公开(公告)号：US09356876B1

公开(公告)日：2016-05-31

申请号：US14088436

申请日：2013-11-24

Applicant: Cisco Technology, Inc.

Inventor： Nir Ben-Dvora ,  Michael Zayats ,  Chanoh Haim ,  Ranjana Rao

IPC: H04L12/851

CPC classification number: H04L43/0876 ,  H04L41/12 ,  H04L47/2441 ,  H04L63/0428 ,  H04L67/10 ,  H04L69/04 ,  H04L69/22

Abstract: System and methods for identifying and managing applications over compressed or encrypted traffic in a network are described. The first and second embodiments, which provides a method for managing applications over compressed or encrypted traffic respectively, comprise identifying applications on the traffic, saving the application classification per connection, and propagating the application classification to the network. A method for providing application identification over compressed or encrypted traffic is also disclosed, which includes an application recognition module configured to, among other functions, determine an application classifier for compressed or encrypted traffic without applying an application classification process, and utilize the application classification for previous packets originating from the connection for the current packets from the same connection.

Abstract translation: 描述了通过网络中压缩或加密流量识别和管理应用程序的系统和方法。 提供分别通过压缩或加密流量管理应用的方法的第一和第二实施例包括识别流量上的应用，保存每个连接的应用分类，以及将应用分类传播到网络。 还公开了一种用于在压缩或加密业务上提供应用识别的方法，其包括应用识别模块，该应用识别模块被配置为除了应用分类过程之外还确定用于压缩或加密业务的应用分类器，并且将应用分类用于 来自同一连接的来自当前分组的连接的先前分组。

公开(公告)号：US20160248652A1

公开(公告)日：2016-08-25

申请号：US15142302

申请日：2016-04-29

Applicant: Cisco Technology, Inc.

Inventor： Nir Ben-Dvora ,  Michael Zayats ,  Chanoh Haim ,  Ranjana Rao

IPC: H04L12/26 ,  H04L12/24 ,  H04L29/08 ,  H04L29/06

CPC classification number: H04L43/0876 ,  H04L41/12 ,  H04L47/2441 ,  H04L63/0428 ,  H04L67/10 ,  H04L69/04 ,  H04L69/22

Abstract: System and methods for identifying and managing applications over compressed or encrypted traffic in a network are described. The first and second embodiments, which provides a method for managing applications over compressed or encrypted traffic respectively, comprise identifying applications on the traffic, saving the application classification per connection, and propagating the application classification to the network. A method for providing application identification over compressed or encrypted traffic is also disclosed, which includes an application recognition module configured to, among other functions, determine an application classifier for compressed or encrypted traffic without applying an application classification process, and utilize the application classification for previous packets originating from the connection for the current packets from the same connection.

Abstract translation: 描述了通过网络中压缩或加密流量识别和管理应用程序的系统和方法。 提供分别通过压缩或加密流量管理应用的方法的第一和第二实施例包括识别流量上的应用，保存每个连接的应用分类，以及将应用分类传播到网络。 还公开了一种用于在压缩或加密业务上提供应用识别的方法，其包括应用识别模块，该应用识别模块被配置为除了应用分类过程之外还确定用于压缩或加密业务的应用分类器，并且将应用分类用于 来自同一连接的来自当前分组的连接的先前分组。

公开(公告)号：US10178181B2

公开(公告)日：2019-01-08

申请号：US14328094

申请日：2014-07-10

Applicant: Cisco Technology, Inc.

Inventor： Eitan Ben-Nun ,  Michael Zayats ,  Daniel G. Wing ,  Kirtesh Patil ,  Jaideep Padhye ,  Manohar B. Hungund ,  Saravanan Agasaveeran

IPC: H04L29/06 ,  H04L29/08

Abstract: An interposer is provided that is configured to interpose into an application security protocol exchange by obtaining application session security state. The interposer does this without holding any private keying material of client or server. An out-of-band Security Assistant Key Escrow service (SAS/SAKE) is also provided. The SAKE resides in the secure physical network perimeter and holds the private keying material required to derive session keys for interposing into application security protocol. During a security protocol handshake, the interposer sends SAKE security protocol handshake messages and in return receives from the SAKE session security state that allows it to participate in application security protocol.

公开(公告)号：US20150288679A1

公开(公告)日：2015-10-08

申请号：US14328094

申请日：2014-07-10

Applicant: Cisco Technology, Inc.

Inventor： Eitan Ben-Nun ,  Michael Zayats ,  Daniel G. Wing ,  Kirtesh Patil ,  Jaideep Padhye ,  Manohar B. Hungund ,  Saravanan Agasaveeran

IPC: H04L29/06 ,  H04L29/08

CPC classification number: H04L67/141 ,  H04L63/0281 ,  H04L63/0823 ,  H04L63/168 ,  H04L67/28

Abstract: An interposer is provided that is configured to interpose into an application security protocol exchange by obtaining application session security state. The interposer does this without holding any private keying material of client or server. An out-of-band Security Assistant Key Escrow service (SAS/SAKE) is also provided. The SAKE resides in the secure physical network perimeter and holds the private keying material required to derive session keys for interposing into application security protocol. During a security protocol handshake, the interposer sends SAKE security protocol handshake messages and in return receives from the SAKE session security state that allows it to participate in application security protocol.

Abstract translation: 提供了一种插入器，其被配置为通过获得应用程序会话安全状态来插入到应用程序安全协议交换中。 插件不需要持有客户端或服务器的任何私有密钥材料即可。 还提供了带外安全助理密钥托管服务（SAS / SAKE）。 SAKE驻留在安全的物理网络周边，并保存导出会话密钥所需的私人密钥材料，以插入到应用安全协议中。 在安全协议握手期间，插入器发送SAKE安全协议握手消息，并返回从SAKE会话安全状态接收，允许其参与应用安全协议。