Generic discovery for computer networks
First Claim
1. A component discovery method comprising:
- intercepting data communications occurring between a first computer system in a computer network and a second computer system in the computer network;
identifying a sub-set of the intercepted data communications as important based on communication ports used in the data communications;
identifying at least a first application on the first computer system by analyzing the important data communications; and
generating a first hypothesis of an operational relationship between the first computer system and the second computer system based on the first application and the communication ports used by the important data communications.
9 Assignments
0 Petitions
Accused Products
Abstract
A generic discovery methodology collects data pertaining to components of a computer network using various discovery technologies. From the collected data, the methodology identifies, filters and analyzes information related to inter-component communications. Using the communication and application information, the methodology determines reliable relationships for those components having sufficient information available. To qualify more components, the methodology implements a decision service to generate hypothetical relationships between components that are known and components that are unqualified or unknown. The hypothetical relationships are presented to a user for selection, and each hypothetical relationship is preferably associated with an indication of its reliability.
168 Citations
21 Claims
-
1. A component discovery method comprising:
-
intercepting data communications occurring between a first computer system in a computer network and a second computer system in the computer network; identifying a sub-set of the intercepted data communications as important based on communication ports used in the data communications; identifying at least a first application on the first computer system by analyzing the important data communications; and generating a first hypothesis of an operational relationship between the first computer system and the second computer system based on the first application and the communication ports used by the important data communications. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A network discovery system, comprising:
-
a communication network; and a plurality of components operatively coupled to the communication network, the plurality of components including a first computer system and a second computer system, and at least one component being a computing device having at least one programmable control device and a storage device operatively coupled to the programmable control device, the storage device having stored therein instructions that, when executed by the programmable control device, cause the computing device to; intercept data communications occurring between the first computer system and the second computer system, identify a sub-set of the intercepted data communications as important based on communication ports used in the data communications, determine an identity of at least a first application on the first computer system by analyzing the important data communications, and generate a first hypothesis of an operational relationship between the first computer system and the second computer system based on the identity of the first application and the communication ports used by the important data communications. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18)
-
-
19. A non-transitory computer-readable device comprising instructions stored on the computer-readable device for causing a programmable control device to:
-
identify TCP connections between a first computer system in a computer network and a second computer system in the computer network; identify a set of communications using the TCP connections as important communications based on port information extracted from the communications; identifying at least a first application on the first computer system by analyzing the important communications; and generating a first hypothesis of an operational relationship between the first computer system and the second computer system based on the first application and the ports used by the important communications. - View Dependent Claims (20, 21)
-
Specification