Bandwidth throttling in vulnerability scanning applications
First Claim
1. A method of routing network packets in a networked device having plural network interfaces by applying combining traffic class and network interface throttling, the method comprising:
- marking one or more network packets with a differentiated service code;
throttling the bandwidth of at least one of the network packets based at least in part on a threshold for a designated network interface for the at least one packet, thereby producing first throttled packets;
throttling the bandwidth of at least one of the first throttled packets based at least in part on a threshold for the packet'"'"'s respective differentiated service code, thereby producing second throttled network packets; and
removing the differentiated service code from at least one of the second throttled network packets in a respective functional block queue and emitting network packets on the respective designated network interface for each of the second throttled network packets according to the throttled bandwidth.
3 Assignments
0 Petitions
Accused Products
Abstract
Apparatus and methods are disclosed for implementing bandwidth throttling to regulate network traffic as can be used in, for example, vulnerability scanning and detection applications in a computer network environment. According to one embodiment, a method of routing network packets in a networked device having plural network interfaces combines applying traffic class and network interface throttling for marking network packets with a differentiated service code based on input received from a profiler application, throttling the bandwidth of network packets based on a threshold for a designated network interface for the packet, throttling the bandwidth of the bandwidth-throttled packets based on a threshold for its respective differentiated service code, and emitting network packets on each respective designated network interface.
-
Citations
21 Claims
-
1. A method of routing network packets in a networked device having plural network interfaces by applying combining traffic class and network interface throttling, the method comprising:
-
marking one or more network packets with a differentiated service code; throttling the bandwidth of at least one of the network packets based at least in part on a threshold for a designated network interface for the at least one packet, thereby producing first throttled packets; throttling the bandwidth of at least one of the first throttled packets based at least in part on a threshold for the packet'"'"'s respective differentiated service code, thereby producing second throttled network packets; and removing the differentiated service code from at least one of the second throttled network packets in a respective functional block queue and emitting network packets on the respective designated network interface for each of the second throttled network packets according to the throttled bandwidth. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. One or more computer-readable storage media storing computer-readable instructions that when executed by a device connected to a computer network, cause the networked device to perform a method, the instructions comprising:
-
instructions to mark at least one of network packets with a firewall mark, wherein the at least one of network packets are exempt from being marked with a differentiated service code; instructions to mark the at least one of the network packets with a code, producing marked network packets; instructions to throttle the bandwidth of the marked network packets based at least in part on a threshold for a designated network interface for the packets, thereby producing first throttled packets; instructions to throttle the bandwidth of the first throttled packets based at least in part on a threshold for the packet'"'"'s respective code, thereby producing second throttled network packets; and instructions to emit network packets on the respective designated network interface for each of the second throttled network packets according to the throttled bandwidth. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. An apparatus, comprising:
-
one or more processors; a first physical network interface and a second physical network interface; and memory or storage devices storing computer-executable instructions that when executed by the processors, cause the apparatus to perform a method, the method comprising; scanning at least one of networked devices for vulnerabilities, marking one or more packets received with the first physical network interface with a differentiated service code, wherein the code is assigned based on the scanning, throttling the bandwidth of at least one of the packets based at least in part on a threshold designated for the second physical network interface for the at least one packet, thereby producing first throttled packets, throttling the bandwidth of at least one of the first throttled packets based at least in part on a threshold for the packet'"'"'s respective differentiated service code, thereby producing second throttled network packets, and emitting network packets on the second physical network interface for each of the second throttled network packets according to the throttled bandwidth. - View Dependent Claims (16, 17, 18, 19, 20, 21)
-
Specification