System and method for managing traffic to a probe
First Claim
1. An apparatus for routing a packet over a network, comprising:
- a replication component that generates a replicate packet for each received packet; and
a non-transitory distribution component in communication with the replication component, wherein the distribution component is arranged to perform actions, including;
if a first mode is selected, forwarding the replicate packet to each of a plurality of probes while forwarding the received packet to at least one server, wherein the plurality of probes comprises two or more security probes that each perform a different security analysis on the replicate packet;
if a second mode is selected;
selecting which one of the plurality of probes to forward the replicate packet based at least on an application associated with the replicate packet and further based on a load-balancing mechanism; and
forwarding the replicate packet to the selected one of the plurality of probes while forwarding the received packet to at least one server; and
if a response packet received from at least one probe in the plurality of probes includes a reset command to the at least one server, terminating a connection between the at least one server and a client associated with the received packet.
1 Assignment
0 Petitions
Accused Products
Abstract
A system and method is directed to routing a packet over a network to a probe. The system includes a replicator and a distributor. The replicator receives a packet from a client and replicates the packet. The distributor is either out-of-band or in-band to a flow of traffic between the client and a server. In the out-of-band configuration, the distributor forwards the replicate packet to at least one probe in a plurality of probes. The distributor receives a response to the replicate packet and transforms a source MAC address in the response to a MAC address of the distributor. The distributor forwards the transformed packet. The replicator forwards the original packet. In the in-band configuration, the distributor selects and forwards the original packet to a server using a first forwarding mechanism, and selects and forwards the replicate packet to a probe using a second forwarding mechanism.
-
Citations
31 Claims
-
1. An apparatus for routing a packet over a network, comprising:
-
a replication component that generates a replicate packet for each received packet; and a non-transitory distribution component in communication with the replication component, wherein the distribution component is arranged to perform actions, including; if a first mode is selected, forwarding the replicate packet to each of a plurality of probes while forwarding the received packet to at least one server, wherein the plurality of probes comprises two or more security probes that each perform a different security analysis on the replicate packet; if a second mode is selected; selecting which one of the plurality of probes to forward the replicate packet based at least on an application associated with the replicate packet and further based on a load-balancing mechanism; and forwarding the replicate packet to the selected one of the plurality of probes while forwarding the received packet to at least one server; and if a response packet received from at least one probe in the plurality of probes includes a reset command to the at least one server, terminating a connection between the at least one server and a client associated with the received packet. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A method for routing a packet over a network, comprising:
-
receiving the packet; replicating the packet; forwarding the packet to a server in a plurality of servers using a first forwarding mechanism; selecting which of at least one probe of a plurality of probes to forward the replicate packet using a second forwarding mechanism and based at least on an application associated with the replicate packet, wherein the plurality of probes comprises two or more security probes that each perform a different security analysis on the replicate packet; forwarding the replicate packet to the selected at least one probe using the second forwarding mechanism; if a response packet received from at least one probe in the plurality of probes includes a reset command to the server, terminating a connection between the server and a client associated with the packet, and wherein the second forwarding mechanism further comprising the selecting based on a load-balancing mechanism. - View Dependent Claims (15, 16, 17)
-
-
18. An apparatus for routing a packet over a network, comprising:
-
a replication component that generates a replicate packet for each received packet; and a non-transitory traffic engine, coupled to the replication component, that is arranged to perform actions, including; receiving the packet;
receiving the replicate packet;forwarding the packet to a server in a plurality of servers using a first forwarding mechanism; selecting which of at least one probe of a plurality of probes to forward the replicate packet using a second forwarding mechanism and based at least on an application associated with the replicate packet, wherein the plurality of probes comprises two or more security probes that each perform a different security analysis on the replicate packet; forwarding the replicate packet to the selected at least one probe using the second forwarding mechanism, if a response packet received from at least one probe in the plurality of probes includes a reset command to the server, terminating a connection between the server and a client associated with the packet, and wherein the second forwarding mechanism further comprising the selecting based on a load-balancing mechanism. - View Dependent Claims (19, 20)
-
-
21. A method for routing a packet over a network, comprising:
-
receiving the packet at a distribution component; replicating the packet; forwarding the packet to a server in a plurality of servers using a first forwarding mechanism; selecting which of at least one probe of a plurality of probes to forward the replicate packet using a second forwarding mechanism and based at least on an application associated with the replicate packet, wherein the plurality of probes comprises two or more security probes that each perform a different security analysis on the replicate packet; forwarding the replicate packet to the selected at least one probe using the second forwarding mechanism; if a response packet received from at least one probe in the plurality of probes includes a reset command to the server, terminating a connection between the server and a client associated with the packet; transforming a source MAC address in the response packet to a MAC address of the distribution component; forwarding the transformed packet based in part on a destination MAC address in the transformed packet, and wherein the second forwarding mechanism further comprising the selecting based on a load-balancing mechanism. - View Dependent Claims (22, 23, 24, 25)
-
-
26. An apparatus for routing a packet over a network, comprising:
-
a means for receiving a packet; a means for replicating the packet; a means for forwarding the packet to a server using a first forwarding mechanism; a means for selecting which of at least one probe of a plurality of probes to forward the replicate packet using a second forwarding mechanism and based at least on an application associated with the replicate packet, wherein the plurality of probes comprises two or more security probes that each perform a different security analysis on the replicate packet; a means for forwarding the replicate packet to the selected at least one probe using the second forwarding mechanism; a means for terminating a connection between the server and a client associated with the packet a response packet received from at least one probe in the plurality of probes includes a reset command to the server, and wherein the second forwarding mechanism further comprising the selecting based on a load-balancing mechanism.
-
-
27. A system for routing a packet over a network, comprising:
-
a replication component that generates a replicate packet for each received packet; and a non-transitory distribution component that receives the replicate packet from the replication component, wherein the distribution component is arranged to perform actions, including; if a first mode is selected, forwarding the replicate packet to each of a plurality of probes while forwarding the received packet to at least one server, wherein the plurality of probes comprises two or more security probes that each perform a different security analysis on the replicate packet; if a second mode is selected; selecting which one of the plurality of probes to forward the replicate packet based at least on an application associated with the replicate packet; and forwarding the replicate packet to the selected one of the plurality of probes while forwarding the received packet to at least one server; if a response packet received from at least one probe in the plurality of probes includes a reset command to the at least one server, terminating a connection between the at least one server and a client associated with the received packet, and wherein the second mode further comprising the selecting based on a load-balancing mechanism. - View Dependent Claims (28, 29)
-
-
30. A non-transitory computer-readable storage medium configured to include program instructions which, when executed on a processor, enable actions for routing a packet over a network, comprising:
-
receiving the packet; replicating the packet; forwarding the packet to a server in a plurality of servers using a first forwarding mechanism; selecting which of at least one probe of a plurality of probes to forward the replicate packet using a second forwarding mechanism and based at least on an application associated with the replicate packet, wherein the plurality of probes comprises two or more security probes that each perform a different security analysis on the replicate packet; forwarding the replicate packet to the selected at least one probe using the second forwarding mechanism; terminating a connection between the server and a client associated with the packet if a response packet received from at least one probe in the plurality of probes includes a reset command to the server, and wherein the second forwarding mechanism further comprising the selecting based on a load-balancing mechanism. - View Dependent Claims (31)
-
Specification