Method and apparatus for providing situational awareness
First Claim
1. A computerized method comprising:
- at a network router connected to a network of a plurality of routers for transferring data between computing devices;
receiving, network route control plane data advertised by one or more other routers on the network, the network route control plane data comprising data describing one or more routes on the network, at a passive discovery module of the network router, the network router being configured to communicate with the one or more routers using one or more routing protocols but not to advertise route data;
comparing, at the passive discovery module, the received network route control plane data to network element data stored in a network element database;
determining, at the passive discovery module, whether the received network route control plane data meets network element criteria, wherein the received network element criteria includes a criterion that is met when the network route control plane data is a route advertisement transmitted by a router;
in response to a determination that the received network route control plane data meets network element criteria;
determining, at the passive discovery module, whether the received network route control plane data meets unscanned target criteria, wherein the unscanned target criteria includes a criterion that is met when the network route control plane data is transmitted by a router that has not been scanned by an active discovery module of the network router;
in response to a determination that the received network route control plane data meets network element criteria and unscanned target criteria;
delivering, by the passive discovery module, data describing the router that transmitted the received network route control plane data to an active discovery module of the network router, andtransmitting an interrogation request, via the active discovery module of the network router, to the one or more routers described by the received network route control plane data that is indicative of an unscanned router,wherein the network route control plane data used for network element criteria and unscanned target determinations is one of;
an OSPF new consolidated route message, a BGP new consolidated route message, an IS-IS new consolidated route message, an ARP new consolidated route message and a DHCP new consolidated route message.
4 Assignments
0 Petitions
Accused Products
Abstract
Network route control plane data, advertised by one or more routers on a network, is received from a passive discovery module. The passive discovery module is configured to communicate with the routers using one or more routing protocols, but not to advertise route data. The received network route control plane data is compared to network element data stored in a network element database. If the received network route control plane data is not contained in the network element database, the received network route control plane data is stored in the network element database. If the received network route control plane data is contained in the network element data database, the received network route control plane data is compared to target asset data stored in a target asset database. If the received network route control plane data is not contained in the target asset database, the received network route control plane data is stored in the target asset database. The target asset database is analyzed for unscanned targets. Data describing unscanned targets is delivered to an active discovery module.
-
Citations
10 Claims
-
1. A computerized method comprising:
-
at a network router connected to a network of a plurality of routers for transferring data between computing devices; receiving, network route control plane data advertised by one or more other routers on the network, the network route control plane data comprising data describing one or more routes on the network, at a passive discovery module of the network router, the network router being configured to communicate with the one or more routers using one or more routing protocols but not to advertise route data; comparing, at the passive discovery module, the received network route control plane data to network element data stored in a network element database; determining, at the passive discovery module, whether the received network route control plane data meets network element criteria, wherein the received network element criteria includes a criterion that is met when the network route control plane data is a route advertisement transmitted by a router; in response to a determination that the received network route control plane data meets network element criteria; determining, at the passive discovery module, whether the received network route control plane data meets unscanned target criteria, wherein the unscanned target criteria includes a criterion that is met when the network route control plane data is transmitted by a router that has not been scanned by an active discovery module of the network router; in response to a determination that the received network route control plane data meets network element criteria and unscanned target criteria; delivering, by the passive discovery module, data describing the router that transmitted the received network route control plane data to an active discovery module of the network router, and transmitting an interrogation request, via the active discovery module of the network router, to the one or more routers described by the received network route control plane data that is indicative of an unscanned router, wherein the network route control plane data used for network element criteria and unscanned target determinations is one of;
an OSPF new consolidated route message, a BGP new consolidated route message, an IS-IS new consolidated route message, an ARP new consolidated route message and a DHCP new consolidated route message. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A system comprising:
-
a network router connected to a network of a plurality of routers for transferring data between computing devices, the network router including; one or more memory units each operable to store at least one program; and at least one processor communicatively coupled to the one or more memory units, in which the at least one program, when executed by the at least one processor, causes the at least one processor to perform the steps of; receiving, network route control plane data advertised by one or more other routers on the network, the network route control plane data comprising data describing one or more routes on the network, at a passive discovery module of the network router, the network router being configured to communicate with the one or more routers using one or more routing protocols but not to advertise route data; comparing, at the passive discovery module, the received network route control plane data to network element data stored in a network element database; determining, at the passive discovery module, whether the received network route control plane data meets network element criteria, wherein the received network element criteria includes a criterion that is met when the network route control plane data is a route advertisement transmitted by a router; in response to a determination that the received network route control plane data meets network element criteria; determining, at the passive discovery module, whether the received network route control plane data meets unscanned target criteria, wherein the unscanned target criteria includes a criterion that is met when the network route control plane data is transmitted by a router that has not been scanned by an active discovery module of the network router; in response to a determination that the received network route control plane data meets network element criteria and unscanned target criteria; delivering, by the passive discovery module, data describing the router that transmitted the received network route control plane data to an active discovery module of the network router, and transmitting an interrogation request, via the active discovery module of the network router, to the one or more routers described by the received network route control plane data that is indicative of an unscanned router, wherein the network route control plane data used for network element criteria and unscanned target determinations is one of;
an OSPF new consolidated route message, a BGP new consolidated route message, an IS-IS new consolidated route message, an ARP new consolidated route message and a DHCP new consolidated route message. - View Dependent Claims (7, 8, 9, 10)
-
Specification