CN101621587B - Method, device and system for network monitoring - Google Patents

Method, device and system for network monitoring Download PDF

Info

Publication number
CN101621587B
CN101621587B CN2008101252729A CN200810125272A CN101621587B CN 101621587 B CN101621587 B CN 101621587B CN 2008101252729 A CN2008101252729 A CN 2008101252729A CN 200810125272 A CN200810125272 A CN 200810125272A CN 101621587 B CN101621587 B CN 101621587B
Authority
CN
China
Prior art keywords
data
monitoring
snoop results
obtains
network
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN2008101252729A
Other languages
Chinese (zh)
Other versions
CN101621587A (en
Inventor
刘廷永
刘国清
张文达
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Chengdu Huawei Technology Co Ltd
Original Assignee
Huawei Symantec Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Symantec Technologies Co Ltd filed Critical Huawei Symantec Technologies Co Ltd
Priority to CN2008101252729A priority Critical patent/CN101621587B/en
Priority to PCT/CN2009/070875 priority patent/WO2010000145A1/en
Priority to US12/478,307 priority patent/US8416695B2/en
Publication of CN101621587A publication Critical patent/CN101621587A/en
Application granted granted Critical
Publication of CN101621587B publication Critical patent/CN101621587B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The embodiment of the invention discloses a method, a device and a system for network monitoring. The method for network monitoring comprises the following steps: acquiring an exact matching rule by analyzing a monitoring strategy; and selecting received data by using deep packet inspection according to the exact matching rule to obtain a monitoring result, wherein the received data is a service customizing rule obtained by analyzing the monitoring strategy and is obtained by pre-processing data and filtering grouped data. The system for network monitoring comprises a service inspection server and a service analyzing server. The technical scheme of the embodiment of the invention can realize the monitoring of various packet data services transmitted in an IP network.

Description

Network monitoring method, Apparatus and system
Technical field
The present invention relates to communication technical field, particularly relate to network monitoring method, Apparatus and system.
Background technology
IP (Internet Protocol, Internet Protocol) network is the various new communication technologies on basis, has become the focus of current research.IP network voice transfer (VOIP; Voice over Internet Protocol) technology; Be voice flow signal with simulation after the processing of overcompression and package, transmit in the environment of IP network with the form of packet data package, have the irreplaceable advantage of black phone.Along with developing rapidly of the communication technology, the VOIP network replaces traditional public switch telephone network (PSTN, Public Switched Telephone Network) just gradually, receives more and more people's approval.From reasons such as safety, relevant security department or some special units often need monitor intra-network communication.In the prior art, the method for monitoring service is in traditional P STN communication network, through voice flow is preserved, operation such as recovery, realize monitoring to the PSTN audio call.
In realizing process of the present invention, the inventor finds to exist at least in the prior art following problem:
Existing monitoring technique is only applicable to the PSTN network; Be that the voice flow in the PSTN network is monitored; And the VOIP transmission through network is grouped data; Therefore, this method of in the PSTN network, voice flow being monitored of prior art can't be suitable in the VOIP network fully, promptly can't obtain the speech data that need monitor in the VOIP network effectively.
In addition; VOIP only is the aspect that IP network is used; Except that speech business, IP network is also supported polytype data services such as text, image, video, for the business of these types; The demand that monitoring is arranged equally, but a kind of monitor method that can effectively be applied to IP network temporarily also do not had at present.
Summary of the invention
In view of this, the embodiment of the invention provides a kind of network monitoring method, Apparatus and system, and to realize the monitoring to IP network, technical scheme is following:
The embodiment of the invention provides a kind of network monitoring method, comprising:
Obtain to resolve and monitor the accurate matched rule that strategy obtains;
According to said accurate matched rule, adopt deep-packet detection that the data that receive are selected, obtain snoop results, the data of said reception are to monitor the business customizing rule that strategy obtains according to resolving, and adopt the data preliminary treatment that grouped data is filtered and obtain; Said employing deep-packet detection is selected the data that receive, and obtains snoop results, specifically comprises: adopt deep-packet detection, the data that receive are analyzed; According to said accurate matched rule analysis result is selected, obtained to treat the Intercept related information of monitoring service data; Through the unique characteristic identifier of association, obtain the said pairing Media Stream of Intercept related information of treating the monitoring service data, with the Intercept related information of treating the monitoring service data and pairing Media Stream jointly as snoop results.
The embodiment of the invention also provides a kind of business diagnosis server, comprising:
Monitor policy processing unit, be used for parsing and monitor strategy, obtain business customizing rule and accurate matched rule;
Data selection unit adopts deep-packet detection, according to the accurate matched rule that said monitoring policy processing unit obtains the data that professional detecting server sends is selected, and obtains snoop results;
Said data selection unit specifically comprises: analyze subelement, adopt deep-packet detection, the data that professional detecting server sends are analyzed; The chooser unit according to the accurate matched rule that said monitoring policy processing unit obtains, is selected the analysis result of said analysis subelement, obtains to treat the Intercept related information of monitoring service data; Snoop results generates subelement, is used for the Intercept related information of treating the monitoring service data that obtains according to said chooser unit, generates snoop results.
The embodiment of the invention also provides a kind of network monitoring system, comprises professional detecting server and business diagnosis server;
Said professional detecting server is used to obtain the grouped data of IP network, and the application data preconditioning technique filters the grouped data of being obtained according to the business customizing rule that said business diagnosis server obtains;
Said business diagnosis server is used for parsing and monitors strategy, obtains business customizing rule and accurate matched rule; Adopt deep-packet detection, said professional detecting server filtered data is selected, obtain snoop results according to accurate matched rule;
Wherein, said employing deep-packet detection is selected the data that receive, and obtains snoop results and specifically comprises: adopt deep-packet detection, the data that receive are analyzed; According to said accurate matched rule analysis result is selected, obtained to treat the Intercept related information of monitoring service data; Through the unique characteristic identifier of association, obtain the pairing Media Stream of Intercept related information of said monitoring service data, with the Intercept related information of treating the monitoring service data and pairing Media Stream jointly as snoop results.
Realization is to the monitoring of IP network, and the problem that needs emphasis to solve is the grouped data of transmitting in the identification IP network, and from wherein selecting the business datum of required monitoring.In the technique scheme, after professional detecting server (SPS, Service Probe Server) obtains the grouped data of IP network, at first grouped data is carried out preliminary treatment, according to the business customizing rule grouped data is filtered then; Business diagnosis server (SAS; Service Analyze Server) uses deep-packet detection (DPI; Deep Packet Inspection) technology does further analysis to the grouped data after filtering through SPS; According to accurate matched rule analysis result is selected again, finally obtained required snoop results, realize monitoring IP network.In addition, can monitor for various Packet data services such as the text that transmits in the IP network, image, audio frequency, videos, this also provides more effectively monitoring means for the monitoring personnel.
Description of drawings
Fig. 1 is for realizing the flow chart of the inventive method specific embodiment;
Fig. 2 is for realizing the flow chart of another method specific embodiment of the present invention;
Fig. 3 is the structural representation of embodiment of the invention SPS;
Fig. 4 is the structural representation of embodiment of the invention SAS;
Fig. 5 is the structural representation of embodiment of the invention IP network monitoring system;
Fig. 6 is the another kind of structural representation of embodiment of the invention IP network monitoring system.
Embodiment
At first the monitor method to embodiment of the invention IP network describes, and comprising:
Obtain to resolve and monitor the accurate matched rule that strategy obtains;
According to said accurate matched rule, adopt deep-packet detection that the data that receive are selected, obtain snoop results, the data of said reception are to monitor the business customizing rule that strategy obtains according to resolving, and adopt the data preliminary treatment that grouped data is filtered and obtain.
Below in conjunction with accompanying drawing, the embodiment of the embodiment of the invention is set forth in detail.
Fig. 1 is a kind of IP network monitor method of embodiment of the invention schematic flow sheet, and this method comprises:
S101, SAS receive and monitor after the strategy, resolve monitoring strategy, obtain business customizing rule and accurate matched rule, and the business customizing rule is sent to SPS.Wherein, business customizing rule correspondence is treated the essential information of monitoring service, can comprise medium access control (MAC) address, Internet Protocol (IP) address, transmission control protocol/UDP (TCP/UDP) port, type of service etc.; Accurately the matched rule correspondence is treated the specifying information of monitoring service, can comprise user name, number of the account, e-mail address, telephone number etc.
S102; SPS adopts the mode of smelling spy to obtain the packet communication data of IP network; At first grouped data report is carried out preliminary treatment: can mate the basic service information of discerning grouped data through layer 2-4 protocal analysis or message characteristic; According to the business customizing rule, filter out basic service information and the data that rule does not conform to then, filtered data is continued to be sent to SAS.
S103, SAS use the DPI technology that the Intercept related information (IRI, Intercept Related Information) that SPS sends data is analyzed, and obtain data corresponding service specifying information.Said IRI is in the IP network grouped data, and with the relevant call control information of Media Stream (CC, Content of Communication), the IRI of identical services data is associated through unique characteristic identifier with CC.According to the accurate matched rule that obtains among the S101 analysis result is selected then, can accurately be hit the IRI that treats the monitoring service data.Through related unique characteristic identifier, obtain the pairing CC of IRI at last, with the IRI that treats the monitoring service data and CC jointly as snoop results.
Wherein, the monitoring strategy described in the S101 comprises information such as IP address that needs are monitored or number of the account, and monitoring strategy can be by being sent to SAS after network end server (WBS, the Web Server) configuration.
For snoop results is further done business recovery, present embodiment can also may further comprise the steps:
S104, database and file server (DFS, Dbase and Files Server) are preserved snoop results.Deposit the CC in the snoop results in the file service district, deposit IRI in database, can retrieve by monitoring service through the incidence relation of IRI and CC easily like this.Snoop results keeps the original storage form constant in the DFS storage system always, so that generate evidence, up to filing to exterior storage medium or being deleted.Memory capacity depends on the destination number of monitoring, is generally hundreds of G to several T bits.
S105, the monitoring personnel login WBS, and the snoop results of preserving among the DFS is carried out business recovery.WBS takes out a snoop results from DFS copy recovers processing or generates analysis report to supply the monitoring personnel to check.
The monitor method that the foregoing description provides is applicable to non real-time monitoring professional in the IP network, and for the business that needs real-time listening, WBS directly obtains snoop results from front end system SAS and carries out business recovery, and referring to shown in Figure 2, concrete grammar is following:
S201-S203 is said identical with S101-S103;
S204, WBS directly obtains snoop results from SAS, and business is recovered, and supplies monitoring personnel real-time listening.
Wherein, to the processing that backups of the data of real-time listening, present embodiment can also comprise so if desired:
S205, WBS generate a real-time listening result's copy simultaneously, send into DFS and preserve, for further analyze or produce evidence in the future.To similar described in the store method of snoop results copy and the S104, repeat no more here.
In above-mentioned two embodiment, the monitoring personnel can also carry out management maintenance to whole monitoring system through login WBS, comprise issuing the operation that control command is coordinated the monitoring system various piece, produce operation, maintenance and the running log etc. of monitoring system simultaneously.
Need to prove that the monitoring personnel also can pass through networking client (WBC, Web Client) login WBS and carry out associative operation, these do not influence realization of the present invention.
It is thus clear that in the foregoing description, to the grouped data of transmitting in the IP network, at first the essential information of application data preconditioning technique recognition data is tentatively filtered, and uses DPI technical Analysis data again, realize accurately selecting, obtain required snoop results.The monitoring personnel are through the logging in network server, can be effectively to snoop results preserve, recover, operation such as management, thereby realize monitoring to IP network.
The embodiment of the invention provides a kind of professional detecting server SPS, referring to shown in Figure 3, comprising:
Data capture unit 310 is used to obtain the grouped data of IP network;
Data filtering units 320, the application data preconditioning technique according to the business customizing rule, filters the grouped data that said data capture unit 310 obtains.
Wherein, said data filtering units 320 specifically comprises:
Recognin unit 321, the application data preconditioning technique is discerned the basic service information of the grouped data that said data capture unit 320 obtains;
Filter subelement 322,, data are filtered according to the recognition result and the business customizing rule of said type of service recognin unit 321.
The embodiment of the invention provides a kind of business diagnosis server S AS, referring to shown in Figure 4, comprising:
Monitor policy processing unit 410, be used for parsing and monitor strategy, obtain business customizing rule and accurate matched rule;
Data selection unit 420 adopts deep-packet detection, according to the accurate matched rule that said monitoring policy processing unit 410 obtains the data that professional detecting server sends is selected, and obtains snoop results.
Wherein, said data selection unit 420 specifically comprises:
Analyze subelement 421, use the DPI technology, the data that SPS sends are analyzed;
Chooser unit 422 according to the accurate matched rule that said monitoring policy resolution unit 410 obtains, is selected the analysis result of said analysis subelement 421, accurately hits the IRI that treats the monitoring service data;
Snoop results generates subelement 423, is used for the IRI that treats the monitoring service data that obtains according to said chooser unit 422, generates snoop results.
The embodiment of the invention also provides a kind of IP network monitoring system, referring to shown in Figure 5, comprises SPS 510 and SAS 520;
SPS 510, are used to obtain the grouped data of IP network, and the application data preconditioning technique filters the grouped data of being obtained according to the business customizing rule that SAS520 obtains;
SAS 520, are used for parsing and monitor strategy, obtain business customizing rule and accurate matched rule; Use the DPI technology and SPS 510 filtered data are selected, obtain snoop results with accurate matched rule.
For snoop results is carried out business recovery, monitoring system can further include management of monitor equipment, and referring to shown in Figure 6, management of monitor equipment specifically comprises: WBS 630 and DFS 640;
WBS 630, are used for snoop results is carried out business recovery;
DFS 640, are used to store snoop results.
For non-real-time service, snoop results at first is stored among the DFS 640, when needs are monitored, from DFS 640, extracts snoop results by WBS 630 and carries out business recovery; For the business that needs real-time listening; WBS 630 directly obtains snoop results by SAS 520 and carries out business recovery; Supply monitoring personnel real-time listening; If desired snoop results is backed up, WBS 640 can generate the copy of a snoop results in business recovery, sends into DFS 640 storages.
Wherein, WBS 630 can also be used for being configured monitoring strategy, manages and safeguard the operation of whole monitoring system; DFS 640 can also be used for configuration information, the operation maintenance daily record of saved system, monitors information such as personnel's account and authority.
Monitor personnel's operation for ease, monitoring system can also comprise:
WBC 650; For monitoring system provides user interface; All be to have graphical user interface (GUI generally speaking; Graphic User Interface) terminal is as the user interface of whole monitoring system, and the monitoring personnel carry out operations such as business recovery or system management maintenance through WBC Telnet WBS.
For device and system embodiment, because it is basically corresponding to method embodiment, so describe fairly simplely, relevant part gets final product referring to the part explanation of method embodiment.Device described above and system embodiment only are schematic; Wherein said unit as the separating component explanation can or can not be physically to separate also; The parts that show as the unit can be or can not be physical locations also; Promptly can be positioned at a place, perhaps also can be distributed on a plurality of NEs.Can realize the purpose of present embodiment scheme according to the needs selection some or all of module wherein of reality.Those of ordinary skills promptly can understand and implement under the situation of not paying performing creative labour.
One of ordinary skill in the art will appreciate that: all or part of step that realizes said method embodiment can be accomplished through the relevant hardware of program command; Aforesaid program can be stored in the computer read/write memory medium; This program the step that comprises said method embodiment when carrying out; And aforesaid storage medium comprises: various media that can be program code stored such as ROM, RAM, magnetic disc or CD.
Above-described embodiment of the present invention does not constitute the qualification to protection range of the present invention.Any modification of within spirit of the present invention and principle, being done, be equal to replacement and improvement etc., all should be included within protection scope of the present invention.

Claims (7)

1. a network monitoring method is characterized in that, comprising:
Obtain to resolve and monitor the accurate matched rule that strategy obtains;
According to said accurate matched rule, adopt deep-packet detection that the data that receive are selected, obtain snoop results, the data of said reception are to monitor the business customizing rule that strategy obtains according to resolving, and adopt the data preliminary treatment that grouped data is filtered and obtain;
Said employing deep-packet detection is selected the data that receive, and obtains snoop results, specifically comprises:
Adopt deep-packet detection, the data that receive are analyzed;
According to said accurate matched rule analysis result is selected, obtained to treat the Intercept related information of monitoring service data;
Through the unique characteristic identifier of association, obtain the said pairing Media Stream of Intercept related information of treating the monitoring service data, with the Intercept related information of treating the monitoring service data and pairing Media Stream jointly as snoop results.
2. method according to claim 1 is characterized in that, this method further comprises: said snoop results is carried out business recovery.
3. a business diagnosis server is characterized in that, comprising:
Monitor policy processing unit, be used for parsing and monitor strategy, obtain business customizing rule and accurate matched rule;
Data selection unit adopts deep-packet detection, according to the accurate matched rule that said monitoring policy processing unit obtains the data that professional detecting server sends is selected, and obtains snoop results;
Said data selection unit specifically comprises:
Analyze subelement, adopt deep-packet detection, the data that professional detecting server sends are analyzed;
The chooser unit according to the accurate matched rule that said monitoring policy processing unit obtains, is selected the analysis result of said analysis subelement, obtains to treat the Intercept related information of monitoring service data;
Snoop results generates subelement, is used for the Intercept related information of treating the monitoring service data that obtains according to said chooser unit, generates snoop results.
4. a network monitoring system is characterized in that, comprises professional detecting server and business diagnosis server;
Said professional detecting server is used to obtain the grouped data of IP network, and the application data preconditioning technique filters the grouped data of being obtained according to the business customizing rule that said business diagnosis server obtains;
Said business diagnosis server is used for parsing and monitors strategy, obtains business customizing rule and accurate matched rule; Adopt deep-packet detection, said professional detecting server filtered data is selected, obtain snoop results according to accurate matched rule;
Wherein, said employing deep-packet detection is selected the data that receive, and obtains snoop results and specifically comprises:
Adopt deep-packet detection, the data that receive are analyzed;
According to said accurate matched rule analysis result is selected, obtained to treat the Intercept related information of monitoring service data;
Through the unique characteristic identifier of association, obtain the pairing Media Stream of Intercept related information of said monitoring service data, with the Intercept related information of treating the monitoring service data and pairing Media Stream jointly as snoop results.
5. monitoring system according to claim 4 is characterized in that, this system also comprises:
Network end server is used for said snoop results is carried out business recovery.
6. according to claim 4 or 5 described monitoring systems, it is characterized in that this system also comprises:
Database and file server are used for said snoop results is stored.
7. monitoring system according to claim 5 is characterized in that, this system also comprises:
Networking client, for monitoring system provides user interface, the monitoring personnel login said network end server through networking client, and snoop results is carried out business recovery.
CN2008101252729A 2008-06-30 2008-06-30 Method, device and system for network monitoring Active CN101621587B (en)

Priority Applications (3)

Application Number Priority Date Filing Date Title
CN2008101252729A CN101621587B (en) 2008-06-30 2008-06-30 Method, device and system for network monitoring
PCT/CN2009/070875 WO2010000145A1 (en) 2008-06-30 2009-03-18 A method, apparatus and system for monitoring the network
US12/478,307 US8416695B2 (en) 2008-06-30 2009-06-04 Method, device and system for network interception

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN2008101252729A CN101621587B (en) 2008-06-30 2008-06-30 Method, device and system for network monitoring

Publications (2)

Publication Number Publication Date
CN101621587A CN101621587A (en) 2010-01-06
CN101621587B true CN101621587B (en) 2012-08-08

Family

ID=41465476

Family Applications (1)

Application Number Title Priority Date Filing Date
CN2008101252729A Active CN101621587B (en) 2008-06-30 2008-06-30 Method, device and system for network monitoring

Country Status (2)

Country Link
CN (1) CN101621587B (en)
WO (1) WO2010000145A1 (en)

Families Citing this family (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101945021B (en) * 2010-09-20 2014-07-02 中兴通讯股份有限公司 Method and system for realizing strategy synchronization
CN101951330A (en) * 2010-09-27 2011-01-19 中兴通讯股份有限公司 Bidirectional joint detection device and method
CN102347949B (en) * 2011-09-28 2014-07-02 上海西默通信技术有限公司 Application protocol analysis method based on DPI (Distributed Protocol Interface)
CN110336818A (en) * 2019-07-08 2019-10-15 郑州黑猫数字科技有限公司 A kind of secure data acquisition method and system based on data perception
CN112311717B (en) * 2019-07-24 2022-08-23 腾讯科技(深圳)有限公司 Network data recovery method and device, storage medium and computer equipment
CN115314424B (en) * 2022-08-08 2024-03-26 湖南三湘银行股份有限公司 Method and device for rapidly detecting network signals
CN117932175A (en) * 2024-03-18 2024-04-26 广州番禺职业技术学院 Data analysis method, device and storage medium

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1564525A (en) * 2004-03-30 2005-01-12 国电自动化研究院 Recording method and devicer for multimedia network communication
CN101072174A (en) * 2007-03-23 2007-11-14 南京邮电大学 Tencent voice identifying method based on pay load deep detection and session correlating technology

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7827602B2 (en) * 2003-06-30 2010-11-02 At&T Intellectual Property I, L.P. Network firewall host application identification and authentication
CN101179449B (en) * 2007-11-27 2010-05-26 华为技术有限公司 Monitoring system, apparatus and method in IP network

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1564525A (en) * 2004-03-30 2005-01-12 国电自动化研究院 Recording method and devicer for multimedia network communication
CN101072174A (en) * 2007-03-23 2007-11-14 南京邮电大学 Tencent voice identifying method based on pay load deep detection and session correlating technology

Also Published As

Publication number Publication date
CN101621587A (en) 2010-01-06
WO2010000145A1 (en) 2010-01-07

Similar Documents

Publication Publication Date Title
CN101621587B (en) Method, device and system for network monitoring
US8416695B2 (en) Method, device and system for network interception
US7555550B2 (en) Asset tracker for identifying user of current internet protocol addresses within an organization's communications network
US10547674B2 (en) Methods and systems for network flow analysis
US9699059B2 (en) Dedicated network interface
JP2002515152A (en) Method and apparatus for automated network-wide surveillance and security breach intervention
KR20190010956A (en) intelligence type security log analysis method
CN115134250B (en) Network attack tracing evidence obtaining method
US20160065465A1 (en) Packet recording
WO2023109524A1 (en) Information leakage monitoring method and system, and electronic device
CN111654486A (en) Server equipment judgment and identification method
CN1937544A (en) IP phone monitoring system
CN114339767B (en) Signaling detection method and device, electronic equipment and storage medium
CN112672086B (en) Audio and video equipment data acquisition, analysis, early warning system
CN101072174A (en) Tencent voice identifying method based on pay load deep detection and session correlating technology
CN102035847A (en) User access behavior processing method and system and client
CN106411987B (en) File uploads monitoring method and device
CN101296224B (en) P2P flux recognition system and method
CN105812324A (en) Method, device and system for IDC information safety management
CN1838663B (en) Realization process for detecting VoIP application in IP network
CN101827068B (en) Business scenario reduction method and device
CN112822305B (en) Method, device, router and storage medium for processing DNS query request
GB2613101A (en) Endpoint network sensor and related cybersecurity infrastructure
CN113608741B (en) Network security service integration method and device
JP2009182724A (en) Monitoring device

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
C56 Change in the name or address of the patentee

Owner name: HUAWEI DIGITAL TECHNOLOGY (CHENGDU) CO., LTD.

Free format text: FORMER NAME: CHENGDU HUAWEI SYMANTEC TECHNOLOGIES CO., LTD.

CP01 Change in the name or title of a patent holder

Address after: 611731 Chengdu high tech Zone, Sichuan, West Park, Qingshui River

Patentee after: HUAWEI DIGITAL TECHNOLOGIES (CHENG DU) Co.,Ltd.

Address before: 611731 Chengdu high tech Zone, Sichuan, West Park, Qingshui River

Patentee before: CHENGDU HUAWEI SYMANTEC TECHNOLOGIES Co.,Ltd.

TR01 Transfer of patent right

Effective date of registration: 20220907

Address after: No. 1899 Xiyuan Avenue, high tech Zone (West District), Chengdu, Sichuan 610041

Patentee after: Chengdu Huawei Technologies Co.,Ltd.

Address before: 611731 Qingshui River District, Chengdu hi tech Zone, Sichuan, China

Patentee before: HUAWEI DIGITAL TECHNOLOGIES (CHENG DU) Co.,Ltd.

TR01 Transfer of patent right