Abstract: A method for providing user access to a network switch appliance, includes: receiving from a user a request to access configuration item for the network switch appliance, the network switch appliance configured to pass packets received from a network to network monitoring instruments; and determining, using a processing unit, whether to allow the user to access the configuration item for the network switch appliance based on information regarding the user.

Abstract: A method performed by a network device that taps to a network having a routing device, includes: receiving a first packet tapped from the network; determining a first information regarding an input interface of the routing device based on a destination address of the first packet; receiving a second packet tapped from the network; determining a second information regarding an output interface of the routing device based on a source address of the second packet; determining a first CRC for the first packet; determining a second CRC for the second packet; and comparing the first CRC with the second CRC at the network device to determine whether the first packet and the second packet are the same.

Abstract: A method performed by a network device that taps to a network having a routing device, includes: determining a first information regarding an input interface of the routing device for a packet; determining a second information regarding an output interface of the routing device for the packet; determining whether the packet belongs to a user-defined category based on one or more mapping formation defined at the network device; and storing the packet, the first information regarding the input interface of the routing device, the second information regarding the output interface of the routing device, and information regarding the user-defined category in a non-transitory medium in association with each other.

Abstract: A switch appliance includes: a first network port for communication with a first node, the first network port configured to receive a packet; a second network port for communication with a second node; a first instrument port for communication with a first inline tool; a buffer; and a processing unit coupled to the first network port, the second network port, the first instrument port, and the buffer; wherein the processing unit is configured to determine whether a packet processing state has been set as an inline-tool processing state or a bypass state; wherein the processing unit is configured to pass the packet to the second network port for transmission to the second node, and also to store a copy of the packet in the buffer, if the packet processing state has not been set as the inline-tool processing state nor the bypass state.

Abstract: An inline-bypass switch system includes: a first inline-bypass switch appliance having a first bypass component, a first switch coupled to the first bypass component, and a first controller; and a second inline-bypass switch appliance having a second bypass component, a second switch coupled to the second bypass component, and a second controller; wherein the first controller in the first inline-bypass switch appliance is configured to provide a state signal that is associated with a state of the first inline-bypass switch appliance; and wherein the second controller in the second inline-bypass switch appliance is configured to control the second bypass component based at least in part on the state signal.

Abstract: An inline-bypass switch system includes: a first inline-bypass switch appliance having a first bypass component, a second bypass component, a first switch coupled to the first bypass component and the second bypass component, and a first controller; and a second inline-bypass switch appliance having a third bypass component, a fourth bypass component, a second switch coupled to the third bypass component and the fourth bypass component, and a second controller; wherein the first controller in the first inline-bypass switch appliance is configured to provide one or more state signals that is associated with a state of the first inline-bypass switch appliance; and wherein the second controller in the second inline-bypass switch appliance is configured to control the second bypass component based at least in part on the one or more state signals.

Abstract: A method performed by a network device includes: receiving a first packet by the network device, wherein the first packet is tapped from a network; identifying a session to which the first packet belongs when the first packet has one or more values that at least partially match one or more terms, wherein the act of identifying the session is performed by the network device; receiving a second packet by the network device; determining whether the second packet belongs to the session; and performing a packet processing action by the network device based on the identified session; wherein the session is identified based on a first criterion, and the act of determining whether the second packet belongs to the session is performed based on a second criterion that is different from the first criterion.

Abstract: An apparatus for a network includes: a processing unit having a filter generation module configured for: receiving an indication that a packet matches a user-defined filter; and creating one or more derivative filters based at least in part on the received indication, wherein a first derivative filter of the one or more derivative filters provides a finer grade of filtration compared to the user-defined filter; and a non-transitory medium configured for storing the one or more derivative filters.

Abstract: A method of implementing map sharing for a network switch appliance, the network switch appliance having a plurality of network ports and a plurality of instrument ports, the method includes: receiving a first input for creating a map for the network switch appliance, wherein the map comprises one or more packet processing rules, and wherein the act of receiving the first input is performed by a processing unit; receiving a second input for prescribing a map sharing privilege for the map; and storing the map and the map sharing privilege in association with the map in a non-transitory medium.

Abstract: A network switch apparatus, includes: a network port configured to receive a packet; instrument ports configured to communicate with respective network monitoring instruments; a packet duplication module configured to copy the packet to provide multiple packets that are identical to each other; a tagging module configured to tag the multiple packets with different respective identifiers to obtain tagged packets; and a processing unit coupled to the instrument ports; wherein the processing unit is configured to determine whether a first one of the tagged packets satisfies a first criterion, whether a second one of the tagged packets satisfies a second criterion, process the first one of the tagged packets in a first manner if the first one of the tagged packets satisfies the first criterion, and process the second one of the tagged packets in a second manner if the second one of the tagged packets satisfies the second criterion.

Abstract: A fabric manager includes: a processing unit having a service chain creation module configured to create a service chain by connecting some of a plurality of nodes via virtual links; wherein the some of the plurality of nodes represent respective network components of an auxiliary network configured to obtain packets from a traffic production network; and wherein the service chain is configured to control an order of the network components represented by the some of the plurality of nodes packets are to traverse.

Abstract: A method of identifying targets for monitoring includes: obtaining a user-defined filter map, the user-defined filter map having one or more filter rules for matching against network traffic when the user-defined filter map is used by a network system to process the network traffic. and determining a set of one or more targets by a processing unit based at least in part on the user-defined filter map, wherein the processing unit comprises a target selection module configured to access a list of available targets from a database, and select the one or more targets from the list of available targets based at least in part on the user-defined filter map.

Abstract: The present invention relates to a packet switch and a packet switching method. An example embodiment of the present invention comprises at least three network ports, at least one instrument port, a mux-switch, a packet switch fabric, and an address table. The embodiment updates the address table to include the source address of each ingress packet of each network port and associate the source address with that network port. The mux-switch routes the ingress packet traffic of each network port according to the identity of the network port so that at least a copy of the packet traffic of one of the network ports is routed to an instrument port. The packet switch fabric routes the packets from the instrument ports to the network ports according the destination address of the packet and the identity of the network port that is associated with the destination address as recorded in the address table.

Abstract: A method performed by a network device includes: receiving an input indicating a change in an auxiliary network from a first configuration to a second configuration, wherein the auxiliary network is configured to obtain copies of packets from a traffic production network; determining a first network policy, wherein the first network policy is for application in the auxiliary network when the auxiliary network is in the first configuration; and determining a second network policy by the network device based on the received input and the first network policy, wherein the second network policy is for application in the auxiliary network when the auxiliary network is in the second configuration.

Abstract: A transceiver includes a housing, an optical interface for detachably coupling to an optical transmission device, an optical-electrical conversion unit coupled to the optical interface, the optical-electrical conversion unit located in the housing, a programmable logic device communicatively coupled to the optical-electrical conversion unit, and an electrical interface communicatively coupled to the programmable logic device, wherein the electrical interface is configured for detachably coupling to an electrical transmission device. In some embodiments, the programmable logic device may be configured to perform packet filtering, packet slicing, time stamping, packet analysis, port labeling, packet masking, packet modification, packet stripping, packet de-duplication, or a combination thereof.

Abstract: A method and apparatus for performing packet time measurements. In one embodiment, the method comprises transmitting a packet in the network from a sender to a receiver through a plurality of devices; creating a plurality of packets by copying the packet at each of the plurality of devices as the packet is being transmitted through the plurality of devices, including adding a time stamp to each packet in the plurality of packets, wherein time stamps of plurality of packets are generated with data from time stamp engines synchronized to a global clock; sending the plurality of packets with their time stamps to a tool; and performing analysis on the plurality of packets using the tool.

Abstract: A method performed by a network device that taps to a network having a routing device, includes: receiving a first packet tapped from the network; determining a first information regarding an input interface of the routing device based on a destination address of the first packet; receiving a second packet tapped from the network; determining a second information regarding an output interface of the routing device based on a source address of the second packet; determining a first CRC for the first packet; determining a second CRC for the second packet; and comparing the first CRC with the second CRC at the network device to determine whether the first packet and the second packet are the same.

Abstract: A method performed by a network device that taps to a network having a routing device, includes: determining a first information regarding an input interface of the routing device for a packet; determining a second information regarding an output interface of the routing device for the packet; determining whether the packet belongs to a user-defined category based on one or more mapping formation defined at the network device; and storing the packet, the first information regarding the input interface of the routing device, the second information regarding the output interface of the routing device, and information regarding the user-defined category in a non-transitory medium in association with each other.

Abstract: A network device includes: one or more ports for tapping to a network; and a processing unit configured for receiving a first packet tapped from the network, wherein the first packet is received at a first network port of the network device; determining a first identity of a first network equipment associated with the first packet based on a discovery protocol; and associating the first identity of the first network equipment with a first identity of the first network port of the network device at which the first packet is received; and a non-transitory medium for storing the first identity of the first network equipment and the first identity of the first network port in association with each other.

Abstract: A method of packet processing, includes: providing a plurality of network appliances that form a cluster, wherein two or more of the plurality of network appliances in the cluster are located at different geographical locations, are communicatively coupled via a private network or an Internet, and are configured to collectively perform out-of-band packet processing; receiving a packet by one of the network appliances in the cluster; processing the packet using two or more of the plurality of the appliances in the cluster; and passing the packet to one or more network monitoring tools after the packet is processed.