Method and apparatus for monitoring traffic in a network

CAFC
  • US 6,954,789 B2
  • Filed: 10/14/2003
  • Issued: 10/11/2005
  • Est. Priority Date: 06/30/2000
  • Status: Expired due to Term
First Claim
Patent Images

1. A method of examining packets passing through a connection point on a computer network, each packets conforming to one or more protocols, the method comprising:

  • (a) receiving a packet from a packet acquisition device;

    (b) performing one or more parsing/extraction operations on the packet to create a parser record comprising a function of selected portions of the packet;

    (c) looking up a flow-entry database comprising none or more flow-entries for previously encountered conversational flows, the looking up using at least some of the selected packet portions and determining if the packet is of an existing flow;

    (d) if the packet is of an existing flow, classifying the packet as belonging to the found existing flow; and

    (e) if the packet is of a new flow, storing a new flow-entry for the new flow in the flow-entry database, including identifying information for future packets to be identified with the new flow-entry, wherein the parsing/extraction operations depend on one or more of the protocols to which the packet conforms.

View all claims
    ×
    ×

    Thank you for your feedback

    ×
    ×