WO2007005544A3 - Active packet content analyzer for communications network - Google Patents

Active packet content analyzer for communications network Download PDF

Info

Publication number
WO2007005544A3
WO2007005544A3 PCT/US2006/025436 US2006025436W WO2007005544A3 WO 2007005544 A3 WO2007005544 A3 WO 2007005544A3 US 2006025436 W US2006025436 W US 2006025436W WO 2007005544 A3 WO2007005544 A3 WO 2007005544A3
Authority
WO
WIPO (PCT)
Prior art keywords
network
terminal
search engine
communications network
data packets
Prior art date
Application number
PCT/US2006/025436
Other languages
French (fr)
Other versions
WO2007005544A2 (en
WO2007005544B1 (en
Inventor
Eldad Matityahu
Robert E Shaw
Khalid Masood
Ali-Moosa R Syed
Siuman Hui
Bhagyashri Bhagvat
Anis Ur Rahman
Original Assignee
Net Optics Inc
Eldad Matityahu
Robert E Shaw
Khalid Masood
Ali-Moosa R Syed
Siuman Hui
Bhagyashri Bhagvat
Anis Ur Rahman
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Net Optics Inc, Eldad Matityahu, Robert E Shaw, Khalid Masood, Ali-Moosa R Syed, Siuman Hui, Bhagyashri Bhagvat, Anis Ur Rahman filed Critical Net Optics Inc
Priority to EP06785878.7A priority Critical patent/EP1908219B1/en
Publication of WO2007005544A2 publication Critical patent/WO2007005544A2/en
Publication of WO2007005544A3 publication Critical patent/WO2007005544A3/en
Publication of WO2007005544B1 publication Critical patent/WO2007005544B1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/22Parsing or analysis of headers
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/22Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks comprising specially adapted graphical user interfaces [GUI]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • H04L63/0245Filtering by information in the payload

Abstract

An active packet inspection device for a communications network, comprises a first terminal and a second terminal each adapted to couple the appliance in-line in the network and communicate data packets with network devices. A packet processor is coupled to the first terminal and second terminal and configured to normalize the data packets. A network search engine coupled to the packet processor and the memory, and configured to compare the data packets with the stored signatures, and when a match is found and other specified conditions are met, to perform an action identified in an associated rule. In one aspect, the network search engine includes a network search engine controller and a network search engine table including a memory configured to store a plurality of replicated signatures. Advantages of the invention include the ability to perform deep packet inspections actively on a communications network at high-speed.
PCT/US2006/025436 2005-07-01 2006-06-19 Active packet content analyzer for communications network WO2007005544A2 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
EP06785878.7A EP1908219B1 (en) 2005-07-01 2006-06-19 Active packet content analyzer for communications network

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US11/174,248 US7499412B2 (en) 2005-07-01 2005-07-01 Active packet content analyzer for communications network
US11/174,248 2005-07-01

Publications (3)

Publication Number Publication Date
WO2007005544A2 WO2007005544A2 (en) 2007-01-11
WO2007005544A3 true WO2007005544A3 (en) 2008-06-12
WO2007005544B1 WO2007005544B1 (en) 2008-07-24

Family

ID=37589384

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2006/025436 WO2007005544A2 (en) 2005-07-01 2006-06-19 Active packet content analyzer for communications network

Country Status (3)

Country Link
US (1) US7499412B2 (en)
EP (1) EP1908219B1 (en)
WO (1) WO2007005544A2 (en)

Families Citing this family (66)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7613179B2 (en) * 2003-11-26 2009-11-03 Nortel Networks Limited Technique for tracing source addresses of packets
US8331234B1 (en) 2004-09-08 2012-12-11 Q1 Labs Inc. Network data flow collection and processing
US8320242B2 (en) * 2004-12-24 2012-11-27 Net Optics, Inc. Active response communications network tap
US7760859B2 (en) * 2005-03-07 2010-07-20 Net Optics, Inc. Intelligent communications network tap port aggregator
US20070081526A1 (en) * 2005-09-27 2007-04-12 Accton Technology Corporation Network switch device
US7970878B1 (en) * 2005-11-16 2011-06-28 Cisco Technology, Inc. Method and apparatus for limiting domain name server transaction bandwidth
US7738403B2 (en) * 2006-01-23 2010-06-15 Cisco Technology, Inc. Method for determining the operations performed on packets by a network device
US8295275B2 (en) * 2006-03-20 2012-10-23 Intel Corporation Tagging network I/O transactions in a virtual machine run-time environment
US8769091B2 (en) 2006-05-25 2014-07-01 Cisco Technology, Inc. Method, device and medium for determining operations performed on a packet
US8041804B2 (en) * 2006-05-25 2011-10-18 Cisco Technology, Inc. Utilizing captured IP packets to determine operations performed on packets by a network device
KR100772523B1 (en) * 2006-08-01 2007-11-01 한국전자통신연구원 Apparatus for detecting intrusion using pattern and method thereof
US7853679B2 (en) * 2007-03-12 2010-12-14 Citrix Systems, Inc. Systems and methods for configuring handling of undefined policy events
US8631147B2 (en) 2007-03-12 2014-01-14 Citrix Systems, Inc. Systems and methods for configuring policy bank invocations
WO2008112769A2 (en) 2007-03-12 2008-09-18 Citrix Systems, Inc. Systems and methods for configuring, applying and managing object-oriented policy expressions for a network device
US7853678B2 (en) * 2007-03-12 2010-12-14 Citrix Systems, Inc. Systems and methods for configuring flow control of policy expressions
US8490148B2 (en) 2007-03-12 2013-07-16 Citrix Systems, Inc Systems and methods for managing application security profiles
US7865589B2 (en) 2007-03-12 2011-01-04 Citrix Systems, Inc. Systems and methods for providing structured policy expressions to represent unstructured data in a network appliance
US7870277B2 (en) * 2007-03-12 2011-01-11 Citrix Systems, Inc. Systems and methods for using object oriented expressions to configure application security policies
US20080306815A1 (en) * 2007-06-06 2008-12-11 Nebuad, Inc. Method and system for inserting targeted data in available spaces of a webpage
US7853689B2 (en) * 2007-06-15 2010-12-14 Broadcom Corporation Multi-stage deep packet inspection for lightweight devices
US7903576B2 (en) * 2007-08-07 2011-03-08 Net Optics, Inc. Methods and arrangement for utilization rate display
US8094576B2 (en) 2007-08-07 2012-01-10 Net Optic, Inc. Integrated switch tap arrangement with visual display arrangement and methods thereof
US7898984B2 (en) * 2007-08-07 2011-03-01 Net Optics, Inc. Enhanced communication network tap port aggregator arrangement and methods thereof
US7921686B2 (en) * 2007-08-28 2011-04-12 Cisco Technology, Inc. Highly scalable architecture for application network appliances
US8434140B2 (en) * 2007-11-06 2013-04-30 Barracuda Networks, Inc. Port hopping and seek you peer to peer traffic control method and system
KR101112204B1 (en) * 2007-12-04 2012-03-09 한국전자통신연구원 Mobile Advertisement Method
US7773529B2 (en) 2007-12-27 2010-08-10 Net Optic, Inc. Director device and methods thereof
KR101425621B1 (en) * 2008-01-15 2014-07-31 삼성전자주식회사 Method and system for sharing contents securely
US9100268B2 (en) * 2008-02-27 2015-08-04 Alcatel Lucent Application-aware MPLS tunnel selection
US20090288104A1 (en) * 2008-05-19 2009-11-19 Rohati Systems, Inc. Extensibility framework of a network element
US8677453B2 (en) 2008-05-19 2014-03-18 Cisco Technology, Inc. Highly parallel evaluation of XACML policies
US8094560B2 (en) * 2008-05-19 2012-01-10 Cisco Technology, Inc. Multi-stage multi-core processing of network packets
US8667556B2 (en) 2008-05-19 2014-03-04 Cisco Technology, Inc. Method and apparatus for building and managing policies
US20100070471A1 (en) * 2008-09-17 2010-03-18 Rohati Systems, Inc. Transactional application events
KR100964375B1 (en) * 2008-10-31 2010-06-17 한국전자통신연구원 Interception Method
CN101771627B (en) * 2009-01-05 2015-04-08 武汉邮电科学研究院 Equipment and method for analyzing and controlling node real-time deep packet on internet
US8954725B2 (en) * 2009-05-08 2015-02-10 Microsoft Technology Licensing, Llc Sanitization of packets
US9813448B2 (en) 2010-02-26 2017-11-07 Ixia Secured network arrangement and methods thereof
US8737197B2 (en) 2010-02-26 2014-05-27 Net Optic, Inc. Sequential heartbeat packet arrangement and methods thereof
US9019863B2 (en) * 2010-02-26 2015-04-28 Net Optics, Inc. Ibypass high density device and methods thereof
US9749261B2 (en) 2010-02-28 2017-08-29 Ixia Arrangements and methods for minimizing delay in high-speed taps
US8755293B2 (en) 2010-02-28 2014-06-17 Net Optics, Inc. Time machine device and methods thereof
US8902735B2 (en) 2010-02-28 2014-12-02 Net Optics, Inc. Gigabits zero-delay tap and methods thereof
CN102196478B (en) * 2010-03-01 2014-10-22 中兴通讯股份有限公司 Diagnosis method and system for failure of network management system
US9122877B2 (en) 2011-03-21 2015-09-01 Mcafee, Inc. System and method for malware and network reputation correlation
US8885506B2 (en) * 2011-06-14 2014-11-11 Broadcom Corporation Energy efficiency ethernet with assymetric low power idle
US9106680B2 (en) * 2011-06-27 2015-08-11 Mcafee, Inc. System and method for protocol fingerprinting and reputation correlation
US10140049B2 (en) 2012-02-24 2018-11-27 Missing Link Electronics, Inc. Partitioning systems operating in multiple domains
US8931043B2 (en) 2012-04-10 2015-01-06 Mcafee Inc. System and method for determining and using local reputations of users and hosts to protect information in a network environment
US9565213B2 (en) 2012-10-22 2017-02-07 Centripetal Networks, Inc. Methods and systems for protecting a secured network
US9137205B2 (en) 2012-10-22 2015-09-15 Centripetal Networks, Inc. Methods and systems for protecting a secured network
US9203806B2 (en) 2013-01-11 2015-12-01 Centripetal Networks, Inc. Rule swapping in a packet network
US9906445B2 (en) * 2013-02-01 2018-02-27 Texas Instruments Incorporated Packet processing match and action pipeline structure with dependency calculation removing false dependencies
US9124552B2 (en) 2013-03-12 2015-09-01 Centripetal Networks, Inc. Filtering network data transfers
US20140269299A1 (en) * 2013-03-14 2014-09-18 Hewlett-Packard Development Company, L.P. Network controller normalization of network traffic
US9094445B2 (en) 2013-03-15 2015-07-28 Centripetal Networks, Inc. Protecting networks from cyber attacks and overloading
CN103384281B (en) * 2013-06-26 2016-08-24 天津汉柏汉安信息技术有限公司 A kind of method preventing EZVPN dialing failed
US9264370B1 (en) 2015-02-10 2016-02-16 Centripetal Networks, Inc. Correlating packets in communications networks
US9866576B2 (en) 2015-04-17 2018-01-09 Centripetal Networks, Inc. Rule-based network-threat detection
JP2017011580A (en) * 2015-06-24 2017-01-12 キヤノン株式会社 Communication device, control method, and program
US9917856B2 (en) 2015-12-23 2018-03-13 Centripetal Networks, Inc. Rule-based network-threat detection for encrypted communications
US11729144B2 (en) 2016-01-04 2023-08-15 Centripetal Networks, Llc Efficient packet capture for cyber threat analysis
US10503899B2 (en) 2017-07-10 2019-12-10 Centripetal Networks, Inc. Cyberanalysis workflow acceleration
US10333898B1 (en) 2018-07-09 2019-06-25 Centripetal Networks, Inc. Methods and systems for efficient network protection
US11316823B2 (en) 2020-08-27 2022-04-26 Centripetal Networks, Inc. Methods and systems for efficient virtualization of inline transparent computer networking devices
US11362996B2 (en) 2020-10-27 2022-06-14 Centripetal Networks, Inc. Methods and systems for efficient adaptive logging of cyber threat incidents

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5648965A (en) * 1995-07-07 1997-07-15 Sun Microsystems, Inc. Method and apparatus for dynamic distributed packet tracing and analysis
US20030142666A1 (en) * 2002-01-25 2003-07-31 Bonney Jordan C. Distributed packet capture and aggregation
US6882654B1 (en) * 2000-11-14 2005-04-19 Cisco Technology, Inc. Packet data analysis with efficient buffering scheme

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP3214454B2 (en) * 1998-09-03 2001-10-02 日本電気株式会社 Packet processing device with built-in program
US6895005B1 (en) * 2001-04-23 2005-05-17 Sprint Spectrum L.P. Business logic server for facilitating the transmission of a data download to a mobile wireless unit
AU2003299960A1 (en) * 2002-12-20 2004-07-22 Metanetworks Inc. Packet inspection
US7082044B2 (en) * 2003-03-12 2006-07-25 Sensory Networks, Inc. Apparatus and method for memory efficient, programmable, pattern matching finite state machine hardware
US7463590B2 (en) * 2003-07-25 2008-12-09 Reflex Security, Inc. System and method for threat detection and response
US8181258B2 (en) * 2003-11-26 2012-05-15 Agere Systems Inc. Access control list constructed as a tree of matching tables

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5648965A (en) * 1995-07-07 1997-07-15 Sun Microsystems, Inc. Method and apparatus for dynamic distributed packet tracing and analysis
US6882654B1 (en) * 2000-11-14 2005-04-19 Cisco Technology, Inc. Packet data analysis with efficient buffering scheme
US20030142666A1 (en) * 2002-01-25 2003-07-31 Bonney Jordan C. Distributed packet capture and aggregation

Also Published As

Publication number Publication date
US7499412B2 (en) 2009-03-03
EP1908219A2 (en) 2008-04-09
WO2007005544A2 (en) 2007-01-11
WO2007005544B1 (en) 2008-07-24
EP1908219A4 (en) 2016-08-10
US20070002769A1 (en) 2007-01-04
EP1908219B1 (en) 2018-03-21

Similar Documents

Publication Publication Date Title
WO2007005544A3 (en) Active packet content analyzer for communications network
WO2007005124A3 (en) Caller-callee association of a plurality of networked devices
MX2007001385A (en) Ad-hoc network and method employing globally optimized routes for packets.
WO2008091823A3 (en) Multi-link support for network based mobility management systems
NO20082353L (en) Voting protocols for wireless systems
WO2006028674A3 (en) A system and method for sharing an ip address
WO2007080558A3 (en) Communications network system and methods for using same
ATE535124T1 (en) RESTORING CONNECTION VIA ALTERNATIVE ACCESS NETWORKS
WO2007095546A3 (en) Hotspot communication limiter
WO2007041662A3 (en) Secured media communication across enterprise gateway
HK1094253A1 (en) Communications system with data storage device interface protocol connectors and related methods
WO2007078672A3 (en) Performing a cyclic redundancy checksum operation responsive to a user-level instruction
WO2007053768A3 (en) Dynamic processing of virtual identities for mobile communications devices
ATE350853T1 (en) DATA SHARING IN A MULTIMEDIA COMMUNICATION SYSTEM
GB2444457A (en) Method for dynamic sensor network processing
WO2008005376A3 (en) Implementation of malware countermeasures in a network device
WO2006072064A3 (en) System and method for cache coherency in a cache with different cache location lengths
WO2008042453A3 (en) Autonomous system-based edge marking (asem) for internet protocol (ip) traceback
WO2006072240A3 (en) Communications system, method for controlling a communications system, network access device and method for controlling a network access device
WO2007103948A3 (en) Method and apparatus for communicating with a wireless network using a single address for multiple processors
WO2007003992A3 (en) Method, system & computer program product for discovering characteristics of middleboxes
WO2007136937A3 (en) Implementation of reflexive access control lists on distributed platforms
WO2009055167A3 (en) Scheduling of data packets over an air interface of a cellular communication system
CA2645274A1 (en) Peer to peer gateway
GB0613590D0 (en) Multisided sharing of dynamic data in a wireless test environment

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application
NENP Non-entry into the national phase

Ref country code: DE

WWE Wipo information: entry into national phase

Ref document number: 2006785878

Country of ref document: EP