System and method for controlling distribution of network communications
First Claim
1. A method for controlling distribution of network communications via a communications network, the method comprising:
- sampling a subset of a first plurality of network communications received along a first network path;
sampling a subset of a second plurality of network communications received along a second network path;
performing a statistical analysis of content within samples of said sampled subsets of said first and second pluralities of network communications to determine respective probabilities that the content carried on said first and second network paths are likely to have a certain characteristic, wherein the statistical analysis comprises determining values for sender metrics, the sender metrics reflecting quantities of communications on the first and second network paths having the certain characteristic;
determining a corresponding priority level for each network path, each priority level determined according to said path'"'"'s respective probability; and
varying an allocation of network resources permitted to be used to transmit communications received along each of said network paths, said allocations being varied as a function of said corresponding priority levels;
wherein a path having a higher corresponding priority level is allocated network resources to permit a rate of transmission of network communications that is greater than a corresponding rate of transmission for a path having a lower corresponding priority level.
3 Assignments
0 Petitions
Accused Products
Abstract
A network appliance controls access to network resources by identifying network paths passing through the network appliance to a protected network, drawings conclusions about the type of communications traveling along those paths, and then controlling, i.e. limiting, access to the protected network'"'"'s resources for transmitting communications on a path-by-path basis. Recipient controlled mechanisms are used to control access to the recipient'"'"'s network'"'"'s resources, namely, restricting bandwidth, controlling allocation of SMTP or other connections, and packet level traffic shaping techniques including controlling of parameters of TCP and/or IP communications, such as TCP receive window size and Maximum Segment Size, or otherwise decreasing the amount of network traffic per unit of time passing through the network appliance. This limits the amount of network resources that may be used by incoming communications. Multiple network appliances may communicate with one another to operate in concert to protect a greater portion of network resources.
-
Citations
22 Claims
-
1. A method for controlling distribution of network communications via a communications network, the method comprising:
-
sampling a subset of a first plurality of network communications received along a first network path; sampling a subset of a second plurality of network communications received along a second network path; performing a statistical analysis of content within samples of said sampled subsets of said first and second pluralities of network communications to determine respective probabilities that the content carried on said first and second network paths are likely to have a certain characteristic, wherein the statistical analysis comprises determining values for sender metrics, the sender metrics reflecting quantities of communications on the first and second network paths having the certain characteristic; determining a corresponding priority level for each network path, each priority level determined according to said path'"'"'s respective probability; and varying an allocation of network resources permitted to be used to transmit communications received along each of said network paths, said allocations being varied as a function of said corresponding priority levels; wherein a path having a higher corresponding priority level is allocated network resources to permit a rate of transmission of network communications that is greater than a corresponding rate of transmission for a path having a lower corresponding priority level. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A method for controlling distribution of network communications via a communications network, the method comprising:
-
determining a first priority level applicable to a first network path along which communications are received at a network appliance of a subnetwork responsive to a statistical analysis of a sampled subset of communications on said first network path to determine a first probability that the communications received on the first network path are likely to have a certain characteristic, the statistical analysis comprising determining a value for a first sender metric, the first sender metric reflecting a quantity of communications of the sampled subset of communications on the first network path having the certain characteristic; determining a second priority level applicable to a second network path along which communications are received at said network appliance responsive to a statistical analysis of a sampled subset of communications on said second network path to determine a second probability that the communications received on the second network oath are likely to have the certain characteristic, the statistical analysis comprising determining a value for a second sender metric, the second sender metric reflecting a quantity of communications of the sampled subset of communications on the second network path having the certain characteristic; and allocating network resources usable to deliver communications received along said first and second network paths via said network appliance, said network resources being allocated to cause communications received along said first and second network paths to have different corresponding maximum rates of transmission, the first network path having a different corresponding maximum rate than the corresponding maximum rate of the second network path responsive to a difference in the first and second probabilities of the first and second network paths.
-
-
13. A method for controlling distribution of network communications via a communications network, the method comprising:
-
identifying a network path for a plurality of packets transmitted by a network appliance; sampling a subset of said plurality of packets; performing a statistical analysis on the sampled subset of packets to determine a probability that the content carried on said network path is likely to have a certain characteristic, the analysis comprising determining a value for a sender metric reflecting a quantity of the sampled subset of packets sharing the certain characteristic; and controlling a transmission rate of packets on the network path, the particular control exercised being determined as a function of the probability. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22)
-
Specification