WO2007005544A3 - Active packet content analyzer for communications network - Google Patents
Active packet content analyzer for communications network Download PDFInfo
- Publication number
- WO2007005544A3 WO2007005544A3 PCT/US2006/025436 US2006025436W WO2007005544A3 WO 2007005544 A3 WO2007005544 A3 WO 2007005544A3 US 2006025436 W US2006025436 W US 2006025436W WO 2007005544 A3 WO2007005544 A3 WO 2007005544A3
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- network
- terminal
- search engine
- communications network
- data packets
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
- H04L69/22—Parsing or analysis of headers
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/22—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks comprising specially adapted graphical user interfaces [GUI]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0245—Filtering by information in the payload
Abstract
An active packet inspection device for a communications network, comprises a first terminal and a second terminal each adapted to couple the appliance in-line in the network and communicate data packets with network devices. A packet processor is coupled to the first terminal and second terminal and configured to normalize the data packets. A network search engine coupled to the packet processor and the memory, and configured to compare the data packets with the stored signatures, and when a match is found and other specified conditions are met, to perform an action identified in an associated rule. In one aspect, the network search engine includes a network search engine controller and a network search engine table including a memory configured to store a plurality of replicated signatures. Advantages of the invention include the ability to perform deep packet inspections actively on a communications network at high-speed.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP06785878.7A EP1908219B1 (en) | 2005-07-01 | 2006-06-19 | Active packet content analyzer for communications network |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US11/174,248 US7499412B2 (en) | 2005-07-01 | 2005-07-01 | Active packet content analyzer for communications network |
US11/174,248 | 2005-07-01 |
Publications (3)
Publication Number | Publication Date |
---|---|
WO2007005544A2 WO2007005544A2 (en) | 2007-01-11 |
WO2007005544A3 true WO2007005544A3 (en) | 2008-06-12 |
WO2007005544B1 WO2007005544B1 (en) | 2008-07-24 |
Family
ID=37589384
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/US2006/025436 WO2007005544A2 (en) | 2005-07-01 | 2006-06-19 | Active packet content analyzer for communications network |
Country Status (3)
Country | Link |
---|---|
US (1) | US7499412B2 (en) |
EP (1) | EP1908219B1 (en) |
WO (1) | WO2007005544A2 (en) |
Families Citing this family (66)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7613179B2 (en) * | 2003-11-26 | 2009-11-03 | Nortel Networks Limited | Technique for tracing source addresses of packets |
US8331234B1 (en) | 2004-09-08 | 2012-12-11 | Q1 Labs Inc. | Network data flow collection and processing |
US8320242B2 (en) * | 2004-12-24 | 2012-11-27 | Net Optics, Inc. | Active response communications network tap |
US7760859B2 (en) * | 2005-03-07 | 2010-07-20 | Net Optics, Inc. | Intelligent communications network tap port aggregator |
US20070081526A1 (en) * | 2005-09-27 | 2007-04-12 | Accton Technology Corporation | Network switch device |
US7970878B1 (en) * | 2005-11-16 | 2011-06-28 | Cisco Technology, Inc. | Method and apparatus for limiting domain name server transaction bandwidth |
US7738403B2 (en) * | 2006-01-23 | 2010-06-15 | Cisco Technology, Inc. | Method for determining the operations performed on packets by a network device |
US8295275B2 (en) * | 2006-03-20 | 2012-10-23 | Intel Corporation | Tagging network I/O transactions in a virtual machine run-time environment |
US8769091B2 (en) | 2006-05-25 | 2014-07-01 | Cisco Technology, Inc. | Method, device and medium for determining operations performed on a packet |
US8041804B2 (en) * | 2006-05-25 | 2011-10-18 | Cisco Technology, Inc. | Utilizing captured IP packets to determine operations performed on packets by a network device |
KR100772523B1 (en) * | 2006-08-01 | 2007-11-01 | 한국전자통신연구원 | Apparatus for detecting intrusion using pattern and method thereof |
US7853679B2 (en) * | 2007-03-12 | 2010-12-14 | Citrix Systems, Inc. | Systems and methods for configuring handling of undefined policy events |
US8631147B2 (en) | 2007-03-12 | 2014-01-14 | Citrix Systems, Inc. | Systems and methods for configuring policy bank invocations |
WO2008112769A2 (en) | 2007-03-12 | 2008-09-18 | Citrix Systems, Inc. | Systems and methods for configuring, applying and managing object-oriented policy expressions for a network device |
US7853678B2 (en) * | 2007-03-12 | 2010-12-14 | Citrix Systems, Inc. | Systems and methods for configuring flow control of policy expressions |
US8490148B2 (en) | 2007-03-12 | 2013-07-16 | Citrix Systems, Inc | Systems and methods for managing application security profiles |
US7865589B2 (en) | 2007-03-12 | 2011-01-04 | Citrix Systems, Inc. | Systems and methods for providing structured policy expressions to represent unstructured data in a network appliance |
US7870277B2 (en) * | 2007-03-12 | 2011-01-11 | Citrix Systems, Inc. | Systems and methods for using object oriented expressions to configure application security policies |
US20080306815A1 (en) * | 2007-06-06 | 2008-12-11 | Nebuad, Inc. | Method and system for inserting targeted data in available spaces of a webpage |
US7853689B2 (en) * | 2007-06-15 | 2010-12-14 | Broadcom Corporation | Multi-stage deep packet inspection for lightweight devices |
US7903576B2 (en) * | 2007-08-07 | 2011-03-08 | Net Optics, Inc. | Methods and arrangement for utilization rate display |
US8094576B2 (en) | 2007-08-07 | 2012-01-10 | Net Optic, Inc. | Integrated switch tap arrangement with visual display arrangement and methods thereof |
US7898984B2 (en) * | 2007-08-07 | 2011-03-01 | Net Optics, Inc. | Enhanced communication network tap port aggregator arrangement and methods thereof |
US7921686B2 (en) * | 2007-08-28 | 2011-04-12 | Cisco Technology, Inc. | Highly scalable architecture for application network appliances |
US8434140B2 (en) * | 2007-11-06 | 2013-04-30 | Barracuda Networks, Inc. | Port hopping and seek you peer to peer traffic control method and system |
KR101112204B1 (en) * | 2007-12-04 | 2012-03-09 | 한국전자통신연구원 | Mobile Advertisement Method |
US7773529B2 (en) | 2007-12-27 | 2010-08-10 | Net Optic, Inc. | Director device and methods thereof |
KR101425621B1 (en) * | 2008-01-15 | 2014-07-31 | 삼성전자주식회사 | Method and system for sharing contents securely |
US9100268B2 (en) * | 2008-02-27 | 2015-08-04 | Alcatel Lucent | Application-aware MPLS tunnel selection |
US20090288104A1 (en) * | 2008-05-19 | 2009-11-19 | Rohati Systems, Inc. | Extensibility framework of a network element |
US8677453B2 (en) | 2008-05-19 | 2014-03-18 | Cisco Technology, Inc. | Highly parallel evaluation of XACML policies |
US8094560B2 (en) * | 2008-05-19 | 2012-01-10 | Cisco Technology, Inc. | Multi-stage multi-core processing of network packets |
US8667556B2 (en) | 2008-05-19 | 2014-03-04 | Cisco Technology, Inc. | Method and apparatus for building and managing policies |
US20100070471A1 (en) * | 2008-09-17 | 2010-03-18 | Rohati Systems, Inc. | Transactional application events |
KR100964375B1 (en) * | 2008-10-31 | 2010-06-17 | 한국전자통신연구원 | Interception Method |
CN101771627B (en) * | 2009-01-05 | 2015-04-08 | 武汉邮电科学研究院 | Equipment and method for analyzing and controlling node real-time deep packet on internet |
US8954725B2 (en) * | 2009-05-08 | 2015-02-10 | Microsoft Technology Licensing, Llc | Sanitization of packets |
US9813448B2 (en) | 2010-02-26 | 2017-11-07 | Ixia | Secured network arrangement and methods thereof |
US8737197B2 (en) | 2010-02-26 | 2014-05-27 | Net Optic, Inc. | Sequential heartbeat packet arrangement and methods thereof |
US9019863B2 (en) * | 2010-02-26 | 2015-04-28 | Net Optics, Inc. | Ibypass high density device and methods thereof |
US9749261B2 (en) | 2010-02-28 | 2017-08-29 | Ixia | Arrangements and methods for minimizing delay in high-speed taps |
US8755293B2 (en) | 2010-02-28 | 2014-06-17 | Net Optics, Inc. | Time machine device and methods thereof |
US8902735B2 (en) | 2010-02-28 | 2014-12-02 | Net Optics, Inc. | Gigabits zero-delay tap and methods thereof |
CN102196478B (en) * | 2010-03-01 | 2014-10-22 | 中兴通讯股份有限公司 | Diagnosis method and system for failure of network management system |
US9122877B2 (en) | 2011-03-21 | 2015-09-01 | Mcafee, Inc. | System and method for malware and network reputation correlation |
US8885506B2 (en) * | 2011-06-14 | 2014-11-11 | Broadcom Corporation | Energy efficiency ethernet with assymetric low power idle |
US9106680B2 (en) * | 2011-06-27 | 2015-08-11 | Mcafee, Inc. | System and method for protocol fingerprinting and reputation correlation |
US10140049B2 (en) | 2012-02-24 | 2018-11-27 | Missing Link Electronics, Inc. | Partitioning systems operating in multiple domains |
US8931043B2 (en) | 2012-04-10 | 2015-01-06 | Mcafee Inc. | System and method for determining and using local reputations of users and hosts to protect information in a network environment |
US9565213B2 (en) | 2012-10-22 | 2017-02-07 | Centripetal Networks, Inc. | Methods and systems for protecting a secured network |
US9137205B2 (en) | 2012-10-22 | 2015-09-15 | Centripetal Networks, Inc. | Methods and systems for protecting a secured network |
US9203806B2 (en) | 2013-01-11 | 2015-12-01 | Centripetal Networks, Inc. | Rule swapping in a packet network |
US9906445B2 (en) * | 2013-02-01 | 2018-02-27 | Texas Instruments Incorporated | Packet processing match and action pipeline structure with dependency calculation removing false dependencies |
US9124552B2 (en) | 2013-03-12 | 2015-09-01 | Centripetal Networks, Inc. | Filtering network data transfers |
US20140269299A1 (en) * | 2013-03-14 | 2014-09-18 | Hewlett-Packard Development Company, L.P. | Network controller normalization of network traffic |
US9094445B2 (en) | 2013-03-15 | 2015-07-28 | Centripetal Networks, Inc. | Protecting networks from cyber attacks and overloading |
CN103384281B (en) * | 2013-06-26 | 2016-08-24 | 天津汉柏汉安信息技术有限公司 | A kind of method preventing EZVPN dialing failed |
US9264370B1 (en) | 2015-02-10 | 2016-02-16 | Centripetal Networks, Inc. | Correlating packets in communications networks |
US9866576B2 (en) | 2015-04-17 | 2018-01-09 | Centripetal Networks, Inc. | Rule-based network-threat detection |
JP2017011580A (en) * | 2015-06-24 | 2017-01-12 | キヤノン株式会社 | Communication device, control method, and program |
US9917856B2 (en) | 2015-12-23 | 2018-03-13 | Centripetal Networks, Inc. | Rule-based network-threat detection for encrypted communications |
US11729144B2 (en) | 2016-01-04 | 2023-08-15 | Centripetal Networks, Llc | Efficient packet capture for cyber threat analysis |
US10503899B2 (en) | 2017-07-10 | 2019-12-10 | Centripetal Networks, Inc. | Cyberanalysis workflow acceleration |
US10333898B1 (en) | 2018-07-09 | 2019-06-25 | Centripetal Networks, Inc. | Methods and systems for efficient network protection |
US11316823B2 (en) | 2020-08-27 | 2022-04-26 | Centripetal Networks, Inc. | Methods and systems for efficient virtualization of inline transparent computer networking devices |
US11362996B2 (en) | 2020-10-27 | 2022-06-14 | Centripetal Networks, Inc. | Methods and systems for efficient adaptive logging of cyber threat incidents |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5648965A (en) * | 1995-07-07 | 1997-07-15 | Sun Microsystems, Inc. | Method and apparatus for dynamic distributed packet tracing and analysis |
US20030142666A1 (en) * | 2002-01-25 | 2003-07-31 | Bonney Jordan C. | Distributed packet capture and aggregation |
US6882654B1 (en) * | 2000-11-14 | 2005-04-19 | Cisco Technology, Inc. | Packet data analysis with efficient buffering scheme |
Family Cites Families (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP3214454B2 (en) * | 1998-09-03 | 2001-10-02 | 日本電気株式会社 | Packet processing device with built-in program |
US6895005B1 (en) * | 2001-04-23 | 2005-05-17 | Sprint Spectrum L.P. | Business logic server for facilitating the transmission of a data download to a mobile wireless unit |
AU2003299960A1 (en) * | 2002-12-20 | 2004-07-22 | Metanetworks Inc. | Packet inspection |
US7082044B2 (en) * | 2003-03-12 | 2006-07-25 | Sensory Networks, Inc. | Apparatus and method for memory efficient, programmable, pattern matching finite state machine hardware |
US7463590B2 (en) * | 2003-07-25 | 2008-12-09 | Reflex Security, Inc. | System and method for threat detection and response |
US8181258B2 (en) * | 2003-11-26 | 2012-05-15 | Agere Systems Inc. | Access control list constructed as a tree of matching tables |
-
2005
- 2005-07-01 US US11/174,248 patent/US7499412B2/en active Active
-
2006
- 2006-06-19 EP EP06785878.7A patent/EP1908219B1/en active Active
- 2006-06-19 WO PCT/US2006/025436 patent/WO2007005544A2/en active Application Filing
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5648965A (en) * | 1995-07-07 | 1997-07-15 | Sun Microsystems, Inc. | Method and apparatus for dynamic distributed packet tracing and analysis |
US6882654B1 (en) * | 2000-11-14 | 2005-04-19 | Cisco Technology, Inc. | Packet data analysis with efficient buffering scheme |
US20030142666A1 (en) * | 2002-01-25 | 2003-07-31 | Bonney Jordan C. | Distributed packet capture and aggregation |
Also Published As
Publication number | Publication date |
---|---|
US7499412B2 (en) | 2009-03-03 |
EP1908219A2 (en) | 2008-04-09 |
WO2007005544A2 (en) | 2007-01-11 |
WO2007005544B1 (en) | 2008-07-24 |
EP1908219A4 (en) | 2016-08-10 |
US20070002769A1 (en) | 2007-01-04 |
EP1908219B1 (en) | 2018-03-21 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2007005544A3 (en) | Active packet content analyzer for communications network | |
WO2007005124A3 (en) | Caller-callee association of a plurality of networked devices | |
MX2007001385A (en) | Ad-hoc network and method employing globally optimized routes for packets. | |
WO2008091823A3 (en) | Multi-link support for network based mobility management systems | |
NO20082353L (en) | Voting protocols for wireless systems | |
WO2006028674A3 (en) | A system and method for sharing an ip address | |
WO2007080558A3 (en) | Communications network system and methods for using same | |
ATE535124T1 (en) | RESTORING CONNECTION VIA ALTERNATIVE ACCESS NETWORKS | |
WO2007095546A3 (en) | Hotspot communication limiter | |
WO2007041662A3 (en) | Secured media communication across enterprise gateway | |
HK1094253A1 (en) | Communications system with data storage device interface protocol connectors and related methods | |
WO2007078672A3 (en) | Performing a cyclic redundancy checksum operation responsive to a user-level instruction | |
WO2007053768A3 (en) | Dynamic processing of virtual identities for mobile communications devices | |
ATE350853T1 (en) | DATA SHARING IN A MULTIMEDIA COMMUNICATION SYSTEM | |
GB2444457A (en) | Method for dynamic sensor network processing | |
WO2008005376A3 (en) | Implementation of malware countermeasures in a network device | |
WO2006072064A3 (en) | System and method for cache coherency in a cache with different cache location lengths | |
WO2008042453A3 (en) | Autonomous system-based edge marking (asem) for internet protocol (ip) traceback | |
WO2006072240A3 (en) | Communications system, method for controlling a communications system, network access device and method for controlling a network access device | |
WO2007103948A3 (en) | Method and apparatus for communicating with a wireless network using a single address for multiple processors | |
WO2007003992A3 (en) | Method, system & computer program product for discovering characteristics of middleboxes | |
WO2007136937A3 (en) | Implementation of reflexive access control lists on distributed platforms | |
WO2009055167A3 (en) | Scheduling of data packets over an air interface of a cellular communication system | |
CA2645274A1 (en) | Peer to peer gateway | |
GB0613590D0 (en) | Multisided sharing of dynamic data in a wireless test environment |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
NENP | Non-entry into the national phase |
Ref country code: DE |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2006785878 Country of ref document: EP |