Locational tagging in a capture system
First Claim
Patent Images
1. An article of manufacture including program code embodied on a memory which, when executed by a machine, causes the machine to perform a method, the method comprising:
- maintaining a tiered location configuration for a capture system of a network having private internet protocol (IP) addresses, the capture system being configured for a network security application in which filtering occurs such that certain flows originated at a first computer are prohibited from reaching their originally intended destination;
maintaining a list of private internet protocol (IP) address relationships to tier location configuration values for the capture system;
capturing a packet with the capture system;
classifying the packet into a plurality of tiers included within the tiered location configuration by comparing source and destination IP addresses associated with the packet to a tier mapping element maintained by the capture system, and wherein a selected first one of tiers identifies a geographic characteristic associated with the packet, and a selected second one of the tiers identifies a separate location characteristic associated with the packet, and a selected third one of the tiers identifies a division of a company, and a selected fourth one of the tiers identifies a building from which the packet originated, wherein the tiered location configuration includes separate tiers having different levels of detail; and
receiving a search query specifying a selected one of the levels of detail associated with the tiered location configuration.
14 Assignments
0 Petitions
Accused Products
Abstract
A system and method for locational tagging in a capture system are described. Metadata associated with a captured object includes: information about a location in storage of an object and that objects association to a particular user; and/or tiered location information.
-
Citations
15 Claims
-
1. An article of manufacture including program code embodied on a memory which, when executed by a machine, causes the machine to perform a method, the method comprising:
-
maintaining a tiered location configuration for a capture system of a network having private internet protocol (IP) addresses, the capture system being configured for a network security application in which filtering occurs such that certain flows originated at a first computer are prohibited from reaching their originally intended destination; maintaining a list of private internet protocol (IP) address relationships to tier location configuration values for the capture system; capturing a packet with the capture system; classifying the packet into a plurality of tiers included within the tiered location configuration by comparing source and destination IP addresses associated with the packet to a tier mapping element maintained by the capture system, and wherein a selected first one of tiers identifies a geographic characteristic associated with the packet, and a selected second one of the tiers identifies a separate location characteristic associated with the packet, and a selected third one of the tiers identifies a division of a company, and a selected fourth one of the tiers identifies a building from which the packet originated, wherein the tiered location configuration includes separate tiers having different levels of detail; and receiving a search query specifying a selected one of the levels of detail associated with the tiered location configuration. - View Dependent Claims (2, 3, 4, 5)
-
-
6. An article of manufacture including program code embodied on a memory which, when executed by a machine, causes the machine to perform a method, the method comprising:
-
initializing a log file, the log file to store internet protocol (IP) address assignment by MAC address; reading the log to determine a relationship between an IP address and a user; maintaining a tiered location configuration for a capture system of a network having private internet protocol (IP) addresses, the capture system being configured for a network security application in which filtering occurs such that certain flows originated at a first computer are prohibited from reaching their originally intended destination; capturing a packet addressed to a particular IP address; associating the packet to a user from the log, wherein the packet is classified within the tiered location configuration by comparing source and destination IP addresses associated with the packet to a tier mapping element maintained by the capture system, and wherein a selected first one of tiers identifies a geographic characteristic associated with the packet, and a selected second one of the tiers identifies a separate location characteristic associated with the packet, and a selected third one of the tiers identifies a division of a company, and a selected fourth one of the tiers identifies a building from which the packet originated, wherein the tiered location configuration includes separate tiers having different levels of detail; and receiving a search query specifying a selected one of the levels of detail associated with the tiered location configuration. - View Dependent Claims (7, 8, 9)
-
-
10. A method comprising:
-
maintaining a tiered location configuration for a capture system of a network having private internet protocol (IP) addresses on a memory, the capture system being configured for a network security application in which filtering occurs such that certain flows originated at a first computer are prohibited from reaching their originally intended destination; maintaining a list of private internet protocol (IP) address relationships to tier location configuration values for the capture system; capturing a packet with the capture system; classifying the packet into a plurality of tiers included within the tiered location configuration by comparing source and destination IP addresses associated with the packet to a tier mapping element maintained by the capture system, and wherein a selected first one of tiers identifies a geographic characteristic associated with the packet, and a selected second one of the tiers identifies a separate location characteristic associated with the packet, and a selected third one of the tiers identifies a division of a company, and a selected fourth one of the tiers identifies a building from which the packet originated, wherein the tiered location configuration includes separate tiers having different levels of detail; and receiving a search query specifying a selected one of the levels of detail associated with the tiered location configuration. - View Dependent Claims (11, 12)
-
-
13. A method comprising:
-
initializing a log file, the log file to store Internet protocol (IP) address assignment by MAC address on a memory; reading the log to determine a relationship between an IP address and a user; maintaining a tiered location configuration for a capture system of a network having private internet protocol (IP) addresses, the capture system being configured for a network security application in which filtering occurs such that certain flows originated at a first computer are prohibited from reaching their originally intended destination; capturing a packet addressed to a particular IP address; associating the packet to a user from the log, wherein the packet is classified within the tiered location configuration by comparing source and destination IP addresses associated with the packet to a tier mapping element maintained by the capture system, and wherein a selected first one of tiers identifies a geographic characteristic associated with the packet, and a selected second one of the tiers identifies a separate location characteristic associated with the packet, and a selected third one of the tiers identifies a division of a company, and a selected fourth one of the tiers identifies a building from which the packet originated, wherein the tiered location configuration includes separate tiers having different levels of detail; and receiving a search query specifying a selected one of the levels of detail associated with the tiered location configuration. - View Dependent Claims (14, 15)
-
Specification