System and Method for Location, Time-of-Day, and Quality-of-Service Based Prioritized Access Control
First Claim
1. A priority server for a provider network, comprising:
- a traffic volume detection module that receives operational information from the provider network and determines that a host on the provider network is experiencing a flash event based upon the operational information;
a traffic analyzer module that determines that the flash event is not a distributed denial of service attack on the host; and
a rules module that provides a priority rule to an access router in the provider network that is coupled to the host in response to determining that the flash event is not a distributed denial of service attack, wherein;
the priority rule is based upon a characteristic of packets routed in the provider network that are associated with the flash event; and
the characteristic is determined not solely by information included in the packets.
2 Assignments
0 Petitions
Accused Products
Abstract
A priority server for a provider network includes a traffic volume detection module, a traffic analyzer module, and a rules module. The traffic volume detection module receives operational information from the provider network and determines that a host is experiencing a flash event based upon the operational information. The traffic analyzer module determines that the flash event is not a distributed denial of service attack on the host. When it is determined that the flash event is not a distributed denial of service attack, the rules module provides a priority rule to an access router that is coupled to the host. The priority rule is based upon a characteristic of packets routed in the provider network that are associated with the flash event, and the characteristic is determined not solely by information included in the packets.
77 Citations
20 Claims
-
1. A priority server for a provider network, comprising:
-
a traffic volume detection module that receives operational information from the provider network and determines that a host on the provider network is experiencing a flash event based upon the operational information; a traffic analyzer module that determines that the flash event is not a distributed denial of service attack on the host; and a rules module that provides a priority rule to an access router in the provider network that is coupled to the host in response to determining that the flash event is not a distributed denial of service attack, wherein; the priority rule is based upon a characteristic of packets routed in the provider network that are associated with the flash event; and the characteristic is determined not solely by information included in the packets. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method of prioritizing traffic in a provider network, comprising:
-
receiving at a traffic volume detection module of a priority server operational information from the provider network; determining that a host on the provider network is experiencing a flash event based upon the operational information; determining that the flash event is not a distributed denial of service attack on the host; and in response to determining that the flash event is not a distributed denial of service attack, providing a priority rule to an access router in the provider network that is coupled to the host, wherein; the priority rule is based upon a characteristic of packets routed in the provider network that are associated with the flash event; and the characteristic is determined not solely by information included in the packets. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. Machine-executable code for managing prioritized access rules, wherein the machine-executable code is embedded within a tangible medium and includes instructions for carrying out a method comprising:
-
receiving operational information from a provider network; determining that a host on the provider network is experiencing a flash event based upon the operational information; determining that the flash event is not a distributed denial of service attack on the host; and in response to determining that the flash event is not a distributed denial of service attack, providing a priority rule to an access router in the provider network that is coupled to the host, wherein; the priority rule is based upon a characteristic of packets routed in the provider network that are associated with the flash event; and the characteristic is determined not solely by information included in the packets. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification