专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

US20080259926A1 Parsing Out of Order Data Packets at a Content Gateway of a Network 有权
标题翻译：在网络的内容网关上解析不合规格的数据包
公开(公告)号：US20080259926A1
公开(公告)日：2008-10-23
申请号：US11738358
申请日：2007-04-20
申请人： Humberto Tavares , Christopher C. O'Rourke , Robert Batz , Walter Dixon , Robert MacKie
发明人： Humberto Tavares , Christopher C. O'Rourke , Robert Batz , Walter Dixon , Robert MacKie
IPC分类号： H04L12/56
CPC分类号： H04L47/10 , H04L1/1628 , H04L43/18 , H04L47/34
摘要： In one embodiment, a method includes receiving, at a local node of a network, a sequenced data packet of a flow made up of multiple sequenced data packets from a source node directed toward a destination node. The flow is to be parsed by the local node to describe the flow for administration of the network. Based on sequence data in the sequenced data packet, it is determined whether the sequenced data packet is out of order in the flow. If it is determined that the sequenced data packet is out of order, then the sequenced data packet is forwarded toward the destination node before parsing the sequenced data packet. The out of order sequenced data packet is also stored for subsequent parsing at the local node.
摘要翻译：在一个实施例中，一种方法包括在网络的本地节点处接收由来自指向目的地节点的源节点的多个排序数据分组组成的流的排序数据分组。该流程将由本地节点进行解析，以描述网络管理流程。基于顺序数据包中的序列数据，确定顺序数据包是否在流程中是无序的。如果确定排序的数据分组是无序的，则在分析排序的数据分组之前，将排序的数据分组转发到目的地节点。无序排序数据包也存储在本地节点的后续解析中。

2. 发明授权

US07864771B2 Parsing out of order data packets at a content gateway of a network 有权
标题翻译：在网络的内容网关处解析出不合适的数据包
公开(公告)号：US07864771B2
公开(公告)日：2011-01-04
申请号：US11738358
申请日：2007-04-20
申请人： Humberto Tavares , Christopher C. O'Rourke , Robert Batz , Walter Dixon , Robert Mackie
发明人： Humberto Tavares , Christopher C. O'Rourke , Robert Batz , Walter Dixon , Robert Mackie
IPC分类号： H04L12/28 , H04L12/56
CPC分类号： H04L47/10 , H04L1/1628 , H04L43/18 , H04L47/34
摘要： In one embodiment, a method includes receiving, at a local node of a network, a sequenced data packet of a flow made up of multiple sequenced data packets from a source node directed toward a destination node. The flow is to be parsed by the local node to describe the flow for administration of the network. Based on sequence data in the sequenced data packet, it is determined whether the sequenced data packet is out of order in the flow. If it is determined that the sequenced data packet is out of order, then the sequenced data packet is forwarded toward the destination node before parsing the sequenced data packet. The out of order sequenced data packet is also stored for subsequent parsing at the local node.
摘要翻译：在一个实施例中，一种方法包括在网络的本地节点处接收由来自指向目的地节点的源节点的多个排序数据分组组成的流的排序数据分组。该流程将由本地节点进行解析，以描述网络管理流程。基于顺序数据包中的序列数据，确定顺序数据包是否在流程中是无序的。如果确定排序的数据分组是无序的，则在分析排序的数据分组之前，将排序的数据分组转发到目的地节点。无序排序数据包也存储在本地节点的后续解析中。

3. 发明申请

US20100172356A1 PARSING OUT OF ORDER DATA PACKETS AT A CONTENT GATEWAY OF A NETWORK 有权
标题翻译：在网络的内容网关中排除订单数据包
公开(公告)号：US20100172356A1
公开(公告)日：2010-07-08
申请号：US12725336
申请日：2010-03-16
申请人： Humberto Tavares , Christopher C. O'Rourke , Robert Batz , Walter Dixon , Robert Mackie
发明人： Humberto Tavares , Christopher C. O'Rourke , Robert Batz , Walter Dixon , Robert Mackie
IPC分类号： H04L12/56
CPC分类号： H04L47/10 , H04L1/1628 , H04L43/18 , H04L47/34
摘要： In one embodiment, a method includes receiving, at a local node of a network, a sequenced data packet of a flow made up of multiple sequenced data packets from a source node directed toward a destination node. The flow is to be parsed by the local node to describe the flow for administration of the network. Based on sequence data in the sequenced data packet, it is determined whether the sequenced data packet is out of order in the flow. If it is determined that the sequenced data packet is out of order, then the sequenced data packet is forwarded toward the destination node before parsing the sequenced data packet. The out of order sequenced data packet is also stored for subsequent parsing at the local node.
摘要翻译：在一个实施例中，一种方法包括在网络的本地节点处接收由来自指向目的地节点的源节点的多个排序数据分组组成的流的排序数据分组。该流程将由本地节点进行解析，以描述网络管理流程。基于顺序数据包中的序列数据，确定顺序数据包是否在流程中是无序的。如果确定排序的数据分组是无序的，则在分析排序的数据分组之前，将排序的数据分组转发到目的地节点。无序排序数据包也存储在本地节点的后续解析中。

4. 发明授权

US08194675B2 Parsing out of order data packets at a content gateway of a network 有权
标题翻译：在网络的内容网关处解析出不合适的数据包
公开(公告)号：US08194675B2
公开(公告)日：2012-06-05
申请号：US12725336
申请日：2010-03-16
申请人： Humberto Tavares , Christopher C. O'Rourke , Robert Batz , Walter Dixon , Robert Mackie
发明人： Humberto Tavares , Christopher C. O'Rourke , Robert Batz , Walter Dixon , Robert Mackie
IPC分类号： H04L12/28
CPC分类号： H04L47/10 , H04L1/1628 , H04L43/18 , H04L47/34
摘要： In one embodiment, a method includes receiving, at a local node of a network, a sequenced data packet of a flow made up of multiple sequenced data packets from a source node directed toward a destination node. The flow is to be parsed by the local node to describe the flow for administration of the network. Based on sequence data in the sequenced data packet, it is determined whether the sequenced data packet is out of order in the flow. If it is determined that the sequenced data packet is out of order, then the sequenced data packet is forwarded toward the destination node before parsing the sequenced data packet. The out of order sequenced data packet is also stored for subsequent parsing at the local node.
摘要翻译：在一个实施例中，一种方法包括在网络的本地节点处接收由来自指向目的地节点的源节点的多个排序数据分组组成的流的排序数据分组。该流程将由本地节点进行解析，以描述网络管理流程。基于顺序数据包中的序列数据，确定顺序数据包是否在流程中是无序的。如果确定排序的数据分组是无序的，则在分析排序的数据分组之前，将排序的数据分组转发到目的地节点。无序排序数据包也存储在本地节点的后续解析中。

5. 发明申请

US20090067416A1 ALLOWING TCP ACK TO PASS A GATEWAY WHILE QUEUING DATA FOR PARSING 有权
标题翻译：允许TCP ACK通过网关在队列数据进行分配
公开(公告)号：US20090067416A1
公开(公告)日：2009-03-12
申请号：US11854299
申请日：2007-09-12
申请人： Humberto Tavares , Chris O'Rourke , Robert Batz , Franklin Jones
发明人： Humberto Tavares , Chris O'Rourke , Robert Batz , Franklin Jones
IPC分类号： H04L12/56
CPC分类号： H04L1/1607 , H04L47/10 , H04L2001/0092
摘要： In one embodiment, a method for providing an ACK packet while queuing data is provided. One or more packets in a series of packets may be received from a client at a gateway. The gateway determines that a packet in the series of packets has not been received. The one or more packets are then queued. The queued packets may have included an ACK for one or more previously sent packets. Thus, if the gateway had forwarded the one or more packets that are queued, then the ACK would have been received by the server. However, the one or more packets are queued and thus the ACK included in the packets is not sent with the queued packets. Even though the plurality of packets are queued, an acknowledgement packet is generated and then sent for the previously sent packets. The acknowledgement packet acknowledges to the server that the one or more previously sent packets were received by the client. The server may then continue transmitting packets to the client and knows it does not need to retransmit the one or more previously sent packets.
摘要翻译：在一个实施例中，提供了一种在排队数据期间提供ACK分组的方法。一系列分组中的一个或多个分组可以从网关的客户端接收。网关确定未收到一系列数据包中的数据包。然后将一个或多个数据包排队。排队的分组可以包括用于一个或多个先前发送的分组的ACK。因此，如果网关转发了排队的一个或多个数据包，则该服务器将接收该ACK。然而，一个或多个分组被排队，因此包中的ACK不与排队的分组一起发送。即使多个分组被排队，生成确认分组，然后发送给先前发送的分组。确认分组向服务器确认客户端接收到一个或多个先前发送的分组。然后，服务器可以继续向客户端发送分组，并且知道它不需要重传一个或多个先前发送的分组。

6. 发明授权

US09049015B2 Allowing TCP ACK to pass a gateway while queuing data for parsing 有权
标题翻译：允许TCP ACK在排队数据进行解析时通过网关
公开(公告)号：US09049015B2
公开(公告)日：2015-06-02
申请号：US11854299
申请日：2007-09-12
申请人： Humberto Tavares , Chris O'Rourke , Robert Batz , Franklin Jones
发明人： Humberto Tavares , Chris O'Rourke , Robert Batz , Franklin Jones
IPC分类号： H04L12/56 , H04L12/26 , H04L12/24 , H04L12/66 , H04L1/16 , H04L12/801 , H04L1/00
CPC分类号： H04L1/1607 , H04L47/10 , H04L2001/0092
摘要： In one embodiment, a method for providing an ACK packet while queuing data is provided. One or more packets in a series of packets may be received from a client at a gateway. The gateway determines that a packet in the series of packets has not been received. The one or more packets are then queued. The queued packets may have included an ACK for one or more previously sent packets. Thus, if the gateway had forwarded the one or more packets that are queued, then the ACK would have been received by the server. However, the one or more packets are queued and thus the ACK included in the packets is not sent with the queued packets. Even though the plurality of packets are queued, an acknowledgement packet is generated and then sent for the previously sent packets. The acknowledgement packet acknowledges to the server that the one or more previously sent packets were received by the client. The server may then continue transmitting packets to the client and knows it does not need to retransmit the one or more previously sent packets.
摘要翻译：在一个实施例中，提供了一种在排队数据期间提供ACK分组的方法。一系列分组中的一个或多个分组可以从网关的客户端接收。网关确定未收到一系列数据包中的数据包。然后将一个或多个数据包排队。排队的分组可以包括用于一个或多个先前发送的分组的ACK。因此，如果网关转发了排队的一个或多个数据包，则该服务器将接收该ACK。然而，一个或多个分组被排队，因此包中的ACK不与排队的分组一起发送。即使多个分组被排队，生成确认分组，然后发送给先前发送的分组。确认分组向服务器确认客户端接收到一个或多个先前发送的分组。然后，服务器可以继续向客户端发送分组，并且知道它不需要重传一个或多个先前发送的分组。

7. 发明授权

US08844035B2 Techniques for network protection based on subscriber-aware application proxies 有权
标题翻译：基于用户感知应用代理的网络保护技术
公开(公告)号：US08844035B2
公开(公告)日：2014-09-23
申请号：US13369498
申请日：2012-02-09
申请人： Christopher C. O'Rourke , Frank Gerard Bordonaro , Louis Menditto , Robert Batz
发明人： Christopher C. O'Rourke , Frank Gerard Bordonaro , Louis Menditto , Robert Batz
IPC分类号： H04L29/06
CPC分类号： H04L63/0227 , H04L63/1408 , H04L63/1441
摘要： Techniques for responding to intrusions on a packet switched network include receiving user data at a subscriber-aware gateway server between a network access server and a content server. The user data includes subscriber identifier data that indicates a unique identifier for a particular user, network address data that indicates a network address for a host used by the particular user, NAS data that indicates an identifier for the network access server, flow list data that indicates one or more open data packet flows, and suspicious activity data. The suspicious activity data indicates a value for a property of the open data packet flows that indicates suspicious activity. It is determined whether an intrusion condition is satisfied based on the suspicious activity data. If the intrusion condition is satisfied, then the gateway responds based at least in part on user data other than the network address data.
摘要翻译：用于响应分组交换网络上的入侵的技术包括在网络接入服务器和内容服务器之间的用户感知网关服务器处接收用户数据。用户数据包括指示特定用户的唯一标识符的用户标识符数据，指示特定用户使用的主机的网络地址的网络地址数据，指示网络接入服务器的标识符的NAS数据，指示一个或多个打开的数据分组流和可疑活动数据。可疑活动数据表示指示可疑活动的开放数据分组流的属性的值。基于可疑活动数据确定是否满足入侵条件。如果入侵条件满足，则网关至少部分地基于除了网络地址数据之外的用户数据进行响应。

8. 发明授权

US08266696B2 Techniques for network protection based on subscriber-aware application proxies 有权
标题翻译：基于用户感知应用代理的网络保护技术
公开(公告)号：US08266696B2
公开(公告)日：2012-09-11
申请号：US11273112
申请日：2005-11-14
申请人： Christopher C. O'Rourke , Frank Gerard Bordonaro , Louis Menditto , Robert Batz
发明人： Christopher C. O'Rourke , Frank Gerard Bordonaro , Louis Menditto , Robert Batz
IPC分类号： G06F11/00 , G06F12/14 , G06F12/16 , G08B23/00
CPC分类号： H04L63/0227 , H04L63/1408 , H04L63/1441
摘要： Techniques for responding to intrusions on a packet switched network include receiving user data at a subscriber-aware gateway server between a network access server and a content server. The user data includes subscriber identifier data that indicates a unique identifier for a particular user, network address data that indicates a network address for a host used by the particular user, NAS data that indicates an identifier for the network access server, flow list data that indicates one or more open data packet flows, and suspicious activity data. The suspicious activity data indicates a value for a property of the open data packet flows that indicates suspicious activity. It is determined whether an intrusion condition is satisfied based on the suspicious activity data. If the intrusion condition is satisfied, then the gateway responds based at least in part on user data other than the network address data.
摘要翻译：用于响应分组交换网络上的入侵的技术包括在网络接入服务器和内容服务器之间的用户感知网关服务器处接收用户数据。用户数据包括指示特定用户的唯一标识符的用户标识符数据，指示特定用户使用的主机的网络地址的网络地址数据，指示网络接入服务器的标识符的NAS数据，指示一个或多个打开的数据分组流和可疑活动数据。可疑活动数据表示指示可疑活动的开放数据分组流的属性的值。基于可疑活动数据确定是否满足入侵条件。如果入侵条件满足，则网关至少部分地基于除了网络地址数据之外的用户数据进行响应。

9. 发明授权

US07738452B1 Techniques for load balancing subscriber-aware application proxies 有权
标题翻译：用于负载平衡用户感知应用代理的技术
公开(公告)号：US07738452B1
公开(公告)日：2010-06-15
申请号：US11158751
申请日：2005-06-22
申请人： Christopher C. O'Rourke , Robert Batz , Kevin Shatzkamer
发明人： Christopher C. O'Rourke , Robert Batz , Kevin Shatzkamer
IPC分类号： H04L12/28 , H04L12/56
CPC分类号： H04L67/2819 , H04L47/125 , H04L67/02 , H04L67/04 , H04L67/2823 , H04L67/306 , H04L67/327 , H04L69/08 , H04W28/08
摘要： Techniques for distributing network traffic from an access server to a service gateway include receiving, at a load balancer, sticky table data that indicates an association between a particular subscriber IP address and a particular subscriber-aware service gateway in a gateway cluster. An input data packet is received with an input source address and an input transport-layer destination. If it is determined that the input transport-layer destination indicates a type of payload that uses a service gateway, then the particular service gateway associated with the particular subscriber is determined based on the sticky table and IP address in the input source address. An output data packet is directed to the particular service gateway using a link-layer or networking-layer destination address. These techniques allow a load balancer to be located anywhere on the network and to bypass a subscriber-aware service gateway for some data traffic.
摘要翻译：用于将网络流量从接入服务器分配到服务网关的技术包括在负载平衡器处接收指示特定用户IP地址和网关集群中的特定用户感知服务网关之间的关联的粘性表数据。用输入源地址和输入传输层目的地接收输入数据分组。如果确定输入传输层目的地指示使用服务网关的有效载荷的类型，则基于输入源地址中的粘性表和IP地址确定与特定用户相关联的特定服务网关。使用链路层或网络层目的地址将输出数据分组引导到特定服务网关。这些技术允许负载平衡器位于网络上的任何地方，并绕过用户感知的服务网关以获取某些数据流量。

10. 发明申请

US20120137366A1 TECHNIQUES FOR NETWORK PROTECTION BASED ON SUBSCRIBER-AWARE APPLICATION PROXIES 有权
标题翻译：基于订户应用程序代码的网络保护技术
公开(公告)号：US20120137366A1
公开(公告)日：2012-05-31
申请号：US13369498
申请日：2012-02-09
申请人： Christopher C. O'Rourke , Frank Gerard Bordonaro , Louis Menditto , Robert Batz
发明人： Christopher C. O'Rourke , Frank Gerard Bordonaro , Louis Menditto , Robert Batz
IPC分类号： G06F21/00
CPC分类号： H04L63/0227 , H04L63/1408 , H04L63/1441
摘要： Techniques for responding to intrusions on a packet switched network include receiving user data at a subscriber-aware gateway server between a network access server and a content server. The user data includes subscriber identifier data that indicates a unique identifier for a particular user, network address data that indicates a network address for a host used by the particular user, NAS data that indicates an identifier for the network access server, flow list data that indicates one or more open data packet flows, and suspicious activity data. The suspicious activity data indicates a value for a property of the open data packet flows that indicates suspicious activity. It is determined whether an intrusion condition is satisfied based on the suspicious activity data. If the intrusion condition is satisfied, then the gateway responds based at least in part on user data other than the network address data.
摘要翻译：用于响应分组交换网络上的入侵的技术包括在网络接入服务器和内容服务器之间的用户感知网关服务器处接收用户数据。用户数据包括指示特定用户的唯一标识符的用户标识符数据，指示特定用户使用的主机的网络地址的网络地址数据，指示网络接入服务器的标识符的NAS数据，指示一个或多个打开的数据分组流和可疑活动数据。可疑活动数据表示指示可疑活动的开放数据分组流的属性的值。基于可疑活动数据确定是否满足入侵条件。如果入侵条件满足，则网关至少部分地基于除了网络地址数据之外的用户数据进行响应。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式