APPARATUS AND METHOD FOR ASSOCIATING CATEGORIZATION INFORMATION WITH NETWORK TRAFFIC TO FACILITATE APPLICATION LEVEL PROCESSING

US 20100011434A1
Filed: 07/09/2009
Published: 01/14/2010
Est. Priority Date: 08/19/2005
Status: Active Grant

First Claim

Patent Images

1. An apparatus to facilitate application level processing of network traffic, comprising:

a first circuit that processes at least one input data field using a hash function to generate a hash identifier;

a plurality of microcode controlled state machines;

a distribution circuit that routes input data to the plurality of microcode controlled state machines, such that at least one individual microcode controlled state machine applies a rule to the input data to produce the at least one input data field, and to produce modification instructions based on the hash identifier; and

a second circuit that appends the hash identifier to the input data to produce modified input data based on the modification instructions, and that routes the modified input data in accordance with an output routing strategy.

View all claims

10 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An apparatus is described that associates categorization information with network traffic to facilitate application level processing through processing of network traffic in accordance with provisioned rules and policies. The apparatus includes a plurality of microcode controlled state machines, wherein at least one microcode state machine processes at least one input data field using a hash function to generate a hash identifier. This embodiment further includes a distribution circuit that routes input data to the plurality of microcode controlled state machines, such that at least one individual microcode controlled state machine applies a rule to the input data to produce the at least one input data field, and to produce modification instructions based on the hash identifier. This embodiment further includes a first circuit that appends the hash identifier to the input data to produce modified input data based on the modification instructions, and that routes the modified input data in accordance with an output routing strategy. Advantageously, the apparatus provides an architectural framework well suited to a low cost, high speed, robust implementation of flexible, advanced network security and monitoring features and network traffic analysis.

167 Citations

16 Claims

1. An apparatus to facilitate application level processing of network traffic, comprising:
- a first circuit that processes at least one input data field using a hash function to generate a hash identifier;
  
  a plurality of microcode controlled state machines;
  
  a distribution circuit that routes input data to the plurality of microcode controlled state machines, such that at least one individual microcode controlled state machine applies a rule to the input data to produce the at least one input data field, and to produce modification instructions based on the hash identifier; and
  
  a second circuit that appends the hash identifier to the input data to produce modified input data based on the modification instructions, and that routes the modified input data in accordance with an output routing strategy.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The apparatus of claim 1, wherein the second circuit routes the modified input data by re-directing or duplicating the modified input data.
  - 3. The apparatus of claim 1, further comprising a management port, wherein the management port receives the modified input data from the second circuit.
  - 4. The apparatus of claim 3, wherein the second circuit includes an output circuit that appends the hash identifier to the input data to produce modified input data based on the modification instructions, and that provides the modified input data to the management port.
  - 5. The apparatus of claim 1, wherein the input data includes a packet comprising a header and a payload, and the at least one input data field includes at least one field of the header.
  - 6. The apparatus of claim 5, wherein the rule has bitwise granularity across the header and the payload of the packet.
  - 7. The apparatus of claim 5, wherein the hash identifier is appended to the header of the packet.
  - 8. The apparatus of claim 7, wherein the hash identifier is associated with a packet type or a packet flow.

9. An apparatus to facilitate application level processing of network traffic, comprising:
- a plurality of microcode controlled state machines, wherein at least one microcode state machine processes at least one input data field using a hash function to generate a hash identifier;
  
  a distribution circuit that routes input data to the plurality of microcode controlled state machines, such that at least one individual microcode controlled state machine applies a rule to the input data to produce the at least one input data field, and to produce modification instructions based on the hash identifier; and
  
  a first circuit that appends the hash identifier to the input data to produce modified input data based on the modification instructions, and that routes the modified input data in accordance with an output routing strategy.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- - 10. The apparatus of claim 9, wherein the first circuit routes the modified input data by re-directing or duplicating the modified input data.
  - 11. The apparatus of claim 9, further comprising a management port, wherein the management port receives the modified input data from the first circuit.
  - 12. The apparatus of claim 11, wherein the first circuit includes an output circuit that appends the hash identifier to the input data to produce modified input data based on the modification instructions, and that provides the modified input data to the management port.
  - 13. The apparatus of claim 9, wherein the input data includes a packet comprising a header and a payload, and the at least one input data field includes at least one field of the header.
  - 14. The apparatus of claim 13, wherein the rule has bitwise granularity across the header and the payload of the packet.
  - 15. The apparatus of claim 13, wherein the hash identifier is appended to the header of the packet.
  - 16. The apparatus of claim 15, wherein the hash identifier is associated with a packet type or a packet flow.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cpacket Networks Incorporated
Original Assignee
Cpacket Networks Incorporated
Inventors
Kay, Rony

Granted Patent

US 8,296,846 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/14
CPC Class Codes

H04L 41/16   using machine learning or a...

H04L 43/00   Arrangements for monitoring...

H04L 43/0852   Delays

H04L 43/0888   Throughput

H04L 43/16   Threshold monitoring

H04L 63/0236   Filtering by address, proto...

H04L 63/0245   Filtering by information in...

H04L 63/1416   Event detection, e.g. attac...

H04L 63/1466   Active attacks involving in...

H04L 69/12   Protocol engines

APPARATUS AND METHOD FOR ASSOCIATING CATEGORIZATION INFORMATION WITH NETWORK TRAFFIC TO FACILITATE APPLICATION LEVEL PROCESSING

First Claim

10 Assignments

0 Petitions

Accused Products

Abstract

167 Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

APPARATUS AND METHOD FOR ASSOCIATING CATEGORIZATION INFORMATION WITH NETWORK TRAFFIC TO FACILITATE APPLICATION LEVEL PROCESSING

First Claim

10 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

167 Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links