Enterprise network analyzer agent system and method

US 6,714,513 B1
Filed: 12/21/2001
Issued: 03/30/2004
Est. Priority Date: 12/21/2001
Status: Expired due to Fees

First Claim

Patent Images

1. A method for analyzing a network, comprising:

(a) sending a signal from a computer to a host controller utilizing a network;

(b) receiving a response to the signal from the host controller, (c) collecting information relating to network traffic involving the computer based on the response; and

(d) periodically sending the information to the host controller;

wherein a plurality of zone controllers are coupled to the host controller for collecting the information from the host controller and displaying the information from the host controller, wherein a user interface is adapted for analyzing an output;

wherein a map of the network is generated based on the information;

wherein intrusion detection services are provided based on the information;

wherein the information relates to wireless network traffic;

wherein the information is sent to the host controller securely;

wherein a Simple Network Management Protocol (SNMP) trap capability is utilized.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system, method and computer program product are provided for analyzing a network utilizing an agent. Initially, a signal is sent from a computer to a host controller utilizing a network. Next, a response to the signal is received from the host controller. Information is then collected relating to network traffic involving the computer based on the response. The information is subsequently sent to the host controller on a periodic basis.

58 Citations

View as Search Results

30 Claims

1. A method for analyzing a network, comprising:
- (a) sending a signal from a computer to a host controller utilizing a network;
  
  (b) receiving a response to the signal from the host controller, (c) collecting information relating to network traffic involving the computer based on the response; and
  
  (d) periodically sending the information to the host controller;
  
  wherein a plurality of zone controllers are coupled to the host controller for collecting the information from the host controller and displaying the information from the host controller, wherein a user interface is adapted for analyzing an output;
  
  wherein a map of the network is generated based on the information;
  
  wherein intrusion detection services are provided based on the information;
  
  wherein the information relates to wireless network traffic;
  
  wherein the information is sent to the host controller securely;
  
  wherein a Simple Network Management Protocol (SNMP) trap capability is utilized.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The method as recited in claim 1, and further comprising detecting a boot on the computer prior to the sending of the signal.
  - 3. The method as recited in claim 2, wherein the signal is sent in response to the detection of the boot.
  - 4. The method as recited in claim 1, wherein the signal is repeatedly sent until the cessation of a predetermined time interval.
  - 5. The method as recited in claim 1, wherein the signal is repeatedly sent until the response is received from the host controller.
  - 6. The method as recited in claim 1, and further comprising establishing flow control with the host controller upon receiving the response.
  - 7. The method as recited in claim 1, and further comprising establishing error correction with the host controller upon receiving the response.
  - 8. The method as recited in claim 1, wherein the information relating to network traffic involving the computer is collected for a predetermined time interval.
  - 9. The method as recited in claim 8, wherein the predetermined time interval is dictated by the response from the host controller.
  - 10. The method as recited in claim 1, and further comprising receiving an acknowledgment from the host controller in response to sending the information.
  - 11. The method as recited in claim 10, and further comprising repeating (a)-(b) upon the lack of receipt of the acknowledgement.
  - 12. The method as recited in claim 1, and further comprising filtering broadcast and multicast network traffic.

13. A computer program product for analyzing a network, comprising:
- (a) computer code for sending a signal from a computer to a host controller utilizing a network;
  
  (b) computer code for receiving a response to the signal from the host controller;
  
  (c) computer code for collecting information relating to network traffic involving the computer based on the response; and
  
  (d) computer code for periodically sending the information to the host controller;
  
  wherein a plurality of zone controllers are coupled to the host controller for collecting the information from the host controller and displaying the information from the host controller, wherein a user interface is adapted for analyzing an output;
  
  wherein a map of the network is generated based on the information;
  
  wherein intrusion detection services are provided based on the information;
  
  wherein the information relates to wireless network traffic;
  
  wherein the information is sent to the host controller securely;
  
  wherein a Simple Network Management Protocol (SNMP) trap capability is utilized.
- View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24)
- - 14. The computer program product as recited in claim 13, and further comprising computer code for detecting a boot on the computer prior to the sending of the signal.
  - 15. The computer program product as recited in claim 14, wherein the signal is sent in response to the detection of the boot.
  - 16. The computer program product as recited in claim 13, wherein the signal is repeatedly sent until the cessation of a predetermined time interval.
  - 17. The computer program product as recited in claim 13, wherein the signal is repeatedly sent until the response is received from the host controller.
  - 18. The computer program product as recited in claim 13, and further comprising computer code for establishing flow control with the host controller upon receiving the response.
  - 19. The computer program product as recited in claim 13, and further comprising computer code for establishing error correction with the host controller upon receiving the response.
  - 20. The computer program product as recited in claim 13, wherein the information relating to network traffic involving the computer is collected for a predetermined time interval.
  - 21. The computer program product as recited in claim 20, wherein the predetermined time interval is dictated by the response from the host controller.
  - 22. The computer program product as recited in claim 13, and further comprising computer code for receiving an acknowledgment from the host controller in response to sending the information.
  - 23. The computer program product as recited in claim 22, and further comprising computer code for repeating (a)-(b) upon the lack of receipt of the acknowledgement.
  - 24. The computer program product as recited in claim 13, and further comprising computer code for filtering broadcast and multicast network traffic.

25. A system for analyzing a network, comprising:
- (a) logic for sending a signal from a computer to a host controller utilizing a network;
  
  (b) logic for receiving a response to the signal from the host controller;
  
  (c) logic for collecting information relating to network traffic involving the computer based on the response; and
  
  (d) logic for periodically sending the information to the host controller;
  
  wherein a plurality of zone controllers are coupled to the host controller for collecting the information from the host controller and displaying the information from the host controller, wherein a user interface is adapted for analyzing an output;
  
  wherein a map of the network is generated based on the information;
  
  wherein intrusion detection services are provided based on the information;
  
  wherein the information relates to wireless network traffic;
  
  wherein the information is sent to the host controller securely;
  
  wherein a Simple Network Management Protocol (SNMP) trap capability is utilized.

26. A method for analyzing a network, comprising:
- (a) detecting a boot on a computer coupled to a network utilizing an agent;
  
  (b) sending a signal for identifying a host controller over a network in response to the boot utilizing the agent;
  
  (c) repeating (b) until the cessation of a predetermined time interval or a response is received from a host controller coupled to the agent via the network;
  
  (d) upon receiving the response from the host controller in (c), establishing flow control and error correction therewith utilizing layer three protocol;
  
  (e) monitoring network traffic involving the computer for a predetermined time period utilizing the agent;
  
  (f) sending periodic updates including information associated with the monitored network traffic to the identified host controller utilizing the agent;
  
  (g) receiving an acknowledgment from the identified host controller in response to the updates;
  
  (h) repeating (b)-(g) upon the lack of receipt of an acknowledgement utilizing the agent; and
  
  (i) filtering broadcast and multicast network traffic utilizing the agent;
  
  wherein a plurality of zone controllers are coupled to the host controller for collecting the information from the host controller and displaying the information from the host controller, wherein a user interface is adapted for analyzing an output;
  
  wherein a man of the network is generated based on the information;
  
  wherein intrusion detection services are provided based on the information;
  
  wherein the information relates to wireless network traffic;
  
  wherein the information is sent to the host controller securely;
  
  wherein a Simple Network Management Protocol (SNMP) trap capability is utilized.

27. A method for analyzing a network utilizing an information collector, comprising:
- receiving instructions at an information collector from an information collector manager for controlling network analysis where the information collector manager sends instructions to a plurality of the information collectors;
  
  collecting information relating to network traffic involving a computer; and
  
  sending the information to the information collector manager at predetermined intervals;
  
  wherein a plurality of consoles are coupled to the information collector manager for collecting the information from the information collector manager and displaying the information from the information collector manager, wherein a user interface is adapted for analyzing an output;
  
  wherein a map of the network is generated based on the information;
  
  wherein intrusion detection services are provided based on the information;
  
  wherein the information relates to wireless network traffic;
  
  wherein the information is sent to the information collector manager securely;
  
  wherein a Simple Network Management Protocol (SNMP) trap capability is utilized.

28. A computer program product for analyzing a network utilizing an information collector, comprising:
- computer code for receiving instructions at an information collector from an information collector manager, where the information collector manager sends instructions to a plurality of the information collectors;
  
  computer code for collecting information relating to network traffic involving a computer based on the instructions; and
  
  computer code for sending the information to the information collector manager at predetermined intervals;
  
  wherein a plurality of consoles are coupled to the information collector manager for collecting the information from the information collector manager and displaying the information from the information collector manager, wherein a user interface is adapted for analyzing an output;
  
  wherein a map of the network is generated based on the information;
  
  wherein intrusion detection services are provided based on the information;
  
  wherein the information relates to wireless network traffic;
  
  wherein the information is sent to the information collector manager securely;
  
  wherein a Simple Network Management Protocol (SNMP) trap capability is utilized.

29. A method for analyzing a network utilizing an information collector, comprising:
- receiving instructions at an information collector;
  
  collecting information relating to network traffic involving a computer at a predetermined time based on the instructions; and
  
  periodically sending the information to the information collector manager;
  
  wherein a plurality of consoles are coupled to the information collector manager for collecting the information from the information collector manager and displaying the information from the information collector manager, wherein a user interface is adapted for analyzing an output;
  
  wherein a map of the network is generated based on the information;
  
  wherein intrusion detection services are provided based on the information;
  
  wherein the information relates to wireless network traffic;
  
  wherein the information is sent to the information collector manager securely;
  
  wherein a Simple Network Management Protocol (SNMP) trap capability is utilized.

30. A computer program product for analyzing a network utilizing an information collector, comprising:
- computer code for receiving instructions at an information collector;
  
  computer code for collecting information relating to network traffic involving a computer at a predetermined time based on the instructions; and
  
  computer code for periodically sending the information to the information collector manager;
  
  wherein a plurality of consoles are coupled to the information collector manager for collecting the information from the information collector manager and displaying the information from the information collector manager, wherein a user interface is adapted for analyzing an output;
  
  wherein a man of the network is generated based on the information;
  
  wherein intrusion detection services are provided based on the information;
  
  wherein the information relates to wireless network traffic;
  
  wherein the information is sent to the information collector manager securely;
  
  wherein a Simple Network Management Protocol (SNMP) trap capability is utilized.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
McAfee, Inc. (McAfee, LLC)
Original Assignee
Networks Associates Technology, Inc. (McAfee, LLC)
Inventors
Verma, Ravi, Joiner, Herbert V., Raghuraman, Praveen, Elwell, Ken W.
Primary Examiner(s)
Eng, David Y.

Application Number

US10/032,088
Time in Patent Office

830 Days
Field of Search

709/224, 709/202, 709/203
US Class Current

370/224
CPC Class Codes

H04L 41/0213   Standardised network manage...

H04L 41/046   comprising network manageme...

H04L 41/0631   using root cause analysis; ...

H04L 41/147   for predicting network beha...

H04L 41/22   comprising specially adapte...

H04L 43/00   Arrangements for monitoring...

H04L 43/12   Network monitoring probes

Enterprise network analyzer agent system and method

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

58 Citations

30 Claims

Specification

Solutions

Use Cases

Quick Links

Enterprise network analyzer agent system and method

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

58 Citations

30 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links