公开(公告)号：US11968102B2

公开(公告)日：2024-04-23

申请号：US15171618

申请日：2016-06-02

Applicant: Cisco Technology, Inc.

Inventor： Khawar Deen ,  Navindra Yadav ,  Anubhav Gupta ,  Shashidhar Gandham ,  Rohit Chandra Prasad ,  Abhishek Ranjan Singh ,  Shih-Chun Chang

IPC: G06F15/16 ,  G06F3/0482 ,  G06F3/04842 ,  G06F3/04847 ,  G06F9/455 ,  G06F16/11 ,  G06F16/13 ,  G06F16/16 ,  G06F16/17 ,  G06F16/174 ,  G06F16/23 ,  G06F16/2457 ,  G06F16/248 ,  G06F16/28 ,  G06F16/29 ,  G06F16/9535 ,  G06F21/53 ,  G06F21/55 ,  G06F21/56 ,  G06N20/00 ,  G06N99/00 ,  G06T11/20 ,  H04J3/06 ,  H04J3/14 ,  H04L1/24 ,  H04L9/08 ,  H04L9/32 ,  H04L9/40 ,  H04L41/046 ,  H04L41/0668 ,  H04L41/0803 ,  H04L41/0806 ,  H04L41/0816 ,  H04L41/0893 ,  H04L41/12 ,  H04L41/16 ,  H04L41/22 ,  H04L43/02 ,  H04L43/026 ,  H04L43/04 ,  H04L43/045 ,  H04L43/062 ,  H04L43/08 ,  H04L43/0805 ,  H04L43/0811 ,  H04L43/0829 ,  H04L43/0852 ,  H04L43/0864 ,  H04L43/0876 ,  H04L43/0882 ,  H04L43/0888 ,  H04L43/10 ,  H04L43/106 ,  H04L43/12 ,  H04L43/16 ,  H04L45/00 ,  H04L45/302 ,  H04L45/50 ,  H04L45/74 ,  H04L47/11 ,  H04L47/20 ,  H04L47/2441 ,  H04L47/2483 ,  H04L47/28 ,  H04L47/31 ,  H04L47/32 ,  H04L61/5007 ,  H04L67/01 ,  H04L67/10 ,  H04L67/1001 ,  H04L67/12 ,  H04L67/51 ,  H04L67/75 ,  H04L69/16 ,  H04L69/22 ,  H04W72/54 ,  H04W84/18 ,  H04L67/50

CPC classification number: H04L43/045 ,  G06F3/0482 ,  G06F3/04842 ,  G06F3/04847 ,  G06F9/45558 ,  G06F16/122 ,  G06F16/137 ,  G06F16/162 ,  G06F16/17 ,  G06F16/173 ,  G06F16/174 ,  G06F16/1744 ,  G06F16/1748 ,  G06F16/2322 ,  G06F16/235 ,  G06F16/2365 ,  G06F16/24578 ,  G06F16/248 ,  G06F16/285 ,  G06F16/288 ,  G06F16/29 ,  G06F16/9535 ,  G06F21/53 ,  G06F21/552 ,  G06F21/556 ,  G06F21/566 ,  G06N20/00 ,  G06N99/00 ,  G06T11/206 ,  H04J3/0661 ,  H04J3/14 ,  H04L1/242 ,  H04L9/0866 ,  H04L9/3239 ,  H04L9/3242 ,  H04L41/046 ,  H04L41/0668 ,  H04L41/0803 ,  H04L41/0806 ,  H04L41/0816 ,  H04L41/0893 ,  H04L41/12 ,  H04L41/16 ,  H04L41/22 ,  H04L43/02 ,  H04L43/026 ,  H04L43/04 ,  H04L43/062 ,  H04L43/08 ,  H04L43/0805 ,  H04L43/0811 ,  H04L43/0829 ,  H04L43/0841 ,  H04L43/0858 ,  H04L43/0864 ,  H04L43/0876 ,  H04L43/0882 ,  H04L43/0888 ,  H04L43/10 ,  H04L43/106 ,  H04L43/12 ,  H04L43/16 ,  H04L45/306 ,  H04L45/38 ,  H04L45/46 ,  H04L45/507 ,  H04L45/66 ,  H04L45/74 ,  H04L47/11 ,  H04L47/20 ,  H04L47/2441 ,  H04L47/2483 ,  H04L47/28 ,  H04L47/31 ,  H04L47/32 ,  H04L61/5007 ,  H04L63/0227 ,  H04L63/0263 ,  H04L63/06 ,  H04L63/0876 ,  H04L63/1408 ,  H04L63/1416 ,  H04L63/1425 ,  H04L63/1433 ,  H04L63/1441 ,  H04L63/145 ,  H04L63/1458 ,  H04L63/1466 ,  H04L63/16 ,  H04L63/20 ,  H04L67/01 ,  H04L67/10 ,  H04L67/1001 ,  H04L67/12 ,  H04L67/51 ,  H04L67/75 ,  H04L69/16 ,  H04L69/22 ,  H04W72/54 ,  H04W84/18 ,  G06F2009/4557 ,  G06F2009/45587 ,  G06F2009/45591 ,  G06F2009/45595 ,  G06F2221/033 ,  G06F2221/2101 ,  G06F2221/2105 ,  G06F2221/2111 ,  G06F2221/2115 ,  G06F2221/2145 ,  H04L67/535

Abstract: A method includes analyzing, via a first capturing agent, packets processed in a first environment associated with a first host to yield first data. The method includes analyzing, via a second capturing agent, packets processed by a second environment associated with a second host to yield second data, collecting the first data and the second data at a collector to yield aggregated data, transmitting the aggregated data to an analysis engine which analyzes the aggregated data to yield an analysis. Based on the analysis, the method includes identifying first packet loss at the first environment and second packet loss at the second environment.

公开(公告)号：US11683618B2

公开(公告)日：2023-06-20

申请号：US17529727

申请日：2021-11-18

Applicant: Cisco Technology, Inc.

Inventor： Ashutosh Kulshreshtha ,  Omid Madani ,  Vimal Jeyakumar ,  Navindra Yadav ,  Ali Parandehgheibi ,  Andy Sloane ,  Kai Chang ,  Khawar Deen ,  Shih-Chun Chang ,  Hai Vu

IPC: H04L67/12 ,  H04L43/16 ,  H04Q9/02 ,  H04L43/04 ,  G06F11/34 ,  H04L9/40 ,  H04L43/026 ,  H04L41/0631 ,  H04L41/0681 ,  H04L41/14 ,  H04L67/125

CPC classification number: H04Q9/02 ,  G06F11/3495 ,  H04L41/064 ,  H04L41/0681 ,  H04L43/026 ,  H04L43/04 ,  H04L63/1425 ,  H04L67/12 ,  H04L41/14 ,  H04L43/16 ,  H04L67/125 ,  H04Q2209/20

Abstract: An application and network analytics platform can capture telemetry from servers and network devices operating within a network. The application and network analytics platform can determine an application dependency map (ADM) for an application executing in the network. Using the ADM, the application and network analytics platform can resolve flows into flowlets of various granularities, and determine baseline metrics for the flowlets. The baseline metrics can include transmission times, processing times, and/or data sizes for the flowlets. The application and network analytics platform can compare new flowlets against the baselines to assess availability, load, latency, and other performance metrics for the application. In some implementations, the application and network analytics platform can automate remediation of unavailability, load, latency, and other application performance issues.

公开(公告)号：US20230040556A1

公开(公告)日：2023-02-09

申请号：US17819888

申请日：2022-08-15

Applicant: Cisco Technology, Inc.

Inventor： Sunil Kumar Gupta ,  Navindra Yadav ,  Michael Standish Watts ,  Ali Parandehgheibi ,  Shashidhar Gandham ,  Ashutosh Kulshreshtha ,  Khawar Deen

IPC: H04L43/045 ,  H04L9/40 ,  G06F9/455 ,  G06N20/00 ,  G06F21/55 ,  G06F21/56 ,  G06F16/28 ,  G06F16/2457 ,  G06F16/248 ,  G06F16/29 ,  G06F16/16 ,  G06F16/17 ,  G06F16/11 ,  G06F16/13 ,  G06F16/174 ,  G06F16/23 ,  G06F16/9535 ,  G06N99/00 ,  H04L9/32 ,  H04L41/0668 ,  H04L43/0805 ,  H04L43/0811 ,  H04L43/0852 ,  H04L43/106 ,  H04L45/00 ,  H04L45/50 ,  H04L67/12 ,  H04L43/026 ,  H04L61/5007 ,  H04L67/01 ,  H04L67/51 ,  H04L67/75 ,  H04L67/1001 ,  H04L43/062 ,  H04L43/10 ,  H04L47/2441 ,  H04L41/0893 ,  H04L43/08 ,  H04L43/04 ,  H04W84/18 ,  H04L67/10 ,  H04L41/046 ,  H04L43/0876 ,  H04L41/12 ,  H04L41/16 ,  H04L41/0816 ,  G06F21/53 ,  H04L41/22 ,  G06F3/04842 ,  G06F3/04847 ,  H04L41/0803 ,  H04L43/0829 ,  H04L43/16 ,  H04L1/24 ,  H04W72/08 ,  H04L9/08 ,  H04J3/06 ,  H04J3/14 ,  H04L47/20 ,  H04L47/32 ,  H04L43/0864 ,  H04L47/11 ,  H04L69/22 ,  H04L45/74 ,  H04L47/2483 ,  H04L43/0882 ,  H04L41/0806 ,  H04L43/0888 ,  H04L43/12 ,  H04L47/31 ,  G06F3/0482 ,  G06T11/20 ,  H04L43/02 ,  H04L47/28 ,  H04L69/16 ,  H04L45/302

Abstract: This disclosure generally relate to a method and system for network policy simulation in a distributed computing system. The present technology relates techniques that enable simulation of a new network policy with regard to its effects on the network data flow. By enabling a simulation data flow that is parallel and independent from the regular data flow, the present technology can provide optimized network security management with improved efficiency.

公开(公告)号：US11528283B2

公开(公告)日：2022-12-13

申请号：US16899190

申请日：2020-06-11

Applicant: Cisco Technology, Inc.

Inventor： Navindra Yadav ,  Abhishek Ranjan Singh ,  Shashidhar Gandham ,  Ellen Christine Scheib ,  Omid Madani ,  Ali Parandehgheibi ,  Jackson Ngoc Ki Pang ,  Vimalkumar Jeyakumar ,  Michael Standish Watts ,  Hoang Viet Nguyen ,  Khawar Deen ,  Rohit Chandra Prasad ,  Sunil Kumar Gupta ,  Supreeth Hosur Nagesh Rao ,  Anubhav Gupta ,  Ashutosh Kulshreshtha ,  Roberto Fernando Spadaro ,  Hai Trong Vu ,  Varun Sagar Malhotra ,  Shih-Chun Chang ,  Bharathwaj Sankara Viswanathan ,  Fnu Rachita Agasthy ,  Duane Thomas Barlow

IPC: H04L29/06 ,  H04L12/26 ,  H04L9/40 ,  H04L43/04 ,  H04L43/0894 ,  H04L43/062

Abstract: An example method includes detecting, using sensors, packets throughout a datacenter. The sensors can then send packet logs to various collectors which can then identify and summarize data flows in the datacenter. The collectors can then send flow logs to an analytics module which can identify the status of the datacenter and detect an attack.

公开(公告)号：US11368378B2

公开(公告)日：2022-06-21

申请号：US16725945

申请日：2019-12-23

Applicant: Cisco Technology, Inc.

Inventor： Shashidhar Gandham ,  Rohit Chandra Prasad ,  Abhishek Ranjan Singh ,  Navindra Yadav ,  Khawar Deen ,  Varun Sagar Malhotra

IPC: H04L12/26 ,  H04L29/06 ,  G06F16/28 ,  G06F16/2457 ,  G06F16/248 ,  G06F16/29 ,  G06F16/16 ,  G06F16/17 ,  G06F16/11 ,  G06F16/13 ,  G06F16/174 ,  G06F16/23 ,  G06F9/455 ,  G06N20/00 ,  G06N99/00 ,  H04L9/32 ,  H04L43/045 ,  G06F3/0482 ,  G06F3/04842 ,  G06F3/04847 ,  G06F16/9535 ,  G06F21/53 ,  G06F21/55 ,  G06T11/20 ,  H04J3/06 ,  H04J3/14 ,  H04L1/24 ,  H04L9/08 ,  H04L41/046 ,  H04L41/0668 ,  H04L41/0803 ,  H04L41/0806 ,  H04L41/0816 ,  H04L41/0893 ,  H04L41/12 ,  H04L41/16 ,  H04L41/22 ,  H04L43/02 ,  H04L43/026 ,  H04L43/04 ,  H04L43/062 ,  H04L43/08 ,  H04L43/0805 ,  H04L43/0811 ,  H04L43/0829 ,  H04L43/0852 ,  H04L43/0864 ,  H04L43/0876 ,  H04L43/0882 ,  H04L43/0888 ,  H04L43/10 ,  H04L43/106 ,  H04L43/12 ,  H04L43/16 ,  H04L45/302 ,  H04L45/00 ,  H04L45/50 ,  H04L45/74 ,  H04L47/11 ,  H04L47/20 ,  H04L47/2441 ,  H04L47/2483 ,  H04L47/28 ,  H04L47/31 ,  H04L47/32 ,  H04L61/5007 ,  H04L9/40 ,  H04L67/10 ,  H04L67/1001 ,  H04L67/12 ,  H04L67/51 ,  H04L67/75 ,  H04L67/01 ,  H04L69/16 ,  H04L69/22 ,  H04W72/08 ,  H04W84/18 ,  H04L12/24 ,  H04L67/50

Abstract: Systems, methods, and computer-readable media for identifying bogon addresses. A system can obtain an indication of address spaces in a network. The indication can be based on route advertisements transmitted by routers associated with the network. The system can receive a report generated by a capturing agent deployed on a host. The report can identify a flow captured by the capturing agent at the host. The system can identify a network address associated with the flow and, based on the indication of address spaces, the system can determine whether the network address is within the address spaces in the network. When the network address is not within the address spaces in the network, the system can determine that the network address is a bogon address. When the network address is within the address spaces in the network, the system can determine that the network address is not a bogon address.

公开(公告)号：US10320630B2

公开(公告)日：2019-06-11

申请号：US15171855

申请日：2016-06-02

Applicant: Cisco Technology, Inc.

Inventor： Shashidhar Gandham ,  Rohit Chandra Prasad ,  Abhishek Ranjan Singh ,  Navindra Yadav ,  Khawar Deen ,  Varun Sagar Malhotra

IPC: H04L12/26 ,  H04L29/06 ,  G06F9/455 ,  G06N20/00 ,  G06F16/29 ,  G06F16/248 ,  G06F16/28 ,  G06F16/9535 ,  G06F16/2457 ,  H04L12/851 ,  H04L12/24 ,  H04W84/18 ,  H04L29/08 ,  G06F21/53 ,  H04L12/723 ,  G06F3/0484 ,  H04L1/24 ,  H04W72/08 ,  H04L9/08 ,  H04L9/32 ,  H04J3/06 ,  H04J3/14 ,  H04L29/12 ,  H04L12/813 ,  H04L12/823 ,  H04L12/801 ,  H04L12/741 ,  H04L12/833 ,  H04L12/721 ,  G06F3/0482 ,  G06T11/20 ,  H04L12/841 ,  H04L12/725 ,  H04L12/715 ,  G06F21/55 ,  G06F21/56 ,  G06F16/16 ,  G06F16/17 ,  G06F16/11 ,  G06F16/13 ,  G06N99/00 ,  G06F16/174 ,  G06F16/23

Abstract: Systems, methods, and computer-readable media for hierarchichal sharding of flows from sensors to collectors. A first collector can receive a first portion of a network flow from a first capturing agent and determine that a second portion of the network flow was not received from the first capturing agent. The first collector can then send the first portion of the network flow to a second collector. A third collector can receive the second portion of the network flow from a second capturing agent and determine that the third collector did not receive the first portion of the network flow. The third collector can then send the second portion of the network flow to the second collector. The second collector can then aggregate the first portion and second portion of the network flow to yield the entire portion of the network flow.

公开(公告)号：US10305757B2

公开(公告)日：2019-05-28

申请号：US15132086

申请日：2016-04-18

Applicant: Cisco Technology, Inc.

Inventor： Navindra Yadav ,  Supreeth Hosur Nagesh Rao ,  Ashutosh Kulshreshtha ,  Omid Madani ,  Jackson Ngoc Ki Pang ,  Khawar Deen ,  Ellen Christine Scheib

IPC: H04L12/26 ,  H04L29/06 ,  H04L12/813 ,  H04L12/841 ,  H04L9/32 ,  H04L9/08 ,  H04L12/721 ,  H04L29/08 ,  H04L12/24 ,  H04L12/851 ,  H04L12/725 ,  H04L12/823 ,  H04L29/12 ,  H04L12/723 ,  H04L12/833 ,  H04L12/715 ,  H04L12/801 ,  H04J3/06 ,  G06F21/56 ,  G06F21/55 ,  G06F3/0484 ,  G06F3/0482 ,  G06F9/455 ,  G06T11/20 ,  G06N20/00 ,  G06F16/29 ,  G06F16/248 ,  G06F16/28 ,  G06F16/9535 ,  G06F16/2457 ,  G06F17/30 ,  H04W84/18 ,  G06N99/00 ,  G06F21/53 ,  H04L1/24 ,  H04W72/08 ,  H04J3/14 ,  H04L12/741

Abstract: An example method can include monitoring a network to identify flows between nodes in the network. Once flows have been identified, the flows can be tagged and labelled according to the type of traffic they represent. If a flow represents malicious or otherwise undesirable traffic, it can be tagged accordingly. A request can then be made for a reputation score of an entity which can identify one or more nodes of the network.

公开(公告)号：US10181987B2

公开(公告)日：2019-01-15

申请号：US15171807

申请日：2016-06-02

Applicant: Cisco Technology, Inc.

Inventor： Shashidhar Gandham ,  Rohit Chandra Prasad ,  Abhishek Ranjan Singh ,  Navindra Yadav ,  Khawar Deen ,  Varun Sagar Malhotra

IPC: G06F15/173 ,  H04L12/26 ,  H04L29/06 ,  G06F9/455 ,  G06F17/30 ,  H04L12/851 ,  H04L12/24 ,  H04W84/18 ,  H04L29/08 ,  G06N99/00 ,  G06F21/53 ,  H04L12/723 ,  G06F3/0484 ,  H04L1/24 ,  H04W72/08 ,  H04L9/08 ,  H04L9/32 ,  H04J3/06 ,  H04J3/14 ,  H04L29/12 ,  H04L12/813 ,  H04L12/823 ,  H04L12/801 ,  H04L12/741 ,  H04L12/833 ,  H04L12/721 ,  G06F3/0482 ,  G06T11/20 ,  H04L12/841 ,  H04L12/725 ,  H04L12/715 ,  G06F21/55 ,  G06F21/56

Abstract: Systems, methods, and computer-readable media for collector high availability. In some embodiments, a system receives, from a first collector device, a first data report generated by a capturing agent deployed on a host system in a network. The system can also receive, from a second collector device, a second data report generated by the capturing agent deployed on the host system. The first and second data reports can include traffic data captured at the host system by the capturing agent during a period of time. The system can determine that the first data report and the second data report are both associated with the capturing agent, and identify duplicate data contained in the first data report and the second data report. The system can then deduplicate the first and second data reports to yield a deduplicated data report.

公开(公告)号：US20160359888A1

公开(公告)日：2016-12-08

申请号：US15171580

申请日：2016-06-02

Applicant: Cisco Technology, Inc.

Inventor： Sunil Kumar Gupta ,  Navindra Yadav ,  Michael Standish Watts ,  Ali Parandehgheibi ,  Shashidhar Gandham ,  Ashutosh Kulshreshtha ,  Khawar Deen

IPC: H04L29/06 ,  G06F9/455

CPC classification number: H04L43/045 ,  G06F3/0482 ,  G06F3/04842 ,  G06F3/04847 ,  G06F9/45558 ,  G06F17/30241 ,  G06F17/3053 ,  G06F17/30554 ,  G06F17/30598 ,  G06F17/30604 ,  G06F17/30867 ,  G06F21/53 ,  G06F21/552 ,  G06F21/566 ,  G06F2009/4557 ,  G06F2009/45587 ,  G06F2009/45591 ,  G06F2009/45595 ,  G06F2221/033 ,  G06F2221/2101 ,  G06F2221/2105 ,  G06F2221/2111 ,  G06F2221/2115 ,  G06F2221/2145 ,  G06N99/005 ,  G06T11/206 ,  H04J3/0661 ,  H04J3/14 ,  H04L1/242 ,  H04L9/0866 ,  H04L9/3239 ,  H04L9/3242 ,  H04L41/046 ,  H04L41/0668 ,  H04L41/0803 ,  H04L41/0806 ,  H04L41/0816 ,  H04L41/0893 ,  H04L41/12 ,  H04L41/16 ,  H04L41/22 ,  H04L43/02 ,  H04L43/04 ,  H04L43/062 ,  H04L43/08 ,  H04L43/0805 ,  H04L43/0811 ,  H04L43/0829 ,  H04L43/0841 ,  H04L43/0858 ,  H04L43/0864 ,  H04L43/0876 ,  H04L43/0882 ,  H04L43/0888 ,  H04L43/10 ,  H04L43/106 ,  H04L43/12 ,  H04L43/16 ,  H04L45/306 ,  H04L45/38 ,  H04L45/46 ,  H04L45/507 ,  H04L45/66 ,  H04L45/74 ,  H04L47/11 ,  H04L47/20 ,  H04L47/2441 ,  H04L47/2483 ,  H04L47/28 ,  H04L47/31 ,  H04L47/32 ,  H04L61/2007 ,  H04L63/0227 ,  H04L63/0263 ,  H04L63/06 ,  H04L63/0876 ,  H04L63/1408 ,  H04L63/1416 ,  H04L63/1425 ,  H04L63/1433 ,  H04L63/1441 ,  H04L63/145 ,  H04L63/1458 ,  H04L63/1466 ,  H04L63/16 ,  H04L63/20 ,  H04L67/10 ,  H04L67/1002 ,  H04L67/12 ,  H04L67/16 ,  H04L67/22 ,  H04L67/36 ,  H04L67/42 ,  H04L69/16 ,  H04L69/22 ,  H04W72/08 ,  H04W84/18

Abstract: A method provides for receiving network traffic from a host having a host IP address and operating in a data center, and analyzing a malware tracker for IP addresses of hosts having been infected by a malware to yield an analysis. When the analysis indicates that the host IP address has been used to communicate with an external host infected by the malware to yield an indication, the method includes assigning a reputation score, based on the indication, to the host. The method can further include applying a conditional policy associated with using the host based on the reputation score. The reputation score can include a reduced reputation score from a previous reputation score for the host.

Abstract translation: 一种方法提供从具有主机IP地址并在数据中心中操作的主机接收网络流量，以及分析恶意软件跟踪器以获得已被恶意软件感染的主机的IP地址以产生分析。 当分析指示主机IP地址已被用于与被恶意软件感染的外部主机进行通信以产生指示时，该方法包括基于指示将信誉评分分配给主机。 该方法还可以包括根据信誉分数应用与使用主机相关联的条件策略。 信誉分数可以包括从主机的以前的声誉分数减少的声誉分数。

公开(公告)号：US20160359708A1

公开(公告)日：2016-12-08

申请号：US15171855

申请日：2016-06-02

Applicant: Cisco Technology, Inc.

Inventor： Shashidhar Gandham ,  Rohit Chandra Prasad ,  Abhishek Ranjan Singh ,  Navindra Yadav ,  Khawar Deen ,  Varun Sagar Malhotra

IPC: H04L12/26 ,  G06F9/455 ,  H04L12/24

CPC classification number: H04L43/045 ,  G06F3/0482 ,  G06F3/04842 ,  G06F3/04847 ,  G06F9/45558 ,  G06F17/30241 ,  G06F17/3053 ,  G06F17/30554 ,  G06F17/30598 ,  G06F17/30604 ,  G06F17/30867 ,  G06F21/53 ,  G06F21/552 ,  G06F21/566 ,  G06F2009/4557 ,  G06F2009/45587 ,  G06F2009/45591 ,  G06F2009/45595 ,  G06F2221/033 ,  G06F2221/2101 ,  G06F2221/2105 ,  G06F2221/2111 ,  G06F2221/2115 ,  G06F2221/2145 ,  G06N99/005 ,  G06T11/206 ,  H04J3/0661 ,  H04J3/14 ,  H04L1/242 ,  H04L9/0866 ,  H04L9/3239 ,  H04L9/3242 ,  H04L41/046 ,  H04L41/0668 ,  H04L41/0803 ,  H04L41/0806 ,  H04L41/0816 ,  H04L41/0893 ,  H04L41/12 ,  H04L41/16 ,  H04L41/22 ,  H04L43/02 ,  H04L43/04 ,  H04L43/062 ,  H04L43/08 ,  H04L43/0805 ,  H04L43/0811 ,  H04L43/0829 ,  H04L43/0841 ,  H04L43/0858 ,  H04L43/0864 ,  H04L43/0876 ,  H04L43/0882 ,  H04L43/0888 ,  H04L43/10 ,  H04L43/106 ,  H04L43/12 ,  H04L43/16 ,  H04L45/306 ,  H04L45/38 ,  H04L45/46 ,  H04L45/507 ,  H04L45/66 ,  H04L45/74 ,  H04L47/11 ,  H04L47/20 ,  H04L47/2441 ,  H04L47/2483 ,  H04L47/28 ,  H04L47/31 ,  H04L47/32 ,  H04L61/2007 ,  H04L63/0227 ,  H04L63/0263 ,  H04L63/06 ,  H04L63/0876 ,  H04L63/1408 ,  H04L63/1416 ,  H04L63/1425 ,  H04L63/1433 ,  H04L63/1441 ,  H04L63/145 ,  H04L63/1458 ,  H04L63/1466 ,  H04L63/16 ,  H04L63/20 ,  H04L67/10 ,  H04L67/1002 ,  H04L67/12 ,  H04L67/16 ,  H04L67/22 ,  H04L67/36 ,  H04L67/42 ,  H04L69/16 ,  H04L69/22 ,  H04W72/08 ,  H04W84/18

Abstract: Systems, methods, and computer-readable media for hierarchichal sharding of flows from sensors to collectors. A first collector can receive a first portion of a network flow from a first capturing agent and determine that a second portion of the network flow was not received from the first capturing agent. The first collector can then send the first portion of the network flow to a second collector. A third collector can receive the second portion of the network flow from a second capturing agent and determine that the third collector did not receive the first portion of the network flow. The third collector can then send the second portion of the network flow to the second collector. The second collector can then aggregate the first portion and second portion of the network flow to yield the entire portion of the network flow.

Abstract translation: 用于从传感器到收集器的流层分层划分的系统，方法和计算机可读介质。 第一收集器可以接收来自第一捕获代理的网络流的第一部分，并且确定网络流的第二部分未被从第一捕获代理接收。 然后，第一收集器可以将网络流的第一部分发送到第二收集器。 第三收集器可以从第二捕获代理接收网络流的第二部分，并且确定第三收集器没有接收网络流的第一部分。 然后，第三收集器可以将网络流的第二部分发送到第二收集器。 然后，第二收集器可以聚合网络流的第一部分和第二部分以产生网络流的整个部分。