公开(公告)号：US09137101B2

公开(公告)日：2015-09-15

申请号：US13303615

申请日：2011-11-23

申请人： Srikanth Keesara ,  David E. Frattura ,  Deborah E. Fitzgerald ,  Christopher Monti

发明人： Srikanth Keesara ,  David E. Frattura ,  Deborah E. Fitzgerald ,  Christopher Monti

IPC分类号： G01R31/08 ,  H04L12/24 ,  H04L12/26 ,  H04L12/721

CPC分类号： H04L41/0677 ,  H04L43/0811 ,  H04L43/10 ,  H04L45/70

摘要： A network management and monitoring application employs diagnostic messages for confirming network path connectivity and identifying and locating connectivity faults. Diagnostic messages similar to conventional “ping” and “traceroute” messages traverse the network along a prescribed path for which diagnostic feedback is desired. The application receives and analyzes return messages sent from network entities along the path to ascertain connectivity issues on the path. The application receives layer 3 identifiers such as IP addresses, however performs diagnostic operations such as continuity checks based on layer 2 identifiers such as MAC (Media Access Control) identifiers because certain network entities operate on L2 identifiers and would otherwise evade a continuity check based on layer 3 identifiers. The monitoring application therefore performs continuity diagnostics such as ping and traceroute operations using L2 identifiers, therefore pinpointing problems with an L2 network forwarding entity such as a bridge that lies between L3 entities such as routers.

摘要翻译： 网络管理和监控应用程序使用诊断消息来确认网络路径连通性，并识别和定位连接故障。 类似于常规“ping”和“traceroute”消息的诊断消息沿着期望诊断反馈的规定路径穿越网络。 应用程序接收并分析从网络实体沿路径发送的返回消息，以确定路径上的连接问题。 应用程序接收诸如IP地址的层3标识符，然而执行诊断操作，例如基于诸如MAC（媒体访问控制）标识符的第2层标识符的连续性检查，因为某些网络实体在L2标识符上操作，否则将基于 第3层标识符。 因此，监视应用程序使用L2标识符来执行诸如ping和traceroute操作之类的连续性诊断，因此确定了L2网络转发实体（例如位于诸如路由器的L3实体之间的网桥）的问题。

公开(公告)号：US20130128751A1

公开(公告)日：2013-05-23

申请号：US13303615

申请日：2011-11-23

申请人： Srikanth Keesara ,  David E. Frattura ,  Deborah E. Fitzgerald ,  Christopher Monti

发明人： Srikanth Keesara ,  David E. Frattura ,  Deborah E. Fitzgerald ,  Christopher Monti

IPC分类号： H04L12/26

CPC分类号： H04L41/0677 ,  H04L43/0811 ,  H04L43/10 ,  H04L45/70

摘要： A network management and monitoring application employs diagnostic messages for confirming network path connectivity and identifying and locating connectivity faults. Diagnostic messages similar to conventional “ping” and “traceroute” messages traverse the network along a prescribed path for which diagnostic feedback is desired. The application receives and analyzes return messages sent from network entities along the path to ascertain connectivity issues on the path. The application receives layer 3 identifiers such as IP addresses, however performs diagnostic operations such as continuity checks based on layer 2 identifiers such as MAC (Media Access Control) identifiers because certain network entities operate on L2 identifiers and would otherwise evade a continuity check based on layer 3 identifiers. The monitoring application therefore performs continuity diagnostics such as ping and traceroute operations using L2 identifiers, therefore pinpointing problems with an L2 network forwarding entity such as a bridge that lies between L3 entities such as routers.

摘要翻译： 网络管理和监控应用程序使用诊断消息来确认网络路径连通性，并识别和定位连接故障。 类似于常规“ping”和“traceroute”消息的诊断消息沿着期望诊断反馈的规定路径穿越网络。 应用程序接收并分析从网络实体沿路径发送的返回消息，以确定路径上的连接问题。 应用程序接收诸如IP地址的层3标识符，然而执行诊断操作，例如基于诸如MAC（媒体访问控制）标识符的第2层标识符的连续性检查，因为某些网络实体操作在L2标识符上，否则将基于 第3层标识符。 因此，监视应用程序使用L2标识符来执行诸如ping和traceroute操作之类的连续性诊断，因此确定了L2网络转发实体（例如位于诸如路由器的L3实体之间的网桥）的问题。

公开(公告)号：US07580403B2

公开(公告)日：2009-08-25

申请号：US11066607

申请日：2005-02-25

申请人： David E. Frattura

发明人： David E. Frattura

IPC分类号： H04L12/66

CPC分类号： H04M3/4872 ,  H04M1/2535 ,  H04M7/0072 ,  H04M2242/04 ,  Y02D30/30

摘要： A method includes receiving, on a first network device, an announcement message from an endpoint device connected to the first network device via a network connection. The announcement message, which includes at least one connection criteria, is transmitted to one or more downstream network devices.

摘要翻译： 一种方法包括在第一网络设备上经由网络连接从连接到第一网络设备的端点设备接收公告消息。 包括至少一个连接标准的通知消息被发送到一个或多个下游网络设备。

公开(公告)号：US08819213B2

公开(公告)日：2014-08-26

申请号：US11208372

申请日：2005-08-19

申请人： David E. Frattura ,  Richard W. Graham ,  John Roese

发明人： David E. Frattura ,  Richard W. Graham ,  John Roese

IPC分类号： G06F15/173 ,  H04L12/26 ,  H04L29/06 ,  H04L29/08

CPC分类号： H04L12/2602 ,  H04L12/4633 ,  H04L43/00 ,  H04L43/0882 ,  H04L43/16 ,  H04L63/00 ,  H04L63/14 ,  H04L63/1416 ,  H04L63/166 ,  H04L63/30 ,  H04L67/1095

摘要： The present invention provides method and systems for dynamically mirroring network traffic. The mirroring of network traffic may comprise data that may be considered of particular interest. The network traffic may be mirrored by a mirror service portal from a mirror sender, referred to as a mirror source, to a mirror receiver, referred to as a mirror destination, locally or remotely over various network segments, such as private and public networks and the Internet. The network traffic may be mirrored to locations not involved in the network communications being mirrored. The present invention provides various techniques for dynamically mirroring data contained in the network traffic from a mirror source to a mirror destination.

摘要翻译： 本发明提供了用于动态镜像网络业务的方法和系统。 网络流量的镜像可以包括可被认为特别感兴趣的数据。 网络流量可以由镜像服务门户从称为镜像源的镜像服务器镜像到本地或远程通过各种网段（如私有和公共网络）的镜像接收器（称为镜像目的地），以及 互联网。 可以将网络流量镜像到不涉及正在镜像的网络通信中的位置。 本发明提供了用于动态镜像从镜像源到镜像目的地的网络流量中包含的数据的各种技术。

公开(公告)号：US07936770B1

公开(公告)日：2011-05-03

申请号：US11371990

申请日：2006-03-08

申请人： David E. Frattura ,  Richard Graham ,  John Roese

发明人： David E. Frattura ,  Richard Graham ,  John Roese

IPC分类号： H04L21/28

CPC分类号： H04L47/6215 ,  H04L49/90

摘要： A method and apparatus are provided that allows for the representation of a larger number of classes of network traffic and logical queues than is physically available on a per port basis within a network device. A number of logical queues, whose number can match the number of classes of network traffic a network device handles, may be supported across an aggregated set of ports even though the network device has fewer physical queues per port than there are classes of network traffic. The method and apparatus improve the management of network traffic sensitive to time delay and jitter, and further facilitates the operation of these applications in a simultaneous or near simultaneous manner.

摘要翻译： 提供了一种方法和装置，其允许比在网络设备内每个端口的物理上可用的更多数量的网络流量和逻辑队列的表示。 即使网络设备每个端口的物理队列数少于网络流量类别，也可以跨越一组聚合端口来支持多个逻辑队列，其数量可以匹配网络设备处理的网络流量的数量。 该方法和装置改善对时间延迟和抖动敏感的网络业务的管理，并且进一步促进了这些应用以同时或接近同时的方式的操作。

公开(公告)号：US08239960B2

公开(公告)日：2012-08-07

申请号：US12732356

申请日：2010-03-26

申请人： David E. Frattura ,  Richard W. Graham ,  John Roese

发明人： David E. Frattura ,  Richard W. Graham ,  John Roese

IPC分类号： G06F21/00 ,  G06F12/14 ,  G06F17/30 ,  H04L29/06 ,  H04L9/00

CPC分类号： H04L63/0407 ,  G06F21/6263 ,  H04L63/0428 ,  H04L63/14 ,  H04L63/1441 ,  H04L63/16 ,  Y10S707/99955

摘要： Systems and methods are provided for preserving the privacy of data contained in mirrored network traffic. The mirrored network traffic may comprise data that may be considered confidential, privileged, private, or otherwise sensitive data. For example, the data payload of a frame of mirrored network traffic may include private Voice over IP (VoIP) communications between users on one or more networks. The present invention provides various techniques for securing the privacy of data contained in the mirrored network traffic. Using the techniques of the present invention, network traffic comprising confidential, privileged, private, or otherwise sensitive data may be mirrored in such a manner as to provide for the privacy of such data over at least a portion if not all of the mirrored communications between the mirror source point and the mirror destination point.

摘要翻译： 提供了系统和方法，用于保护镜像网络流量中包含的数据的隐私。 镜像网络流量可以包括可被认为是机密，特权，私有或其他敏感数据的数据。 例如，镜像网络业务帧的数据有效载荷可以包括在一个或多个网络上的用户之间的专用IP语音（VoIP）通信。 本发明提供了用于保护包含在镜像网络业务中的数据的隐私的各种技术。 使用本发明的技术，包括机密，特权，私有或其他敏感数据的网络业务可以以这样的方式被镜像，以便通过至少一部分（如果不是全部）的所有镜像通信提供这样的数据的隐私， 镜像源点和镜像目标点。

公开(公告)号：US08191107B1

公开(公告)日：2012-05-29

申请号：US12750484

申请日：2010-03-30

申请人： David E. Frattura ,  Richard W. Graham

发明人： David E. Frattura ,  Richard W. Graham

IPC分类号： H04L29/06

CPC分类号： H04L41/0663 ,  H04L41/0893 ,  H04L41/24 ,  H04L43/0811 ,  H04L43/0817 ,  H04L69/40

摘要： A lost contact policy response system and related method for adjusting the operation of one or more network infrastructure devices upon detection of a loss of contact with a policy server function. The response system includes a policy enforcement function (“PEF”), a policy manager function, and either or both of policy set(s) and policy enforcement rule (“PER”) set(s). The PEF implements stored or generated PER set(s). The policy manager function includes a monitoring function and an analysis function. The monitoring function monitors for continuing connectivity or signal exchange contact with a network policy server function. The analysis function selects a designated policy, policy set, PER or PER set, and instructs the PEF to implement the selected policy, PER or set. The policy and/or PER sets may be pre-installed, updated, re-installed, revised, or otherwise changed when and as desired. The related method includes corresponding steps for implementing the operations of the functions described.

摘要翻译： 一种丢失的联系人策略响应系统和相关方法，用于在检测到与策略服务器功能的联系丢失时调整一个或多个网络基础设施设备的操作。 响应系统包括策略执行功能（“PEF”），策略管理器功能以及策略集和策略执行规则（“PER”）集合中的一个或两个。 PEF实现存储或生成的PER集。 策略管理功能包括监控功能和分析功能。 监视功能监视与网络策略服务器功能的连续连接或信号交换联系。 分析功能选择指定的策略，策略集，PER或PER集，并指示PEF实现所选策略PER或设置。 可以根据需要预先安装，更新，重新安装，修改或以其他方式更改策略和/或PER集。 相关方法包括用于实现所述功能的操作的相应步骤。

公开(公告)号：US07690040B2

公开(公告)日：2010-03-30

申请号：US11075936

申请日：2005-03-08

申请人： David E. Frattura ,  Richard W. Graham ,  John Roese

发明人： David E. Frattura ,  Richard W. Graham ,  John Roese

IPC分类号： G06F21/00 ,  H04L29/06 ,  H04L9/00 ,  G06F12/14 ,  G06F17/30

CPC分类号： H04L63/0407 ,  G06F21/6263 ,  H04L63/0428 ,  H04L63/14 ,  H04L63/1441 ,  H04L63/16 ,  Y10S707/99955

摘要： Systems and methods are provided for preserving the privacy of data contained in mirrored network traffic. The mirrored network traffic may comprise data that may be considered confidential, privileged, private, or otherwise sensitive data. For example, the data payload of a frame of mirrored network traffic may include private Voice over IP (VoIP) communications between users on one or more networks. The present invention provides various techniques for securing the privacy of data contained in the mirrored network traffic. Using the techniques of the present invention, network traffic comprising confidential, privileged, private, or otherwise sensitive data may be mirrored in such a manner as to provide for the privacy of such data over at least a portion if not all of the mirrored communications between the mirror source point and the mirror destination point.

摘要翻译： 提供了系统和方法，用于保护镜像网络流量中包含的数据的隐私。 镜像网络流量可以包括可被认为是机密，特权，私有或其他敏感数据的数据。 例如，镜像网络业务帧的数据有效载荷可以包括在一个或多个网络上的用户之间的专用IP语音（VoIP）通信。 本发明提供了用于保护包含在镜像网络业务中的数据的隐私的各种技术。 使用本发明的技术，包括机密，特权，私有或其他敏感数据的网络业务可以以这样的方式被镜像，以便通过至少一部分（如果不是全部）的所有镜像通信提供这样的数据的隐私， 镜像源点和镜像目标点。