Incremental application of resources to network traffic flows based on heuristics and business policies
First Claim
Patent Images
1. A system comprising:
- a data collection module configured to collect data belonging to a plurality of traffic flows from a plurality of routers;
a controller; and
an analytics module configured to;
received data from the data collection module,retrieve from a policy data base a set of policy rules for a traffic flow among the plurality of traffic flows,determine if any data packets belonging to the traffic flow matches a first policy rule within the set of policy rules,in response to determining that the traffic flow satisfies the first policy rule, send policy compliance information about the traffic flow to the controller,wherein the controller is configured to;
receive policy compliance information about the plurality of traffic flows from the analytics module, andin response to receiving policy compliance information about the traffic flow from the analytics module, configure one or more routers to transmit a first portion of the traffic flow to a network service providerin response to determining that the traffic flow satisfies a second policy rule, send a request to receive a second portion of the traffic flow, wherein the second portion of the traffic flow comprises a larger amount of information than the first portion of the traffic flow; and
in response to receiving the second portion of the traffic flow, inspect the second portion of the traffic flow at a second level of detail, wherein the inspecting at the second level of detail requires a different amount of computing resources than the inspecting the first portion of the traffic at the first level of detail.
2 Assignments
0 Petitions
Accused Products
Abstract
Disclosed herein are system, method, and computer program product embodiments for increasingly applying network resources to traffic flows based on heuristics and policy conditions. A network determines that a traffic flow satisfies a first condition and transmits a first portion of the traffic flow to a network service. A network service then inspects the first portion of the traffic flow at a first level of detail and determines that the traffic flow satisfies a second condition. The network can then transmit a second portion of the traffic flow to the network service based on the determining the traffic flow satisfies the second condition. The network service can inspect the second portion of the traffic flow at a second level of detail, wherein the inspecting at the second level of detail requires a different amount of computing resources than the inspecting at the first level of detail.
-
Citations
20 Claims
-
1. A system comprising:
-
a data collection module configured to collect data belonging to a plurality of traffic flows from a plurality of routers; a controller; and an analytics module configured to; received data from the data collection module, retrieve from a policy data base a set of policy rules for a traffic flow among the plurality of traffic flows, determine if any data packets belonging to the traffic flow matches a first policy rule within the set of policy rules, in response to determining that the traffic flow satisfies the first policy rule, send policy compliance information about the traffic flow to the controller, wherein the controller is configured to; receive policy compliance information about the plurality of traffic flows from the analytics module, and in response to receiving policy compliance information about the traffic flow from the analytics module, configure one or more routers to transmit a first portion of the traffic flow to a network service provider in response to determining that the traffic flow satisfies a second policy rule, send a request to receive a second portion of the traffic flow, wherein the second portion of the traffic flow comprises a larger amount of information than the first portion of the traffic flow; and in response to receiving the second portion of the traffic flow, inspect the second portion of the traffic flow at a second level of detail, wherein the inspecting at the second level of detail requires a different amount of computing resources than the inspecting the first portion of the traffic at the first level of detail. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A network service provider configured to:
-
receive a first portion of a traffic flow; inspect the first portion of the traffic flow at a first level of detail based on a first condition; determine, based on the inspecting, that the traffic flow satisfies a second condition; in response to determining that the traffic flow satisfies the second condition, send a request to receive a second portion of the traffic flow, wherein the second portion of the traffic flow comprises a larger amount of information than the first portion of the traffic flow; and in response to receiving the second portion of the traffic flow, inspect the second portion of the traffic flow at a second level of detail, wherein the inspecting at the second level of detail requires a different amount of computing resources than the inspecting at the first level of detail. - View Dependent Claims (8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. A non-transitory computer-readable medium having instructions stored thereon that, when executed by at least one computing device, causes the at least one computing device to perform operations comprising:
-
(a) receiving a plurality of data packets belonging to a plurality of traffic flows; (b) retrieving a set of policy rules for a traffic flow among the plurality of traffic flows from a policy data base; (c) determining if any of the data packets belonging to the traffic flow matches a first policy rule within the set of policy rules; (d) sending policy compliance information to a controller in response to determining in (c); (e) in response to receiving policy compliance information about the traffic flow, configuring one or more routers to transmit a first portion of the traffic flow to a network service provider; and in response to determining that the traffic flow satisfies a second policy rule, send a request to receive a second portion of the traffic flow, wherein the second portion of the traffic flow comprises a larger amount of information than the first portion of the traffic flow; and in response to receiving the second portion of the traffic flow, inspect the second portion of the traffic flow at a second level of detail, wherein inspecting at the second level of detail requires a different amount of computing resources than inspecting the first portion of the traffic at a first level of detail. - View Dependent Claims (19, 20)
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeLevel 3 Communications LLC (Lumen Technologies, Inc.)
-
Original AssigneeLevel 3 Communications LLC (Lumen Technologies, Inc.)
-
InventorsCaputo, II, Pete Joseph, Sella, William Thomas
-
Primary Examiner(s)Chu, Wutchung
-
Application NumberUS15/279,289Publication NumberTime in Patent Office419 DaysField of Search709224, 709223, 709225, 709205, 370235, 370252, 370241, 370230, 370392US Class CurrentCPC Class CodesH04L 41/0893 Assignment of logical group...H04L 41/0894 Policy-based network config...H04L 41/0895 Configuration of virtualise...H04L 43/026 using flow identificationH04L 43/028 by filteringH04L 43/18 Protocol analysersH04L 45/22 Alternate routingH04L 45/243 using M+N parallel active p...H04L 45/30 Routing of multiclass trafficH04L 47/10 Flow control; Congestion co...H04L 47/20 Traffic policingH04L 47/24 Traffic characterised by sp...H04L 47/2441 relying on flow classificat...H04L 63/0236 Filtering by address, proto...H04L 63/1416 Event detection, e.g. attac...H04L 63/1425 Traffic logging, e.g. anoma...H04L 69/22 Parsing or analysis of headers
