Flow tagging for service policy implementation
First Claim
Patent Images
1. A system, comprising:
- a traffic stack;
a proxy manager coupled to the traffic stack;
a socket manager coupled to the traffic stack;
a traffic classification and enforcement engine coupled to the traffic stack;
wherein, in operation;
the proxy manager tags a network activity traffic flow at a first point in the flow, wherein the first point is associated with an API call to the proxy manager for a thread;
the proxy manager registers the thread at the traffic stack;
the socket manager tags the network activity traffic flow at a second point in the flow, wherein the second point is associated with a socket call to the socket manager for the thread;
the socket manager registers the socket at the traffic stack;
the traffic classification and enforcement engine uses the registration of the thread and the registration of the socket to determine that the network activity traffic flow is associated with an initiator of the network activity, wherein the initiator of the network activity is not the proxy manager;
the traffic classification and enforcement engine enforces service policies associated with the initiator of the network activity for the network activity traffic flow.
2 Assignments
0 Petitions
Accused Products
Abstract
A flow tagging technique includes tagging a data flow at a plurality of points in the data flow. For example, the data flow can be tagged at a socket and at a proxy manager API. By tagging the data flow at multiple points, it becomes possible to map network service usage activities to the appropriate initiating applications.
143 Citations
10 Claims
-
1. A system, comprising:
-
a traffic stack; a proxy manager coupled to the traffic stack; a socket manager coupled to the traffic stack; a traffic classification and enforcement engine coupled to the traffic stack; wherein, in operation; the proxy manager tags a network activity traffic flow at a first point in the flow, wherein the first point is associated with an API call to the proxy manager for a thread; the proxy manager registers the thread at the traffic stack; the socket manager tags the network activity traffic flow at a second point in the flow, wherein the second point is associated with a socket call to the socket manager for the thread; the socket manager registers the socket at the traffic stack; the traffic classification and enforcement engine uses the registration of the thread and the registration of the socket to determine that the network activity traffic flow is associated with an initiator of the network activity, wherein the initiator of the network activity is not the proxy manager; the traffic classification and enforcement engine enforces service policies associated with the initiator of the network activity for the network activity traffic flow. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A method comprising:
-
tagging a network activity traffic flow at a first point in the flow, wherein the first point is associated with an API call to a proxy manager for a thread; registering the thread; tagging the network activity traffic flow at a second point in the flow, wherein the second point is associated with a socket call to a socket manager for the thread; registering the socket; using the registration of the thread and the registration of the socket to determine that the network activity traffic flow is associated with an initiator of the network activity, wherein the initiator of the network activity is not the proxy manager; enforcing service policies associated with the initiator of the network activity for the network activity traffic flow. - View Dependent Claims (7, 8, 9, 10)
-
Specification