×

Network monitor internals description

  • US 7,272,646 B2
  • Filed: 06/14/2001
  • Issued: 09/18/2007
  • Est. Priority Date: 06/16/2000
  • Status: Expired due to Fees
First Claim
Patent Images

1. An apparatus for translating packet data into a serialized stream of network event data, comprising:

  • means for accepting said packet data live or from a first file containing said packet data;

    means for intepreting both sides of each network connection of one or more network connections in said packet data, wherein said means for interpreting comprises means for determining a relative time and a concurrency of each of a plurality of network events together with its comprised protocol events in said packet data and using said relative time and concurrency for making one or more policy decisions about said network event before it terminates;

    means for extracting security-sensitive information from said packet data, wherein said means for extracting omits passwords, documents, and other sensitive data; and

    means for generating output from said extracted security-sensitive information into said serialized stream of network event data in encoded format, wherein, said encoded format comprises a transaction identifier corresponding to said each said network connection, wherein each transaction identifier is used in a post-process to identify a plurality of actions corresponding to a plurality of protocol events on said network connections, each action including one or more elements of said security-sensitive information, and wherein said output is stored in a second file for subsequent post-processing by an interpreting processor or is fed continuously to said interpreting processor.

View all claims
  • 14 Assignments
Timeline View
Assignment View
    ×
    ×