CN101350781A - Method, equipment and system for monitoring flux - Google Patents
Method, equipment and system for monitoring flux Download PDFInfo
- Publication number
- CN101350781A CN101350781A CNA2008101440747A CN200810144074A CN101350781A CN 101350781 A CN101350781 A CN 101350781A CN A2008101440747 A CNA2008101440747 A CN A2008101440747A CN 200810144074 A CN200810144074 A CN 200810144074A CN 101350781 A CN101350781 A CN 101350781A
- Authority
- CN
- China
- Prior art keywords
- control
- data message
- strategy
- equipment
- dpi
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 29
- 238000012544 monitoring process Methods 0.000 title claims abstract description 29
- 230000004907 flux Effects 0.000 title 1
- 238000007689 inspection Methods 0.000 claims abstract description 7
- 238000011217 control strategy Methods 0.000 claims description 28
- 238000001514 detection method Methods 0.000 claims description 12
- 239000013307 optical fiber Substances 0.000 claims description 2
- 230000000694 effects Effects 0.000 abstract 1
- 230000002349 favourable effect Effects 0.000 abstract 1
- 238000010586 diagram Methods 0.000 description 8
- 230000006870 function Effects 0.000 description 5
- 238000012545 processing Methods 0.000 description 3
- 230000003287 optical effect Effects 0.000 description 2
- 238000007493 shaping process Methods 0.000 description 2
- 230000005540 biological transmission Effects 0.000 description 1
- 230000000903 blocking effect Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 239000000835 fiber Substances 0.000 description 1
- 230000000670 limiting effect Effects 0.000 description 1
- 230000010076 replication Effects 0.000 description 1
- 238000011160 research Methods 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
Images
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The embodiment of the invention discloses a method, equipment and a system for network traffic monitoring. The embodiment method of the invention comprises: the data packet from a control equipment is obtained by a deep packet inspection (DPI) equipment, the policy which corresponds to the data packet is chosen from the data packet control policy configured and sent to the control equipment, thereby enabling the control equipment to carry out the data packet control according to the policy. The method, the corresponding system and equipment can fully play the role of the service identification ability of the DPI equipment, simultaneously decrease the requirement on the control equipment, realize the flexible inspection and control based on the data packet of the application layer, and is favorable for the extended application due to no effect on the existing network topology.
Description
Technical Field
The present invention relates to the field of telecommunication technologies, and in particular, to a method, a device, and a system for traffic monitoring.
Background
In recent years, the network application is extremely rich, and many new protocols have appeared, for example, point-to-point (P2P, Pointer to Pointer), Skype (an instant messaging software). With the consequent need for new applications to be detected and controlled correspondingly. However, although the conventional router can perform various controls on the data packet, it lacks the capability of identifying the application layer data packet. Although a new Deep Packet Inspection Device (DPI) can identify a service, performance is a large bottleneck, and if the DPI is connected to a network in series, a new fault point is introduced.
In the flow monitoring scheme in the prior art, a DPI device identifies a part of data packets, the identified data packets are not sent, and a control device (such as a router) performs data packet control according to a received policy configuration function.
In the research and practice process of the prior art, the inventor finds that, by adopting the flow monitoring method, the DPI equipment needs to process less flow, but due to abundant and various services, the control equipment needs to flexibly identify and apply strategies to monitor and control as many services as possible, thereby increasing the implementation complexity.
Disclosure of Invention
The technical problem to be solved in the embodiments of the present invention is to provide a method, a device, and a system for controlling a flow, which can flexibly detect and control an application layer data packet.
In order to solve the above technical problem, embodiments of a method, an apparatus, and a system for controlling a flow according to embodiments of the present invention are implemented by the following technical solutions:
the embodiment of the invention provides a flow monitoring method, which comprises the following steps:
the DPI equipment acquires the data message from the control equipment, selects a strategy corresponding to the data message from the configured data message control strategies and sends the strategy to the control equipment, so that the control equipment executes data message control according to the strategy.
An embodiment of the present invention provides a flow monitoring system, including: deep packet inspection DPI equipment, controlgear, wherein:
the DPI equipment is used for acquiring the data message from the control equipment, selecting a strategy corresponding to the data message from the configured data message control strategy and sending the strategy to the control equipment;
and the control equipment is used for sending the data message to the DPI detection equipment and controlling the data message according to the strategy sent by the DPI equipment.
The embodiment of the invention also provides Deep Packet Inspection (DPI) equipment, which comprises: the device comprises a data message acquisition unit, a strategy selection unit and a strategy sending unit, wherein:
a data message acquisition unit, configured to acquire a data message;
the strategy selection unit is used for selecting a strategy corresponding to the data message from the configured data message control strategies when the data message acquisition unit acquires the data message;
and the strategy sending unit is used for sending the strategy selected by the strategy selecting unit.
According to the technical scheme, the DPI equipment acquires the data message from the control equipment, selects the strategy corresponding to the data message from the configured data message control strategy and sends the strategy to the control equipment, and the control equipment performs data message control according to the strategy sent by the DPI equipment, so that data message detection and complex strategy are separated from data message control, namely the DPI equipment is responsible for identifying service and strategy identification and distribution, and the control equipment is responsible for strategy implementation.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to these drawings without creative efforts.
FIG. 1 is a flow chart of a flow monitoring method according to an embodiment of the present invention;
FIG. 2 is a flow chart of a flow monitoring method according to a second embodiment of the present invention;
FIG. 3 is a schematic structural diagram of a flow monitoring system according to a third embodiment of the present invention;
FIG. 4 is a schematic structural diagram of a flow monitoring system according to a fourth embodiment of the present invention;
fig. 5 is a schematic structural diagram of a fifth DPI device according to an embodiment of the present invention;
fig. 6 is a schematic structural diagram of a DPI device in a sixth embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The embodiment of the invention provides a method, a system and equipment for monitoring flow, which are used for realizing detection and control of data messages of application layers. The traffic monitoring described in this document includes two aspects, namely, the detection of data packets and the control of data packets.
Referring to fig. 1, which is a flow chart of a flow monitoring method according to an embodiment of the present invention, the following detailed description is made by specific steps:
in the optical network, the DPI device may obtain a data packet from optical fiber splitting on the control device, or obtain the data packet from a port mirror image of the control device by the DPI device, or selectively copy the data packet from the control device by the DPI device to obtain a part of the data packet.
The control device for controlling the data packet may be specifically implemented by a router, a firewall, a Broadband Access Server (BRAS), and other devices.
the data packet control policy may be pre-configured on the DPI device, and of course, due to the complexity and flexibility of the data packet control policy based on the application layer, the data packet control policy may be obtained from a policy configuration device configured by a special policy.
The data packet control policy based on the application layer may include control over a certain application, such as P2P data packets, control over a certain class of users, such as internet caf users, control over a certain application based on users, such as P2P download bandwidth of all users not exceeding 100kbps, data packet control over a certain session, such as denial of Service (DoS) data packet attack, etc., data packet control policy over a certain application, data packet control policy over a certain class of user groups, total traffic control policy based on users, etc.
These data packet control policies are difficult to implement based on the Access Control List (ACL) of the conventional router, but are easy to implement on data packet identification devices such as DPI devices, and after the DPI devices apply the decisions, they become control policies for each session flow one by one, and the DPI devices can decide and convert the policies into policies corresponding to the data packets of each session flow for the services according to the configured data packet control policies. The detection and control of the application layer data packet can be realized by a method of interactively transmitting policy action definition, session flow information and policy information bound to the session flow through the control device and the DPI device.
Therefore, the identification capability of the DPI equipment to the data message of the application layer can be fully exerted, and meanwhile, the DPI equipment is used as bypass equipment, so that the existing network topology is not influenced, and the expanded application is facilitated.
and step 14, the control equipment executes data message control according to the strategy sent by the DPI equipment.
The control equipment such as the router, the firewall and the like can realize the following functions:
1. based on the processing of the data message, the data message is composed of a series of session flows, so that the state of each session flow can be recorded by maintaining a session flow table;
2. various policy actions are implemented, such as: committed Access Rate (CAR), Shaping of data messages (Shaping), blocking of data messages (Block), redirection of data messages (redirect), replication of data messages (duplicate).
The control equipment is only responsible for implementing the data message control strategy, and complex strategy processing such as strategy judgment is not needed, so that the processing speed of the control equipment can be kept to the maximum extent.
It can be seen from this embodiment that the control of the application layer data packet is separated from the complex policy decision, that is, the DPI device is responsible for the identification of the data packet and the policy identification assignment, and the control device performs policy implementation, so that the capability of the DPI device to identify the application layer data packet can be fully exerted, and the requirement on the control device is reduced, very flexible detection and control based on the application layer data packet can be realized, and because no influence is caused on the existing network topology, the application expansion is facilitated, and the interface between the DPI device and the control device can be standardized, which is convenient for a third party to use.
The following is described in detail with a specific application scenario:
referring to fig. 2, which is a flow chart of a traffic monitoring method in the second embodiment of the present invention, a DPI device obtains a data packet control policy from a policy configuration device, so as to implement all single-user P2P bandwidth control and P2P total traffic bandwidth control, which is described in detail by the following specific steps:
step 21, the strategy configuration device sends a single-user P2P control strategy and a P2P total traffic bandwidth control strategy;
for example, the data packet control policy sent by the policy configuration device includes the following two policies: 1. the sent single-user P2P control policy is: P2P download bandwidth 100 kbps; 2. the total traffic bandwidth control strategy of P2P is: 300 Mbps.
Step 22, the DPI device receives the data packet control policy sent by the policy configuration device, and configures the data packet control policy into a local data packet control policy;
for example, the received "single user P2P control policy is: P2P download bandwidth 100 kbps; the P2P total data packet bandwidth control policy is: 300 Mbps' can be compiled to configure a local data message control strategy.
It is understood that the DPI device may also actively acquire the data packet control policy from the policy configuration device. The data packet control policy may also be preconfigured on the DPI device, that is, the device of the policy configuration function may be integrated on the DPI device.
Meanwhile, the total traffic bandwidth control strategy for "P2P is: 300Mbps ", one current limiting action TrafficBW _ ID20 is generated and sent to the control device, which is 300 Mbps.
Step 23, the DPI device acquires the data packet from the control device;
after receiving the data message of the user, the control device can forward the data message to the DPI device by means of fiber splitting, port mirroring or selective copying of necessary data message, and at the same time, the control device establishes a session flow table locally to maintain the state of the session flow.
Step 24, the DPI equipment identifies the data message, selects a corresponding strategy after identification, generates a corresponding message and sends the message to the control equipment;
if the application is P2P, it is found that it is necessary to limit the P2P data packets of the user 100.1.1.1 corresponding to the session flow to be less than or equal to 100kbps, and the total flow of the P2P also needs to be limited to be less than or equal to 300Mbps, two messages are generated and sent to the control device: message 1, flow restriction action TrafficBW _ ID100 ═ 100 kbps; message 2, identification information of the session flow: quintuple (source Internet Protocol (IP) address, destination IP address, source TCP/UDP port number, destination transmission Control Protocol/user datagram Protocol (TCP/UDP) port number, IP Protocol number), flow restriction action TrafficBW _ ID100, flow restriction action TrafficBW _ ID 20.
It can be understood that the "P2P total data packet bandwidth control policy is: 300 Mbps' may also be sent to the control device after detecting the data packet in this step. However, since basically every packet in the data packet may use the "P2P total data packet bandwidth control policy: 300Mbps ", so that the delivery in step 22 can satisfy the requirement of each data packet.
Step 25, after receiving the message, the control device executes a policy control action for each message of the session flow;
specifically, two actions of "TrafficBW _ ID100 is 100 kbps" and "TrafficBW _ ID20 is 300Mbps are performed, the P2P data packet of the control user 100.1.1.1 is not higher than 100kbps, and the total data packet is controlled to be below 300 Mbps.
When the session flow is aged, the information related to the session flow is deleted from the control device and the DPI device, step 26.
It can be seen that, in the specific implementation, the application layer data packet detection and control may also be implemented by the method in which the control device and the DPI device interactively transfer the policy action definition, the session flow information, and the policy information bound to the session flow. In this case, the control device needs to have the capability of executing the policy action, for example, for the action of CAR, the control device needs to be able to implement the algorithm of CAR, and support a certain number of CAR algorithm implementation units, for example, 10000, each algorithm unit is numbered, and ID is 1-10000. The specific parameters of the algorithm unit need to be specifically set by the DPI device according to the received policy, and some settings are preset before the data message arrives, for example, the policy of step 22; some are dynamically issued, such as message 1 in step 24.
In the above process of traffic monitoring, the following briefly introduces how a DPI device specifically makes policy decision, i.e. identifies and assigns policies: on the DPI device, policy search and matching are performed on the reported data packet, for example, after the data packet of the user 100.1.1.1 is reported, when a local search matching policy is performed, it is found that a policy matching "single user: P2P download Bandwidth 100kbps "and" Total P2P Bandwidth: 300Mbps ". For the first strategy, since the user 100.1.1.1 has not received it before, the corresponding CAR algorithm cell has not been established on the control device, so that a message is first sent to establish the cell, i.e., the first message in step 24. Since the second policy is a total P2P bandwidth control policy, the CAR algorithm unit of the second policy can be issued first without waiting for the arrival of the packet, and is issued first in step 22.
It can be seen from this embodiment that, the DPI device identifies the data packet based on the application layer on the control device, and generates a corresponding policy action according to the configured data packet control policy, and sends the policy action to the control device, and the control device executes policy control according to the policy action, so that the DPI device can fully exert the data packet identification capability based on the application layer, can realize very flexible detection and control of the data packet based on the application layer, and reduce the requirement on the control device; moreover, as the DPI equipment is used as bypass equipment, no influence is caused on network topology, and the expanded application is facilitated; the interface between the DPI device and the control device may be standardized to facilitate third party applications.
The following correspondingly describes the system and the device adopted by the traffic monitoring method:
referring to fig. 3, a schematic structural diagram of a flow monitoring system in a third embodiment of the present invention is shown, in which a policy configuration is directly performed on a DPI device, and the system includes: DPI equipment 31, control equipment 32, wherein:
the DPI device 31 is configured to obtain a data packet from the control device 32, select a policy corresponding to the data packet from configured data packet control policies, and send the policy to the control device 32;
and the control device 32 is configured to perform data packet control according to the policy sent by the DPI device 31.
It can be seen that, in this embodiment, data packet control is separated from data packet detection, the DPI device is responsible for detecting data packets of the application layer, and the control device is responsible for taking control actions on the data packets of the application layer; and, the control of the data packet is separated from the complicated policy decision, namely, the DPI device is responsible for the policy identification and distribution, and the control device is responsible for the policy implementation, in short, the control device is only responsible for the implementation of the policy, so the requirement on the control device can be reduced, and at the same time, the identification capability of the application layer of the DPI device can be exerted, thereby the detection and control of the data packet of the application layer can be realized very flexibly. The DPI equipment is bypass equipment, so that the existing network topology is not influenced, and the DPI equipment is utilized, popularized and applied; moreover, the interface between the DPI equipment and the control equipment can be standardized, and the use by a third party can be facilitated.
It is understood that, a special policy configuration device may also perform policy configuration and send the configured policy to the DPI device; or the DPI equipment actively sends a request to obtain the data message control strategy to the DPI equipment to update the strategy.
Referring to fig. 4, which is a schematic structural diagram of a flow monitoring system in the fourth embodiment of the present invention, on the basis of the third embodiment, the fourth embodiment of the present invention may further include a policy configuration device 41, configured to configure a data packet control policy and send the data packet control policy to the DPI device 31.
The following describes in detail a DPI device employed by the above flow monitoring system by using a specific embodiment:
referring to fig. 5, which is a schematic structural diagram of a fifth DPI device according to an embodiment of the present invention, the DPI device includes: a data message obtaining unit 51, a policy selecting unit 52, and a policy sending unit 53, wherein:
a data packet obtaining unit 51, configured to obtain a data packet;
a policy selecting unit 52, configured to select, when the traffic obtaining unit 51 obtains the data packet, a policy corresponding to the data packet from configured data packet control policies;
and the strategy sending unit 53 is configured to send out the strategy selected by the strategy selecting unit 53.
Therefore, the DPI equipment is used for acquiring the data message, selecting the strategy corresponding to the data message from the configured data message control strategies and sending the strategy to the corresponding control equipment to perform data message control, so that the function of the DPI equipment for identifying the data message of the application layer can be fully exerted, and very flexible detection and control of the application data message can be realized.
It can be understood that, the DPI device may also obtain the policy for controlling the data packet from a special policy configuration device, select a corresponding policy according to the obtained data packet, and send the policy to the control device, where the control device executes a corresponding data packet control function, referring to fig. 6, which is a schematic diagram of a structure of a DPI device in a sixth embodiment of the present invention, and on the basis of the fifth embodiment, the policy obtaining unit 61 may be extended to obtain the configured policy for controlling the data packet. The policy obtaining unit 61 may obtain the configured data packet control policy from the policy configuration device, or the policy configuration device may actively send the data packet control policy.
It will be understood by those skilled in the art that all or part of the steps in the method for implementing the above embodiments may be implemented by hardware that is related to instructions of a program, and the program may be stored in a computer-readable storage medium, and when executed, the program includes the following steps:
the DPI equipment acquires the data message from the control equipment, selects a strategy corresponding to the data message from the configured data message control strategies and sends the strategy to the control equipment, so that the control equipment executes data message control according to the strategy.
The storage medium mentioned above may be a read-only memory, a magnetic or optical disk, etc.
While the method, device and system for monitoring traffic provided by the present invention have been described in detail, those skilled in the art will appreciate that the various embodiments and applications of the method, device and system for monitoring traffic provided by the present invention are not limited by the disclosure.
Claims (9)
1. A method of traffic monitoring, comprising:
the DPI equipment acquires the data message from the control equipment, selects a strategy corresponding to the data message from the configured data message control strategies and sends the strategy to the control equipment, so that the control equipment executes data message control according to the strategy.
2. The traffic monitoring method according to claim 1, wherein the method for the DPI device to obtain the data packet from the control device specifically comprises:
the DPI equipment obtains a data message from optical fiber light splitting on the control equipment; or,
the DPI equipment obtains a data message from the port mirror image of the control equipment; or,
and the DPI equipment selectively copies the data message from the control equipment to obtain a part of data message.
3. The traffic monitoring method according to claim 1 or 2, wherein the configured data packet control policy comprises:
the data message control strategy of a certain application, the data message control strategy of a certain user group, the total flow control strategy based on users, the data message control strategy of a certain application based on users and the data message control strategy based on a certain conversation.
4. The traffic monitoring method according to claim 1 or 2, wherein the controlling device performing data packet control according to the policy includes at least one of:
maintaining a session flow table, and recording the state of each session flow;
and executing the policy action according to the policy sent by the DPI equipment.
5. A flow monitoring system, comprising: deep packet inspection DPI equipment, controlgear, wherein:
the DPI equipment is used for acquiring the data message from the control equipment, selecting a strategy corresponding to the data message from the configured data message control strategy and sending the strategy to the control equipment;
and the control equipment is used for sending the data message to the DPI detection equipment and controlling the data message according to the strategy sent by the DPI equipment.
6. The flow monitoring system of claim 5, wherein the system further comprises: and the policy configuration equipment is used for configuring the data message control policy and sending the data message control policy to the DPI equipment.
7. A Deep Packet Inspection (DPI) device, comprising: the device comprises a data message acquisition unit, a strategy selection unit and a strategy sending unit, wherein:
a data message acquisition unit, configured to acquire a data message;
the strategy selection unit is used for selecting a strategy corresponding to the data message from the configured data message control strategies when the data message acquisition unit acquires the data message;
and the strategy sending unit is used for sending the strategy selected by the strategy selecting unit.
8. The DPI device of claim 7 further comprising: and the strategy acquisition unit is used for acquiring the configured data message control strategy from the strategy configuration equipment.
9. A DPI device according to claim 7 or 8, wherein the configured datagram control policy comprises:
the data message control strategy of a certain application, the data message control strategy of a certain user group, the total flow control strategy based on users, the data message control strategy of a certain application based on users and the data message control strategy based on a certain conversation.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CNA2008101440747A CN101350781A (en) | 2008-07-31 | 2008-07-31 | Method, equipment and system for monitoring flux |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CNA2008101440747A CN101350781A (en) | 2008-07-31 | 2008-07-31 | Method, equipment and system for monitoring flux |
Publications (1)
Publication Number | Publication Date |
---|---|
CN101350781A true CN101350781A (en) | 2009-01-21 |
Family
ID=40269368
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CNA2008101440747A Pending CN101350781A (en) | 2008-07-31 | 2008-07-31 | Method, equipment and system for monitoring flux |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN101350781A (en) |
Cited By (26)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2010088821A1 (en) * | 2009-02-03 | 2010-08-12 | 中兴通讯股份有限公司 | Method and device for distributing a deep packet inspection policy |
CN101882999A (en) * | 2009-05-08 | 2010-11-10 | 中兴通讯股份有限公司 | Management method and system of business identification network based on deep packet inspection equipment |
WO2010127534A1 (en) * | 2009-05-07 | 2010-11-11 | 中兴通讯股份有限公司 | System and method for performing classification on deep packet inspection devices |
CN101964740A (en) * | 2009-07-24 | 2011-02-02 | 中兴通讯股份有限公司 | Method and device for distributing service traffic |
WO2011022992A1 (en) * | 2009-08-28 | 2011-03-03 | 中兴通讯股份有限公司 | Control element, forwarding element and routing method for internet protocol network |
CN102006203A (en) * | 2010-12-07 | 2011-04-06 | 苏州阔地网络科技有限公司 | Method for monitoring Flash network flow on webpage |
CN102035685A (en) * | 2010-12-20 | 2011-04-27 | 中兴通讯股份有限公司 | Alarm treating method and DPI (Deep Packet Inspection) device |
CN102075566A (en) * | 2010-12-24 | 2011-05-25 | 华为技术有限公司 | Business shunting processing method, communication equipment and network system |
WO2011095078A1 (en) * | 2010-02-04 | 2011-08-11 | 中兴通讯股份有限公司 | System and method for obtaining information by deep packet inspection function |
CN102387045A (en) * | 2011-09-30 | 2012-03-21 | 北京信息科技大学 | Embedded point to point (P2P) flow monitoring system and method thereof |
CN102394811A (en) * | 2011-10-19 | 2012-03-28 | 浙江中烟工业有限责任公司 | Multi-component synchronization control method |
CN101815015B (en) * | 2010-02-22 | 2012-04-25 | 浪潮通信信息系统有限公司 | Network flow quick security check engine facing content |
CN101715182B (en) * | 2009-11-30 | 2012-11-21 | 中国移动通信集团浙江有限公司 | Method, system and device for controlling traffic |
CN102857486A (en) * | 2012-04-01 | 2013-01-02 | 深信服网络科技(深圳)有限公司 | Next-generation application firewall system and defense method |
WO2014029098A1 (en) * | 2012-08-23 | 2014-02-27 | 华为技术有限公司 | Packet control method and apparatus |
CN104041095A (en) * | 2012-08-22 | 2014-09-10 | 华为技术有限公司 | Deep packet inspection parsing result sharing/acquiring method, system, and corresponding device thereof |
CN101883016B (en) * | 2009-05-05 | 2014-11-05 | 中兴通讯股份有限公司 | System and method for generating deep packet inspection equipment linkage strategy |
CN104506394A (en) * | 2015-01-08 | 2015-04-08 | 中国联合网络通信集团有限公司 | Method and system for statistics of mobile internet flows |
KR20150100926A (en) * | 2012-12-28 | 2015-09-02 | 후아웨이 테크놀러지 컴퍼니 리미티드 | Offload method, device and system |
CN106549815A (en) * | 2015-09-17 | 2017-03-29 | 武汉邮电科学研究院 | For the apparatus and method of real-time deep application identification in network |
CN106572120A (en) * | 2016-11-11 | 2017-04-19 | 中国南方电网有限责任公司 | Access control method and system based on mixed cloud |
CN106815112A (en) * | 2015-11-27 | 2017-06-09 | 大唐软件技术股份有限公司 | A kind of mass data monitoring system and method based on deep-packet detection |
CN107547511A (en) * | 2017-07-11 | 2018-01-05 | 新华三信息安全技术有限公司 | A kind of message processing method and device |
CN110198313A (en) * | 2019-05-23 | 2019-09-03 | 新华三信息安全技术有限公司 | A kind of method and device of strategy generating |
CN114826956A (en) * | 2022-03-30 | 2022-07-29 | 杭州迪普科技股份有限公司 | DPI policy library file automatic generation method and device for DPI test equipment |
CN116614449A (en) * | 2023-07-19 | 2023-08-18 | 中国电子科技集团公司第二十九研究所 | Application layer-oriented self-adaptive flow control device and method |
-
2008
- 2008-07-31 CN CNA2008101440747A patent/CN101350781A/en active Pending
Cited By (43)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2010088821A1 (en) * | 2009-02-03 | 2010-08-12 | 中兴通讯股份有限公司 | Method and device for distributing a deep packet inspection policy |
CN101883016B (en) * | 2009-05-05 | 2014-11-05 | 中兴通讯股份有限公司 | System and method for generating deep packet inspection equipment linkage strategy |
WO2010127534A1 (en) * | 2009-05-07 | 2010-11-11 | 中兴通讯股份有限公司 | System and method for performing classification on deep packet inspection devices |
WO2010127524A1 (en) * | 2009-05-08 | 2010-11-11 | 中兴通讯股份有限公司 | Management method and system for application awareness network based on deep packet inspection |
CN101882999A (en) * | 2009-05-08 | 2010-11-10 | 中兴通讯股份有限公司 | Management method and system of business identification network based on deep packet inspection equipment |
CN101882999B (en) * | 2009-05-08 | 2014-08-13 | 中兴通讯股份有限公司 | Management method and system of business identification network based on deep packet inspection equipment |
CN101964740A (en) * | 2009-07-24 | 2011-02-02 | 中兴通讯股份有限公司 | Method and device for distributing service traffic |
WO2011022992A1 (en) * | 2009-08-28 | 2011-03-03 | 中兴通讯股份有限公司 | Control element, forwarding element and routing method for internet protocol network |
CN101997826A (en) * | 2009-08-28 | 2011-03-30 | 中兴通讯股份有限公司 | Routing methods of control net element, forwarding net element and internet protocol network |
CN101715182B (en) * | 2009-11-30 | 2012-11-21 | 中国移动通信集团浙江有限公司 | Method, system and device for controlling traffic |
WO2011095078A1 (en) * | 2010-02-04 | 2011-08-11 | 中兴通讯股份有限公司 | System and method for obtaining information by deep packet inspection function |
CN101815015B (en) * | 2010-02-22 | 2012-04-25 | 浪潮通信信息系统有限公司 | Network flow quick security check engine facing content |
CN102006203A (en) * | 2010-12-07 | 2011-04-06 | 苏州阔地网络科技有限公司 | Method for monitoring Flash network flow on webpage |
CN102006203B (en) * | 2010-12-07 | 2011-10-05 | 苏州阔地网络科技有限公司 | Method for monitoring Flash network flow on webpage |
CN102035685B (en) * | 2010-12-20 | 2014-08-13 | 中兴通讯股份有限公司 | Alarm treating method and DPI (Deep Packet Inspection) device |
CN102035685A (en) * | 2010-12-20 | 2011-04-27 | 中兴通讯股份有限公司 | Alarm treating method and DPI (Deep Packet Inspection) device |
WO2012083662A1 (en) * | 2010-12-20 | 2012-06-28 | 中兴通讯股份有限公司 | Method and deep packet inspection device for alarm processing |
US9179391B2 (en) | 2010-12-24 | 2015-11-03 | Huawei Technologies Co., Ltd. | Method for offloading processing service, communication apparatus and network system |
CN102075566A (en) * | 2010-12-24 | 2011-05-25 | 华为技术有限公司 | Business shunting processing method, communication equipment and network system |
CN102387045A (en) * | 2011-09-30 | 2012-03-21 | 北京信息科技大学 | Embedded point to point (P2P) flow monitoring system and method thereof |
CN102394811A (en) * | 2011-10-19 | 2012-03-28 | 浙江中烟工业有限责任公司 | Multi-component synchronization control method |
CN102857486A (en) * | 2012-04-01 | 2013-01-02 | 深信服网络科技(深圳)有限公司 | Next-generation application firewall system and defense method |
CN102857486B (en) * | 2012-04-01 | 2015-10-21 | 深信服网络科技(深圳)有限公司 | Application firewall system of future generation and defence method |
CN104041095A (en) * | 2012-08-22 | 2014-09-10 | 华为技术有限公司 | Deep packet inspection parsing result sharing/acquiring method, system, and corresponding device thereof |
CN104041095B (en) * | 2012-08-22 | 2018-05-11 | 华为技术有限公司 | Deep message detection analysis result shares/acquisition methods, system and its relevant device |
WO2014029098A1 (en) * | 2012-08-23 | 2014-02-27 | 华为技术有限公司 | Packet control method and apparatus |
KR101660352B1 (en) * | 2012-12-28 | 2016-09-27 | 후아웨이 테크놀러지 컴퍼니 리미티드 | Traffic distribution method, device and system |
US9807642B2 (en) | 2012-12-28 | 2017-10-31 | Huawei Technologies Co., Ltd. | Traffic distribution method, device, and system |
KR20150100926A (en) * | 2012-12-28 | 2015-09-02 | 후아웨이 테크놀러지 컴퍼니 리미티드 | Offload method, device and system |
CN104506394B (en) * | 2015-01-08 | 2018-09-11 | 中国联合网络通信集团有限公司 | A kind of mobile Internet flow statistical method and system |
CN104506394A (en) * | 2015-01-08 | 2015-04-08 | 中国联合网络通信集团有限公司 | Method and system for statistics of mobile internet flows |
CN106549815B (en) * | 2015-09-17 | 2020-05-05 | 武汉邮电科学研究院 | Apparatus and method for real-time deep application recognition in a network |
CN106549815A (en) * | 2015-09-17 | 2017-03-29 | 武汉邮电科学研究院 | For the apparatus and method of real-time deep application identification in network |
CN106815112A (en) * | 2015-11-27 | 2017-06-09 | 大唐软件技术股份有限公司 | A kind of mass data monitoring system and method based on deep-packet detection |
CN106572120A (en) * | 2016-11-11 | 2017-04-19 | 中国南方电网有限责任公司 | Access control method and system based on mixed cloud |
CN107547511A (en) * | 2017-07-11 | 2018-01-05 | 新华三信息安全技术有限公司 | A kind of message processing method and device |
CN107547511B (en) * | 2017-07-11 | 2020-10-30 | 新华三信息安全技术有限公司 | Message processing method and device |
CN110198313A (en) * | 2019-05-23 | 2019-09-03 | 新华三信息安全技术有限公司 | A kind of method and device of strategy generating |
CN110198313B (en) * | 2019-05-23 | 2021-12-24 | 新华三信息安全技术有限公司 | Method and device for generating strategy |
CN114826956A (en) * | 2022-03-30 | 2022-07-29 | 杭州迪普科技股份有限公司 | DPI policy library file automatic generation method and device for DPI test equipment |
CN114826956B (en) * | 2022-03-30 | 2023-05-26 | 杭州迪普科技股份有限公司 | Automatic DPI policy library file generation method and device for DPI test equipment |
CN116614449A (en) * | 2023-07-19 | 2023-08-18 | 中国电子科技集团公司第二十九研究所 | Application layer-oriented self-adaptive flow control device and method |
CN116614449B (en) * | 2023-07-19 | 2023-10-31 | 中国电子科技集团公司第二十九研究所 | Application layer-oriented self-adaptive flow control device and method |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN101350781A (en) | Method, equipment and system for monitoring flux | |
EP2629554B1 (en) | Service control method and system, enodeb and packet data network gateway | |
EP2882162B1 (en) | Data stream security processing method and apparatus | |
EP2108224B1 (en) | Multipath virtual router redundancy | |
CN100474819C (en) | A deep message detection method, network device and system | |
CN101399749B (en) | Method, system and device for packet filtering | |
CN108243120B (en) | Service flow transmission method, device and communication system based on flexible Ethernet | |
KR101473783B1 (en) | Method and apparatus for control of dynamic service chaining by using tunneling | |
EP3399703B1 (en) | Method for implementing load balancing, apparatus, and network system | |
WO2016197344A1 (en) | Method, device and system for realizing service link | |
US8102879B2 (en) | Application layer metrics monitoring | |
EP3507951B1 (en) | Bandwidth management in a non-blocking network fabric | |
WO2009146621A1 (en) | Data processing method, broadband network gateway, policy controller and access device | |
JP2008523735A (en) | Electronic message distribution system having network device | |
US11146477B2 (en) | Discovery and admission control of forwarding boxes in a software-defined network | |
CN107147585B (en) | Flow control method and device | |
EP2562974A1 (en) | Message multiple-transfer method, device and system | |
CN104734867B (en) | Network service node fault handling method, apparatus and system | |
Salkintzis et al. | Multipath QUIC for Access Traffic Steering Switching and Splitting in 5G Advanced | |
JP4499042B2 (en) | Switch device | |
CN105812274B (en) | Service data processing method and related equipment | |
Cisco | Overview of Layer 3 Switching and Software Features | |
Cisco | Overview of Layer 3 Switching and Software Features | |
CN114448653A (en) | Policy execution method, related device and storage medium | |
WO2010070578A1 (en) | Detection of particular traffic in communication networks |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C12 | Rejection of a patent application after its publication | ||
RJ01 | Rejection of invention patent application after publication |
Open date: 20090121 |