Transparent Network Traffic Inspection
First Claim
1. A method for inspecting network traffic traversing a portion of a communication network using a network traffic inspection system having a traffic inspection module, the method comprising:
- receiving a filter change request from a subscriber over the communication network, the filter change request defining a modification to a set of filter criteria for filtering network traffic, the set of filter criteria being stored in association with the subscriber in a filter criteria data store;
updating the set of filter criteria in the filter criteria data store as a function of the filter change request;
receiving a content dataset at the traffic inspection module, the content dataset relating to the network traffic;
identifying the content dataset as being associated with the subscriber;
retrieving the set of filter criteria associated with the subscriber from the data store; and
filtering the network traffic as a function of the set of filter criteria, so that a portion of the network traffic is stored as inspection data in an inspection data store in association with the subscriber and another portion of the network traffic is discarded.
5 Assignments
0 Petitions
Accused Products
Abstract
Methods and systems are disclosed for providing parties with levels of transparency into filtering functionality of network traffic inspection implementations. Embodiments include receiving a filter change request from a subscriber over a network that defines a modification to a set of filter criteria for filtering network traffic, the filter criteria being stored in association with the subscriber in a filter criteria data store; updating the set of filter criteria in the filter criteria data store as a function of the filter change request; receiving a content dataset relating to the network traffic; identifying the content dataset as being associated with the subscriber; retrieving the set of filter criteria associated with the subscriber from the data store; and filtering the network traffic as a function of the set of filter criteria. Embodiments further provide layers of access for different entities to the filtered traffic.
-
Citations
27 Claims
-
1. A method for inspecting network traffic traversing a portion of a communication network using a network traffic inspection system having a traffic inspection module, the method comprising:
-
receiving a filter change request from a subscriber over the communication network, the filter change request defining a modification to a set of filter criteria for filtering network traffic, the set of filter criteria being stored in association with the subscriber in a filter criteria data store; updating the set of filter criteria in the filter criteria data store as a function of the filter change request; receiving a content dataset at the traffic inspection module, the content dataset relating to the network traffic; identifying the content dataset as being associated with the subscriber; retrieving the set of filter criteria associated with the subscriber from the data store; and filtering the network traffic as a function of the set of filter criteria, so that a portion of the network traffic is stored as inspection data in an inspection data store in association with the subscriber and another portion of the network traffic is discarded. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A system for inspecting network traffic traversing a portion of a communication network, the system comprising:
-
a filter criteria data store adapted to store sets of filter criteria for filtering network traffic, each set of filter criteria being stored in association with one of a plurality of subscribing entities; an interface module in operative communication with the filter criteria data store and adapted to; receive a filter change request from a subscriber over the communication network, the filter change request defining a modification to the set of filter criteria associated with the subscriber, the subscriber being one of the plurality of entities; and modify the set of filter criteria associated with the subscriber as a function of the filter change request; a data receiver module, adapted to receive network traffic traversing a portion of the communication network; a traffic inspection module, in operative communication with the data receiver module and adapted to receive a content dataset relating to at least a portion of the network traffic and to identify that the content dataset is associated with the subscriber; and a filter module, in operative communication with the traffic inspection module and the filter criteria data store, and adapted to filter at least a portion of the network traffic as a function of the set of filter criteria associated with the subscriber, so that a portion of the network traffic is stored as inspection data in an inspection data store in association with the subscriber and another portion of the network traffic is discarded. - View Dependent Claims (21, 22, 23, 24, 25)
-
-
26. A computational system comprising a computer-readable storage medium having a computer-readable program embodied therein for inspecting network traffic traversing at least a portion of a communication network, the computer-readable program including instructions in accordance with the following:
-
receiving a filter change request from a subscriber over the communication network, the filter change request defining a modification to a set of filter criteria for filtering network traffic, the set of filter criteria being stored in association with the subscriber in a filter criteria data store; updating the set of filter criteria in the filter criteria data store as a function of the filter change request; receiving a content dataset at the traffic inspection module, the content dataset relating to the network traffic; identifying the content dataset as being associated with the subscriber; retrieving the set of filter criteria associated with the subscriber from the data store; and filtering the network traffic as a function of the set of filter criteria, so that a portion of the network traffic is stored as inspection data in an inspection data store in association with the subscriber and another portion of the network traffic is discarded. - View Dependent Claims (27)
-
Specification