-
公开(公告)号:WO2017036535A1
公开(公告)日:2017-03-09
申请号:PCT/EP2015/070160
申请日:2015-09-03
发明人: GAL-OR, Eshed , GAMPEL, Eran
CPC分类号: H04L43/04 , H04L41/046 , H04L43/026 , H04L43/028 , H04L43/12 , H04L67/1008 , H04L67/1029 , Y02D50/30
摘要: The present invention provides a system (100) for managing at least one network service (101). The system (100) comprises at least one network node (102) including at least one connection tracking module (103), which is configured to perform connection tracking on at least one packet belonging to a network service session. Further, the system also comprises at least one external data storage or memory (104) configured to store connection tracking data obtained by the at least one connection tracking module (103 9, and to share the stored connection tracking data (105) across all network nodes (102).
摘要翻译: 本发明提供一种用于管理至少一个网络服务(101)的系统(100)。 该系统(100)包括至少一个网络节点(102),其包括至少一个连接跟踪模块(103),其被配置为对属于网络服务会话的至少一个分组执行连接跟踪。 此外,该系统还包括至少一个外部数据存储器或存储器(104),其被配置为存储由至少一个连接跟踪模块(103,9)获得的连接跟踪数据,并且跨所有网络共享所存储的连接跟踪数据(105) 节点(102)。
-
2.发明申请SYSTEM AND METHOD FOR DETECTING AND PREVENTING NETWORK INTRUSION OF MALICIOUS DATA FLOWS 审中-公开用于检测和防止恶意数据流的网络入侵的系统和方法
公开(公告)号:WO2017220139A1
公开(公告)日:2017-12-28
申请号:PCT/EP2016/064422
申请日:2016-06-22
发明人: SNAPIRI, Shachar , GAL-OR, Eshed , GAMPEL, Eran , BARON, Ayal
CPC分类号: H04L63/1416 , G06F16/27 , G06F21/554 , H04L47/2441 , H04L63/0245 , H04L63/0254 , H04L63/1425
摘要: The present invention provides a system for detecting and preventing the intrusion of malicious data flows in a software defined network (SDN). The system comprises at least one data storage or memory, configured to store flow states of data flows, and to share and update the flow states across the system, at least one shared-state forwarding element (FE) configured to block, forward, or replicate a received data flow based on a flow state of the data flow and/or a comparison of the data flow with predetermined patterns, and at least one inspection element (IE), configured to receive a replicated data flow, and to classify, whether the data flow is malicious or allowed. The IE is configured to alter the flow state of the data flow according to a classification result. The present invention provides a corresponding method for detecting and preventing intrusion of malicious data flows in a SDN.
摘要翻译: 本发明提供了一种用于检测和防止恶意数据流入侵软件定义网络(SDN)的系统。 该系统包括至少一个数据存储器或存储器,被配置为存储数据流的流状态并且共享并更新系统上的流状态,至少一个共享状态转发元件(FE)被配置为阻止,转发或者 基于所述数据流的流状态和/或所述数据流与预定模式的比较来复制所接收的数据流,以及至少一个检查元件(IE),其被配置为接收复制的数据流并且分类 数据流是恶意的或被允许的。 IE被配置为根据分类结果来改变数据流的流状态。 本发明提供了一种检测和防止恶意数据流入侵SDN的相应方法。
-
公开(公告)号:WO2017071780A1
公开(公告)日:2017-05-04
申请号:PCT/EP2015/075345
申请日:2015-10-30
发明人: GAL-OR, Eshed , GAMPEL, Eran , MEYTIN, Dmitry , BARON, Ayal
CPC分类号: G06F9/45533 , G06F9/5088 , G06F11/3433 , G06F2009/4557 , G06F2009/45591 , G06F2209/508 , H04L41/12
摘要: A system of mapping virtualized network environment data, comprising: at least one interface adapted to receive data from a plurality of virtual switches (204) in a virtualized network environment to detect a plurality of communication requests (401, 402) to establish communication between at least two of a plurality of virtual machines (201) in the virtualized network environment; and at least one processor adapted to: extract from each one of the plurality of communication requests a physical host (202) of each of the at least two virtual machines; and update (403) a topology dataset mapping at least one communication characteristic of data communication between the plurality of virtual machines and a physical host of each one of the plurality of virtual machines.
摘要翻译: 一种映射虚拟化网络环境数据的系统,包括:至少一个接口,适于从虚拟化网络环境中的多个虚拟交换机(204)接收数据以检测多个通信请求(401 ,402)在所述虚拟化网络环境中的多个虚拟机(201)中的至少两个虚拟机之间建立通信; 以及至少一个处理器,其适于:从所述多个通信请求中的每一个通信请求中提取所述至少两个虚拟机中的每一个的物理主机(202) 并且更新(403)拓扑数据集映射多个虚拟机与多个虚拟机中的每一个的物理主机之间的数据通信的至少一个通信特性。
-
公开(公告)号:WO2017037265A1
公开(公告)日:2017-03-09
申请号:PCT/EP2016/070776
申请日:2016-09-02
发明人: GAL-OR, Eshed , GAMPEL, Eran
CPC分类号: H04L43/04 , H04L41/046 , H04L43/026 , H04L43/028 , H04L43/12 , H04L67/1008 , H04L67/1029 , Y02D50/30
摘要: The present invention provides a system (100) for managing at least one network service (101). The system (100) comprises at least one network node (102) including at least one connection tracking module (103), which is configured to perform connection tracking on at least one packet belonging to a network service session. Further, the system also comprises at least one external data storage or memory (104) configured to store connection tracking data obtained by the at least one connection tracking module (103), and to share the stored connection tracking data (105) across all network nodes (102).
摘要翻译: 本发明提供一种用于管理至少一个网络服务(101)的系统(100)。 该系统(100)包括至少一个包括至少一个连接跟踪模块(103)的网络节点(102),其被配置为对属于网络服务会话的至少一个分组执行连接跟踪。 此外,该系统还包括被配置为存储由至少一个连接跟踪模块(103)获得的连接跟踪数据的至少一个外部数据存储器或存储器(104),并且跨所有网络共享存储的连接跟踪数据(105) 节点(102)。
-
公开(公告)号:WO2017108119A1
公开(公告)日:2017-06-29
申请号:PCT/EP2015/081101
申请日:2015-12-23
发明人: SAGIE, Gal , GAL-OR, Eshed
CPC分类号: G06F9/5066 , G06F9/5072 , H04L41/12
摘要: The present invention relates to a method for discovering network-level proximity between nodes (141, 143, 205, 206) of a software-defined data centre, SDDC, (100, 200), wherein the SDDC (100, 200) comprises hosts (111-118, 121-128, 211-218, 221-228), each host being connected to one of the nodes (141, 143, 205, 206), the method comprising discovering the network-level proximity between the nodes based on a software-defined networking, SDN, control plane protocol.
摘要翻译: 本发明涉及一种用于发现软件定义数据中心SDDC(100,200)的节点(141,143,205,206)之间的网络级接近度的方法,其中所述 SDDC(100,200)包括主机(111-118,121-128,211-218,221-228),每个主机连接到节点(141,143,205,206)之一,该方法包括发现 基于软件定义网络,SDN,控制平面协议的节点之间的网络级接近度。
-
公开(公告)号:WO2017097352A1
公开(公告)日:2017-06-15
申请号:PCT/EP2015/079117
申请日:2015-12-09
发明人: GAL-OR, Eshed , GAMPEL, Eran , BARON, Ayal
CPC分类号: H04L43/04 , H04L41/5019 , H04L43/12 , H04L63/1441
摘要: The present invention provides a system 100 for managing a network. The system 100 comprises at least one service network node 102 including at least one connection tracking module 103, which is configured to perform connection tracking on at least one packet belonging to a network service session. Further, the system 100 also comprises at least one external data storage or memory 104 configured to store connection tracking data obtained by the at least one connection tracking module 103. Finally, the system 100 comprises an application network node 106 including a common application layer configured to drive at least one application 108 based on the stored connection tracking data 105.
摘要翻译: 本发明提供了一种用于管理网络的系统100。 系统100包括至少一个服务网络节点102,服务网络节点102包括至少一个连接跟踪模块103,其被配置为对属于网络服务会话的至少一个分组执行连接跟踪。 此外,系统100还包括至少一个外部数据存储器或存储器104,其被配置为存储由至少一个连接跟踪模块103获得的连接跟踪数据。最后,系统100包括应用网络节点106,其包括配置的公共应用层 基于所存储的连接跟踪数据105来驱动至少一个应用程序108.
-
7.发明申请METHOD, COMPUTING DEVICE AND SYSTEM FOR INVOKING SOFTWARE APPLICATION METHODS OF REMOTE JAVA OBJECTS 审中-公开方法,用于调用远程JAVA对象的软件应用方法的计算设备和系统
公开(公告)号:WO2016012048A1
公开(公告)日:2016-01-28
申请号:PCT/EP2014/065995
申请日:2014-07-25
发明人: GAL-OR, Eshed , PORAT, Hayim
CPC分类号: H04L47/125 , G06F9/505 , G06F9/5072 , G06F9/548 , G06F2209/5015 , G06F2209/542 , H04L41/0233 , H04L41/0896 , H04L67/1002 , H04L67/42
摘要: The present invention provides a method (100), system (200, 300) and computing device configured for invoking software application methods of remote Java objects. Therein, a client (201) sends (101) at least one remote Java application object request to at least one of a plurality of Java application server instances (202). An SDN application (204) located in the network path between the client (201) and the plurality of Java application server instances (202) receives (102) the at least one remote Java application object request, and forwards (103) the at least one remote Java application object request to the plurality of Java application server instances (202). Then, the SDN application (204) generates at least one remote Java application object pool (302) based on object references received from the plurality of Java application server instances (202) in response to the at least one forwarded remote Java application object request. When the SDN application (204) receives at least one remote Java application method invocation request sent by the client (201) associated with the at least one remote Java application object request, it delegates the at least one remote Java application method invocation request to one or more of the plurality of Java application server instances (202).
摘要翻译: 本发明提供了一种配置用于调用远程Java对象的软件应用方法的方法(100),系统(200,300)和计算设备。 其中,客户端(201)向至少一个Java应用服务器实例(202)发送(101)至少一个远程Java应用对象请求。 位于客户机(201)和多个Java应用服务器实例(202)之间的网络路径中的SDN应用(204)接收(102)该至少一个远程Java应用对象请求,并且至少 向多个Java应用服务器实例(202)发送一个远程Java应用程序对象请求。 然后,响应于至少一个转发的远程Java应用对象请求,SDN应用(204)基于从多个Java应用服务器实例(202)接收的对象引用,生成至少一个远程Java应用对象池(302)。 当SDN应用程序(204)接收到与至少一个远程Java应用程序对象请求相关联的由客户端(201)发送的至少一个远程Java应用程序方法调用请求时,它将至少一个远程Java应用程序方法调用请求委派给一个 或多个Java应用服务器实例(202)中。
-
-
-
-
-
-
搜索结果
7 条记录 (耗时 0.01 秒)
