Systems and methods for network user resolution
First Claim
2. The method of claim 1 further comprising resolving a user name from information contained in a network communication packet by extracting the network address and port number associated with the network packet.
15 Assignments
0 Petitions
Accused Products
Abstract
Systems and software that enable mapping of a particular network transaction with a specific computer and user in an organization. The network packet may be a live in-transit packet, or a packet that occurred at some time in the past. In a particular implementation, a database currently comprises a collection of records containing fields for username, computer name, IP address of the computer, and logon time. A name resolution is performed by taking an IP address and time as input, and determining from the records in the database what user'"'"'s computer owned the IP address at that time.
-
Citations
23 Claims
-
2. The method of claim 1 further comprising resolving a user name from information contained in a network communication packet by extracting the network address and port number associated with the network packet.
-
10. A method for associating communication packets with a particular individual user on a multi-user device, the method comprising:
-
maintaining a data structure that creates an association between each particular user and unique indicia of each particular user; and
for each particular user, marking the communication packets with the unique indicia of the particular user. - View Dependent Claims (11, 12)
-
-
13. A user name resolution database comprising:
a plurality of records, wherein each record corresponds to a particular user and each record comprises a logon time, network address and an indication of the set of port numbers allocated to that user. - View Dependent Claims (14)
-
15. A network management device comprising:
-
an interface for coupling to a network;
a user name resolution data structure having a plurality of records, wherein each record comprises fields indicating logon time and network address for a particular user as well as an indication of the set of port numbers allocated to that user;
a component for determining a particular user name from a given network address and port number obtained from a communication packet. - View Dependent Claims (1, 3, 4, 5, 6, 7, 8, 9, 16, 17, 18, 19, 20, 21, 22)
-
-
22-1. The network management device of claim 15 further comprising:
a bandwidth management component operable to enforce per-user bandwidth policy using the address and port number obtained from communication packets.
-
23. The network management device of claim 15 further comprising:
a blocking component operable to selectively block communication packets associated with a first user and a particular network accessible resource while allowing communication packets from a second user and the particular network accessible resource.
-
23-2. A user identity resolution system comprising:
-
a first component for mapping user identification to network address for single-user computers; and
a second component for mapping user identification to a network address;
port number combination for multi-user computers.
-
Specification