专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US07792113B1 Method and system for policy-based forwarding 有权
标题翻译：基于策略的转发方法和系统
公开(公告)号：US07792113B1
公开(公告)日：2010-09-07
申请号：US10274608
申请日：2002-10-21
申请人： Marco E. Foschiano , Venkateshwar R. Pullela , Justin Q. Chen , Robert C. Benea , Maurizio Portolani
发明人： Marco E. Foschiano , Venkateshwar R. Pullela , Justin Q. Chen , Robert C. Benea , Maurizio Portolani
IPC分类号： H04L12/28 , H04L12/56
CPC分类号： H04L12/4675
摘要： A method of operating a network is disclosed. The method includes identifying a packet as being subject to a policy and forwarding said packet based on said policy, if said packet is subject to said policy.
摘要翻译：公开了一种操作网络的方法。所述方法包括：如果所述分组受到所述策略的影响，则将分组识别为受策略并基于所述策略转发所述分组。

2. 发明授权

US07061875B1 Spanning tree loop guard 有权
标题翻译：生成树环路保护
公开(公告)号：US07061875B1
公开(公告)日：2006-06-13
申请号：US10020667
申请日：2001-12-07
申请人： Maurizio Portolani , Shyamasundar S. Kaluve , Marco E. Foschiano
发明人： Maurizio Portolani , Shyamasundar S. Kaluve , Marco E. Foschiano
IPC分类号： H04L12/56 , H04L12/28 , H04J3/24 , G06F15/16
CPC分类号： H04L45/48 , H04L12/462 , H04L45/00 , H04L45/18
摘要： A system and method prevents the formation of loops that are not detected by the Spanning Tree Protocol (STP). An intermediate network device preferably includes a plurality of ports for receiving and forwarding network messages and a STP engine in communicating relationship with the ports. The STP engine transitions the ports among a plurality of spanning tree port states, including a discarding state, a learning state and a forwarding state. The device further includes a loop guard engine that is in communicating relationship with the STP engine and the ports. The loop guard engine monitors the receipt of configuration bridge protocol data unit (BPDU) messages by the ports. If a given port stops receiving BPDU messages, the loop guard engine prevents the STP engine from transitioning the given port to the forwarding state. Instead, the loop guard engine preferably causes the port to transition to a new state in which networks messages are explicitly blocked from being forwarded or received. If the given port subsequently receives a BPDU message, the loop guard engine releases the port from the new state, thereby allowing it to transition to some other spanning tree port state.
摘要翻译：系统和方法防止生成树协议（STP）未检测到的环路的形成。中间网络设备优选地包括用于接收和转发网络消息的多个端口和与端口通信关系的STP引擎。 STP引擎在多个生成树端口状态之间转换端口，包括丢弃状态，学习状态和转发状态。该装置还包括与STP引擎和端口处于通信关系的环路保护引擎。环路保护引擎监控端口接收到配置桥协议数据单元（BPDU）消息。如果给定端口停止接收BPDU消息，则环路保护引擎可以防止STP引擎将给定端口转换到转发状态。相反，环路保护引擎优选地使端口转变到其中网络消息被明确阻止被转发或接收的新状态。如果给定端口随后接收到一个BPDU消息，则环路保护引擎将该端口从新状态释放，从而允许其转换到某个其他生成树端口状态。

3. 发明授权

US07460492B2 Spanning tree loop guard 有权
标题翻译：生成树环路保护
公开(公告)号：US07460492B2
公开(公告)日：2008-12-02
申请号：US11451888
申请日：2006-06-12
申请人： Maurizio Portolani , Shyamasundar S. Kaluve , Marco E. Foschiano
发明人： Maurizio Portolani , Shyamasundar S. Kaluve , Marco E. Foschiano
IPC分类号： H04L12/56 , H04L12/28 , H04J3/24 , G06F15/16
CPC分类号： H04L45/48 , H04L12/462 , H04L45/00 , H04L45/18
摘要： A system and method are provided to prevent the formation of loops in a network. The network device includes a plurality of ports for receiving and forwarding network messages and a spanning tree protocol engine. The spanning tree protocol engine, in one embodiment, implements the Rapid Spanning Tree Protocol (RSTP) to transitions the ports among a plurality port states, including a discarding state, a learning state and a forwarding state. The network device further includes a loop guard engine that is in a communicating relationship with the spanning tree protocol engine and the ports. The loop guard engine monitors the receipt of bridge protocol data units (BPDUs) by the ports. If a given port stops receiving BPDUs, the loop guard engine prevents the spanning tree protocol engine from transitioning the given port to the forwarding state. Instead, the loop guard engine causes the port to transition to loop inconsistent state.
摘要翻译：提供了一种系统和方法来防止在网络中形成环路。网络设备包括用于接收和转发网络消息的多个端口和生成树协议引擎。在一个实施例中，生成树协议引擎实现快速生成树协议（RSTP），以在多个端口状态之间转换端口，包括丢弃状态，学习状态和转发状态。网络设备还包括与生成树协议引擎和端口处于通信关系的环路保护引擎。环路保护引擎监控端口接收桥协议数据单元（BPDU）。如果给定端口停止接收BPDU，则环路保护引擎可以防止生成树协议引擎将给定端口转换为转发状态。相反，环路保护引擎使端口转换到环路不一致的状态。

4. 发明授权

US07346057B2 Method and apparatus for inter-layer binding inspection to prevent spoofing 有权
标题翻译：用于层间绑定检查的方法和装置，以防止欺骗
公开(公告)号：US07346057B2
公开(公告)日：2008-03-18
申请号：US10210190
申请日：2002-07-31
申请人： Marco E. Foschiano , Justin Qizhong Chen , Ambarish Chintamani Kenghe
发明人： Marco E. Foschiano , Justin Qizhong Chen , Ambarish Chintamani Kenghe
IPC分类号： H04L12/28 , G06F17/00
CPC分类号： H04L63/1466 , H04L29/12018 , H04L61/10
摘要： A method for inspecting packets is disclosed. The method includes processing a packet by determining if the packet is an inter-layer binding protocol packet and inspecting the packet, if the packet is an inter-layer binding protocol packet. The inter-layer binding protocol packet indicating a binding between a first network layer address and a second network layer address.
摘要翻译：公开了一种检查数据包的方法。该方法包括：如果分组是层间绑定协议分组，则通过确定分组是层间绑定协议分组并检查分组来处理分组。所述层间绑定协议分组指示第一网络层地址和第二网络层地址之间的绑定。

5. 发明授权

US07953089B1 Systems and methods for multicast switching in a private VLAN 有权
标题翻译：私有VLAN中组播切换的系统和方法
公开(公告)号：US07953089B1
公开(公告)日：2011-05-31
申请号：US11434728
申请日：2006-05-16
申请人： Vijayan Ramakrishnan , Marco E. Foschiano , Chickayya G. Naik
发明人： Vijayan Ramakrishnan , Marco E. Foschiano , Chickayya G. Naik
IPC分类号： H04L12/28 , H04L12/56 , H04L12/54 , G06F9/26 , G06F9/34
CPC分类号： H04L12/4641 , H04L45/16 , H04L49/201 , H04L49/354
摘要： A Multicast Listener Discovery (MLD) protocol query and/or report snooping process is modified to appropriately map secondary PVLAN identifiers to corresponding primary PVLAN identifiers, thereby accommodating other system elements that are otherwise unaware of primary/secondary PVLAN distinctions. Special cases are also accommodated where reverse path forwarding (RPF) checks in support of multicast operation might otherwise fail due to primary/secondary PVLAN distinctions. Additional steps are taken to ensure that PVLAN information properly accounts for changes in configuration and/or location of various network hosts.
摘要翻译：修改多播侦听器发现（MLD）协议查询和/或报告侦听进程，以将辅助PVLAN标识符适当地映射到对应的主PVLAN标识符，从而容纳否则不知道主/次PVLAN区别的其他系统元素。还适用于支持多播操作的反向路径转发（RPF）检查可能由于主要/次要PVLAN区别而失败的特殊情况。采取额外的步骤来确保PVLAN信息正确地解决了各种网络主机的配置和/或位置的变化。

6. 发明授权

US08958318B1 Event-based capture of packets from a network flow 有权
标题翻译：基于事件的捕获来自网络流的数据包
公开(公告)号：US08958318B1
公开(公告)日：2015-02-17
申请号：US13238493
申请日：2011-09-21
申请人： John Hastwell , Marco E. Foschiano , Ravichandra Ryali , Nirmalendu Das
发明人： John Hastwell , Marco E. Foschiano , Ravichandra Ryali , Nirmalendu Das
IPC分类号： G01R31/08
CPC分类号： H04L43/028 , H04L43/12 , H04L63/1408
摘要： An apparatus and method for event-based data capture from network flows are provided. At a network device, a network flow is received that comprises a plurality of packets each comprising control information and data. The network flow is monitored for the occurrence of at least one predetermined triggering event. In response to detecting the triggering event, at least a portion of one or more of the packets received after the triggering event is captured, and the captured portion is exported to an analysis server. The network device may comprise any device configured to forward flows of packets such as, for example, switches, routers, firewalls, etc.
摘要翻译：提供了一种用于从网络流中捕获事件的数据的装置和方法。在网络设备处，接收到包括多个分组的网络流，每个分组包括控制信息和数据。监视网络流程以发生至少一个预定的触发事件。响应于检测到触发事件，捕获在触发事件之后接收到的一个或多个分组的至少一部分，并且将捕获的部分导出到分析服务器。网络设备可以包括被配置为转发分组流的任何设备，例如交换机，路由器，防火墙等。

7. 发明授权

US07830898B2 Method and apparatus for inter-layer binding inspection 有权
标题翻译：层间结合检查的方法和装置
公开(公告)号：US07830898B2
公开(公告)日：2010-11-09
申请号：US12044311
申请日：2008-03-07
申请人： Marco E. Foschiano , Justin Qizhong Chen , Ambarish Chintamani Kenghe
发明人： Marco E. Foschiano , Justin Qizhong Chen , Ambarish Chintamani Kenghe
IPC分类号： H04L12/56 , G06F15/16
CPC分类号： H04L63/1466 , H04L29/12018 , H04L61/10
摘要： A method for inspecting packets is disclosed. The method includes processing a packet by determining if the packet is an inter-layer binding protocol packet and inspecting the packet, if the packet is an inter-layer binding protocol packet. The inter-layer binding protocol packet indicating a binding between a first network layer address and a second network layer address.
摘要翻译：公开了一种检查数据包的方法。该方法包括：如果分组是层间绑定协议分组，则通过确定分组是层间绑定协议分组并检查分组来处理分组。所述层间绑定协议分组指示第一网络层地址和第二网络层地址之间的绑定。

8. 发明授权

US07551559B1 System and method for performing security actions for inter-layer binding protocol traffic 有权
标题翻译：为层间绑定协议流量执行安全动作的系统和方法
公开(公告)号：US07551559B1
公开(公告)日：2009-06-23
申请号：US10971521
申请日：2004-10-22
申请人： Premkumar Jonnala , Adam J. Sweeney , Dehua Huang , Silviu Dobrota , Pradeep S. Sudame , Marco E. Foschiano
发明人： Premkumar Jonnala , Adam J. Sweeney , Dehua Huang , Silviu Dobrota , Pradeep S. Sudame , Marco E. Foschiano
IPC分类号： H04L5/12
CPC分类号： H04L63/1466 , H04L63/1416
摘要： Users are allowed to specify per-interface rate limits for inter-layer binding protocol traffic. If the user-specified rate limit is exceeded on a given interface, inter-layer binding protocol messages received via that interface are caused to be dropped (e.g., by selectively dropping ILBP messages, or by simply shutting down the interface). If the rate is not exceeded, inter-layer binding protocol messages received via that interface can be validated (e.g., by comparing an inter-layer binding included in the body of an inter-layer binding protocol message to protocol status information obtained by snooping protocol messages). If the inter-layer binding does not match the protocol status information, the inter-layer binding protocol message is dropped. If a match is found, the inter-layer binding protocol message is allowed to be forwarded normally. Such systems and methods may be used to inhibit various undesirable network behavior, such as man-in-the-middle attacks.
摘要翻译：允许用户为层间绑定协议流量指定每接口速率限制。如果在给定接口上超过用户指定的速率限制，则会导致通过该接口接收到的层间绑定协议消息（例如，通过选择性地删除ILBP消息，或简单地关闭接口）。如果不超过该速率，则可以验证通过该接口接收的层间绑定协议消息（例如，通过将层间绑定协议消息正文中包含的层间绑定与通过侦听协议获得的协议状态信息进行比较消息）。如果层间绑定与协议状态信息不符，则删除层间绑定协议消息。如果发现匹配，则允许层间绑定协议消息正常转发。这样的系统和方法可以用于抑制各种不期望的网络行为，例如中间人攻击。

9. 发明授权

US08625603B1 Systems and methods for multicast switching in a private VLAN 有权
标题翻译：私有VLAN中组播切换的系统和方法
公开(公告)号：US08625603B1
公开(公告)日：2014-01-07
申请号：US13104554
申请日：2011-05-10
申请人： Vijayan Ramakrishnan , Marco E. Foschiano , Chickayya G. Naik
发明人： Vijayan Ramakrishnan , Marco E. Foschiano , Chickayya G. Naik
IPC分类号： H04L12/28 , G06F9/00
CPC分类号： H04L12/4641 , H04L45/16 , H04L49/201 , H04L49/354
摘要： A Multicast Listener Discovery (MLD) protocol query and/or report snooping process is modified to appropriately map secondary PVLAN identifiers to corresponding primary PVLAN identifiers, thereby accommodating other system elements that are otherwise unaware of primary/secondary PVLAN distinctions. Special cases are also accommodated where reverse path forwarding (RPF) checks in support of multicast operation might otherwise fail due to primary/secondary PVLAN distinctions. Additional steps are taken to ensure that PVLAN information properly accounts for changes in configuration and/or location of various network hosts.
摘要翻译：修改多播侦听器发现（MLD）协议查询和/或报告侦听进程，以将辅助PVLAN标识符适当地映射到对应的主PVLAN标识符，从而容纳否则不知道主/次PVLAN区别的其他系统元素。还适用于支持多播操作的反向路径转发（RPF）检查可能由于主要/次要PVLAN区别而失败的特殊情况。采取额外的步骤来确保PVLAN信息正确地解决了各种网络主机的配置和/或位置的变化。

10. 发明授权

US07606229B1 Generic bridge packet tunneling 有权
标题翻译：通用桥包隧道
公开(公告)号：US07606229B1
公开(公告)日：2009-10-20
申请号：US10290906
申请日：2002-11-08
申请人： Marco E. Foschiano , Sacidhar C. Nambakkam , Sushilkumar K. Goyal , Alagu Annaamalai , Shyamasundar S. Kaluve , Prabhu Seshachellam
发明人： Marco E. Foschiano , Sacidhar C. Nambakkam , Sushilkumar K. Goyal , Alagu Annaamalai , Shyamasundar S. Kaluve , Prabhu Seshachellam
IPC分类号： H04L12/56
CPC分类号： H04L12/4695 , H04L12/4641 , H04L45/66 , H04L47/2483 , H04L49/90 , H04L2212/00
摘要： A method and system for processing a packet is disclosed. The method includes identifying the packet as a generic bridge packet tunneling (GBPT) packet, and performing GBPT processing on the packet at a network node, if the packet is a GBPT packet.
摘要翻译：公开了一种用于处理分组的方法和系统。该方法包括将分组标识为通用桥分组隧道（GBPT）分组，并且如果分组是GBPT分组，则在网络节点处对分组执行GBPT处理。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式