会员体验
专利管家(专利管理)
工作空间(专利管理)
风险监控(情报监控)
数据分析(专利分析)
侵权分析(诉讼无效)
联系我们
交流群
官方交流:
QQ群: 891211   
微信请扫码    >>>
现在联系顾问~
热词
    • 4. 发明授权
    • Identifying and analyzing network configuration differences
    • 识别和分析网络配置差异
    • US08493883B2
    • 2013-07-23
    • US11505228
    • 2006-08-16
    • Pradeep K. SinghAlain J. CohenAnkit Agarwal
    • Pradeep K. SinghAlain J. CohenAnkit Agarwal
    • H04L12/28
    • H04L41/0866H04L41/0859
    • A contextual and semantic analysis of network entities facilitates a mapping and comparison of the entities between network models. The system includes a plurality of refine handler and match handler pairs that use rules that are specific to the type of network entities being analyzed. The refine handler analyzes the network model to identify the entities for which its rules apply, and the match handler processes these identified entities to establish a pairing between corresponding entities in each model. A sequence of refine-match processes are applied to the network models, typically in accordance with a hierarchy of rules until each entity is identified as a matched, added, or removed entity. A difference handler processes the identified pairings to provide a difference analysis that facilitates a meaningful interpretation of the configuration changes, and a user interface provides an interactive environment to view the differences from different perspectives.
    • 网络实体的上下文和语义分析有助于网络模型之间的实体的映射和比较。 该系统包括使用特定于正在分析的网络实体的类型的规则的多个精简处理程序和匹配处理程序对。 精简处理程序分析网络模型以识别其规则适用的实体,匹配处理程序处理这些标识的实体以在每个模型中的对应实体之间建立配对。 精细匹配过程的序列通常根据规则的层次结构应用于网络模型,直到每个实体被识别为匹配的,添加的或移除的实体。 差异处理程序处理识别的配对以提供有助于对配置更改进行有意义的解释的差异分析,并且用户界面提供交互式环境以从不同的角度来查看差异。
    • 5. 发明申请
    • Analyzing security compliance within a network
    • 分析网络中的安全合规性
    • US20070157286A1
    • 2007-07-05
    • US11505171
    • 2006-08-16
    • Pradeep SinghAnkit AgarwalAlain CohenVenuprakash BarathanVinod Jeyachandran
    • Pradeep SinghAnkit AgarwalAlain CohenVenuprakash BarathanVinod Jeyachandran
    • H04L9/00
    • H04L41/28H04L12/2697H04L41/0866H04L41/0893H04L41/145H04L41/22H04L43/50H04L63/1433H04L63/20
    • A security policy database identifies the intended security policies within a network, a traffic generator provides test traffic that is configured to test each defined security policy, and a simulator simulates the propagation of this traffic on a model of the network. The model of the network includes the configuration data associated with each device, and thus, if devices are properly configured to enforce the intended security policies, the success/failure of the simulated test traffic will conform to the intended permit/deny policy of each connection. Differences between the simulated message propagation and the intended security policies are reported to the user, and diagnostic tools are provided to facilitate identification of the device configuration data that accounts for the observed difference. Additionally, if a network's current security policy is unknown, test traffic is generated to reveal the actual policy in effect, to construct a baseline intended security policy.
    • 安全策略数据库标识网络中的预期安全策略,流量生成器提供被配置为测试每个定义的安全策略的测试流量,并且模拟器模拟该流量在网络模型上的传播。 网络模型包括与每个设备相关联的配置数据,因此,如果设备被正确配置以实施预期的安全策略,则模拟测试流量的成功/失败将符合每个连接的预期允许/拒绝策略 。 向用户报告模拟消息传播与预期安全策略之间的差异,并提供诊断工具以便于识别出所观察到的差异的设备配置数据。 此外,如果网络当前的安全策略未知,则生成测试流量以显示实际的实际策略,以构建基准预期的安全策略。
    • 6. 发明申请
    • VERIFYING DATA CONSISTENCY AMONG STRUCTURED FILES
    • 在结构化文件中验证数据一致性
    • US20090055416A1
    • 2009-02-26
    • US12176317
    • 2008-07-18
    • Ankit AgarwalMahesh LavannisPradeep K. Singh
    • Ankit AgarwalMahesh LavannisPradeep K. Singh
    • G06F17/30
    • G06F17/30067
    • A scalable comparison structure and methodology is provided that is suitable for comparing select data content in hundreds or thousands of files in an efficient manner. Section delimiters are defined to identify the sections of the files within which the select data content is located, and sets of unique sections are identified based on the select data content within the section. Thereafter, comparisons and reports are based on these unique content sections. If multiple files include a common set of data, a single unique content section is used to represent these multiple files. File groups are optionally defined, and different sets of select data content can be compared based on these file groups. The result of the comparison is presented in multiple hierarchical forms, including an identification of which files are different from each other, and an identification of the differences among the unique content segments.
    • 提供了可扩展的比较结构和方法,适用于以有效的方式比较数百或数千个文件中的选择数据内容。 段定界符被定义为识别选择数据内容所在的文件的部分,并且基于该部分内的选择数据内容来识别唯一部分的集合。 此后,比较和报告是基于这些独特的内容部分。 如果多个文件包含一组通用数据,则使用单个唯一内容部分来表示这些多个文件。 可选地定义文件组,并且可以基于这些文件组来比较不同组的选择数据内容。 比较的结果以多种分层形式呈现,包括哪些文件彼此不同的标识以及唯一内容段之间的差异的识别。
    • 7. 发明授权
    • Verifying data consistency among structured files
    • 验证结构化文件之间的数据一致性
    • US08166004B2
    • 2012-04-24
    • US12176317
    • 2008-07-18
    • Ankit AgarwalMahesh LavannisPradeep K. Singh
    • Ankit AgarwalMahesh LavannisPradeep K. Singh
    • G06F17/00
    • G06F17/30067
    • A scalable comparison structure and methodology is provided that is suitable for comparing select data content in hundreds or thousands of files in an efficient manner. Section delimiters are defined to identify the sections of the files within which the select data content is located, and sets of unique sections are identified based on the select data content within the section. Thereafter, comparisons and reports are based on these unique content sections. If multiple files include a common set of data, a single unique content section is used to represent these multiple files. File groups are optionally defined, and different sets of select data content can be compared based on these file groups. The result of the comparison is presented in multiple hierarchical forms, including an identification of which files are different from each other, and an identification of the differences among the unique content segments.
    • 提供了可扩展的比较结构和方法,适用于以有效的方式比较数百或数千个文件中的选择数据内容。 段定界符被定义为识别选择数据内容所在的文件的部分,并且基于该部分内的选择数据内容来识别唯一部分的集合。 此后,比较和报告是基于这些独特的内容部分。 如果多个文件包含一组通用数据,则使用单个唯一内容部分来表示这些多个文件。 可选地定义文件组,并且可以基于这些文件组来比较不同组的选择数据内容。 比较的结果以多种分层形式呈现,包括哪些文件彼此不同的标识以及唯一内容段之间的差异的识别。
    • 8. 发明申请
    • VERIFYING CONSISTENCY AMONG DEVICE CONFIGURATIONS BASED ON COMPARING CONFIGURATION FILES
    • 基于比较配置文件的设备配置中的验证一致性
    • US20120209867A1
    • 2012-08-16
    • US13454050
    • 2012-04-23
    • Ankit AgarwalMahesh LavannisPradeep K. Singh
    • Ankit AgarwalMahesh LavannisPradeep K. Singh
    • G06F17/30
    • G06F16/10
    • A scalable comparison structure and methodology is provided that is suitable for comparing the configuration of devices in an efficient manner. In the configuration files, section delimiters are defined to identify the sections of the files within which the select data content is located, and differences in the sections are identified based on the select data content within the section. Thereafter, comparisons and reports are based on these unique content sections. Groups of devices are optionally defined, and different sets of select data content can be compared based on these groups. The result of the comparison may be presented in multiple hierarchical forms, including an identification of which configuration files are different from each other, and an identification of the differences among the unique content in these configuration files.
    • 提供了一种可扩展的比较结构和方法,适用于以有效的方式比较设备的配置。 在配置文件中,定义了分段定界符,以标识选择数据内容所在的文件部分,并根据部分中的选择数据内容识别部分中的差异。 此后,比较和报告是基于这些独特的内容部分。 可选择地定义设备组,并且可以基于这些组来比较不同组的选择数据内容。 比较的结果可以以多种分层形式呈现,包括哪些配置文件彼此不同的标识以及这些配置文件中的唯一内容之间的差异的标识。
    • 9. 发明授权
    • Assessing network and device compliance with security policies
    • 评估网络和设备符合安全策略
    • US08955032B2
    • 2015-02-10
    • US11776721
    • 2007-07-12
    • Ankit AgarwalNick BastinPradeep K. SinghSeth Martin
    • Ankit AgarwalNick BastinPradeep K. SinghSeth Martin
    • H04L29/00H04L29/06
    • H04L63/20
    • All of the transit services that each device is expected to provide are determined and contrasted with the transit configuration of each device. Because the transit configuration of each device may be state-dependent, the service items within each application service are processed in sequential order. Sequences of service items are associated with connection groups, and each of the routes associated with each connection group is determined based on the sequential order of the service items. The configuration of each device along each route is processed to determine the services that will be permitted or denied, based on its current configuration. Each desired transit service item is compared to the transit configuration provided by each device to identify any inconsistencies and/or violations.
    • 每个设备预期提供的所有过境服务都被确定,并与每个设备的传输配置进行对比。 由于每个设备的传输配置可能与状态有关,因此每个应用服务中的服务项目按顺序进行处理。 服务项目的顺序与连接组相关联,并且基于服务项目的顺序来确定与每个连接组相关联的每个路线。 根据其当前配置,处理每个路由上每个设备的配置,以确定将被允许或拒绝的服务。 将每个期望的中转服务项目与由每个设备提供的传输配置进行比较,以识别任何不一致和/或违规。