公开(公告)号：US20170324778A1

公开(公告)日：2017-11-09

申请号：US15147125

申请日：2016-05-05

Applicant: IXIA

Inventor： Scott Register ,  Shardendu Pandey ,  Glenn Chagnot ,  Deepesh Arora

IPC: H04L29/06 ,  H04L12/26

CPC classification number: H04L63/20 ,  H04L43/0864 ,  H04L43/106 ,  H04L43/16

Abstract: Latency-based timeouts are used for concurrent security processing by multiple in-line network security tools. A network system forwards secure network packets to the tools and uses latency-based timeouts with respect to the return of processed packets from the tools. Initially, the network system measures processing latencies for the tools and sets at least one timeout threshold based upon the processing latencies. The network system then receives an input packet from a network source, generates a timestamp, concurrently sends an output packet to the tools based upon the input packet, tracks return packets from the tools, and determines whether a timeout has occurred with respect to the timeout threshold based upon a difference between the timestamp and a current timestamp. If a timeout does not occur, a secure packet is forwarded to a network destination. If a timeout does occur, return packet tracking for the input packet is ended.

公开(公告)号：US09785527B2

公开(公告)日：2017-10-10

申请号：US14224024

申请日：2014-03-24

Applicant: Ixia

Inventor： Alon Regev ,  Deepesh Arora ,  Toshal Dudhwala ,  Anirban Majumder

IPC: G06F9/44 ,  G06F9/45 ,  G06F9/455 ,  G06F11/263 ,  G06F9/30 ,  G06F11/20 ,  G06F11/26 ,  G06F9/445 ,  G06F11/36

CPC classification number: G06F11/263 ,  G06F8/65 ,  G06F9/30076 ,  G06F9/45533 ,  G06F9/45537 ,  G06F11/203 ,  G06F11/261 ,  G06F11/3688

Abstract: Methods, systems, and computer readable media for emulating virtualization resources are disclosed. According to one method, the method occurs at a computing platform. The method includes receiving a message associated with a device under test (DUT) and in response to receiving the message, performing an action associated with at least one of an emulated hypervisor and an emulated virtual machine (VM).

公开(公告)号：US10051006B2

公开(公告)日：2018-08-14

申请号：US15147125

申请日：2016-05-05

Applicant: IXIA

Inventor： Scott Register ,  Shardendu Pandey ,  Glenn Chagnot ,  Deepesh Arora

IPC: H04L29/06 ,  H04L12/26

Abstract: Latency-based timeouts are used for concurrent security processing by multiple in-line network security tools. A network system forwards secure network packets to the tools and uses latency-based timeouts with respect to the return of processed packets from the tools. Initially, the network system measures processing latencies for the tools and sets at least one timeout threshold based upon the processing latencies. The network system then receives an input packet from a network source, generates a timestamp, concurrently sends an output packet to the tools based upon the input packet, tracks return packets from the tools, and determines whether a timeout has occurred with respect to the timeout threshold based upon a difference between the timestamp and a current timestamp. If a timeout does not occur, a secure packet is forwarded to a network destination. If a timeout does occur, return packet tracking for the input packet is ended.

公开(公告)号：US20150319072A1

公开(公告)日：2015-11-05

申请号：US14270333

申请日：2014-05-05

Applicant: IXIA

Inventor： Pinaki Chakrabarti ,  Alok Srivastava ,  Deepesh Arora

IPC: H04L12/26

CPC classification number: H04L43/50

Abstract: Methods, systems, and computer readable media for providing fuzz testing functionality are disclosed. According to one method, the method includes at a fuzz testing module (FTM), generating a plurality of test messages, including a test message including fuzzed data, generating fuzzed message identification information, and transmitting the test message and the fuzzed message identification information to a device under test (DUT). The method also includes at a packet analyzer located between the FTM and the DUT, receiving the plurality of test messages and the fuzzed message identification information, and identifying the test message including the fuzzed data using the fuzzed message identification information.

Abstract translation: 公开了用于提供绒毛测试功能的方法，系统和计算机可读介质。 根据一种方法，该方法包括在模糊测试模块（FTM）中，生成多个测试消息，包括包含模糊数据的测试消息，生成模糊消息识别信息，以及将测试消息和模糊消息识别信息发送到 被测设备（DUT）。 该方法还包括位于FTM和DUT之间的分组分析器，接收多个测试消息和模糊消息识别信息，以及使用模糊消息识别信息来识别包括模糊数据的测试消息。

公开(公告)号：US10511508B2

公开(公告)日：2019-12-17

申请号：US15147221

申请日：2016-05-05

Applicant: IXIA

Inventor： Deepesh Arora

IPC: H04L12/26 ,  H04L29/06 ,  H04L12/741 ,  H04L12/823

Abstract: Network packet forwarding systems and methods are disclosed to push pre-processing tasks to network tap devices. In certain embodiments, packet flows from multiple monitoring points within a packet network communication system are monitored by a plurality of network tap devices to generate tapped packet flows associated with monitored network traffic flows. The tapped packet flows are transmitted from each network tap device to a tap controller, and the tap controller generates pre-processing rules based upon the tapped packet flows. Control messages including the pre-processing rules are then transmitted from the tap controller to the network tap devices, and the tapped packet flows are pre-processed at the network tap devices using the pre-processing rules to generate pre-processed packet flows. These pre-processed packet flows are then transmitted back to the tap controller where they are further processed and output to one or more destination devices.

公开(公告)号：US10142212B2

公开(公告)日：2018-11-27

申请号：US14922391

申请日：2015-10-26

Applicant: IXIA

Inventor： Anirban Majumder ,  Marcel Desdier ,  Deepesh Arora

IPC: H04L29/06 ,  H04L12/24 ,  H04L12/26 ,  G06F9/455

Abstract: Systems and methods are disclosed to provide on demand packet traffic monitoring for packet communications within virtual packet processing environments. Virtual TAPs (test access ports) within virtualization layers for VM (virtual machine) host hardware systems are controlled by external controllers to configure watch filters for VM platforms operating within the virtualization layer based upon trigger events determined within packet flow data and/or based upon other external trigger events. The virtual TAP controller then periodically receives watch filter packet data updates from the virtual TAP and further controls the virtual TAP to configure more detailed focus filters for the VM platforms based upon watch filter trigger events. The virtual TAP controller can further communicate one or more VM action commands (e.g., stop VM, stop application, etc.) to the virtual TAP for application to the VM platforms based upon trigger events associated with this more detailed focus filter data.

公开(公告)号：US20170324632A1

公开(公告)日：2017-11-09

申请号：US15147221

申请日：2016-05-05

Applicant: IXIA

Inventor： Deepesh Arora

IPC: H04L12/26 ,  H04L12/823 ,  H04L12/741

CPC classification number: H04L43/0852 ,  H04L43/04 ,  H04L43/12 ,  H04L45/74 ,  H04L47/32 ,  H04L63/1441

Abstract: Network packet forwarding systems and methods are disclosed to push pre-processing tasks to network tap devices. In certain embodiments, packet flows from multiple monitoring points within a packet network communication system are monitored by a plurality of network tap devices to generate tapped packet flows associated with monitored network traffic flows. The tapped packet flows are transmitted from each network tap device to a tap controller, and the tap controller generates pre-processing rules based upon the tapped packet flows. Control messages including the pre-processing rules are then transmitted from the tap controller to the network tap devices, and the tapped packet flows are pre-processed at the network tap devices using the pre-processing rules to generate pre-processed packet flows. These pre-processed packet flows are then transmitted back to the tap controller where they are further processed and output to one or more destination devices.

公开(公告)号：US20170118102A1

公开(公告)日：2017-04-27

申请号：US14922391

申请日：2015-10-26

Applicant: IXIA

Inventor： Anirban Majumder ,  Marcel Desdier ,  Deepesh Arora

IPC: H04L12/26 ,  G06F9/455

CPC classification number: H04L43/0894 ,  G06F9/45533 ,  G06F9/45558 ,  G06F2009/45591 ,  G06F2009/45595 ,  H04L43/026 ,  H04L43/04 ,  H04L43/12

Abstract: Systems and methods are disclosed to provide on demand packet traffic monitoring for packet communications within virtual packet processing environments. Virtual TAPs (test access ports) within virtualization layers for VM (virtual machine) host hardware systems are controlled by external controllers to configure watch filters for VM platforms operating within the virtualization layer based upon trigger events determined within packet flow data and/or based upon other external trigger events. The virtual TAP controller then periodically receives watch filter packet data updates from the virtual TAP and further controls the virtual TAP to configure more detailed focus filters for the VM platforms based upon watch filter trigger events. The virtual TAP controller can further communicate one or more VM action commands (e.g., stop VM, stop application, etc.) to the virtual TAP for application to the VM platforms based upon trigger events associated with this more detailed focus filter data.

公开(公告)号：US09497100B2

公开(公告)日：2016-11-15

申请号：US14270333

申请日：2014-05-05

Applicant: Ixia

Inventor： Pinaki Chakrabarti ,  Alok Srivastava ,  Deepesh Arora

IPC: H04L12/26

CPC classification number: H04L43/50

Abstract: Methods, systems, and computer readable media for providing fuzz testing functionality are disclosed. According to one method, the method includes at a fuzz testing module (FTM), generating a plurality of test messages, including a test message including fuzzed data, generating fuzzed message identification information, and transmitting the test message and the fuzzed message identification information to a device under test (DUT). The method also includes at a packet analyzer located between the FTM and the DUT, receiving the plurality of test messages and the fuzzed message identification information, and identifying the test message including the fuzzed data using the fuzzed message identification information.

Abstract translation: 公开了用于提供绒毛测试功能的方法，系统和计算机可读介质。 根据一种方法，该方法包括在模糊测试模块（FTM）中，生成多个测试消息，包括包含模糊数据的测试消息，生成模糊消息识别信息，以及将测试消息和模糊消息识别信息发送到 被测设备（DUT）。 该方法还包括位于FTM和DUT之间的分组分析器，接收多个测试消息和模糊消息识别信息，以及使用模糊消息识别信息来识别包括模糊数据的测试消息。

公开(公告)号：US20150051872A1

公开(公告)日：2015-02-19

申请号：US14462068

申请日：2014-08-18

Applicant: Ixia

Inventor： Deepesh Arora ,  Kirit Bhamre ,  Noah Gintis

IPC: G06F11/34

CPC classification number: G06F11/3428 ,  G06F11/3414 ,  G06F11/3419

Abstract: Methods, systems, and computer readable media for benchmark reference testing of data center or network equipment are disclosed. One method includes, using a network or data center test device, executing a plurality of performance tests to test a plurality of different performance parameters of a network or data center device under test. The method further includes obtaining individual test results for each of the different performance parameters. The method further includes generating a multi-dimensional score that combines the individual test results from the different performance parameters to indicate a composite performance of the data center or network device. The method further includes outputting the multi-dimensional score to a user.

Abstract translation: 披露了数据中心或网络设备基准参考测试的方法，系统和计算机可读介质。 一种方法包括使用网络或数据中心测试设备执行多个性能测试以测试被测网络或数据中心设备的多个不同性能参数。 该方法还包括获得针对每个不同性能参数的各个测试结果。 该方法还包括生成多维分数，其将来自不同性能参数的各个测试结果组合以指示数据中心或网络设备的复合性能。 该方法还包括向用户输出多维得分。