateless processing operation, dividing the batch into multiple sub-batches, performing a parallel flow-hash table lookup operation on the network packets that are part of the sub-batches, and generating a second output that includes the sub-batches with associated packet flows. Finally, a batch-optimized DPI processing operation is performed that includes accessing the second output of the stateful processing operation and performing the DPI processing operation on a per-packet basis or on a per-flow basis.
-
公开(公告)号:US11838195B2
公开(公告)日:2023-12-05
申请号:US17852763
申请日:2022-06-29
申请人: Rapid7, Inc.
发明人: John Brosnan , Jeff Myers , Andriy Lyubka , Darragh Delaney , Erran Carey , Martin Hutchings , Ralph McTeggart , Ryan Williams , Daniel Skelton , Luke Coughlan , Gianpaolo Tedesco , Luis Ramos dos Santos Lopes , Lars-Kristian Svenoy , Dan-Adrian Moinescu , Niall Cochrane , Morgan Doyle , Sarah Addis
IPC分类号: H04L67/12 , H04L41/046 , H04L43/0894 , H04L9/40 , G06F9/445 , G06F9/455 , H04L43/028 , H04L69/16 , H04L47/35 , H04L47/36 , H04L47/2441 , H04L41/0806
CPC分类号: H04L43/0894 , G06F9/445 , G06F9/455 , H04L43/028 , H04L63/14 , H04L69/16 , H04L41/046 , H04L41/0806
摘要: Disclosed herein are methods, systems, and processes for centralized containerized deployment of network traffic sensors to network sensor hosts for deep packet inspection (DPI) that supports various other cybersecurity operations. A network sensor package containing a pre-configured network sensor container is received by a network sensor host from a network sensor deployment server. Installation of the network sensor package on the network sensor host causes execution of the network sensor container that further causes deployment of an on-premise network sensor along with a network sensor management system, a DPI system, and an intrusion detection/prevention (IDS/IPS) system. The configurable on-premise network sensor is deployed on multiple operating system distributions of the network sensor host and generates actionable network metadata using DPI techniques for optimized log search and management and improved intrusion detection and response (IDR) operations.
-
公开(公告)号:US20230064145A1
公开(公告)日:2023-03-02
申请号:US17852754
申请日:2022-06-29
申请人: Rapid7, Inc.
发明人: John Brosnan , Jeff Myers , Andriy Lyubka , Darragh Delaney , Erran Carey , Martin Hutchings , Ralph McTeggart , Ryan Williams , Daniel Skelton , Luke Coughlan , Gianpaolo Tedesco , Luis Ramos dos Santos Lopes , Lars-Kristian Svenoy , Dan-Adrian Moinescu , Niall Cochrane , Morgan Doyle , Sarah Addis
IPC分类号: H04L43/0894 , H04L47/35 , H04L9/40 , H04L47/36 , H04L67/12 , H04L47/2441 , G06F9/445 , G06F9/455
摘要: Disclosed herein are methods, systems, and processes for centralized containerized deployment of network traffic sensors to network sensor hosts for deep packet inspection (DPI) that supports various other cybersecurity operations. A network sensor package containing a pre-configured network sensor container is received by a network sensor host from a network sensor deployment server. Installation of the network sensor package on the network sensor host causes execution of the network sensor container that further causes deployment of an on-premise network sensor along with a network sensor management system, a DPI system, and an intrusion detection/prevention (IDS/IPS) system. The configurable on-premise network sensor is deployed on multiple operating system distributions of the network sensor host and generates actionable network metadata using DPI techniques for optimized log search and management and improved intrusion detection and response (IDR) operations.
-
公开(公告)号:US12047259B1
公开(公告)日:2024-07-23
申请号:US17979081
申请日:2022-11-02
申请人: Rapid7, Inc.
发明人: Gianpaolo Tedesco
IPC分类号: H04L43/028 , H04L69/16
CPC分类号: H04L43/028 , H04L69/16
摘要: Disclosed herein are methods, systems, and processes for performing optimized batched packet processing in deep packet inspection (DPI) computing systems. A batch of network packets is received. A stateless processing operation is performed for the batch that includes updating a current time for the batch, decoding the network packets in the batch, creating a flowhash lookup key for each decoded network packet, and generating a first output that includes the current time and corresponding flow-hash lookup keys for the decoded network packets. Next, a stateful processing operation is performed for the batch that includes accessing the first output of the stateless processing operation, dividing the batch into multiple sub-batches, performing a parallel flow-hash table lookup operation on the network packets that are part of the sub-batches, and generating a second output that includes the sub-batches with associated packet flows. Finally, a batch-optimized DPI processing operation is performed that includes accessing the second output of the stateful processing operation and performing the DPI processing operation on a per-packet basis or on a per-flow basis.
-
公开(公告)号:US20230065596A1
公开(公告)日:2023-03-02
申请号:US17852763
申请日:2022-06-29
申请人: Rapid7, Inc.
发明人: John Brosnan , Jeff Myers , Andriy Lyubka , Darragh Delaney , Erran Carey , Martin Hutchings , Ralph McTeggart , Ryan Williams , Daniel Skelton , Luke Coughlan , Gianpaolo Tedesco , Luis Ramos dos Santos Lopes , Lars-Kristian Svenoy , Dan-Adrian Moinescu , Niall Cochrane , Morgan Doyle , Sarah Addis
IPC分类号: H04L43/0894 , H04L47/35 , H04L9/40 , H04L47/36 , H04L67/12 , H04L47/2441 , G06F9/445 , G06F9/455
摘要: Disclosed herein are methods, systems, and processes for centralized containerized deployment of network traffic sensors to network sensor hosts for deep packet inspection (DPI) that supports various other cybersecurity operations. A network sensor package containing a preconfigured network sensor container is received by a network sensor host from a network sensor deployment server. Installation of the network sensor package on the network sensor host causes execution of the network sensor container that further causes deployment of an on-premise network sensor along with a network sensor management system, a DPI system, and an intrusion detection/prevention (IDS/IPS) system. The configurable on-premise network sensor is deployed on multiple operating system distributions of the network sensor host and generates actionable network metadata using DPI techniques for optimized log search and management and improved intrusion detection and response (IDR) operations.
-
公开(公告)号:US20210399969A1
公开(公告)日:2021-12-23
申请号:US17462100
申请日:2021-08-31
申请人: Rapid7, Inc.
发明人: John Brosnan , Jeff Myers , Andriy Lyubka , Darragh Delaney , Erran Carey , Martin Hutchings , Ralph McTeggart , Ryan Williams , Daniel Skelton , Luke Coughlan , Gianpaolo Tedesco , Luis Ramos dos Santos Lopes , Lars-Kristian Svenoy , Dan-Adrian Moinescu , Niall Cochrane , Morgan Doyle , Sarah Addis
IPC分类号: H04L12/26 , H04L12/801 , H04L29/06 , H04L12/805 , H04L12/851 , G06F9/445 , H04L29/08 , G06F9/455
摘要: Disclosed herein are methods, systems, and processes for centralized containerized deployment of network traffic sensors to network sensor hosts for deep packet inspection (DPI) that supports various other cybersecurity operations. A network sensor package containing a pre-configured network sensor container is received by a network sensor host from a network sensor deployment server. Installation of the network sensor package on the network sensor host causes execution of the network sensor container that further causes deployment of an on-premise network sensor along with a network sensor management system, a DPI system, and an intrusion detection/prevention (IDS/IPS) system. The configurable on-premise network sensor is deployed on multiple operating system distributions of the network sensor host and generates actionable network metadata using DPI techniques for optimized log search and management and improved intrusion detection and response (IDR) operations.
-
-
-
-
-
-
-
-
-
搜索结果
10 条记录 (耗时 0.016 秒)
