Application identification
First Claim
Patent Images
1. A method comprising:
- receiving, by a network device, one or more packets from a client device;
determining, by the network device and using particular information in the one or more packets, whether a first data structure stores an entry that includes information matching the particular information,the first data structure storing information identifying applications executed by client devices;
identifying, by the network device and in the entry, information identifying a particular application being executed by the client device when the first data structure stores the entry that includes the information matching the particular information;
comparing, by the network device, the particular information to information in a second data structure to identify the particular application being executed by the client device when the first data structure does not store the entry that includes the information matching the particular information,the second data structure storing signature information associated with one or more applications,comparing the particular information to the information in the second data structure including;
searching for a pattern, in the second data structure, that matches a pattern in the one or more packets; and
applying, by the network device, an access policy to determine whether to grant, to the client device, access to a resource in a network associated with the network device,the access policy being based on the particular application.
0 Assignments
0 Petitions
Accused Products
Abstract
A method may include receiving a communication from a client device and identifying a port number, a protocol and a destination associated with the communication. The method may also include identifying a first application being executed by the first client device based on the port number, the protocol and the destination associated with the first communication.
69 Citations
20 Claims
-
1. A method comprising:
-
receiving, by a network device, one or more packets from a client device; determining, by the network device and using particular information in the one or more packets, whether a first data structure stores an entry that includes information matching the particular information, the first data structure storing information identifying applications executed by client devices; identifying, by the network device and in the entry, information identifying a particular application being executed by the client device when the first data structure stores the entry that includes the information matching the particular information; comparing, by the network device, the particular information to information in a second data structure to identify the particular application being executed by the client device when the first data structure does not store the entry that includes the information matching the particular information, the second data structure storing signature information associated with one or more applications, comparing the particular information to the information in the second data structure including; searching for a pattern, in the second data structure, that matches a pattern in the one or more packets; and applying, by the network device, an access policy to determine whether to grant, to the client device, access to a resource in a network associated with the network device, the access policy being based on the particular application. - View Dependent Claims (2, 3, 4, 5, 6, 19)
-
-
7. A non-transitory computer-readable medium storing instructions, the instructions comprising:
-
one or more instructions which, when executed by a first device, cause the first device to receive a packet from a second device, the first device being different than the second device; one or more instructions which, when executed by the first device, cause the first device to search a first data structure, using particular information in the packet, to determine whether the first data structure stores an entry that includes information matching the particular information, the first data structure storing information identifying applications executed by devices; one or more instructions which, when executed by the first device, cause the first device to identify, in the entry, information identifying a particular application being executed by the second device when the first data structure stores the entry that includes the information matching the particular information; one or more instructions which, when executed by the first device, cause the first device to compare the particular information to information in a second data structure to identify the particular application being executed by the second device when the first data structure does not store the entry that includes the information matching the particular information, the second data structure being different than the first data structure, and the second data structure storing signature information associated with one or more applications; one or more instructions which, when executed by the first device, cause the first device to identify, in a third data structure and based on the particular application, a rule associated with accessing a resource in a network associated with the first device; and one or more instructions which, when executed by the first device, cause the first device to selectively grant, to the second device and based on the rule, access to the resource in the network associated with the first device. - View Dependent Claims (8, 9, 10, 11, 12, 20)
-
-
13. A device comprising:
-
a memory to store instructions; and a processor to execute the instructions to; receive a packet from another device different than the device, the packet being associated with a request to access a resource in a network associated with the device, search a first data structure, using particular information in the packet, to determine whether the first data structure stores an entry that includes information matching the particular information, identify, in the entry, information identifying a particular application being executed by the other device when the first data structure stores the entry that includes the information matching the particular information, the first data structure storing information identifying applications executed by devices, compare the particular information to information in a second data structure to identify the particular application being executed by the other device when the first data structure does not store the entry that includes the information matching the particular information, the second data structure being different than the first data structure, and the second data structure storing signature information associated with one or more applications, identify, based on the particular application, information associated with accessing the resource in the network, and selectively grant, to the other device and based on the information associated with accessing the resource, access to the resource. - View Dependent Claims (14, 15, 16, 17, 18)
-
Specification