| 发明名称 |
Techniques for network protection based on subscriber-aware application proxies |
| 摘要 |
Techniques for responding to intrusions on a packet switched network include receiving user data at a subscriber-aware gateway server between a network access server and a content server. The user data includes subscriber identifier data that indicates a unique identifier for a particular user, network address data that indicates a network address for a host used by the particular user, NAS data that indicates an identifier for the network access server, flow list data that indicates one or more open data packet flows, and suspicious activity data. The suspicious activity data indicates a value for a property of the open data packet flows that indicates suspicious activity. It is determined whether an intrusion condition is satisfied based on the suspicious activity data. If the intrusion condition is satisfied, then the gateway responds based at least in part on user data other than the network address data. |
| 申请公布号 |
US8266696(B2) |
申请公布日期 |
2012.09.11 |
| 申请号 |
US20050273112 |
申请日期 |
2005.11.14 |
| 申请人 |
O'ROURKE CHRISTOPHER C.;BORDONARO FRANK GERARD;MENDITTO LOUIS;BATZ ROBERT;CISCO TECHNOLOGY, INC. |
发明人 |
O'ROURKE CHRISTOPHER C.;BORDONARO FRANK GERARD;MENDITTO LOUIS;BATZ ROBERT |
| 分类号 |
G06F11/00;G06F12/14;G06F12/16;G08B23/00 |
主分类号 |
G06F11/00 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
|
| 地址 |
|
