-
公开(公告)号:US06898632B2
公开(公告)日:2005-05-24
申请号:US10409006
申请日:2003-04-07
IPC分类号: G06F9/44 , G06F15/16 , G06F15/173
CPC分类号: H04L63/1408 , H04L63/0227
摘要: A system and method is presented for analyzing information in a communication line for unwanted intrusions and for allowing information to be transmitted back into the communication line without disrupting the communication traffic when an intrusion is detected. The system and method includes a security tap connected to a firewall. The security tap is also connected to an intrusion detection device. The intrusion detection device analyzes the information in the communication line for indicia of attempts to compromise the network. When such indicia is detected, the intrusion detection device sends a “kill” data packet back through the security tap and directed back to the communication line to the firewall to instruct the firewall to prevent further communications into the network by the intrusive source. An Ethernet switch or field programmable gate array (FPGA) is incorporated in the security tap to coordinate the transmission of the “kill” data packet to avoid data collisions with data transmissions already existing in the communication line.
-
公开(公告)号:US07505416B2
公开(公告)日:2009-03-17
申请号:US10776579
申请日:2004-02-11
IPC分类号: G01R31/08
CPC分类号: H04L63/02 , H04L63/0209 , H04L63/1408
摘要: A system and method is presented for a network tap having integrated circuitry therein for obtaining statistics about a communication line. The network tap also has a routing node for allowing information to be transmitted back into the communication line from an attached device without disrupting the communication traffic. The routing node coordinates the transmission of device data from an attached device to avoid data collisions with data transmissions already existing in the communication line. The routing node may be an Ethernet switch or field programmable gate array (FPGA). The integrated circuit may be a microprocessor or FPGA. The integrated circuit also controls other components of the network tap. The integrated circuit may also be programmed or upgraded to provide other functions.
摘要翻译: 提出了一种用于其中具有集成电路的网络抽头的系统和方法,用于获得关于通信线路的统计信息。 网络抽头还具有路由节点,用于允许信息从连接的设备传回到通信线路中,而不中断通信流量。 路由节点协调来自附加设备的设备数据的传输,以避免与通信线路中已经存在的数据传输的数据冲突。 路由节点可以是以太网交换机或现场可编程门阵列(FPGA)。 集成电路可以是微处理器或FPGA。 集成电路还控制网络分接头的其他组件。 集成电路也可以被编程或升级以提供其他功能。
-
公开(公告)号:US07613837B2
公开(公告)日:2009-11-03
申请号:US10735417
申请日:2003-12-12
IPC分类号: G06F15/16
CPC分类号: H04L43/12 , H04L43/50 , H04L63/1416
摘要: A network tap for enabling attached devices, such as an intrusion detection system, to transmit information into a communication line of the network without disrupting the network traffic on the communication line. When the attached device is an intrusion detection device, the network tap is connected to a firewall. An Ethernet switch or field programmable gate array (FPGA) is incorporated in the network tap to coordinate the transmission of device data to avoid data collisions with data transmissions already existing in the communication line. The network tap may be operated in various modes to accommodate different capabilities of attached devices. In addition, the network tap has various port configurations to allow a user to connect various attached devices through a single cable or dual cables.
摘要翻译: 一种网络抽头,用于使诸如入侵检测系统的附加设备能够将信息传输到网络的通信线路中,而不会中断通信线路上的网络流量。 当连接的设备是入侵检测设备时,网络点击连接到防火墙。 以太网交换机或现场可编程门阵列(FPGA)被并入网络抽头中以协调设备数据的传输,以避免与已经存在于通信线路中的数据传输的数据冲突。 网络抽头可以以各种模式操作以适应连接的设备的不同能力。 此外,网络抽头具有各种端口配置,允许用户通过单根电缆或双电缆连接各种连接的设备。
-
-
搜索结果
3 条记录 (耗时 0.022 秒)
