Transparent Provisioning of Services Over a Network
First Claim
1. A method of transparently provisioning first and second services to a network, the first service being provided by a first application service provider to the network via a first application and the second service being provided by a second application service provider to the network via a second application, the network carrying a plurality of packets each being transmitted by a source to at least one intended destination intended by the source, each of the plurality of packets comprising routing data operative to cause the forwarding of the packet via the network towards the at least one intended destination, the method comprising:
- interfacing between the first application and an interface to the network;
interfacing between the second application and the interface to the network;
intercepting, via the interface, each of the plurality of packets prior to a forwarding thereof toward the at least one intended destination;
evaluating each intercepted packet based on a first specification of a first subset of the plurality of packets with respect to which the first application is to perform the first service and a second specification of a second subset of the plurality of packets with respect to which the second application is to perform the second service, wherein at least the first specification specifies the first subset based on criteria other than only the routing data contained in the intercepted packet; and
acting on the intercepted packet, based on the evaluating, to facilitate the performance of at least one of the first service, second service or a combination thereof with respect to the intercepted packet if the intercepted packet is included in at least one of the specified first subset, second subset, or combination thereof.
12 Assignments
0 Petitions
Accused Products
Abstract
An apparatus and method for enhancing the infrastructure of a network such as the Internet is disclosed. A packet interceptor/processor apparatus is coupled with the network so as to be able to intercept and process packets flowing over the network. Further, the apparatus provides external connectivity to other devices that wish to intercept packets as well. The apparatus applies one or more rules to the intercepted packets which execute one or more functions on a dynamically specified portion of the packet and take one or more actions with the packets. The apparatus is capable of analyzing any portion of the packet including the header and payload. Actions include releasing the packet unmodified, deleting the packet, modifying the packet, logging/storing information about the packet or forwarding the packet to an external device for subsequent processing. Further, the rules may be dynamically modified by the external devices.
-
Citations
24 Claims
-
1. A method of transparently provisioning first and second services to a network, the first service being provided by a first application service provider to the network via a first application and the second service being provided by a second application service provider to the network via a second application, the network carrying a plurality of packets each being transmitted by a source to at least one intended destination intended by the source, each of the plurality of packets comprising routing data operative to cause the forwarding of the packet via the network towards the at least one intended destination, the method comprising:
-
interfacing between the first application and an interface to the network; interfacing between the second application and the interface to the network; intercepting, via the interface, each of the plurality of packets prior to a forwarding thereof toward the at least one intended destination; evaluating each intercepted packet based on a first specification of a first subset of the plurality of packets with respect to which the first application is to perform the first service and a second specification of a second subset of the plurality of packets with respect to which the second application is to perform the second service, wherein at least the first specification specifies the first subset based on criteria other than only the routing data contained in the intercepted packet; and acting on the intercepted packet, based on the evaluating, to facilitate the performance of at least one of the first service, second service or a combination thereof with respect to the intercepted packet if the intercepted packet is included in at least one of the specified first subset, second subset, or combination thereof. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A system for transparently provisioning first and second services to a network, the first service being provided by a first application service provider to the network via a first application and the second service being provided by a second application service provider to the network via a second application, the network carrying a plurality of packets each being transmitted by a source to at least one intended destination intended by the source, each of the plurality of packets comprising routing data operative to cause the forwarding of the packet via the network towards the at least one intended destination, the system comprising:
a packet processor coupled between the network and first and second applications and operative to intercept at least one of the plurality of packets prior to a forwarding thereof toward the at least one intended destination, evaluate the at least one intercepted packet based on a first specification of a first subset of the plurality of packets with respect to which the first application is to perform the first service and a second specification of a second subset of the plurality of packets with respect to which the second application is to perform the second service, and act on the intercepted packet to facilitate the performance of at least one of the first service, second service, or combination thereof with respect to the intercepted packet if the intercepted packet is included in at least one of the specified first subset, second subset, or combination thereof, wherein at least the first specification specifies the first subset based on criteria other than only the routing data contained in the intercepted packet. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22)
-
23. A system for transparently provisioning first and second services to a network, the first service being provided by a first application service provider to the network via a first application and the second service being provided by a second application service provider to the network via a second application, the network carrying a plurality of packets each being transmitted by a source to at least one intended destination intended by the source, each of the plurality of packets comprising routing data operative to cause the forwarding of the packet via the network towards the at least one intended destination, the method comprising:
-
means for interfacing between the first application and an interface to the network; means for interfacing between the second application and the interface to the network; means for intercepting, via the interface, each of the plurality of packets prior to a forwarding thereof toward the at least one intended destination; means for evaluating each intercepted packet based on a first specification of a first subset of the plurality of packets with respect to which the first application is to perform the first service and a second specification of a second subset of the plurality of packets with respect to which the second application is to perform the second service, wherein at least the first specification specifies the first subset based on criteria other than only the routing data contained in the intercepted packet; and means for acting on the intercepted packet, based on the evaluating, to facilitate the performance of at least one of the first service, second service, or combination thereof with respect to the intercepted packet if the intercepted packet is included in at least one of the specified first subset, second subset, or combination thereof.
-
-
24. A system for transparently provisioning first and second services to a network, the first service being provided by a first application service provider to the network via a first application and the second service being provided by a second application service provider to the network via a second application, the network carrying a plurality of packets each being transmitted by a source to at least one intended destination intended by the source, each of the plurality of packets comprising routing data operative to cause the forwarding of the packet via the network towards the at least one intended destination, the system comprising processor, a memory coupled with the processor, a network interface operative to couple the processor with the network, and an application interface operative to couple the processor with the first and second applications, the system further comprising:
-
first logic stored in the memory and executable by the processor cause the processor to intercept at least one of the plurality of packets prior to a forwarding thereof toward the at least one intended destination; second logic, coupled with the first logic, stored in the memory and executable by the processor to cause the processor to evaluate the at least one intercepted packet based on a first specification of a first subset of the plurality of packets with respect to which the first application is to perform the first service and a second specification of a second subset of the plurality of packets with respect to which the second application is to perform the second service, wherein at least the first specification specifies the first subset based on criteria other than only the routing data contained in the intercepted packet; and third logic, coupled with the second logic, stored in the memory and executable by the processor to cause the processor to act on the intercepted packet to facilitate the performance of at least one of the first service, second service, or combination thereof with respect to the intercepted packet if the intercepted packet is included in at least one of the specified first subset, second subset, or combination thereof.
-
Specification