Configuration management for a capture/registration system
First Claim
Patent Images
1. At least one non-transitory machine-readable storage medium comprising executable instructions that when executed, cause at least one processor to:
- distribute, to a distributed capture system, a rule defining an action for the distributed capture system to perform regarding packets intercepted by the distributed capture system;
store the rule in a memory element, wherein the memory element is a configuration database including rules stored therein to be selectively distributed to a plurality of distributed capture systems, wherein the distributed capture system is associated with registered objects, each of the registered objects indicated by a respective signature and a respective object identifier that collectively form a searchable key, wherein the action is based on a particular one of the registered objects and content of an intercepted object provided in the packets, and wherein the particular registered object is to be identified, at least in part, by one or more signatures, which can be compared against signatures derived from the intercepted object; and
distribute a plurality of crawler tasks in a network that includes the distributed capture system, wherein the crawler tasks are to search for rule violations within resting objects on the network that are not being transmitted over a network connection.
11 Assignments
0 Petitions
Accused Products
Abstract
A method, apparatus, and system is described for distributing a rule to a distributed capture system and storing the rule in a global configuration database, wherein the rule defines an action for the distributed capture system to perform regarding packets intercepted by the distributed capture system.
499 Citations
19 Claims
-
1. At least one non-transitory machine-readable storage medium comprising executable instructions that when executed, cause at least one processor to:
-
distribute, to a distributed capture system, a rule defining an action for the distributed capture system to perform regarding packets intercepted by the distributed capture system; store the rule in a memory element, wherein the memory element is a configuration database including rules stored therein to be selectively distributed to a plurality of distributed capture systems, wherein the distributed capture system is associated with registered objects, each of the registered objects indicated by a respective signature and a respective object identifier that collectively form a searchable key, wherein the action is based on a particular one of the registered objects and content of an intercepted object provided in the packets, and wherein the particular registered object is to be identified, at least in part, by one or more signatures, which can be compared against signatures derived from the intercepted object; and distribute a plurality of crawler tasks in a network that includes the distributed capture system, wherein the crawler tasks are to search for rule violations within resting objects on the network that are not being transmitted over a network connection. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A system comprising:
-
a memory including a memory element to store a rule, wherein the memory element is a configuration database including rules stored therein to be selectively distributed to a plurality of distributed capture systems; a configuration manager coupled to the memory element to distribute the rule; a distributed capture system to receive the rule and store the rule, the rule defining an action for the distributed capture system to perform regarding packets intercepted by the distributed capture system, wherein the distributed capture system is associated with registered objects, each of the registered objects indicated by a respective signature and a respective object identifier that collectively form a searchable key, wherein the action is based on a particular one of the registered objects and content of an intercepted object provided in the packets, and wherein the particular registered object is to be identified, at least in part, by one or more signatures, which can be compared against signatures derived from the intercepted object; and a network that includes the distributed capture system to distribute a plurality of crawler tasks, wherein the crawler tasks are to search for rule violations within resting objects on the network that are not being transmitted over a network connection. - View Dependent Claims (16, 17, 18)
-
-
19. A method, comprising:
-
distributing, to a distributed capture system, a rule defining an action for the distributed capture system to perform regarding packets intercepted by the distributed capture system; storing the rule in a memory element, wherein the memory element is a configuration database including rules stored therein to be selectively distributed to a plurality of distributed capture systems, wherein the distributed capture system is associated with registered objects, each of the registered objects indicated by a respective signature and a respective object identifier that collectively form a searchable key, wherein the action is based on a particular one of the registered objects and content of an intercepted object provided in the packets, and wherein the particular registered object is to be identified, at least in part, by one or more signatures, which can be compared against signatures derived from the intercepted object; and distributing a plurality of crawler tasks in a network that includes the distributed capture system, wherein the crawler tasks are to search for rule violations within resting objects on the network that are not being transmitted over a network connection.
-
Specification