Efficient network monitoring and control

US 8,195,815 B2
Filed: 10/31/2007
Issued: 06/05/2012
Est. Priority Date: 10/31/2007
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

assigning a trust level to each of a plurality of users in a network;

setting a monitoring level for each of said plurality of users based on said trust level of the user;

monitoring at a network device, traffic associated with each of said plurality of users at the set monitoring levels, wherein monitoring comprises measuring data traffic transmitted between the network device and each of said plurality of users assigned a trust level;

analyzing at the network device, the monitored traffic associated with each of said plurality of users, wherein analyzing comprises comparing said measured data traffic to specified network usage parameters; and

modifying said trust level of one or more of said plurality of users if the analyzed traffic indicates that the one or more of said plurality of users is operating outside of the specified network usage parameters;

wherein modifying said trust level of the user comprises decreasing said trust level and increasing said data traffic measurements if the user operates outside of the specified network usage parameters, and increasing said trust level and reducing said data traffic measurements if the user operates within said specified network usage parameters for a set period of time.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In one embodiment, a method for monitoring traffic associated with users in a network includes assigning a trust level to each of the users, monitoring traffic associated with each of the users, and analyzing the monitored traffic. A level of monitoring is based on the trust level of the user. A user'"'"'s trust level is modified if the analyzed traffic indicates that the user is operating outside of specified network usage parameters. An apparatus for monitoring traffic associated with users in a network is also disclosed.

47 Citations

View as Search Results

20 Claims

1. A method comprising:
- assigning a trust level to each of a plurality of users in a network;
  
  setting a monitoring level for each of said plurality of users based on said trust level of the user;
  
  monitoring at a network device, traffic associated with each of said plurality of users at the set monitoring levels, wherein monitoring comprises measuring data traffic transmitted between the network device and each of said plurality of users assigned a trust level;
  
  analyzing at the network device, the monitored traffic associated with each of said plurality of users, wherein analyzing comprises comparing said measured data traffic to specified network usage parameters; and
  
  modifying said trust level of one or more of said plurality of users if the analyzed traffic indicates that the one or more of said plurality of users is operating outside of the specified network usage parameters;
  
  wherein modifying said trust level of the user comprises decreasing said trust level and increasing said data traffic measurements if the user operates outside of the specified network usage parameters, and increasing said trust level and reducing said data traffic measurements if the user operates within said specified network usage parameters for a set period of time.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1 further comprising associating one or more control policies with each of said trust levels and enforcing said control policies based on said trust level of each of said plurality of users.
  - 3. The method of claim 1 wherein assigning a trust level comprises analyzing network traffic data measurements associated with said plurality of users.
  - 4. The method of claim 1 further comprising updating said specified network usage parameters upon receiving input from an external updater interface.
  - 5. The method of claim 1 wherein said trust levels comprise three or more trust levels.
  - 6. The method of claim 1 wherein the network usage parameters are specified in an agreement between the user and a network provider.
  - 7. The method of claim 1 further comprising transmitting a notification upon modifying said trust level of the one or more of said plurality of users.
  - 8. The method of claim 1 further comprising:
    - transmitting a warning to one of said plurality of users if the user is operating beyond a first threshold but within said specified network usage parameters; and
      
      transmitting a notification to the service provider.
  - 9. The method of claim 1 wherein said network usage parameters used to determine said trust level of the user comprise a bandwidth limit and a set period of time over which the bandwidth limit is exceeded.

10. An apparatus comprising:
- a database for storing a list of users and a trust level assigned to each of the users;
  
  a monitor operable to monitor traffic associated with each of the users, wherein a level of monitoring is based on said trust level of the user, wherein the monitor is operable to measure data traffic transmitted between the apparatus and each of the users assigned a trust level; and
  
  a processor for setting said trust level for each of the users, setting said monitoring level for each of the users based on said trust level of the user, analyzing the monitored traffic, and modifying said trust level of one or more of the users if the analyzed traffic indicates that the one or more of the users is operating outside of specified network usage parameters;
  
  wherein analyzing the monitored traffic comprises comparing said measured data traffic to the specified network usage parameters and modifying said trust level of the user comprises decreasing said trust level and increasing said data traffic measurements if the user operates outside of the specified network usage parameters, and increasing said trust level and reducing said data traffic measurements if the user operates within said specified network usage parameters for a set period of time.
- View Dependent Claims (11, 12, 13, 14, 15, 16)
- - 11. The apparatus of claim 10 wherein the monitor operates at layer 4 through layer 7 of the network.
  - 12. The apparatus of claim 10 wherein the processor is further configured to apply one or more traffic control policies based on said trust level of the user.
  - 13. The apparatus of claim 10 wherein the network usage parameters are specified in an agreement between the user and a network provider.
  - 14. The apparatus of claim 10 wherein the processor is configured to transmit a notification upon modifying said trust level of the one or more of the users.
  - 15. The apparatus of claim 10 wherein the processor is configured to:
    - transmit a warning to one of said plurality of users if the user is operating beyond a first threshold but within said specified network usage parameters; and
      
      transmit a notification to the service provider.
  - 16. The apparatus of claim 10 wherein the processor is configured to update specified network usage parameters based on updates received at the apparatus.

17. Logic encoded on one or more non-transitory computer readable media for execution and when executed operable to:
- assign a trust level to each of a plurality of users;
  
  set a monitoring level for each of the users based on said trust level of the user;
  
  monitor traffic associated with each of the users, wherein computer code that monitors comprises computer code that measures data traffic transmitted between the system and each of said plurality of users assigned a trust level;
  
  analyze the monitored traffic, wherein computer code that analyzes comprises computer code that compares said measured data traffic to specified network usage parameters; and
  
  modify said trust level of one or more of the plurality of users if the analyzed traffic indicates that the one or more of the users is operating outside of the specified network usage parameters;
  
  wherein modifying said trust level of the user comprises decreasing said trust level and increasing said data traffic measurements if the user operates outside of the specified network usage parameters, and increasing said trust level and reducing said data traffic measurements if the user operates within said specified network usage parameters for a set period of time.
- View Dependent Claims (18, 19, 20)
- - 18. The logic of claim 17 wherein computer code that monitors comprises computer code that monitors the traffic at layer 4 through layer 7 of the network.
  - 19. The logic of claim 17 wherein said network usage parameters are specified in an agreement between the user and a network provider.
  - 20. The logic of claim 17 wherein said network usage parameters used to determine said trust level of the user comprise a bandwidth limit and a set period of time over which the bandwidth limit is exceeded.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Original Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Inventors
Woodman, Alistair
Primary Examiner(s)
Chan, Wing
Assistant Examiner(s)
Miah, Razu

Application Number

US11/981,189
Publication Number

US 20090113062A1
Time in Patent Office

1,679 Days
Field of Search

709223-229
US Class Current

709/229
CPC Class Codes

G06Q 20/102   Bill distribution or payments

G06Q 40/04   Trading; Exchange, e.g. sto...

G06Q 50/01   Social networking

H04L 41/5003   Managing SLA; Interaction b...

H04L 41/5022   by giving priorities, e.g. ...

H04L 43/00   Arrangements for monitoring...

Efficient network monitoring and control

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

47 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Efficient network monitoring and control

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

47 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links