Capture file format system and method for a network analyzer
First Claim
1. The method as recited in claim 4, wherein the network traffic information is selected from the group consisting of total packet information relating to a total number of packets associated with the network traffic, total byte information relating to a total number of bytes associated with the network traffic, and network utilization information relating to network utilization associated with the network traffic.
3 Assignments
0 Petitions
Accused Products
Abstract
A system, method and computer program product are provided for analyzing a network. Initially, network traffic information relating to network traffic is collected. Next, the network traffic information is encrypted. In use, the network traffic information is capable of being analyzed by a network analyzer adapted for decrypting the network traffic information.
57 Citations
26 Claims
-
1. The method as recited in claim 4, wherein the network traffic information is selected from the group consisting of total packet information relating to a total number of packets associated with the network traffic, total byte information relating to a total number of bytes associated with the network traffic, and network utilization information relating to network utilization associated with the network traffic.
-
2. The method as recited in claim 1, wherein the network traffic information includes total packet information relating to a total number of packets associated with the network traffic, total byte information relating to a total number of bytes associated with the network traffic, and network utilization information relating to network utilization associated with the network traffic.
-
3. The method as recited in claim 1, wherein the network traffic information is compressed before being encrypted.
-
4. A method for analyzing a network, comprising:
-
collecting network traffic information relating to network traffic; and
encrypting the network traffic information;
wherein the network traffic information is capable of being analyzed by a network analyzer adapted for decrypting the network traffic information;
wherein the network traffic information is compressed;
wherein the network traffic information includes a format including a compression header having a compression algorithm field with a compression algorithm used for compressing the network traffic information.
-
-
5. The method as recited in claim 1, wherein the compression header further includes a compression parameter field, a pre-compression buffer size field, a post-compression buffer size field, a compression time field, and a reserved field.
-
6. The method as recited in claim 1, wherein the compression header further includes fields selected from the group consisting of a compression parameter field, a pre-compression buffer size field, a post-compression buffer size field, a compression time field, and a reserved field.
-
7. The method as recited in claim 1, and further comprising writing the encrypted network traffic information to memory.
-
8. The method as recited in claim 7, and further comprising reading the encrypted network traffic information from the memory utilizing the network analyzer capable of decrypting the network traffic information.
-
9. The method as recited in claim 8, and further comprising analyzing the decrypted network traffic information.
-
10. The method as recited in claim 4, wherein the network traffic information is encrypted utilizing one of a plurality of keys.
-
11. A method for analyzing a network, comprising:
-
collecting network traffic information relating to network traffic; and
encrypting the network traffic information;
wherein the network traffic information is capable of being analyzed by a network analyzer adapted for decrypting the network traffic information;
wherein the network traffic information includes a format including an encryption header having an encryption field with an encryption algorithm used for encrypting the network traffic information.
-
-
12. The method as recited in claim 11, wherein the encryption header further includes a key number field, a key length field, a block size field, a pre-encryption buffer length field, a post-encryption buffer length field, a compressed indicator field, a buffer encryption field, an encryption time field, and a reserved field.
-
13. The method as recited in claim 11, wherein the encryption header further includes fields selected from the group consisting of a key number field, a key length field, a block size field, a pre-encryption buffer length field, a post-encryption buffer length field, a compressed indicator field, a buffer encryption field, an encryption time field, and a reserved field.
-
14. The method as recited in claim 4, and further comprising receiving an indication from a user as to whether the network traffic information is to be compressed.
-
15. The method as recited in claim 14, and further comprising compressing the network traffic information upon receiving the indication from the user to compress the network traffic information.
-
16. A computer program product embodied on a computer readable medium for analyzing a network, comprising:
-
(a) computer code for collecting network traffic information relating to network traffic; and
(b) computer code for encrypting the network traffic information;
(c) wherein the network traffic information is capable of being analyzed by a network analyzer adapted for decrypting the network traffic information;
wherein the network traffic information includes a format including an encryption header having an encryption field with an encryption algorithm used for encrypting the network traffic information.
-
-
17. A system for analyzing a network, comprising:
-
(a) logic for collecting network traffic information relating to network traffic; and
(b) logic for encrypting the network traffic information;
(c) wherein the network traffic information is capable of being analyzed by a network analyzer adapted for decrypting the network traffic information;
wherein the network traffic information includes a format including an encryption header having an encryption field with an encryption algorithm used for encrypting the network traffic information.
-
-
18. A system for analyzing a network, comprising:
-
(a) means for collecting network traffic information relating to network traffic; and
(b) means for encrypting the network traffic information;
(c) wherein the network traffic information is capable of being analyzed by a network analyzer adapted for decrypting the network traffic information;
wherein the network traffic information includes a format including an encryption header having an encryption field with an encryption algorithm used for encrypting the network traffic information.
-
-
19. A data structure stored in a computer readable medium for analyzing a network, comprising:
-
(a) a data object embodied on a computer readable medium for containing network traffic information relating to network traffic, wherein the data object is encrypted; and
(b) an encryption object for describing the encryption of the network traffic information in the data object;
wherein the network traffic information includes a format including an encryption header having an encryption field with an encryption algorithm used for encrypting the network traffic information.
-
-
20. A method for analyzing a network, comprising:
-
(a) reading encrypted network traffic information relating to network traffic;
(b) decrypting the network traffic information; and
(c) analyzing the network traffic utilizing the decrypted network traffic information;
wherein the network traffic information includes a format including an encryption header having an encryption field associated with an encryption algorithm used for encrypting the network traffic information.
-
-
21. A method for analyzing a network, comprising:
-
(a) collecting network traffic information relating to network traffic, wherein the network traffic information is selected from the group consisting of total packet information relating to a total number of packets associated with the network traffic, total byte information relating to a total number of bytes associated with the network traffic, and network utilization information relating to network utilization associated with the network traffic;
(b) receiving an indication from a user as to whether the network traffic information is to be compressed;
(c) compressing the network traffic information upon receiving the indication from the user to compress the network traffic information, wherein the network traffic information includes a format including a compression header having a compression algorithm field with a compression algorithm used for compressing the network traffic information, and the compression header further includes a compression parameter field, a pre-compression buffer size field, a post-compression buffer size field, a compression time field, and a reserved field;
(d) encrypting the network traffic information, wherein the network traffic information includes a format including an encryption header having an encryption field with an encryption algorithm used for encrypting the network traffic information, and the encryption header further includes a key number field, a key length field, a block size field, a pre-encryption buffer length field, a post-encryption buffer length field, a compressed indicator field, a buffer encryption field, an encryption time field, and a reserved field;
(e) writing the encrypted network traffic information to memory;
(f) reading the encrypted network traffic information from the memory;
(g) decrypting the network traffic information utilizing the encryption header;
(h) receiving an indication from the compression header as to whether the network traffic information is to be decompressed;
(i) decompressing the network traffic information utilizing the compression header upon receiving the indication to decompress the network traffic information; and
(j) analyzing the network traffic information.
-
-
22. A computer program product embodied on a computer readable medium for analyzing a network, comprising:
-
computer code for reading encrypted network traffic information relating to network traffic;
computer code for decrypting the network traffic information; and
computer code for analyzing the network traffic utilizing the decrypted network traffic information;
wherein the network traffic information includes a format including an encryption header having an encryption field associated with an encryption algorithm used for encrypting the network traffic information.
-
-
23. The computer program product as recited in claim 22, wherein the network traffic is analyzed at a plurality of layers.
-
24. The computer program product as recited in claim 22, wherein the network is analyzed for determining reasons why a network performance is slow.
-
25. The computer program product as recited in claim 22, wherein the network is analyzed for understanding excessive traffic.
-
26. The computer program product as recited in claim 22, wherein the network is analyzed for gaining visibility into various parts of the network.
Specification