PACKET TIME STAMP PROCESSING METHODS, SYSTEMS, AND APPARATUS
First Claim
1. A network monitor for monitoring a network device coupled to a network, the network device receiving packets and adding a first time stamp to the packets, the network monitor comprising:
- a connection port configured to receive at least one packet from the network device;
a presentation device; and
a processor coupled to the connection port and the presentation device, the processor configured to add a second time stamp to the at least one packet, compare the first time stamp and the second time stamp of each of the at least one packet, and identify an anomaly associated with the at least one packet in response to a difference metric generated based on the first and second time stamps of a set of one or more packets exceeding a threshold.
1 Assignment
0 Petitions
Accused Products
Abstract
Methods, systems, and apparatus for monitoring network devices and identifying packet anomalies are described herein. Anomalies may be identified by receiving packets from a network device at a network monitor, each packet having a first time stamp added by the network device, adding a second time stamp to the packets by the network monitor, comparing the first time stamp and the second time stamp of each packet, and identifying an anomaly associated with a packet in response to a difference metric generated based on the first and second time stamps exceeding a threshold.
-
Citations
20 Claims
-
1. A network monitor for monitoring a network device coupled to a network, the network device receiving packets and adding a first time stamp to the packets, the network monitor comprising:
-
a connection port configured to receive at least one packet from the network device; a presentation device; and a processor coupled to the connection port and the presentation device, the processor configured to add a second time stamp to the at least one packet, compare the first time stamp and the second time stamp of each of the at least one packet, and identify an anomaly associated with the at least one packet in response to a difference metric generated based on the first and second time stamps of a set of one or more packets exceeding a threshold. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A network monitoring method comprising:
-
receiving at least one packet from a network device at a network monitor, each packet having a first time stamp added by the network device; adding a second time stamp to the at least one packet by the network monitor; comparing the first time stamp and the second time stamp of each of the at least one packet; and
identifying an anomaly associated with the at least one packet in response to a difference metric generated based on the first and second time stamps of a set of one or more packets exceeding a threshold. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
-
-
18. A network monitoring system comprising:
-
a network device coupled to a network, the network device configured to receive packets and to add a first time stamp to the packets; and a network monitor coupled to the network device, the network monitor configured to receive at least one packet with the added first time stamp from the network device, add a second time stamp to the at least one packet, compare the first time stamp and the second time stamp of each of the at least one packet, and identify an anomaly associated with the at least one packet in response to a difference metric generated based on the first and second time stamps of a set of one or more packets exceeding a threshold. - View Dependent Claims (19, 20)
-
Specification