专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US07668203B1 Network switch using a steering header for management frames 有权
标题翻译：网络交换机使用管理帧的转向头
公开(公告)号：US07668203B1
公开(公告)日：2010-02-23
申请号：US10990231
申请日：2004-11-16
申请人： Donald Pannell , Yosef Meyouhas , Maxim Mondaeev
发明人： Donald Pannell , Yosef Meyouhas , Maxim Mondaeev
IPC分类号： H04J3/24
CPC分类号： H04L12/4641
摘要： A network device, and corresponding method and computer program, comprises a plurality of ports; wherein one of the ports is configured to receive frames of data each comprising a steering header comprising a flooding mask that identifies one or more of the ports, and a management bit that when set indicates the frame of data is a management frame; wherein, for each frame received by the one of the ports, the one of the ports removes the steering header from the frame and, when the management bit is set, identifies the frame as a management frame and directs the frame to one or more of the ports based only on the flooding mask; and wherein each of the ports can operate in a blocked state that permits only frames of data identified as management frames to pass through the port.
摘要翻译：网络设备及相应的方法和计算机程序包括多个端口; 其中所述端口中的一个被配置为接收数据帧，每个数据帧包括指向头部，所述指导头包括识别所述端口中的一个或多个的泛洪掩码，以及当设置指示所述数据帧是管理帧时的管理位; 其中，对于由所述一个端口接收的每个帧，所述一个端口从所述帧中去除所述转向报头，并且当所述管理位被设置时，将所述帧识别为管理帧，并将所述帧指向一个或多个端口仅基于淹水掩模; 并且其中每个端口可以在仅允许识别为管理帧的数据帧通过端口的阻塞状态下操作。

2. 发明授权

US08111715B1 Method and apparatus for transferring a frame of data from a first network to a second network 有权
标题翻译：用于将数据帧从第一网络传送到第二网络的方法和装置
公开(公告)号：US08111715B1
公开(公告)日：2012-02-07
申请号：US12709715
申请日：2010-02-22
申请人： Donald Pannell , Yosef Meyouhas , Maxim Mondaeev
发明人： Donald Pannell , Yosef Meyouhas , Maxim Mondaeev
IPC分类号： H04J3/24
CPC分类号： H04L12/4641 , H04L12/4625
摘要： A method and apparatus for transferring a frame of data from a first network to a second network. The method includes adding a first steering header to a frame of data received by a first port that is destined for the second network. The method further includes selecting a first receive queue of a plurality of receive queues based on one or more of (i) a database number, (ii) a priority bit, and (iii) a source port identifier of the first steering header; loading the frame of data into the first receive queue; and replacing the first steering header with a second steering header. The second steering header comprises the database number and a virtual local area network table vector. The method further includes determining the second port as a destination port for the frame of data based on the database number and the virtual local area network table vector.
摘要翻译：一种用于将数据帧从第一网络传送到第二网络的方法和装置。该方法包括将第一转向报头添加到由目的地为第二网络的第一端口接收的数据帧。该方法还包括基于（i）数据库号，（ii）优先级位和（iii）第一转向头的源端口标识符中的一个或多个来选择多个接收队列的第一接收队列; 将数据帧加载到第一接收队列中; 以及用第二转向头替换所述第一转向盘。第二转向头包括数据库号和虚拟局域网表向量。该方法还包括基于数据库号和虚拟局域网表向量，将第二端口确定为数据帧的目的地端口。

3. 发明授权

US07742488B1 Router having a single CPU MAC 有权
标题翻译：路由器具有单个CPU MAC
公开(公告)号：US07742488B1
公开(公告)日：2010-06-22
申请号：US11809822
申请日：2007-06-01
申请人： Donald Pannell , Yosef Meyouhas , Peter Wang , Maxim Mondaeev
发明人： Donald Pannell , Yosef Meyouhas , Peter Wang , Maxim Mondaeev
IPC分类号： H04L12/28 , H04L12/56
CPC分类号： H04L45/60 , H04L12/2852 , H04L45/66
摘要： A network device comprises one or more first ports to receive at least one layer 2 frame of data comprising a media access control (MAC) client data field. An egress policy module adds M bits to the frame of data before the MAC client data field, where M is an integer greater than zero. A second port transmits the frame of data after the M bits are added to the frame of data.
摘要翻译：网络设备包括用于接收包括媒体访问控制（MAC）客户端数据字段的数据的至少一个第二层数据的一个或多个第一端口。出口策略模块在MAC客户端数据字段之前向数据帧添加M位，其中M是大于零的整数。在将M位添加到数据帧之后，第二端口发送数据帧。

4. 发明授权

US07653071B1 Router having a single CPU MAC 有权
标题翻译：路由器具有单个CPU MAC
公开(公告)号：US07653071B1
公开(公告)日：2010-01-26
申请号：US10292181
申请日：2002-11-12
申请人： Donald Pannell , Yosef Meyouhas , Peter Wang , Maxim Mondaeev
发明人： Donald Pannell , Yosef Meyouhas , Peter Wang , Maxim Mondaeev
IPC分类号： H04L12/28 , H04L12/56
CPC分类号： H04L45/60 , H04L12/2852 , H04L45/66
摘要： A method, apparatus, and computer-readable media for transferring data from a first network to a second network through a network device, comprising. It comprises receiving a frame of the data from the first network, the frame comprising an internet protocol address; transmitting the frame to a media access controller of the network device; transmitting the frame from the media access controller to a processor of the network device, wherein the processor modifies the internet protocol address; transmitting the frame from the processor to the media access controller; and transmitting the frame from the media access controller to the second network.
摘要翻译：一种用于通过网络设备将数据从第一网络传输到第二网络的方法，装置和计算机可读介质，包括。它包括从第一网络接收数据帧，该帧包括一个互联网协议地址; 将所述帧发送到所述网络设备的媒体接入控制器; 将所述帧从所述媒体接入控制器发送到所述网络设备的处理器，其中所述处理器修改所述因特网协议地址; 将帧从处理器传送到媒体访问控制器; 以及将所述帧从所述媒体接入控制器发送到所述第二网络。

5. 发明授权

US08804738B1 Method and apparatus for transferring a frame of data from a first network to a second network 有权
标题翻译：用于将数据帧从第一网络传送到第二网络的方法和装置
公开(公告)号：US08804738B1
公开(公告)日：2014-08-12
申请号：US13366791
申请日：2012-02-06
申请人： Donald Pannell , Yosef Meyouhas , Maxim Mondaeev
发明人： Donald Pannell , Yosef Meyouhas , Maxim Mondaeev
IPC分类号： H04L12/56
CPC分类号： H04L12/4641 , H04L12/4625
摘要： A network interface controller comprising a first media access controller, a header decoder, a second media access controller. The first media access controller is configured to receive, from a first port, a frame of data transferred from one of a plurality of second ports, wherein the frame of data includes a first steering header identifying the one of the plurality of second ports. The header decoder is configured to transfer the frame of data to a memory based on the first steering header. The second media access controller is configured to receive the frame of data from the memory based on the first steering header, and transmit the frame of data, with a second steering header, from the network interface controller to a destination port based on the second steering header.
摘要翻译：一种网络接口控制器，包括第一媒体接入控制器，报头解码器，第二媒体接入控制器。第一媒体接入控制器被配置为从第一端口接收从多个第二端口之一传送的数据帧，其中数据帧包括标识多个第二端口中的一个的第一转向头。头解码器被配置为基于第一转向头将数据帧传送到存储器。第二媒体接入控制器被配置为基于第一转向报头从存储器接收数据帧，并且基于第二转向器将来自网络接口控制器的数据帧与第二转向报头发送到目的地端口标题。

6. 发明授权

US07715415B1 Router having a single CPU MAC 有权
标题翻译：路由器具有单个CPU MAC
公开(公告)号：US07715415B1
公开(公告)日：2010-05-11
申请号：US11809844
申请日：2007-06-01
申请人： Donald Pannell , Yosef Meyouhas , Peter Wang , Maxim Mondaeev
发明人： Donald Pannell , Yosef Meyouhas , Peter Wang , Maxim Mondaeev
IPC分类号： H04L12/28 , H04L12/56
CPC分类号： H04L45/60 , H04L12/2852 , H04L45/66
摘要： A network device for transferring data from a first network to a second network comprises a switch comprising a first port adapted to receive a frame of the data from the first network and a second port adapted to transmit the frame to the second network. The frame comprises a plurality of words including a first word comprising a first portion of an internet protocol address and a second word comprising a second portion of the internet protocol address. The switch adds one or more bits to the frame so that the first and second portions of the internet protocol address appear within a single word of the frame. A processor receives the frame from the switch, and to modify the internet protocol address in the frame. The switch receives the frame from the processor, and removes the one or more bits from the frame before the second port transmits the frame to the second network.
摘要翻译：用于将数据从第一网络传送到第二网络的网络设备包括交换机，其包括适于从第一网络接收数据帧的第一端口和适于将帧发送到第二网络的第二端口。该帧包括多个单词，包括包括因特网协议地址的第一部分的第一个单词和包含因特网协议地址的第二部分的第二单词。交换机将一个或多个比特添加到该帧，使得互联网协议地址的第一和第二部分出现在帧的单个单词内。处理器从交换机接收帧，并修改帧中的因特网协议地址。交换机从处理器接收帧，并且在第二端口将帧发送到第二网络之前从帧中移除一个或多个比特。

7. 发明授权

US07564857B1 Router having a single CPU MAC 有权
标题翻译：路由器具有单个CPU MAC
公开(公告)号：US07564857B1
公开(公告)日：2009-07-21
申请号：US11809823
申请日：2007-06-01
申请人： Donald Pannell , Yosef Meyouhas , Peter Wang , Maxim Mondaeev
发明人： Donald Pannell , Yosef Meyouhas , Peter Wang , Maxim Mondaeev
IPC分类号： H04L12/28 , H04L12/56
CPC分类号： H04L45/00 , H04L45/302 , H04L45/60
摘要： A router comprises a processor, a single media access controller connected to the processor; and a switch comprising a plurality of ports, wherein one of the ports is connected to the single media access controller.
摘要翻译：路由器包括处理器，连接到处理器的单个媒体访问控制器; 以及包括多个端口的交换机，其中一个端口连接到单个媒体访问控制器。

8. 发明授权

US08448234B2 Method and apparatus for deep packet inspection for network intrusion detection 有权
标题翻译：用于网络入侵检测的深度包检测方法和装置
公开(公告)号：US08448234B2
公开(公告)日：2013-05-21
申请号：US12031130
申请日：2008-02-14
申请人： Maxim Mondaeev , Tal Anker , Yosef Meyouhas
发明人： Maxim Mondaeev , Tal Anker , Yosef Meyouhas
IPC分类号： G06F15/16 , G06F11/00 , G06F11/30 , G01R31/08 , H04L12/28
CPC分类号： H04L47/12 , H04L63/1408 , H04L63/20
摘要： In a method of determining whether a data stream includes unauthorized data, the data stream is analyzed using a hardware filter to detect a presence of one or more of a first set of patterns in the data stream. It is determined whether a packet in the data stream belongs to one of a plurality of data flows to be further inspected based on the analysis of the data stream by the hardware filter. A set of rules is applied to the packet to produce rule match status data if it is determined that the packet belongs to one of the plurality of data flows to be further inspected. The packet is analyzed to determine if the packet includes unauthorized data using software stored on a computer-readable medium and implemented on a processor if the rule match status data indicates that the packet potentially includes unauthorized data.
摘要翻译：在确定数据流是否包括未授权数据的方法中，使用硬件过滤器来分析数据流，以检测数据流中的第一组模式中的一个或多个的存在。基于硬件滤波器对数据流的分析，确定数据流中的分组是否属于要进一步检查的多个数据流中的一个。如果确定分组属于要进一步检查的多个数据流中的一个数据流，则将一组规则应用于分组以产生规则匹配状态数据。分析分组以使用存储在计算机可读介质上并在处理器上实现的软件来确定分组是否包括未授权数据，如果规则匹配状态数据指示分组潜在地包括未经授权的数据。

9. 发明申请

US20080201772A1 Method and Apparatus for Deep Packet Inspection for Network Intrusion Detection 有权
标题翻译：网络入侵检测深度包检测方法与装置
公开(公告)号：US20080201772A1
公开(公告)日：2008-08-21
申请号：US12031130
申请日：2008-02-14
申请人： Maxim Mondaeev , Tal Anker , Yosef Meyouhas
发明人： Maxim Mondaeev , Tal Anker , Yosef Meyouhas
IPC分类号： G06F11/30
CPC分类号： H04L47/12 , H04L63/1408 , H04L63/20
摘要： In a method of determining whether a data stream includes unauthorized data, the data stream is analyzed using a hardware filter to detect a presence of one or more of a first set of patterns in the data stream. It is determined whether a packet in the data stream belongs to one of a plurality of data flows to be further inspected based on the analysis of the data stream by the hardware filter. A set of rules is applied to the packet to produce rule match status data if it is determined that the packet belongs to one of the plurality of data flows to be further inspected. The packet is analyzed to determine if the packet includes unauthorized data using software stored on a computer-readable medium and implemented on a processor if the rule match status data indicates that the packet potentially includes unauthorized data.
摘要翻译：在确定数据流是否包括未授权数据的方法中，使用硬件过滤器来分析数据流，以检测数据流中的第一组模式中的一个或多个的存在。基于硬件滤波器对数据流的分析，确定数据流中的分组是否属于要进一步检查的多个数据流中的一个。如果确定分组属于要进一步检查的多个数据流中的一个数据流，则将一组规则应用于分组以产生规则匹配状态数据。分析分组以使用存储在计算机可读介质上并在处理器上实现的软件来确定分组是否包括未授权数据，如果规则匹配状态数据指示分组潜在地包括未经授权的数据。

10. 发明申请

US20070223388A1 Hardware implementation of network testing and performance monitoring in a network device 有权
标题翻译：网络设备中网络测试和性能监控的硬件实现
公开(公告)号：US20070223388A1
公开(公告)日：2007-09-27
申请号：US11387549
申请日：2006-03-22
申请人： Nir Arad , Tsahi Daniel , Maxim Mondaeev
发明人： Nir Arad , Tsahi Daniel , Maxim Mondaeev
IPC分类号： H04J1/16
CPC分类号： H04L1/24 , H04L43/028 , H04L43/0829 , H04L43/087 , H04L43/106 , H04L43/50
摘要： An embodiment of the present invention offloads the generation and monitoring of test packets from a Central processing Unit (CPU) to a dedicated network integrated circuit, such as a router, bridge or switch chip associated with the CPU. The CPU may download test routines and test data to the network IC, which then generates the test packets, identifies and handles received test packets, collects test statistics, and performs other test functions all without loading the CPU. The CPU may be notified when certain events occur, such as when throughput or jitter thresholds for the network are exceeded.
摘要翻译：本发明的实施例将测试分组的生成和监视从中央处理单元（CPU）卸载到专用网络集成电路，例如与CPU相关联的路由器，桥接器或交换芯片。 CPU可以将测试例程和测试数据下载到网络IC，然后生成测试数据包，识别和处理接收到的测试数据包，收集测试统计信息，并在不加载CPU的情况下执行其他测试功能。当某些事件发生时，例如当网络的吞吐量或抖动阈值被超过时，可能会通知CPU。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式