| 主权项 |
1. A device for detecting network traffic content, the device comprising:
a first physical input port to receive signatures of content desired to be detected; a second physical input port to receive, over a first network, network traffic content; a physical output port to retransmit, over a second network, processed network traffic content; a memory configured for storing one or more signatures received via the first physical input port, each of the one or more signatures associated with content desired to be detected, and defined by one or more predicates each providing logic for identifying particular content; and a processor configured to
receive, via the second physical input port, data associated with network traffic content,execute one or more instructions based on the one or more signatures and the data,determine whether a portion of the network traffic content matches the content desired to be detected;when a portion of the network traffic content is determined to match content desired to be detected, perform at least one remedial action including removal of the matching portion of the network traffic content; andretransmit, via the physical output port, the network traffic content; wherein:
the first physical input port receives the signatures of content desired to be detected via a network other than the first and second networks; andthe first and second physical input ports and the physical output port are each wire-based network ports. |
