| 主权项 |
1. A method, in a data processing system, for identifying transparent network communication interception appliances in a network topology, comprising: collecting, by an application detection mechanism in the data processing system, network configuration data from a plurality of devices in the network topology; analyzing, by the appliance detection mechanism, the collected network configuration data using one or more heuristics to identify patterns in the collected network configuration data indicative of the presence of a transparent network communication interception appliance, wherein the appliance detection mechanism is a separate mechanism from the transparent network communication interception appliance; calculating, by the appliance detection mechanism, a confidence measure value based on results of the analysis of the collected network configuration data; and
sending, by the appliance detection mechanism, a notification of a detected presence of a transparent network communication interception appliance to a computing device in response to the calculated confidence measure value meeting or exceeding at least one threshold value; wherein the one or more heuristics comprises a multiple gateway heuristic that analyzes subnet gateway computing device assignment to an associated group of devices, in the plurality of devices in the network topology to identify whether more than one gateway computing device is associated with the group of devices, and wherein calculating the confidence measure value comprises increasing the confidence measure value in response to the multiple gateway heuristic identifying more than one gateway computing device being associated with the group of devices. |
