Abstract: A system monitors first traffic and identifies associations between applications that generated or received the traffic and parameters such as domain names, a remote host, and a local host referenced in the traffic. Subsequent traffic is monitored and determined to be generated by or addressed to an application according to such parameters in the subsequent traffic, such as remote host, local host, domain name, or port number. The subsequent traffic is associated with an application without requiring deep packet inspection (DPI). In particular, an application may be associated with a session based on evaluation of a single packet of the session.

Abstract: A system, method and computer program product are provided. In use, a plurality of flows associated with packets destined for an output port is identified. A utilization associated with the output port is further measured. Thus, rates of a plurality of the flows destined for the output port may be individually controlled at an input port thereof, based on the utilization to ensure that the utilization remains less than 99.9% and avoid buffering more than 400 packets with a correspondingly low delay.

Abstract: A system, method and computer program product are provided for controlling the rate of a network flow. In use, a rate of a network flow is monitored. In addition, it is determined whether the rate exceeds a threshold. Further, at least a portion of the network flow is conditionally discarded or marked, based on the determination.