Proactive network analysis system
First Claim
1. A proactive network analysis system providing an integrated compilation of network tools for diagnosing network problems, measuring network performance, and monitoring network status, the system comprising:
- a distributed network packet capture data stream collector providing selective recordings of network traffic;
a traffic analyzer providing selected samples of specified end-to-end paths, wherein the sampling is at one of the network layer, the IP layer, OS layer, or application layer;
a syslog recorder analyzer and archiving unit to collect and summarize log events from the network; and
a remote access server identification tool to identify Remote Access Servers on the network, wherein the tool uses the following process;
a. Check each known Layer 3 switch,b. On the router, get an ARP cache,c. Find any MAC address that has multiple IP addresses associated with it,d. Ignore known MAC addresses or vendor IDs,e. Ping the IP addresses, and check the time-to-live value, known as TTL, on the resultant response, wherein a primary server will have an TTL that is greater than remotely attached devices and based on the differing values of the TTL field, a RAS server is identified.
0 Assignments
0 Petitions
Accused Products
Abstract
A proactive network analysis system is a single unit for diagnosing network problems, measuring network performance, and monitoring network status in a comprehensive manner. The system is a compilation of individual tools including a distributed network packet capture data stream collector; a traffic analyzer; a performance graphing unit; a syslog recorder analyzer and archiving unit; a system availability monitor; a device configuration archiving unit; and a throughput measurement tool. The system can further provide an access list generator, an access list analyzer, a router DNS name generator and a service level agreement measurement device.
-
Citations
6 Claims
-
1. A proactive network analysis system providing an integrated compilation of network tools for diagnosing network problems, measuring network performance, and monitoring network status, the system comprising:
-
a distributed network packet capture data stream collector providing selective recordings of network traffic; a traffic analyzer providing selected samples of specified end-to-end paths, wherein the sampling is at one of the network layer, the IP layer, OS layer, or application layer; a syslog recorder analyzer and archiving unit to collect and summarize log events from the network; and a remote access server identification tool to identify Remote Access Servers on the network, wherein the tool uses the following process; a. Check each known Layer 3 switch, b. On the router, get an ARP cache, c. Find any MAC address that has multiple IP addresses associated with it, d. Ignore known MAC addresses or vendor IDs, e. Ping the IP addresses, and check the time-to-live value, known as TTL, on the resultant response, wherein a primary server will have an TTL that is greater than remotely attached devices and based on the differing values of the TTL field, a RAS server is identified. - View Dependent Claims (2, 3, 4, 5, 6)
-
Specification