Electrical computers and digital processing systems: multicomput – Computer network managing – Computer network monitoring
Reexamination Certificate
2006-09-07
2010-06-29
Chan, Wing F (Department: 2441)
Electrical computers and digital processing systems: multicomput
Computer network managing
Computer network monitoring
C370S230100, C370S329000
Reexamination Certificate
active
07747737
ABSTRACT:
A network device comprises a service card (e.g., a dynamic flow capture (DFC) service card) executing a communication protocol to receive, from one or more control sources, flow capture information specifying at least one destination and criteria for matching one or more packet flows. The network device includes a network interface card to receive a packet from a network, a packet replication module to replicate the packet, and a control unit to provide the replicated packet from the interface card to the DFC service card. The network device includes a filter cache that caches flow capture information recently received from the CSs. The network device may provide real-time intercept and relaying of specified network-based communications. Moreover, the techniques described herein allow CSs to tap packet flows with little delay after specifying flow capture information, e.g., within 50 milliseconds, even under high-volume networks.
REFERENCES:
patent: 3962681 (1976-06-01), Requa et al.
patent: 4032899 (1977-06-01), Jenny et al.
patent: 4600319 (1986-07-01), Everett, Jr.
patent: 5375216 (1994-12-01), Moyer et al.
patent: 5408539 (1995-04-01), Finlay et al.
patent: 5490252 (1996-02-01), Macera et al.
patent: 5509123 (1996-04-01), Dobbins et al.
patent: 5530958 (1996-06-01), Agarwal et al.
patent: 5568471 (1996-10-01), Hershey et al.
patent: 6011795 (2000-01-01), Varghese et al.
patent: 6018765 (2000-01-01), Durana et al.
patent: 6148335 (2000-11-01), Haggard et al.
patent: 6182146 (2001-01-01), Graham-Cumming, Jr.
patent: 6321338 (2001-11-01), Porras et al.
patent: 6392996 (2002-05-01), Hjalmtysson
patent: 6499088 (2002-12-01), Wexler et al.
patent: 6501752 (2002-12-01), Kung et al.
patent: 6563796 (2003-05-01), Saito
patent: 6584548 (2003-06-01), Bourne et al.
patent: 6594268 (2003-07-01), Aukia et al.
patent: 6598034 (2003-07-01), Kloth
patent: 6651098 (2003-11-01), Carroll et al.
patent: 6735201 (2004-05-01), Mahajan et al.
patent: 6751663 (2004-06-01), Farrell et al.
patent: 6826713 (2004-11-01), Beesley et al.
patent: 6889181 (2005-05-01), Kerr et al.
patent: 6983294 (2006-01-01), Jones et al.
patent: 6985956 (2006-01-01), Luke et al.
patent: 7031304 (2006-04-01), Arberg et al.
patent: 7055174 (2006-05-01), Cope et al.
patent: 7058974 (2006-06-01), Maher, III et al.
patent: 7120931 (2006-10-01), Cheriton
patent: 7139242 (2006-11-01), Bays
patent: 7231459 (2007-06-01), Saraph et al.
patent: 7292573 (2007-11-01), LaVigne et al.
patent: 7369557 (2008-05-01), Sinha
patent: 7386108 (2008-06-01), Zave et al.
patent: 7433966 (2008-10-01), Charny et al.
patent: 7561569 (2009-07-01), Thiede
patent: 7580356 (2009-08-01), Mishra et al.
patent: 2002/0163932 (2002-11-01), Fischer et al.
patent: 2003/0120769 (2003-06-01), McCollom et al.
patent: 2003/0214913 (2003-11-01), Kan et al.
patent: 2007/0016702 (2007-01-01), Pione et al.
patent: 2007/0058558 (2007-03-01), Cheung et al.
patent: 2007/0076658 (2007-04-01), Park et al.
patent: 2007/0121812 (2007-05-01), Strange et al.
patent: WO 98/36532 (1998-08-01), None
patent: WO 02/084920 (2002-10-01), None
PCI Technology Overview, Feb. 2003, www.cs.unc.edu/Research/stc/FAQs/pci-overview.pdf.
“The CAIDA Web Site,” www.caida.org/, 2002, 1 pg.
“About Endace,” www.endace.com/, 2002, 1 pg.
“Cisco IOS NetFlow,” www.cisco.com/warp/public/732/Tech
mp
etflow/index.shtml, 2002, 1 pg.
Weaver, A.C. et al., “A Real-Time Monitor for Token Ring Networks,” Military Communications Conference, 1989, MILCOM '89, Oct. 1989, vol. 3, pp. 794-798.
Dini, P. et al., “Performance Evaluation for Distributed System Components,” Proceedings of IEEE Second International Workshop on Systems Management, Jun. 1996, pp. 20-29.
Integrated Services Adapter, 2000, Cisco Systems, Data Sheet, pp. 1-6, http://www.cisco.com/warp/public/cc/pd/ifaa/svaa/iasvaa/prodlit/ism2—ds.pdf.
“Well-Known TCP Port Number,” www.webopedia.com, 2004, 3 pgs.
“TCP Packet Field Descriptions,” www.ipanalyser.co.uk, Analyser Sales Ltd., Copyright 2003, 2 pages.
Michael Egan, “Decomposition of a TCP Packet,” www.passwall.com, 3 pages, Aug. 7, 2000.
Mark Gibbs, “A Guide to Original SYN,” www.nwfusion.com, Network World, Nov. 2000, 4 pages.
“Sample TCP/IP Packet,” www.passwall.com, Version 0.0.0 @ 03:55/Aug. 7, 2000, Copyright 2002, 6 pages.
D.J. Bernstein, “SYN Cookies,” http://cr.yp.to/syncookies.html, Oct. 2003, 3 pages.
Jonathan Lemon, “Resisting SYN Flood DoS Attacks with a SYN Cache,” http://people.freebsd.org/˜jlemon/papers/syncache.pdf, 9 pages.
Stuart Staniford, et al., “Practical Automated Detection of Stealthy Portscans,” http://downloads.securityfocus.com/library/spice-ccs2000.pdf, 16 pages.
U.S. Appl. No. 10/188,567, entitled “Adaptive Network Flow Analysis,” filed Jul. 2, 2002, Scott Mackie.
U.S. Appl. No. 10/228,150, entitiled “Network Device Having Accounting Service Card,” filed Aug. 26, 2002, Woo et al.
U.S. Appl. No. 10/228,132, entitled “Adaptive Network Router,” filed Aug. 26, 2002, Woo et al.
U.S. Appl. No. 10/228,114, entitled “Network Router Having Integrated Flow Accounting and Packet Interception,” filed Aug. 26, 2002, Woo et al.
U.S. Appl. No. 10/241,785, entitled “Rate-Controlled Transmission of Traffic Flow Information,” filed Sep. 10, 2002, Sandeep Jain.
U.S. Appl. No. 10/839,187, entitled “Port Scanning Mitigation Within A Network,” filed May 5, 2004, Michael Freed.
U.S. Appl. No. 11/516,878, filed Sep. 7, 2006 entitled, “Network Device Having Service Card For Lawful Intercept and Monitoring of Packet Flows,” to Apte et al.
Office Action from U.S. Appl. No. 11/516,878, mailed Oct. 14, 2009, 52 pp.
Response to Office Action mailed Oct. 14, 2009, for U.S. Appl. No. 11/516,878, filed Jan. 14, 2010, 24 pp.
Apte Manoj
Budiyanto Fritz
Deenadayalan Saravanan
Duraiswamy Senthil Kumar
Jain Sandeep
Chan Wing F
Juniper Networks, Inc.
Shumaker & Sieffert P.A.
Zong Ruolei
LandOfFree
Network device having service card for dynamic flow capture... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Network device having service card for dynamic flow capture..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Network device having service card for dynamic flow capture... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4160882