WO2001022642A3 - System and method for presorting rules for filtering packets on a network - Google Patents

System and method for presorting rules for filtering packets on a network Download PDF

Info

Publication number
WO2001022642A3
WO2001022642A3 PCT/IL2000/000591 IL0000591W WO0122642A3 WO 2001022642 A3 WO2001022642 A3 WO 2001022642A3 IL 0000591 W IL0000591 W IL 0000591W WO 0122642 A3 WO0122642 A3 WO 0122642A3
Authority
WO
WIPO (PCT)
Prior art keywords
rules
presorting
network
filtering packets
packet
Prior art date
Application number
PCT/IL2000/000591
Other languages
French (fr)
Other versions
WO2001022642A2 (en
Inventor
Rony Zarom
Yarom Mizrachi
Original Assignee
Comverse Network Systems Ltd
Rony Zarom
Yarom Mizrachi
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Comverse Network Systems Ltd, Rony Zarom, Yarom Mizrachi filed Critical Comverse Network Systems Ltd
Priority to IL14883000A priority Critical patent/IL148830A0/en
Priority to AU74435/00A priority patent/AU7443500A/en
Publication of WO2001022642A2 publication Critical patent/WO2001022642A2/en
Publication of WO2001022642A3 publication Critical patent/WO2001022642A3/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/105Multiple levels of security
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • H04L63/0263Rule management

Abstract

A method and a system for presorting rules for packet filtering in a network security filter according to characteristics of the packet. The method uses presorting rules (steps 3-5) to limit the number of packet sorting rules that must be examined (step 9). The method provides an efficient means of managing profiles for the network manager of the security filter.
PCT/IL2000/000591 1999-09-24 2000-09-24 System and method for presorting rules for filtering packets on a network WO2001022642A2 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
IL14883000A IL148830A0 (en) 1999-09-24 2000-09-24 System and method for presorting rules for filtering packets on a network
AU74435/00A AU7443500A (en) 1999-09-24 2000-09-24 System and method for presorting rules for filtering packets on a network

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US15556899P 1999-09-24 1999-09-24
US60/155,568 1999-09-24

Publications (2)

Publication Number Publication Date
WO2001022642A2 WO2001022642A2 (en) 2001-03-29
WO2001022642A3 true WO2001022642A3 (en) 2002-05-30

Family

ID=22555950

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IL2000/000591 WO2001022642A2 (en) 1999-09-24 2000-09-24 System and method for presorting rules for filtering packets on a network

Country Status (3)

Country Link
AU (1) AU7443500A (en)
IL (1) IL148830A0 (en)
WO (1) WO2001022642A2 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9219680B2 (en) 2006-12-07 2015-12-22 Cisco Technology, Inc. Scalability of providing packet flow management

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2425912A (en) * 2005-05-04 2006-11-08 Psytechnics Ltd Packet filtering
CN101390432B (en) * 2006-01-04 2013-01-02 思达伦特网络有限责任公司 Selecting application session services to process packet data streams based on profile information
US9241190B2 (en) 2010-08-24 2016-01-19 Cisco Technology, Inc. Generating a response to video content request including dynamically processed video content
US9521439B1 (en) 2011-10-04 2016-12-13 Cisco Technology, Inc. Systems and methods for correlating multiple TCP sessions for a video transfer
US8755342B2 (en) 2011-10-05 2014-06-17 Cisco Technology, Inc. System and method for dynamic bearer selection for immersive video collaboration in mobile wireless networks
US8903955B2 (en) 2011-12-02 2014-12-02 Cisco Technology, Inc. Systems and methods for intelligent video delivery and cache management

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1998026555A1 (en) * 1996-12-09 1998-06-18 Sun Microsystems, Inc. Method and apparatus for dynamic packet filter assignment
WO1998026552A1 (en) * 1996-12-09 1998-06-18 Sun Microsystems, Inc. Method and apparatus for access control in a distributed multiserver network environment
US5844620A (en) * 1995-08-11 1998-12-01 General Instrument Corporation Method and apparatus for displaying an interactive television program guide
US6070242A (en) * 1996-12-09 2000-05-30 Sun Microsystems, Inc. Method to activate unregistered systems in a distributed multiserver network environment
US6092110A (en) * 1997-10-23 2000-07-18 At&T Wireless Svcs. Inc. Apparatus for filtering packets using a dedicated processor
US6158008A (en) * 1997-10-23 2000-12-05 At&T Wireless Svcs. Inc. Method and apparatus for updating address lists for a packet filter processor
US6160545A (en) * 1997-10-24 2000-12-12 General Instrument Corporation Multi-regional interactive program guide for television

Patent Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5844620A (en) * 1995-08-11 1998-12-01 General Instrument Corporation Method and apparatus for displaying an interactive television program guide
WO1998026555A1 (en) * 1996-12-09 1998-06-18 Sun Microsystems, Inc. Method and apparatus for dynamic packet filter assignment
WO1998026552A1 (en) * 1996-12-09 1998-06-18 Sun Microsystems, Inc. Method and apparatus for access control in a distributed multiserver network environment
US5835727A (en) * 1996-12-09 1998-11-10 Sun Microsystems, Inc. Method and apparatus for controlling access to services within a computer network
US5848233A (en) * 1996-12-09 1998-12-08 Sun Microsystems, Inc. Method and apparatus for dynamic packet filter assignment
US6070242A (en) * 1996-12-09 2000-05-30 Sun Microsystems, Inc. Method to activate unregistered systems in a distributed multiserver network environment
US6092110A (en) * 1997-10-23 2000-07-18 At&T Wireless Svcs. Inc. Apparatus for filtering packets using a dedicated processor
US6158008A (en) * 1997-10-23 2000-12-05 At&T Wireless Svcs. Inc. Method and apparatus for updating address lists for a packet filter processor
US6160545A (en) * 1997-10-24 2000-12-12 General Instrument Corporation Multi-regional interactive program guide for television

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9219680B2 (en) 2006-12-07 2015-12-22 Cisco Technology, Inc. Scalability of providing packet flow management

Also Published As

Publication number Publication date
AU7443500A (en) 2001-04-24
IL148830A0 (en) 2002-09-12
WO2001022642A2 (en) 2001-03-29

Similar Documents

Publication Publication Date Title
WO2005041503A3 (en) Method and apparatus for two-stage packet classification using most specific filter matching and transport level sharing
WO2001086380A3 (en) Systems and methods for isolating faults in computer networks
EP0576122A3 (en) Packet network and method for congestion avoidance in packet networks.
AU684983B2 (en) Communication network structure, communication network system based on the same and communication method therefor
WO2001047186A3 (en) Bandwidth management system
WO2002057935A8 (en) Method and device for monitoring data traffic and preventing unauthorized access to a network
CA2274299A1 (en) Method and apparatus for automated network-wide surveillance and security breach intervention
CA2138058A1 (en) Method for controlling computer network security
EP0621706A3 (en) System and method for monitoring simple network management protocol tables.
WO2002019062A3 (en) A method and system to implement policy-based network traffic management
AU6268300A (en) System and method for performing secure electronic transactions over an open communication network
AU1662399A (en) Method and communication system for processing alarms in a management network with several management levels
AU2001269794A1 (en) Method and apparatus for enhancing network security protection server performance
AU4903097A (en) System and device for, and method of, detecting, characterizing, and mitigating deterministic distortion in communications network
CA2332148A1 (en) Method for detecting delayed data frames in a transport function
CA2408233A1 (en) Network usage monitoring device and associated method
EP1484887A3 (en) A multi-layer based method for implementing network firewalls
AU2001281253A1 (en) System and method for integrating disparate networks for use in electronic communication and commerce
WO2002033870A3 (en) Methods and apparatus for protecting against overload conditions on nodes of a distributed network
HUT74351A (en) Electronic bill pay system, method and network
EP0681248A3 (en) Customer management terminal equipment, customer managing method, and media for customer management.
AU2170600A (en) System and method for prioritizing multicast packets in a network service class
AU2170500A (en) System and method for pre-filtering low priority packets at network nodes in a network service class utilizing priority-based quality of service
WO2003045044A3 (en) System and method for charging in a communication network
WO2002013486A3 (en) System and method for processing network accounting information

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CR CU CZ DE DE DK DM DZ EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG US UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
WWE Wipo information: entry into national phase

Ref document number: 148830

Country of ref document: IL

AK Designated states

Kind code of ref document: A3

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CR CU CZ DE DE DK DM DZ EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG US UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A3

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase

Ref country code: JP