P. 1
Deep Packet Inspection (DPI): High-impact Strategies - What You Need to Know: Definitions, Adoptions, Impact, Benefits, Maturity, Vendors

Deep Packet Inspection (DPI): High-impact Strategies - What You Need to Know: Definitions, Adoptions, Impact, Benefits, Maturity, Vendors

|Views: 1,224|Likes:
Published by Emereo Publishing
The Knowledge Solution. Stop Searching, Stand Out and Pay Off. The #1 ALL ENCOMPASSING Guide to Deep Packet Inspection (DPI).

An Important Message for ANYONE who wants to learn about Deep Packet Inspection (DPI) Quickly and Easily...

"Here's Your Chance To Skip The Struggle and Master Deep Packet Inspection (DPI), With the Least Amount of Effort, In 2 Days Or Less..."

Deep Packet Inspection (DPI) (also called complete packet inspection and Information eXtraction - IX -) is a form of computer network packet filtering that examines the data part (and possibly also the header) of a packet as it passes an inspection point, searching for protocol non-compliance, viruses, spam, intrusions or predefined criteria to decide if the packet can pass or if it needs to be routed to a different destination, or for the purpose of collecting statistical information. There are multiple headers for IP packets, network equipment only needs to use the first of these (the IP header) for normal operation, but use of the second header (TCP, UDP etc.) is normally considered to be shallow packet inspection (usually called Stateful Packet Inspection) despite this definition.

Deep Packet Inspection (and filtering) enables advanced network management, user service, and security functions as well as internet data mining, eavesdropping, and censorship. Although DPI technology has been used for Internet management for many years, some advocates of net neutrality fear that the technology can be used anticompetitively or to reduce the openness of the Internet.
DPI is currently being used by the enterprise, service providers and governments in a wide range of applications.

Get the edge, learn EVERYTHING you need to know about Deep Packet Inspection (DPI), and ace any discussion, proposal and implementation with the ultimate book – guaranteed to give you the education that you need, faster than you ever dreamed possible!

The information in this book can show you how to be an expert in the field of Deep Packet Inspection (DPI).

Are you looking to learn more about Deep Packet Inspection (DPI)? You're about to discover the most spectacular gold mine of Deep Packet Inspection (DPI) materials ever created, this book is a unique collection to help you become a master of Deep Packet Inspection (DPI).

This book is your ultimate resource for Deep Packet Inspection (DPI). Here you will find the most up-to-date information, analysis, background and everything you need to know.

In easy to read chapters, with extensive references and links to get you to know all there is to know about Deep Packet Inspection (DPI) right away. A quick look inside: Deep packet inspection, Allot Communications, Barracuda Networks, Check Point, Cisco Systems, Front Porch, Labris Teknoloji, Narus (company), NebuAd, Network intelligence, Radware, Sandvine, SonicWALL, Stonesoft Corporation, Theta Networks, Viaedge, Network packet, Active queue management, Paul Baran, Berkeley Packet Filter, Black hole (networking), Blue (queue management algorithm), Broadcasting (computing), Business Control Layer, Catenet, Chernobyl packet, Christmas tree packet, Cisco Express Forwarding, Context-based access control, Cut-through switching, Data Path Acceleration Architecture (DPAA), Data-dependent jitter, Datagram, Datakit, Donald Davies, Deterministic jitter, Dynamic Packet Transport, Fast packet switching, Firewall (computing), Frame (networking), Frame check sequence, G.8261, Gigapackets, GSM 03.48, IPv6 packet, Jitter, Jumbo frame, Jumbogram, Lag, Link state packet, Packet loss, Mangled packet, Martian packet...and Much, Much More!

This book explains in-depth the real drivers and workings of Deep Packet Inspection (DPI). It reduces the risk of your technology, time and resources investment decisions by enabling you to compare your understanding of Deep Packet Inspection (DPI) with the objectivity of experienced professionals - Grab your copy now, while you still can.
The Knowledge Solution. Stop Searching, Stand Out and Pay Off. The #1 ALL ENCOMPASSING Guide to Deep Packet Inspection (DPI).

An Important Message for ANYONE who wants to learn about Deep Packet Inspection (DPI) Quickly and Easily...

"Here's Your Chance To Skip The Struggle and Master Deep Packet Inspection (DPI), With the Least Amount of Effort, In 2 Days Or Less..."

Deep Packet Inspection (DPI) (also called complete packet inspection and Information eXtraction - IX -) is a form of computer network packet filtering that examines the data part (and possibly also the header) of a packet as it passes an inspection point, searching for protocol non-compliance, viruses, spam, intrusions or predefined criteria to decide if the packet can pass or if it needs to be routed to a different destination, or for the purpose of collecting statistical information. There are multiple headers for IP packets, network equipment only needs to use the first of these (the IP header) for normal operation, but use of the second header (TCP, UDP etc.) is normally considered to be shallow packet inspection (usually called Stateful Packet Inspection) despite this definition.

Deep Packet Inspection (and filtering) enables advanced network management, user service, and security functions as well as internet data mining, eavesdropping, and censorship. Although DPI technology has been used for Internet management for many years, some advocates of net neutrality fear that the technology can be used anticompetitively or to reduce the openness of the Internet.
DPI is currently being used by the enterprise, service providers and governments in a wide range of applications.

Get the edge, learn EVERYTHING you need to know about Deep Packet Inspection (DPI), and ace any discussion, proposal and implementation with the ultimate book – guaranteed to give you the education that you need, faster than you ever dreamed possible!

The information in this book can show you how to be an expert in the field of Deep Packet Inspection (DPI).

Are you looking to learn more about Deep Packet Inspection (DPI)? You're about to discover the most spectacular gold mine of Deep Packet Inspection (DPI) materials ever created, this book is a unique collection to help you become a master of Deep Packet Inspection (DPI).

This book is your ultimate resource for Deep Packet Inspection (DPI). Here you will find the most up-to-date information, analysis, background and everything you need to know.

In easy to read chapters, with extensive references and links to get you to know all there is to know about Deep Packet Inspection (DPI) right away. A quick look inside: Deep packet inspection, Allot Communications, Barracuda Networks, Check Point, Cisco Systems, Front Porch, Labris Teknoloji, Narus (company), NebuAd, Network intelligence, Radware, Sandvine, SonicWALL, Stonesoft Corporation, Theta Networks, Viaedge, Network packet, Active queue management, Paul Baran, Berkeley Packet Filter, Black hole (networking), Blue (queue management algorithm), Broadcasting (computing), Business Control Layer, Catenet, Chernobyl packet, Christmas tree packet, Cisco Express Forwarding, Context-based access control, Cut-through switching, Data Path Acceleration Architecture (DPAA), Data-dependent jitter, Datagram, Datakit, Donald Davies, Deterministic jitter, Dynamic Packet Transport, Fast packet switching, Firewall (computing), Frame (networking), Frame check sequence, G.8261, Gigapackets, GSM 03.48, IPv6 packet, Jitter, Jumbo frame, Jumbogram, Lag, Link state packet, Packet loss, Mangled packet, Martian packet...and Much, Much More!

This book explains in-depth the real drivers and workings of Deep Packet Inspection (DPI). It reduces the risk of your technology, time and resources investment decisions by enabling you to compare your understanding of Deep Packet Inspection (DPI) with the objectivity of experienced professionals - Grab your copy now, while you still can.

More info:

Published by: Emereo Publishing on Sep 15, 2011
Copyright:Traditional Copyright: All rights reserved
List Price: $39.95

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
This book can be read on up to 6 mobile devices.
Full version available to members
See more
See less

10/31/2014

Sections

  • Deep packet inspection
  • Allot Communications
  • Barracuda Networks
  • Check Point
  • Cisco Systems
  • Front Porch
  • Labris Teknoloji
  • Narus (company)
  • NebuAd
  • Network intelligence
  • Radware
  • Sandvine
  • SonicWALL
  • Stonesoft Corporation
  • Theta Networks
  • Viaedge
  • Network packet
  • Active queue management
  • Paul Baran
  • Berkeley Packet Filter
  • Black hole (networking)
  • Blue (queue management algorithm)
  • Broadcasting (computing)
  • Business Control Layer
  • Catenet
  • Chernobyl packet
  • Christmas tree packet
  • Cisco Express Forwarding
  • Context-based access control
  • Cut-through switching
  • Data Path Acceleration Architecture (DPAA)
  • Data-dependent jitter
  • Datagram
  • Datakit
  • Donald Davies
  • Deterministic jitter
  • Dynamic Packet Transport
  • Fast packet switching
  • Firewall (computing)
  • Frame (networking)
  • Frame check sequence
  • G.8261
  • Gigapackets
  • GSM 03.48
  • IPv6 packet
  • Jitter
  • Jumbo frame
  • Jumbogram
  • Link state packet
  • Packet loss
  • Mangled packet
  • Martian packet
  • Maximum segment size
  • Maximum transmission unit
  • Network congestion
  • NIST RBAC model
  • OmniPeek
  • Out-of-order delivery
  • Packet aggregation
  • Packet analyzer
  • Packet Assembler/Disassembler
  • Packet capture
  • Packet concatenation
  • Packet drop attack
  • Packet generator
  • Packet injection
  • Packet segmentation
  • Packet Switch Stream
  • Packet switching
  • Packet telephony
  • Packet transfer delay
  • Packet-switched network
  • Packet-switching node
  • PARC Universal Packet
  • Ping (video gaming)
  • Protocol data unit
  • Public switched data network
  • Robust random early detection
  • Raw socket
  • SQLFilter
  • Start Frame Delimiter
  • Statistical time division multiplexing
  • Syncword
  • TCP reset attack
  • Virtual packet
  • Article Sources and Contributors
  • Image Sources, Licenses and Contributors
  • License

Deep Packet Inspection (DPI

)
IN-DEPTH: THE REAL DRIVERS AND
WORKINGS

Kevin Roebuck

REDUCES THE RISK OF YOUR TECHNOLOGY, TIME AND RESOURCES
INVESTMENT DECISIONS

ENABLING YOU TO COMPARE YOUR
UNDERSTANDING WITH THE OBJECTIVITY OF EXPERIENCED PROFESSIONALS

High-impact Strategies - What You Need to Know: Definitions, Adoptions, Impact, Benefits, Maturity, Vendors

Topic relevant selected content from the highest rated entries, typeset, printed and shipped. Combine the advantages of up-to-date and in-depth knowledge with the convenience of printed books. A portion of the proceeds of each book will be donated to the Wikimedia Foundation to support their mission: to empower and engage people around the world to collect and develop educational content under a free license or in the public domain, and to disseminate it effectively and globally. The content within this book was generated collaboratively by volunteers. Please be advised that nothing found here has necessarily been reviewed by people with the expertise required to provide you with complete, accurate or reliable information. Some information in this book maybe misleading or simply wrong. The publisher does not guarantee the validity of the information found here. If you need specific advice (for example, medical, legal, financial, or risk management) please seek a professional who is licensed or knowledgeable in that area. Sources, licenses and contributors of the articles and images are listed in the section entitled “References”. Parts of the books may be licensed under the GNU Free Documentation License. A copy of this license is included in the section entitled “GNU Free Documentation License” All used third-party trademarks belong to their respective owners.

Contents
Articles
Deep packet inspection Allot Communications Barracuda Networks Check Point Cisco Systems Front Porch Labris Teknoloji Narus (company) NebuAd Network intelligence Radware Sandvine SonicWALL Stonesoft Corporation Theta Networks Viaedge Network packet Active queue management Paul Baran Berkeley Packet Filter Black hole (networking) Blue (queue management algorithm) Broadcasting (computing) Business Control Layer Catenet Chernobyl packet Christmas tree packet Cisco Express Forwarding Context-based access control Cut-through switching Data Path Acceleration Architecture (DPAA) Data-dependent jitter Datagram Datakit 1 8 10 14 19 28 29 30 33 40 43 46 49 51 54 55 57 62 64 68 69 70 72 73 75 75 76 77 78 79 80 80 81 81

Donald Davies Deterministic jitter Dynamic Packet Transport Fast packet switching Firewall (computing) Frame (networking) Frame check sequence G.8261 Gigapackets GSM 03.48 IPv6 packet Jitter Jumbo frame Jumbogram Lag Link state packet Packet loss Mangled packet Martian packet Maximum segment size Maximum transmission unit Network congestion NIST RBAC model OmniPeek Out-of-order delivery Packet aggregation Packet analyzer Packet Assembler/Disassembler Packet capture Packet concatenation Packet drop attack Packet generator Packet injection Packet segmentation Packet Switch Stream Packet switching Packet telephony Packet transfer delay

83 85 85 86 87 92 93 94 94 95 96 102 108 110 111 113 114 116 116 117 117 122 129 130 132 133 133 135 137 140 140 141 143 144 144 147 151 152

Packet-switched network Packet-switching node PARC Universal Packet Ping (video gaming) Protocol data unit Public switched data network Robust random early detection Raw socket SQLFilter Start Frame Delimiter Statistical time division multiplexing Syncword TCP reset attack Virtual packet

152 159 159 161 162 164 164 166 167 167 168 169 170 172

References
Article Sources and Contributors Image Sources, Licenses and Contributors 173 178

Article Licenses
License 179

Deep packet inspection

1

Deep packet inspection
Deep Packet Inspection (DPI) (also called complete packet inspection and Information eXtraction - IX -) is a form of computer network packet filtering that examines the data part (and possibly also the header) of a packet as it passes an inspection point, searching for protocol non-compliance, viruses, spam, intrusions or predefined criteria to decide if the packet can pass or if it needs to be routed to a different destination, or for the purpose of collecting statistical information. There are multiple headers for IP packets, network equipment only needs to use the first of these (the IP header) for normal operation, but use of the second header (TCP, UDP etc.) is normally considered to be shallow packet inspection (usually called Stateful Packet Inspection) despite this definition.[1] Deep Packet Inspection (and filtering) enables advanced network management, user service, and security functions as well as internet data mining, eavesdropping, and censorship. Although DPI technology has been used for Internet management for many years, some advocates of net neutrality fear that the technology can be used anticompetitively or to reduce the openness of the Internet.[2] DPI is currently being used by the enterprise, service providers and governments in a wide range of applications.[3]

Background
DPI combines the functionality of an Intrusion Detection System (IDS) and an Intrusion Prevention System (IPS) with a traditional stateful firewall.[4] This combination makes it possible to detect certain attacks that neither the IDS/IPS nor the stateful firewall can catch on their own. Stateful firewalls, while able to see the beginning and end of a packet flow, cannot on their own catch events that would be out of bounds for a particular application. While IDSs are able to detect intrusions, they have very little capability in blocking such an attack. DPIs are used to prevent attacks from viruses and worms at wire speeds. More specifically, DPI can be effective against buffer overflow attacks, Denial of Service (DoS) attacks, sophisticated intrusions, and a small percentage of worms that fit within a single packet. DPI-enabled devices have the ability to look at Layer 2 and beyond Layer 3 of the OSI model, in cases DPI can be evoked to look through Layer 2-7 of the OSI model. This includes headers and data protocol structures as well as the actual payload of the message. DPI functionality is evoked when a device looks or takes other action based on information beyond Layer 3 of the OSI model. DPI can identify and classify traffic based on a signature database that includes information extracted from the data part of a packet, allowing finer control than classification based only on header information. End points can utilize encryption and obfuscation techniques to evade DPI actions in many cases. A classified packet can be redirected, marked/tagged (see quality of service), blocked, rate limited, and of course reported to a reporting agent in the network. In this way, HTTP errors of different classifications may be identified and forwarded for analysis. Many DPI devices can identify packet flows (rather than packet-by-packet analysis), allowing control actions based on accumulated flow information.

DPI at the enterprise
Until recently, security at the enterprise was just a perimeter discipline, with a dominant philosophy of keeping unauthorized users out, and shielding authorized users from the outside world. The most frequently used tool for accomplishing this has been a stateful firewall. It can permit fine-grained control of access from the outside world to pre-defined destinations on the internal network, as well as permitting access back to other hosts only if a request to the outside world has been made previously.[5] However, vulnerabilities exist at network layers that are not visible to a stateful firewall. Also, an increase in the use of laptops in the enterprise makes it more difficult to prevent threats such as viruses, worms and spyware from penetrating the corporate network, as many users will connect the laptop to less-secure networks such as home

they are able to monitor web-browsing habits in a very detailed way allowing them to gain information about their customers' interests.Deep packet inspection broadband connections or wireless networks in public locations. or even heuristics that identify a certain application or behavior. When an e-mail user tries to send a protected file he may be given information on how to get the proper clearance to send the file. quality of service. In some countries the ISPs are required to perform filtering depending on the country's laws. Lawful interception Service providers are required by almost all governments worldwide to enable lawful intercept capabilities. This is not possible in contemporary digital networks. Technology providers include NebuAd. US ISPs monitoring their customers include Knology.[6] 2 DPI at network/Internet service providers In addition to using DPI to secure their internal networks. Common uses of DPI by ISPs are lawful intercept. policy definition and enforcement. including the application and user layer to help combat those threats. Internet service providers also apply this technology on the public networks provided to customers. The acquisition component of this functionality can be provided in many ways. this was met by creating a traffic access point (TAP) using an intercepting proxy server that connects to the government's surveillance equipment. Due to the frequently large size of media files being transferred.[8] Policies can be defined that allow or disallow connection to or from an IP address. may make use of DPI to implement certain policies that cover copyright infringements.to access a user's datastream. Decades ago in a legacy telephone environment. illegal materials.000 US customers are tracked this way. certain protocols. the UK ISP British Telecom has admitted testing technology from Phorm without their customers' knowledge or consent.[9] and Wide Open West. which can be used by companies specializing in targeted advertising. to sharing of music.when directed by a court order . P2P traffic is typically used by applications that do file sharing. offering tiered services. Front Porch and Phorm. video and software downloads". and probably also Embarq. including DPI. and unfair use of bandwidth. Targeted advertising Because ISPs route all of their customers' traffic. P2P drives increasing traffic loads. DPI can be used by the enterprise for Data Leak Prevention (DLP). DPI allows service providers to "readily know the packets of information you are receiving online—from e-mail. In addition. and as many of 10% of US customers have been tracked in this way. to websites. requiring additional network capacity. music and videos. and at the same time enforce an acceptable use policy.[10] Quality of service Applications such as peer-to-peer (P2P) traffic present increasing problems for broadband service providers. This can be documents. Firewalls also do not distinguish between permitted and forbidden uses of legitimately-accessed applications. DPI enables IT administrators and security officials to set policies and enforce them at all layers. DPI enabled products that are "LI or CALEA-compliant" can be used . . Deep Packet Inspection is able to detect a few kinds of buffer overflow attacks. At least 100.[7] Policy definition and enforcement Service providers obligated by the service level agreement with their customers to provide a certain level of service. and copyright enforcement. Service providers say a minority of users generate large quantities of P2P traffic and degrade performance for the majority of broadband subscribers using applications such as email or Web browsing which use less bandwidth. targeted advertising.[11] Poor network performance increases customer dissatisfaction and leads to a decline in service revenues.

on the other hand has taken the position with the Federal Communications Commission (FCC) that network neutrality could hurt anti-piracy technology such as Deep Packet Inspection and other forms of filtering. it might be of interest whether users with a 2 Mbit connection use the network in a dissimilar manner to users with a 5 Mbit connection. to differentiate "walled garden" services from "value added". or "all-you-can-eat" rather than a "one-size-fits-all" package. Tele2.S.[14] Instead of prosecuting file sharers one at a time. In 2006. rules requiring Internet Access Providers meet these requirements. Other Vendors claim that DPI is ineffective against P2P and that other methods of Bandwidth Management are more effective.[18] United States FCC adopts Internet CALEA requirements.Deep packet inspection DPI allows the operators to oversell their available bandwidth while ensuring equitable bandwidth distribution to all users by preventing network congestion. The Motion Picture Association of America (MPAA) which enforces movie copyrights. one of Denmark's largest ISPs. Additionally. “all-you-can-eat" and "one-size-fits-all” data services. Sony BMG. the operator can tailor his offering to the individual subscriber and increase their Average Revenue Per User (ARPU). Europe and Asia use DPI for various purposes such as surveillance and censorship. DPI was one of the platforms essential to meeting this requirement and has been deployed for this purpose throughout the U. and the DPI system in turn enforces that policy.[15] the International Federation of the Phonographic Industry (IFPI) and the big four record labels EMI.[16] The IFPI wants ISPs to filter traffic to remove illicitly uploaded and downloaded copyrighted material from their network. Deep Packet Inspection by governments In addition to using DPI for the security of their own networks. a higher priority can be allocated to a VoIP or video conferencing call which requires low latency versus web browsing which does not. A policy is created per user or user group.[13] By being able to charge for a "walled garden". 3 Tiered services Mobile and broadband service providers use DPI as a means to implement tiered service plans. many of these programs are classified. In 2006. For instance. pursuant to its mandate from the US Congress. and in line with the policies of most countries worldwide. was given a court injunction and told it must block its customers from accessing The Pirate Bay. Copyright enforcement ISPs are sometimes requested by copyright owners or required by courts or official policy to help enforce copyrights. .[17] Statistics DPI allows ISPs to gather statistical information about usage patterns by user group. per application. Subpart Z. allowing the user access to different services and applications. the FCC adopted new Title 47. Access to trend data also help network planning. has required that all telecommunication providers. despite European directive 2000/31/EC clearly stating that ISPs may not be put under a general obligation to monitor the information they transmit and directive 2002/58/EC granting European citizens a right to privacy of communications. be capable of supporting the execution of a court order to provide real-time communication forensics of specified users. including Internet services. a launching point for BitTorrent. governments in North America. per service. Universal Music and Warner Music have begun suing ISPs like Eircom for not doing enough about protecting their copyrights. The FCC.[12] This is the approach that service providers use to dynamically allocate bandwidth according to traffic that is passing through their networks.

what it called 'intelligence solutions. drug trafficking and other criminal activities carried out online.' The joint venture exited the business that included the monitoring equipment. Certain traffic was selected and sent over a dedicated line to a "central location" for analysis. He said the company determined it was no longer part of its core business.[22] The Defense Information Systems Agency has developed a sensor platform that uses Deep Packet Inspection. and messages containing sensitive material."[20] Narus's Semantic Traffic Analyzer software which runs on IBM or Dell Linux servers. Voice traffic in Skype is unaffected. According to the Journal." and thus. by selling it to Perusa [27] Partners Fund 1 LP. China also blocks VoIP traffic in and out of their country.. According to Marcus’s affidavit. in 2008 from Nokia Siemens Networks (NSN).. Narus states that such devices are capable of real-time data collection (recording data for consideration) and capture at 10 gigabits per second. NSN "provided equipment to Iran last year under the internationally recognized concept of 'lawful intercept.[19] Traffic associated with AT&T’s Common Backbone was "split" between two fibers. the diverted traffic "represented all. quoting NSN spokesperson Ben Roome. the German conglomerate.' said Mr. Bush and Attorney General Alberto R.. he said. "the designers of the .com.. and political dissent. or a variety of anti-Communist movements[25] as those materials were signed as DPI sensitive keywords already. and various photography and blogging sites. although text messages are subject to DPI. using DPI technology. the system "enables authorities to not only block communication but to monitor it to gather information about individuals. According to unnamed experts cited in the article. reportedly for deep packet inspection. according to a report in the Wall Street Journal in June." The system was purchased by the Telecommunication Infrastructure Co. That relates to intercepting data for the purposes of combating terrorism. or substantially all. with cooperation from AT&T has used Deep Packet Inspection technology to make internet traffic surveillance. a capability that most if not all telecom companies have." . the Tiananmen Square protests and massacre of 1989. The monitoring center that Nokia Siemens Networks sold to Iran was described in a company brochure as allowing 'the monitoring and interception of all types of voice and data communication on all networks. as well as alter it for disinformation purposes. to exclude data sources comprised primarily of domestic data.[26] Iran The Iranian government purchased a system. and Nokia Corp.. The secure room contained Narus traffic analyzers and logic servers. such as curse-words. with no notification provided to either participant in the conversation. If so. sorting and forwarding more intelligent. part of the Iranian government's telecom monopoly. the other carried communications on to AT&T’s switching equipment. in the case of VoIP. People within China often find themselves blocked while accessing Web sites containing content related to Taiwanese and Tibetan independence. dividing the signal so that 50 percent of the signal strength went to each output fiber.[24] Chinese network ISPs use DPI to see if there's any sensitive keyword going through their network. a joint venture Siemens AG. phone number. Roome.[23] 4 China The Chinese government uses Deep Packet Inspection to monitor and censor network traffic and content that it claims harmful to Chinese citizens or state interests.Deep packet inspection The National Security Agency (NSA). This material includes pornography. political parties that oppose that of the ruling Communist party. Gonzales have asserted that they believe the president has the authority to order secret intercepts of telephone and e-mail exchanges between people inside the United States and their contacts abroad without obtaining a FISA warrant. in terms of location or position of the fiber split. information on religion. Falun Gong.. China also blocks visual media sites like YouTube. sorts through IP traffic at 10Gbit/s to pick out specific messages based on a targeted e-mail address. 2009. the connection will be cut. a Munich-based investment firm.' at the end of March.. child pornography. the Finnish cellphone company.[21] President George W. Mr. Roome said. One of the output fibers was diverted to a secure room. the Dalai Lama. of AT&T’s peering traffic in the San Francisco Bay area. are simply not delivered. The DPI is used to find which packets are carrying e-mail or a Voice over Internet Protocol (VoIP) phone call. configuration made no attempt. IP address or.

Retrieved 2006-02-06. specifically saying that Mr.[31] 5 DPI and net neutrality People and organizations concerned about privacy or network neutrality find inspection of the content layers of the Internet protocol to be offensive. html). CALEA" (http:/ / arstechnica. "Firewall Evolution . html). [12] Matt Hamblen (2007-09-17). .Deep Packet Inspection" (http:/ / www. com/ action/ article." and reviewed censorship of the Internet and other media in the country. Retrieved 2006-02-06. "Every Click You Make: Internet Providers Quietly Test Expanded Tracking of Web Use to Target Advertising" (http:/ / www. . Retrieved 2010-01-08. com/ wp-dyn/ content/ article/ 2008/ 04/ 03/ AR2008040304052. [11] "Deep Packet Inspection: Taming the P2P Traffic Beast" (http:/ / www. fu-berlin. in: "Essays on Deep Packet Inspection". com/ landing/ op1. Chris Lewis (2009). International Studies Association. ars technica. SearchNetworking. gc. D. com/ ticker/ article. [3] Ralf Bendrath (2009-03-16).C.[7] saying for example. PACE includes obfuscated/encrypted protocols like Skype or encrypted BitTorrent.sid7_gci1335767. priv. moneycentral. itbusinessedge. de/ ~bendrath/ Paper_Ralf-Bendrath_DPI_v1-5. "Just Deliver the Packets. The Washington Post. html). Retrieved 2010-01-08. Paper presented at the International Studies Annual Convention. com/ articles/ culture/ Deep-packet-inspection-meets-net-neutrality. [13] "Allot Deploys DPI Solution at Two Tier 1 Mobile Operators to Deliver Value. . . techtarget.00. Thomas Porter (2005-01-11)."[30] A concurrent article in The New York Times said the NSN sale had been covered in a "spate of news reports in April [2009]. had similar complaints with one of the same Journal reporters himself in an earlier story. Retrieved 2010-02-01. com/ news/ article/ 0. [4] Ido Dubrawsky (2003-07-29). Isenberg. New York City. [5] Elan Amir (2007-10-29). [8] Jeff Chester (2006-02-01). . securityfocus.Added and Tiered Service Packages" (http:/ / news. com/ item/ ?ci=35275). web censorship or Internet filtering capability to Iran. com/ infocus/ 1716). "The Perils of Deep Packet Inspection" (http:/ / www. "Data leak prevention starts with trusting your users" (http:/ / searchnetworking. thenation. com/ doc/ 20060213/ chester). Roome is denying the quotes attributed to him and that he. Security Focus. . do?command=viewArticleBasic& taxonomyId=16& articleId=9036959& intsrc=hm_topic). 2008-02-05. Security Focus.org community [36] References [1] Dr. Ken Ledeen. lightreading. Retrieved 2008-04-08. Retrieved 2008-03-03. [7] Nate Anderson (2007-07-25). Retrieved 2008-05-14. but did not mention DPI. "Ball State uses Deep Packet Inspection to ensure videoconferencing performance" (http:/ / www. com/ infocus/ 1817). .com.[33] Software Opendpi[34] is the open source version for non obfuscated protocols. ars). call them "a solution in search of a problem" and say that net neutrality rules would reduce incentives to upgrade networks and launch next-generation network services. pdf). com/ insider/ details. The Nation.-based analyst and Cato Institute Adjunct Scholar. Retrieved 2008-03-02.[35] The open source community offers a wide array of options for performing deep packet inspection functions. "The Case for Deep Packet Inspection" (http:/ / www. . Computer World. php/ essays/ just-deliver-the-packets/ ). "Deep Packet Inspection meets 'Net neutrality. . "Global technology trends and national regulation: Explaining Variation in the Governance of Deep Packet Inspection. Ottawa" (http:/ / dpi. msn. IT Business Edge. asp?sku_id=1221& skuitem_itemid=957). a comprehensive list is maintained by the dPacket. securityfocus. 15–18 February 2009" (http:/ / userpage. including The Washington Times. aspx?Feed=PR& Date=20080205& ID=8139811& Symbol=ALLT). . meanwhile. "The End of the Internet?" (http:/ / www. [2] Hal Abelson. Retrieved 2008-03-02. Light Reading. . ca/ index. . earlier in the decade.289142. Retrieved 2008-03-02. Money Central. "the 'Net was built on open access and non-discrimination of packets!"[32] Critics of network neutrality rules. [10] Peter Whoriskey (2008-04-04). Office of the Privacy Commissioner of Canada. .[29] NSN has issued the following denial: NSN "has not provided any deep packet inspection.[28] Questions have been raised about the reporting reliability of the Journal report by David Isenberg. [6] Michael Morisy (2008-10-23). washingtonpost. an independent Washington. charter. [9] "Charter Communications: Enhanced Online Experience" (http:/ / connect. .Deep packet inspection The NSN system followed on purchases by Iran from Secure Computing Corp. Retrieved 2008-03-03. computerworld.

nytimes. html). . Ph. cybertelecom. Retrieved 2008-03-03.ca/) • What Is Deep Packet Inspection and Why the Controversy (http://netequalizernews. [24] Ben Elgin and Bruce Einhorn (2006-01-12). Matt Blaze.com/2011/02/08/ what-is-deep-packet-inspection-and-why-the-controversy/) • White Paper "Deep Packet Inspection – Technology.2008. [32] Genny Pershing.breakingpointsystems. . htm). html). ars technica.1109/MSP. html). perusa-partners. PC World. com/ article/ 08/ 02/ 13/ Danish-ISP-prepares-to-fight-Pirate-Bay-injunction_1. The Washington Post. com/ technology/ content/ jan2006/ tc20060112_434051. ars) [36] (https:/ / www. com/ science/ discoveries/ news/ 2006/ 05/ 70914). crypto. cybertelecom. ars/ post/ 20080311-year-of-filters-turning-into-year-of-lawsuits-against-isps. de/ english/ who_we_are. Peter G. "Eircom and BT won't oppose music firms" (http:/ / www.blog. Retrieved 2008-10-30. . . org/ articles/ deep-security-disa-beefs-security-deep-packet-inpection-ip-transmissions). "The Great Firewall of China" (http:/ / www. net/ jerry/ politics/ Warrantless/ WarrantlessFACTS. 2009. . Retrieved 2008-03-03. [34] Opendpi (http:/ / www. com/ 2009/ 06/ 23/ world/ middleeast/ 23censor. com/ open-source/ news/ 2009/ 09/ deep-packet-inspection-engine-goes-open-source. [31] "Web Pries Lid of Iranian Censorship" (http:/ / www. [16] Eric Bangeman (2008-03-11).com/resources/ resiliency-methodologies/dpi-resiliency-methodology) • Subverting Deep Packet Inspection the Right Way (http://www. Applications & Net Neutrality" (http://www. Retrieved 2008-03-03.138599-c. . Cybertelecom. Open Net Initiative. June 23.ipoque. dpacket. Retrieved 2008-06-26. "Risking Communications Security: Potential Hazards of the Protect America Act" (http:/ / www. washingtonpost. html). IEEE Security and Privacy (IEEE Computer Society) 6 (1): 24–33.Domestic Action's Legality Challenged" (http:/ / www. html). com/ article/ id. . "MPAA: Net neutrality could hurt antipiracy tech" (http:/ / www. The New York Times. com/ news. pdf). "Report Rebuts Bush on Spying . "How the NSA warrantless wiretap system works" (http:/ / www. Retrieved 2008-06-26. com/ article/ SB124562668777335653. [14] Jeremy Kirk (2008-02-13). June 22. [27] http:/ / www.priv. ""Year of filters" turning into year of lawsuits against ISPs" (http:/ / arstechnica. "OEM provider Bivio targets government market" (http:/ / www. htm#his). com/ 8301-10784_3-9746938-7. 2007-10-18. ie/ frontpage/ news-9617239. enn. infoworld. . com/ global/ Press/ Press+ releases/ news-archive/ Provision+ of+ Lawful+ Intercept+ capability+ in+ Iran. 2009. . [20] Bellovin. "The Ultimate Net Monitoring Tool" (http:/ / www. Retrieved 2008-03-12. [15] Matthew Clark (2005-07-05). Retrieved 2008-03-12. wired. I. [21] Robert Poe (2006-05-17). dpacket. isen. "Danish ISP prepares to fight Pirate Bay injunction" (http:/ / www. doi:10. nerdylorrin.17. isen. [18] Carolyn Duffy Marsan (2007-06-27). Retrieved 2008-03-13. Retrieved 6/22/09. . Retrieved 2008-03-12. [33] Genny Pershing. Retrieved 2008-03-13. Isenberg. [26] "China Blocks YouTube. Retrieved 2008-03-13. Whitfield Diffie. nokiasiemensnetworks. "Deep Security: DISA Beefs Up Security with Deep Packet Inpection of IP Transmissions" (https:/ / www. Business Week. "Network Neutrality: Historic Neutrality" (http:/ / www. businessweek. html). [29] "Questions about WSJ story on Net Management in Iran" (http:/ / www. Network World. Retrieved 6/22/09. html?_r=1& hp) by Brian Stelter and Brad Stone. The Wall Street Journal. net/ studies/ china/ ). . and Jennifer Rexford (January/February 2008). [25] "Internet Filtering in China in 2004-2005: A Country Study" (http:/ / www. org/ ci/ neutral.io/?p=9) • What is "Deep Inspection"? (http://www. Cybertelecom.com/security/computer_security/editorials/deepinspect/) • A collection of essays from industry experts (http://dpi. html) by Christopher Rhoads in New York and Loretta Chao in Beijing. ENN. com/ newsletters/ isp/ 2007/ 0625isp1.. . html) by David S. 2009. [19] J. 2009. . Retrieved 2008-03-03. opendpi. [17] Anne Broach (2007-07-19). .sites/ article. news. Susan Landau. Retrieved 2008-03-03.ranum. "Network Neutrality: Insufficient Harm" (http:/ / www. html). pcworld. . php [28] "Iran's Web Spying Aided By Western Technology" (http:/ / online.registration required (http://www. wsj. (2006-09-26).gc. Retrieved 6/22/09. Nelson. opennetinitiative.com/ resources/white-papers/) . com/ papers/ paa-ieee. html). htm) Company press release.D. [22] Carol D. org/ group-posts/ open-source-software-general-discussion/ open-source-software-related-deep-packet-inspect) 6 External links • Test Methodology . Steven M. June 22. Restores Flickr and Blogspot" (http:/ / www. org/ ) [35] Deep packet inspection engine goes open source (http:/ / arstechnica. [30] "Provision of Lawful Intercept capability in Iran" (http:/ / www. June 22. Retrieved 2008-03-12. Wired. com/ blog/ 2009/ 06/ questions-about-wsj-story-on-net. com/ wp-dyn/ content/ article/ 2006/ 01/ 06/ AR2006010601772.inputoutput. htm#ins). networkworld. IDG News Service. Neumann. Retrieved 6/23/09. org/ ci/ neutral.Deep packet inspection Retrieved 2008-03-03. Leonnig (2007-01-07). [23] Cheryl Gerber (2008-09-18). CNET News.

com/t2/latest-news/ best-of-web?task=videodirectlink&id=9042) .com/ • Deep Packet Inspection puts its stamp on an evolving Internet (http://advancedtca-systems.html) 7 .com/products/mu-test-suite/ scale-testing.Deep packet inspection • Egypt's cyber-crackdown aided by US Company (http://therealnews.DPI technology used by Egyptian government in recent internet crackdown • http://www.savetheinternet.com/ deep-stamp-an-evolving-internet/) • Validate DPI policy using real applications (http://www.mudynamics.

[5] In 2006. who served as chief executive and chairman until 2006.[6] In November 2003. by Michael Shurman and Yigal Jacoby. from several venture capital funds. JAFCO Investment.allot. Walden Israel. Allot solutions use deep packet inspection (DPI) technology to change broadband pipes into smart networks offering complete network visibility. and Tamar Technology Ventures. This ranking represented revenue growth of nearly 1900% in a year's time. Gemini. BancBoston Capital. application control and subscriber management.com [2] Allot Communications (NASDAQ: ALLT [1]. in several rounds of funding. including: Genesis Partners.Allot Communications 8 Allot Communications Allot Communications Type Industry Founded Public (NASDAQ: ALLT [1] ) Technology. which was sold to Bay Networks for $33m in 1996.[4] Corporate history Allot Communications was founded in 1996. Deloitte & Touche named Allot the fourth fastest growing company on its Israel Technology Fast 50 list. Jerusalem Venture Partners. following an IPO which raised $78m.[7] .97 million (2010) US$ 5. and the company began trading publicly on the Nasdaq Global Market under the ticker symbol ALLT.76 million (2010) Employees 400 Website www. a manufacturer of RMON-based network management solutions. carriers and enterprises. TASE: ALLT [3]) is a provider of IP service optimization solutions for service providers.[5] By 2004 Allot raised $38 million. Communication systems 1996 Key people CEO: Rami Hadar. Bandwidth optimization US$ 56. QoS Solutions. Rami Hadar appointed President and Chief Executive Officer.[5] Jacoby previously founded Armon Networking. CTO: Jay Klein VP Operations: Pini Gvili Products Revenue Net income Networking.

html). Richard (March 17. encyclopedia. 2006). Zuri (25-08-2004). VoIP and Video applications. com/ [3] http:/ / www.Allot Communications 9 Acquisitions • In September 2002 Allot acquired NetReality. com/ channels/ bandwidth-management/ articles/ 52408-allot-communications-sigma-service-gateway. January 3. [5] Dar. [7] Krawitz. 2008.com.[8] • In January 2008 Allot Acquired Esphion. 2002. 2009). The Marker. "Allot raises $78m. tmcnet. a provider of network application priority switches (NAPS). service providers. in order to enhance its quality of service (QoS) and bandwidth management solutions. wireless broadband carriers. Business Wire. htm). Allot solutions are also used to support the need of service providers to charge more from heavy users of peer-to-peer. allot. asp?symbol=ALLT& selected=ALLT [2] http:/ / www. com/ doc/ 1G1-92808325. asp?doc_id=142343). com/ doc/ 1P1-131347725. highbeam. "Allot Communications' Sigma Service Gateway" (http:/ / www. nasdaq.[9] Products Allot provides intelligent IP service optimization solutions for DSL. html). External links • Allot Communications (http://allot.com) . "Allot Communications wraps up $8 million financing round" (http:/ / www. asp?articleID=2128). March 24. [6] "Bay Networks acquires Armon Networking" (http:/ / www. Combines Teams and Technologies to Form Solid Base for Continued Growth. so that value-added Internet services can be rapidly deployed. in Nasdaq listing" (http:/ / www. htm?objectId=& objectType=& securityType=& searchTerm=ALLT [4] Grigonis. September 24. highbeam. Light Reading. [8] "Allot Communications Acquires NetReality. il/ TASEEng/ Management/ GeneralPages/ SimpleSearchResult. co.[4] References [1] http:/ / quotes." (http:/ / www. com/ document. Israel Business Today. html). Avi (November 17. com/ doc/ 1G1-18165625. [9] "Allot Acquires Esphion" (http:/ / www. lightreading. ivc-online. a New Zealand based developer of network protection solutions for carriers and internet service providers. com/ asp/ SummaryQuote. Allot's portfolio of hardware platforms and software applications employs Deep Packet Inspection (DPI) technology to turn broadband pipes into smart networks. The Jerusalem Post. com/ ivcWeeklyItem. 1996. tase. TMCnet. and enterprises.

2008. NG firewalls.com [1] Barracuda Networks. Web Site Firewalls. and viruses. Backup solutions. Sequoia Capital had previously provided financing to Cisco Systems.[14] . Barracuda Networks was sued by Trend Micro over their use of the open source anti-virus software Clam AntiVirus. Barracuda had over 85.[4] and opened an office in Ann Arbor.Barracuda Networks 10 Barracuda Networks Barracuda Networks Type Industry Founded Private Telecommunication 2003 Headquarters Campbell. Load balancers.[10] [11] [12] [13] As of October 2009. Netscreen.[9] Soon after opening BRBL many IP addresses got blacklisted without apparent reason and without any technical explanation. web hackers and instant messaging threats such as spam. SSL VPNs.[7] In addition to providing samples of prior art in an effort to render Trend Micro's patent invalid. The company's networking and storage solutions include web filtering. application delivery controllers.000 customers.[8] In December 2008. in July 2008 Barracuda launched a countersuit against Trend Micro claiming Trend Micro violated several antivirus patents Barracuda Networks had acquired from IBM. load balancing.[6] On January 29.[2] Barracuda Networks was established in 2003 and introduced the Barracuda Spam and Virus Firewall. trojans. United States Key people Dean Drako (CEO) Michael Perone (CMO) Zach Levow (CTO) Products Spam Firewalls. backup services and data protection.[3] In 2007 the company moved its headquarters to Campbell. its proprietary and dynamic list of known spam servers. NG Firewalls. California. CudaTel PBX Employees Website 500-1000 www. IM firewalls. and Yahoo!. Michigan. spyware. message archiving. Email Archivers. it closed its first outside investment of $40 million from Sequoia Capital and Francisco Partners.[5] In January 2006. web surfing. for free and public use in blocking spam at the gateway. the company launched the BRBL (Barracuda Reputation Block List). networking and storage solutions based on appliances and cloud services. which Trend Micro claimed to be in violation of their patent on 'anti-virus detection on an SMTP or FTP gateway'. is a privately held company providing security. The company’s security products include solutions for protection against email. Web filters. Inc. Google.barracudanetworks. California.

an Austria-based public company delivering enterprise-class firewalls. and Windows system states.[21] • Web Application Firewall . a software as a service (SaaS) company offering cloud based web filtering and security.[18] • Load balancer . and to control web surfing. and network access control into one platform that is centrally managed across multiple distributed enterprise network locations.Barracuda Networks 11 Products • Spam and virus firewall .Announced in September 2008.In November 2006. clientless. content security. in conjunction with its acquisition of Purewire.In November 2008. the company launched its secure sockets layer virtual private network product to provide secure. for securing Web applications for large enterprises and to address regulation compliance such as PCI DSS.In October 2009. intrusion prevention.[17] • IM Firewall . remote access. the company introduced its web filtering appliance to prevent spyware and viruses from gathering and transmitting user data. and safe web surfing. The firewalls integrate web and email filtering. Barracuda announced the release of CudaTel.In April 2005. including [24] In January 2009. on-site backup with data deduplication and off-site data replication for disaster recovery.In July 2007. Barracuda Networks acquired NetContinuum. layer 7 application profiling. the company introduced message archiving to index and preserve emails. NG Firewalls are available both as hardware or as a virtual appliance and include wide area network traffic optimization. the company introduced a load balancing appliance for high availability distribution of network traffic across multiple servers. integrating Barracuda Backup Service with Yosemite Backup.[32] September 2009. a company providing application controllers to secure and manage enterprise web applications. Barracuda Networks launched the Purewire Web Security Service which is a software as a service offering for Web filtering.[26] • NG Firewall . Barracuda Networks acquired Purewire Inc. Barracuda launched a spam and virus firewall for large enterprises and ISPs.[27] • CudaTel Communication Server (PBX) . 2008.[22] • Link Balancer .[29] In November 2008. Barracuda Networks acquired Yosemite Technologies to add software agents for incremental backups of applications such as Microsoft Exchange Server and SQL Server.[19] • Message archiver . CudaTel features FreeSWITCH.[20] • SSL VPN .[33] In October 2009.[16] • Web filter . Barracuda announced its spam and virus firewall plug-in appliance. Barracuda added message-level backup for Microsoft Exchange and Novell GroupWise. formerly Tapeware. the company announced a service to back up data in the cloud. to optimize and aggregate internet connections from different providers.in August 2010.Launched in September 2005 to protect and archive instant messaging content. and to meet legal and regulatory compliance.[30] In November 2008.In October 2003.In February 2010.[28] Acquisitions In September 2007. allowing the company to introduce Secure Sockets Layer (SSL) Virtual Private Network (VPN) products to perform malware scans on files uploaded during a VPN session to network file shares or internal Web sites. Barracuda Networks expanded into cloud-based backup services by acquiring BitLeap.[25] • Purewire Web Security Service .[23] • Backup services . Barracuda announced its NG Firewalls to protect enterprise network infrastructures.[15] In June 2008. a open-source project sponsored by Barracuda Networks.In November. a VOIP Private branch exchange designed for IT administrators.Announced in February 2008. Barracuda Networks acquired controlling interest in phion AG. Barracuda Networks acquired 3SP.[31] In January 2009.[34] .

pcworld. [3] VentureBeat Barracuda swallows Purewire as it becomes a bigger fish in web-based security services (http:/ / venturebeat. shtml) [5] Crain's Detroit Business Silicon Valley firm picks Ann Arbor for office (http:/ / www. pcworld. com/ ns/ news_and_events/ index. (http:/ / www. com/ archives/ campbellreporter/ 20070323/ business2. com/ c/ a/ Security/ Barracuda-Networks-Breaks-Into-SSL-VPN-Space-for-Small-Business/ ) [32] PC World Backup Merger Unites Barracuda. html. html?fsrc=rss-virusworms) [7] Ars Technica Barracuda defends open-source antivirus from patent attack (http:/ / arstechnica. com/ usa/ story. com/ article/ 158462/ backup_merger_unites_barracuda_yosemite. com/ ns/ products/ ) Barracuda Networks. cfm?item=15073) [23] ISP Planet Barracuda Networks' Link Balancer (http:/ / www. com/ c/ a/ Security/ Barracuda-Acquires-Cloud-Security-Vendor-Purewire-559167/ ) [27] InfoSecurity Barracuda moves into distributed firewall technology (http:/ / www. com/ s/ article/ 104909/ Security_Log?taxonomyId=017) [19] IT & Security Portal Barracuda Networks Launches Barracuda Load Balancer (http:/ / www. com/ article/ 158462/ backup_merger_unites_barracuda_yosemite. ars/ post/ 20080702-barracuda-bites-back-at-trend-micro-in-clamav-patent-lawsuit. com/ [2] Company Product Page. Yosemite (http:/ / www. linux. com/ news/ 2006/ 011106-barracuda. com/ blog/ main/ archives/ 2008/ 11/ barracuda_swims. bizjournals. com/ usa/ brief.jsessionid=XDFD2WAXZBEB3QE1GHPCKH4ATMY32JVN) [25] PCWorld Backup Merger Unites Barracuda. channelinsider. com/ archive/ ?module=comments& func=display& cid=1204572 [12] http:/ / steve. com/ barracuda-networks-launches-barracuda-load-balancer. community-newspapers.Barracuda Networks 12 References [1] http:/ / www. html) [9] Linux. html) [21] Comms Express New SSL VPN Announced (http:/ / www. html. com/ news. Yosemite (http:/ / www. computerworld. Retrieved 2010-02-10. isp-planet. html) [24] Information Week Barracuda Swims Into The Cloud (http:/ / www. com/ barracuda-networks-buys-netcontinuum/ article/ 35669/ ) [30] InformationWeek Barracuda Swims Into The Cloud (http:/ / www. html) [26] Channel Insider Barracuda Acquires Cloud Security Vendor Purewire (http:/ / www. html) [15] ComputerWorld Barracuda Networks launches antispam appliance line (http:/ / www. com/ topic/ 32502 [14] San Jose Business Journal Barracuda Networks buys Purewire (http:/ / sanjose. com/ news/ security/ vulnerabilities/ showArticle. com/ blog/ main/ archives/ 2008/ 11/ barracuda_swims. com/ sanjose/ stories/ 2009/ 09/ 28/ daily9. (http:/ / www. ars/ post/ 20080129-barracuda-defends-open-source-antivirus-from-patent-attack. community-newspapers. com/ atlanta/ stories/ 2009/ 10/ 19/ story7. bizjournals. barracudanetworks. com/ 2008/ 11/ 06/ barracudacentral-another-blacklist-black-hole/ [13] http:/ / community. computerworld. com/ archives/ campbellreporter/ 20070323/ business2. com/ equipment/ 2008/ barracuda+ link+ balancer. com/ equipment/ 2007/ barracuda_message_archiver. isp-planet. barracudanetworks. informationweek. html) [8] Ars Technica Barracuda bites back at Trend Micro in ClamAV patent lawsuit (http:/ / arstechnica. html) [34] Atlanta Business Chronicle Barracuda buys Purewire Inc. barracudanetworks. scmagazineus. com/ s/ article/ 86007/ Barracuda_Networks_launches_antispam_appliance_line?taxonomyId=086) [16] eChannelline Barracuda launches Spam Firewall for large enterprises (http:/ / www. informationweek. html?ana=from_rss) . bizjournals. com/ 2009/ 10/ 13/ barracuda-swallows-purewire-as-it-becomes-a-bigger-fish-in-web-based-security-services/ ) [4] The Campbell Reporter Barracuda Networks sinks its teeth into site on Winchester Boulevard (http:/ / www. com/ sanjose/ stories/ 2009/ 10/ 12/ daily19. triumf. ca/ barracuda-problems. cfm?item=23340) [17] InformationWeek Barracuda Rolls Out Spyware-Blocking Appliance (http:/ / www. com/ news/ networking-equipment/ floor-boxes/ new-ssl-vpn-announced-18881252/ ) [22] eChannelline Barracuda puts bite on SMB Web application controller (http:/ / www. jhtml?articleID=160902103) [18] ComputerWorld Security Security Log (http:/ / www. html) [33] Silicon Valley Business Journal Barracuda Networks takes controlling interest in phion (http:/ / sanjose. informationweek. comms-express. echannelline. com/ news. com/ archive/ articles/ 155880) [10] http:/ / andrew. spiceworks. html) [20] ISP Planet Barracuda's Message Archiver (http:/ / www.com Barracuda offers a new alternative to Spamhaus (http:/ / www. infosecurity-magazine. linux.jsessionid=OVGGXQ5J5OOQHQE1GHPCKH4ATMY32JVN) [31] Eweek Barracuda Networks Breaks into SSL VPN Space (http:/ / www. php?nid=368) [29] SCMagazine Barracuda Networks buys NetContinuum (http:/ / www. com/ view/ 7138/ barracuda-moves-into-distributed-firewall-technology/ ) [28] Barracuda Networks Launches CudaTel – New VoIP PBX Based on the Open Source FreeSWITCH Project (http:/ / www. shtml) [6] NetworkWorld Barracuda attracts $40 million in venture investment (http:/ / www. heyvan. eweek. echannelline. networkworld. it-observer. html [11] http:/ / www.

com) .Barracuda Networks PBX/Phone System (http://www.barracudanetworks.com/ns/products/) • CudaTel .cudatel.com) • Barracuda Networks company Products page (http://www.Barracuda Networks 13 External links • Barracuda Networks corporate website (http://www.barracudanetworks.

by the company’s current Chairman & CEO Gil Shwed. markets and supports a wide range of software and combined hardware and software products that cover all the aspects of IT security. security. Best known for its firewall and VPN products. data security and security management. Sweden (Former Protect Data development centre) and in Belarus. Founder. together with two of his friends. Type Public NASDAQ-100 component NASDAQ: CHKP IT security Computer software Computer hardware [1] Traded as Industry Founded 1993 Headquarters Tel Aviv. California and in the Dallas. soon afterwards they also developed one of the world’s first . Founded in 1993 in Ramat-Gan. at the age of 25. including network security. UTM-1. Web Application Security Revenue Net income Employees Subsidiaries Website US$ $1. The company also has offices in the United States.Check Point 14 Check Point Check Point Software Technologies Ltd. Israel.300 employees worldwide. Endpoint. Founder FireWall-1. Security appliances. Israel (before May 2007: Ramat Gan) Key people Gil Shwed. Marius Nacht (currently serving as Vice Chairman) and Shlomo Kramer (who left Check Point in 2003 to set up a new company – Imperva. Check Point first pioneered the industry with FireWall-1 and its patented stateful inspection technology. Chairman & CEO Marius Nacht. Intrusion prevention systems.8 million (2010) [2] 2.200 (2010) ZoneAlarm. Today the company develops.com [3] Products Check Point Software Technologies Ltd. which became the foundation for the company’s first product (simply called FireWall-1). Check Point Integrity.9 million (2010) US$ $452. VPN-1. where he serves as President and CEO). Ontario area. SofaWare www. California (ZoneAlarm). History Check Point was established in 1993. as well as in Canada in the Ottawa. The company's development centers are located in Israel.097. Check Point today counts approximately 2. in Redwood City.checkpoint. endpoint security. Texas area. (NASDAQ: CHKP [1]) is a global provider of IT security solutions. Gil had the initial idea for the company’s core technology known as stateful inspection.

[7] The company’s first commercial breakthrough came in 1994 when Check Point signed an OEM agreement with Sun Microsystems. and tablet PCs. • Endpoint Security . UTM-1. antivirus. head office was established in Redwood City. anti-spyware. or on Check Point’s own line of appliances which includes Safe@Office. just over 10 years after first establishing the partnership with Nokia.g. Media Encryption and Port Control secure data-at-rest on endpoints. Mobile Access. secures virtual machines and applications via either hypervisor integration using the VMSafe API. • Security Management . Solutions are based on the Software Blade architecture.[4] followed by a distribution agreement with HP in 1995. Full Disk Encryption. removable media encryption. and telecommunications carriers: • Network Security . The security policies for networked endpoints can be centrally managed from a single location via the Endpoint Policy Management Software Blade product.[12] 15 Products Check Point offers the following primary solutions and product lines. IPsec VPN. and the DLP security gateway product secure data-in-motion and data-in-use. Data Loss Prevention and Application Control. set policy and apply protections across the entire security infrastructure from a single interface. network access control.[8] The same year. 2008 was elected as mayor of Jerusalem).[10] In 1998. .[11] by 2000 the company became the world’s leading provider of VPN solutions (in terms of market share). Check Point raised $67 million from its initial public offering on NASDAQ. USB).the Check Point Mobile Access software product provides secure access to corporate resources via a SSL VPN portal for devices such as laptops.Data security solutions focus on securing data throughout the stages of the data lifecycle. I/O port protection (e.[9] In June 1996.Check Point's core business has historically focused on network security components including Firewall. IP Appliances. and a VPN client. A separate product called VPN Power-1 VSX can host multiple virtual security gateways on a single machine. which bundled Check Point’s Software with Nokia’s computer Network Security Appliances. multi-domain security management. and Integrated Appliance Solutions platforms. URL filtering.Check Point VPN products (VPN-1). The Check Point Abra USB device provides a secure virtual desktop for Microsoft Windows machines.The Security Gateway VE product for virtual environments. mobile phones. which runs on VMware ESX and ESXi.Allows administrators to manage events. These products are deployed as software on x86 based servers or appliances. and also contains encrypted storage for confidential data. By February 1996. managed service providers. with a portfolio of 11 management software blades including event analysis. culminating in the acquisition of Nokia’s network security business unit in 2009. VPNs. UTM-1 Edge.[4] Shwed developed the idea while serving in the Israel Defense Forces.000 was provided by BRM Group. enterprises. or as a VMware network appliance. Check Point started acquiring other IT security companies. California. which are sold to small and medium businesses (SMBs). correlation. Power-1. the U. access controls. • Mobile Security .deployed as a single security agent that combines firewall.S. [5] [6] Initial funding of $600. allowing remote access of the corporate network via a VPN connection. either from technology partners like Crossbeam and Hewlett-Packard. where he worked on securing classified networks. Anti-spam. Antivirus. a venture capital fund established by brothers Eli and Nir Barkat (who on November 11. full disk encryption.[4] During the 2000s. • Data Security . and device provisioning. Check Point Document Security focuses on protecting data-in-use. the company was named worldwide firewall market leader by IDC with a market share of 40 percent. • Virtualization Security . Intrusion Prevention. Check Point established a successful partnership with Nokia.

in a cash deal valued at $586m in late 2006.[23] Relations between Check Point and the SofaWare founders went sour after the company acquisition in 2002.[13] The court ruled that the three founders could not individually exercise their veto power. claiming Check Point was not transferring funds to SofaWare as required for its use of SofaWare's products and technology. co-founder of SofaWare scored a legal victory over Check Point.[19] but later withdrew its offer after it became clear US authorities would try to block the acquisition.[18] In 2005. makers of the ZoneAlarm personal firewall software.[20] SofaWare Legal Battle SofaWare Technologies was founded in 1999. "[21] In 2001. and began a process of acquiring the remaining shares. an intrusion prevention system developer. Etay Bogner. Bogner sought court approval to file a shareholder derivative suit. content filtering. has veto power to prevent SofaWare from taking any decision of which he disapproves. One of the key aspects of this effort has been the creation of a management system designed to enable service providers or value added resellers to lift the burden of security management from the end users while at the same time delivering additional services such as automatic security and software updates.[13] His derivative suit was ultimately approved and Check Point was ordered to pay SofaWare NIS 13 million for breach of contract. in January 2002 (partial acquisition). and withheld monies due for use of SofaWare technology and products[24] Check Point appealed the ruling.[25] In 2009.[16] • NFR security.[12] • Privately held Liquid Machines. which owns 60% of Sofaware.[13] • Zone Labs. as a cooperation between Check Point and SofaWare's founders. resulting in SofaWare becoming a wholly owned subsidiary. consumer and branch office market.Check Point 16 Acquisitions • SofaWare Technologies. sales of SofaWare's Safe@Office firewall/VPN appliances skyrocketed. the Tel Aviv District Court Judge ruled that Bogner SofaWare could sue Check Point by proxy for $5. in 2003. for $205 million in cash and shares.[26] .[13] In 2011. was acquired in April 2009.[24] Bogner claimed that Check Point.[17] • Nokia Security Appliances division.[15] Prior to their acquisition by Check Point. but only as a group and by majority rule. the holding company for PointSec Mobile Technologies.[21] By the fourth quarter of 2002. Adi Ruppin and Etay Bogner. "The Company's vision is to take this enterprise-strength technology and make it as simple to use and as affordable as possible without detracting from its quality.[22] In 2002. following its failed plan to acquire the larger IPS vendor Sourcefire. with a 38% revenue market share. the Israeli Supreme Court ruled that a group of founders of SofaWare. As part of the settlement it acquired the SofaWare shares held by Bogner and Ruppin. According to SofaWare's co-founder Adi Ruppin. for $20 million in late 2006.[13] In 2006. the company started selling the Safe@Office / Safe@Home line of security appliances. anti-virus and more. with the purpose of extending Check Point's success in the enterprise market. but later lost the appeal.[13] In 2004.[14] • Protect Data. was acquired in June 2010. Check Point tried to acquire intrusion prevention system developers Sourcefire for $225 million. Check Point settled all litigation relating to SofaWare. SofaWare began selling firewall appliances under the SofaWare S-Box brand. a data security startup company based in Boston. has behaved belligerently. to the small business. under the Check Point brand. Protect Data acquired Reflex Software.1 million in alleged damage to SofaWare. and SofaWare held the #1 revenue position in the worldwide firewall/VPN sub-$490 appliance market. which includes Bogner.

Oct 1. com/ press/ 2003/ zonelabs121503. marketwire. com/ article/ 31405/ CIO_20_20_Honorees_Innovator_s_Profile_Gil_Schwed_of_Check_Point_Software_Technologies_Ltd.Check Point Certified Security Administrator CCSE . Research Policy 36 (9): Research Policy. . [21] Interview with Adi Ruppin.and Ready for Prime Time" (http:/ / www. 2002 [7] Wallace. html).Check Point Certified Security Expert CCSE+ . [10] Breznitz. checkpoint. 2003-12-15. sciencedirect. htm).Check Point 17 Certification Check Point has a long-running history of training and certification on their products. 2001. by Berislav Kucan . (http:/ / www. com/ press/ 2006/ pointsec112006. [18] Check Point Acquires Data Security Startup Liquid Machines (http:/ / www. encyclopedia. checkpoint. nasdaq. Retrieved 2009-04-13. . htm) [19] "Check Point and Sourcefire to Explore Alternative Business Relationship" (http:/ / www. 07. checkpoint. html). checkpoint. cio. net-security. Expands Intrusion Prevention Capabilities to Fortify Enterprise Networks" (http:/ / www.December 1.Check Point Certified Specialist CCSA . [16] "Protect Data acquires Reflex Software Limited to extend product portfolio" (http:/ / www. [12] "Check Point Completes Acquisition of Nokia Security Appliance Business" (http:/ / www. "CheckPoint Software Named Firewall Market Share Leader by IDC. checkpoint. com/ ebiz/ 9912/ em1201. checkpoint. 1995. crn. . ). checkpoint. [6] Gil Shwed. "MOVERS & SHAKERS: Eli Barkat: Making Push More Polite -.February 5. com/ corporate/ facts. Retrieved 2008-10-12. . Tracy. php?id=361) [22] Check Point bolsters new firewall appliance.. html). businessweek. com/ press/ 2006/ sourcefire032306. "CIO 20/20 Honorees--Innovator's Profile: Gil Schwed of Check Point Software Technologies Ltd" (http:/ / www. "CheckPoint Software and HP sign distribution agreement. CIO Magazine October 1. 2006-03-24. com/ print-edition/ business/ etay-bogner-bests-check-point-in-court-once-again-1. [11] Press Release . [3] http:/ / www. 2002. Retrieved 2008-10-12. com/ books?id=MA0AAAAAMBAJ& lpg=PA76& dq=Gil Shwed& pg=PA76#v=onepage& q=Gil Shwed& f=false). . CRN. 1996. David. Founder and Managing Director of SofaWare. Retrieved 2008-10-12. [9] Press Release. Retrieved 2008-10-12. asp?symbol=CHKP& selected=CHKP [2] "Check Point Software Facts @ A Glance" (http:/ / www. com/ press/ pointsec/ 2006/ 11-02. Check Point Software Tech (http:/ / www.September 25. Chairman & CEO. 2006-12-19. Network World Dec 17.Check Point Certified Security Expert Plus CCMSE .October 19. html). Haaretz.Tuesday.Check Point Certified Master Architect References [1] http:/ / quotes. com/ [4] Mayor. securityfocus. sciencedirect. CIO (http:/ / books. com/ doc/ 1G1-17461605. Retrieved 2009-07-01. com/ press/ 2006/ nfrsecurity121906. "Check Point Software & Nokia Expand Partnership" (http:/ / www. html). market-leading FireWall-1 solution now available through HP and its reseller channel. 2006-11-02. . [15] "Check Point Announces a Cash Tender Offer to Acquire Protect Data" (http:/ / www. com/ science?_ob=ArticleURL& _udi=B6V77-4PTN8PN-1& _user=10& _rdoc=1& _fmt=& _orig=search& _sort=d& _docanchor=& view=c& _searchStrId=1085105296& _rerunOrigin=google& _acct=C000050221& _version=1& _urlVersion=0& _userid=10& md5=3cf69059540492454dd362317b553b2f). Nov. html). 2001. html). htm). com/ doc/ 1G1-17461605. Marcia. p. "Etay Bogner bests Check Point in court once again" (http:/ / www. Business Week . retrieved 2009-11-09 [8] Company Press Release. 2006-11-20. [20] "Check Point calls off Sourcefire buy" (http:/ / www. [14] "Check Point Software Technologies to Acquire Zone Labs" (http:/ / www. com/ news/ 11382). com/ news/ channel-programs/ 18836954/ gil-shwed-chairman-ceo-check-point-software-tech. html). 2009-04-13. Business Wire . 21 January 2003. encyclopedia. Retrieved 2008-10-13. 3385). com/ asp/ SummaryQuote. haaretz. 1999. 15. org/ article. Business Wire . . [13] Roth. . google. . Worldwide Market Share of 40 Percent Represents Significant Lead in Providing Enterprise Network Security Solutions. 18 ." (http:/ / www. including the following: • • • • • • CPCS . Dan. com/ science?_ob=ArticleURL& _udi=B6V77-4PTN8PN-1& _user=10& _rdoc=1& _fmt=& _orig=search& _sort=d& _docanchor=& view=c& _searchStrId=1085105296& _rerunOrigin=google& _acct=C000050221& _version=1& _urlVersion=0& _userid=10& md5=3cf69059540492454dd362317b553b2f). 1999. com/ press-release/ Check-Point-Acquires-Data-Security-Startup-Liquid-Machines-NASDAQ-CHKP-1273411. "Industrial R&D as a national policy: Horizontal technology policies and industry-state co-evolution in the growth of the Israeli software industry" (http:/ / www. Retrieved 2008-10-12. [17] "Check Point to Acquire NFR Security." (http:/ / www. html).Check Point Certified Managed Security Expert CCMA . checkpoint. com/ press/ 2009/ check-point-completes-nokia-acquisition-041309. Nurit (26-11-09). 2006-03-23.com. [5] Savage. Gil Shwed. Business Wire .

Ha'aretz. 2011 18 External links • Corporate website (http://www. ח' מלצר. א' רובינשטיין. נ‬ ‫)הנדל‬ [26] Check Point 20-F SEC filing.com/) . Oded (April 25. 2850/08 ‫ עא‬CHECK POINT SOFTWARE TECHNOLOGIES LTD ‫'נ' איתי בוגנר )עליון. . com/ economy-finance/ sofaware-founder-cleared-to-sue-check-point-for-5-1-million-1. 2006). com/ press/ 2003/ infonetics031203. 186085). Retrieved 14 June 2010. [25] Israeli Supreme Court. "Sofaware founder cleared to sue Check Point for $5. html) [24] Arbel.1 million" (http:/ / english.checkpoint.Check Point [23] Check Point Software Stakes Claim in Small Business Internet Security Space Company Duplicates Market-leading Enterprise Success in Sub-$490 Appliance Segment (http:/ / www. themarker. checkpoint.

California.21 billion (2011) [4] US$ 7. Inc.49 billion (2011) [4] US$ 87. SEHK: 4333 [6]) is a multinational corporation headquartered in San Jose.67 billion (2011) [4] US$ 6.com] Headquarters Area served Key people Products Cisco Systems. and communications technology and .25 billion (2011) [5] 70. networking. VOIP. Type Traded as Public NASDAQ: CSCO [1] Dow Jones Industrial Average Component S&P 500 Component Industry Founded Founder(s) Computer networking San Francisco. Chambers (Chairman & CEO) Networking Device Network Management Cisco IOS and NX-OS Software Interface and Module Optical networking Storage area networks Wireless. California (1984) Len Bosack Sandy Lerner Richard Troiano [2] [3] San Jose. voice.cisco. Telepresence. United States Worldwide John T.09 billion (2011) [4] US$ 47.com www. that designs and sells consumer electronics. Inc.Cisco Systems 19 Cisco Systems Cisco Systems.cisco. (NASDAQ: CSCO [1].700 (2011) List of acquisitions [www. California. Security Datacenter List of Cisco Products Revenue Operating income Net income Total assets Total equity Employees Subsidiaries Website [4] US$ 43.

[16] As part of the company's overseas strategy. John Morgridge was appointed CEO. San Francisco. moving full time to Cisco in 1987. On August 28.[14] it is still one of the most valuable companies.03 billion. Cutting as many as 10. later joined by Richard Troiano. Cisco System Inc.[12] [13] In July 2009. The company's first CEO was Bill Graves. Lerner was fired. On February 16. with a market capitalization of more than US$500 billion.0 billion as of 2010. with a market cap of about US$108. the company went public (with a market capitalization of $224 million) and was listed on the Nasdaq stock exchange.[17] However.S.[8] In 1988. Cisco has more than 70. another Stanford employee who later joined Sun Microsystems. 70% of which was committed to their own charity.[9] it was one of the first to sell commercially successful routers supporting multiple network protocols.400 total employees before curtailment. due to lower than expected profit. The couple walked away from Cisco with $170 million. and succeeded in 1995 by John Chambers. Bosack adapted multiple-protocol router software originally written some years before by William Yeager. her husband Bosack resigned in protest. most notably IP phones and Telepresence are frequently sighted in movies and TV series [20] The company itself and its history was featured in the documentary film Something Ventured which premiered in 2011. Cisco commonly stays on top of Fortune "100 Best Companies to work for". who held the position from 1987 to 1988. it has built its Globalization Centre East in Bangalore for $1 billion and 20% of Cisco's leaders will be based there. The stock was added to the Dow Jones Industrial Average on June 8. 2009. One of the many buildings on the Cisco Systems campus in San Jose While Cisco was not the first company to develop and sell a router.[15] On September 7. the importance of multi-protocol routing declined.[18] [19] Media and Awards Cisco products.[21] [22] a U. The company cut around 3. Cisco was a 2002-03 recipient of the Ron Brown Award.000 employees and annual revenue of US$ 40. Cisco introduced a new logo that was created in collaboration with Joe “Phenom” Finocchiaro and Jerry “The King” Kuyper.000 jobs that would be eliminated by the end of August 2011. Cisco was the most valuable company in the world.000 jobs means around 14 percent of the 73. presidential honor to recognize companies "for the exemplary quality of their relationships with employees and communities". with position #20 in 2011 [23] .[10] As the Internet Protocol (IP) became widely adopted. at the height of the dot-com boom. The name "Cisco" was derived from the city name. cut annual expenses by $1 billion in July 2011. founded Cisco Systems in 1984. the Russell 1000 Index.[11] In late March 2000. 1990. Today.[7] 20 Corporate history Len Bosack and Sandy Lerner.000 employees with an early-retirement program who accepted buyout and 7. Cisco's largest routers are primarily used to deliver IP packets. and is also included in the S&P 500 Index. a married couple who worked as computer operations staff members at Stanford University. 2006. Lerner moved on to direct computer services at Schlumberger. For Cisco's first product.Cisco Systems services. NASDAQ 100 Index and the Russell 1000 Growth Stock Index. which is why the company's engineers insisted on using the lower case "cisco" in the early days. 1990. upon hearing the news.

Cisco announced they were discontinuing all Flip camera production. 2011. California.video conferencing Cisco also attempted to enter consumer market with a line of video recording devices dubbed "Flip". entitlement and content delivery systems. security systems. Storage Networking and Cloud services. became a key stakeholder in e-Skills Week. • Broadband: cable modems • Cisco ūmi . including LAN switching. This move did not go well and on April 12. In March 2011. a start-up company located in Petaluma. The solutions for each market are segmented into Architectures. It was the most expensive acquisition made by Cisco to date.[30] • Small businesses[31] • • • • • Routers and switches Security and surveillance: IP cameras. Unified Communications.[24] Several acquisitions.[34] [35] . broadcast video contribution/distribution.[32] Voice and conferencing solutions: VOIP phones and gateway-systems. HealthPresence. energy and building management systems and media aware networks.[27] • Collaboration: IP video and phones. data and network security solutions etc. switches. and only the acquisition of Scientific Atlanta has been larger. which form the basis for how Cisco approaches each market. video conferencing Wireless: WiFi Access points Network storage systems • Home user[33] • Linksys product line of access points.[26] Products and services Cisco's current portfolio of products and services is focused upon three market segments – Enterprise and Service Provider. Several acquired companies have grown into $1Bn+ business units for Cisco. • Corporate market: Enterprise networking and Service Providers • Borderless networks: for their range of routers. It will no longer carry the making of Flip cameras. In the recent merger deals. Cisco acquired Linksys in 2003. Cisco bought Starent Networks (a mobile technology company) and Moto Development [25] Also in 2010. Cisco Group. Unified Fabric. Data Centre Switching. During the Internet boom in 1999. WAN acceleration.Cisco Systems 21 Acquisitions Cisco acquired a variety of companies to bring in products and talent into the company. Enterprise social networks and Mobile applications[28] • Datacenter and Virtualization: Unified Computing. Cisco completed the acquisition of privately held network configuration and change management solutions company Pari Networks. switches etc. the company acquired Cerent Corporation. Call Center systems. Enterprise Voice over Internet Protocol (VOIP). wireless systems. such as Stratacom. TelePresence.[29] • IP NGN (Next Generation Networks): High-end routing and switching for fixed and mobile service provider networks. were the biggest deals in the industry when they occurred. a product design consulting firm that helped develop Cisco's Flip video camera. for about US$7 billion. Small Business and the Home. In 1995-1996 the company completed 11 acquisitions. WebEx. and home networking.

[36] These are: • • • • • • Borderless Networks Collaboration Data Center and Virtualization IP NGN (Next Generation Networks) Small Business Consumer Under these architectures. 7965.Cisco Systems 22 Architectures In an effort to allow their sales team to have more business-focused conversations with customers. • Unified Computing: Cisco Unified Computing System (UCS) virtual server platform: with VMWare [38] virtualization system run servers on Cisco hardware • Catalyst switches: Cisco Catalyst 2900 Series. MDS. Cisco Manufacturing Mobile Video Collaboration with Librestream. ASR Series and CRS-1 and CRS-3 • Cisco Security Manager • Security appliances: ASA 5500. 9900 series. 7000). including: 837. Hardware • Datacenter products: Nexus Switches (1000v. 7942. PIX 500 series A Cisco ASM/2-32EM router deployed at CERN in 1987. 8900 series. Cisco Catalyst 3000 Series.Cable/IP . Cisco intends to gradually knit together its various products. 7600. 3600 Series. 6900 series) • Cisco Application Control Engine (ACE): Application Delivery Controller • Routers. 5000. Unified Computing System (UCS) • Flip pocket camera (Discontinued in April 2011[37] ) • Cisco SPA500 Series IP Phones • Linksys SPA900 Series IP Phones • Cisco Unified IP Phones (7945. Cisco acquired Tandberg. the world leader in Telepresence systems[39] • VOIP: Wireless IP Phone 7920 • CLEO: Low Earth Orbit router • Cisco Wireless LAN • Cisco Cius: a new Android-based collaboration tablet • Cisco Wide Area Application Services (WAAS) • Set Top Boxes (High Definition PVRs). 4000. 2500 Series. and introduce new products and features in order to provide a complete set of capabilities in each area. 2000. Catalyst 4500. 12000. 1000 Series. Cisco Catalyst 6500 Series • Collaboration systems such as Cisco TelePresence. as opposed to focussing on discussions around products. Cisco announced a new focus around six ‘Architectures’ in 2009.

and Cisco Webex Meeting Center. deployed to incidents such as the October 2007 California wildfires. and tornado outbreaks in North Carolina and Alabama in 2011. California and Research Triangle Park. NERVs are normally stored at Cisco facilities in San Jose. and others. Cisco Unified Mobility. and is now moving into the home user market through its acquisitions of Scientific Atlanta and Linksys. running for 72 hours continuously. UPC.[41] Network Emergency Response The company maintains several Network Emergency Response Vehicles (NERV)s which are staffed by Cisco employees during natural disasters and other public crises. didactic network simulator Cisco Network Magic Pro Cisco Unified Communications Manager Cisco IP Communicator Cisco Quad Cisco Security Manager WebEx Collaboration Tools VoIP services Cisco became a major provider of Voice over IP to enterprises. Cisco received the Innovation Preparedness award from the American Red Cross. A part of the Cisco Unified Services Delivery Solution. it will include hosted versions of Cisco Unified Communications Manager (UCM).[45] . Cisco Unified Contact Center.Cisco Intelligent Automation [40] CiscoWorks Network Management software Clean Access Agent. Cisco Unity Connection (unified messaging). Scientific Atlanta provides VoIP equipment to cable service providers such as Time Warner. hurricanes Gustav. [44] In 2011. Cisco Unified Presence. Cisco NAC Appliance Cisco Eos Packet Tracer. Cablevision. network based video surveillance and secured high definition video conferencing for leaders and first responders in crisis areas with up to 5 Mbps of bandwidth via a 1. and Katrina. Hosted Collaboration Solution Cisco partners can now offer cloud-based services based on Cisco's virtualized Unified Computing System (UCS). voice over IP. Linksys has partnered with companies such as Skype and Yahoo to integrate consumer VoIP services with wireless and cordless phones. Rogers Communications.Cisco Systems 23 Software • • • • • • • • • • • • • • • • • • Internetwork Operating System NX-OS Cisco Active Network Abstraction Cisco Fabric Manager Cisco AnyConnect Secure Mobility Client Cisco Systems VPN Client CiscoView Data Center Management and Automation . The vehicles are self contained and provide wired and wireless services including voice and radio interoperability. the 2010 San Bruno gas pipeline explosion. Ike. North Carolina for strategic deployment in North America and are capable of being [42] [43] The NERV has been fully operational within 15 minutes of arrival.8-meter satellite antenna. Silicon Valley Chapter for it's development and use of these vehicles in disasters.

and officers paid the plaintiffs US$91.[48] On May 20.Cisco Systems 24 Cisco Career Certifications Cisco Systems also sponsors a line of IT Professional certifications for Cisco products. stated the real reason for the extradition proceedings was because Alfred-Adekeye "dared to take on a multinational giant." Tax fraud investigation On October 16. Multiven's complaint alleges that Cisco harmed Multiven and consumers by bundling and tying bug fixes/patches and updates for its operating system software to its maintenance services (SMARTnet) and through a series of other illegal exclusionary and anticompetitive acts designed to maintain Cisco's alleged monopoly in the network maintenance services market for Cisco networking equipment. 2007. There are five levels of certification: Entry. Cisco responded by accusing the person who filed the anti-trust suit. its directors. Service Provider.[53] [54] Antitrust lawsuit On December 1. journalist Sarah Stirland accuses Cisco of marketing its technology "specifically as a tool of repression.[51] Wired News had uncovered a leaked. Professional. the newly introduced Service Provider Operations. Cisco says that it does not customize or develop specialized or unique filtering capabilities to enable governments to block access to information and that it sells the same equipment in China as it sells worldwide. promote competition and ensure consumer choice and value. 2009. confidential Cisco powerpoint presentation that details the commercial opportunities of the Golden Shield Project of Internet control.[47] Intellectual property disputes On December 11. and Wireless.[50] According to author Ethan Gutmann. Network Security. the Free Software Foundation filed suit against Cisco regarding Cisco's failure to comply with the GPL and LGPL license models and make the applicable source code publicly available. Routing & Switching. Voice. 2008.5 billion (US$824 million) in taxes. Cisco's liability insurers. 2006." He also condemned the US . Inc. Cisco and other telecommunications equipment providers supplied the Chinese government with surveillance and Internet infrastructure equipment that is used to block Internet websites and track Chinese on-line activities.[52] In her article.75 million to settle the suit. Storage Networking. and recently Architect. Censorship in China Cisco has been criticized for its involvement in censorship in the People's Republic of China. the Brazilian Federal Police and Brazilian Receita Federal (equivalent to the American IRS) under the "Persona Operation" uncovered an alleged tax fraud scheme employed by Cisco Systems since 2002 that exempted the company from paying over R$1. Multiven filed an antitrust lawsuit[55] [56] [57] [58] [59] [60] against Cisco Systems. Cisco settled this lawsuit by complying with FSF licensing terms and making a monetary contribution to the [49] FSF. Associate.[46] While Cisco denied all allegations in the suit. 2001 accused Cisco of making misleading statements that "were relied on by purchasers of Cisco stock" and of insider trading. Canadian Judge Ronald McKinnon. in an effort to open up the network maintenance services marketplace for Cisco equipment. British born Peter Alfred-Adekeye. with hacking and pressured the US government to extradite him from Canada where he was giving evidence against Cisco in an anti-trust hearing. Criticisms and controversy Shareholder Relations A class action lawsuit filed on April 20. who oversaw the extradition hearing. as well as eight different paths. on August 18. 2008. Design. Expert.

Cisco Systems. com/ press-release-content?type=webcontent& articleId=456320). . cgi?f=/ c/ a/ 2006/ 05/ 05/ BUC200MARKETCAP. . cisco. . Cisco Systems. [14] Cisco Systems Summary (http:/ / finance. [26] "Cisco Completes Acquisition Of Pari Networks (Started By Former Cisco Execs)" (http:/ / www. com/ opinion/ displaystory. Retrieved 2007-01-25. " Cisco Buys Moto – no. 2011.000 Jobs to Buoy Profit . Retrieved 21 December 2009. com/ q?s=csco& d=t) [15] Fost. cisco. Cisco Replace Citi. cnn. com/ dlls/ 2004/ hd_061404. bloomberg. html). marketwatch. html). . pbs. [12] "Cisco pushes past Microsoft in market value" (http:/ / www. Retrieved 2010-08-14. 2010-04-15. George (Jan 9. icmrindia. [17] "The other elephant" (http:/ / www. Retrieved 2007-01-25. Retrieved on 2009-01-04. . visited 10 Apr 2011 [23] http:/ / money. com/ s/ ap/ 20110511/ ap_on_hi_te/ us_earns_cisco) [19] Cisco Said to Plan Cutting Up to 10. . [9] "I. Retrieved 2010-10-15. com/ magazines/ fortune/ bestcompanies/ 2011/ snapshots/ 20. The Economist. TechCrunch. "The History of Cisco" (http:/ / www. 2011. html). 2010. (2009-06-01). cisco. cisco. html) [20] http:/ / www. com/ news/ story/ cisco-pushes-past-microsoft-market/ story. 2011). aspx?guid={FA6BADEF-05F2-4169-ADDA-12E9D17C4433}). com/ en/ US/ netsol/ ns1015/ products. The Economist. Dan (2006-05-05). Judge McKinnon described the information provided by Cisco and the US prosecutor as "full of innuendo. Retrieved 2011-09-03. visited 10 Apr 2011 [22] Cisco News website Cisco Systems Receives Presidential Award for Corporate Leadership (http:/ / newsroom.Bloomberg (http:/ / www.us. html). cisco. com/ asp/ SummaryQuote. half-truths and falsehoods" adding "This speaks volumes for Cisco's duplicity" and accused them of "unmitigated gall" in using such a heavy-handed move as an unsupportable arrest and jailing to pressure Alfred-Adekeye to drop or settle his civil antitrust complaint. [8] "Cisco's Acquisition Strategy" (http:/ / www. 2011-08-10. visited 27 Feb 2011 . Pbs. [16] "Cisco Logo: Design and History" (http:/ / www. [5] "News@Cisco -> Corporate Overview" (http:/ / newsroom. [6] http:/ / www. cisco. networkworld. DTL). Retrieved June 28. nasdaq. Retrieved Jan 28. Retrieved 2008-11-13. 1997-08-25. [25] By Jim Duffy. [3] "A special report on innovation in emerging markets: The world turned upside down" (http:/ / www. cisco. hk/ eng/ invest/ company/ quote_page_e. 2011-08-10. hkex. [27] Cisco website Borderless network products (http:/ / www. expressindia. html [24] Garza. . yahoo. yahoo. . NetworkWorld. 2004. 2000-03-25. Forbes. com. Wall Street Journal (Dow Jones & Company. Retrieved 2009-06-02.[61] 25 Intimidation Cisco has been reported as using intimidation tactics in several news reports. html). Retrieved 2011-08-10. html#~24 [21] Highbeam Research website Presidential Award For Corporate Leadership Presented to Cisco Systems (http:/ / www. com/ news/ 2011-07-11/ cisco-may-cut-about-5-000-jobs-in-august-gleacher-analyst-says. . June 14.S. economist. aspx). asp?symbol=CSCO& selected=CSCO [2] "Cisco Reports Fourth Quarter and Fiscal Year 2011 Earnings" (http:/ / newsroom. wsj. com/ dlls/ corpinfo/ corporate_overview. com/ forbes/ 1997/ 0825/ 6004058a_2. sfgate. com/ ie/ daily/ 20000326/ ibu26043.org." May 18. com/ news/ 2010/ 051810-cisco-acquires-moto. html). forbes. The Evolution of Access Routing (http:/ / newsroom. [11] "Does Pink Make You Puke?" (http:/ / www. . html). techcrunchit. . Retrieved 2007-01-25. asp?WidCoID=4333& WidCoAbbName=& Month=& langcode=e [7] Browning. brighthub. html).[62] [63] Notes [1] http:/ / quotes. FamousLogos. com/ 2011/ 03/ 02/ cisco-completes-acquisition-of-pari-networks-started-by-former-cisco-execs/ ). . January 2004. org/ cringely/ nerdtv/ transcripts/ 013. CBS Marketwatch. Inc). [18] Cisco to cut costs and jobs as profit stalls (http:/ / news. E. 2011. Transcript | PBS" (http:/ / www. . com/ computing/ enterprise-security/ articles/ 65663. Cringely.Cisco Systems prosecutor for hiding the fact that Alfred-Adekeye was in legal proceedings against Cisco Systems. The Indian Express. . com/ cisco/ web/ UK/ about/ tvmovies. GM in Dow" (http:/ / online. [4] "Cisco Reports 2011 Earnings" (http:/ / newsroom. . highbeam. BSTR083. us/ cisco-logo). San Francisco Chronicle. Interview. [13] "Cisco replaces Microsoft as world's most valuable company" (http:/ / www. [10] Cisco claim of first multi-protocol router. com/ node/ 17414206). for stating that Alfred-Adekeye had left the USA in a time period when he had not and a formal request for extradition was not filed against Alfred-Adekeye when he was taken into custody. not that Moto (http:/ / www. html). "Chron 200 Market capitalization" (http:/ / www. htm). 2000-03-25. Retrieved 2011-08-19. com/ doc/ 1G1-108316480. com/ cgi-bin/ article. NerdTV. "Travelers. Case Studies In Business Strategy (ICMR) IV: 2. famouslogos. com/ dlls/ corp_093003. Reuters. org/ casestudies/ catalogue/ Business Strategy2/ BSTR083. cfm?story_id=15879369). com/ press-release-content?type=webcontent& articleId=456320). 2010-11-04. html?hpg1=bn). com/ article/ SB124386244318072033. March 1. economist.

April 12. 2010-07-02. 2009). org/ technology/ story. cisco. cisco. visited 06 Apr 2011 [31] Products for small businesses (http:/ / www. html). html). com/ community/ node/ 35852). Retrieved 2009-05-20. com/ blog/ networking/ cisco-nerv-the-ultimate-first-responder-vehicle/ 581) [45] ‪2011 Innovative Preparedness . networkworld. com/ cisco/ web/ solutions/ small_business/ products/ security/ index.00. com/ gov/ 2006/ 02/ cisco_testimony_before_house_i. catholic. ucstrategies. . . com/ watch?v=SVhxp4F_qD8). com/ cisco/ web/ solutions/ small_business/ products/ index. fsf. lightreading. com/ en/ US/ netsol/ ns1007/ products. com/ news/ 2007/ 101607-cisco-brazil-arrests. cisco. pbs. html). cisco. crn. Archived from the original (http:/ / blogs. youtube. Rio de Janeiro" (http:/ / www. visited 27 Feb 2011 [39] "Tandberg product inquiry page". fsf. ChannelWeb. 2007-10-17. [58] Multiven. html?track=sy540). Press release. . close Cisco System's offices in São Paulo. youtube. Retrieved 2009-06-27. . Retrieved 2011-08-21. com/ articles/ ap/ 2007/ 10/ 17/ business/ LA-FIN-Brazil-Cisco. Inc. 2011. com/ 8301-30686_3-20053075-266. [54] "Brazilian tax authorities raid. com/ networkhub/ cisco-internal-memo-changes-to-sales-strategy-and-channel-org/ )." (http:/ / multiven. org/ wgbh/ pages/ frontline/ tankman/ internet/ ). . cisco. [59] "Cisco Systems hit with antitrust lawsuit" (http:/ / searchitchannel. techrepublic. com/ threatlevel/ 2008/ 05/ leaked-cisco-do/ ). 2007-10-16. html). "Cisco Testimony Before House International Relations Subcommittee" (http:/ / web. com/ sanjose/ stories/ 2006/ 08/ 14/ daily75. . WRAL. SearchITChannel. Tandberg.289142. visited 26 Feb 2011 [30] Cisco website on IP Next-Generation Networks (http:/ / www. NetworkWorld. Silicon Valley/San Jose Business Journal. March 13. 26 . [48] Free Software Foundation (December 11. com/ en/ US/ netsol/ ns1007/ products. CNET. com/ en/ US/ partner/ netsol/ ns537/ networking_solutions_solution_category. com/ en-us/ home) on company website. executives arrested in Brazil: reports" (http:/ / www. cisco. Inc. [55] "Multiven Sues Cisco" (http:/ / www. 2008-12-01. techtarget. com/ en/ US/ products/ ps10265/ index. [50] "FRONTLINE: the tank man: the struggle to control information | PBS" (http:/ / www.org. cisco. [57] "Cisco Accused Of Monopoly In Antitrust Lawsuit" (http:/ / www. org/ web/ 20061206095153/ http:/ / blogs. Retrieved 2007-01-25. iht. . visited 6 April 2011 [37] "Cisco gives Flip video biz the boot" (http:/ / news. (2008-12-01). asp?doc_id=168775). php?id=41037). . com/ news/ article/ 0. wired. com/ dlls/ 2006/ corp_081806. html). . "Free Software Foundation Files Suit Against Cisco For GPL Violations" (http:/ / www. Pbs. . Retrieved 2007-10-17. [44] Cisco NERV: The ultimate first responder vehicle | TechRepublic (http:/ / www.Cisco Systems [28] Cisco website Collaboration products and services (http:/ / www. Cisco Systems. Inc. 2008-12-01. . Cisco Systems is now ready to help communities in need of disaster assistance with emergency communications capability.. html). [47] "Cisco resolves class action lawsuit" (http:/ / sanjose. "Cisco Leak: ‘Great Firewall’ of China Was a Chance to Sell More Routers" (http:/ / www." [43] [providing phone and video communications according to the National Incident Management System "Cisco Network Emergency Response Vehicle at a glance"]. wral. Jon Paula. [51] Earnhardt. . lightreading. html) on company website. Sarah (2008-05-20). [56] "Net maintenance provider sues Cisco over allegedly monopolistic SMARTnet" (http:/ / www. Inc. NetworkWorld. com/ en/ US/ products/ ps6505/ Products_Sub_Category_Home. 2006-08-18. org/ news/ 2009-05-cisco-settlement. Press release. [53] "Cisco offices raided. . . CatholicOnline. html). html). (2006-08-18). html?page=1). "Multiven Files Antitrust Lawsuit Against Cisco Systems.com. cisco. php). html) on 2006-12-06. "FSF Settles Suit Against Cisco" (http:/ / www. archive. Press release. 2011. Retrieved 2008-12-02. [40] http:/ / www.. 2008-12-02. html [41] "Cisco Launches Hosted Collaboration Solution" (http:/ / www.Cisco Tactical Operations‬‫ . Retrieved 2007-10-16.sid96_gci1341067. Retrieved 2007-01-25. com/ networking/ 212201523).visited 27 Feb 2011 [34] "Catholic Online Statement about Flip Camera" (http:/ / www. aspx). Press release. com/ watch?v=V1L7pgotdEo) [46] Cisco Systems. [52] Stirland. cisco. . com/ news?article_id=12). March 12.com. visited 27 Feb 2011 [29] Cisco website on Datacenter products (http:/ / www. providing phone and video communications according to the National Incident Management System. Retrieved 2008-11-13. cisco. [42] "In a Disaster. 2008-12-04. com/ document. 2008). Retrieved 2008-12-02. 2011. [49] Free Software Foundation (May 20. John (2006-02-15). Cisco Can Deliver Its Own 911" (http:/ / www. bizjournals. "Like a good neighbor. Press release. Retrieved 2008-12-02. "Cisco Shareholder Class Action Lawsuit Resolved" (http:/ / newsroom. . . [36] Post on IT Knowledge Exchange Cisco internal memo: changes to sales strategy and channel org (http:/ / itknowledgeexchange. com/ news-analysis/ cisco-launches-hosted-collaboration-solution.‏‬YouTube (http:/ / www. cisco. . org/ news/ 2008-12-cisco-suit). UCStrategies. Retrieved 2007-01-25. Cisco. Retrieved 2009-01-04. networkworld. visited 25 Feb 2011 [32] SME Products and services (http:/ / www. [35] ""World According to Jon" video about discontinuation" (http:/ / www. Retrieved 2008-12-04. com/ business/ legacy_local_tech_wire/ news/ video/ 2285408/ #/ vid2285408). cnet. Retrieved 2008-12-01. com/ gov/ 2006/ 02/ cisco_testimony_before_house_i. . html). visited 27 Feb 2011 [33] Cisco Home products (http:/ / home. [38] Cisco website Products and Services on Unified Computing (http:/ / www. techtarget. html).

(2002).Cisco Systems [60] "Lawsuit: Cisco blocks outsider gear maintenance" (http:/ / www.usatoday. Moderne Industrie.com//--ID__13494--/free-co-factsheet. (2001). D.html) • Cisco Systems vs. Retrieved 5 June 2011. (2001). ISBN 0-471-00833-8.com/finance?q=CSCO) at Google Finance Cisco Systems (http://finance. R. Bloomberg. "Cisco resorting to intimidation tactics" (http:/ / www. • Young. (2001). Die Cisco Story (in German).yahoo. D. (2003). • Paulson. channelregister. Making the Cisco Connection: The Story Behind the Real Internet Superpower.com/?sym=CSCO) SEC filings at EDGAR Online Cisco Systems (http://www.cisco.com/q?s=CSCO) at Yahoo! Finance Cisco Systems (http://www.brand. Cisco Unauthorized: Inside the High-Stakes Race to Own the Future. Less ‘Intimidation’" (http:/ / seattletimes. uk/ 2011/ 06/ 03/ cisco_charged_with_duplicity/ ). Retrieved 5 June 2011. The Eye of the Storm: How John Chambers Steered Cisco Through the Technology Collapse. Nothing but Net Business the Cisco Way. Prima Lifestyles.com/ 2007/12/john-morgridge.com/videos/cisco-systems/) (Videos) Business data • • • • • • Cisco Systems (http://finance.google. • Waters. Network World.html)) • Cisco Networking Academy . A. ISBN 0-06-018887-1. ISBN 1-84112-087-1. Juniper Networks (http://www. co. .xhtml) at Hoover's Cisco Systems (http://www. Jim (2 June 2011).com) • VoIP for business Cisco (http://www.com/money/compnies/ 2007-03-18-cisco-advice-usat_N. com/ story/ lawsuit-cisco-blocks-outsider-gear-maintenance/ 2008-12-03). 2008-12-03. html). [62] Duffy. K. HarperCollins. Inside Cisco: The Real Story of Sustained M&A Growth. (2000). nwsource. [61] "Cisco charged with duplicity" (http:/ / www. Further reading • Bunnell. Retrieved 2008-12-03.gov/cgi-bin/browse-edgar?action=getcompany&CIK=858877) SEC filings at the Securities and Exchange Commission . John Morgridge.blogspot. fiercetelecom.cisco. • Slater. com/ community/ blog/ cisco-resorting-intimidation-tactics).hoovers.edgar-online. by Stanford students of iinnovate (http://iinnovate.sec. . com/ html/ businesstechnology/ 2015242310_btcisco06. ISBN 0-471-41425-5. networkworld. E. S. • Bunnell.com/web/mobile/index. ISBN 0-7615-2775-3. Wiley. . Wiley. fiercetelecom. . 2 June 2011. D.am/) • USA Today Q&A with CEO John Chambers (http://www. & Brate. J.networkworld.com/news/2010/ 060710-tech-argument-cisco-juniper.com) ( Mobile (http://www. Wiley.reuters. ISBN 0-471-35711-1.com/finance/stocks/overview?symbol=CSCO) at Reuters Cisco Systems (http://google. (2001). J.htm) -Broken • Interview with former CEO. John Chambers and the Cisco Way: Navigating Through Volatility. Wiley. the contest which was the main reason to build the AKS-team and start generating ideas (http://power-idea.html) • AKS-Innovations team ~ Find out more about Cisco I−Prize. ISBN 3-478-35995-3. • Stauffer.allvoipnews.Armenia (http://netacad. External links • Official website (http://www. 27 [63] "Cisco Rivals Woo Users With Price Cuts.

uses the technology to notify customers about complaints from Copyright holders[2] . This technology is often used in the delivery of advertiser-supported wireless Internet access. California. . Inc.. frontporch. multichannel. The European free-hotspot. sidebar. Applications Massillon Cable TV. . html). Front Porch technology enables an Internet Service Provider (ISP) to insert its own messages to be presented to users as they use their web browsers. or pop-under advertising or service messages while the browser transitions to or between web pages. USA Key people Website Jim Owen.com/) . com/ html/ ff012808.com network uses Front Porch technology[5] to present a terms-of-service and portal page to users with local advertising and content. Founder and Chief Executive Officer. such as customer service notices[2] or online advertising.com [1] Front Porch. ocair. Vice President. Internet Service Providers use products by Front Porch to present its own interstitial. 2010-06-14. com/ NewsRoom/ News/ 2010/ NR-2010-06-14. [3] "JOHN WAYNE AIRPORT INTRODUCES FREE WI-FI SERVICE" (http:/ / www. a provider in Massillon. html). Headquarters Sonora. Type Founded Founder(s) Privately held Company 1998 Zach Britton. com/ columns/ article. . wi-fiplanet. provides services to Internet Service Providers. com/ article/ CA6517230. References [1] http:/ / www. aspx). Inc. California [3] and Denver International Airport[4] . External links • www. Multichannel News. php/ 3587581).com (http://www. frontporch. [4] "Denver International Airport Offers FreeFi Networks' Free Wi-Fi Service to Passengers" (http:/ / www.frontporch. "A Seat on the Front Porch" (http:/ / www. Chief Operating Officer. [5] Stone.frontporch. Wi-Fi Planet. "Fair Warning for Copyright Holders" (http:/ / www. Adam (2006-02-24). pop-up. Ohio. .frontporch. Front Porch also creates the software to manage advertising campaigns or billing messages. Linda (2008-01-07). Founder and Chief Technology Officer. PR Newswire. Raul Vaughn. Derek Maxson. 2008-01-28. FreeFi Networks' provides ad-supported Internet access throughout John Wayne Airport in Orange County.Front Porch 28 Front Porch Front Porch. but is also found in the more traditional "wired" broadband ISPs[2] . Asia and Emerging Markets = Online advertising www. com/ [2] Haugsted.

L Series.eu [1] Labris Teknoloji Informatic Solutions is a Turkish R&D company. Wireless Authentication (WAUTH). VPN/SSL VPN. Lawful Interception. Antivirus.com/newsDetail_getNewsById. Labris is one of the 12 Common Criteria EAL4+ certified gateway brand in the world and the first and only gateway in Turkey. It is headquartered in ODTÜ Technopolis in Ankara.labristeknoloji.gov. Turkey Key people Products Website Founder and CEO: Seçkin Gürler. [1] http:/ / www. Web filtering www. The products which Labris manufactures (LBRUTM Series. It manufactures high-technology business network security appliances and software. Antispyware. LBRLOG Series) have Firewall. Antivirus/Antispam Gateway. Oğuz Yılmaz Unified threat management (UTM). Webfilter.labris. Server Load Balancer.html) .eu/) • Labris in Azerbaijan (http://www. Antispam. Zero Time. labristeknoloji. Logging and Detailed Reporting modules.todayszaman. It is deemed to deserve to be the third most successful private sector project by TÜBİTAK. Firewalls. eu/ References • Corporate Website (http://www. Intrusion Prevention (IPS).action?load=detay& link=168835) 6 March 2009 • Labris Teknoloji (http://www2.tr/katalog2007/data\4313\firmaeng. Intrusion-prevention system.ssm.Labris Teknoloji 29 Labris Teknoloji Labris Teknoloji Informatic Solutions Industry Founded Network security & Internet security 2001 Headquarters Ankara. VPN.

Ori Cohen Monitoring/surveillance systems Boeing www. From the Press Release announcing this:[5] "Crowell is an independent security consultant and holds several board positions with a variety of technology and technology-based security companies.narus. to prevent what they term "revenue leakage".[3] Management and investors According to Narus's own website listing of the Board of Directors [4]. Post-9/11 they have continued down that path while adding more semantic monitoring abilities for surveillance purposes. It was founded in 1997 by Ori Cohen. . Crowell has served on the Defense Advanced Research Projects Agency (DARPA) Task Force on Terrorism and Deterrence. the National Research Council Committee on Science and Technology for Countering Terrorism and the Markle Foundation Task Force on National Security in the Information Age. Mayfield. and whose installation in AT&T's San Francisco Internet backbone gave rise to a 2006 class action lawsuit by the Electronic Frontier Foundation against AT&T. NeoCarta. Narus engaged the former Deputy Director of the National Security Agency. Intel.[2] It is notable for being the creator of NarusInsight." Narus has venture funding from companies including JP Morgan Partners. AT&T. Narus has several business partners who provide various technologies similar to the features of NarusInsight. an early media streaming pioneer. Presidio Venture Partners. Prior to 9/11 Narus worked on building carrier-grade tools to analyze IP network traffic for billing purposes. California. who had been in charge of technology development for VDONet. now owned by Boeing which produces mass surveillance systems.com [1] Narus is a company.Narus (company) 30 Narus (company) Narus Type Industry Founded Subsidiary of Boeing Telecommunication 1997 Headquarters Sunnyvale. William Crowell as a director. NTT Software and Sumisho Electronics. United States Key people Products Parent Website Founder. In 2004. a supercomputer system which is allegedly used by the NSA and other bodies to perform mass surveillance and monitoring of citizens' and corporations' Internet communications in real-time. Dr. Cohen is no longer the Chairman of the Board. Walden International. Several of the partners are funded by In-Q-Tel. Since 9/11. Hepting v.

rendering of web pages. • Certified by Telecommunication Engineering Center (TEC) in India for lawful intercept and monitoring systems for ISPs. • NarusInsight's functionality can be configured to feed a particular activity or IP service such as security. Aggregation and Analysis provide a model of user.000 DSL lines or 195. . web browsers. • Normalization. VoIP). capturing and reconstruction of webmail traffic. lawful intercept or even Skype detection and blocking. But. which web sites they have visited. Yahoo! Mail. application and network behaviors. [7] . offer the ability to quickly analyze information collected by the Directed Analysis or Lawful Intercept modules. which enables it to sift through the vast quantities of information that travel over the Internet.. in real-time.. The exact use of this data is not fully documented." It can also perform semantic analysis of the same traffic as it is happening. complex IP networks (such as the Internet) • High-speed Packet processing performance.g. instant messaging applications. According to a company press release. as the public is not authorized to see what types of activities and ideas are being monitored. the 10 Gbit/s capacity of one NarusInsight installation enables it to monitor the combined traffic of several million broadband users.000 telephone modems. compiling lists of people who visit a certain type of web site or use certain words or phrases in their emails). in other words analyze the content.g.Narus (company) 31 NarusInsight System specification and capabilities Some features of NarusInsight include:[6] • Scalability to support surveillance of large. and Gawab Mail (English and Arabic [8] versions).g. A single NarusInsight machine can monitor traffic equal to the maximum capacity (10 Gbit/s) of around 39. element. structure and significance of traffic in real time. Correlation. including Google Gmail. such as Pen-Link. and see how users' activities are connected to each other (e. protocol. since individual internet connections are not continually filled to capacity. MSN Hotmail. • Compliance with CALEA and ETSI. the latest version of NarusInsight Intercept Suite (NIS) is "the industry's only network traffic intelligence system that supports real-time precision targeting. email) and what they are doing with those applications (e. meaning. Narus partner products. The intercepted data flows into NarusInsight Intercept Suite forensic analysis purposes. what they have written in their emails/IM conversations).e. • High reliability from data collection to data processing and analysis. examination of e-mail and the ability to analyze the payload/attachments of e-mail or file transfer protocols. This data is stored and analyzed for surveillance and Other capabilities include playback of streaming media (i. monitor which applications they are using (e. That is it can track individual users. in practical terms.

wired. Narus. which was founded in Israel and has large Israel connections. php/ solutions/ intercept [8] "Narus Expands Traffic Intelligence Solution to Webmail Targeting" (http:/ / www. . 2007). narus. com/ products/ index. html) [6] Key Features list of NarusInsight (http:/ / narus. eff. Corporation's Role in Egypt's Brutal Crackdown" (http:/ / axisoflogic.Narus (company) 32 Mass surveillance Narus provides technology to governments such as the United States and Egypt to facilitate the mass surveillance of their citizens.[9] References [1] http:/ / www. and equipment lists and installation dates. Retrieved 2011-01-30. html) [7] http:/ / www.com/27BStroke6/att_klein_wired. reuters. Huffington Post.70914-0. org/ cases/ att) [4] http:/ / narus. 2007-12-10.org/wgbh/pages/frontline/homefront/ view/)` TV documentary originally aired on PBS 15 May 2007 with a section entitled "The NSA's Eavesdropping at AT&T" with the story of Mark Klein exposing NSA wiretapping with a secure room and Narus STA 6400 at an AT&T facility in San Francisco. com/ index.pbs.wired. Retrieved 2008-02-13. archive. org/ web/ 20050206184639/ narus. "This company. including pictures.com/) • Wired News article (http://www. shtml).pdf) at the Wayback Machine (archived December 1.wired. ironically also founded in Israel and largely controlled by and developed by people in Israel called Verint.archive.com/storyonly/2006/4/ 8/14724/28476) . . com/ index. External links • Official website (http://www. com/ [2] "James Bamford: "The Shadow Factory: The Ultra-Secret NSA from 9/11 to the Eavesdropping on America"" (http:/ / www." [3] EFF vs AT&T (http:/ / www. com/ press/ 2004/ 0929. org/ 2008/ 10/ 14/ james_bamford_the_shadow_factory_the).html) • Wired News article (http://www.narus.org/20071201184647/http://blog.com: Source story for implications of the company's product (http://dailykos.com/news/technology/0. php/ about/ board [5] Narus Appoints Former Deputy Director of the National Security Agency To Its Board of Directors (http:/ / web. CA] • DailyKos.S. And Verizon chose another company. com/ artman/ publish/ Article_62125. democracynow. . does the—basically the tapping of the communications on AT&T.com/news/technology/0.70908-0. wiring diagrams. Retrieved 2008-10-30. Reuters. [9] "One U. 2011-01-29. • Frontline Flash Video "Spying on the Home Front" (http://www. narus. com/ article/ pressRelease/ idUS140435+ 10-Dec-2007+ BW20071210?sp=true).html) (AT&T whistleblower Mark Klein discusses Narus STA 6400) • Documents. from Mark Klein (http://web.

that information may be subject to access requests by governments. Because ISPs route all of their customers' traffic. but when they contacted WOW's support department. unexpected cookies for sites such as nebuad. Adzilla and Project Rialto also appear to be developing similar systems.[5] its agreements with providers covering 10 percent of the broadband users in America[6] . courts or law enforcement. with offices in New York and London and was funded by the investment companies Sierra Ventures and Menlo Ventures[3] . Due to fallout following public and Congressional concern. . NebuAd had signed up more than 30 customers. USA Key people Website [1] Robert Dykes.[10] Users can "opt-out" of NebuAd’s information collection and targeted ads[11] . By analyzing this traffic. www."[11] It also advises. seeking deals with ISPs to enable them to [4] analyse customer's websurfing habits in order to provide them with more relevant. NebuAd UK Ltd was dissolved in February 2010[8] . Each device can monitor up to 50." At least two customers of a Middle America ISP known as WOW! noticed that when they used Google.[15] One customer spent hours trying to disinfect his machine as he wrongly believed that it had been infected with spyware after noticing problems with Google loading slowly and the creation of these non-Google cookies. Phorm is a similar company operating out of Europe.com were being read and written. and relationships with advertising networks willing to present NebuAd's targeted advertising[9] . As a result. Inc Former type Industry Founded Defunct Privately held Company Online advertising 2006 2009 Headquarters California. NebuAd says it gains more information about customers' particular interests than less intrusive methods can provide[14] .com [2] NebuAd was an American online advertising company based in Redwood City. founder. Chairman.NebuAd. WOW initially denied that it was responsible for this activity. micro-targeted advertising. NebuAd closed for business in the UK in August 2008. or sexuality which are tied to personally identifiable information ('sensitive personal information').NebuAd 33 NebuAd NebuAd. an off-site server complex to analyze and categorize the contents of users' Internet communications. "The information we collect is stored and processed on NebuAd's servers in the United States.adjuggler. followed by the US in May 2009 [7] . NebuAd's privacy policy says that they will "specifically not store or use any information relating to confidential medical information. . NebuAd's largest ISP customers have all pulled out. California. but there is no way for users to prevent ISPs from sending the data to NebuAd in the first place[12] [13] . racial or ethnic origins. mostly Internet access providers. At one point.000 users. eventually resorted to reinstalling his . Overview of the service NebuAd's solution has three main parts: Hardware hosted within the ISP that is capable of inserting content into pages. it is a perfect vantage point from which to monitor all the traffic to and from a consumer using Deep packet inspection (DPI). It was one of several companies developing behavioral targeting advertising systems. The System works by installing a hardware device inside an ISP network. Kira Makagon Chief Executive Officer and co-founder. religious beliefs.

NebuAd provided an additional income stream to network operators.50 per month for each [16] user. a weak opt-out method[13] . its conflicts with United States wiretap laws[13] [16] . [18] Nebuad does not have access to user browser info and connection speed to categorise its user's interests. time spent on specific sites. WOW! (formerly Wide Open West) started rolling out Nebuad in February 2008. the roll out was completed in the first week of March 2008. identification information from the ISP. In response to an inquiry from members of the United States House of Representatives Telecommunications Subcommittee about its pilot test of NebuAd's services. which may maintain or lower consumers' Internet access bills. only to discover the problem had not gone away. According to Nebuad's sales. sometime after the third week of March 2008[15] .[15] On July 9. WOW updated its terms and conditions to include a mention of Nebuad. Better targeted advertising also leads to a more relevant and personalized online experience. Owners of previously thought ad-unfriendly websites are offered a chance to make money not on the subject matter of their website but on the interests of their visitors. Tennessee reports that she also was not notified that she was being monitored. less than 1% of users opt-out. One ISP expects to earn at least $2. ISPs were paid for allowing NebuAd access to their network on a per-user per-active profile basis. NebuAd CEO claims "We have 800 [consumer interest segments] today and we're expanding that to multiple thousands".NebuAd machine from scratch. Firstly. 2008 WOW! suspended the use of Nebuad services to its subscribers. Bob Dykes. email traffic may tie an email address to an ip address). not for sale. Consumer Notification A large American cable operator. Charter changed its mind in June. page and ad clicks.[23] and in some cases informed customers that the terms had been updated. Nebuad buy impressions from ad networks including Valueclick. hence reducing the "scattergun approach" (publish as many ads as possible in the hope of catching a client) and users are offered more relevant adverts: Just because one visits the financial pages of a newspaper does not mean all they are interested in is financial product and books on investing.[26] In May 2008.[20] Privacy advocates criticize the lack of disclosure[21] that some ISPs provided prior to using NebuAd.[17] NebuAd argues that behavioral targeting enriches the Internet on several fronts. Advertisers are offered better targeted adverts.[24] Embarq said that it notified consumers by revising its privacy policy two weeks prior to sending its users' data streams to NebuAd. website owners are offered an improved click-through rate (CTR). but may be able to discover this through traffic monitoring (for example. which could increase profits or reduce the amount of page-space dedicated to advertising. zip code. Critics believe that the raw content of their internet communications are entrusted to the ISP for handling without being inspected or modified. Customers were not explicitly notified about NebuAd until later. and the company's refusal to name its partner ISPs. page views. Charter Communications announced that it planned to monitor websites visited by its customers via a partnership with NebuAd.[27] [28] But after customers voiced their concerns. the lack of oversight over what any third-party company does with the contents of Internet communications[22] .[25] A Knology user in Knoxville.[19] 34 Controversies Generally. Nebuad uses data such as Web search terms.[29] .

describing its hiring of Claria employees as a result of that company shedding employees in a tight market for experienced advertising sales staff in the Valley. Both Claria and NebuAd are located in Redwood City. or if they will only be able to opt-out of receiving targeted ads.[33] The "Fair Eagle" advertisement hardware.[31] All of the inbound and outbound information is intercepted and sent to NebuAd's offsite server to be processed. a ranking member of the House Committee on Energy and Commerce. chairman of the House Subcommittee on Telecommunications and the Internet.[32] Superimposing or Adding Advertising to Web Pages Critics are concerned that NebuAd superimposes its own advertising over the ads of other advertisers.com coincides with timing of Claria's decision to shutdown[37] the Gator service.com.[16] Opt-Out vs. In 2007 it was reported that Redmoon. California[35] . 2007. provided by NebuAd. and have written to Charter requesting they suspend the test "We respectfully request that you do not move forward on Charter Communications' proposed venture with NebuAd until we have an opportunity to discuss with you issues raised by this proposed venture". inserted additional advertising alongside the content of web pages. NebuAd has repeatedly denied any corporate connection to Claria. Ed Markey. Even if a user has opted out of the service. the Gator Corporation). have argued that such services must be opt-in only to comply with the provisions laid down by Section 631 of the US Communications Act. or places additional advertising to page. Use of Packet Forgery and Browser Exploits A report by Robert M. a Texas based ISP was using a NebuAd technology to inject Redmoon's own advertising into pages visited by its users. patent application data that mention such inventions. which will be added to the end of the web page when it is rendered by the end-user's browser. The substance to these concerns can likely be traced to the company's "Fair Eagle" operation. shows that NebuAd's devices create cookies on end-users machines by injecting a specious packet into the end of the data stream returned in response to some web page requests submitted to major search engines Google and Yahoo. Opt-In Members of US Congress. The content of this specious packet. contains HTML Script tags which cause the browser to request Javascript from http://a. it does not prevent the ISP from sending the data to NebuAd.[13] An engineer who has examined the system confirms there is no way to Opt-Out of the monitoring. Topolski.[13] The same writer has asked if it would breach anti-wiretapping laws. and Joe Barton.[34] Relationship with Claria Corporation Some senior staff members of NebuAd used to work at ad company Claria Corporation (formerly. famous for ad software known as Gator[35] . and one employee was planning to re-route his traffic to avoid NebuAd's Deep Packet Inspection hardware. The ads featured a window with the "Fair Eagle" title bar.NebuAd 35 Friction between ISP Staff and Management Plans to implement NebuAd had not gone down well with some ISP's employees.[35] . The injected ads stopped appearing toward the end of June. The June 2006 creation[36] of nebuad. and a loose relationship to Claria Corporation whose products and history suggest such tactics.[30] A writer for Wired News has questioned whether Charter users can really opt-out of being monitored. These are not correct.faireagle. chief technology consultant of the Free Press and Public Knowledge.

Montana appeared to have tried NebuAd between March and May 2008[57] . in March 2008. Indiana). notified customers in late May 2008 that it was deploying the hardware[53] . [48] 20/20 Communications (2020comm. and CenturyTel that they would no longer use NebuAd on their networks. • Web cache evidence indicated that Blackfoot Telecommunications Group. Blackfoot's Mary Worden later explained. • CenturyTel. only to pull out of the deal alongside of Charter a month later[54] .net) All ISPs have ended or suspended their relationship with NebuAd. one of the earliest known ISPs to test NebuAd[5] . In a response to customer inquiries. of Missoula. Canada. "Nexicom was investigating using the NebuAd service. [44] Decaturnet Internet Services . serving Central Ontario and the Kawarthas. "With Congress in active review of online behavioral advertising. References to NebuAd in Nexicom's Privacy Policy has been removed. [47] RTC on Line (Rochester Telephone Company.[56] . 2008[58] . Following a question to users on a public forum. Bresnan told a blogger that their NebuAd trial had ended and they would comply with whatever regulatory model emerges from the current debate.Net) . [46] High Speed Networks -E50 (HSNe50) . • Bresnan Communications used the NebuAd technology[55] . Following the announcements by Charter. Embarq. [17] Metro Provider . WOW! indicated. (EONI) . • An Embarq[49] spokesperson told the Associated Press that it ended its trial with NebuAd. WOW! . • Charter Communications suspended its plans[49] to test NebuAd following scrutiny from lawmakers and privacy groups[50] ."[57] • Nexicom.Net . Inc. Reed Freeman Kelley Drye & Warren LLC NebuAd's ISP Partners ISPs which trialled or deployed or prepared to deploy Nebuad included: • • • • • [42] [43] Broadstripe (formerly and formally Millennium Digital Media). [45] Eastern Oregon Net. and has not decided whether to move forward[51] with Behavioral Targeting advertising "either through NebuAd or with any other vendor"[52] . with employees only and not with its customers. [44] Progressive Internet Services (Jayco. • • • • [44] OnlyInternet. but had similar concerns to those raised by consumer groups and elected not to launch the service. Nexicom's Paul Stewart replied. "Blackfoot tested NebuAd on its internal corporate network.NebuAd 36 Current and Former Officers and Employees in Common to NebuAd and Claria Name Scott Tavenner Chuck Gilbert Mike Miller Amy Auranicky Jeanne Houwelingis Deepak Nair [38] [39] [40] of Relationship to NebuAd Vice President of Business Development Senior Product Manager Vice President of Ad Sales Director of Advertising Sales Vice President of Advertising Services Business Intelligence Marketing Consultant Attorney for NebuAd before the Federal Trade Commission Relationship to Claria Vice President of Business Development Senior Product Manager Director of Sales Integration Manager Senior Director of Business Development Database Developer & Data Architect Associate Marketing Manager Chief Privacy Officer and Regulatory Affairs [41] Counsel Melissa Horwath D. notified users via its Privacy Policy page that it was using NebuAd as of April 23. The software was never implemented at any time as there were concerns on several levels regarding privacy issues."[59] • WOW![15] [49] (formerly Wide Open West) completed suspension of NebuAd services on July 9. Inc.

Retrieved 2008-05-21. html). . The Wall Street Journal. wired. . but Innocuous’ Web Browsing" (http:/ / bits. uk/ 2008/ 04/ 10/ american_isps_embrace_behavioral_ad_targeting/ ). [18] "Charter Cable to Spy on its Broadband Users to Serve Targeted Ads via NebuAd" (http:/ / www. gov. juniperamspmarketing. [15] "Data pimping catches ISP on the hop" (http:/ / www. nytimes. . blogs. . [11] "NebuAd / Privacy" (http:/ / www. dslreports.com.tv. com/ NebuAD. com/ NebuAD. The Register."[60] • Knology[42] [61] reported to the United States House Committee on Energy and Commerce that it discontinued a trial of NebuAd in all markets as of July 14. . "Watching What You See on the Web" (http:/ / online. 2008. "Congressmen Ask Charter to Freeze Web Profiling Plan" (http:/ / blog. We believe that all parties are best served by a thoughtful and thorough review of this emerging advertising model. Ex-employees moved to work within a variety of other online advertising and technology companies. com/ 27bstroke6/ 2008/ 05/ congressmen-ask. php). MediaPost. Bobby (2007-12-06). 2008-04-22. co. . Cable One had decided against using the technology "commercially" on its systems[64] but in September said it was waiting for "clear rules and boundaries". . washingtonpost. Retrieved 2008-04-23. and we welcome the opportunity for that discussion to take place. Karl (2008-05-28). Retrieved 2008-05-14. [14] "Robert Dykes (CEO) presenting NebuAd at OnMediaNYC-01/28/2008" (http:/ / vator. [5] White.. dslreports. "Infighting At ISPs Over Using NebuAD" (http:/ / www. Crescendo Networks and TeleNav. clickz. Digital Destiny. archive. uk/ 2008/ 04/ 22/ wide_open_west_users_with_nebuad/ ). The Register. org/ headlines/ 1126). Retrieved 2008-04-18. html?page=3628009). uk/ c3aac31df2e47117900ab23b5d4530e6/ companysearch?disp=1& frfsh=1281110903#result)"UK Companies House website [9] "Juniper Networks partners with NebuAd to enable ISPs to participate in online advertising revenues on the web" (http:/ / web. com/ company/ management. [10] Hansell. Ryan (2008-05-16). theregister. com/ wp-dyn/ content/ article/ 2008/ 04/ 03/ AR2008040304052. The Register. . Plaxo. including VeriFone. com/ [3] "Management & Investors" (http:/ / www.Cable. juniperamspmarketing. Peter (2008-04-04). The New York Times. html?mod=todays_us_nonsub_marketplace). 2008-03-11. com/ showPage. vator. co. Broadband Reports. tv/ pitch/ show/ transforming-online-ad-industry?play=false). htm) on 2008-07-13. 2008-06-12. theregister. com/ showPage. Cable One conducted NebuAd tests on 14. Retrieved 2008-06-28. Threat Level from Wired. "Every Click You Make" (http:/ / www. Retrieved 2008-05-17. .Phone is suspending its deployment of NebuAd services to our subscribers at this time. com/ publications/ ?fa=Articles. com/ shownews/ Infighting-At-ISPs-Over-Using-NebuAD-94835). php). PubMatic. [12] Singel. showArticle& art_aid=106277). [21] "Wide Open West Using NebuAD Users don't get much of a heads up.NebuAd Internet. clickz. 2008-04-10. [20] "CDT Urges Stronger Guidelines for Behavioral Advertising" (http:/ / www.000 customers in Alabama for six months beginning in November 2007.com. [19] "ISPs Collect User Data for Behavioral Ad Targeting" (http:/ / www. Retrieved 2008-04-18. Wired. wired. . wsj. com/ 2008/ 04/ 07/ nebuad-observes-useful-but-innocuous-web-browsing/ ). Red Aril. . Retrieved 2008-06-28. Ryan (2008-05-16). [4] "American ISPs already sharing data with outside ad firms" (http:/ / www. "NebuAd Observes ‘Useful. html). . companieshouse.[63] As of August 2008. com/ article/ SB119690164549315192. theregister. [16] Bode. . . References [1] "NebuAd CEO quits" (http:/ / www. Retrieved 2008-05-14. htm). [7] "Case Closed: NebuAd Shuts Down" (http:/ / www. clickz. "Can Charter Broadband Customers Really Opt-Out of Spying? Maybe Not" (http:/ / blog. 2008-01-03. org/ web/ 20080713030851/ http:/ / www. 2008-09-03. mediapost. [8] " (http:/ / wck2.. uk/ 2008/ 09/ 03/ bob_dykes_nebuad_quits/ ). Retrieved 2008-06-19. Zscaler. com/ 27bstroke6/ 2008/ 05/ theres-no-optin. . AdChemy. ." (http:/ / www. 2008-02-18. html?page=3628004). [13] Single. Archived from the original (http:/ / www. washingtonpost. 2009-06-18. Retrieved 2008-04-26.[65] 37 The End of NebuAd NebuAd was closed down in the UK in August 2008 and in the US in May 2009[7] . com/ shownews/ Wide-Open-West-Using-NebuAD-92520). Saul (2008-04-07). 2008-05-14. 2008-01-03. org/ jcblog/ ?p=586). cdt. [17] "Questions for Bob Dykes. Retrieved 2008-09-04. Retrieved 2008-07-03. [2] http:/ / www. co. ClickZ. . . NebuAd CEO" (http:/ / www. nebuad. democraticmedia. html). nebuad. . . [6] Whoriskey. com/ privacy/ servicesPrivacy. Retrieved 2008-05-14. Retrieved 2008-05-14. nebuad.[62] • Unbenownst to its users. juniperamspmarketing.

Retrieved 2008-06-20. ars/ post/ 20080715-congress-goes-after-nebuad-again. MarketingVOX: The Voice of Online Marketing. TechWeb Technology News. [44] "OnlyInternet. com [37] Keizer. .. marketingvox.. On The Commission Staff's Proposed Self-Regulatory Principles For Online Behavioral Advertising" (http:/ / www. [31] Anderson. gov/ os/ comments/ behavioraladprinciples/ 080411nebuad. [47] "RTC on Line aka Rochester Telephone Company sells to NebuAd" (http:/ / www. nytimes. they won't ever have one. And unless they alter the architecture of their system drastically. "Congress goes after NebuAd. 2008-06-26. Retrieved 2008-06-24. com/ news. Retrieved 2008-06-25. BroadbandReports. Wrong Targets" (http:/ / www.Net uses NebuAd for Behavioral Targeting" (http:/ / www. BroadbandReports. . publicknowledge. benanderson. org/ node/ 1664).. Robb (2008-07-21). [24] Anderson. Archived from the original (http:/ / www. broadstripe. [26] Topolski. aspx?ConIdent=28& RCView=False& TermID=11#TPA). Retrieved 2008-06-29. . "When we asked them about an opt-out method for our customers. com/ wire/ security/ 183701933)." [32] Topolski. co. Their system is a bridge. Inc. . com/ nebuad. com/ in/ deepaknair73). html). techweb. com/ in/ melissahorwath). theregister. . The New York Times. "Charter Won’t Track Customers’ Web Use" (http:/ / www. Retrieved 2008-04-30. 2007-06-22. Retrieved 2008-06-26. domaintools.. html?ref=technology). Retrieved 2008-06-20. Jr. Saul (2008-05-14). Retrieved 2008-06-19. html). 2007-06-23.NebuAd [22] "ISP Data Collection — Congress Investigation Urged (NebuAd-CDT Press Release)" (http:/ / www. com/ embarq-pleads-the-fifth-on-disclosing-nebuad-test-to-customers-040002/ ). theinquirer. "Claria will exit out of the adware business by the end of the second quarter of 2006. . . . Public Knowledge Policy Blog. com/ forum/ r20704276-OnlyInternetNet-uses-NebuAd-for-Behavioral-Targeting). . blogs. 2008-06-26. . claria. com/ 2007/ 06/ 23/ real-evil-isp-inserted-advertising/ ). .com.000 word privacy policy?" (http:/ / arstechnica. . As the engineer explains. 2008-05-14. com/ terms/ privacypolicy. Joins growing list of NebuAD customers" (http:/ / www. [46] "And Even One More ISP to add to NebuAds Harem" (http:/ / www. BroadbandReports. broadstripe. Robert (2008-06-18). . .opted out or not. Retrieved 2008-07-23. [35] "NebuAd looks to 'spyware' firm for recruits" (http:/ / www. com/ wow/ wow. [33] "Real Evil: ISP Inserted Advertising" (http:/ / www. ftc. [34] "benanderson. "Ready — Fire — Aim: NebuAd and Charter Shellacked -. Nate (2008-07-23). As Chief Privacy Officer And Vice President Of Regulatory And Legislative Affairs" (http:/ / www. BroadbandReports. they didn't have one. [41] "Claria Names D. com/ forum/ r20703445-And-Even-One-More-ISP-to-add-to-NebuAds-Harem). ars/ post/ 20080723-embarq-dont-all-users-read-our-5000-word-privacy-policy. Nate (2008-07-15). "Claria Abandons Adware" (http:/ / www. linkedin. 2008-06-20.com.com. [25] "Customers Shoulda Read the Privacy Policy. co. Retrieved 2008-06-24. "Embarq: Don't all users read our 5. com/ forum/ r20703209-One-More-ISP-to-add-to-the-list-of-ISPs). Techcrunch. ars technica. [40] "Comments Of Nebuad. Retrieved 2008-06-26. How would you build a device like this without profiling your users in the first place to determine who had opted out? It's not like there is an opt-out bit you can flip in the header of an Ethernet frame. Retrieved 2008-06-26. [30] Metz. Reed Freeman. com/ shownews/ Broadstripe-Now-Selling-User-Browsing-History-94378). The Register. com/ 2008/ 05/ 14/ charter-will-monitor-customers-web-surfing-to-target-ads/ index." [38] "LinkedIn Profile of Deepak Nair" (http:/ / www. Forgery and Browser Hijacking" (http:/ / www. "He points out that the system is essentially a massive bridge running Fedora. BroadbandReports. [28] http:/ / www. . via The New York Times Company. Retrieved 2008-05-14. php?id=D20070622). html). htm). . [23] "WOW Terms and Conditions" (http:/ / www1. [36] http:/ / whois. freepress. net/ blog/ weblog.net-Fair Eagle taking over the world? ISPs being compromised or just cheap?" (http:/ / www. "NebuAd and Partner ISPs: Wiretapping. Cade (2008-05-16). . wowway. htm) on 2008-02-24. 2004-04-20. "US Congress questions legality of Phorm and the Phormettes" (http:/ / www. everyone's data is still pumped into a third-party box. . Gregg. net/ files/ NebuAd_Report. dslreports. Retrieved 2010-05-20. theregister. nytimes. [39] "LinkedIn Profile of Melissa Horwath" (http:/ / www. . [45] "One More ISP to add to the list of ISPs" (http:/ / www. dslreports. com/ forum/ r20705904-RTC-on-Line-aka-Rochester-Telephone-Company-sells-to-NebuAd). . Says Embarq" (http:/ / www. archive.com. 2008-06-06. 2008-06-26. com/ news. "Charter Will Monitor Customers' Web Surfing to Target Ads" (http:/ / bits. ars technica. and that NebuAd advises ISPs to install it inline in their networks in such a way that all web traffic passes through it. 2008). [43] "Broadstripe High Speed Internet Online Privacy Policy" (http:/ / web. 38 . Retrieved 2008-04-26. com/ terms/ privacypolicy. uk/ 2008/ 06/ 20/ nebuad_claria/ ).Right Idea. . linkedin. com/ forum/ r20600537-ISP-Data-Collection-Congress-Investigation-Urged-NebuAd). . pdf) (PDF). com/ press-release-article. dslreports. [42] "Broadstripe Now Selling User Browsing History. [27] Hansell. .. so you would need some sort of magical layer-two switching device upstream that switched frames from users that have opted out around the NebuAd appliance.com. . Retrieved 2008-06-26. dslreports. Retrieved 2008-05-17. dslreports. net/ gb/ inquirer/ news/ 2008/ 05/ 14/ charter-track-users-replace [29] The Associated Press (June 25. pdf) (PDF). uk/ 2008/ 05/ 16/ congress_questions_nebuad/ ). Retrieved 2008-06-19. The Register." So while the data actually created and stored by NebuAd or Embarq may end up being totally anonymous and innocuous. Retrieved 2008-07-02. again" (http:/ / arstechnica. techcrunch. 2008-06-26. Free Press. com/ 2008/ 06/ 25/ technology/ 25charter. dslreports. org/ web/ 20080224042248/ http:/ / www. html?pr=pr040420).

com/ wires/ ap/ scitech/ 2008/ 06/ 25/ D91HAQHO1_tec_web_tracking/ index. nexicom. . [50] Bode. U.NebuAd [48] "20/20 Communications and NebuAd" (http:/ / www. .. [52] Svensson. Rodger. "6 Internet providers disclose Web tracking for ads" (http:/ / ap.com. Committee on Energy and Commerce — US House of Representatives. [61] "Knology Customer Service Agreement" (http:/ / support. Retrieved 2008-09-01. we will partner with a third party to deliver or facilitate delivery of advertisements to our users while they are surfing on the web. Retrieved 2008-06-27.com Forums — US Cable Support — W. nebuad. Retrieved 2008-06-25. 2008). email address. Retrieved 2008-06-18. . seoserpent. Peter (2008-06-25). 2008-09-26.com. [51] "ISP Behavioral Targeting Versus You" (http:/ / www. dslreports. "WOW! Suspension of Nebuad Services" (http:/ / www. gov/ Press_110/ Responses to 080108 TI Letter/ 110-ltr.. Saul (2008-05-14). (2008-08-08). email address. [63] Jesdanun. DSLReports. dslreports. BroadbandReports.com. net/ privacy.O. php page)" [59] "Nexicom is using Nebuad" (http:/ / www. Missoula MT Nebuad" (http:/ / www. (links to http:/ / www. . Retrieved 2008-06-26. pdf) (PDF). House of Representatives. dslreports. go to: http:/ / nebuad. 2008-05-28. Retrieved 2008-06-30. blogs. telephone number. BroadbandReports. [55] "Bresnan actively intercepting ALL packets" (http:/ / www.com. Retrieved 2008-05-14. BroadbandReports. "RE: Internet Advertising Inquiry" (http:/ / energycommerce. . blogspot. The New York Times. except these advertisements will be less relevant and less useful to you. Retrieved 2008-09-01. google. . 2008-07-03. "Beginning April 23rd. Salon.W. dslreports. gov/ Press_110/ Responses to 080108 TI Letter/ 110-ltr. dslreports. php" [62] Johnson. 080108responseCABLE001. com/ forum/ r20704629-2020-Communications-and-NebuAd). John Linko (Blog). com/ forum/ r20554465-Centurytel-and-NebuAd).com. Associated Press via Google. house. Inc. Philip P.com. dslreports. pdf) (PDF). [60] prack (2008-07-03).com. com/ article/ ALeqM5i0jj6e-BuV4qnseoMIL1fJFB7uhAD92TEAE80). . Canadian Broadband Forum on BroadbandReports. If You would like to opt out. [65] Jesdanun. [64] Ji. Retrieved 2008-06-25. Knology will partner with a third party to deliver or facilitate delivery of advertisements to our users while they are surfing the web. com/ forum/ r20706000-Blackfoot-Telecommunications-Group-Inc-Missoula-MT-Nebuad). This anonymous information will not include those users' name. Inc. . from Responses to August 1. com/ article/ ALeqM5hojy5UugX8vlpZa1urv5KYVDHDjAD92TSRNG0).. Third Party Advertisers. These advertisements will be based on those users' anonymous surfing behavior while they are online. Retrieved 2008-08-11. 2008). [49] Hansell. Retrieved 2008-06-27. Retrieved 2008-07-21. Knology. Retrieved 2008-07-01. or any other personally identifiable information. . com/ privacy/ optout. html?ref=business). . pdf) (PDF via Google HTML). knology. . or any other personally identifiable information. [57] "Blackfoot Telecommunications Group. 2008-06-26." (http:/ / www. Retrieved 2008-07-02. . "9. 080108responseKnology. com/ forum/ r20736487-WOW-Suspension-of-Nebuad-Services). Retrieved 2008-09-01. 2008 Letters to Network Operators Regarding Data Collection Practices" (http:/ / energycommerce. except these advertisements will be less relevant and less useful to you. "ISPs still considering tracking Web use" (http:/ / www. nytimes. Associated Press via Google. "Letter. [53] "CenturyTel and NebuAd" (http:/ / www. com/ 2008-09/ isp-behavioral-targeting/ ). Committee on Energy and Commerce. "Ad targeting based on ISP tracking now in doubt" (http:/ / ap. house. .S. [58] "Nexicom Privacy Policy" (http:/ / www. [54] "CenturyTel Drops NebuAd" (http:/ / www. BroadbandReports. BroadbandReports. com/ privacy/ optout. click here. 2008-06-26. telephone number. Anick (August 31. Anick (September 1. com/ forum/ r20711216-Centurytel-drops-NebuAd). "Charter User Monitoring Plans Suspended . . 39 . 2008-07-01.. . com/ forum/ r20258823-Bresnan-actively-intercepting-ALL-packets). Karl (2008-06-24). By opting out. By opting out you will continue to receive advertisements as normal. dslreports. salon. . These advertisements will be based on those users' anonymous surfing behavior while they are online. If you would like to opt out. html).. com/ 2008/ 05/ 14/ charter-will-monitor-customers-web-surfing-to-target-ads/ index. You will continue to receive advertisements as normal. CEO and Chairman of the Board. . net/ content/ custService_agree_121207. . html). com/ shownews/ Charter-User-Monitoring-Plans-Suspended-95551). 2008-06-27. dslreports. google. com/ 2008/ 07/ bresnan-internet-privacy-update. "Charter Will Monitor Customers’ Web Surfing to Target Ads" (http:/ / bits. [56] "Bresnan — Internet Privacy Update" (http:/ / johnlinko. php). com/ forum/ r20737958-Nexicom-is-using-NebuAd).'Enhanced user experience' apparently not so enhanced. This anonymous information will not include those users' name.

NI technology goes beyond traditional DPI. lawful interception and cyber security.. and the information viewed.. NI extends network controls. policy management. since it not only recognizes protocols but also extracts a wide range of valuable metadata. instant messaging. charging and billing (including usage-based and content billing). when. NI creates a powerful nexus of subscriber and network data. or who accesses what database. Packet Capture and Business Intelligence (BI). . NI provides the means to quickly identify. When combined with traditional BI tools that examine service quality and customer care. It enables vendors to create an information layer with metadata from IP traffic to feed multiple applications for more detailed and expansive visibility into network-based activity. NI technology correlates network traffic data from a variety of data communication vehicles for network visibility. where and how.[4] [5] as well as opportunities for hackers and criminals to exploit weaknesses and perpetrate cyber crime[6] . governments and large enterprises.[8] [9] Traditional DPI tools from established vendors like Sandvine and Allot have historically addressed specific network infrastructure applications such as bandwidth management. applications. examine and correlate interactions involving Internet users.Sometimes referred to as Network Acceleration. NI provides more granular analysis. service assurance. NI is used as a middleware to capture and feed information to network operator applications for bandwidth management. Network optimization and security solutions therefore need to address the exponential increases in IP traffic. types of activity and volume of content generated. when.0 and wireless 3G and 4G technologies. people are no longer linked exclusively to physical subscriber lines. DPI focuses on recognizing different types of IP traffic as part of a CSP’s infrastructure. The technology enables a global understanding of network traffic for applications that need to correlate information such as who contacts whom. Webmail. For example. The same person can communicate in multiple ways – FTP. With ongoing changes in communications networks and how information can be exchanged. online chat. enabling better cyber security and IP services.[1] [2] [3] [4] Background [7] The evolution and growth of Internet and wireless technologies offer possibilities for new types of products and services. in real time. Heavy Reading Deep Packet Inspection Semi-Annual Market Tracker. security functions and data mining for new products and services needed since the emergence of Web 2. performance optimization and Quality of Service (QoS). laptops and mobile devices. market research mega panel analytics. It examines. methods of access.. blogs. IP data packets that cross communications networks by identifying the protocols used and extracting packet content and metadata for rapid analysis of data relationships and communications patterns.Network intelligence 40 Network intelligence Network Intelligence (NI) is a technology that builds on the concepts and capabilities of Deep Packet Inspection (DPI). business capabilities. It is currently being incorporated into a wide range of applications by vendors who provide technology solutions to Communications Service Providers (CSPs). traffic shaping. NI’s value-add to solutions traditionally based on DPI has attracted the attention of industry [10] now includes NI companies on its analysts who specialize in DPI market research. VoIP. and protocols whether or not the protocols are tunneled or follow the OSI model.[4] Business Intelligence for data networks In much the same way that BI technology synthesizes business application data from a variety of sources for business visibility and better decision-making. social networks – and from different access points via desktops. revenue assurance.

The cost savings and revenue opportunities driving smart pipe strategies also apply to Network Equipment Providers. applicable for Bandwidth & Resource Optimization. NI mitigates the risks by providing Infrastructure as a Service (IaaS). VoIP Fraud Monitoring and Regulatory Compliance. Use in cloud computing The economics and deployment speed of cloud computing is fueling rapid adoption by companies and government agencies. Quality of Service (QoS). Content-Based Billing. generates metadata for communication sessions. NI classifies protocols and applications from layers 2 through 7. and critical transparency to allay fears of potential customers.[11] [12] [13] Among concerns. and Personalized Services. Internet Service Providers (ISPs) and Mobile Network Operators (MNOs) are under increasing competitive pressures to move to smart pipe business models. Because NI captures detailed information from the hundreds of IP applications that cross mobile networks. NI enables faster and more sophisticated Audience Measurement. are risks of information security. Quality of Experience (QoE). however. as well as manage usage once deployed. A vendor can demonstrate hardened network security to prevent Data Leakage or Data Theft and an irrefutable audit trail of all network transaction – communication and content – related to a customer’s account. . and correlates activity between all layers. Real-time network metrics are equally important for companies to deliver and manage services. Software Vendors and Systems Integrators that serve the industry. Platform as a Service (PaaS) and Software as a Service (SaaS) vendors with real-time situational awareness of network activity. Customer Segmentation. Requirement Purpose • • • • Network Metrics • • services events Identify / deliver / manage services • • • • • Example Applications Audience measurement User behavior analysis Customer segmentation Personalized services Bandwidth / resources optimization Content / application-aware billing Quality of Experience (QoE) analysis VoIP fraud monitoring Regulatory compliance Customer Metrics Understand customer demand NI as enabling technology for smart pipe applications Customer metrics are especially important for telecom companies to understand consumer behaviors and create personalized IP services. it provides the required visibility and analysis of user demand to create and deliver differentiating services.Network intelligence 41 Use in telecommunications Telcos. User Behavior Analysis. e-discovery. regulatory compliance and auditing[14] [15] [16] .

Real-time data capture.Network intelligence 42 Use in government NI extracts and correlates information such as who contacts whom. Retrieved 2009-07-28. "Qosmos Network Intelligence Helps Development of Smart Pipe Solutions" (http:/ / caas. lightreading. Info World. [6] Shireen Dee (2009-02-03). Retrieved 2009-07-27. com [11] Stacey Higginbotham (2009-07-21). "Deep Packet Inspection Semi-Annual Market Tracker" (http:/ / www. . "A Brave New World: 700M New Net Users Seen By 2013" (http:/ / gigaom. Info World. The network visibility afforded by NI can also be used to build enhancements and next-generation solutions for Network Performance Management. Retrieved 2009-07-27. . [8] "2008 Internet Security Trends" (http:/ / www. . heavyreading. do?id=53513). [3] Thibaut Bechetoille (2009-03-25). Retrieved 2009-07-28. pcworld. it enhances the effectiveness of applications for Database Security. yankeegroup. com/ document. Retrieved 2009-07-28. "More Cash for Cloud Computing in 2009" (http:/ / www. html). extraction and analysis allow security specialists to take preventive measures and protect network assets in real time as a complement post-mortem analysis after an attack. infoworld. [13] Tom Sullivan (2008-03-29). Retrieved 2010-06-15. . . [4] Simon Sherrington (2010-06). 2008-10-20. . [14] Henry Sienkiewicz (2008-04-30). . IDC. Yankee Group Anchor Report. heavyreading. GigaOM. 2009. TMCnet. htm). Government Information Security Podcasts. com/ 2009/ 07/ 21/ will-p2p-soon-be-the-scourge-of-mobile-networks/ #more-59491). Retrieved 2010-06-15. [7] "MessageLabs Intelligence: 2008 Annual Security Report" (http:/ / www. Retrieved 2009-07-28. "Network Intelligence is Key to Profiting from Anywhere Demand" (http:/ / www. . Use in business Because NI combines real-time network monitoring with IP metadata extraction. . com/ securitytrends/ ). "Light Reading report: Network Acceleration . html). com/ topics/ caas-saas/ articles/ 49997-qosmos-network-intelligence-helps-development-smart-pipe-solutions. Retrieved 2009-07-27. . WAN Optimization. networkworld. Customer Experience Management. "Will P2P Soon Be the Scourge of Mobile Networks?" (http:/ / gigaom. com/ businesscenter/ article/ 162157/ more_cash_for_cloud_computing_in_2009. [16] Jon Brodkin (2008-07-02). govinfosecurity. Retrieved 2010-06-15. pdf). TMCnet. htm). "Market Research: New Opportunity for Service Providers?" (http:/ / www. "Gartner: Seven cloud-computing security risks" (http:/ / www. [2] Brian Partridge (2010-05-17). . [9] Jordan Golson (2009-07-21). Database Auditing and Network Protection.Managing Data Growth" (http:/ / www. [12] "IDC Finds Cloud Computing Entering Period of Accelerating Adoption and Poised to Capture IT Spending Growth Over the Next Five Years" (http:/ / idc. Retrieved 2009-07-28. providing situational awareness for Lawful Interception and Cyber Security. ironport. when where and how. tmcnet. com/ d/ cloud-computing/ dangers-cloud-computing-839). php?podcastID=229). com/ news/ 2008/ 070208-cloud. References [1] Jessica Schieve (2011-02-23). . com/ topics/ ip-communications/ articles/ 52992-everyday-relationship-between-and-information-whats-out-there. Light Reading. com/ getdoc. fiercetelecom. com/ offer/ windriver_intel?source=ebook_tab). messagelabs. . 2008. Retrieved 2011-03-15. "The Everyday Relationship Between You and ‘Your’ Information: What’s Out There on the Internet" (http:/ / ipcommunications. "DISA’s Cloud Computing Initiatives" (http:/ / www. "The dangers of cloud computing" (http:/ / www. and internal billing of networked applications. tmcnet. . asp?doc_id=159415). com). com/ 2009/ 07/ 21/ a-brave-new-world-700m-new-net-users-seen-by-2013/ #more-59899). . Retrieved 2009-07-27. Retrieved 2009-07-27. [10] http:/ / www. Light Reading. Retrieved 2009-07-27. com/ mlireport/ MLIReport_Annual_2008_FINAL. . GigaOM. jsp?containerId=prUS21480708). Heavy Reading. IronPort. [5] Aditya Kishore (2008-07-21). MessageLabs. com/ ResearchDocument. PC World. com/ podcasts. Content Filtering. [15] Ephraim Schwartz (2008-07-07).

Israel Key people Products Revenue Employees Subsidiaries Website CEO: Roy Zisapel CFO: Meir Moshe COO: Ilan Kinreich Application Delivery and Network Security $144. Sales markets The company markets and sells its products worldwide through an indirect sales channel that includes distributors and resellers located in the Americas.[5] Radware former VP of business development is businessman Yuval Tal. education. Middle East. now President of Payoneer. .1 million USD (2010) 700+ Radware Alteon www. transportation. In 1999 the company had an initial public offering and was listed on the NASDAQ stock exchange. healthcare.[3] History Radware was co-founded by Yehuda Zisapel and Zohar Zisapel in 1997.[4] The company is headquartered in Tel Aviv. retail. e-Commerce. Its customers cover all major industry segments including financial services. Roy Zisapel is the current President. In February 2009 Radware acquired Nortel’s Application Delivery business (Alteon) and now offers them under a merged brand. services and carriers. cloud computing. Europe.radware. Israel. Israel and is a member of the Rad Group of companies. The disposal by Nortel was part of a move to reduce its debt and recover from Chapter 11.com [2] Radware (NASDAQ:RDWR). For the enterprise. manufacturing. Africa and Asia Pacific. is a provider of integrated Application Delivery and Network Security solutions based in Tel Aviv. Radware Alteon.Radware 43 Radware Radware Type Industry Founded Public (NASDAQ: RDWR Technology 1997 [1] ) Headquarters Tel Aviv. CEO and Director. application & WAN optimization. government. insurance. mobile communications. and security. Radware offers networking solutions for data center virtualization.

asp?symbol=RDWR& selected=RDWR [2] http:/ / www.Radware 44 Core technology The core technologies that make up Radware’s offering include: • • • • • • • • • • • • Application Delivery Virtualization Global Load Balancing VoIP Load Balancing SIP Load Balancing Application Acceleration SSL Acceleration XML Acceleration/Security MultiWAN Switching Quality of Service (QoS) Web Application Firewalling Network Intrusion Prevention DPI/DFI Partners Radware partners with leading industry application and technology providers such as: AT&T.aspx?id=8419) Fox News. com/ resource/ networking/ loadbalancing/ Mediaproducts-gartner. February 11. com/ asp/ SummaryQuote. . pdf). .com/newsevents/ mediacoveragedetail.aspx?id=8417) Processor. BNET.com/newsevents/mediacoveragedetail.com/newsevents/ mediacoveragedetail. Oracle Corporation. .radware. aspx). retrieved 2009-10-16 External links • To Probe 'Dark Spots' Where Cybercrooks Lurk. Radware. retrieved 2009-10-16 [5] Radware acquires Nortel division for USD18m (http:/ / www. IBM. cbronline. bnet. HP. 2011 • Facebook Once Again Hangs Up on Phone Rumors (http://www. February 24. SAP AG. January 21. com/ Company/ TechnologyAlliances/ default. BEA.radware. FBI Wants New Tools (http://www. January 27. Blackboard.[6] References [1] http:/ / quotes. Forum. Radware USA: Facebook hacked: a reminder for on-line businesses (http://www. Blue Coat. com/ 2448-14061_23-272392. Juniper Networks. Files for $43m IPO (http:/ / www. radware.radware. com/ news/ net_management_firm_radware_files_for_43m_ipo). (http:/ / www.radware. Microsoft.radware. January 19.aspx?id=8365) Global Security Mag. retrieved 2009-10-16 [4] Net Management Firm.aspx?id=8361) CTO Edge. InfoSys. February 1. Computer Business Online. Finjan. com/ [3] Magic Quadrant for Application Delivery Controllers. Riverbed. retrieved 2009-10-16 [6] Radware partners (http:/ / www. 2011 • Carl Herberger VP of security solutions.aspx?id=8315) Infosecurity Magazine. aspx?id=8295) Investor’s Business Daily. html). Security (http://www. securitytechnet. 2011 • Smartphones and Social Media Can Be a Risky Combination (http://www. VMWare. RSA and BEA.com/newsevents/mediacoveragedetail. 2011 .com/newsevents/mediacoveragedetail. 2011 • Inside Data Center Preparedness (http://www. ByteMobile. radware.radware. January 26.com. Gartner. 2011 • Radware Makes ADCs Virtual (http://www.radware.aspx?id=8363) TechNewsWorld. .com/newsevents/mediacoveragedetail. nasdaq.com/newsevents/ mediacoveragedetail. 2011 • Web Traffic Requires Traffic Cop.

com/ newsevents/mediacoveragedetail.hoovers.radware. 2011 • WikiLeaks Hacktivists Explain “Operation Payback” (http://www.by Hoovers.Radware • Virtualized infrastructure key to enticing enterprise to carrier cloud services (http://www.com/q/pr?s=RDWR) 45 .xhtml?ID=61374&cm_ven=PAID& cm_cat=OVR&cm_pla=CO4&cm_ite=radware) .com/newsevents/ mediacoveragedetail. January 13.aspx?id=8239) ConnectedPlanet.yahoo.radware. 2010 • Radware Factsheet (http://www.aspx?id=8211) Investor’s Business Daily. December 10.com • Radware on Yahoo Finance (http://finance.com/free/co/factsheet.

is a networking equipment company based [4] in Waterloo. VoIP and gaming. ranging from service creation. Ontario.[5] billing.[8] Company history Sandvine was formed in August 2001 in Waterloo. and uses a path cost algorithm to reduce congestion while still delivering the same content. Canada. quality of service. and substitute it for the one selected by the P2P . Ontario. A subsequent round of financing of $19M (Cdn) was completed in May 2005. and mobile. including the control of spam.[9] [10] Quality of service control is provided for a range of media applications including video conferencing. DSL. Canada. and P2P path optimisation. by a team of approximately 30 people from a recently closed Cisco acquisition. COO and VP Engineering Don Bowman. CFO Tom Donnely. Stateful Policy Management [14] uses stateful deep-packet inspection and packet spoofing to allow the networking device to determine the details of the p2p conversation.sandvine.[11] [12] The P2P path optimizer [13] focuses on Gnutella. President and CEO Scott Hamilton.com [3] Sandvine Incorporated (TSX: SVC [1]. AIM: SAND [2]). and security. PixStream. spam control is based on identifying sources of spam from behaviors such as using multiple SMTP servers. An initial round of VC funding launched the company with $20M (Cdn). Ontario (2001) Industry Founded Headquarters Waterloo.[7] Sandvine targets its products at consumer Tier 1 and Tier 2 networks including cable. Many operators have shifted focus to revenue generating services and reducing operational expenditure. usage-based billing. using multiple source (EHLO) domains and large address books. Rather than identifying individual messages. Co-Founder. including the hash requested. In October 2006 Sandvine completed an initial public offering on the Toronto stock exchange under the ticker 'SVC'. EVP Marketing & Sales Brad Siim. CTO Website www. Technology Sandvine's technology focuses on policy management.[6] congestion management. Initial product sales focused at congestion management as operators struggled with the high growth of broadband. Ontario Key people Dave Caputo. In March 2006 Sandvine completed an initial public offering on the London AIM exchange under the ticker 'SAND'. Co-Founder. Co-Founder. The device can then determine the optimal peer to use.Sandvine 46 Sandvine Sandvine Incorporated Type Public [1] TSX: SVC [2] AIM: SAND Networking Hardware and Software Waterloo. Co-Founder. Sandvine network policy control products are designed to implement broad network policies.

do?lang=EN& docClass=7& issuerNo=00024246& fileName=/ csfsprod/ data106/ filings/ 01560378/ 00000001/ s:\svcMDA.Sandvine algorithm. html) [13] (WO/2003/094465) PATH OPTIMIZER FOR PEER TO PEER NETWORKS (http:/ / www. which effectively caused a certain limited number of outbound connections to immediately terminate. cantechletter. pdf) [9] A SYSTEM AND METHOD FOR DETECTING SOURCES OF ABNORMAL COMPUTER NETWORK MESSAGES . htm?bsg=true& ns=SAND http:/ / www. jsp?wo=2003094465) [14] "Meeting the Challenge of Today's Evasive P2P Traffic" (http:/ / www. com/ news/ pr_detail. com/ EP1743466. asp?ID=243) [17] Sandvine supports pre. quotemedia.Patent EP1743466 (http:/ / www. com/ http:/ / www. sandvine. ca/ en/ releases/ archive/ October2006/ 10/ c6288. cgi?native_or_pdf=pdf& id_document=6520169715) [19] Comcast's Protocol-Agnostic Congestion Management System (http:/ / tools. sandvine. ietf. org/ deeplinks/ 2007/ 10/ comcast-also-jamming-gnutella-and-lotus-notes) . sandvine. asp?ID=148) [7] Adelphia Selects Sandvine to Protect Subscribers from Worms and Spam. html) [10] (WO/2005/109816) A SYSTEM AND METHOD FOR DETECTING SOURCES OF ABNORMAL COMPUTER NETWORK MESSAGES (http:/ / www. sandvine.. londonstockexchange. com/ news/ pr_detail. This affects all uses of BitTorrent (such as open-source project distribution. asp) [12] CNW Group | VECIMA NETWORKS INC. and sending reset packets to both client and server. asp?ID=100) [6] Sandvine Incorporated: Press Release . In cases where a subscriber is a “seeder” and uploads content to an off net “leecher”. com/ Adelphia+ Selects+ Sandvine+ to+ Protect+ Subscribers+ from+ Worms+ and+ Spam.org article on Comcast jamming Gnutella and Lotus (http:/ / www. imitating both ends of the connection.[20] Comcast injected reset packets into peer-to-peer connections. May 2000 article "Nonintrusive TCP Connection Admission Control for Bandwidth Management of an Internet Access Link". eff. thefreelibrary. patch distribution and illegal downloads). ars/ post/ 20071021-comcast-traffic-blocking-even-more-apps-groupware-clients-affected. int/ pctdb/ en/ wo. asp?FILEID=16) [15] Comcast traffic blocking: even more apps. com/ news/ pr_detail. org/ html/ rfc6057) [20] eff.StarHub Selects Sandvine to Deploy End-to-End PacketCable MultiMedia Solution (http:/ / www. -a0139417017) [8] Sandvine Management's Discussion and Analysis (http:/ / sedar. jsp?wo=2005109816) [11] Sandvine Incorporated: Service Delivery Engine (http:/ / www. wipo. as well as all fixed access. com/ news/ pr_detail. Fairshare. groupware clients affected (http:/ / arstechnica. gov/ prod/ ecfs/ retrieve. com/ 2011/ 05/ cantech-letter-interviews-dave-caputo-of-sandvine-tsxsvc/ Sandvine Incorporated: Press Release . int/ pctdb/ en/ wo. com/ quote.[21] [22] A product whitepaper published by Sandvine confirms that its products are configurable to use "Session Management" capability to prevent customers using BitTorrent from providing uploads to peers who are not close to them on the network.and post-paid service plans across converged networks (http:/ / www.Major Wireless Carrier Selects Sandvine’s 10-Gigabit Ethernet Solution to Give Subscribers More Control over their Mobile Internet Experience (http:/ / www. asp?ID=283) [18] Comcast's compliance report to FCC on its previous network management techniques (http:/ / gullfoss2. fcc. sandvine. freepatentsonline. by "[sitting] in the middle. html) [16] Sandvine Supports Cricket Broadband Internet (http:/ / www.. com/ products/ service_delivery_engine. com/ en-gb/ pricesnews/ prices/ Trigger/ genericsearch. sandvine.[19] According to independent testing. newswire. . References [1] [2] [3] [4] [5] http:/ / tmx.[18] Sandvine's current congestion management product. com/ general/ getfile.[17] 47 Comcast Controversy Sandvine products are used by Comcast in the United States to manage Internet traffic generated by peer-to-peer file sharing software." [15] The usage-based-billing includes[16] pre-paid and post-paid 3G and 4G mobile access. session management is an effective strategy.Free Online Library (http:/ / www. php?qm_symbol=SVC http:/ / www. This method of network management was described in the IEEE Communications. the subscriber may be session managed without negative impact. This is the default behaviour for Sandvine’s session management policy and limits external leechers from [23] connecting to internal seeds. is described in detail in an RFC. | CableMatrix and VCom Showcase First QoS Enhanced Video Conferencing over WiMAX Solution (http:/ / www. com/ news. wipo. sandvine. com/ GetFile.

com/forum/ r18323368-Comcast-is-using-Sandvine-to-manage-P2P-Connections) • http://www. sandvine. html) [22] Nonintrusive TCP Connection Admission Control for Bandwidth Management of an Internet Access Link (http:/ / www.org/ci/private/2000/may/Kumar.comsoc.sandvine. org/ ci/ private/ 2000/ may/ Kumar.org/ci/private/2000/ may/Kumar. asp?FILEID=21 48 External links • Sandvine (http://www. comsoc.html) .Managing the Impact on Subscriber Experience http:/ / www. org/ ci/ public/ 2000/ may/ index.html (http://www. html) [23] Session Management: BitTorrent Protocol .dslreports. com/ general/ getfile.com) • Slashdot: Comcast filtering network packets (http://slashdot.comsoc. comsoc.Sandvine [21] IEEE Communications Interactive (http:/ / www.org/article.pl?sid=07/10/19/1417238) • Dslreports: Comcast is using Sandvine to manage P2P Connections (http://www.

CA. Viruses and other Malware USD 219 million (2008) 700 (January 2008) www. These include devices providing services for network firewalls. Security appliances. which includes the Ontario Teachers' Pension Plan through its private investor department. The company also markets information subscription services related to their products. . UTMs (Unified Threat Management).[7] The company has acquired a number of companies through the years. It sells a range of internet appliances primarily directed at content control and network security. VPNs (Virtual Private Network). (Matt) Medeiros (formerly of Philips Components) became CEO in March 2003. (Matt) Medeiros CFO: Robert D.[3] The company solutions also serve to solve issues surrounding HIPPA and PCI compliance issues. Backup and Recovery. Internet security 1991 Headquarters San Jose.sonicwall. backup and recovery. California Key people CEO: Matthew T. 2010 SonicWALL announced that it has completed its merger with affiliates of an investor group led by Thoma Bravo.SonicWALL 49 SonicWALL SonicWALL Type Industry Founded Private Backup and Recovery.com [2] [1] SonicWALL is a private company headquartered in San Jose.[8] On July 23. Spyware. Sudhakar Ravi Products Revenue Employees Website Security Appliance filtering Spam. Selvi Founders: Sreekanth Ravi.[3] [5] In the late 1990s they released a security product later branded "SonicWALL" which was a dedicated hardware appliance with firewall and VPN software intended for the small-business market. expanding its product line in the process. Teachers' Private Capital. hubs and bridges.[6] Matthew T.[4] History The company was founded in 1991 under the name "Sonic Systems" by brothers Sreekanth and Sudhakar Ravi to develop Ethernet and Fast Ethernet cards. and anti-spam for email. After the merger SonicWall was delisted from NASDAQ. LLC. In November 1999 they went public (SNWL).

Reuters. Archived from the original (http:/ / www. pdf). com/ ) [10] AIS (Access Information Security) (http:/ / www. aisec." (http:/ / finance. com/ story/ 1715. Retrieved 2010-03-05. sonicsys. ecommercetimes.gov (http:/ / www. co. [7] "SonicWall Company Officers . google. com/ Corporate_Info/ index.) (http:/ / www. . co. SonicWALL. [4] "Sonicwall PCI Compliance Case Study" (http:/ / www. redzonetech. Retrieved 2010-03-05. 2011. archive. uk/ ) [12] RedZone Technologies (http:/ / www. redzonetech. SonicWALL. Inc. . 1999. com/ Corporate_Info/ index. sec. uk/ ) [11] SonicWALL Online (UK Gold Partner) (http:/ / www. Retrieved 2011-06-06.Reuters" (http:/ / www. [8] "News Archive Search of "SonicWall acquisition" including frequency chart" (http:/ / news. html) on 1999-05-04. . Retrieved 2010-03-05. Retrieved 2010-03-05. O). html). gov/ Archives/ edgar/ data/ 1093885/ 000109388509000007/ f10k. reuters. net/ ) . com/ finance/ stocks/ companyOfficers?symbol=SNWL. 1999. Ecommerce Times.SonicWALL 50 Resellers • • • • New England[9] UK & Ireland[10] UK & Ireland[11] United States[12] References [1] sec. Yahoo!. . [9] NSI (New England Systems Inc. htm) [2] http:/ / www. com [3] "SNWL: Profile for SonicWALL. NSIserv. com/ archivesearch?um=1& cf=all& ned=us& hl=en& q=SonicWall+ acquisition& cf=all). yahoo. org/ web/ 19990504153444/ http:/ / www. . html?wlc=1267835772). [6] "SonicWall IPO Should Make Noise" (http:/ / www. sonicsys. [5] "Corporate Information" (http:/ / web. Retrieved 2010-03-05. com/ q/ pr?s=SNWL). 2010. Google. sonicwallonline. 2010. sonicwall. 2010. . net/ wp-content/ uploads/ 2011/ 06/ Davco_Restaurants_SW.

the Middle East.Stonesoft Corporation 51 Stonesoft Corporation Stonesoft Corporation Secure Information Flow Type Public [1] NASDAQ OMX: SFT1V Network Security Helsinki. as well as third-party devices. and China. software. and sales offices throughout Europe. United States. Finland Area served Key people Worldwide Ilkka Hiidenheimo (Chairman & CEO) Juha Kivikoski (COO) Mikael Nyberg [2] (CFO) Products Network security Firewall IPS VPN Security appliances Virtual appliances Employees Website [3] 174 (Dec 2009) stonesoft.[5] each available as hardware appliances. with a regional headquarters in Atlanta.com [4] Stonesoft Corporation is a publicly owned Helsinki. and SSL VPN systems. Stonesoft does business globally. IPS (intrusion detection and prevention systems).[6] Each of the components. originally developed for Check Point FireWall-1. can be managed from the StoneGate Management Center. Finland (1990) Ilkka Hiidenheimo Hannu Turunen Industry Founded Founder(s) Headquarters Helsinki.[7] The product portfolio differentiates through unique clustering and load balancing technologies based on the company's older StoneBeat technology. Its product portfolio includes firewall/VPN devices. . Finland-based vendor of network security solutions. Georgia. and VMware-certified virtual appliances.

It is also certified by ICSA Labs Network Intrusion Prevention and Detection category. 2006. com/ solutions/ partners/ stonesoft_fc. com/ aktier/ shareinformation?Instrument=HEX24350 [2] http:/ / www. the company introduced the first virtual firewall/VPN solution. vmware. com/ cgi-bin/ stories. In 1999. & OS=PN/ 6. It was one of the first technologies certified in Check Point's OPSEC program. nasdaqomxnordic.856. becoming a direct competitor to Check Point. high availability is key or when the leaders are otherwise not welcome". html [10] http:/ / www2. gov/ netacgi/ nph-Parser?Sect1=PTO2& Sect2=HITOFF& p=1& u=%2Fnetahtml%2FPTO%2Fsearch-bool. vadition. The reports indicated the company was sound and profitable. PN.[13] The issue at hand was discrepancies between the profitability forecasted in the company's year 2000 interim reports and the actual state of the company at that time. com [5] http:/ / www. yet "a profit warning should in fact have been issued". com/ appliances/ directory/ cat/ 522?k=Stonesoft& c=522 [7] http:/ / www. com/ us/ products/ smc/ index. In 1994 it introduced StoneBeat. stonesoft. com/ pdf/ Gartner_Magic_Quadrant_Firewalls_2010. com/ export/ download/ financial_files/ stonesoft_annual_report_2009_en. the company extended StoneBeat with a patented load balancing clustering technology.621. prnewswire.[8] launching StoneBeat FullCluster. a technology for creating a high availability pair of firewalls in an active-passive configuration.621& RS=PN/ 6. stonesoft. uspto. 2001. for IBM mainframes. com/ us/ products/ index. Stonesoft expanded its product set into the firewall/VPN space. pl?ACCT=104& STORY=/ www/ story/ 01-22-2003/ 0001876476& EDATE= [11] http:/ / www.[11] The StoneGate IPS has also placed in Gartner's Magic Quadrant for Network Intrusion Prevention.[13] The District Court of Helsinki had originally dismissed the claims in a decision on November 15. stonesoft. html [6] http:/ / www. pdf [4] http:/ / www. stonesoft. pdf [12] https:/ / www. html [8] http:/ / patft.[11] Gartner notes that Stonesoft "serves a set of placements well – usually.[14] References [1] http:/ / www. stonesoft.856. The StoneGate Firewall/VPN was launched on March 19. the Helsinki Court of Appeal issued a decision in a case brought against Stonesoft and several members of its management team. and it has a loyal customer base".[12] Controversy In 2008.[11] The StoneGate firewall/VPN is regarded for its "robust performance and feature set relative to company resources.[9] In 2001. In January 2003.856.Stonesoft Corporation 52 History Stonesoft started as a systems integrator in the Nordic regions of Europe. com/ products?tid[]=4222 . icsalabs. html& r=1& f=G& l=50& co1=AND& d=PTXT& s1=6. and is currently placed in the niche quadrant. and is one of only four vendors in the consortium to achieve that certification.[10] Products Stonesoft's current product portfolio can be divided into four major categories[5] : • • • • StoneGate Firewall/VPN StoneGate IDS/IPS StoneGate SSL VPN StoneGate Management Center (SMC) The StoneGate Firewall/VPN has placed in Gartner's Magic Quadrant for Enterprise Network Firewalls for several years. com/ en/ investor_relations/ corporate_governance/ management/ [3] http:/ / www. opsec. The court "held that two members of the company's board of directors and a former CEO through gross negligence had failed to give a profit warning in due time".621 [9] http:/ / www.

PDF [14] http:/ / www.com) • Semi-official community Web site (http://stoneblog. euroinvestor. co. fi/ whats_new/ newsletters/ D& I%20Q4%202008. uk/ news/ story.Stonesoft Corporation [13] http:/ / www.stonesoft.com) .stonesoft. aspx?id=10020587 53 External links • Official website (http://www. dittmar.

Cross Packet Inspection. com/ research/ stocks/ private/ snapshot.[7] [8] [9] This technology can be applied to mobile use of WAP. html [10] http:/ / searchsecurity. and Cross Session Inspection.[1] The company develops Deep Packet Inspection-based software that can be used for monitoring. Theta Networks has also been working with China Mobile on monitoring and support for their new TD-SCDMA networks[6] . html [5] http:/ / www. and China. techtarget. thetanetworks. Theta Networks also offers VirusGuardMax. html [6] http:/ / www. thetanetworks. HTTP. genetel. com/ resources/ cross_session_inspection. DNS. com/ news_events/ theta_networks_manage_data_services_for_beijing_2008_olympic_games. United States Steve Zhu (CEO) DPI Software [2] Theta Networks is a New Jersey based Telecommunication solutions company that was founded in 2005. nokiasiemensnetworks. and assisted China Mobile during the Olympic Networks.[10] The company has office in New Jersey. a DPI-based network security product. com/ global/ Press/ Press+ releases/ news-archive/ Nokia+ Siemens+ Networks+ to+ expand+ its+ customer+ base+ in+ service+ management+ through+ channel+ partners. connect-world.[13] References [1] Theta Networks. asp?privcapId=28831084) BusinessWeek. com/ news_events/ china_mobile_thanks_theta_networks_for_its_unique_support_during_the_olympics.Theta Networks 54 Theta Networks Theta Networks Type Industry Founded Founder(s) Headquarters Key people Products Website Private Telecommunication [1] 2005 Steve Zhu New Jersey. Theta's solutions reassembles and finds relationships between subscriber application sessions at Open Systems Interconnection layer 7 using Deep Packet Inspection. thetanetworks. html [8] http:/ / www. co. (http:/ / investing. Theta Networks has been a major supplier to Nokia Siemens [1] [3] . and Streaming Technology. Motorola. com/ resources/ deep_session_inspection. thetanetworks. vanillaplus. html& src=searchsecurity. businessweek. html [9] http:/ / www. com/ telecom-oss/ theta-networks-and-syrus-systems-form-partnership-in-russia/ . uk [11] http:/ / www. com/ extras/ ict_telecom_press_release_article. html [12] http:/ / www. co. thetanetworks. com/ resources/ cross_packet_inspection. and also recently established partnerships in Australia[12] . optimization. thetanetworks. techtarget. and Russia. ossnewsreview. htm [4] http:/ / www. rl. fr/ Press-Announcements/ Press-AnnouncementTheta-Networks. com/ news/ view/ 119 [13] http:/ / www. MMS. com/ [3] http:/ / www. php?press_id=1162 [7] http:/ / www. Theta Networks company works in France through a partner[11] .com [2] http:/ / www. Ericsson. SMS. subscriber management and security on mobile networks. uk/ detail/ PROD/ 1110792023_599. Inc. rl. South America. Orange and China Mobile [4] [5] Games Recently.

India Key people Products Website MD: Phani Bhushan Networking www. Ltd. Corporate history Viaedge Software Technologies was founded in 2002. In 2010. Armorlogic.com) Viaedge Viaedge Software Technologies (I) Pvt. It originally manufactured and sold load balancing products. Barracuda Networks.ThetaNetworks. Products V-Load Director (VLD) Viaedge's VLD product is based on a network appliance (either virtual or physical). If a server went down or became overloaded. Coyote Point Systems.viaedge.com [1] Viaedge Software Technologies. It is headquartered in Mumbai. . KEMP Technologies. the V-Load Director. was originally a network load balancer but today also offers other functionality such as access control and application security. Viaedge offers products in various segments of the Application Delivery Controller market. Maharashtra and has development and marketing offices PAN India. which runs on top of Linux.Theta Networks 55 External links • Company Site (http://www. which provide the VLD functionality. . Array Networks. 75% of the Viaedge business was with ET 500 companies. Radware and Zeus Technology. Viaedge's first product was a Server load balancer called VLD. Brocade. This appliance can then run one or more product modules (depending on the appliance selected). Other competitors include A10 Networks. Viaedge' flagship product. VLD directed traffic away from that server to other servers that could handle the load. Corporate focus is on networking gears.. is a networking appliances company. Crescendo Networks. Type Industry Founded Private Limited company Technology 2002 Headquarters Mumbai. Gartner cite the most significant competitors (in terms of market share) as Cisco Systems and Citrix Systems. Add-on modules to VLD family of products offer email filtering and intelligent compression to allow for lower bandwidth and faster downloads in addition to load balancing and local traffic management capabilities.

and hardware compression assistance. Some models include hardware SSL acceleration for key exchanges and bulk encryption/decryption .a PC/server-type motherboard . This appliance can then run one or more product modules (depending on the appliance selected). but some previous models have included AMD Opteron CPUs. Viaedge Appliances The current line of VLD & V-NetLink appliance was released between 2009 and 2010. The current hardware line-up uses Intel CPUs.[2] with approximate best-case throughput indicated: Model VLD 100 Advertised throughput 1 Gbit/s VLD Pro 4101 1 Gbit/s VLD Pro 4102 2 Gbit/s VLD Pro 4202 2 Gbit/s VLD Pro 4204 4 Gbit/s VLD Pro 4206 6 Gbit/s VLD Ent 5404 4 Gbit/s VLD Ent 5408 8 Gbit/s VLD Ent 5812 12 Gbit/s VLD Ent 5816 16 Gbit/s Model Throughput WAN Ports 2 2 3 4 6 8 10 12 Restricted Maximum Bandwidth 2 Mbps 4 Mbps 6 Mbps 10 Mbps 20 Mbps 45 Mbps 100 Mbps 500 Mbps LLB S-002 200 Mbps LLB S-004 200 Mbps LLB P-006 300 Mbps LLB P-010 2 Gbps LLB E-020 3 Gbps LLB E-045 4 Gbps LLB T-100 5 Gbps LLB T-500 6 Gbps . The previous platforms had two internal boards . and the hardware models internally use a single custom-fabricated system board. which runs on top of Linux. Hardware models include a front LCD panel for configuration and monitoring and a separate service processor for out-of-band management. The full model line-up is as follows.Viaedge 56 V-NetLink (VLLB) Viaedge's V-Netlink product is based on a network appliance (either virtual or physical). which provide the VLD functionality.

however. Packet framing A packet consists of two kinds of data: control information and user data (also known as payload). such as traditional point-to-point telecommunications links. simply transmit data as a series of bytes. Different communications protocols use different conventions for distinguishing between the elements and for formatting the data. Other protocols. control information is found in packet headers and trailers. the packet is formatted in 8-bit bytes. A difference. External links • viaedge. error detection codes like checksums.com/) Network packet In computer networking. com/ [2] "Viaedge Hardware Data Sheet" (http:/ / viaedge. or bits alone. establish the start of the header and data elements by their location relative to the start of the packet. 57 References [1] http:/ / www. When data is formatted into packets. is that some networks can break a larger packet into smaller packets when necessary (note that these smaller data elements are still formatted as packets). The control information provides data the network needs to deliver the user data.Viaedge Viaedge Product Modules • • • • V-Load Director : Local load balancing based on a full-proxy architecture. V-Application Delivery Controller: Global Server Load Balancing using DNS. Typically. WAN OptimiZation Module: A data centre symmetric WAN optimization solution. and special characters are used to delimit the different elements. Computer communications links that do not support packets. the bitrate of the communication medium can be better shared among users than if the network were circuit switched. . for example: source and destination addresses. and sequencing information. A network design can achieve two major results by using packets: error detection and multiple host addressing. In Binary Synchronous Transmission.com (http://www. com/ solutions/ data-centre-solutions/ application-load-balancer). like Ethernet. Some protocols format the information at a bit level instead of a byte level. By using packet switched networking it is also harder to guarantee a lowest possible bitrate. Retrieved 2010-08-17. characters. with user data in between. .viaedge. A good analogy is to consider a packet to be like a letter: the header is like the envelope. NetLink: Inbound and outbound ISP load balancing. a packet is a formatted unit of data carried by a packet mode computer network. viaedge. and the data area is whatever the person puts inside the envelope.

that specifies if it's an IPv4 or IPv6 packet. 4 bits that contain the version. Subsequent experience on the ARPANET indicated that the network itself could not reliably detect all packet delivery failures. 3 bits that contain a zero. and this pushed responsibility for error detection onto the sending host in any case. Once the message was delivered to the destination host. If the network could not deliver the message. 6. 3. 5. and a flag to state whether more fragments of a packet follow (MF: More Fragments) 7. the developers of CYCLADES and of ALOHAnet demonstrated that it was possible to build an effective computer network without providing reliable packet transmission. This led to the development of the end-to-end principle.[1] A "reliable" service is one that notifies the user if delivery fails. 8 bits that contain the Type of Service. 2. 13 bits that contain the fragment offset. also referred to as Quality of Service (QoS). whereas UDP and IP provide an unreliable one.Network packet 58 Error detection It is more efficient and reliable to calculate a checksum or cyclic redundancy check over the contents of a packet than to check errors using character-by-character parity bit checking. This technology is called packet switching. If a network does not guarantee packet delivery. The IPv4 packet header consists of: 1. datagrams In general. All these protocols use packets. Packets vs. which is one of the Internet's fundamental design assumptions. an acknowledgement was delivered to the sending host. but UDP packets are generally called datagrams. which describes what priority the packet should have. while the term datagram is generally reserved for packets of an "unreliable" service. in such cases the packet header generally contains addressing information so that the packet is received by the correct host computer. A host computer simply arranged the data in the correct packet format. This lesson was later embraced by the designers of Ethernet. TCP and IP provide a reliable service. The packet trailer often contains error checking data to detect errors that occur during transmission. Host addressing Modern networks usually connect three or more host computers together. 4 bits that contain the Internet Header Length which is the length of the header in multiples of 4 bytes (e. the term packet applies to any message formatted as a packet. and sent the message across the interface to its connected Interface Message Processor. Together. a series of packets sent from one host computer to another may follow different routes to reach the same destination. like the ARPANET and the modern Internet. 5 means 20 bytes). while an "unreliable" one does not notify the user if delivery fails. IP provides an unreliable service.[1] When the ARPANET pioneered packet switching. it provided a reliable packet delivery procedure to its connected hosts via its 1822 interface. Meanwhile. inserted the address of the destination host computer.g. For example. 4. a flag that says whether the packet is allowed to be fragmented or not (DF: Don't fragment). it would send an error message back to the sending host. In complex networks constructed of multiple routing and switching nodes. Example: IP packets IP packets are composed of a header and payload. then it becomes the host's responsibility to provide reliability by detecting and retransmitting lost packets. a field to identify position of fragment within original packet . 16 bits that contain an identification tag to help reconstruct the packet from several fragments. 16 bits that contain the length of the packet in bytes.

the presence of errors nearly always is detected by the error-correcting code or by a separate error-detecting code. including the packet header. Handling data loss Deleted undecodable whole frames are the principal type of data loss that affects compressed data sets. CCSDS packet definition A packet is a block of data with length that can vary between successive packets. it is possible to layer a transport protocol on top of the packet service that can provide such protection. of the seven layered OSI model. After those 160 bits.) 10. e. an IP packet is often carried as the payload inside an Ethernet frame. • Frames for which uncorrectable errors are detected are marked as undecodable and typically are deleted. etc. the Transport Layer. total number of packets. including frame header and control information. which are fixed-length data blocks. Under this standard. 11. 32 bits that contain the source IP address. The size of a frame. Because packet lengths are variable but frame lengths are fixed. 59 Delivery not guaranteed Many networks do not provide guarantees of delivery. 8 bits that contain the protocol (TCP. Example: the NASA Deep Space Network The Consultative Committee for Space Data Systems (CCSDS) packet telemetry standard defines the protocol used for the transmission of spacecraft instrument data over the deep-space channel. a packet with a TTL of 16 will be allowed to go across 16 routers to get to its destination before it is discarded). and the sender's and receiver's IP addresses. However. The header of a packet specifies the data type. ranging from 7 to 65. which has its own header and trailer. Telecom processing notes Data in a frame is typically protected from channel errors by error-correcting codes. 16 bits that contain the Header Checksum. 12. a number used in error detection.. ICMP. computer or device along a network) the packet is allowed to pass before it dies (for example. However. an image or other data sent from a spacecraft instrument is transmitted using one or more packets. can range up to 2048 bytes. nonduplication of packets. optional flags can be added of varied length. the UDP protocol of the Internet. 32 bits that contain the destination address. • Packet sizes are fixed during the development phase. • Even when the channel errors exceed the correction capability of the error-correcting code. • Packetized data is transmitted via frames. then the data that packet carries is added. which can change based on the protocol used. packet number. UDP. The term frame is sometimes used to refer to a packet exactly as transmitted over the wire or radio.g. 8 bits that contain the Time to live (TTL) which is the number of hops (router. 9. There generally would be little to gain from attempting to use compressed data from a frame marked as undecodable. .Network packet 8. An IP packet has no trailer. or in-order delivery of packets. TCP and UDP are the best examples of layer 4. packet boundaries usually do not coincide with frame boundaries.542 bytes.

the decompressor can base its reconstruction on incomplete. 60 Example: Radio & TV Broadcasting MPEG packetized stream Packetized Elementary Stream (PES) is a specification defined by the MPEG communication protocol (see the MPEG-2 standard) that allows an elementary stream to be divided into packets. • Fortunately. Video streams (0xE0-0xEF) Note: The above 4 bytes is called the 32 bit start code. it is extremely rare for an erroneous frame to go undetected. whereas in the case of detected erroneous frames. A typical method of transmitting elementary stream data from a video or audio encoder is to first create PES packets from the elementary stream data and then to encapsulate these PES packets inside an MPEG transport stream (TS) packets or an MPEG program stream (PS). the bits of the subband pixels are already decoded before the first bit error will remain intact. the decompressor will blindly use the frame data as if they were reliable.Network packet • When errors are present in a frame. fewer than 1 in 40. but all subsequent decoded bits in the segment usually will be completely corrupted. frames with detected errors would be essentially unusable even if they were not deleted by the frame processor. The TS packets can then be multiplexed and transmitted using broadcasting techniques. PES Packet length Optional PES header Stuffing bytes Data 2 bytes variable length variable length See elementary stream. which are the types of codes most likely to yield substantial fractions of bit errors throughout those frames that are undecodable. • If an erroneous frame escapes detection. long-blocklength error-correcting codes. Can be zero as in not specified for video streams in MPEG transport streams [2] [3] [4] [5] Size 3 bytes 0x000001 Description . • For frames coded by the CCSDS Reed–Solomon code. compressed data usually are protected by powerful. This data loss can be compensated for with the following mechanisms. data.000. such as those used in an ATSC and DVB. Thus. • Furthermore. The elementary stream is packetized by encapsulating sequential data bytes from the elementary stream inside PES packet headers. PES packet header Name Packet start code prefix Stream id 1 byte Examples: Audio streams (0xC0-0xDF).000 erroneous frames can escape detection. which has an undetected frame-error rate of less than 1 in 32. • All frames not employing the Reed–Solomon code use a cyclic redundancy check (CRC) error-detecting code. but not misleading. In the case of private streams the first byte of the payload is the sub-stream number. a single bit error is often just as disruptive as many bit errors.

NICAM offers the following possibilities. 10 = only PTS 10 binary or 0x2 hex 00 implies not scrambled Description 61 Marker bits Scrambling control Priority Data alignment indicator 1 Copyright Original or Copy PTS DTS indicator ESCR flag ES rate flag DSM trick mode flag Additional copy info flag CRC flag extension flag PES header length Optional fields Stuffing Bytes 1 1 2 1 1 1 1 1 1 8 variable length variable length gives the length of the remainder of the PES header presence is determined by flag bits above 0xff NICAM In order to provide mono "compatibility". The mode is auto-selected by the inclusion of a 3-bit type field in the data-stream • • • • One digital stereo sound channel. One 704 kbit/s data channel. The four other options could be implemented at a later date. In this mode. A NICAM-based stereo-TV infrastructure can transmit a stereo TV programme as well as the mono "compatibility" sound at the same time. the user can select which soundtrack to listen to when watching the content by operating a "sound-select" control on the receiver. NICAM packet transmission The NICAM packet (except for the header) is scrambled with a nine-bit pseudo-random bit-generator before transmission. This latter mode could be used to transmit audio in different languages. This means that the FM or AM regular mono sound carrier is left alone for reception by monaural receivers. One digital mono sound channel and a 352 kbit/s data channel. Only the first two of the ones listed are known to be in general use however.Network packet Optional PES header Name Number of Bits 2 2 1 1 indicates that the PES packet header is immediately followed by the video start code or audio syncword 1 implies copyrighted 1 implies original 11 = both present. or can transmit two or three entirely different sound streams. in a similar manner to that used for in-flight movies on international flights. Two completely different digital mono sound channels. • The topology of this pseudo-random generator yields a bitstream with a repetition period of 511 bits. . the NICAM signal is transmitted on a subcarrier alongside the sound carrier.

html) [4] European publication server (http:/ / www. This is necessary so as to aid in locking on to the NICAM data stream and resynchronisation of the data stream at the receiver. com/ EP1827030. 8.Patent EP1827030 (http:/ / www. one per interface. & Ross. Modern AQM disciplines (ARED. • At the start of each NICAM packet the pseudo-random bit generator's shift-register is reset to all-ones. jsp?PN=EP1827030%20EP%201827030& iDocId=6296342& iFormat=0 • Dean. and probabilistically dropping or marking packets even when the queue is short. Active queue management In Internet routers. v1. Boston. Queue management An Internet router typically maintains a set of queues. the result seems counter-intuitive to many network engineers: "Why should I drop perfectly good packets when I still have free buffer space?" . pdf [3] Method and apparatus for changing codec to reproduce video and/or audio data streams encoded by different codecs within a channel . epo. 1. • The pseudo-random generator is initialized with: 111111111. (2007). dTS101154. and can be run with their default parameters in most or all circumstances. and dropped otherwise. such queues use a drop-tail discipline: a packet is put onto the queue if the queue is shorter than its maximum size (measured in packets or in bytes). Typically. that hold packets scheduled to go out on that interface. active queue management (AQM) is a technique that consists in dropping or ECN-marking packets before a router's queue is full. For AQM systems that drop packets (rather than using ECN marking). and to cause global synchronisation between flows.[2] By providing endpoints with congestion indication before the queue is full. which reduces network latency ("ping time"). Recent Publications in Active Queue Management (AQM) schemes [1] Benefits of AQM Drop-tail queues have a tendency to penalise bursty flows. By dropping packets probabilistically. Historically. "Computer Networking: A Top-Down Approach" ISBN 0-321-49770-8 [2] http:/ / www. AQM disciplines are able to maintain a shorter queue length than drop-tail queues. freepatentsonline. James F. Keith W. Active queue disciplines drop or mark packets before the queue is full. org/ technology/ standards/ a001r7. PI) are self-tuning. Drawbacks of AQM Early AQM disciplines (notably RED and SRED) require careful tuning of their parameters in order to provide good performance. Tamara (2006).Network packet • The pseudo-random generator's polynomial is: x^9 + x^4 + 1. Blue. AQM disciplines typically avoid both of these issues. • The NICAM header is not subject to scrambling. org/ patents/ patent-information/ european-patent-documents/ publication-server. they operate by maintaining one or more drop/mark probabilities. Massachusetts: Thomson Course Technology. dvb. tm1214r30. Network+ Guide to Networks. 62 References [1] Kurose. european-patent-office. html?iAction=3& cc=EP& pn=1827030& ki=A2) [5] https:/ / publications. Making the NICAM bitstream look more like white noise is important because this reduces signal patterning on adjacent TV channels. org/ PublicationServer/ document.

489-491. pdf?attredirects=0).). acm. Random early detection (RED). icir. org/ citation. org/ floyd/ papers/ red/ red. etc. IEEE/ACM Transactions on Networking 1 (4): 397–413. com/ site/ cwzhangres/ home/ files/ RSFBaResilientStochasticFairBluealgorithmagainstspoofingDDoSattacks. 14. google. Sally. 2010. Jacobson. "Random Early Detection (RED) gateways for Congestion Avoidance" (http:/ / www. com/ site/ cwzhangres/ home/ posts/ recentpublicationsinactivequeuemanagementaqmschemes [2] Floyd.) and Active Queue Management (AQM) algorithms (RED. The AQM&DoS Simulation Platform [3] can simulate a variety of DoS attacks (Distributed DoS. Ref (http:/ / portal. It automatically calculate and record the average throughput of normal TCP flows before and after DoS attacks to facilitate the analysis of the impact of DoS attacks on normal TCP flows and AQM algorithms.251892. vol. google. google. Retrieved 2008-03-16. pp. org/ xpl/ freeabs_all. and Zhiping Cai. Low-rate DoS. pdf?attredirects=0 [7] Changwang Zhang. etc. Blue and Stochastic Fair Blue (SFB). Jianping Yin. google. pdf?attredirects=0 [5] Changwang Zhang. CHOKe. jsp?arnumber=5456075) [6] http:/ / sites. 2009. google. 1790341) . Random Exponential Marking (REM). doi:10. com/ site/ cwzhangres/ home/ files/ RSFBaResilientStochasticFairBluealgorithmagainstspoofingDDoSattacks. Robust random early detection (RRED) [4][5] • RSFB [6]: a Resilient Stochastic Fair Blue algorithm against spoofing DDoS attacks [7] References [1] http:/ / sites. PI controller. [3] http:/ / sites. html). cfm?id=1789954. com/ site/ cwzhangres/ home/ files/ RREDRobustREDAlgorithmtoCounterLow-rateDenial-of-ServiceAttacks. Spoofing DoS. and Weifeng Chen. Ref (http:/ / ieeexplore. IEEE Communications Letters. RRED. Zhiping Cai. com/ site/ cwzhangres/ home/ files/ RREDRobustREDAlgorithmtoCounterLow-rateDenial-of-ServiceAttacks. pdf?attredirects=0). google. . in International Symposium on Communication and Information Technology (ISCIT). ieee. SFB. RRED: Robust RED Algorithm to Counter Low-rate Denial-of-Service Attacks (http:/ / sites.1109/90.More Details [3] AQM algorithms • • • • • • • Adaptive Virtual Queue (AVQ). RSFB: a Resilient Stochastic Fair Blue algorithm against spoofing DDoS attacks (http:/ / sites. com/ site/ cwzhangres/ home/ posts/ aqmdossimulationplatform [4] http:/ / sites.Active queue management 63 The Simulation and Analysis Platform for AQM algorithms An Active Queue Management and Denial-of-Service (AQM&DoS) Simulation Platform is established based on the NS-2 simulation code of the RRED algorithm. Van (August 1993). Jianping Yin.

Paul Baran

64

Paul Baran
Paul Baran

Born

April 29, 1926 Grodno, Poland March 26, 2011 (aged 84) Palo Alto, California United States (Polish born) RAND Corporation UCLA, Drexel Institute of Technology, Philadelphia Packet Switching

Died

Citizenship Institutions Alma mater Known for

Notable awards IEEE Alexander Graham Bell Medal, National Medal of Technology and Innovation, National Inventors Hall of Fame Spouse Evelyn Murphy Baran, PhD

Paul Baran (1926–2011) was a Polish American engineer who was a pioneer in the development of computer networks. He invented packet switching techniques, and went on to start several companies and develop other technologies that are an essential part of the Internet and other modern digital communication.

Early life
Paul Baran was born in Grodno, Poland (which is now in Belarus) on April 29, 1926.[1] [2] He was the youngest of three children in a Jewish family,[3] with the Yiddish given name "Pesach". His family moved to the United States on May 11, 1928,[4] settling in Boston and later in Philadelphia, where his father, Morris "Moshe" Baran (1884–1979), opened a grocery store. He graduated from Drexel University in 1949 (then called Drexel Institute of Technology), with a degree in electrical engineering. He then joined the Eckert-Mauchly Computer Company, where he did technical work on UNIVAC models, the first brand of commercial computers in the USA.[5] In 1955 he married Evelyn Murphy, moved to Los Angeles, and worked for Hughes Aircraft on radar systems. He obtained his Masters degree in engineering from UCLA in 1959, with advisor Gerald Estrin while taking night classes. His thesis was on character recognition.[1]

Packet switched network design
After joining the RAND Corporation that same year, Baran took on the task of designing a "survivable" communications system that could maintain communication between end points in the face of damage from nuclear weapons.[6] At the time of the Cold War, most American military communications used High Frequency connections which could be put out of action for many hours by a nuclear attack. Baran decided to automate RAND director Franklin R. Collbohm's previous work with emergency communication over conventional AM radio networks and

Paul Baran showed that a distributed relay node architecture could be survivable. The Rome Air Development Center soon showed that the idea was practicable.[7] Using the mini-computer technology of the day, Baran and his team developed a simulation suite to test basic connectivity of an array of nodes with varying degrees of linking. That is, a network of n-ary degree of connectivity would have n links per node. The simulation randomly 'killed' nodes and subsequently tested the percentage of nodes who remained connected. The result of the simulation revealed that networks where n ≥ 3 had a significant increase in resilience against even as much as 50% node loss. Baran's insight gained from the simulation was that redundancy was the key.[8] His first work was published a RAND report in 1960,[9] with more papers generalizing the techniques in the next two years.[10] After proving survivability Baran and his team needed to show proof of concept for this design such that it could be built. This involved high level schematics detailing the operation, construction and cost of all the components required to construct a network that leveraged this new insight of redundant links. The result of this was one of the first store-and-forward data layer switching protocols, a link-state/distance vector routing protocol, and an unproved connection-oriented transport protocol. Explicit detail of these designs can be found in the complete series of reports "On Distributed Communications", published by RAND in 1964.[11] The design flew in the face of telephony design of the time, placing inexpensive and unreliable nodes at the center of the network, and more intelligent terminating 'multiplexer' devices at the endpoints. In Baran's words, unlike the telephone company's equipment, his design didn't require expensive "gold plated" components to be reliable.

65

Selling the idea
After the publication of "On Distributed Communications'", Paul Baran presented the findings of his team to a number of audiences, including AT&T engineers (not to be confused with Bell labs engineers, who at the time provided Paul Baran with the specifications for the first generation of T1 circuit which he used as the links in his network design proposal). In subsequent interviews Baran mentions how his idea of non-dedicated physical circuits for voice communications were scoffed at by the AT&T engineers who at times claimed that Baran simply did not understand how voice telecommunication worked.[12] Leonard Kleinrock developed a theoretical basis for the operation of packet networks in his Ph.D. thesis in 1961. Baran used the term "message blocks" for his units of communication. Donald Davies at the National Physical Laboratory in the United Kingdom was the first to use the term "packet switching" in 1965, and apply the concept to a general-purpose computer network. Davies' key observation was that computer network traffic was inherently "bursty" with periods of silence, compared with relatively constant telephone traffic.[1] [13] In 1969 when the US Defense Advanced Research Projects Agency (ARPA) was developing the idea of an inter-networked set of terminals to share computing resources, among the number of reference materials considered was Baran and the RAND Corporation's "On Distributed Communications" volumes.[1] The resiliency of a packet switched network that uses link-state routing protocols used on the Internet stems in some part from the research to develop a network that could survive a nuclear attack.[1] [14]

Later work
In 1968 Baran was a founder of the Institute for the Future, and then involved in other networking technologies developed in Silicon Valley. He was involved in the origin of the packet voice technology developed by StrataCom at its predecessor, Packet Technologies. This technology led to the first commercial pre-standard Asynchronous Transfer Mode product. He was also involved with the discrete multitone modem technology developed by Telebit, which was one of the roots of Orthogonal frequency-division multiplexing which is used in DSL modems. In 1985, Paul Baran founded Metricom, the first wireless Internet company, which deployed Ricochet,[2] the first public wireless mesh networking system. He also founded Com21, an early cable modem company.[5] Following Com21, Baran founded and was president of GoBackTV, which specializes in personal TV and cable IPTV infrastructure

Paul Baran equipment for television operators.[15] Most recently he founded Plaster Networks, providing an advanced solution for connecting networked devices in the home or small office through existing wiring.[16] Baran extended his work in packet switching to wireless-spectrum theory, developing what he called "kindergarten rules" for the use of wireless spectrum.[17] In addition to his innovation in networking products, he is also credited with inventing the first metal detector, a doorway gun detector.[5] [18] He received an honorary doctorate when he gave the commencement speech at Drexel in 1997.[19]

66

Death
Baran died in Palo Alto, California at the age of 84 on March 26, 2011,[1] [20] due to complications from lung cancer.[14] Upon his death James Thomson, the president of RAND stated that "Our world is a better place for the technologies Paul Baran invented and developed, and also because of his consistent concern with appropriate public policies for their use."[20] One of the fathers of the internet, Vinton Cerf, stated that "Paul wasn't afraid to go in directions counter to what everyone else thought was the right or only thing to do."[14] According to Paul Saffo, Baran also believed that innovation was a "team process" and he didn't seek credit for himself.[18] On hearing news of his death, Robert Kahn, co-inventor of the Internet, said: "Paul was one of the finest gentlemen I ever met and creative to the very end."

Awards and honors
• • • • • • • • IEEE Alexander Graham Bell Medal (1990)[21] Marconi Prize (1991) Nippon Electronics Corporation C&C Prize (1996) Bower Award and Prize for Achievement in Science (2001)[5] Fellow of the American Academy of Arts and Sciences (2003)[22] National Inventors Hall of Fame (2007) National Medal of Technology and Innovation (2007)[23] UCLA Engineering Alumnus of the Year (2009)[24]

References
[1] Katie Hafner (March 27, 2011). "Paul Baran, Internet Pioneer, Dies at 84" (http:/ / www. nytimes. com/ 2011/ 03/ 28/ technology/ 28baran. html). The New York Times. . [2] Nathan Brewer; et al (March 28, 2011). "Paul Baran" (http:/ / www. ieeeghn. org/ wiki/ index. php/ Paul_Baran). IEEE Global History Network. New York: IEEE. . Retrieved March 28, 2011. [3] Georgi Dalakov. "Paul Baran" (http:/ / history-computer. com/ Internet/ Birth/ Baran. html). History of Computers web site. . Retrieved March 31, 2011. [4] David Ira Snyder (August 4, 2009). "Morris "Moshe" Baran (1884 - 1979)" (http:/ / www. geni. com/ people/ Morris-Moshe-Baran/ 6000000005033975818). Genealogy of the Baran family. Geni.com web site. . Retrieved March 29, 2011. [5] "Paul Baran - Franklin Laureate Database" (http:/ / www. fi. edu/ winners/ 2001/ baran_paul. faw?winner_id=2272). The Franklin Institute Awards - Laureate Database. Philadelphia, PA: The Franklin Institute. . Retrieved March 29, 2011. [6] "Internet pioneer Paul Baran passes away" (http:/ / www. bbc. co. uk/ news/ technology-12879908). BBC News. March 28, 2011. . Retrieved March 28, 2011. [7] Brand, Stewart (March 2001). "Founding Father" (http:/ / www. wired. com/ wired/ archive/ 9. 03/ baran. html). Wired (New York: Condé Nast Digital) 9 (3). ISSN 1059-1028. OCLC 433726773. . Retrieved March 27, 2011. "Paul Baran conceived the Internet's architecture at the height of the Cold War. Forty years later, he says the Net's biggest threat wasn't the USSR—it was the phone company". Stewart Brand's interviews Paul Baran about his work at RAND on survivable networks. [8] "Paul Baran and the Origins of the Internet" (http:/ / www. rand. org/ about/ history/ baran. list. html). RAND corporation. . Retrieved March 29, 2011. [9] Paul Baran (1960). "Reliable Digital Communications Systems Using Unreliable Network Repeater Nodes" (http:/ / www. rand. org/ pubs/ papers/ P1995. html). RAND Corporation papers, document P-1995. . Retrieved March 29, 2011.

"Keynote Talk Transcript. William Stewart. MN: Charles Babbage Institute. com/ Internet/ Birth/ Davis. 2011. www. 2011. BBC. "Donald Davies" (http:/ / history-computer. gov/ about/ nmti/ recipients/ 2007. the evolution of his plan for distributed networks. plasternetworks. Retrieved May 17. engineer. 2011. rand. org/ Infrastructure/ Wireless_cellular_radio/ false_scarcity_baran_cngn94. A 44-page transcript in which Baran describes his working environment at RAND. Wired. 2010. DC" (http:/ / w2.edu/oh/index. phtml). 2011. CBI'S COLLECTIONS > Oral history database (http://www. (March 5.umn. cablelabs. [15] "Management Team" (http:/ / www. Engineer Tells Drexel Grads Paul Baran.pgs/leadstory. . March 28.phtml?id=110). Boulder. Retrieved March 31. . [11] Paul Baran et al. org/ publications/ BookofMembers/ ChapterB. [23] "The National Medal of Technology and Innovation 2007 Laureates" (http:/ / www. . story). 2011. [12] "Internet Architect Paul Baran Dies at 84" (http:/ / www.pdf?abstractid=732483&mirid=5) (PDF). 2011. . Retrieved March 29. [16] "About Plaster Networks" (http:/ / www. co. 2011. html). the objections he received. document P-2626. Journal on Telecommunications & High Technology Law (Boulder. [14] "Internet pioneer Paul Baran passes away" (http:/ / www. 2005). The United States Patent and Trademark Office. [24] "In Memoriam: Paul Baran MS ’59" (http:/ / www.umn. Archived from the original (http:/ / www. Silicon Flatirons Telecommunications Program (http://www. RAND Corporation papers. March 28. edu/ newsroom/ featured-news/ archive/ 2011/ in-memoriam-paul-baran-ms-201959).php)) 3 (2): 239–274. com/ news/ obituaries/ la-me-paul-baran-20110329. (1964). 2011. 2011. php).htm). Plaster Networks web site. 1994). History of Computers web site. . • "Convergence: Past. January 17.cfm/SSRN_ID732483_code355448. com/ epicenter/ 2011/ 03/ internet-architect-paul-baran-dies-at-84/ ). html). American Academy of Arts and Sciences. 2011. [21] "IEEE Alexander Graham Bell Medal Recipients" (http:/ / www. On Distributed Communications. • O'Neill. 2006. Los Angeles Times. Retrieved March 28. ISSN 1543-8899. • Ryan.livinginternet. 2011.edu/oh/ display. rand. rand. uk/ news/ technology-12879908). 2011. Rand. 2011. pdf). UCLA Engineering web site.com/news/newsletter/SPECS/JanFeb_SPECSTECH/tech. goBackTV web site. ZDNet UK. 2011. html).cbi. transcript). 2011. Present. The Inquirer (Philadelphia). [22] "Book of Members. 2. EFF "GII . eff. Retrieved March 31. "Paul Baran dies at 84. "On Distributed Communications Networks" (http:/ / www. p. his initial interest in survivable communications. 2011. latimes. html). wired. com/sol3/Delivery. "Opportunity Lies In Ideas. He Received An Honorary Doctorate" (http:/ / articles. 1990). and Future: Paul Baran Addresses CableLabs® Winter Conference" (http://www. . eff. Baran discusses his interaction with the group at ARPA who were responsible for the later development of the ARPANET. Judy E. Retrieved March 29. 2011. "SSRN-Wireless Communications and Computing at a Crossroads: New Paradigms and Their Impact on Theories Governing the Public's Right to Spectrum Access" (http://papers. com/ company-management. January 7. Inc February 1999. IEEE. zdnet. org/ 20060615000308/ http:/ / www. Patrick S. "the Grandfather Of The Internet" Spoke At His Alma Mater. This describes Paul Baran's development of packet switching and its application to wireless computing. . 2011. org/ about/ history/ baran-list.com/). Retrieved March 31. bbc. philly. gobacktv.ssrn. "On Distributed Communications" (http:/ / replay. Retrieved March 29.4562265. . Retrieved March 29.NII .com (http://www. [18] Jessica Guynn (March 29. 2011). Retrieved March 31. [17] Barran.livinginternet. org/ Infrastructure/ Wireless_cellular_radio/ ). . com/ about. 67 External links • "Paul Baran Invents Packet Switching" (http://www. 2011. CO: University of Colorado. Retrieved March 29. 1997). 2011. co. . com/ 1997-06-15/ news/ 25524943_1_constantine-papadakis-paul-baran-graduation-ceremony). org/ documents/ bell_rl. Retrieved March 29.livinginternet. org/ about/ history/ baran-list. San Francisco. March 29.silicon-flatirons. and the writing and distribution of his eleven-volume work. Retrieved March 29. CA: Electronic Frontier Foundation. . Retrieved March 29. uk/ news/ business-of-it/ 2011/ 03/ 29/ packet-switching-inventor-paul-baran-dies-aged-84-40092315/ ). (June 1. 8th Annual Conference on Next Generation Networks Washington. Retrieved March 31. uspto. ucla. "Oral history interview with Paul Baran" (http://www. ieee. [20] "Packet switching inventor Paul Baran dies aged 84" (http:/ / www.html) Louisville. CO: Cable Television Laboratories. org/ pubs/ papers/ P2626.cbi. jsp). pdf). . [13] Georgi Dalakov. 1780-2010: Chapter B" (http:/ / www. . [19] Nita Lelyveld (June 15. html) on June 15. Retrieved March 31. 2011.Paul Baran [10] Paul Baran (1962). inventor helped lay foundation for Internet" (http:/ / www. . Retrieved March 29. 2011 A transcript of Baran's keynote . Retrieved March 29. .org/index.Wireless/Cellular/Radio" Archive (http:/ / w2.0. Paul (November 9. Minneapolis. waybackmachine. amacad. School of Law.com/i/ii_rand. OCLC 66137086.

November 6. when capturing packets on systems without kernel-mode support for that filtering mechanism. with some wrapping them in macros such as BPF_MTAP() and BPF_TAP(). so that only "interesting" packets can be supplied to the software using BPF. . can be received. Retrieved April 2. they did not explain or acknowledge the mistake. although. Programmers quickly discovered the code in question was the Berkeley Packet Filter. 2011.com/news/2011/032811-paul-baran-packet-switching-obit. reducing the CPU requirement to capture packets and the buffer space required to avoid dropping packets. 68 Berkeley Packet Filter The Berkeley Packet Filter or BPF provides.ibiblio. 2011. 1997). Kernel-mode interpreters for that same virtual machine language are used in raw data link layer mechanisms in other operating systems. so that all packets on the network. on some Unix-like systems. on systems where the filtering is done in user mode.org/pioneers/baran. accepting or rejecting the packet based on the results of those tests.ibiblio.edu/) and the School of Journalism and Mass Communication at the University of North Carolina at Chapel Hill. a raw interface to data link layers. it allows the interface to be put into that mode.gilder. A user-mode interpreter for it is provided with the libpcap/WinPcap implementation of the pcap application programming interface (API). rather than to the entire interface. MA: Network World. html).com/Switching/gilder. Forbes ASAP (New York: Forbes) 159 (11): 106–120. packets can be filtered in user mode. permitting raw link-layer packets to be sent and received. so that. all packets.html). and for socket filters in Linux and in the WinPcap packet capture mechanism. are copied from the kernel to user space. NC: School of Information and Library Science (http://sils.org/ pioneers/) at ibiblio.com/public/telecosm_series/inventing. perform arithmetic operations on data from the packet. Internet Pioneers (http://www. Retrieved April 8.ibiblio.org/). In addition. While clear that SCO did not own the BPF code. Bob (March 27. if the driver for the network interface supports promiscuous mode.org (http://www. George (June 2. • Brown. In August 2003. even those destined for other hosts. 2011). programs in that language can fetch data from the packet. Chapel Hill. networkworld. • Gilder. including FreeBSD and WinPcap. "Baran credited with inventing packet switching in 1960s against military backdrop" • "Paul Baran" (http://www. and compare the results against constants or against data in the packet or test bits in the results. 2005. 2011. In addition. just-in-time compilation is used to convert virtual machine instructions into native code in order to further avoid overhead. code using the pcap API will work on both types of systems. "Paul Baran. such as Tru64 Unix. Internet and packet switching pioneer. 2006.Paul Baran address at the Countdown to Technology 2000 Winter Conference that includes a photo. BPF's filtering capabilities are implemented as an interpreter for a machine language for the BPF virtual machine. ISSN 1078-9901. BPF is sometimes used to refer just to the filtering mechanism. Inc. although legal action is ongoing that may eventually force an answer. OCLC 173437996. which are called by network interface drivers (and pseudo-drivers) to deliver incoming and outgoing packets to the BPF mechanism. "Inventing the Internet Again" (http://www. is mourned" (http://www.privateline. including those that will be filtered out. this can avoid copying "uninteresting" packets from the operating system kernel to software running in user mode. SCO Group publicly claimed to own Unix code which they alleged the Linux kernel infringed. it supports "filtering" packets.html) on April 10. Archived from the original (http://www. That interpreter can also be used when reading a file containing packets captured using pcap. Retrieved April 2. Framingham.unc.html). BSD kernels implement routines such as bpf_mtap() and bpf_tap(). On some platforms.

watson. 69 External links • • • • 1993 USENIX paper that describes BPF [1] (PDF) FreeBSD Developer Summit presentation describing Zero-copy BPF [2] (PDF) FreeBSD 8. resulting in small or large "black holes" in the network. Dead addresses The most common form of black hole is simply an IP address that specifies a host machine that is not running or an address to which no host has been assigned. org/ papers/ bpf-usenix93. this preserves the independence of different BPF device consumers. cgi?query=bpf& apropos=0& sektion=0& manpath=FreeBSD+ 8-current& format=html [4] http:/ / netsniff-ng.x BPF(4) man page. Firewalls and "stealth" ports Most firewalls can be configured to silently discard packets addressed to forbidden hosts or ports. When examining the topology of the network. without informing the source that the data did not reach its intended recipient. org/ cgi/ man. pdf [2] http:/ / www. as well as allowing the packing of headers into the BPF buffer rather than copying complete packet data. a BPF compiler for Linux (part of netsniff-ng) [4] References [1] http:/ / www. pdf [3] http:/ / www. often dynamically to respond quickly to distributed denial-of-service attacks. org/ Black hole (networking) In networking. FreeBSD. the black holes themselves are invisible. and can only be detected by monitoring the lost traffic. including description of zero-copy BPF buffers [3] bpfc. Robert Watson and Christian Peron added zero-copy buffer extensions to the BPF implementation in the FreeBSD operating system. org/ ~robert/ freebsd/ 2007asiabsdcon/ 20070309-devsummit-zerocopybpf. Even though TCP/IP provides means of communicating the delivery failure back to the sender via ICMP. While one copy remains in the receipt path for user processes. traffic destined for such addresses is often just dropped. black holes refer to places in the network where incoming traffic is silently discarded (or "dropped"). usually using a routing protocol to implement the filtering on several routers at once. Black hole filtering Black hole filtering refers specifically to dropping packets at the routing level. tcpdump. hence the name. allowing kernel packet capture in the device driver interrupt handler to write directly to user process memory in order to avoid the requirement for two copies for all packet data received via the BPF device. .Berkeley Packet Filter In 2007.

Assuming no hash collisions.Black hole (networking) 70 PMTUD black holes Some firewalls incorrectly discard all ICMP packets. cs. such as SFQ. Black hole e-mail addresses A black hole e-mail address is an e-mail address which is valid (messages sent to it will not generate errors). p will slowly converge to a value that keeps the queue within its bounds with full link utilisation. which dramatically reduces its storage requirements when the number of flows is large. Unlike RED. . SFB is only stochastically fair. cisco. pdf http:/ / hubble. Stochastic Fair Blue The main flaw of Blue. edu/ http:/ / safewireless. including the ones needed for Path MTU discovery to work correctly. sourceforge. Unlike other stochastically fair queuing disciplines. and never stored or seen by humans. it requires little or no tuning on the part of the network administrator. washington. In the presence of hash collisions. which it shares with most single-queue queueing disciplines. Stochastic Fair Blue (SFB)[2] is a stochastically fair variant of Blue which hashes flows and maintains a different mark/drop probability for each hash value. Operation of Blue A Blue queue maintains a drop/mark probability p. and treats all flows as a single aggregate. net/ http:/ / blog. Therefore. These addresses are often used as return addresses for automated e-mails. Like RED. ipexpert. p is decreased by a constant pi<pd. SFB can be implemented using a Bloom filter rather than a hash table. it operates by randomly dropping or ECN-marking packets in a router's queue before it overflows. a single aggressive flow can push out of the queue packets belonging to other. p is increased by a small constant pd. and drops/marks packets with probability p as they enter the queue. flows. This causes TCP connections from/to hosts with a lower MTU to hang. Whenever the queue overflows. is that it doesn't distinguish between flows. and whenever the queue is empty. SFB is able to provide a fair share of buffer space for every flow. better behaved. External links • • • • Remotely triggered black hole filtering (Cisco Systems) [1] University of Washington blackhole monitor/lookup system (link doesn't work) [2] Tools for detecting a blackhole attack in an ad hoc wireless network [3] Remote Triggered Black Hole Filtering [4] References [1] [2] [3] [4] http:/ / www. Assuming the mix of traffic on the interface doesn't change. but to which all messages sent are automatically deleted. com/ warp/ public/ 732/ Tech/ security/ docs/ blackhole. com/ 2010/ 11/ 24/ remote-triggered-black-hole-filtering/ Blue (queue management algorithm) Blue[1] is an Active Queue Management algorithm. however.

Michigan Computer Science Technical Report (CSE–TR–387–99). pdf?attredirects=0). RSFB algorithm is effective in preserving the TCP throughput in the presence of spoofing DDoS attacks. "BLUE: A New Class of Active Queue Management Algorithms" (http:/ / www. U. retrieved 2010-12-22 [2] Wu-Chang Feng. in International Symposium on Communication and Information Technology (ISCIT). . • An implementation of SFB for the Linux kernel (http://www. RSFB: a Resilient Stochastic Fair Blue algorithm against spoofing DDoS attacks (http:/ / sites.6. Dilip D. PDF).916648. 2009. .1109/INFCOM. Jianping Yin. doi:10.com/wuchang/blue/). pdf). retrieved 2010-01-02 [3] Changwang Zhang. 1790341) [4] Juliusz Chroboczek. including the fairness-aimed ones.pps. INFOCOM 2001 3: 1520–1529. Kang G. The basic idea behind RSFB is to record the responsive normal TCP flows and rescue their dropped packets. Ref (http:/ / portal. cfm?id=1789954. Shin (April 1999). Dilip D.thefengs. the alternative AQM framework for BSD Unix. the flow has been shown to not react to congestion indications from the network. eecs. umich. pps. Such an inelastic flow is put in a "penalty box".2001.39. [3] Implementations An implementation of Blue is part of ALTQ. An implementation of SFB for the Linux kernel (http:/ / www. "Stochastic Fair Blue: an algorithm for enforcing fairness" (http:/ / www. Debanjan Saha. org/ citation. fr/ ~jch/ software/ sfb/ ) External links • Wu-chang Feng's page about Blue and SFB (http://www. . acm. An implementation of SFB for Linux[4] has been included in Linux since version 2. A Resilient Stochastic Fair Blue (RSFB) algorithm was proposed against spoofing DDoS attacks. Debanjan Saha. Kandlur. Kandlur. jussieu. Shin (April 2001). and Zhiping Cai. Kang G. Proc.fr/~jch/software/sfb/). thefengs. google. edu/ techreports/ cse/ 99/ CSE-TR-387-99. com/ site/ cwzhangres/ home/ files/ RSFBaResilientStochasticFairBluealgorithmagainstspoofingDDoSattacks. com/ wuchang/ blue/ 41_2. References [1] Wu-chang Feng. 71 Resilient Stochastic Fair Blue (RSFB [6]) The existing Active Queue Management (AQM) algorithms.jussieu. are notably vulnerable to spoofing Distributed Denial-of-Service (DDoS) attacks. and rate-limited.Blue (queue management algorithm) When a flow's drop/mark probability reaches 1.

Overview Routing schemes anycast broadcast multicast unicast geocast In computer networking. Broadcasting can be performed as a high level operation in a program. the scope of the broadcast is limited to a broadcast domain. In practice. . for example broadcasting on Ethernet. Broadcast a message is in contrast to unicast addressing in which a host sends datagrams to another single host identified by a unique IP address. broadcasting refers to a method of transferring a message to all recipients simultaneously. broadcasting refers to transmitting a packet that will be received by every device on the network[1] . or it may be a low level networking operation. for example broadcasting Message Passing Interface.Broadcasting (computing) 72 Broadcasting (computing) In telecommunication and information theory.

In the emerging fields of service over the Internet Protocol (IP).) the business control layer is capable of dynamically adapting network or service behavior. Taking all customer interaction into account.html) Business Control Layer Business Control Layer (BCL) is a software layer in the provider's infrastructure residing between the network/OSS and the BSS. It allows providers to address customer service plans from a holistic business perspective bringing state-of-the-art capabilities like bundling.Each customer interaction should be analyzed and handled from a business standpoint rather than from just the simple network management or charging perspectives. from all services (voice.2 control field. Broadcasting may be abused to perform a DoS-attack. 368. for example. customer-recognition. Computer Networks.Broadcasting (computing) Not all network technologies support broadcast addressing. Token Ring uses a special value in the IEEE 802. Broadcasting is largely confined to local area network (LAN) technologies. content) and all sources (telecommunications networks. The attacker sends fake ping request with the source IP-address of the victim computer. External links • Encyclopedia Britannica entry broadcast network (http://www.org/independent/networking/guide/ netbroadcasting. ISBN 0130661023.25 nor frame relay have broadcast capability.com/EBchecked/topic/80540/ broadcast-network) • Network Broadcasting and Multicast (http://www. customer experience. IP Multimedia Subsystem (IMS). 2) Balance management 3) Business rule engine or Business Control engine 4) Dynamic real-time execution and provisioning 5) On-line charging and rating. in order to improve operators' transaction revenue and at the same time. However. Instead it relies on multicast addressing a conceptually similar one-to-many routing methodology. Both Ethernet and IPv4 use an all-ones broadcast address to indicate a broadcast packet. customer-premises equipment. nor is there any form of Internet-wide broadcast. neither X.comptechdoc. and hierarchies to the OSS layer. and Packet Cable Multi-Media (PCMM) the need for real-time network changes continues to grow. most notably Ethernet and token ring. data. IPv6 also does not implement the broadcast method to prevent disturbing all nodes in a network when only a few may be interested in a particular service. The successor to Internet Protocol Version 4 (IPv4). The victim computer is flooded by the replies from all computers in the domain. where the performance impact of broadcasting is not as large as it would be in a wide area network. p. etc.britannica. . at customer level. Business control layer key functions include: 1) Ability to simultaneously collect events from any source. multicasting limits the pool of receivers to those that join a specific multicast receiver group. 73 References [1] Andrew Tanenbaum (2003). Network Business Control allows service providers to • Inject business sense into the network .

E. • Real-time control for IP sessions and events . fts-soft. Reengineering Legacy Application to E-Business with a modified rational unified process [5] 4. Cisco Systems "Bridging the Infrastructure Gap: the Importance of Service Control in Broadband Networks" [4].Business Control Layer • Analyse and monitor of customer-consumed services . with online responses (provisioning) based on customer or operator-defined business rules. • Example of applications: Boots an internet connection for a limited time. This solution is the underlying network intelligence behind their Broadband service and their TeleMeter [1] (in Dutch).IP services should be managed in real time.FTS Software. Sources 1. Telenet. • Deployments . Allot Communications "Bandwidth Management enables IP Service Optimization" [3]. aradial. com/ en/ US/ products/ ps6151/ products_white_paper0900aecd801d8a83. References [1] [2] [3] [4] [5] http:/ / www. org/ xpls/ abs_all. charge for VOIP traffic. The technology underlying these 74 services are built upon the Cisco SCE DPI device and the FTS Leap Business Control Engine BCE) [2] . be/ nl/ klantendienst/ klantendienst_thuis/ internet/ topvragen/ telemeter. ieee. Charging for IP services . shtm http:/ / www. allot. charge for P2P. Retrieved 2006-08-24. page http:/ / www. Aradial Technologies .Providers should be able to analyze.E. • Dynamically detecting and charging for IP services. allowing providers to interact with the network during active sessions. Download a movie.Aradial Radius & Policy servers [6]. Retrieved 2006-08-24. cisco. shtml http:/ / ieeexplore. 2.Integrates with operator legacy billing system or as a full billing for the IP services replacing the existing. jsp?arnumber=1192421 [6] http:/ / www. com/ http:/ / www.g. 3. Changing dynamically the bandwidth for a customer when reaching monetary values. com/ . record and charge for IP services. com/ html/ products_netenforcer. telenet.g. placing value on every aspect of their service plan so that their services satisfy customers needs. NV is the first company to deploy such a solution in their network.

L. Cerf. edu/ in-notes/ ien/ ien48. when the Internet Protocol replaced earlier protocols on the ARPANET. Pouzin. May 1974. References [1] http:/ / www. Proceedings of EUROCOMP. Catenet was the concept of linking these networks into a network of networks with specifications for compatibility of addressing and routing.[1] The term was coined by Louis Pouzin. . The typical scenario involves an IP Ethernet datagram that passes through a gateway with both source and destination Ether and IP address set as the respective broadcast addresses for the subnetworks being gated between. isi. IEN 48. Chernobyl packet A Chernobyl packet is a network packet that induces a broadcast storm or some other kind of "network meltdown". txt The Catenet Model for internetworking.Catenet 75 Catenet Catenet is an obsolete term for a system of packet-switched communication networks interconnected via gateways. The term was named after the April 1986 nuclear accident at Chernobyl. V. at a time when network meant what is now called a local area network.[2] a pioneer in packet-switching technology and founder of the CYCLADES network. The term catenet was gradually displaced by the short-form of the term internetwork. Bronel University. 1023-36. pp. internet (lower-case i). DARPA Information Processing Techniques Office. July 1978 [2] A Proposal for Interconnecting Packet Switching Networks.

A large number of Christmas tree packets can also be used to conduct a DoS attack by exploiting the fact that Christmas tree packets require much more processing by routers and end-hosts than the 'usual' packets do. Christmas tree packets are always suspicious and indicate a high probability of network reconnaissance activities. such as a Christmas tree packet. "the packet was lit up like a Christmas tree. From a network security point of view. as in. and IRIX display behaviors that differ from the RFC standard when queried with said packets. nastygram or a lamp test segment. By observing how a host responds to an odd packet." It can also be known as a kamikaze packet. packets that initiate connection according to the standards). BSD/OS. When used as part of scanning a system. Christmas tree packets can be used as a method of divining the underlying nature of a TCP/IP stack by sending the packets and awaiting and analyzing the responses. assumptions can be made regarding the host's operating system. all turned on. MVS. HP-UX. Versions of Microsoft Windows. Christmas tree packets can be easily detected by intrusion-detection systems or more advanced firewalls. URG and PSH set. a Christmas tree packet is a packet with every single option set for whatever protocol is in use. Many operating systems implement their compliance with the Internet Protocol standard (RFC 791) in varying or incomplete ways.Christmas tree packet 76 Christmas tree packet In information technology. The term derives from a fanciful image of each little option bit in a header being represented by a different-colored light bulb. the TCP header of a Christmas tree packets has the flags SYN. org/ nmap/ man/ man-port-scanning-techniques. External links • Nmap documentation [1] References [1] http:/ / insecure. html . Since Christmas tree scan packets do not have the SYN flag turned on. they can pass through these simple systems and reach the target host. Some stateless firewalls only check against security policy those packets which have the SYN flag set (that is. Cisco IOS. FIN.

com/ en/ US/ tech/ tk827/ tk831/ technologies_white_paper09186a00800a62d9. There are five types of adjacencies: • Null adjacency: Handles packets destined to a NULL interface. like packets sent to the router itself. where there is a FIB table on each of the line cards. CEF currently supports Ethernet. • Drop adjacency: Packets pointing to this entry are dropped. but without layer 2 information. it is recommended to use distributed CEF (dCEF). Function CEF is mainly used to increase packet switching speed by reducing the overhead and delays introduced by other routing techniques. shtml . • Discard adjacency: FIB entries pointing to this type of adjacency will be discarded. FDDI. CEF consists of two key components: The Forwarding Information Base (FIB) and adjacencies. html [2] http:/ / www. External links • CEF (Cisco Express Forwarding) site [1] • Choosing the best routing switching path [2] References [1] http:/ / www. cisco. Instead. In order to take full advantage of CEF. • Glean adjacency: Handles packets destined for currently attached hosts. ATM. The FIB is similar to the routing table generated by multiple routing protocols. avoiding the need for an ARP request for each table lookup. and Cisco HDLC. fast switching will be performed on the line card itself. cisco. This avoids the need for querying the main processor or routing table in order to get the next-hop information. Frame Relay. maintaining only the next-hop address for a particular IP-route.Cisco Express Forwarding 77 Cisco Express Forwarding Cisco Express Forwarding (CEF) is an advanced layer 3 switching technology used mainly in large core networks or the Internet to enhance the overall network performance. com/ en/ US/ docs/ ios/ 12_1/ switch/ configuration/ guide/ xcdcef. PPP. The adjacency maintains layer 2 or switching information linked to a particular FIB entry. tunnels. • Punt adjacency: Deals with packets that require special handling or can not be switched by CEF. but the prefix will be checked. Such packets are forwarded to the next switching layer (generally fast switching) where they can be forwarded correctly. Packets with FIB entries pointing to NULL adjacencies will normally be dropped.

extranets and internets. Most of the multimedia protocols as well as some other protocols (such as FTP. This is the basic function of a stateful inspection firewall. CBAC inspects traffic that travels through the firewall to discover and manage state information for TCP and UDP sessions. the transport layer.Context-based access control 78 Context-based access control Context-based access control (CBAC) intelligently filters TCP and UDP packets based on application layer protocol session information and can be used for intranets. CBAC can inspect traffic for sessions that originate from either side of the firewall. CBAC can inspect traffic for sessions that originate from the external network. However. (In other words. while this example discusses inspecting traffic for sessions that originate from the external network. Without CBAC. CBAC examines not only network layer and transport layer information but also examines the application-layer protocol information (such as FTP connection information) to learn about the state of the TCP or UDP session. traffic filtering is limited to access list implementations that examine packets at the network layer. or at most. RPC.) However. This allows support of protocols that involve multiple channels created as a result of negotiations in the FTP control channel. CBAC also provides the following benefits: • Denial-of-Service prevention and detection • Real-time alerts and audit trails . CBAC does the deep packet inspection and hence it is termed to be a IOS Firewall. This state information is used to create temporary openings in the firewall's access lists to allow return traffic and additional data connections for permissible sessions (sessions that originated from within the protected internal network). and SQL*Net) involve multiple control channels. CBAC can be configured to permit specified TCP and UDP traffic through a firewall only when the connection is initiated from within the network needing protection.

cisco. . The technology was developed by Kalpana the company that introduced the first Ethernet switch. This technique reduces latency through the switch. Inc. References [1] "Cisco to Acquire Kalpana. . such as supercomputer clusters. . because the frame check sequence appears at the end of the frame. Fragment free will hold the frame until the first 64 bytes are read from the source to detect a collision before forwarding. html) on 2010-06-18. [2] "Switches .. wherein the switch starts forwarding a frame (or packet) before the whole frame has been received. since these are often deployed in environments where latency is a prime concern. htm). org/ 5qaWOQRdn). The alternative to cut-through switching is store and forward. Leading Ethernet Switching Company" (http:/ / www. Pure cut-through switching is only possible when when the speed of the outgoing interface is equal to the incoming interface speed. Use in InfiniBand Cut-through switching is very popular in InfiniBand networks. This is only useful if there is a chance of a collision on the source port. Cisco Systems.[2] Use in ATM Cut-through routing was one of the important features of IP networks using ATM networks since the edge routers of the ATM network were able to use cell switching through the core of the network with low latency at all points. the switch is not able to verify the integrity of an incoming packet before forwarding it. normally as soon as the destination address is processed. this has become less of a problem since packet latency has become much smaller. A cut-through switch will forward corrupted packets where a store and forward switch will drop them. Archived from the original (http:/ / newsroom.Cut-through switching 79 Cut-through switching In computer networking. Adaptive switching dynamically selects between cut-through and store and forward behaviors based on current network conditions. cut-through switching is a method for packet switching systems. webcitation. Use in Ethernet When cut-through switching is used in Ethernet. Retrieved 2011-08-13. but decreases reliability. com/ dlls/ 1994/ corp_102494.[1] Fragment free is a variation on cut-through switching that partially addresses this problem by assuring that collision fragments are not forwarded.What Are Forwarding Modes and How Do They Work?" (http:/ / support. With higher speed links. intel. com/ support/ express/ switches/ sb/ cs-014410.

com.cn/cstory/ftf/2009/download/net_f0279. addressing issues and requirements resulting from the multicore nature of QorIQ™ SoCs. Therefore. which is usually recorded in a PDF. The infrastructure required to facilitate the flow of packets between the above The DPAA also addresses various performance related requirements especially those created by the high speed network I/O found on multicore SoCs such as the P4080 References External links • http://freescalesemi. in order to get an accurate measure of the DDJ in a particular system. it is a form of deterministic jitter which is correlated with the sequence of bits in the data stream.com/2010/08/ freescale-three-new-qoriq-processors-incorporate-data-path-acceleration/ Data-dependent jitter Data-dependent jitter (DDJ) is a specific class of timing jitter. a large number of bit patterns must be analyzed (often just a PRBS) unless an analytical solution can be found. Network and packet I/O. In particular.pdf • http://www. The DPAA includes Cores. Properties Depending on characteristics of the signal and transmission topology. . Hardware offload accelerators. It is also a form of ISI. previously transmitted symbols can affect the edge cross over time.electropages.Data Path Acceleration Architecture (DPAA) 80 Data Path Acceleration Architecture (DPAA) The QorIQ™ DPAA is a comprehensive architecture which integrates all aspects of packet processing in the SoC. DDJ's PDF is always a series of pulses at the locations where a specific bit pattern experiences a cross over. This creates a probability distribution for the timing of the signal edge.

Most of Bell Laboratories was trunked together on Datakit.Datagram 81 Datagram A datagram is a basic transfer unit associated with a packet-switched network in which the delivery arrival time and order are not guaranteed. but there are some nuances. A datagram consists of header and data areas. (2007). It supports file transfers. remote login. On a network with misordering. "Computer Networking: A Top-Down Approach" ISBN 0-321-49770-8 [2] RFC 793 Datakit Datakit is a virtual circuit-switched network layer computer networking protocol similar to X. James F. TCP/IP is also run over Datakit links. several operating systems (including UNIX) implemented UUCP for electronic mail and dkcu for remote login[6] . TCP refers to its fragments as TCP segments. and remote command execution. while the term datagram is generally reserved for packets of an "unreliable" service. it can operate over multiple media. . & Ross. However. Datakit Virtual Circuit Switch (VCS) nodes connect to the Datakit network with a Datakit interface (IOA)[5] . First. which means that for this situation immediate packet processing is no longer possible[7] .[2] presumably to assert that its fragments are reliable. The term datagram is often considered synonymous to "packet". where the header contains information sufficient for routing from the originating equipment to the destination without relying on prior exchanges between the equipment and the network. Keith W. the term packet applies to any message formatted as a packet. However. The source and destination addresses as well as a type field are found in the header of a datagram. then its fragments may be referred as packets. developed at Bell Labs[1] for both local-area and wide-area networks[2] . packets would have to be reordered before processing. URP assumes that packets arrive in order. That is why UDP packets are generally called datagrams. ISN is the version of Datakit that was supported by AT&T Information Systems. For example.25. remote printing. At the physical layer. if a datagram fragments.[1] Second. from slow speed EIA-232 to 500Mbit fiber optic links (called FIBERKIT)[4] . On top of DK transport service. and in widespread deployment by the Regional Bell Operating Companies (RBOCs)[3] . References [1] Kurose. not packets. but not as datagrams. IP itself provides an unreliable service and UDP over IP also provides an unreliable one. Datakit offers a packet-switched protocol called Universal Receiver Protocol (URP) that spreads PDU overhead across multiple packets and performs immediate packet processing. An "unreliable" service does not notify the user if delivery fails.

pdf?arnumber=25918 [5] http:/ / stratadoc. org/ Xplore/ login. phrack. com/ vos/ 15. edu/ accessPages/ CSD-88-474. stratus. html [3] Network Dictionary By Javvin [4] http:/ / ieeexplore. com/ issues. lib. com/ 5583859. 1. 1/ r307-00/ wwhelp/ wwhimpl/ js/ html/ wwhelp. berkeley.Datakit 82 References [1] Datakit. html [6] http:/ / www. htm?context=r307-00& file=ch5r307-00d. ieee. html . from the Free On-line Dictionary of Computing [2] http:/ / techreports. jsp?url=/ iel2/ 717/ 971/ 00025918. html?issue=18& id=9#article [7] http:/ / www. freepatentsonline.

[5] From 1947. where he headed and transformed its computing activity. he married Diane Burton.[3] on the nuclear weapons Tube Alloys project at Birmingham University. DEUCE was manufactured by English Electric Computers and became one of the best-selling machines of the 1950s. he was also awarded the Lubbock memorial Prize as the outstanding mathematician of his year.[4] He first presented his ideas on packet switching at a conference in Edinburgh on 5 August 1968. and remained in operation until 1986. A commercial spin-off. they had a daughter and two sons. even if they were for a theoretical computer. CBE FRS[1] (7 June 1924 – 28 May 2000) was a Welsh computer scientist who was the inventor of packet switching (and originator of the term). he worked at the National Physical Laboratory (NPL) where Alan Turing was designing the Automatic Computing Engine (ACE) computer. which evolved into the Internet. In the early 1960s. Wales. and his mother took Donald and his twin sister back to her home town of Portsmouth. he worked on Government technology initiatives designed to stimulate the British computer industry.[7] Larry Roberts of the Advanced Research Projects Agency in the United States became aware of the idea. Wales 28 May 2000 (aged 75) Welsh Computer science National Physical Laboratory Died Nationality Fields Institutions Alma mater Imperial College Known for Packet switching Donald Watts Davies. and built it into the ARPANET. It was replaced with the Mark II in 1973. much to Turing's annoyance.[3] He received a BSc degree in physics (1943) at Imperial College London. and then joined the war effort working as an assistant to Klaus Fuchs. These were perhaps some of the first "programming" errors in existence. In 1966 he returned to the NPL at Teddington just outside London.[2] Career history Davies was born in Treorchy in the Rhondda Valley. leading to Turing's departure. It is said that Davies spotted mistakes in Turing's seminal 1936 paper On Computable Numbers. the universal Turing machine.[4] .Donald Davies 83 Donald Davies Donald Watts Davies Born 7 June 1924 Treorchy. which first worked in May 1950. The ACE project was overambitious and foundered. where he saw that a significant problem with the new time-sharing computer systems was the cost of keeping a phone connection open for each user.[4] Davies took the project over and concentrated on delivering the less ambitious Pilot ACE computer.[4] He then returned to Imperial taking a first class degree in mathematics (1947). Davies helped build a packet switched network called the Mark I to serve the NPL in the UK.[4] Davies then worked for a while on applications such as traffic simulation and machine translation. He became interested in data communications following a visit to the Massachusetts Institute of Technology. died a few months later. His father. where he went to school. In 1955.[6] In 1970. a clerk at a coalmine. influencing other research in the UK and Europe.

uk/ news/ 2000/ jun/ 02/ guardianobituaries2).thocp.com/ videoplay?docid=4989933629762859961).uk/about/famous_names/) • Obituary (http://www.com/i/ii_npl. . Autumn 2008.co. 1973.livinginternet.0006. Pioneer Profiles: Donald Davies.umn. • Biography (http://www. guardian.Donald Davies Davies relinquished his management responsibilities in 1979 to return to research. thocp. 1984. C. Davies (http://www. htm) [4] Martin Cambell-Kelly. doi:10.net/biographies/davies_donald. a CBE in 1983 and a Fellow of the Royal Society in 1987. 84 Books • With D.uk/news/2000/jun/02/guardianobituaries2) from The Guardian • Obituary (http://www. 44. Internet Guide. net/ biographies/ davies_donald.org/internet/history/davies. Davies (at 19m20s).guardian. ISSN 0958-7403 [5] Obituary (http:/ / www. [6] Luke Collins.2002. htm) External links • Oral history interview with Donald W.google. M. co. html). Engineering & Technology. Wiley. 7 June 1924 . IET. • With W. R. and the decision to contract with English Electric Company to build the DEUCE -.B. References [1] Needham.cbi. internet-guide. com/ i/ iw_packet.npl.livinginternet. D. University of Minnesota. Davies discusses a much larger. 6 September 2008 [7] Packet Switching (http:/ / www. C. National Physical Laboratory.co. Wiley. Charles Babbage Institute. (2002).possibly the first commercially produced computer in Great Britain. second ACE.phtml?id=116). 2010. [2] "Donald Watts Davies" (http:/ / www. 2 June 2000. Biographical Memoirs of Fellows of the Royal Society 48: 87. livinginternet.28 May 2000".isoc. Includes footage of Donald W. Davies describes computer projects at the U.E.com/) • Computer Networks: The Heralds of Resource Sharing (http://video. Computer Resurrection.thocp.Donald Davies Biography (http:/ / www. [3] The History of Computing Project . "Donald Watts Davies. Price. • With W. "Network pioneer remembered". He retired from the NPL in 1984. Barber: Communication Networks for Computers. Solomonides: Computer Networks and Their Protocols. 1979. uk/ DonaldWattsDavies.1098/rsbm. Barber.edu/oh/display. Wiley. He became particularly interested in computer network security. from the 1947 design work of Alan Turing to the development of the two ACE computers.K. documentary ca. 1972 about the ARPANET. becoming a security consultant to the banking industry.net/) • Famous names at NPL (http://www. Price: Security for Computer Networks. The Guardian. .[4] Davies was appointed a Distinguished Fellow of the British Computer Society in 1975.htm) from the History of Computing Project (http://www. co.htm) from Living Internet (http://www.shtml) from the Internet Society (ISOC) • UK National Physical Laboratory (NPL) & Donald Davies (http://www.

and data packets are transmitted on both rings in order to maintain connectivity and full bandwidth utilization in normal situations. DPT as opposed to POS or normal SONET/SDH is able to use both rings at the same time whereas POS only uses one ring under normal circumstances but switches to the second upon failure of the first. DPT is not a PPP whereas POS is. the control data will notify the applicable routers of the failure and all the routers will switch to using only their active interfaces for data and control packets. it is quite similar to POS and DTM. It is necessary for the nodes to be able to communicate control data between each other in case of a fiber cut or link failure so the nodes can forward traffic on the appropriate interfaces and maintain network connectivity. there are methods for communicating not only application data between the nodes of a DPT network. This design provides for redundancy in case of a fiber cut or link failure. The other major class of jitter is non-deterministic. Types of Data in DPT Networks As with most other lower layer protocols.Deterministic jitter 85 Deterministic jitter Deterministic jitter (or DJ) is a type of jitter with a known non-Gaussian probability distribution. With the introduction of DPT came the introduction of another Cisco developed MAC layer protocol. Cisco claims that DPT can run with double the bit-rate of POS due to this characteristic. this means that traffic between two nodes of a DPT ring does not affect intermediate nodes. Characteristics Deterministic jitter is clock timing jitter or data signal jitter that is predictable and reproducible. . In overview. and duty-cycle dependent jitter. data dependent jitter. or random jitter. Dynamic Packet Transport Dynamic packet transport (DPT) is a Cisco transport protocol designed for use in optical fiber ring networks.17 standard. Deterministic Jitter includes different categories such as periodic jitter. and increased throughput in common situations. Protocol Design DPT is implemented as two counter-rotating rings. This means the network is composed of two completely separate rings of fiber that are both able to transmit data concurrently. It was one of the major influences on the Resilient Packet Ring/802. but once a failure occurs. and the bounds can easily be observed and predicted. Both control packets. Spatial Reuse Protocol or SRP. The use of SRP in conjunction with DPT makes it possible for DPT to communicate with the physical layer. The peak-to-peak value of this jitter is bounded.

gov/ fs-1037/ fs-1037c. Overhead reduction is accomplished by allocating flow control and error correction functions to either the user applications or the network nodes that interface with the user. and others. As aforementioned. This ensures that a fiber cut or link failure (layer 1 error) will be rectified and IP traffic will be resumed within 50 ms.25 switches. or IPS. bldrdoc.Dynamic Packet Transport 86 DPT Packet Structure The structure of a DPT Packet is quite similar to that of Ethernet. FPS does not refer to a switch that can directly support packet switching over an X. It contains a source and destination MAC address (both 48-bits long). This means that the DPT protocol can operate above several physical mediums such as SONET/SDH. Cell relay and frame relay are two implementations of fast packet switching. DPT also contains a "plug and play" feature which dynamically fetches the MAC addresses of neighboring devices which provides for very simple configuration with little to no setup prior to functional data transfer. Fast packet switching In telecommunications. References [1] http:/ / www. DPT is composed of two rings for fault tolerance and increased throughput.25 interfaace as faster speeds than eisting X. DPT Topologies Both DPT and SRP are independent of their physical layers. The method for switching between these two rings in the event of a failure is called Intelligent Protection Switching. and an FCS used to validate the data. its. htm . fast packet switching is a packet switching technique that increases the throughput by eliminating overhead. References •  This article incorporates public domain material from the General Services Administration document "Federal Standard 1037C" [1]. Gigabit Ethernet. a protocol type identifier (used for identifying the upper layer protocol contained in the payload).

Later uses refer to similar structures. • A Firewall is a security system that adds a level of protection between your computer and the internet. such as the metal sheet separating the engine compartment of a vehicle or aircraft from the passenger compartment. History The term firewall originally referred to a wall intended to confine a fire or potential fire within a building. Lawrence Livermore. Firewall technology emerged in the late 1980s when the Internet was a fairly new technology in terms of its global use and connectivity." .Firewall (computing) 87 Firewall (computing) A firewall is a device or set of devices designed to permit or deny network transmissions based upon a set of rules and is frequently used to protect networks from unauthorized access while permitting legitimate communications to pass. • If one of the computers is infected. many firewalls can perform [1] basic routing functions. The predecessors to firewalls for network security were the routers used in [2] the late 1980s: An example of a user interface for a firewall on Ubuntu (Gufw) • Clifford Stoll's discovery of German spies tampering with his system[2] • Bill Cheswick's "Evening with Berferd" 1992 in which he set up a simple electronic to observe an attacker[2] • In 1988. and NASA Ames. Stanford. • Firewall helps to prevent viruses and worms to enter into your computer. UC San Diego. firewall on each computer help to prevent the spread of virus in a network Many personal computer operating systems include software-based firewalls to protect against threats from the public Internet. Many routers that pass data between networks contain firewall components and. conversely. An illustration of where a firewall would be located in a network. an employee at the NASA Ames Research Center in California sent a memo by email to his colleagues [3] that read. "We are currently under attack from an Internet VIRUS! It has hit Berkeley.

Instead.Firewall (computing) • The Morris Worm spread itself through multiple vulnerabilities in the machines of the time. the Morris Worm was the first large scale attack on Internet security. it filters each packet based only on information contained in the packet itself (most commonly using a combination of the packet's source and destination address. and. with a little bit of peeking into the transport layer to figure out source and destination port numbers.e. in addition to what first-generation look for. or reject it (discard it. file transfer). if a rule in the firewall exists to block telnet access. those types of traffic (such as web browsing. [9] Second generation: "stateful" filters From 1989-1990 three colleagues from AT&T Bell Laboratories. the online community was neither expecting an attack nor prepared to deal with one. the state of a connection can itself be one of the criteria which trigger specific rules. remote printing. the port number). the device checks for matches to any of the packet filtering rules that are configured in the firewall and drops or rejects the packet accordingly. Therefore they regard placement of each individual packet within the packet series. Dave Presetto. developed the second generation of firewalls. . Bill Cheswick and Steve Bellovin were continuing their research in packet filtering and developed a working model for their own company based on their original first generation architecture. TCP and UDP protocols constitute most communication over the Internet. and Kshitij Nigam. and thus control. the packet filter will drop (silently discard) the packet. unless the machines on each side of the packet filter are both using the same non-standard ports.[8] When a packet originates from the sender and filters through a firewall.[4] 88 First generation: packet filters The first paper published on firewall technology was in 1988. Although it was not malicious in intent. a part of an existing connection. [6] for TCP and UDP traffic. If a packet matches the packet filter's set of rules. Janardan Sharma. This type of packet filtering pays no attention to whether a packet is part of an existing stream of traffic (i. For example. or is an invalid packet. work up to layer 4 (transport layer) of the OSI model. then the firewall will block the TCP protocol for port number 23. it filters the packet on a protocol/port number basis (GSS). and because TCP and UDP traffic by convention uses well known ports for particular types of traffic. calling them circuit level firewalls. its protocol. a "stateless" packet filter can distinguish between. when engineers from Digital Equipment Corporation (DEC) developed filter systems known as packet filter firewalls. This technology is generally referred to as a stateful packet inspection as it maintains records of all connections passing through the firewall and is able to determine whether a packet is the start of a new connection. it stores no information on connection "state").[5] Packet filters act by inspecting the "packets" which represent the basic unit of data transfer between computers on the Internet. This type of firewall can actually be exploited by certain Denial-of-service attacks which can fill the connection tables with illegitimate connections. email transmission. which means most of the work is done between the network and physical layers. and send "error responses" to the source). At AT&T Bell Labs. This fairly basic system was the first generation of what became a highly evolved and technical internet security feature. Second-generation firewalls. Though there is still a set of static rules in such a firewall.[7] Packet filtering firewalls work mainly on the first three layers of the OSI reference model. When the packet passes through the firewall.

which could be easily implemented and accessed on a computer operating system such as Microsoft's Windows or Apple's MacOS. An application firewall is much more secure and reliable compared to packet filter firewalls because it works on all seven layers of the OSI model. The existing deep packet inspection functionality of modern firewalls can be shared by Intrusion-prevention systems (IPS). and it can detect if an unwanted protocol is sneaking through on a non-standard port or if a protocol is being abused in any harmful way. It is expected that due to the nature of malicious communications this trend will have to continue to enable organizations to be truly secure. Telnet. Good examples of application firewalls are MS-ISA (Internet Security and Acceleration) server. Many of these applications can not only be blocked or allowed but manipulated by the more advanced firewall products to allow only certain functionality enabling network security administrations to give users functionality without enabling unnecessary vulnerabilities. if an organization wants to block all the information related to "foo" then content filtering can be enabled on the firewall to block that particular word. Subsequent developments In 1992. by requesting the user's signature for each connection. Bob Braden and Annette DeSchon at the University of Southern California (USC) were refining the concept of a firewall. McAfee Firewall Enterprise & Palo Alto PS Series firewalls.Firewall (computing) 89 Third generation: application layer The key benefit of application layer filtering is that it can "understand" certain applications and protocols (such as File Transfer Protocol. The product known as "Visas" was the first system to have a visual integration interface with colors and icons. which is very approximate and can be easily turned around. In 1994 an Israeli company called Check Point Software Technologies built this into readily available software known as FireWall-1. Software-based firewalls (MS-ISA) are much slower than hardware based stateful firewalls but dedicated appliances (McAfee & Palo Alto) provide much higher performance levels for Application Inspection. . An application firewall can filter higher-layer protocols such as FTP. DHCP. Another axis of development is about integrating identity of users into Firewall rules. authpf on BSD systems loads firewall rules dynamically per user. from the application down to the physical Layer. As a consequence these advanced version of the "Third Generation" firewalls are being referred to as "Next Generation" and surpass the "Second Generation" firewall. Currently. after authentication via SSH. UDP and TFTP (GSS). For example. the Middlebox Communication Working Group of the Internet Engineering Task Force (IETF) is working on standardizing protocols for managing firewalls and other middleboxes. DNS. DNS. TCP. or web browsing). HTTP. This is similar to a packet filter firewall but here we can also filter information on the basis of content. The NuFW firewall provides real identity-based firewalling. In 2009/2010 the focus of the most comprehensive firewall security vendors turned to expanding the list of applications such firewalls are aware of now covering hundreds and in some cases thousands of applications which can be identified automatically. Many firewalls provide such features by binding user identities to IP or MAC addresses.

application firewalls only have more complex rulesets for the standard services. ipfw (FreeBSD/Mac OS X). source port. prompts are used to define rules for processes that have not yet received a connection. Stateful firewalls maintain context about active sessions. and use that "state information" to speed packet processing. it will be allowed to pass without further processing. Application firewalls function by determining whether a process should accept any given connection. operate at a relatively low level of the TCP/IP protocol stack. iptables/ipchains (Linux).. destination service like WWW or FTP. application firewalls can prevent all unwanted outside traffic from reaching protected machines. TTL values. Modern firewalls can filter traffic based on many packet attributes like source IP address. firewalls can restrict or prevent outright the spread of networked computer worms and trojans. and can be faster for simple filters that require less time to filter than to look up a session. If a packet does not match an existing connection. Application-layer Application-layer firewalls work on the application level of the TCP/IP stack (i. They block other packets (usually dropping them without acknowledgment to the sender). Given the variety of software that exists. or all telnet or ftp traffic). they cannot make more complex decisions based on what stage communications between hosts have reached. pf (OpenBSD. It is rare to find application firewalls not combined or used in conjunction with a packet filter.Firewall (computing) 90 Types There are different types of firewalls depending on where the communication is taking place. In principle. not allowing packets to pass through the firewall unless they match the established rule set. The additional inspection criteria can add extra latency to the forwarding of packets to their destination. However. where the communication is intercepted and the state that is being traced. or default rules may apply. and the current stage of the connection's lifetime (including session initiation. The extent of the filtering that occurs is defined by the provided ruleset. and many other attributes. The firewall administrator may define the rules. Commonly used packet filters on various versions of Unix are ipf (various). Network layer firewalls generally fall into two sub-categories. They can filter based on protocols. Any existing network connection can be described by several properties. If a packet matches an existing connection based on comparison with the firewall's state table. destination IP address or port. Stateless firewalls require less memory. UDP or TCP ports. including source and destination IP address. all browser traffic. and may intercept all packets traveling to or from an application. of the source. Application firewalls work much like a packet filter but application filters apply filtering rules (allow/block) on a per process basis instead of filtering connections on a per port basis. These per process rulesets have limited efficacy in filtering every . stateful and stateless. Application firewalls accomplish their function by hooking into socket calls to filter the connections between the application layer and the lower layers of the OSI model. it will be evaluated according to the ruleset for new connections. application firewalls further filter connections by examining the process ID of data packets against a ruleset for the local process involved in the data transmission. handshaking. Application firewalls that hook into socket calls are also referred to as socket filters. The term "packet filter" originated in the context of BSD operating systems. also called packet filters. Generally. On inspecting all packets for improper content. and all other BSDs). or completion connection). They may also be necessary for filtering stateless network protocols that have no concept of a session. data transfer. such as sharing services. netblock of originator. [10] Network layer and packet filters Network layer firewalls.e.[11] Also.

UDP By Erik Rodriguez [8] William R. also referred to as sandboxing. References [1] Definition of Firewall (http:/ / www. 2003 Virus may elude computer defenses (http:/ / news. to protect vulnerable services. internetfirewall. edu/ ~treport/ tr/ 02-12/ firewall. net/ tcpudp. org/ article/ internet-firewall-basics/ the-history-of-firewalls. pdf) Firewalls by Dr. the NAT function was developed to address the limited number of IPv4 routable addresses that could be used or assigned to companies or individuals as well as reduce both the amount and therefore cost of obtaining enough public addresses for every computer in an organization. symantec. Aviel D. com/ newspapers?id=neIqAAAAIBAJ& sjid=Vo4EAAAAIBAJ& pg=4057. Check PointResources [2] A History and Survey of Network Firewalls (http:/ / www. ietf.Talal Alkharobi [4] RFC 1135 The Helminthiasis of the Internet (http:/ / tools. and the hosts protected behind a firewall commonly have addresses in the "private address range". Network address translation Firewalls often have network address translation (NAT) functionality.6607496& dq=firewall& hl=en) by Charles Duhigg.[12] 91 Proxies A proxy device (running either on dedicated hardware or as software on a general-purpose machine) may act as a firewall by responding to input packets (connection requests.Firewall (computing) possible association that may occur with other processes. edu. Conversely. cs. An example of a next generation application firewall is AppArmor included in some Linux distributions. symantec. intruders may hijack a publicly-reachable system and use it as a proxy for their own purposes. Steven M. Rubin (2003). application firewalls are beginning to be supplanted by a new generation of application firewalls that rely on mandatory access control (MAC). While use of internal address spaces enhances security. Cheswick. google. & f=false)". tech-faq. wanredundancy. such as memory corruption exploits. Hiding the addresses of protected devices has become an increasingly important defense against network reconnaissance. unm. crackers may still employ methods such as IP spoofing to attempt to pass packets to a target network. by Cheswick et al. com/ books?id=_ZqIh0IbcrgC& lpg=PA142& dq=Firewalls and Internet Security. com/ connect/ articles/ software-firewalls-made-straw-part-1-2 [12] http:/ / www. html [11] http:/ / www. " Google Books Link (http:/ / books. Bellovin. html The History of Firewalls [6] http:/ / www. these per process ruleset cannot defend against modification of the process via exploitation. Washington Post [10] Firewall http:/ / www. Also. as defined in RFC 1918. skullbox. com/ connect/ articles/ software-firewalls-made-straw-part-1-2 . org/ resources/ firewall/ network-layer-firewall Network Layer Firewall [7] http:/ / www. Firewalls and Internet security: repelling the wily hacker [9] Aug 29. Because of these limitations. Firewalls often have such functionality to hide the true address of protected hosts. Originally. sa/ user062/ CSE55101/ firewall. com/ resources/ firewall/ ). kfupm. by Cheswick et al. Proxies make tampering with an internal system from the external network more difficult and misuse of one internal system would not necessarily cause a security breach exploitable from outside the firewall (as long as the application proxy remains intact and properly configured). checkpoint. php TCP vs. org/ html/ rfc1135) [5] http:/ / www. while blocking other packets. google. the proxy then masquerades as that system to other internal machines. com/ firewall. for example) in the manner of an application. pdf) Kenneth Ingham and Stephanie Forrest [3] (http:/ / ocw. & pg=PA176#v=onepage& q=Firewalls and Internet Security.

a thorough reference and tutorial Frame (networking) In computer networking and telecommunication. If a receiver is connected to the system in the middle of a frame transmission. [2] "RFC 1122: Requirements for Internet Hosts — Communication Layers" (http:/ / tools."[2] Examples are Ethernet frames (maximum 1500 byte plus overhead). i. ietf.htm) . In this consist. specifically time-division multiplex (TDM) and time-division multiple access (TDMA). it ignores the data until it detects a new frame synchronization sequence. 2005-09-20.com/infocus/1840) .securityfocus. . The frame is also an entity for time-division duplex. a frame is a data packet on the Layer 2 of the OSI model.cisco. with references to the original papers where first firewall work was reported. In computer networking. com/ free/ t_DataLinkLayerLayer2.42 modem frames. org/ html/ rfc1122& #035. compiled by Matt Curtin.page-18). Retrieved 2010-06-07. In telecommunications. and provides a timeline of the evolution. O’Reilly .e. Retrieved 2010-01-31. a sequence of bits or symbols making it possible for the receiver to detect the beginning and end of the packet in the stream of symbols or bits. one for each logical TDM channel or TDMA transmitter.com/catalog/9781565928718) Second Edition. • Evolution of the Firewall Industry (http://www.[1] A frame is "the unit of transmission in a link layer protocol. a frame is a digital data transmission unit or data packet that includes frame synchronization. . October 1989.cs.unm. a frame is a cyclically repeated data block that consists of a fixed number of time slots. tcpipguide. TDM application examples are SONET/SDH and the ISDN circuit switched B-channel.Firewall (computing) 92 External links • Internet Firewalls: Frequently Asked Questions (http://www. . 18. • A History and Survey of Network Firewalls (http://www.com/univercd/cc/td/doc/product/iaabu/centri4/user/ scf4ch3.faqs.a technical view on software firewall design and potential weaknesses • Building Internet Firewalls (http://oreilly. htm). Marcus Ranum and Paul Robertson. RFC 1122.securityfocus. IETF. The TCP/IP Guide. and consists of a link-layer header followed by a packet. References [1] "Data Link Layer (Layer 2)" (http:/ / www. TDMA examples are the 2G and 3G circuit switched cellular voice services. where the mobile terminal may transmit during some timeslots and receive during others.org/faqs/firewalls-faq/).edu/~treport/tr/02-12/firewall. a frame is typically an entity at the physical layer.com/infocus/1839) and Software Firewalls: Made of Straw? Part 2 (http://www. how packets are processed.Discusses different architectures and their differences. • Software Firewalls: Made of Straw? Part 1 (http://www. PPP frames and V.pdf) provides an overview of firewalls at the various ISO levels. p.

The LLC sublayer takes the network protocol data. including the FCS terminating the frame. Extra bytes may be added so frames have a minimum length for timing purposes. Frame Relay 16 bits.Cisco Systems"].com . the frame is discarded. and fields contained within them. including the trailing FCS. and compares it to the received FCS. (OSI model) All frames and the bits. used in the Ethernet with 32 bits. When the destination node receives the frame the FCS number is recalculated and compared with the FCS number included in the frame. The data package includes the message to be sent. which is an IP packet. By far the most popular FCS algorithm is a cyclic redundancy check (CRC). 100615 cisco. The sending host computes a checksum on the entire frame and appends this as a trailer to the data.Frame check sequence 93 Frame check sequence A frame check sequence (FCS) refers to the extra checksum characters added to a frame in a communication protocol for error detection and correction. and other data link layer protocols. If the two numbers are different.25 16 or 32 bits. an error is assumed. This number is added to the end of a frame that is sent. References [1] "Frame Relay Glossary [Frame Relay (http:/ / www. com/ en/ US/ tech/ tk713/ tk237/ technologies_tech_note09186a00801e32e7. cisco. The FCS is often transmitted in such a way that the receiver can compute a running sum over the entire frame. shtml) . and expect to see a fixed result (such as zero) when it is correct. HDLC 16 or 32 bits. The FCS field contains a number that is calculated by the source node based on the data in the frame. . An Ethernet frame. bytes.[1] Point-to-Point Protocol (PPP) 16 or 32 bits. or user application data. LLC bytes are also included with the Data field in the IEEE standard frames. are susceptible to errors from a variety of sources. Such an FCS generally appears immediately before the frame-ending delimiter. and request retransmission of the faulty frame. Frames are used to send upper-layer data and ultimately the user application data from a source to a destination. and adds control information to help deliver the packet to the destination node. This way it can detect whether any data was lost or altered in transit. X. It may then discard the data. The receiving host computes the checksum on the frame using the same algorithm. Layer 2 communicates with the upper layers through LLC.

This is essential for the interworking with PSTN. and the minimum requirements for the synchronization function of network equipment.G.8261/Y.5 Gbit/s and OC-192 at 10 Gbit/s. The packet is the fundamental unit of information in computer networks. 8261-200804-I/ en Gigapackets Gigapackets are billions (109) of packets or datagrams. These rates are seen in network speeds of gigabit Ethernet or 10 Gigabit Ethernet and SONET Optical Carrier rates of OC-48 at 2.pactiming) "Timing and Synchronization Aspects in Packet Networks" specifies the upper limits of allowable network jitter and wander. int/ rec/ T-REC-G. as the communications industry moves toward an all IP core and edge network. Usage Packet networks have been inherently asynchronous. The goal is provide a Primary Reference Clock (PRC) traceable clock for the TDM applications. External links • ITU-T G. the minimum requirements that network equipment at the TDM interfaces at the boundary of these packet networks can tolerate.8261 recommendation publication [1] References [1] http:/ / www. However. itu.1361 (formerly G. The bit rates that are used to create gigapackets are in the range of gigabits per second.8261 ITU-T Recommendation G. there is a need to provide synchronization functionality to traditional TDM-based applications.8261 94 G. especially fiber optic networks. Data transfer rates in gigapackets per second are associated with high speed networks. .

application specific data supplied by the Receiving Application. The interface between the Sending Application and Sending Entity and the interface between the Receiving Entity and Receiving Application are proprietary. The Response Packet will be returned to the Sending Entity. The resulting structure is here referred to as the (Secured) Command Packet. googlecode. htm). Application messages are commands or data exchanged between an application resident in or behind the GSM PLMN and on the SIM. References [1] "GSM 03. the Receiving Entity shall create a (Secured) Response Packet. Under normal circumstances the Receiving Entity receives the Command Packet and unpacks it according to the security parameters indicated in the Command Header. It then applies the requested security to part of the Command Header and all of the Application Message. Retrieved 16 May 2011. 3gpp. Retrieved 16 May 2011. com). Both the Response Header and the application specific data are secured using the security mechanisms indicated in the received Command Packet. [2] "GSM 03.48 Version 890" (http:/ / www. 3gpp.GSM 03. subject to constraints in the transport layer. [3] "3GPP Standard Page" (http:/ / www. If so indicated in the Command Header. org/ ftp/ Specs/ html-info/ 0348. .48 95 GSM 03. The Response Packet consists of a Security Header (the Response Header) and optionally. Secured Packets contain application messages to which certain mechanisms according to GSM 03. 48/ 0348-890. (e. org/ ftp/ Specs/ archive/ 03_series/ 03.48 Scope It is used to the exchange of secured packets between an entity in a GSM PLMN and an entity in the SIM. The Sending Entity prepends a Security Header (the Command Header) to the Application Message. .g. [1] [2] [3] Overview The Sending Application prepares an Application Message and forwards it to the Sending Entity. The Receiving Entity subsequently forwards the Application Message to the Receiving Application indicating to the Receiving Application the security that was applied. timing). Retrieved 16 May 2011.48 Java API and Realization Library" (https:/ / gsm0348.48 have been applied. . including any padding octets. . with an indication of the security to be applied to the message. zip).

IPv6 packets are typically transmitted over a Link Layer protocol.[2] [3] The remaining two bits are used for ECN. OSPF) instead. as they do for IPv4. Traffic Class (8 bits) The bits of this field hold two values. The payload of an IPv6 packet is typically a datagram or segment of the higher-level Transport Layer protocol. The control information in IPv6 packets is subdivided into a mandatory fixed header and optional extension headers. which is used to classify packets.[1] Flow Label specifications and minimum requirements are described. such as Ethernet which encapsulates each packet in a frame.[5] [6] and first uses of this field are emerging.[7] Payload Length (16 bits) . and a payload consisting of user data.. Flow Label (20 bits) Originally created for giving real-time applications special service. Hosts may use fragmentation to send packets larger than the observed path MTU. The 6 most-significant bits are used for DSCP.[1] It has the following format: Fixed header format Offsets Octet Octet 0 4 8 12 16 20 24 28 32 36 Bit   0  32  64  96 128 160 192 224 256 288 Destination Address 0 1 2 3  0  1  2  3  4  5  6  7  8  9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 Version Traffic Class Payload Length Source Address Flow Label Next Header Hop Limit Version (4 bits) The constant 6 (bit sequence 0110). Fixed header The fixed header of an IPv6 packet consists of its first 40 octets (320 bits). Hosts are "strongly recommended" to implement path MTU discovery to take advantage of MTUs greater than the smallest MTU of 1280 octets. ICMPv6) or Link Layer (e.IPv6 packet 96 IPv6 packet An IPv6 packet is the smallest message entity exchanged via the Internet Protocol across an Internet Protocol version 6 (IPv6) network.g. [1] Routers do not fragment IPv6 packets. but this may also be a higher layer tunneling protocol. but may be data for an Internet Layer (e. Packets consist of control information for addressing and routing.[4] priority values subdivide into ranges: traffic where the source provides congestion control and non-congestion control traffic. such as IPv4 when using 6to4 or Teredo transition technologies.g..

[1] The headers form a chain. which may appear twice. including sending and receiving node. This value is decremented by one at each intermediate node the packet visits. Hop Limit (8 bits) Replaces the time to live field of IPv4. This field usually specifies the transport layer protocol used by a packet's payload. Note that all extension headers are optional and should only appear at most once. using the Next Header fields. the header has no checksum to protect it. which need to be processed at every intermediate node on the packet's path. When extension headers are present in the packet this field indicates which extension header follows. the Next Header field of the last extension header indicates the type of the upper-layer protocol header in the payload of the packet. it should discard the packet and send an Parameter Problem message (ICMPv6 type 4. and since current link layer technology is assumed to provide sufficient error detection[9] . The values are shared with those used for the IPv4 protocol field.IPv6 packet The size of the payload in octets. When the counter reaches 0 the packet is discarded. The length is set to zero when a Hop-by-Hop extension header carries a Jumbo Payload option. [1] There are several extension headers defined. except for the Destination Options header.[8] Next Header (8 bits) Specifies the type of the next header. Source Address (128 bits) The IPv6 address of the sending node. code 1). as both fields have the same function (see List of IP protocol numbers). Extension headers are to be examined and processed at the packet's destination only. except for Hop-by-Hop Options.[1] 97 Extension headers Extension headers carry optional Internet Layer information. In order to increase performance. should there be more than one extension header following the fixed header. . All extension headers are a multiple of 8 octets in size.[1] When a Next Header value 0 appears in a header other than the fixed header a node should do the same. including any extension headers. some extension headers require internal padding to meet this requirement. and new extension headers may be defined in the future. Destination Address (128 bits) The IPv6 address of the destination node(s). The Next Header field in the fixed header indicates the type of the first extension header. If a node does not recognize a specific extension header. and are placed between the fixed header and the upper-layer protocol header. The defined extension headers below are listed in the preferred order.

The Destination Options extension header need to be examined by the destination node(s) only. if more options are present than will fit in that space. but passed unaltered by routers. blocks of 8 octets are added to the header repeatedly—containing options and padding—until all options are represented. including sending and receiving nodes.IPv6 packet 98 Extension Header Hop-by-Hop Options Destination Options (before routing header) Routing Fragment Authentication Header (AH) Encapsulating Security Payload (ESP) Type 0 60 43 44 51 50 Description Options that need to be examined by all devices on the path.[1] There could. Carries encrypted data for secure communication. Bit   0  32  64 . still be data in the payload if the payload length in the first header of the packet is greater than the length of all extension headers in the packet. Contains parameters for fragmentation of datagrams. not including the first 8 octets. Options are TLV-coded. Methods to specify the route for a datagram (used with Mobile IPv6). The extension headers are both at least 8 octets in size. the IPv6 packet ends right after it: the payload should be empty.. Hop-by-Hop Options and Destination Options extension header format Offsets Octet Octet 0 4 8 .. not even a header of an upper-layer protocol. Options (variable) Contains one or more options. and optional padding fields to align options and to make the total header length a multiple of 8 octets. Options that need to be examined only by the destination of the packet.. Contains information used to verify the authenticity of most parts of the packet. This data should be ignored by hosts.. It means that. however. Options that need to be examined only by the destination of the packet. from the header's point of view.. Options and Padding Next Header (8 bits) Specifies the type of the next header. Hop-by-hop options and destination options The Hop-by-Hop Options extension header needs to be examined by all nodes on the packet's path.. 0 1 2 3  0  1  2  3  4  5  6  7  8  9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 Next Header Hdr Ext Len Options and Padding Optional: more Options and Padding . . Destination Options (before upper-layer header) 60 Value 59 (No Next Header) in the Next Header field indicates that there is no next header whatsoever following this one. Hdr Ext Len (8 bits) Length of this header in 8-octet units.

Routing Type (8 bits) 0. The Fragment extension header carries the information necessary to reassemble the original (unfragmented) packet..IPv6 packet 99 Routing The Routing extension header is used to direct a packet to one or more intermediate nodes before being sent to its destination. blocks of 8 octets are added to the header repeatedly. Segments Left (8 bits) Number of nodes this packet still has to visit before reaching its final destination. Hdr Ext Len (8 bits) The length of this header.. Next Header (8 bits) Indicates the type of the next header. Type-specific Data (variable) Data that belongs to this type of routing header. Routing types Due to the fact that with Routing Header type 0 a simple but effective[10] denial-of-service attack could be launched. Routing Header type 1 is used for the Nimrod[12] project funded by DARPA.. 1... Bit   0  32  64 .[1] . until all Type-specific Data is placed. The header is at least 8 octets in size. the sending node splits the packet into fragments. in multiples of 8 octets..[1] Routing extension header format Offsets Octet Octet 0 4 8 . 0 1 2 3  0  1  2  3  4  5  6  7  8  9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 Next Header Hdr Ext Len Type-specific Data Routing Type Segments Left Optional: more Type-specific Data . this header is deprecated[11] and host and routers are required to ignore these headers. if more Type-specific Data is needed than will fit in 4 octets. Fragment In order to send a packet that is larger than the path MTU. not including the first 8 octets. Routing Header type 2 is a limited version of type 0 and is used for Mobile IPv6. where it can hold the Home Address of the Mobile Node. or 2.

0 means last fragment. Packets with such payloads are called jumbograms. Reserved (8 bits) Initialized to all zeroes. Fragment Offset (13 bits) Offset. allows the exchange of packets with payloads of up to one byte less than 4 GB (232 − 1 = 4294967295 bytes). plus 40 octets for the fixed header. support for IPv6 jumbograms requires modifications to the Transport Layer protocol implementation. Most Link Layer protocols cannot process packets larger than 65535 octets. (2 bits) Reserved. plus 8 octets for the Hop-by-Hop extension header).IPv6 packet 100 Fragment extension header format Offsets Octet Octet 0 4 Bit   0  32 0 1 2 3  0  1  2  3  4  5  6  7  8  9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 Next Header Reserved Identification Fragment Offset Rsvd. Identification (32 bits) Packet identification value. Authentication Header (AH) and Encapsulating Security Payload (ESP) The Authentication Header and the Encapsulating Security Payload are part of IPsec and are used identically in IPv6 and in IPv4. . Since both TCP and UDP include fields limited to 16 bits (length. by making use of a 32-bit length field. in 8-octet units.[13] [14] Payload The fixed and optional IPv6 headers are followed with the upper-layer payload. the data provided by the transport layer.[8] Jumbograms are only relevant for links that have a MTU larger than 65583 octets (more than 65535 octets for the payload. capable of specifying a maximum size of 65535 octets for the payload. relative to the start of the fragmentable part of the original packet. generated by the source node. initialized to zeroes. for example a TCP segment or a UDP datagram. urgent data pointer). Needed for reassembly of the original packet. M Flag (1 bit) 1 means more fragments follow. Jumbogram An optional feature of IPv6. The Next Header field of the last IPv6 header indicates what type of payload is contained in this packet. M Next Header (8 bits) Identifies the type of the next header. Standard payload length The payload length field of IPv6 (and IPv4) has a size of 16 bits. Rsvd. the jumbo payload option in a Hop-By-Hop Options extension header[8] .

Each fragment is a multiple of 8 octets in length. . If neither extension headers are present. except the last. and a piece of the fragmentable part of the original packet. The Next Header value of the last (extension) header of the unfragmentable part is set to 44 to indicate that a Fragment extension header follows. unless they have previous assurance that the receiver is capable of reassembling such large datagrams. the sending host may use the Fragment extension header in order to perform end-to-end fragmentation of IPv6 packets. contain up to 1500 bytes. If not all fragments are received within 60 seconds after receiving the first packet with a fragment.[1] End nodes in IPv6 are expected to perform path MTU discovery to determine the maximum size of packets to send. Therefore. IPv6 routers never fragment IPv6 packets.IPv6 packet 101 Fragmentation Unlike in IPv4. Fragmenting A packet containing a fragment of an original (larger) packet consists of two parts: the unfragmentable part of the original packet (which is the same for all fragments). Reassembly The original packet is reassembled by the receiving node by collecting all fragments and placing each fragment at the right offset and discarding the Fragment extension headers of the packets that carried them. after reassembly. whose flag is set to 0. except the last fragment. they will be rearranged by the receiving node. Hosts are permitted to make an attempt to reassemble fragmented datagrams larger than 1500 bytes. if the upper-layer protocol is unable to do so. Receiving hosts must make a best-effort attempt to reassemble fragmented IP datagrams that. The first fragment(s) hold the rest of the extension headers (if present). and the upper-layer protocol is expected to limit the payload size. After that the rest of the payload follows. Each Fragment extension header has its M flag set to 1 (indicating more fragments follow). identified by a fragment offset. senders should avoid sending fragmented IP datagrams with a total reassembled size larger than 1500 bytes. similarly to the IPv4 method when the Don't Fragment bit set. Any data link layer conveying IPv6 data must be capable of delivering an IP packet containing 1280 bytes without the need to invoke end-to-end fragmentation at the IP layer. After the Fragment extension header a fragment of the rest of the original packet follows. or else the Hop-by-Hop extension header. Packets containing fragments need not arrive in sequence. code 1) is returned to the node originating the fragmented packet. but they are also permitted to silently discard any datagram after it becomes apparent that the reassembled packet would be larger than 1500 bytes. However. reassembly of the original packet is abandoned and all fragments are discarded. if the packet was discarded for this reason. the unfragmentable part is just the fixed header. If the first fragment was received (which contains the fixed header). The unfragmentable part of a packet consists of the fixed header and some of the extension headers of the original packet (if present): all extension headers up to and including the Routing extension header. a Time Exceeded message (ICMPv6 type 3. Packets exceeding the size of the maximum transmission unit of the destination link are dropped and this condition is signaled by a Packet too Big ICMPv6 type 2 message to the originating node.

ietf.. IETF.. RFC 3260. RMS.. Neville-Neil.. D. A. ITU-T G. RFC 1992. Hinden. N. J. In clock recovery applications it is called timing jitter. [9] RFC 1726 section 6. (December 1998) Definition of the Differentiated Service Field (DS Field) in the IPv4 and IPv6 Headers (http:/ / tools. (March 2004) IPv6 Flow Label Specification (http:/ / tools. the signal amplitude.. RFC 3168. Arnoud Ebalard (April 2007). jitter can be expressed in terms of spectral density (frequency content). html) IETF. or peak-to-peak displacement. (December 2005) IP Encapsulating Security Payload (http:/ / tools. Steenstrup. (December 2005) IP Authentication Header (http:/ / tools. (August 1999). Conta. org/ html/ rfc4302. Blake. PCI-e. (December 2007).g. ietf. org/ html/ rfc2675).. Chiappa. ietf. S. html). IETF. Hinden..2 [10] Philippe Biondi. affect the performance of processors in personal computers. The amount of tolerable jitter depends on the affected application. "IPv6 Routing Header Security" (http:/ / www. Black. ietf.. org/ html/ rfc5095). . Jitter frequency. Jitter is a significant. ietf. Carpenter. RFC 2460. RFC 5095. D.. IETF. ietf. B. org/ html/ rfc4303. introduce clicks or other undesired effects in audio signals. G. and loss of transmitted data between network devices. Retrieved 3 December 2010. I. html). .. B. org/ html/ rfc2474. Jitter may be caused by electromagnetic interference (EMI) and crosstalk with carriers of other signals. Savola. EADS. [12] Castineyra. org/ html/ rfc3260. R. Internet Protocol. K. e. pdf) (pdf). OC-48). (April 2002) New Terminology and Clarifications for DiffServ (http:/ / tools. D. Jitter Jitter is the time variation of a periodic signal in electronics and telecommunications. ietf. S. [7] draft-blake-ipv6-flow-label-nonce-02 (http:/ / tools. Also like other time-varying signals. org/ html/ draft-blake-ipv6-flow-label-nonce-02) [8] Borman.g. D. Deering. S. M. [6] Rajahalme. Black. factor in the design of almost all communications links (e. Floyd. IETF. [4] Ramakrishnan. IETF. S. R. and usually undesired. IETF. Baker. html) IETF.. K. (Augustus 1996) The Nimrod Routing Architecture (http:/ / tools. RFC 4202. (September 2001) The Addition of Explicit Congestion Notification (ECN) to IP (http:/ / tools. IPv6 Jumbograms (http:/ / tools.. [13] Kent. ietf. Deprecation of Type 0 Routing Headers in IPv6 (http:/ / tools. ietf. S.. F. RFC 2675. org/ html/ rfc1992)'. the more commonly quoted figure. [3] Grossman.. often in relation to a reference clock source. org/ html/ rfc3697). secdev. "Type 0: the evil mechanism.... SATA. Jitter period is the interval between two times of maximum effect (or minimum effect) of a signal characteristic that varies regularly with time.. html). or phase of periodic signals. version 6 (IPv6) Specification (http:/ / tools. org/ html/ rfc3595). S. org/ html/ rfc3168. [5] Wijnen. [2] Nickols. Deering. S. ietf. [14] Kent. ietf.[1] Jitter can be quantified in the same terms as all time-varying signals. RFC 4203. J. RFC 3697. RFC 2474.810 classifies jitter frequencies below 10 Hz as wander and frequencies at or above 10 Hz as jitter.. P. IETF. Jitter may be observed in characteristics such as the frequency of successive pulses. IETF. (December 1998). USB. RFC 3595." [11] Abley. org/ conf/ IPv6_RH_security-csw07. org/ html/ rfc2460). (September 2003) Textual Conventions for IPv6 Flow Label (http:/ / tools. IETF.IPv6 packet 102 References [1] Deering. is its inverse. ietf. Jitter can cause a display monitor to flicker.

However.Jitter 103 Sampling jitter In conversion between digital and analog signals. the term jitter is often used as a measure of the variability over time of the packet latency across a network. Compact disc seek jitter In the context of digital audio extraction from Compact Discs.[3] PDV is an important quality of service factor in assessment of network performance. A jitter meter is a testing instrument for measuring clock jitter values. for this use. CD manufacturers avoid seek jitter by extracting the entire disc in one continuous read operation using special CD drive models at slower speeds so the drive does not re-seek. Most extraction programs perform seek jitter correction. As a result. less than a nanosecond of jitter can reduce the effective bit resolution of a converter with a Nyquist frequency of 22 kHz to 14 bits. In some conditions. the sampling frequency is normally assumed to be constant. . This is a consideration in high-frequency signal conversion. the extraction process may restart a few samples early or late. resulting in doubled or omitted samples. A network with constant latency has no variation (or jitter). The problem occurs because the Red Book (audio CD standard) does not require block-accurate addressing during seeking. Various effects can come about depending on the pattern of the jitter in In telecommunications circuit analysis an Eye diagram shows distortions caused by jitter.[2] Packet jitter is expressed as an average of the deviation from the network mean latency. The standards-based term is packet delay variation (PDV). seek jitter causes extracted audio samples to be doubled-up or skipped entirely if the Compact Disc drive re-seeks. A successful approach to correction in software involves performing overlapping reads and fitting the data to find overlaps at the edges. CD-ROM data discs are not subject to seek jitter. These glitches often sound like tiny repeating clicks during playback. the term is imprecise. Packet jitter in computer networks In the context of computer networks. relation to the signal. or where the clock signal is especially prone to interference. Samples should be converted at regular intervals. and is used in manufacturing DVD and CD-ROM discs. Due to additional sector level addressing added in the Yellow Book (CD standard). If there is jitter present on the clock signal to the analog-to-digital converter or a digital-to-analog converter then the instantaneous signal error introduced will be proportional to the slew rate of the desired signal and the absolute value of the clock error.

the reference point for jitter is defined such that the mean jitter is 0. it can be thought of as the discrete-time derivative of period jitter. Accordingly. RMS). and dark blue) meaningful peaks (which is the case in account for about 99. in particular IP networks such as the Internet. the unit used for the above types of jitter is usually the Unit Interval (abbreviated UI) which quantifies the jitter in terms of a fraction of the ideal period of a bit. it can be thought of as the discrete-time derivative of absolute jitter. Absolute units such as picoseconds are more common in microprocessor applications. . In networking. Cycle-to-cycle jitter is the difference in length of any two adjacent clock periods. it is useful to quantify them separately. jitter can refer to the variation (statistical dispersion) in the delay of the packets. medium.Jitter 104 Phase jitter metrics For clock jitter. Hence. If jitter has a Gaussian distribution. It can be important for some types of clock generation circuitry used in microprocessors and RAM interfaces. Often. Since they have different generation mechanisms. and the performance of the circuitry is limited by the average clock period. Absolute jitter is the absolute difference in the position of a clock's edge from where it would ideally be. different circuit effects. it is usually quantified using the standard deviation of this distribution (aka. All have shortcomings but most tend to be good enough for the purposes of engineering work. Accordingly. Period jitter (aka cycle jitter) is the difference between any one clock period and the ideal clock period. This can occur if the jitter is caused by external sources such as power supply noise.7%. there are three commonly used metrics: absolute jitter. synchronous circuitry benefits from minimizing period jitter. Note that typically. This unit is useful because it scales with clock frequency and thus allows relatively slow interconnects such as T1 to be compared to higher-speed internet backbone links such as OC-192. period jitter. and cycle to cycle jitter. Many efforts have been made to meaningfully quantify distributions In the normal distribution one standard deviation from the mean (dark blue) accounts for that are neither Gaussian nor have about 68% of the set. Period jitter tends to be important in synchronous circuitry like digital state machines where the error-free operation of the circuitry is limited by the shortest possible clock period. and different measurement methodology. so that the shortest clock period approaches the average clock period. In telecommunications. jitter distribution is significantly non-Gaussian. while two standard deviations from the mean (medium and dark blue) account for about 95% and three standard deviations (light. Units of degrees and radians are also used. all real jitter). In these cases. peak-to-peak measurements are more useful.

The central limit theorem states that composite effect of many uncorrelated noise sources.3 10−13 7. jitter in serial bus architectures is measured by means of eye diagrams. and thus impose tighter tolerances on jitter. which may have eye openings on the order of 1000 picoseconds. One example of bounded uncorrelated jitter is Periodic jitter. Determistic jitter can either be correlated to the data stream (data-dependent jitter) or uncorrelated to the data stream (bounded uncorrelated jitter). Testing of device performance for jitter tolerance often involves the injection of jitter into electronic components with specialized test equipment. T = Dpeak-to-peak + 2× n×Rrms. according to industry accepted standards. approaches a Gaussian distribution. One of the main differences between random and deterministic jitter is that deterministic jitter is bounded and random jitter is unbounded. also called Gaussian jitter. n BER 6. and the bounds can easily be observed and predicted. It is believed to follow this pattern because most noise or jitter in a electrical circuit is caused by thermal noise. The peak-to-peak value of this jitter is bounded. Another reason for random jitter to have a distribution like this is due to the central limit theorem. which has a Gaussian distribution.6 10−14 Total jitter Total jitter (T) is the combination of random jitter (R) and deterministic jitter (D): in which the value of n is based on the bit error rate (BER) required of the link.4 10−10 6. Testing Testing for jitter and its measurement is of growing importance to electronics engineers because of increased clock frequencies in digital electronic circuitry to achieve higher device performance. regardless of the distributions. Random jitter typically follows a Gaussian distribution or Normal distribution. For example. This is extremely small compared to parallel bus architectures with equivalent performance. A common bit error rate used in communication standards such as Ethernet is 10−12. modern computer motherboards have serial bus architectures with eye openings of 160 picoseconds or less. A less .Jitter 105 Types Random jitter Random Jitter. Deterministic jitter Deterministic jitter is a type of clock timing jitter or data signal jitter that is predictable and reproducible. Higher clock frequencies have commensurately smaller eye openings. For example. Examples of data-dependent jitter are duty-cycle dependent jitter (also known as duty-cycle distortion) and intersymbol interference. Jitter is measured and evaluated in various ways depending on the type of circuitry under test. is unpredictable electronic timing noise.7 10−11 7 10−12 7.

compliant systems are required to conform to these standards. with the required values for these attributes varying among different applications. Inside digital to analog converters jitter causes unwanted high-frequency distortions. thus minimizing the perceptual impact of the adaptation. AJCs operate by re-timing the output pulses so they align more closely to an idealised pulse signal. see the paper by S. A dejitterizer usually consists of an elastic buffer in which the signal is temporarily stored and then retransmitted at a rate based on the average rate of the incoming signal. that allows the lengths of the silence periods to be adjusted. the term packet delay variation is often preferred over jitter. The standards cover jitter tolerance.Jitter direct approach—in which analog waveforms are digitized and the resulting data stream analyzed—is employed when measuring pixel jitter in frame grabbers. Filtering A filter can be designed to minimize the effect of sampling jitter. . Chen entitled. Ahmed and T. such as waiting-time jitter. Dejitterizer A dejitterizer is a device that reduces jitter in a digital signal. In the context of packet-switched networks. Adaptive de-jittering is usually carried out for audio play-outs that feature a VAD/DTX encoded audio. the goal of jitter measurement is to verify that the jitter will not disrupt normal operation of the circuitry. A dejitterizer is usually ineffective in dealing with low-frequency jitter. Minimizing the effects of sampling jitters in wireless sensors networks. The maximum jitter that can be countered by a de-jitter buffer is equal to the buffering delay introduced before starting the play-out of the mediastream. In this case it can be suppressed with high fidelity clock signal usage.[4] In all cases. Some systems use sophisticated delay-optimal de-jitter buffers that are capable of adapting the buffering delay to changing network jitter characteristics. as well as for data sampling systems such as the analog-to-digital converter and digital-to-analog converter. Examples of anti-jitter circuits include phase-locked loop and delay-locked loop. These are known as adaptive de-jitter buffers and the adaptation logic is based on the jitter estimates computed from the arrival characteristics of the media packets. For more information. There are standards for jitter measurement in serial bus architectures. 106 Mitigation Anti-jitter circuits Anti-jitter circuits (AJCs) are a class of electronic circuits designed to reduce the level of jitter in a regular pulse signal. which may appear offensive to the listener or viewer. They are widely used in clock and data recovery circuits in digital communications. Where applicable. Jitter buffers Jitter buffers or de-jitter buffers are used to counter jitter introduced by queuing in packet switched networks so that a continuous playout of audio (or video) transmitted over the network can be ensured. jitter transfer function and jitter generation. Adaptive de-jittering involves introducing discontinuities in the media play-out.

pdf).com/en/digital_clocking.pdf). and Kowalski Jitter Requirements (https://mentor.com/literature/cp/cp-01048-jitter-resonance.altera. solutions and recommended values (http://www. and Spectroscopic Mechanisms (http://www.pdf). Computer Networks and Internets (http:/ / books. Data Encoding.pdf).antelopeaudio. Alexander (2008). Mike P.com/literature/cp/cp-01052-jitter-classification.sid66_gci906844.org/wiki/ Clock_and_data_recovery/Introduction/Definition_of_(phase)_jitter) • Zamek. [1] Wolaver..org/802. (2008).altera. Presented at Electronics Components and Technology Conference 2009.wikibooks. SOC-System Jitter Resonance and Its Impact on Common Approach to the PDN Impedance (http:// www.cfm/an_pk/377/CMP/WP-35) A Heuristic Discussion of Fibre Channel and Gigabit Ethernet Methods • Jitter in Packet Voice Networks (http://www.altera. Presented at International Test Conference 2008. in/ books?id=tm-evHmOs3oC& pg=PA476). . • Phabrix SxE . Hui.Causes. • Liu.ieee. com/ support/ pixjiter. Douglas E. Iliya. Artech ISBN 089006248X External links • Jitter in VoIP .211 [2] Comer.pdf) • An Introduction to Jitter in Communications Systems (http://www. Prentice Hall. and Varma.Hand-held Tool for eye and jitter measurement and analysis (http://www.ppt) (Causes. Xiaohong Jiang.com) • Miki. [3] RFC 3393.com/QoS/QoS_Jitter. IP Packet Delay Variation Metric for IP Performance Metrics (IPPM).iol.maxim-ic.Jitter 107 References  This article incorporates public domain material from the General Services Administration document "Federal Standard 1037C" [1] (in support of MIL-STD-188). pages 211-237 • Trischitta.00. A New Jitter Classification Method Based on Statistical. Pre-Driver PDN SSN.maxim-ic. IETF (2002) [4] Khvilivitzky.en.shtml) • Clock and data recovery/Introduction/Definition of (phase) jitter (http://en. google. Prentice Hall. Mike P. Physical. and Their Impact on SSJ (http://www. Jitter and Signal Integrity Verification for Synchronous and Asynchronous I/Os at Multiple to 10 GHz/Gbps (http://www.cfm/an_pk/1916/ CMP/WP-34) • Jitter Specifications Made Easy (http://www.techtarget. . php) • Jitter Buffer (http://searchenterprisevoice.unh. Retrieved 2008-02-15.edu/pub/mplsServices/other/ QoS_Testing_Methodology. sensoray. Further reading • Wolaver. OPD. • Li.com/sDefinition/0.com/appnotes. Ohtani. co.phabrix.11/dcn/04/ 11-04-1458-00-000n-jitter-requirements. 1991.cisco. Presented at DesignCon 2009.com/literature/cp/cp-01055-impact-ssj. Eve L.altera. pp. ISBN 0-13-662743-9. 476.com/en/US/tech/tk652/tk698/ technologies_tech_note09186a00800945df. "Pixel Jitter in Frame Grabbers" (http:/ / www. Presented at International Test Conference 2008. solutions and recommended values for digital audio) • Igor Levin Terms and concepts involved with digital clocking related to Jitter issues in professional quality digital audio (http://www.html) • Definition of Jitter in a QoS Testing Methodology (ftp://ftp.com/appnotes.com/literature/cp/cp-01049-jitter-si-verification. 1989. 1991. Jitter in Digital Transmission Systems. Dan H. and Zhe Li. htm). Patrick R. p.html) . Hong Shi. Phase-Locked Loop Circuit Design.voipforo. • Li. ISBN 9780136061274.

Conventionally. At the sender. The use of 9000 bytes as preferred size for jumbo frames arose from discussions within the Joint Engineering Team of Internet2 and the U. the same amount of data can be transferred with less effort.[1] Most national research and education networks (such as Internet2/NLR.3 Ethernet standard. and iSCSI (RFC 3720). Inception The original 1500-byte payload size for Ethernet frames was used because of the high error rates and low speed of communications. but most commercial Internet service providers do not. Many Gigabit Ethernet switches and Gigabit Ethernet network interface cards support jumbo frames. interfaces using the standard frame size and interfaces using the jumbo frame size should not be in the same subnet. each frame requires that the network hardware and software process it. although this does not reduce the receiver CPU load.[2] Adoption The IEEE 802 standards committee does not recognize jumbo frames.Jumbo frame 108 Jumbo frame In computer networking. including 802. network interface cards capable of jumbo frames require explicit configuration to use jumbo frames. do provide most of the same gain for the receiver. federal government networks. they did not become part of the official IEEE 802. Many other vendors also adopted the size. If the frame size is increased.5 Token Ring and 802. Interrupt-combining Ethernet chipsets. manufacturers have in turn adopted 9000 bytes as the conventional jumbo frame size.663 bits. This reduces CPU utilization (mostly due to interrupt reduction) and increases throughput by allowing the system to concentrate on the data in the frames. can provide effectively all the gains of jumbo frames without the re-send costs. however. Jumbo frames gained initial prominence when Alteon WebSystems introduced them in their ACEnic Gigabit Ethernet adapters. Internet Protocol subnetworks require that all hosts in a subnet have an identical MTU. however. only 1500 bytes (plus 18 bytes for the frame header and other overhead) must be re-sent to correct the error. In order to meet this mandatory purchasing criterion. This gives two additional bits of error detection ability at MTU-sized data words compared to the Ethernet CRC standard polynomial while not sacrificing HD=4 capability for data word sizes up to and beyond 72k bits. The presence of Jumbo frames may have an adverse effect on network latency. when combined with interrupt combining. if one receives a corrupted packet. Selection of this polynomial was based upon work documented in the paper "32-Bit Cyclic Redundancy Codes for Internet Applications"[3] . Some Fast Ethernet switches and Fast Ethernet network interface cards support jumbo frames. which is more than 9 times the length of an Ethernet MTU.S. instead of the frames around the data. GÉANT. especially on low bandwidth links. . jumbo frames can carry up to 9000 bytes of payload. and without requiring any changes to other stations on the network. Zero-copy NICs and device drivers.11 Wireless LAN. but variations exist and some care must be taken when using the term. To reduce interoperability issues. However. jumbo frames are Ethernet frames with more than 1500 bytes of payload. and AARNet) support jumbo frames.360 bit data word length) and HD=4 to 114. As a result. ESnet. The Castagnoli polynomial 0x11EDC6F41 achieves the Hamming Distance HD=6 beyond one Ethernet MTU (to a 16. Thus. IETF solutions for adopting Jumbo Frames avoids the data integrity reductions through use of the Castagnoli CRC polynomial being implemented within the SCTP transport (RFC 4960). and work without special consideration and without requiring all stations to support jumbo frames. Their recommendation has been adopted by all other national research and education networks. a similar reduction in CPU utilization can be achieved by using TCP segmentation offloading. as doing so would remove interoperability with existing Ethernet equipment and other 802 protocols.

"Catalyst 3750/3560 Series switches support an MTU of 1998 bytes for all 10/100 interfaces" [2] Jeff Caruso (October 22. pdf) by Philip Koopman. . Generally. Network World. doi. Retrieved July 4. 1016/ . Support of Castagnoli CRC polynomial within a general purpose transport designed to handle data chunks. edu/ ~koopman/ networks/ dsn02/ dsn02_koopman. To overcome the performance penalty. Cisco. ECE Department & ICES. shtml). [3] "32-Bit Cyclic Redundancy Codes for Internet Applications" (http:/ / www. com/ en/ US/ products/ hw/ switches/ ps700/ products_configuration_example09186a008010edab. This however implies the covariant scaling of numerous intermediating logic circuits along the network path. networkworld. cisco. osn. errors generated internal to NICs can be detected as well. may take some time. 109 Baby giant frames Baby giants are frames that are only slightly larger than allowed by the IEEE Ethernet standards. Retrieved 2011-08-22. required. as line bit rate increases. a subsequent increase. 2011. both at end nodes and intermediate transit nodes. 10. One of the major impediments toward the adoption of Jumbo Frames has been the inability to upgrade existing Ethernet infrastructure that would be needed to avoid a reduction in the ability to detect errors. since these errors with simple summations tend to be self cancelling. As the nodes in general use reciprocating logic to handle the packets. As it has been a relatively difficult. the packet payload size should increase in direct proportion to maintain equivalent timing parameters.Jumbo frame By using a CRC checksum rather than simple additive checksums as contained within the UDP and TCP transports. 1998). The main factor involved with an increase in the maximum segment size (MSS) is an increase in the available memory buffer size in all of the intervening persistence mechanisms along the path. and above. The main benefit of this is the reduction of the packet rate. "Alteon still stumping for Jumbo Frames" (http:/ / www. process to increase the path MTU of high performance national research and education networks from 1518 bytes to 9000 bytes or so. both provide improved error detection rates despite the use of Jumbo Frames where increase of the Ethernet MTU would have otherwise resulted in a significant reduction in error detection. to accommodate the maximum transmission unit (MTU). References [1] "Jumbo/Giant Frame Support on Catalyst Switches Configuration Example" (http:/ / www. . ece. html). 001) [4] 16 000–64 000 B pMTU experiments with simulation: The case for super jumbo frames at Supercomputing ’05 (http:/ / dx. and somewhat lengthy. This relationship becomes increasingly important as average network line bit rate increases to 10 gigabits per second. The relative scalability of network data throughput as a function of packet transfer rates is related in a complex manner [4] to payload size per packet. possibly to 64000 bytes for example. cmu. the number of machine cycles spent parsing packet headers decreases as the average MSS per packet increases. Intel now offers 1Gb NIC (82576) and 10Gb NIC (X520) that off-load SCTP checksum calculations and Core i7 processors support the CRC32c instruction as part of their new SSE4 vector math instruction set. and within a TCP transport designed to carry SCSI data. Both TCP and UDP have proven ineffective at detecting bus specific bit errors. as found with TCP and UDP. 2006. Testing that led to adoption of RFC 3309 compiled evidence based upon simulated error injection against real data that demonstrated as much as 2% of these errors were not being detected. org/ 10. com/ news/ 1022alteon.[1] Super jumbo frames Super jumbo frames (SJFs) are generally considered to be Internet packets which have a payload in excess of the tacitly accepted jumbo frame size of 9000 bytes. CRC calculations done in software have always resulted in slower performance than that achieved when using simple additive checksums. Carnegie Mellon University j.

Historically.ca/rrx/hpc/sc05.com/~phil/jumbo. R.com/content/view/30201/54/ ) • How to Jumbo Frames in Archlinux (http://wiki. is reached only on networks that have a suitable Link Layer infrastructure.ieee802.ece.967.org/3/frame_study/index.smallnetbuilder.php) • Pushing up the Internet MTU (http://www. 2/23/1998 in NetworkWorld • SJF Supercomputing 2005 Demo (http://www. allows the exchange of packets with payloads of up to one byte less than 4 GiB (232 − 1 = 4. a jumbogram (portmanteau of jumbo and datagram) is a packet of any size exceeding the standard Maximum Transmission Unit (MTU) of the underlying network technology at either the Link Layer or the Internet Layer. References [1] Borman. Thus.archlinux. S.wareonearth. Alteon Networks.294. Hinden.NetworkWorld.org/index. org/ html/ rfc2675). IPv6 Jumbograms (http:/ / tools. In discussions of jumbograms for Link Layer technologies. Deering. urgent data pointer). by making use of a 32-bit length field.295 bytes).3as Frame Expansion Task Force (http://www. The jumbo payload option and the transport-layer modifications are described in RFC 2675.com/forum/0223jumboyes. IETF.rutherford-research. include data size parameters limited to only 16 bits (length.edu/~mathis/MTU) • IEEE 802. RFC 2675.pdf) • Need To Know: Jumbo Frames in Small Networks (http://www.. While IPv4 has no facilities to exceed its theoretical IP MTU limit. in the context of IPv6 a jumbogram is understood as an IPv6 packet carrying a payload larger than 65535octets[1] IPv6 jumbograms An optional feature of IPv6. This theoretical limit for the Internet Protocol (IP) MTU. (August 1999). thus allowing data of up to 65535octets. the jumbo payload option. such as the Transmission Control Protocol (TCP) and the User Datagram Protocol (UDP). . the designers of IPv6 have provided a protocol extension to permit packets of larger size.edu/~koopman/networks/ dsn02/dsn02_koopman..Jumbo frame 110 External links • Jumbo Frames .cmu.php/Jumbo_Frames) Jumbogram In packet-switched computer networks. The support for IPv6 jumbograms required a redesign in all Transport Layer protocols. D.html).html) • 32-Bit Cyclic Redundancy Codes for Internet Applications (http://www.psc. they are often referred to as jumbo frames. Transport Layer protocols. however. by Selina Lo. ietf. The payload length field of IPv4 and IPv6 has a size of 16 bits.Where to use it? (http://sd.html) • Jumbo frames? Yes! (http://www.

and the user is only running a thin client locally that forwards game controller actions upstream to the game server. But.[4] In distributed applications (such as MMORPGs). since once an input from the player is received. and user tolerance for lag depends highly upon the type of game. Adventure Quest Worlds. fast chess is a turn-based game that is fast action and may not tolerate high lag. Actual latency is often much higher because of packet processing in networking equipment.[2] [3] The most common use regards online gaming when the game doesn't respond in sync with the player's controls. The game server then renders the next frame of the game video which is compressed using low-lag video compression and is sent downstream and decompressed by the thin client. The term lag is often also used as a synonym for communication latency. And. usually due to a slow internet connection.[6] In general parlance. Lag is also often used in reference to video games to describe to the delay (or latency) between an action by a player and the reaction of the game. and the time to receive and decode the data. lag is often caused by communication latency. and the display of the video on a display device) must be low enough that the user perception is that the game is running . A minimum bound on latency is determined by the distance between communicating devices and the speed at which the signal propagates in the circuits (typically 70–95% of the speed of light in vacuum). For instance. the specific characteristic of the game matter. and other traffic. the game must compute the next frame of video and that video frame must be scanned out to a display device. It includes the time to encode the packet for transmission and transmit it. Heroes of Newerth. For example.[4] Lag in cloud gaming Cloud gaming is a type of online gaming where the entire game is hosted on a game server in a data center. incur online lag due to a combination of local and remote processing lag and communications latency. Lag in online multiplayer gaming All online video games such as Minecraft. the round-trip lag of all elements of the cloud gaming system (the thin client. the round-trip network latency between a client game and the host server is referred to as the client's ping time. League of Legends. some twitch games can be designed such that only events that impact the outcome of the game introduce lag. video game lag refers to delays that are noticeable to a player. the video and audio compression and decompression. This is also known as "one-way latency". World of Warcraft. [1] In real-time applications. the Internet and/or LAN connection the game server. whereas a twitch gameplay game such as a first-person shooter with a considerably higher pace may require significantly lower delay to be able to provide satisfying gameplay. server latency or overworked hardware. For the cloud gaming experience to be acceptable. the time for that data to traverse the network equipment between the nodes. The tolerance for lag depends heavily on the type of game.[5] This can be misleading because there can be other causes for the symptom. the game execution on the game server. But in general parlance. etc. RuneScape. which is the time taken for a sent packet of data to be received at the other end.Lag 111 Lag Lag is a common word meaning to fail to keep up or to fall behind. similarly as it does for local gaming. allowing for fast local response most of the time. Lag in local video gaming All video games incur some lag. the term is used when the application fails to respond in a timely fashion to inputs. Call of Duty. a strategy game or a turn-based game with a low pace may have a high threshold or even be mostly unaffected by high delays. Final Fantasy XI.

Retrieved 2010-08-27. . Retrieved 2010-08-27. Gamezone. [11] "Digital Foundry vs.htm) . Unreal Tournament 3 incurs up to 133ms of lag on a console[10] and was tested in July 2010 as incurring 150ms in lag on OnLive. com/ 2010/ 01/ 21/ beta-testing-at-the-speed-of-light/ ). reviewers reported a steady reductions in lag due to constant improvements in the technology. 2010-02-23. In fact. according to OnLive.stanford. Lag and Servers" (http:/ / www. 2009-12-13. edu/ ~almeroth/ classes/ W10. Eurogamer Digital Foundry. com/ video/ d8-video-onlive-demo/ 9D57A2C6-24ED-4351-8266-F3F7BA0C4D18/ ). columbia.com/guide/lag. [10] "Console Gaming: The Lag Factor" (http:/ / www. brighthub. The FU Foundation School of Engineering & Applied Science (Columbia University). eurogamer."[12] 112 References [1] "lag" at dictionary. [12] "OnLive Does What Consoles Can’t: The promise of constant performance upgrades may pull it ahead of today’s consoles. 2010-07-09. Retrieved 2010-08-27. org/ downloads/ GVSETS/ GVSETSPapers/ Robotic Systems/ Mitigating the Effects of Time Lags on Driving Performance. . Retrieved 2010-01-23.[11] In September 2010. [9] "Beta Testing at the Speed of Light" (http:/ / blog.Lag Section (http://www. Mac. .[11] resulting in the assessment in July 2010 that "Out of controlled conditions. Retrieved 2010-01-23. 2009-09-05.[7] [8] Because of such tight lag requirements.[9] Cloud gaming is a very new technology. [7] "D8 Video:OnLive demoed on iPad. aspx/ ). iPhone" (http:/ / video. . Bright Hub!. wiktionary.net (http:/ / www.bluesnews. External links • The Gamer's Guide from Blues News . Stupid (http://rescomp.html) • Bandwidth and Latency (http://compnetworking. cs. seas.about. cloud gaming lag is only slightly higher than local console lag. OnLive has managed to get within spitting distance of console response times". com/ video-games/ pc/ articles/ 45925. 290F/ papers/ claypool-10. Retrieved 2010-08-19. org/ wiki/ lag) [3] Mitigating the Effects of Time Lags on Driving Performance (robotics) (http:/ / www.Lag locally." (http:/ / www. I forgot that it wasn't running natively on my PC. . . net/ reference/ articles/ article712. Wall Street Journal. 2010-09-06.edu/~cheshire/rants/Latency.com (http:/ / dictionary. distance considerations of the speed of light through optical fiber come into play. Eurogamer Digital Foundry. pdf/ ).reference. to the point where "the actions on screen were one-to-one with my input controls. ndia-mich.com/od/speedtweaks/l/aa021902a. OnLive" (http:/ / www. asp) [6] "Latency Can Kill: Precision and Deadline in Online Games" (http:/ / www. allthingsd. onlive. 2010-08-09. eurogamer. currently limiting the distance between a user and a cloud gaming game server to approximately 1000 miles. PC. com/ editorials/ item/ onlive_succeeds_consoles_by_constant_performance_upgrades/ ). gamedev. the only company thus far operating a cloud gaming service. For example. [8] "The Process of Invention: OnLive Video Game Service" (http:/ / tv. reference. Retrieved 2010-08-27. Retrieved 2010-08-27. ACM. Console. [5] What is Lag? at gamedev. but early tests have shown that in practice. net/ articles/ digitalfoundry-lag-factor-article?page=3/ ). gamezone. com/ browse/ lag) [2] "lag" at wiktionary (http:/ / en. net/ articles/ digitalfoundry-vs-onlive-article/ ). 2010-01-21. ucsb. edu/ videos/ 545/ 60/ 79). OnLive.htm) • It's the Latency. . . pdf) [4] "Noob Glossary: Ping.

such as a line or neighbor going down or coming back up again. Link state acknowledgment packet Link State Acknowledgment Packets are OSPF packet type 5.Link state packet 113 Link state packet Overview Link State Packet (LSP) is a packet of information generated by a network router in a link state routing protocol that lists the router's neighbors. These packets implement the flooding of link state advertisements. They must be acknowledged. because it generates exponential behavior. However. To make the flooding of link state advertisements reliable. that is. and can be distributed throughout the network. Developing Link State Packets When Information needed for exchange is collected. but cannot use the routing database. Several link-state advertisement may be included in a single packet. ordinary flooding may result in problems. the retransmitted advertisements are always carried by unicast Link State Update packets. a router then builds a packet containing all the data. the complex part is determining when to build them. the delay to that neighbor is given. OSPF's reliable update mechanism is implemented by Link State Update and Link State Acknowledgment packets. to the multicast address AllDRouters. Link state packet can also be further defined as special datagrams that determine the names of and the cost or distance to any neighboring routers and associated networks. This acknowledgment is accomplished through the sending and receiving of Link State Acknowledgment packets. Depending on the state of the sending interface and the source of the advertisements being acknowledged. For each neighbor. and must time out at about the same time. . or as a unicast. flooded advertisements are explicitly acknowledged. A major procedure called flooding which is used for distributing link state algorithms throughout the routing domain can be implemented with link state packets. Multiple link state advertisements can be acknowledged in a single Link State Acknowledgment packet. Link State Update packets are multicast on those physical networks that support multicast/broadcast. followed by a sequence number and age. LSPs are queued for transmission. and the cost of changing a link if the need arises. or changing its properties appreciatively. if a link failure occurs. Link state update packet Link State Update packets are OSPF packet type 4. or when some significant event occurs. The packet starts with the identity of the sender. at regular intervals. They are used to efficiently determine what the new neighbor is. on the other hand recognizes link state packets appropriately. and a list of neighbors. Building a link state packet is usually easy. a Link State Acknowledgment packet is sent either to the multicast address AllSPFRouters. Smart flooding. One way to reduce this problem is to build them periodically. Each Link State Update packet carries a collection of link state advertisements one hop further from its origin. Types of Link State packets Link state packets are usually implemented with Open Shortest Path First(OSPF) protocol. flooded advertisements are acknowledged in Link State Acknowledgment packets. If retransmission of certain advertisements is necessary. In order to make the flooding procedure reliable.

Packet loss Packet loss occurs when one or more packets of data travelling across a computer network fail to reach their destination. it is important to note that packet loss does not always indicate a problem. retransmitting missing packets causes the throughput of the connection to decrease. Mass. Inc. faulty network drivers or normal routing routines (such as DSR in ad-hoc networks ). . Don Anderson Anderson. In addition to this. For example. [5] Packet recovery Some network transport protocols such as TCP provide for reliable delivery of packets. In the event of packet loss. Effects When caused by network problems. Protocols such as UDP provide no recovery for lost packets. if a transmitted packet is lost. This drop in throughput is due to the sliding window protocols used for acknowledgment of received packets. and will affect all other network applications to a degree. and therefore “[m]issing one . packet drop because of channel congestion [1] [2] . for Voice over IP traffic. faulty [3] networking hardware. corrupted packets rejected in-transit. In certain variants of TCP. performance at a node is often measured not only in terms of delay. lost or dropped packets can result in highly noticeable performance issues or jitter with streaming technologies. but also in terms of the probability of packet loss…a lost packet may be retransmitted on an end-to-end basis in order to ensure that all data are[sic] eventually transferred from source to destination.Link state packet 114 References • FireWire system architecture : IEEE 1394a / MindShare. 1953Reading. [6] Although TCP can recover from packet loss. voice over IP. This retransmission causes the overall throughput of the connection to drop. packet loss probability is also affected by signal-to-noise ratio and distance between the transmitter and receiver. Don. Acceptable packet loss “The fraction of lost packets increases as the traffic intensity increases. the only effect seen due to the occasional dropped packet is jitter. Applications that use UDP are expected to define their own mechanisms for handling packet loss. it will be re-sent along with every packet that had been sent after it. c1999 • Routing in communications networks / editor. the receiver asks for retransmission or the sender automatically resends any segments that have not been acknowledged.” [7] The amount of packet loss that is acceptable depends on the type of data being sent. Martha Steenstrup Englewood Cliffs. Causes Packet loss can be caused by a number of factors including signal degradation over the network medium due to multi-path fading. Packet loss is distinguished as one of the three main error types encountered in digital communications. If the latency and the packet loss at the destination hop are acceptable then the hops prior to that one don't matter. 1995 • Radia Perlman “Rbridges: Transparent Routing”. : Addison-Wesley. Infocom 2004. the other two being bit error and spurious packets caused due to noise. online gaming and videoconferencing. NJ : Prentice Hall. Therefore. [4] However.

"Packet loss or latency at intermediate hops. [9] Kurose. Perkins. also known as a bottleneck. C. packets may be intentionally dropped in order to slow down specific services for no other reason than to dissuade users from using those services. (2010). which is where the aforementioned packet retransmission schemes are used.php?simu=tcp_fast_retransmit&protocol=TCP&title=4. com/ kb/ 24) (HTTP). J. New York: Addison-Wesley. W. P 602.Packet loss or two packets every now and then will not affect the quality of the conversation. For these types of connections. (2010). K. Computer Networking: A Top-Down Approach. and is related to the erlang unit of measure. P 30. . (2010). Kurose. then there is no other solution than to drop packets. K. Computer Networking: A Top-Down Approach. visualland. & Ross. Computer Networking: A Top-Down Approach. K. J. J. & Ross. Mansfield. Boston: Addison-Wesley. and Security. dropping packets when the queue is full is a poor solution for any connection that requires real-time throughput. L. Software. This type of packet dropping is called tail drop. F. K. J." (http:/ / www. P 30.”[8] On the other hand. W. Ad-Hoc Networking. P 282-283 External links • Interactive animation of TCP fast retransmit simulation: packet loss detection and recovery. K. Most basic networking equipment will use FIFO queuing for packets waiting to go through the bottleneck and they will drop the packet if the queue is full at the time the packet is received. & Ross. a single dropped packet could result in losing part of the file. Computer Networking from LANs to WANs: Hardware. New York: Addison-Wesley. P501. K. However. W. J. Cengage Learning.net/tcp_histrory. K. (2001). P 242. J. F. F. when transmitting a text document or web page. New York: Addison-Wesley. P 147. packet loss is not necessarily an indication of poor connection reliability or a bottleneck. & Ross. J.[9] The TCP protocol is designed with a slow-start connection strategy so that excessive packet loss will cause the sender to throttle back and stop flooding the bottleneck point with data (using perceived packet loss as feedback to discover congestion). W. F. Kurose. [10] Kurose. Losses between 5% and 10% of the total packet stream will affect the quality significantly. J. W. (2010). When given a situation where the amount of content due to be pushed through a connection is growing at a rate greater than it is possible to push through that connection. (2010). (2010). E. W. & Antonakos. quality of service and other methods are applied.Fast transmit&ctype=1) . (http://www. New York: Addison-Wesley. New York: Addison-Wesley. P 42-43. For this reason. (2010). Computer Networking: A Top-Down Approach. F. F. Retrieved 2007-02-25. In some connections. Kurose. [10] The data packets will be transmitted over a longer duration. Computer Networking: A Top-Down Approach. & Ross. P 30. Computer Networking: A Top-Down Approach. There are many methods used for determining which packets to drop. & Ross. Kurose. W. New York: Addison-Wesley. & Ross. New York: Addison-Wesley. F. (2010). Packet loss is closely associated with quality of service considerations. K. nessoft. Computer Networking: A Top-Down Approach. 115 References [1] [2] [3] [4] [5] [6] [7] [8] Kurose. Boston: Course Technology. C.

0..255.[3] Examples of Martian packets are[4] : • A packet with a source or destination IPv4 address in the ranges 10. It aims to destabilize the network and sometimes to reveal its available services – when network operators need to restart the disabled ones.[1] The name is derived from packet from Mars. when not participating in a private network.Special Use IPv4 Addresses [5] "IANA IPv4 Address Space Registry" (http:/ / www.Requirements for IP Version 4 Routers [2] RFC 3704 .0. [4] RFC 5735 .Ingress Filtering for Multihomed Networks [3] "Jargon File: martian" (http:/ / www.255/32. or 192. which is reserved for internal broadcast.[2] but can also arise from network equipment malfunction or misconfiguration of a host.0/4. • An incoming packet with a destination address of 255. p. Mangled packets can be generated by dedicated software such as nmap or Nessus.0. .[1] Martian packets commonly arise from IP address spoofing in denial-of-service attacks. iana. firewalls.0. routers or any service present on the network.Mangled packet 116 Mangled packet In computer networking. a mangled or invalid packet is a packet—especially IP packet—which either lacks order or self-coherence. catb. References [1] Javvin Www Networkdictionary Com (1 March 2007).0.0/8. org/ jargon/ html/ M/ martian. . org/ assignments/ ipv4-address-space/ ). a place where packets clearly can not originate. or in [5] the future-use range 240.16. Retrieved 21 April 2011.[1] As of 2008. 172.255.0/8.0/12.0. Their usage is associated with a type of network attack called a denial-of-service (DoS) attack. Martian packet A Martian packet is an IP packet which specifies a source or destination address that is reserved for special-use by Internet Assigned Numbers Authority (IANA) and cannot actually originate as claimed or be delivered. . .0.0/16.0. Javvin Technologies Inc. com/ books?id=On_Hh23IXDUC& pg=PA300).168. google. • An incoming or outgoing packet with a Bogon source or destination address in an as-yet-unallocated range. which is reserved for loopback within the host. • An incoming or outgoing packet whose source or destination address is in the range 127. html). 300. References [1] RFC 1812 . Network Dictionary (http:/ / books. or contains code aimed to confuse or disrupt computers. ISBN 9781602670006. most invalid packets are easily filtered by modern stateful firewalls.

specified in bytes. "The MSS counts only data octets in the segment. It does not count the TCP header or the IP header. Standards (Ethernet. (2006). such as headers or underlying per-packet delays. A larger MTU also means processing of fewer packets for the same amount of data. a 1500-byte packet. NJ. it does not count the TCP header or the IP header. the MSS option is established by operating system on the SYN packet during the TCP handshake. page 2.4k modem for about one second.). either way. A larger MTU brings greater efficiency because each packet carries more user data while protocol overheads.[1] The IP datagram containing a TCP segment may be self-contained within a single packet. the maximum transmission unit (MTU) of a communications protocol of a layer is the size (in bytes) of the largest protocol data unit that the layer can pass onwards. or systems (such as point-to-point serial links) may decide MTU at connect time. Retransmissions of larger packets take longer. and therefore in a single IP datagram. Charles M. Retrieved 2007-11-28.). Each direction of data flow can use a different MSS. . USA: Prentice Hall. per-packet-processing can be a critical performance limitation." [2] http:/ / www. Large packets are also problematic in the presence of communications errors.Maximum segment size 117 Maximum segment size The maximum segment size (MSS) is a parameter of the TCP protocol that specifies the largest amount of data. Internetworking with TCP/IP (5E ed. the largest allowed by Ethernet at the network layer (and hence over most of the Internet). Douglas E. References [1] RFC 879 (http:/ / tools. MTU parameters usually appear in association with a communications interface (NIC. For example. Section 3. For most computer users. At a given bit error rate larger packets are more likely to be corrupted. (2005-09-20). • Kozierok. Upper Saddle River. the resulting higher efficiency means a slight improvement in bulk protocol throughput. Corruption of a single bit in a packet requires that the entire packet be retransmitted. org/ html/ rfc879#section-3). ietf. The TCP/IP Guide [2] (3E ed. remain fixed. for example) can fix the size of an MTU. Therefore: MSS + Header ≤ MTU Every host is required to be able to handle an MSS of at least 536 bytes. causing greater delays to following packets and increasing lag and minimum latency. serial port. tcpipguide. or it may be reconstructed from several fragmented pieces. Further reading • Comer. In some systems. that a computer or communications device can receive in a single TCP segment. com/ free/ t_TCPMaximumSegmentSizeMSSandRelationshiptoIPDatagra-2. ties up a 14. htm Maximum transmission unit In computer networking. the MSS limit applies to the total amount of data contained within the final reconstructed TCP segment. Large packets can occupy a slow link for some time.). etc.

The addition is small. Nearly all IP over Ethernet implementations use the Ethernet V2 frame format. various tunneling situations cross the MTU by very little as they add just a header's worth of data. • When the size of most or all packets exceed the MTU of a particular link that has to carry those packets. the second of which carries very little payload. The same amount of payload is being moved. each of which may have different sized packets. In certain cases the overhead this causes can be considered unreasonable or unnecessary.[2] Media Maximum Transmission Unit (bytes) Internet IPv4 Path MTU At least 68 [3] Practical path MTUs are generally higher. which is 576. Systems may use Path MTU Discovery to find the actual path MTU. [7] Practical path MTUs are generally higher. the entire packet is lost. Systems must use Path MTU Discovery to find the actual path MTU. To get around this issue. Notes Internet IPv6 Path MTU Ethernet v2 Ethernet (802. If the network drops any fragment. IP allows fragmentation: dividing the datagram into pieces. . While a host will know the MTU of its own interface and possibly that of its peers (from initial handshakes). using the MTU parameter configured for that interface.including IP headers but excluding headers from lower levels in the protocol stack. For correct interoperation. Jumbo frames are usually only seen in special purpose networks. The MTU must not be confused with the minimum datagram size that all hosts must be prepared to accept. it will not initially know the lowest MTU in a chain of links to any other peers. the whole Ethernet network must have the same MTU. Another potential problem is that higher-level protocols may create packets larger than a particular link supports. so that the IP layer of the destination host knows it should reassemble the packets into the original datagram. This method implies a number of possible drawbacks: • All fragments of a packet must arrive for the packet to be considered received. This should not be mistaken [5] with the packet size every host must be able to handle. 2272 4464 [8] 4352 [4] IP (Internet protocol) DARPA designed the Internet protocol suite to work over many networking technologies.3) Ethernet Jumbo Frames WLAN (802. but every intermediate router has to do double the work in terms of header parsing and routing decisions. IPv4 links must be able to forward packets of size up to 68 [4] bytes. but each packet now has to be sent in two fragments. For example. each small enough to pass over the single link that is being fragmented for.5) FDDI At least 1280 [4] [4] [6] 1500 1492 1500-9000 The limit varies by vendor. almost everything has to be fragmented.11) Token Ring (802.Maximum transmission unit 118 Table of MTUs of common media Note: the MTUs in this section are given as the maximum size of IP packet that can be transmitted without fragmentation . This fragmentation process takes place at the IP layer (OSI layer 3) and marks packets it fragments as such. which has a value of 576 for IPv4[1] and of 1280 for IPv6.

Most Ethernet LANs use an MTU of 1500 bytes (modern LANs can use Jumbo frames. to prevent denial-of-service attacks). The difference between the MTU seen by end-nodes (e. intact. with IRC a connecting client might see the initial messages up to and including the initial ping (sent by the server as an anti spoofing measure). the path MTU is the largest packet size that can traverse this path without suffering fragmentation. This information allows the source host to reduce its assumed path MTU appropriately. One can possibly work around this. etc. this does not preclude Data Link Layers with an MTU smaller than IP's minimum MTU from conveying IP data. outages. The Internet Protocol requires that hosts must be able to process IP datagrams of at least 576 bytes (for IPv4) or 1280 bytes (for IPv6). in response to various events (load-balancing. Also. if a particular Data Link Layer physically cannot deliver an IP datagram of 1280 bytes in a single frame. . according to IPv6's specification. depending on which part of the network one controls. The process repeats until the MTU becomes small enough to traverse the entire path without fragmentation. Any device along the path whose MTU is smaller than the packet will drop such packets and send back an ICMP "Destination Unreachable (Datagram Too Big)" message containing its MTU. a technique for determining the path MTU between two IP hosts. RFC 4821.g. RFC 1191 (IPv4) and RFC 1981 (IPv6) describe "Path MTU Discovery".g. However. Put another way.Maximum transmission unit • As it is normal to maximize the payload in every fragment. to the IP layer. congestion. 119 Path MTU Discovery The Internet Protocol defines the "Path MTU" of an Internet transmission path as the smallest MTU of any of the IP hops of the "path" between a source and destination. for example one can change the MSS (maximum segment size) in the initial packet that sets up the TCP connection at one's firewall. Packetization Layer Path MTU Discovery. Unfortunately. any further fragmentation that turns out to be necessary will increase the overhead even more. with the possible result of making some sites behind badly-configured firewalls unreachable. to ensure that a 1280-byte IP datagram can be delivered. separate from IP's own fragmentation mechanism. which prevents path MTU discovery from working. border protocols like PPPoE will reduce this. then the link layer MUST provide its own fragmentation and reassembly mechanism.) . in general as well as when fragmenting. It works by setting the DF (Don't Fragment) option in the IP headers of outgoing packets. which may introduce further packet drops before the host finds the new safe MTU. • There is no simple method to discover the MTU of links beyond a node's direct peers. in an IP network. For example. the path from the source address to the destination address often gets modified dynamically. This is because the large set of welcome messages are sent out in packets bigger than the real MTU.this could result in the path MTU changing (sometimes repeatedly) during a transmission. For example. One often detects such blocking in the cases where a connection works for low-volume data but hangs as soon as a host sends a large block of data at a time. but get no response after that. allowing for an MTU up to 9000 bytes). increasing numbers of networks drop ICMP traffic (e. however. 1500) and the Path MTU causes Path MTU Discovery to come into effect. describes a Path MTU Discovery technique which responds more robustly to ICMP filtering.

ATM operates at optimum efficiency when packet length is a multiple of 48 bytes. In order to avoid the problem of long data-frames taking up the medium for long periods of time. we obtain a desired optimal reduced MTU figure of 1478 = 31*48-10 taking into account an overhead of 10 bytes consisting of a Point-to-Point Protocol overhead of 2 bytes. each of which can carry a payload of 48 bytes of user data with 5 bytes of overhead for a total cost of 53 bytes per cell. In the case of IP sent over ADSL using PPPoA the figure of 1478 would be the total length of the IP packet including IP headers. So in this example. Taking this figure of 1488 and subtracting from it any overheads contributed by all relevant higher protocols we can obtain a suggested value for an artificially-reduced optimal MTU. For this reason. So in the worst case. the final cell costing an extra 53 transmitted bytes 47 of which are padding. provides a high-speed (up to 1 Gigabit/s) local area network using existing home wiring (power lines. leaving enough room for a 1488 byte payload. in the form of one extra ATM cell. G. developed by ITU-T. one additional cell is needed to transmit the one last byte of payload. This gives a total cost of 31*53=1643 bytes transmitted via ATM from a 1478 byte packet passed to PPPoA. artificially declaring a reduced MTU in software maximises protocol efficiency at the ATM layer by making the ATM AAL5 total payload length a multiple of 48 bytes whenever possible. Disruption The transmission of a packet on a physical network segment that is larger than the segment's MTU is known as jabber. RFC 2516 prescribes a maximum MTU for PPPoE/DSL connections of 1492: a PPPoE header of 6 bytes. For example. MTU in other standards The G. The G. again choosing to fill 31 ATM cells as before.hn Data Link Layer accepts data frames of up to 214 bytes (16384 bytes). and an AAL5 overhead of 8 bytes. sending between 1489 and 1536 bytes requires an additional fixed cost of 53 bytes transmitted.for example: where an ATM (Asynchronous Transfer Mode) network carries IP traffic.hn standard. For the example of IP over DSL connections using PPPoA/VC-MUX.Maximum transmission unit 120 ATM backbones. Some providers. Many network switches have a built-in capability to detect when a device is jabbering and block it until it resumes proper operation. This is because ATM is sent as a stream of fixed-length packets (known as 'cells'). So the total length of the transmitted data length is 53 * ncells bytes. This is almost always caused by faulty devices.hn defines a procedure for segmentation that divides the data frame into smaller segments. keeping to a self-imposed reduced MTU of 1478 as opposed to sending IP packets of total length 1500 saves 53 bytes per packet at the ATM layer at a cost of a 22 byte reduction of the length of IP packets. use ATM on their internal backbone network.[9] . particularly those with a telephony background. 31 completely filled ATM cells carry a payload of 31*48=1488 bytes. where ncells = the number of required cells of = INT((payload_length+47)/48). where the total length = (48*n+1) bytes. In the case where the user would normally send 1500 byte packets. an example of MTU tuning Sometimes the demands of efficiency encourage artificially declaring a reduced MTU in software below the true maximum possible length supported . or 31 full ATM cells. phone lines and coaxial cables).

"Every internet module must be able to forward a datagram of 68 octets without further fragmentation. p. 13 [2] RFC 2460. htm) • Marc Slemko (January 18. p. com/ infodeli/ tools/ switches/ ss3/ management/ ug/ cli_mg6a. html#TCPMSSTARGET) • Discovering of MTU value (http://help. 1998).Wlan. 24.uk/kitz/) • How to set the TCP MSS value using iptables (http://www.expedient.Optimization Tips (http:/ / www.elifulkerson.com/projects/mturoute.net/iptables-tutorial/iptables-tutorial. Retrieved 2007-09-02. p.and. External links • Tweaking your MTU / RWin for Orange Broadband Users (http://www. 13 [3] RFC 791.com/products/mtupath.com/drtcp) – a utility for optimizing MTU under Microsoft Windows • mturoute (http://www. "Path MTU Discovery and Filtering ICMP" (http://alive. p.net/broadband/mtu_ping_test.cfm)   MTU discovery tool for IPv4 and IPv6 networks . net/ Wireless-Internet-Technologies-and-Applications/ 1925. wireless-center.phildev.iea-software. html) [9] 3Com SuperStack Switch Management Guide (http:/ / support.shtml) via ping and setting it in Microsoft Windows • DrTCP (http://www.znep.php) – a console utility for debugging mtu problems • MSS Initiative (http://www. 3com." [6] RFC 2460 [7] RFC 6145 [8] Structure of the IEEE 802. "Every internet destination must be able to receive a datagram of 576 octets either in one piece or in fragments to be reassembled.frozentux.Wireless.co.11 MAC Frames .orangeproblems.net/mss/) • MTU Path (http://www.dslreports.Configuration.com/~marcs/ mtu/index." [4] RFC 1191 [5] RFC 791.html).Maximum transmission unit 121 References [1] RFC 791.wifi. 24.

g. and fair queueing in devices such as routers. These include: exponential backoff in protocols such as 802. when little or no useful communication is happening due to congestion.11's CSMA/CA and the original Ethernet. window reduction in TCP. Congestion collapse generally occurs at choke points in the network. Typical effects include queueing delay. or to an actual reduction in network throughput. Connection points between a local area network and a wide area network are the most likely choke points. particularly when nearby peers are preferred over distant peers. An example of this is 802. it has settled (under overload) into a stable state where traffic demand is high but little useful throughput is available. but they help to alleviate the effects of congestion for some services. Network protocols which use aggressive retransmissions to compensate for packet loss tend to keep systems in a state of network congestion even after the initial load has been reduced to a level which would not normally have induced network congestion. networks using these protocols can exhibit two stable states under the same level of load. Priority schemes do not solve network congestion by themselves. file transmissions by P2P have no problem filling and will fill an uplink or some other network bottleneck. packet loss or the blocking of new connections. . the backbone can easily be congested by a few servers and client PCs.Network congestion 122 Network congestion In data networking and queueing theory. One example of this is the use of Contention-Free Transmission Opportunities (CFTXOPs) in the ITU-T G.1p. Another method to avoid the negative effects of network congestion is implementing priority schemes. When a network is in such a condition. • Because P2P scales very well. Modern networks use congestion control and network congestion avoidance techniques to try to avoid congestion collapse. A third method to avoid network congestion is the explicit allocation of network resources to specific flows. • Denial of service attacks by botnets are capable of filling even the largest Internet backbone network links (40 Gbit/s as of 2007). RFC 2914 addresses the subject of congestion control in detail. The stable state with low throughput is known as congestive collapse. where the total incoming bandwidth to a node exceeds the outgoing bandwidth. with between 10 and 1000 Mbit/s of incoming bandwidth and at most 8 Mbit/s of outgoing bandwidth. However: • today's (2006) Wireless LAN effective bandwidth throughput (15-100Mbit/s) is easily filled by a single personal computer. A consequence of these latter two is that incremental increases in offered load lead either only to small increases in network throughput. • Even on fast computer networks (e. Thus. and there are high levels of packet delay and loss (caused by routers discarding packets because their output queues are too full) and general quality of service is extremely poor. A DSL modem is the most common small network example. Network capacity The fundamental problem is that all network resources are limited. which provides high-speed (up to 1 Gbit/s) Local area networking over existing home wires (power lines. 1 Gbit). generating large-scale network congestion Congestive collapse Congestive collapse (or congestion collapse) is a condition which a packet switched computer network can reach. including router processing time and link throughput. so that some packets are transmitted with higher priority than others.hn standard. network congestion occurs when a link or node is carrying so much data that its quality of service deteriorates. phone lines and coaxial cables).

A major weakness of this model is that it assumes all flows observe the same price. called the utility. when the NSFnet phase-I backbone dropped three orders of magnitude from its capacity of 32 kbit/s to 40 bit/s. doubling the data rate sent. which prevents the sender from overwhelming the receiver. The optimal rate allocation then satisfies much benefit a user obtains by transmitting at rate such that The Lagrange dual of this problem decouples. which gives rise to a Lagrange multiplier. so that each flow sets its own rate. Theory of congestion control The modern theory of congestion control was pioneered by Frank Kelly. the end points sent extra packets that repeated the information lost. Cause When more packets were sent than could be handled by intermediate routers.Network congestion 123 History Congestion collapse was identified as a possible problem as far back as 1984 (RFC 896. However. vectors and matrix. exactly the opposite of what should be done during congestion. Each link capacity imposes a constraint. although many others are possible. Let . It was first observed on the early Internet in October 1986. strictly convex function. and be 1 if flow uses link and 0 otherwise. dated 6 January). The sum of these Lagrange multipliers. It should not be confused with flow control. early TCP implementations had very bad retransmission behavior. with being either the loss probability or the queueing delay at link . be the be the corresponding be an increasing. Examples of "optimal" rate allocation are max-min fair allocation and Kelly's suggestion of proportional fair allocation. Many current congestion control algorithms can be modelled in this framework. is the price to which the flow responds. The mathematical expression for optimal rate allocation is as follows. Congestion control then becomes a distributed optimisation algorithm for solving the above problem. based only on a "price" signalled by the network. When this packet loss occurred. the intermediate routers discarded many packets. while sliding window flow control causes "burstiness" which causes different flows to observe different loss or delay at a given link. and this continued to occur until end nodes started implementing Van Jacobson's congestion control between 1987 and 1988. so as to avoid congestive collapse by attempting to avoid oversubscription of any of the processing or link capabilities of the intermediate nodes and networks and taking resource reducing steps. expecting the end points of the network to retransmit the information. such as reducing the rate of sending packets. Let be the rate of flow and . Let capacity of link . which measures how . . Congestion control Congestion control concerns controlling traffic entry into a telecommunications network. who applied microeconomic theory and convex optimization theory to describe how individuals controlling their own rates can interact to achieve an "optimal" network-wide rate allocation. This pushed the entire network into a 'congestion collapse' where most packets were lost and the resultant throughput was negligible. .

2.Network congestion 124 Classification of congestion control algorithms There are many ways to classify congestion control algorithms: • By the type and amount of feedback received from the network: Loss. Fair queueing is most useful in routers at choke points with a small number of connections passing through them. and random early detection. single-bit or multi-bit explicit signals • By incremental deployability on the current Internet: Only sender needs modification. where packets are randomly dropped proactively triggering the end points to slow transmission before congestion collapse actually occurs. but progressively slow the rate that information is repeated. only router needs modification. lossy links. Protocols atop UDP which transmit at a fixed rate. • By the aspect of performance it aims to improve: high bandwidth-delay product networks. Provided all end points do this. have any congestion control mechanism. "minimum potential delay" Avoidance The prevention of network congestion and collapse requires two major components: 1. can be troublesome. Protocols built atop UDP must handle congestion in their own way. sender. Real-time streaming protocols. Larger routers must rely on RED. The backbone can thus be provisioned with enough bandwidth to keep congestion at the periphery. End-to-end flow control mechanisms designed into the end points which respond to congestion and behave appropriately. including many Voice over IP protocols. or RED. the congestion lifts and good use of the network occurs. Thus. fairness. special measures. A mechanism in routers to reorder or drop packets under overload. TCP is perhaps the best behaved. variable-rate links • By the fairness criterion it uses: max-min. and the end points all get a fair share of the available bandwidth. but it was not until Van Jacobson's inclusion of an open source solution in the Berkeley Standard Distribution UNIX ("BSD") in 1988 that good TCP implementations became widespread. sender and receiver need modification. delay. congestion in pure datagram networks must be kept out at the periphery of the network. The correct end point behaviour is usually still to repeat dropped information. receiver and routers need modification. . such as quality-of-service routing. Other strategies such as slow-start ensure that new connections don't overwhelm the router before the congestion detection can kick in. independent of congestion. Congestion in the Internet backbone is very difficult to deal with. The first TCP implementations to handle congestion well were developed in 1984. have this property. proportional. cheap fiber-optic lines have reduced costs in the Internet backbone. in itself. The most common router mechanisms used to prevent congestive collapses are fair queueing and other scheduling algorithms. must be taken to keep packets from being dropped from streams. where the mechanisms described above can handle it. In general. advantage to short flows. UDP does not. Some end-to-end protocols are better behaved under congested conditions than others. Fortunately.

even without flow-based RED or WRED.g. By keeping the average queue size small.g. [1] TCP/IP congestion avoidance The TCP congestion avoidance algorithm is the primary basis for congestion control in the Internet. There are many different network congestion avoidance processes. e.g. 50% (lower threshold) filled and deletes linearly more or (better according to paper) cubical more [10] up to e. Experiments have confirmed that the existing RED-like algorithms are notably vulnerable under Low-rate Denial-of-Service [4] (LDoS) attacks due to the oscillating TCP queue size caused by the attacks [11] . RED indirectly signals to sender and receiver by deleting some packets. [2] [3] [4] [5] [6] Problems occur when many concurrent TCP flows are experiencing port queue buffer tail-drops. The average queue buffer lengths are computed over 1 second at a packets. All flows that experience port queue buffer tail-drop will begin a TCP retrain at the same moment . equipment ports with more than one queue buffer. losses.this is called TCP global synchronization. Recent Publications in low-rate Denial-of-Service (DoS) attacks [12] . particularly Low-rate Deinal-of-Service (LDoS) attacks. or delays (see Quality of Service) in order to adjust the transmit speed. Robust random early detection (RRED) Robust Random Early Detection (RRED) algorithm was proposed to improve the TCP throughput against Denial-of-Service (DoS) attacks. The connection bandwidth will be more equally shared among connection oriented flows. time. Then TCP's automatic congestion avoidance is not enough. such as the widely-used TCP protocol.Network congestion 125 Practical network congestion avoidance Implementations of connection-oriented protocols. since there are a number of different trade-offs available. The link utilization will increase because less TCP global synchronization will occur. 100% (higher threshold). queue management will reduce the delays and jitter seen by flows. generally watch for packet errors. weighted random early detection (WRED) could be used if available. Random early detection [8] [9] On network One solution is to use random early detection (RED) on network equipments port queue buffer. RRED algorithm can significantly improve the performance of TCP under Low-rate Denial-of-Service attacks [11] . when the average queue buffer lengths are more than e. Active Queue Management (AQM) Purpose "Recommendations on Queue Management and Congestion Avoidance in the Internet" (RFC 2309[7] ) states that: • • • • Fewer packets will be dropped with Active Queue Management (AQM).

but it requires explicit support by both hosts to be effective. an ECN bit is used to signal that there is explicit congestion. by decreasing the tcp window size (sending rate) or by other means. DBL can utilize IP ECN instead of packet-delete-signalling. this method. Engine IV and V has the possibility to classify all flows in "aggressive" (bad) and "adaptive" (good). graphic or web page. errors during transmission are rare on today's fiber based Internet. the remote servers will send less data. [14] Some outdated or buggy network equipment drops packets with the ECN bit set. [15] [16] TCP Window Shaping Congestion avoidance can also efficiently be achieved by reducing the amount of traffic flowing into a network. However.g. . The TCP connections running over a radio based physical layer see the data loss and tend to believe that congestion is occurring when it isn't and erroneously reduce the data rate sent. Cisco AQM: Dynamic buffer limiting (DBL) Cisco has taken a step further in their Catalyst 4000 series with engine IV and V. thus reducing the congestion and allowing traffic to flow more freely. More information on the status of ECN including the version required for Cisco IOS. it usually advertises a "window" of between 32K and 64K. This is better than the indirect packet delete congestion notification performed by the RED/WRED algorithms. this data creates a congestion point at an upstream provider by flooding the queue much faster than it can be emptied. When there are many applications simultaneously requesting downloads.Network congestion Flowbased-RED/WRED Some network equipment are equipped with ports that can follow and measure each flow (flowbased-RED/WRED) and are hereby able to signal to a too big bandwidth flow according to some QoS policy. 126 When a router receives a packet marked as ECN capable and anticipates (using RED) congestion. this causes WiFi. This results in the server sending a full window of data (assuming the file is larger than the window). It ensures that no flows fill the port queues for a long time. it will set an ECN-flag notifying the sender of congestion. rather than ignoring the bit. By using a device to reduce the window advertisement. by Sally Floyd. e. The sender then ought to decrease its transmission bandwidth. Side effects of congestive collapse avoidance Radio links The protocols that avoid congestive collapse are often based on the idea that data loss on the Internet is caused by congestion. A policy could divide the bandwidth among all flows by some criteria. IP ECN [13] ECN is only used when the two hosts signal that they want to use it. With Another approach is to use IP ECN. This technique can reduce congestion in a network by a factor of 40. This is true in nearly all cases. 3G or other networks with a radio layer to have poor throughput in some cases since wireless networks are susceptible to data loss due to interference.[8] one of the authors of ECN. When an application requests a large file.

and would open and close the connection for each file requested.gov/papers/congavoid. Congestion Avoidance. 6 January 1984 • Introduction to Congestion Avoidance and Control (http://ee. Ref (http:/ / ieeexplore. psu. Karels. html) [2] Van Jacobson. 2000 • RFC 896 (http://tools. edu/ lee00tcp. and Weifeng Chen. google. com/ site/ cwzhangres/ home/ files/ RREDRobustREDAlgorithmtoCounterLow-rateDenial-of-ServiceAttacks. However. ieee. org/ xpl/ freeabs_all. Random Early Detection Gateways for Congestion Avoidance (http:/ / citeseer. Invented Random Early Detection (RED) gateways.Network congestion Short-lived connections The slow-start protocol performs badly for short-lived connections. IEEE/ACM Transactions on Networking. Older web browsers would create many consecutive short-lived connections to the web server. ist. org/ publications/ aqm_iscc2003. 14.The Addition of Explicit Congestion Notification (ECN) to IP [14] Comparative study of RED. which resulted in poor response time.org/html/rfc2914) . pdf) Quote: ".TCP Increasing TCP's Initial Window [6] TCP Congestion Avoidance Explained via a Sequence Diagram (http:/ / www. cisco." [11] Changwang Zhang. 1988 . cisco.The advantage of this function lies not only in avoiding heavy oscillations but also in avoiding link under-utilization at low loads. Compared to the original linear drop function applicability is extended by far. html) [15] Active Queue Management (http:/ / www. Jianping Yin. htm#1271743) [16] Enabling Dynamic Buffer Limiting (http:/ / www.. [3] RFC 2001 . htm#1271759) • "Deploying IP and MPLS QoS for Multiservice Networks: Theory and Practice" by John Evans. html) (1993). IEEE Communications Letters.TCP Slow Start. psu. ECN and TCP Rate Control (1999) (http:/ / citeseer. Fast Retransmit.ietf. 489-491.314–329. edu/ bagal99comparative..1(4): pp. html) (1988). The applicability of the derived function is independent of the load range. jsp?arnumber=5456075) [12] http:/ / sites.18(4): pp. com/ RealtimeMantra/ Networking/ TCP_Congestion_Avoidance. and many connections never get out of the slow-start regime. html) [9] Sally Floyd. ist.. vol.. modern browsers either open multiple connections simultaneously or reuse one connection for all files requested from a particular web server. ist. vol. November. Clarence Filsfils (Morgan Kaufmann. Proceedings of the Sigcomm '88 Symposium. John Nagle. This paper originated many of the congestion avoidance algorithms used in TCP/IP. CA. vol.. eventhelix. com/ site/ cwzhangres/ home/ posts/ recentpublicationsinlow-ratedosattacks [13] RFC 3168 .Congestion Control Principles."Congestion Control in IP/TCP". 2007.ietf. ISBN 0-12-370549-5) • RFC 2914 (http://tools. 1988. ist. Van Jacobson and Michael J. psu. Congestion Avoidance and Control (http:/ / citeseer.lbl.397–413. Michael J. edu/ 462978. ist-mobydick. 127 References [1] TCP Tunnels: Avoiding Congestion Collapse (2000) (http:/ / citeseer. com/ univercd/ cc/ td/ doc/ product/ lan/ cat4000/ 12_1_19/ config/ qos.org/html/rfc896) .April 1998: Recommendations on Queue Management and Congestion Avoidance in the Internet [8] Sally Floyd: RED (Random Early Detection) Queue Management (http:/ / www. google. edu/ 484335. To avoid this problem. no parameters are to be adjusted. org/ floyd/ red. [10] An Analytical RED Function Design Guaranteeing Stable System Behavior (http:/ / www. August.. pp. Zhiping Cai. This kept most connections in the slow start mode. the initial performance can be poor. Van Jacobson. significantly increasing latency. Sally Floyd. Stanford. September. RRED: Robust RED Algorithm to Counter Low-rate Denial-of-Service Attacks (http:/ / sites. Karels. psu. 2010. pdf) [7] RFC 2309 .TCP Congestion Control [5] RFC 3390 . pdf?attredirects=0). icir. and Fast Recovery Algorithms [4] RFC 2581 . com/ univercd/ cc/ td/ doc/ product/ lan/ cat4000/ 12_1_19/ config/ qos.Our example with realistic system parameters gives an approximation function of the cubic of the queue size.pdf).

edu/talks/workshops/10-22-24.edu/ ~jain/papers.edu/home/ladrian/abstract/aimdfc.html) • TFRC Homepage (http://www.google. Arjan Durresi.com/p/ guduz/) • Approaches to Congestion Control in Packet Networks (http://utopia.html) • Pierre-Francois Quet. Ratul Mahajan.ecse. " Guidelines for optimizing Multi-Level ECN. 2007.pdf) • Papers in Congestion Control (http://www.neu. RFC 2914: Congestion control principles (2000) • Floyd.umn.cs. washington.duth.html) • Explicit Congestion Notification Homepage (http://www. S. Hitay Ozbay.cse. Sriram Chellappan.wustl.edu/homes/ratul/red-pd/) • A Generic Simple RED Simulator for educational purposes by Mehmet Suzen (http://code.net/tcp_histrory. August 1999) • Sally Floyd.html) (IEEE/ACM Transactions on Networking.icir.gr/~emamatas/jie2007.pdf) (IMA Workshop on Scaling Phenomena in Communication Networks.org/tfrc/) • AIMD-FC Homepage (http://www. using fluid flow based TCP model" (http://www. Clarence Filsfils (Morgan Kaufmann. Mukundan Sridharan.rpi. Promoting the Use of End-to-End Congestion Control in the Internet (http://www. David Wetherall: RED-PD: RED with Preferential Dropping (http://www. October 1999) (pdf format) • Linktionary term: Queuing (http://www. Raj Jain.ima.linktionary.org/floyd/ecn. and K.visualland.icir. On the Evolution of End-to-end Congestion Control in the Internet: An Idiosyncratic View (http:// www.html) • Random Early Detection Homepage (http://www.ccs.Fast recovery&ctype=1) .99/floyd/floyd.html) • TCP congestion control simulation: Fast recovery (http://www. S.edu/Homepages/shivkuma/research/cong-papers. RFC 896: Congestion control in IP/TCP internetworks (1984) • Floyd. org/floyd/end2end-paper. php?simu=tcp_fast_recovery&protocol=TCP&title=5. Fall.aciri.com/q/queuing. ISBN 0-12-370549-5) External links • Nagle.org/floyd/red. J.html) • Sally Floyd.icir.Network congestion 128 Books • "Deploying IP and MPLS QoS for Multiservice Networks: Theory and Practice" by John Evans.

.S.F. "The NIST Model for Role Based Access Control: Toward a Unified Standard" (http:/ / csrc. IEEE Security & Privacy (IEEE Press) 5 (6): 51–53. Ferraiolo.R. NIST called for a unified standard for RBAC. Coyne. D. D.R. D. Ferraiolo.F. Following debate and comment within the RBAC and security communities. Ferraiolo. integrating the RBAC model published in 1992 by Ferraiolo and Kuhn with the RBAC framework introduced by Sandhu. Kuhn.html) (NIST RBAC web site) • (http://incits. NIST made revisions and proposed a U. pdf) (PDF). the standard was adopted and is copyrighted and distributed as INCITS 359-2004 by the International Committee for Information Technology Standards (INCITS). pp.173.NIST RBAC model 129 NIST RBAC model The NIST RBAC model is a standardized definition of role based access control. "RBAC Standard Rationale: comments on a Critique of the ANSI Standard on Role Based Access Control" (http:/ / csrc. pdf) (PDF). Sandhu. . Although originally developed by the National Institute of Standards and Technology. In 2004. This proposal was published by Sandhu. [2] References [1] Sandhu. D.1109/MSP. (Nov/Dec 2007). 47–63. and Kuhn [1] and presented at the ACM 5th Workshop on Role Based Access Control. the standard received ballot approval and was adopted as INCITS 359-2004. R. and Sandhu. doi:10. and Kuhn. nist. R.nist. It is managed by INCITS committee CS1...org) (INCITS web site) .gov/groups/SNS/rbac/index. (July 2000).2007. Feinstein. gov/ groups/ SNS/ rbac/ documents/ ferraiolo-kuhn-sandhu-07. and Youman (1996). gov/ rbac/ sandhu-ferraiolo-kuhn-00. 5th ACM Workshop Role-Based Access Control. national standard for RBAC through the INCITS.. [2] Ferraiolo. History In 2000. nist. and Kuhn later published an explanation of the design choices in the model. External links • (http://csrc.

However.. an expert system for network troubleshooting. In 2003. When the wizard is run. Inc. which added support for 802. which was released in 1997. the company survived the fire. the user is left with a working plugin with entry points for adding application logic.[2] Acquisitions WildPackets acquired Net3 Group in November 2000. Their product. It supports a plugin API.[3] WildPackets acquired Optimized Engineering Corporation in 2001. Adapters are also available to aggregate packets from multiple network segments and wireless channels at the same time.com [1] OmniPeek is a packet analyzer software tool from WildPackets Inc.. and as a hardware network recorder appliance. Cisco AP's. These plug-ins range from simple logging extensions to full-blown applications that are hosted by OmniPeek. History WildPackets. a dialog appears providing options for different types of functionality that sample code will be generated for. Optimized network analysis training courses and instructors were added to WildPackets services. SFlow. Aruba AP's. It is used for network troubleshooting and protocol analysis. Currently. the WildPackets' building in Walnut Creek California completely burnt to the ground. NetSense. NetFlow. Decoders: The most notable of these are the protospecs and decoder files. there are remote adapters to capture from RMON. API's on the back-end for analysis. and add knowledge of completely new protocols. the OmniEngine Distributed Capture Engine was released as software. and linux boxes. AiroPeek was released. On the morning of July 15. and called EtherPeek. When the wizard is complete. 2002.[6] Plugin Wizards: The Plugin Wizards for both the OmniPeek Console and the OmniEngine are Microsoft Visual Studio Project Templates that generate working plug-ins.wildpackets.OmniPeek 130 OmniPeek OmniPeek Developer(s) WildPackets Operating system Windows Type Website Packet analyzer www.[5] Plug-ins: There are over 40 different plug-in's available for the OmniPeek Platform. In 2001. was founded in 1990 by Mahboud Zabetian and Tim McCreery. It was later ported to Windows.11 wireless networks. was converted into a plug-in and integrated into a new version of the product called EtherPeekNX. as well as other mechanisms to extend and enhance the program. without releasing new versions of the application.[4] Extensibility OmniPeek has API's on the front-end for automation. The first product by WildPackets was written for the Mac. Remote Adapters: Adapters provide a means to capture packets and stats from various sources. which are interpreted text files that can be extended by the user to enhance the display and analysis of existing protocols. These plug-in wizards make it easy and . It was a protocol analyzer for ethernet networks.

bizjournals. Retrieved 2009-07-23. Retrieved 2009-07-23. html). Retrieved 2009-07-23.4" (http:/ / download. PlaceMap is a notable example of extensibility in that it uses exactly the same Google Map plugin that is also available for the OmniPeek. tools.Decode packets WatchMe Plugin .Save and query packets from a database PeekPlayer Plugin .stream packets from Aruba Networks Air Monitors References [1] http:/ / www. Expands Protocol Analysis Training and Services. . Business Wire. [6] "Throwin' Down The Decoder Gauntlet!" (http:/ / blog. php/ 1433881). . com/ wireless/ article. com/ WildPackets+ Launches+ MyPeek+ Community+ Portal. and various levels of support for the different plug-ins posted there. internetnews. 2001-01-31. wildpackets. html).Collect and report web statistics Remote TCPDump Adapter Plugin . [4] "WildPackets to Acquire Optimized Engineering Corporation. [3] "WildPackets to buy Net3" (http:/ / eastbay. and is uses the peek driver API to capture packets." (http:/ / www. Retrieved 2009-07-23. Retrieved 2009-07-23.[8] 131 Example Plugins • • • • • • • • • • • • Google Map Plugin . thefreelibrary. wildpackets. com/ 2008/ 05/ throwin-down-the-decoder-gauntlet. .Map nodes to a Google Map[9] SQLFilter Plugin . Retrieved 2009-07-23.stream packets from Cisco Access Points Aruba Remote Adapter Plugin . [9] "WildPackets Offers Free Google Map Plug-In" (http:/ / www. accessmylibrary.Construct and display web pages from packets IM Plugin . html). .[7] PlaceMap: is a freely available standalone Google Maps Packet sniffer application for Windows that captures network traffic and maps nodes to the Google Map.Display web sites in real-time from URL's Browser Plugin . MyPeek: The MyPeek Community Portal is a website dedicated to the extension of OmniPeek. cnet. html). 2000-11-20. html).0. com/ news/ technology/ 575128/ wildpackets_offers_free_google_map_plugin/ index.Display instant message screen names and chat WebStats Plugin . . [8] "PlaceMap 1. com/ coms2/ summary_0286-10587967_ITM).Send packet an adapter or a capture window PowerBar Plugin . scripts. . redorbit. [5] "An Open API Sets WildPackets Apart" (http:/ / windowsitpro. It provides plug-in's. com/ article/ articleid/ 95726/ an-open-api-sets-wildpackets-apart. com/ products/ distributed_network_analysis/ omnipeek_network_analyzer [2] "WildPackets Survives Fire" (http:/ / www. com/ eastbay/ stories/ 2000/ 11/ 20/ daily2. Retrieved 2009-07-23. com/ PlaceMap/ 3000-2085_4-10588141.stream packets from any machine with SSH and tcpdump Cisco Remote Adapter Plugin . -a0179645388). . adapters. Retrieved 2009-07-23.0. . [7] "WildPackets Launches MyPeek Community Portal" (http:/ / www. .OmniPeek quick to develop extensions to OmniPeek.Write scripts that process packets Decoder Plugin . and expertise for those interested in extending OmniPeek themselves.

A. shtml) Out-of-order delivery In computer networking. WildPackets' latest OmniPeek tool makes it easier to inspect traffic and troubleshoot networks. Robert Tarpley (http://www.cisco. Jayasumana.pert. By Anthony Mosco. 22. J.OmniPeek 132 External links • Official website (http://www. Morton. April 23.com/en/US/tech/tk722/tk809/technologies_tech_note09186a008063e5de.edu/monitoring/reorder/ .net/PERTKB/PacketReordering • http://www-iepm. Rand Dvorak (http://www. Perser.itweek. Packet reordering is a common behavior in real-world networks. Mar.0 (http://www.networkworld.html) • Network World . Whitner. or via parallel processing paths within network equipment that are not designed to ensure that packet ordering is preserved.html?nlhttest=ts_031108& nladname=031108producttestal) • Cisco Website. by Dave Bailey. 2006: LWAPP Decodes Enablement on WildPackets OmniPeek and EtherPeek 3.wildpackets. 19 Aug 2006. Packet Reordering Metrics. One of the functions of TCP is to prevent the out-of-order delivery of data. html) • IT Week.geant. A.com) • Network World. A.0 Software (http://www. By Rob Smithers of Miercom (http:// www. March 10. Robert Smithers. External links • RFC 4737.networkworld. June 2008 • http://kb. T. Out-of-order delivery can be caused by packets following multiple paths through a network. R. Banka. Tested: WildPackets OmniPeek Enterprise 4. G.stanford.uk/networkitweek/software/2161896/packet-inspector-offers-simple) • Network World. L.networkworld. 2006: Review of WildPackets' OmniPeek.com/reviews/2008/031008-voip-analysis-tools-test. Ramachandran. By Tom Henderson. Shalunov. Bare. Network IT Week. co. Piratla. N. November 2006 • RFC 5236. Ciavattone. Sept.com/reviews/2007/042307-wireless-lan-test-omnipeek.slac. out-of-order delivery is the delivery of data packets in a different order from which they were sent. S. 18. 2008: Clear Choice Test VoIP analysis tools.com/reviews/2006/091806-voip-test-analysis-wildpackets. Improved Packet Reordering Metrics. 2007: WLAN analyzers: WildPackets' OmniPeek For Windows 4.1. either by reassembling packets into order or forcing retries of out-of-order packets.

This allows historical forensic analysis of packets without the user having to recreate any fault.g. For network monitoring purposes it may also be desirable to monitor all data packets in a LAN by using a network switch with a so-called monitoring port. either in probe format. protocol analyzer or sniffer.[1] As data streams flow across the network. whose purpose is to mirror all packets passing through all ports of the switch when systems (computers) are connected to a switch port. packet aggregation is the process of joining multiple packets together into a single transmission unit. there are some methods to avoid traffic narrowing by switches to gain access to traffic from other systems on the network (e. Packet analyzer A packet analyzer (also known as a network analyzer. To use a network tap is an even more reliable solution than a monitoring port since taps are less likely to drop packets during high traffic loads.[2] On wireless LANs. some sniffers support this. Some protocol analyzers can also generate traffic and thus act as the reference device. Protocol analyzers vary in their abilities to display data in multiple views. On wired broadcast and wireless LANs. phone lines and coaxial cables). or for particular types of networks. cyclic redundancy check. On wireless LANs. is an example of a protocol that employs packet aggregation to increase efficiency. Protocol Analyzers can also be hardware based. the sniffer captures each packet and. Packet aggregation is useful in situations where each transmission unit may have significant overhead (preambles. these can act as protocol testers. determine the root causes of errors.hn standard.Packet aggregation 133 Packet aggregation In a packet-based communications network. multicast traffic sent to a multicast group to which that machine is listening. showing the values of various fields in the packet. etc. or as is increasingly more common combined with a disk array. the network adapter being used to capture the traffic must be put into promiscuous mode. automatically detect errors.) or where the expected packet size is small compared to the maximum amount of information that can be transmitted. in order to reduce the overhead associated with each transmission. and broadcast traffic. if needed. The ITU-T G. others don't. an Ethernet sniffer or wireless sniffer) is a computer program or a piece of computer hardware that can intercept and log traffic passing over a digital network or part of a network. however. headers. generate timing diagrams. etc. even if the adapter is in promiscuous mode. In a communication system based on a layered OSI model. packet aggregation may be responsible for joining multiple MSDUs into a single MPDU that can be delivered to the physical layer as a single unit for transmission. the adapter must be in monitor mode. To see those packets. one can capture traffic on all or just parts of the network from a single machine within the network. These devices record packets (or a slice of the packet) to a disk array. packets not for the service set for which the adapter is configured will usually be ignored. to capture traffic other than unicast traffic sent to the machine running the sniffer software. Such testers generate protocol-correct traffic for functional testing. decodes the packet's raw data. The captured information is decoded from raw digital form into a human-readable format that permits users of the protocol analyzer to easily review the exchanged information. depending on the network structure (hub or switch). and analyzes its content according to the appropriate RFC or other specifications. ARP spoofing). which provides a way to create a high-speed (up to 1 Gigabit/s) Local area network using existing home wiring (power lines. . and may also have the ability to deliberately introduce errors to test for the DUT's ability to deal with error conditions. Capabilities On wired broadcast LANs. one can capture traffic on a particular channel.

Spam filter. proxy) Notable packet analyzers For a more comprehensive list. access control. moves and changes Verify internal control system effectiveness (firewalls. see Comparison of packet analyzers. Web filter.Packet analyzer 134 Uses The versatility of packet sniffers means they can be used to: • • • • • • • • • • • • • • • • • • • Analyze network problems Detect network intrusion attempts Detect network misuse by internal and external users Documenting regulatory compliance through logging all perimeter and endpoint traffic Gain information for effecting a network intrusion Isolate exploited systems Monitor WAN bandwidth utilization Monitor network usage (including internal and external users and systems) Monitor data-in-motion Monitor WAN and endpoint security status Gather and report network statistics Filter suspect content from network traffic Serve as primary data source for day-to-day network monitoring and management Spy on other network users and collect sensitive information such as passwords (depending on any content encryption methods which may be in use) Reverse engineer proprietary protocols used over the network Debug client/server communications Debug network protocol implementations Verify adds. • • • • • • • • • • • • • • • • • • • • • Capsa Cain and Abel dSniff Justniffer ettercap Microsoft Network Monitor ngrep Network Grep snoop tcpdump Wireshark (formerly known as Ethereal) Carnivore (FBI) Clarified Analyzer Congruity Inspector Software Fluke Lanmeter NetScout nGenius Infinistream NetScout Sniffer Global Analyzer NetScout Sniffer Portable Professional Analyzer Network Instruments Observer Niksun NetDetector OPNET Technologies ACE Analyst SkyGrabber .

how the PAD encapsulates characters and control information in X. NETRESEC Network Security Blog.com/support/ installation.25 packets. it takes data packets from packet-switching network or host computer and returns them into a character stream that can be sent to the terminals (disassembly). this is referred to as a Triple-X PAD.25 packets (assembly). abbreviated PAD is a communications device which provides multiple asynchronous terminal connectivity to an X. X. Sometimes.networksecuritytoolkit.Packet analyzer • WildPackets OmniPeek (old name AiroPeek. X. and manipulating the X. ISBN 978-0735542730. et al. 131.29 defines the DTE-P (packet mode) interface to a PAD.28 defines the DTE-C (asynchronous character mode) interface to a PAD.php?page=security/AQuickIntrotoSniffers) • Multi-Tap Network Packet Capture (http://www. The X. It collects data from a group of terminals and places the data into X. X.com/publications/howto_EN/HowTo .aesclever. due to the three X series recommendations which define it.e.robertgraham.dmoz. and X.org/nst/tools/wiki-redirect. netresec.28.html) • A Quick Intro to Sniffers (http://www.pdf) • The Making of a Professional cTrace Packet Analyzer (http://www.colasoft. External links • Protocol Analyzers (http://www.com/pages/current/ ProfessionalCPA.pdf) • Packet Sniffing FAQ (http://web. character echo. i.Intercepting Network Traffic" (http:/ / www.121 14-digit X. a bit like (but not at all compatible with) Hayes modem commands.evilfingers. Retrieved 2011-03-13.25 (packet-switching) network or host computer.3 parameters are similar in function to present day Telnet options. [2] "Sniffing Tutorial part 1 . A PAD also does the reverse. ITU-T (Triple-X PAD) The structure of a PAD is defined by the ITU-T in recommendations X. The commands were very crude. X.com/i.net/raw-sockets/ raw-sockets. Aspen Publishers.3 parameters. Law of Internet Security and Privacy. 2011-03-11.archive. Connections are established using X. pp.org/web/20050221103207/http://www.3. for a connection to an X.org/Computers/Software/Networking/Network_Performance/ Protocol_Analyzers//) at the Open Directory Project • How-to Packet Sniff (http://www. . A FRAD (Frame Relay Assembler/Disassembler) is a similar device for accessing Frame Relay networks.html) by Robert Graham • Video Tutorials on Sniffer Programming using Raw Sockets (http://security-freak. including the commands for making and clearing down connections. Many commercial PAD products provided completely different enhanced user interfaces. flow control. EtherPeek) 135 References [1] Kevin J.29. Connolly (2003).php) Packet Assembler/Disassembler A packet assembler/disassembler. com/ ?page=Blog& month=2011-03& post=Sniffing-Tutorial-part-1---Intercepting-Network-Traffic).3 specifies the parameters for terminal-handling functions such as line speed.25 host.com/pubs/ sniffing-faq. .Use Packet Sniffers.25 addresses.irongeek. php?page=Multi-Tap_Network_Packet_Capturing) • How to Deploy a Packet Analyzer under Different Network Environment (http://www.

Green Book was developed by (UK) Post Office Telecommunications in the 1970s.Packet Assembler/Disassembler 136 Green Book PAD One of the UK Coloured Book protocols. the predecessor of PSS). Products • Das Multiprotokoll-Talent mit zwei ISDN und vier Benutzerschnittstellen [1] External links • ITP: Protocols in the SERC/NERC Network" [2] References [1] http:/ / www. Green Book also specifies TS29. a very similar protocol which ran over the Yellow Book Transport Service. Science and Engineering Research Council (SERC) also used ITP on SERCnet and continued developing ITP after EPSS. org. ITP predated Triple-X. Green Book is sufficiently similar to X. uk/ ca/ technology/ networking/ p001. Green Book. chilton-computing. htm .25 developed in the 1970s for use with UK GPO's EPSS (Experimental Packet Switching System.29 that generally the two will interwork.3 and X. and is a completely different protocol. de/ produkte/ ta/ taomega [2] http:/ / www. Although not identical to Triple-X. ITP ITP (Interactive Terminal Protocol) was an early PAD protocol for use over X. which is another of the Coloured Book protocols. although it eventually gave way to Triple-X. also defines two PAD protocols. tdt.

and ensure data communications and network usage complies with outlined policy. As DPI and analysis tools deliver alerts. [2] answering the question “what happened leading up to. raw capture of all network packets. using known criteria for analysis. Historical capture and analysis stores all captured packets for further analysis. software tools can perform Deep packet inspection (DPI) to review network packet data. Short-term capture and analysis tools can typically detect threats only when the triggers are known in advance but can act in real-time. only complete packets that meet the criteria of the filter (header and payload) are captured. and after. Filtering Packet capture can either capture the entire data stream or capture a filtered portion of stream. With the application of filters. the historical record can be analyzed to apply context to the alert. Historical capture and analysis Once data is captured. This includes headers and payload. unfiltered. Headers include information about what is contained in the packet and could be synonymous to an address or other printed information on the outside of an envelope. complete network packets (header and payload) crossing a network with a high traffic rate. they may be flushed away and actual packet contents are no longer available. but yet have enough data to reveal the essential information required for problem diagnosis. regardless of source. DPI tools make real-time decisions on what to do with packet data. diverted. Deep packet capture (DPC) is the act of capturing. protocol or other distinguishing bits of data in the packet. either in short-term memory or long-term storage. or stored. etc. Complete capture Packet capture has the ability to capture packet data from the data link layer on up (layers 2-7) of the OSI model. MAC address. perform forensics analysis to uncover the root cause of network problems. This can reduce storage requirements. Some DPCs can be coupled with DPI and can as a result manage. Filtered capture Packet capture devices may have the ability to limit capture of packets by protocol. and analyze all network traffic in real-time at wire speeds while keeping a historical archive of all network traffic for further analysis. the alert?” . at full network speed. inspect. after the data has already crossed the network. Complete capture encompasses every packet that crosses a network segment. If packets are not stored after capture. perform designated analysis and act on the results. it can be analyzed right away or stored and analyzed later. Once captured and stored. identify security threats.Packet capture 137 Packet capture Packet capture is the act of capturing data packets crossing a computer network. and avoid legal problems. IP address. Many deep packet inspection tools rely on real-time inspection of data as it crosses the network. The payload includes the actual content of the packet and therefore synonymous to the contents of the envelope. Complete capture is the unrestricted.[1] Partial packet capture can record headers without recording the total content of datagrams.

When an event happens. telecommunications carriers can provide the legally required secure and separate access to targeted network traffic and are able to use the same device for internal security purposes.[7] Network Troubleshooting If an adverse event is detected on a network. social security numbers.[3] Using packet capture and storage. Deep Packet Capture provides a record of all network activities. Identifying data leakage Analyzing historical data flows captured with DPC assists in content monitoring and identifying data leaks and pinpointing their source.[4] However this technique cannot function as an intrusion prevention system. Verifying security fixes If an exploit or intrusion was monitored via DPC. an administrator could verify exactly which information was stolen and which information was safe.[3] DPC can capture network traffic accessing certain servers and other systems to verify that the traffic flows belong to authorized employees.[8] This helps reduce the Mean Time To Repair. Detecting data loss In the event that an intrusion allowed information (credit card numbers.Packet capture 138 Use Identifying security breaches Analysis of historical data captured with DPC assists in pinpointing the source of the intrusion.[9] However DPC appliances may be unable to provide chain of evidence audit logs. This could be very helpful in the event of litigation or in the case of a credit card company receiving possibly fraudulent claims of unauthorized purchases on cards whose numbers were not compromised. Lawful intercept Packet capture can be used to fulfill a warrant from a law enforcement agency (LEA) to produce all network traffic generated by an individual. its cause or source can be more reliably determined if the administrator has access to complete historical data. a network administrator can then assess the exact circumstances surrounding a performance event. DPC can capture all packets on important network links continuously. DPC probes can provide lossless capture of target traffic without compromising network performance. a system administrator may replay that attack against systems which have been patched to prevent the attack. medical records. This will help the administrator know whether or not their fix worked.[5] [6] Analysis of DPC data can also reveal what files that have been sent out from the network. . Internet service providers and VoIP providers in the United States of America must comply with CALEA (Communications Assistance for Law Enforcement Act) regulations. or satisfactory security for use in this application. take corrective action. and ensure that the problem will not reoccur. Collection of data from a carrier system without a warrant is illegal due to laws about interception. etc.) to be stolen.

conclusively. com/ article/ pressRelease/ idUS169612+ 06-Dec-2007+ BW20071206). [10] Paul Venezia (2003-07-11).. com/ newsletters/ techexec/ 2007/ 0716techexec1. Retrieved 2008-03-15. com/ what-we-do/ application-overview).[3] References [1] "Press Release . "Solera Networks Announces Advanced Deep Packet Inspection and Capture Solution for Full 10Gbps Speeds" (http:/ / www. . [8] "Network Troubleshooting" (http:/ / www. Retrieved 2008-03-15. Triggers can be set up to capture certain events or breaches.[11] Benchmarking performance If performance suddenly takes a hit. com/ passive-network-security-analysis-networkminer). . . htm) on 2008-05-01. Solera Networks. net/ news_releases/ 102407-solera. . asp). com/ what-we-do/ application-overview) on 2008-03-04. . Once a particular attack or signature has been identified. Retrieved 2009-08-28. bivio. When an event triggers. html). forensicfocus. both in raw packet form or accurately rendered in its original format. com/ article/ 03/ 07/ 11/ 27TCniksun_1. Net Scout Systems. net/ news_releases/ 102407-solera.Packet capture 139 Forensics Once an intrusion. Infoworld. Retrieved 2008-04-01. [11] "Sniffing Tutorial part 2 . html). soleranetworks. informationweek. . Retrieved 2008-03-13. 2008. Retrieved 2008-03-15. 2007-10-07.[3] All traffic or a selected segment on any given interface can be captured with a DPC appliance. the device can send e-mail notifications and SNMP traps. org/ web/ 20080304025423/ http:/ / www. "NetDetector captures intrusions" (http:/ / www. Inc. networkworld. . netresec. the historical data allows an administrator to view a specific window of time and determine the cause of the performance issues. endace. Retrieved 2008-03-15. "Startup Of The Week: NetWitness Is Like TiVo For IT" (http:/ / www. php). com/ ?page=Blog& month=2011-03& post=Sniffing-Tutorial-part-2---Dumping-Network-Traffic-to-Disk) . Bivio Networks. "Passive Network Security Analysis with NetworkMiner" (http:/ / www. . . reuters. Archived from the original (http:/ / www.Solera Networks and Bivio Networks announce product interoperability" (http:/ / web. every packet included in that event is available. com/ columnists/ 2007/ 020507insider. [2] (Business Wire) (2007-12-06). Endace. [4] "Capture Appliances" (http:/ / www. Forensic Focus. Information Week. [5] Tom Bowers (2007-02-05). Reuters. archive. com/ solutions/ top-ten. Retrieved 2007-03-13. archive. such as FreeBSD and dumpcap. . html). [3] Linda Musthaler (2007-07-16). Network World. com/ solutions/ iti_packet_analysis. jhtml?articleID=204802907). worm or other problem has been detected on a network. [7] Erik Hjelmvik (2008). 2011 (http:/ / www. Retrieved 2008-03-15. com/ news/ showArticle. "Rewind and replay what happens on your network" (http:/ / www.[10] Packet capturing for forensic investigations can also be performed reliably with free open source tools and systems. NETRESEC Network Security Blog. htm). bivio. virus. Network World. netscout. org/ web/ 20080501222529/ http:/ / www. 2007.Dumping Network Traffic to Disk". [6] Andrew Conry-Murray (2008-12-15). Archived from the original (http:/ / www. 2008. [9] "Application overview" (http:/ / web. endace. exactly how many systems were affected. infoworld. networkworld. historical data may allow a system administrator to determine. Retrieved 2008-04-01. "Getting started with content monitoring" (http:/ / www.

One cause mentioned in research is through a denial-of-service attack on the router using a known DDoS tool. org/ 2000/ papers/ 2000-24. a host can broadcast that it has the shortest path towards a destination. they will generally begin to remove that router from their forwarding tables and eventually no traffic will flow to the attack. "Malicious packet dropping: how it might impact the TCP performance and how we can detect it" (http:/ / www. Mohammad.Packet concatenation 140 Packet concatenation Packet concatenation is a computer networking optimization that coalesces multiple packets under a single header. [2] Al-Shurman. or a randomly selected portion of the packets. pdf). By doing this. all traffic will be directed to the host that has been compromised. when other routers notice that the compromised router is dropping all traffic. aau. (2000). [3] Wang. Retrieved 5/5/2011. edu/ srds2009/ dncms2009_submission_Wang. pdf). Also. . Retrieved 5/5/2011. buffalo. . the attack can actually be discovered fairly quickly through common networking tools such as traceroute. et. by dropping packets for a particular network destination. and the host is able to drop packets at will. it is often harder to detect because some traffic still flows across the network. "Defending against Collaborative Packet Drop Attacks on MANETs" (http:/ / www. . if the malicious router begins dropping packets on a specific time period or over every n packets. al.g. This is rather called a gray hole attack. This usually occurs from a router becoming compromised from a number of different causes. Because wireless networks have a much different architecture than that of a typical wired network. Packet drop attack In computer networking.[1] The packet drop attack can be frequently deployed to attack Wireless Ad-Hoc Networks. dk/ kurser/ ETC/ Wms2/ Papers/ Ad-hocSec/ Sub/ al-shurman. a packet drop attack or blackhole attack is a type of denial-of-service attack in which a router supposed to relay packets discards them instead. icmp: 263. Weichao.[1] Because packets are routinely dropped from a lossy network. e. at a certain time of the day. The malicious router can also accomplish this attack selectively. If the malicious router attempts to drop all packets that come in. the packet drop attack is very hard to detect and prevent. pdf). [2] Also over a Mobile Ad-Hoc Network. ieee-icnp. hosts are specifically vulnerable to collaborative attacks where multiple hosts will become compromised and deceive the other hosts on the network. a packet every n packets or every t seconds. cse. [3] References [1] Zhang. "Black Hole Attack in Mobile Ad Hoc Networks" (http:/ / engsci. . However. Xiaobing.

net/ [2] http:/ / bittwist. Unix Windows/Linux/BSD Windows CLI CLI GUI AnetTest Bit-Twist GPL GPLv2 Packet Builder License [4] Cat Karat packet [3] builder Colasoft Packet [7] [8] [5] Windows GUI Packet Builder License: [6] Freeware BSD GPLv3 GPLv2 GPLv2 free BSD GPLv2 ? ? Jeff Nathan pstavirs Linux Foundation Miha Jemec aka jemcek Pieter Blommaert Philippe BIONDI Mixter ? Windows. colasoft. com/ download/ products/ download_packet_builder. Windows Windows(Cygwin)/Linux Linux/Unix/Windows Linux. php [7] http:/ / nemesis. sourceforge. Unix Windows CLI GUI CLI GUI CLI CLI CLI ? Nemesis Ostinato Pktgen [9] [10] packETH pierf [11] [12] [13] Scapy targa3 Winsock Packet [14] Editor UMPA [15] [4] Adriano Monteiro Marques Daniel Borkmann cxxxap Author Cross-platform (Python) Linux Windows OS ? CLI GUI Interface GPLv2 GPLv2 trafgen xcap Title netsniff-ng xcap [16] License Link [1] http:/ / anettest. Packet generators utilize raw sockets. com/ packet_builder/ [6] http:/ / www. sourceforge. net/ [3] http:/ / packetbuilder. linuxfoundation. org/ [9] http:/ / www. Unix Windows/Linux/BSD/MacOSX Linux Linux. colasoft. net/ [4] Custom: free for personal use [5] http:/ / www. org/ en/ Net:Pktgen . sourceforge. This is useful for testing implementations of IP stacks for bugs and security vulnerabilities. Comparison General Information Title Author OS Interface Link [1] [2] License AnetTest Bit-Twist Cat Karat packet builder Colasoft Packet Builder Nemesis Ostinato Pktgen packETH pierf Scapy targa3 Winsock Packet Editor UMPA Anton aka kronos256 ayeowch aka det_re Valery Diomin.Packet generator 141 Packet generator A packet generator or packet builder is a type of software that generates random packets or allows the user to construct detailed custom packets. net/ [8] http:/ / ostinato. Yakov Tetruashvili Colasoft Windows.

weebly.net/) trafgen. umitproject. org/ [16] http:/ / xcap. part of the netsniff-ng suite (http://www.googlecode.sourceforge.com/index.net/) Cat Karat packet builder (http://packetbuilder.org/) Ostinato (http://ostinato.youtube.html) . html 142 External links • • • • • • • • • • • • • • • • AnetTest (http://anettest.net/) Bit-Twist (http://bittwist.c) UMPA (http://umpa.org/en/Net:Pktgen) packETH (http://packeth. sourceforge. org/ DoS/ targa3. net/ [12] http:/ / www. com/ index.linuxfoundation.secdev.sourceforge.umitproject. net/ [15] http:/ / umpa.org) Winsock Packet Editor (http://wpepro.net/) Scapy (http://www.org/projects/scapy/) targa3 (http://packetstormsecurity.com/packet_builder/) Video: Generate Packets to Test Firewall (http://www. secdev.sourceforge.net) xcap .colasoft.org/DoS/targa3.sourceforge.packet generator & sender (http://xcap.weebly. c [14] http:/ / wpepro. org/ projects/ scapy/ [13] http:/ / packetstormsecurity. net/ [11] http:/ / pierf.net/) Colasoft Packet Builder (http://www.com/) Pktgen (http://www.netsniff-ng.com/watch?v=O_pk5Wr2_8I) Nemesis (http://nemesis.net/) pierf (http://pierf.sourceforge.Packet generator [10] http:/ / packeth. sourceforge.

security-freak. net/ packet-injection/ packet-injection. com http:/ / wirelessdefence. Ostinato [8]. org . pcap. This is accomplished by crafting a packet using raw sockets. usually by a party not otherwise participating in the said connection. file2air. aircrack-ng. org/ doku. External links • PacketEditor [2] • Void11 [3] • Winsock Packet Editor [4] • • • • Nemesis Ostinato [8] Packet Injection using raw sockets [5] aircrack-ng [6] [7] References [1] [2] [3] [4] [5] [6] http:/ / www. html http:/ / www. CommView for WiFi Packet Generator. org/ Contents/ Void11Main. and libradiate. aircrack-ng. packeteditor. AirJack. Sometimes IP address spoofing is used. php?id=aireplay-ng& DokuWiki=a96e889dd81ae5677cf2eaa686569563 http:/ / www. Software A popular packet injection application for wireless networks is aireplay-ng[1]. Other packet-injectors are Nemesis.Packet injection 143 Packet injection Packet injection is a computer networking term which refers to sending a packet on a network into an already established connection. Winsock. Void11. htm http:/ / wpepro. net http:/ / www. which is part of the aircrack-ng suite.

This was a network system .24 asynchronous character based interface via an X. Segmentation may be required in many scenarios: • When the data packet is larger than the maximum size supported by the network. is an example of a protocol that employs packet segmentation to increase reliability over noisy media. Of particular note was the use of PSS for the first networked Clearing House Automated Payment System (CHAPS). Companies and individual users could connect in to the PSS network using the full X. The PAD service could be connected to via a dedicated four-wire telephone circuit using a PSS analog modem and later on via a Kilostream digital access circuit. Companies and individual users could also connect in to the PSS network using a basic non-error correcting RS232/V. PSS could be used to connect to a variety of online databases and mainframe systems. chose to dial up via an analog modem over the then UK analog telephony network to their nearest public PAD. for cost reasons.hn standard. However most customers. Packet Switch Stream (PSS) was an X.25-based packet-switched network. The current day analogy of ISP's offering broadband always on and dial up services to the internet applies here.Packet segmentation 144 Packet segmentation In a data communications networks. The experimental predecessor network (EPSS) formally closed down on 31 July 1981 after all the existing connections had been moved to PSS. when problems of 10-100ms transmission failures with the PCM Voice based transmission equipment used by the early Kilostream service were resolved.25 service and bought their own PADs. Protocols that perform packet segmentation at the source usually include a mechanism at the destination to reverse the process and reassemble the original packet from individual segments. packet segmentation is the process of dividing a data packet into smaller units for transmission over the network. The ITU-T G. Some customers connected to the PSS network via the X. This was before privatization and the creation of British Telecommunications plc (BT) in 1984.3/X. • When the network is unreliable and it's desirable to divide the information into smaller segments to maximize the probability that each one of them can be delivered correctly to the destination. via a Kilostream digital access circuit (actually a baseband modem). Packet Switch Stream In the United Kingdom. using an ID/password provided as a subscription service. packet segmentation may be responsible for splitting one MPDU into multiple physical layer service data units so that reliable transmission (and potential re-transmission via ARQ) of each one can be performed individually.28/X. which provides a way to create a high-speed (up to 1 Gigabit/s) local area network using existing home wiring (power lines. In a communication system based on a layered OSI model. PSS was one of the first telecommunications networks in the UK to be fully liberalized in that customers could connect their own equipment to the network. via a dedicated four-wire telephone circuit using a PSS analog modem and later on. This process may include automatic repeat-request (ARQ) mechanisms to detect missing segments and to request the source to re-transmit specific segments. After a period of pre-operational testing with customers (mainly UK Universities and computer manufacturers at this early phase) the service was launched as a commercial service on 20 August 1981. via published phone numbers. provided by the British Post Office Telecommunications and then British Telecom starting in 1980. phone lines and coaxial cables).29 PAD (Packet Assembler/Disassembler) service oriented to the then prevalent dumb terminal market place.25 interface. In this early 1980s era installation lead times for suitable 4-wire analog lines could be more than 6 months in the UK.

It replaced a paper based system that operated in the City of London using electrical vehicles similar to milk floats. 9600 bit/s and 48 kbit/s were offered. 300. There was a choice of different speeds of PSS lines. the public network business. the OnTyme electronic mail service.000 UKP (in early 1980s monetary value) between the major UK banks and other major financial institutions based in the UK. 1. 2006. Individual users could link into PSS. the faster the line the more expensive it cost to rent it.25 links. Its activities included TYMNET. Later on BT used Telematics packet switches for the Vascom network to support the Prestel service and also bought the Tymnet network from McDonneld Douglas. This started in about 1978 before PSS went into operation due to the high demand for affordable access to US based database and other network services. the Card Service processing business.25 services launched. Euronet. June 28. and a related project Diane to encourage more database and network services to develop in Europe. The International Packet Switch Stream (IPSS) is an international X. 4800 bit/s. These connections moved over to PSS and other European networks as commercial X. Network management had been run on a system of 24 Prime 63xx and 48xx computers running a modified versions of Revisions 20 and 22 of the Primos operating system. and a portfolio of products designed for a global market place. The operating system and the packet switching software was developed by Telenet (later on GTE Telenet). Note: in those days 2. A PAD service was provided by IPSS to this market in advance of PSS launch.400 Baud modems were quite rare. although 110 and 300 Baud modems were not uncommon. by using a 110. Customers would be able to enjoy one-stop-shopping for global data networks. These network management systems were based in London 145 . plus its associates private and hybrid (mixed public and private) network activities. The highest and lowest speed lines were provided by the Megastream and Kilostream services.25 network service launched by the international division of BT to which PSS was linked to other packet switched networks around the world. The last PSS (node) in the UK was finally switched off Wednesday. BT Tymnet anticipated developing an end to end managed network service for multi-national customers.200 or 2.400 Baud PSTN modem to connect a Data Terminal Equipment terminal into a local PSS exchange. The network was initially based upon a dedicated modular packet switch using DCC's TP 4000 communication processor hardware.Packet Switch Stream used to transfer all payments over £10. On analog links 2400 bit/s. Dorset who also sold Telex and Traffic light systems.200 Baud was the usual speed in the 1980s. on a pay as you go basis. These services were subsequently offered by BT Global Network Services. and developing dedicated or hybrid networks that embraced major trading areas. the US market leader in electronic data interchange. 1200/75. and subsequently by Concert as part of Concert Global Network Services after the Concert joint venture company was launched on 15 June 1994. It is believed BT subsequently exchanged major US elements of the Tymnet business with MCI for other assets when the proposed merger of their two businesses was thwarted by MCI's purchase by WorldCom. Later on the InterStream gateway between the Telex network and PSS was introduced based on a low speed PAD interface. For a brief time the EEC operated a packet switched network. 1. At the time of PSS's launch this was in advance of both Telenet's own network and most others that used general purpose mini-computers as packet switches. Logica (now LogicaCMG) designed the CHAPS system and incorporated an encryption system able to cope with HDLC bit stuffing on X. and EDI*Net. 2M (Mega) Baud and 256K (kilo) Baud respectively. BT bought Telenet's system via Plessey Controls of Poole. In the words of BT's own history: British Telecom purchased the Tymnet network systems business and its associated applications activities from the McDonnell Douglas Corporation on 19 November (1989) for $355 million.

The lesson of Tymnet's similar transaction phone that just used a dial up link to a standard PAD based service was not followed. than X. without any significant value added revenue benefit resulting. Even in its recent history BT's senior management stated that the Internet was "not fit for purpose". This rested on running PSS efficiently and cutting the VANS as much as possible. While a decision was eventually made to put some of the basic network services people in senior positions and try to launch what had been developed this proved to be a major mistake. BT's attitude to packet switching was ambivalent at best. Investments in value added network services (VANS) and BT's own access level packet switching hardware delayed operating profit. PSS was then merged with other failing business like Prestel as it became part of a larger Managed Network Services division that was used to fix or close BT's problem businesses. etc.Packet Switch Stream and Manchester.25 host traffic. PSS being the major part. Sometimes not enough and sometimes too much but mostly for the wrong reasons. It was believed that putting a packet switch in every local telephone exchange would allow this and other low bandwidth applications to drive revenue. 146 . Compared to France's Transpac that had a separate commercial company with dedicated management and saw X. But not before PSS management was allowed to commit to large investments that caused serious problems later. An exodus of people who were developing the value added network services helped reduce some costs. While PSS eventually went the way of all X. And for a time significant extra expenditure was allowed for BT's data services. Tymnet. called Epad. power.28 was proven obsolete by the advent windows based clients on PCs. BT did not capitalise as much as other packet switch operators by subsequent mistakes concerning the internet. PSS suffered from inconsistent investment during its early years.25 packet switching as a core offering BT's then senior management regarded packet switching as a passing phase until the telecommunications nirvana of ISDN's 64 kbit/s for everyone arrived. called Jove. Packet switches were installed at major trunk exchanges in most major conurbations in the UK. Operating profit was still not achieved and a further change in management with McKinsey consultant being called in was the result. BT's North American operations and the Concert Global Services with ATT. However significant on-going expenditure had been committed already to manufacture packet switch hardware and by using the very expensive Tandem computers in existing VANS. One of the few successful value added applications was the transaction phone used to check credit cards by retailer to validate transactions and prevent fraud. As the added value services. as one concern of regulators was this joint venture might damage work on Open Systems Interconnection. Nor were they adequate for X. Each low end packet switch installed added costs for floor space. Eventually the UK government decided the SNA joint venture was anti-competitive and vetoed it.25 networks and was overwhelmed by the internet and more significantly the internet's superior application suite and cost model. In the midst of this IBM (the then market leader in computing) and BT attempted to launch a joint venture. Despite healthy demand for basic X. added significant costs and headcount while contributed virtually no revenue a change in PSS's management eventually resulted.25 services and the obvious trend for more demanding bandwidth intensive applications that required investment in more powerful switches a decision to develop BT's own hardware and network applications was made instead. named PSS Plus collectively. for managed SNA services in the UK. This only made cost control worse and achieving operating profit delayed further. McKinsey's startling insight that increasing revenue while cutting costs was required to turn around the business was duly followed by the new management and an operating profit achieved in about 1988. The DNICs used by IPSS and PSS were 2341 and 2342 respectively. Ideas like providing a more user friendly menu based interface. This in turn dented PSS's low credibility with BT's management still further.

network resources are managed by statistical multiplexing or dynamic bandwidth allocation in which a communication channel is effectively divided into an arbitrary number of logical variable-bit-rate channels or data streams. Two major packet switching modes exist. routers and other network nodes.Packet Switch Stream BT's failure to become the major ISP in its own home market unlike every other former PTT and the success of Dixon's Freeserve. switches. htm Packet switching Packet switching is a digital networking communications method that groups all transmitted data – regardless of content. Packet switching features delivery of variable-bit-rate data streams (sequences of packets) over a shared network. and (2) connection-oriented packet switching. In case of a shared physical medium. When traversing network adapters. euclideanspace. The packets are routed individually. circuit switching. Packet mode communication may be utilized with or without intermediate forwarding nodes (packet switches or routers). An emergency rights issue also helped resolve the debt from acquiring second or third ranked old telcos style companies around the world. sometimes resulting in different paths and out-of-order delivery. or structure – into suitably sized blocks. while packet switching is characterized by a fee per unit of information. 147 External links • Pictures of the BT PSS equipment [1] References [1] http:/ / www. As the commodity price of IP services based in their core 21st century MPLS network to carry voice and data finally gives them the real cost efficiencies that packet switching always promised. as CSC and Reuters sell up their networks to BT. In all packet mode communication. (1) connectionless packet switching. traffic shaping or for differentiated or guaranteed quality of service. See below. resulting in variable delay and throughput depending on the traffic load in the network. called packets. the packets may be forwarded according to some scheduling discipline for fair queuing. packets are buffered and queued. Alternatively. Each logical stream consists of a sequence of packets. a method which sets up a limited number of dedicated connections of constant bit rate and constant delay between nodes for exclusive use during the communication session. In the second case a connection is defined and preallocated in each involved node during a connection phase before any packet is transferred. In case of traffic fees. type. . based on packet switching. and are delivered in order. Packet switching contrasts with another principal networking paradigm. first-out buffering. such as weighted fair queuing or leaky bucket. also known as datagram switching. which normally are forwarded by the multiplexers and intermediate network nodes asynchronously using first-in. also known as virtual circuit switching. Statistical multiplexing. even when no data is transferred. the packets may be delivered according to some packet-mode multiple access scheme. Only after BT changed its most senior management who were fixated on circuit switching/ISDN based on System X/Y telephone exchanges and embracing broadband/internet lock stock and barrel has this changed. Now BT appears to be inheriting a dominating position in the Global Network Services market. In the first case each packet includes complete addressing or routing information. com/ coms/ history/ pss/ index. for example in cellular communication services. circuit switching is characterized by a fee per time unit of connection time. packet switching and other store-and-forward buffering introduces varying latency and throughput in the transmission. The packets include a connection identifier rather than address information. Demon and Energis based virtual ISPs in the same sector has only been recovered from recently.

when the route to the destination is discovered and an entry is added to the switching table in each network node through which the connection passes. UK. first presented to the Air Force in the summer of 1961 as [1] [2] in 1962 and then including and expanding somewhat briefing B-265 then published as RAND Paper P-2626 within a series of eleven papers titled On Distributed Communications [3] in 1964.[6] In 1973 Vint Cerf and Bob Kahn wrote the specifications for Transmission Control Protocol (TCP). Routing a packet is very simple. Baran developed the concept of message block switching during his research at the RAND Corporation for the US Air Force into survivable communications networks. The signalling protocols used allow the application to specify its requirements and the network to specify what capacity etc.Packet switching 148 History The concept of switching small blocks of data was first explored by Paul Baran in the early 1960s. The first computer network and packet switching network deployed for computer resource sharing was the Octopus Network at the Lawrence Livermore National Laboratory that began connecting four Control Data 6600 computers to several shared storage devices (including an IBM 2321 Data Cell[4] in 1968 and an IBM Photostore[5] in 1970) and to several hundred Teletype Model 33 ASR terminals for time sharing use starting in 1968. use of a decentralized network with multiple paths between any two points. or virtual circuit switching (also known as connection oriented). connection oriented packet-switching protocols include X. and published a book in the related field of digital message switching (without the packets) in 1961. survivable communications network. Independently. Baran's study made its way to Robert Taylor and J. delivery of these messages by store and forward switching. Licklider at the Information Processing Technology Office. A member of Davies' team met Lawrence Roberts at the 1967 ACM Symposium on Operating System Principles. The packet header can be small. as it only needs to contain the ID and any information (such as length. Leonard Kleinrock conducted early research in queueing theory which would be important in packet switching. Baran's P-2626 paper described a general architecture for a large-scale. Asynchronous Transfer Mode (ATM). both wide-area network evangelists. dividing complete user messages into what he called message blocks (later called packets). after which a person from the Ministry of Defence (MoD) told him about Baran's work. an internetworking protocol for sharing resources using packet-switching among the nodes. and TCP. is available. Interestingly.R. Some connectionless protocols are Ethernet. and UDP. Davies developed the concept of packet-switched networks and proposed development of a UK wide network. Frame relay. IP. Donald Davies at the National Physical Laboratory (NPL) in the UK had developed the same ideas (Abbate. The paper focuses on three key ideas: first. or sequence number) which is different for different . Address information is only transferred to each node during a connection set-up phase. distributed. he also later played a leading role in building and management of the world's first packet switched network. Baran's work was similar to the research performed independently by Donald Davies at the National Physical Laboratory. bringing the two groups together. Multiprotocol Label Switching (MPLS).C. such as a packet size of 1024 bits. and acceptable values for service parameters to be negotiated. 2000). the ARPANET. Davies had chosen some of the same parameters for his original network design as Baran. timestamp. each packet is labeled with a connection ID rather than an address. as it just requires the node to look up the ID in the table. He gave a talk on the proposal in 1966. The NPL Data Communications Network entered service in 1970. then third. In 1965. In connection oriented networks. Connectionless and connection-oriented packet switching The service actually provided to the user by networks using packet switching nodes can be either connectionless (based on datagram messages). Roberts and the ARPANET team took the name "packet switching" itself from Davies's work.25. In 1966 Davies proposed that a network should be built at the laboratory to serve the needs of NPL and prove the feasibility of packet switching. and second. and it helped influence Lawrence Roberts to adopt the technology when Taylor put him in charge of development of the ARPANET.

source address. A major difference between X.g.. X. Frame relay is a further development of X. also known as virtual circuit switching. It was widely used in switching networks during the 1980s and early 1990s. 149 Packet switching in networks Packet switching is used to optimize the use of the channel capacity available in digital telecommunication networks such as computer networks. At the destination.25 vs. Newer mobile phone technologies (e. The simplicity of Frame Relay made it considerably faster and more cost effective than X. based on the packet sequence number. based on node-to-node automatic repeat request. The Internet is implemented by the Internet Protocol Suite using a variety of Link Layer technologies. and port numbers.25 packet switching. each packet is labeled with a destination address. Asynchronous Transfer Mode (ATM) also is a virtual circuit technology.25 provided the first international and commercial packet switching network. It is only used for "semi-permanent" connections. Each packet is dispatched and may go via different routes. I-mode) also use packet switching. These virtual circuits carry variable-length packets.25. has been [7] called "ATM without cells". although intermediate network nodes only provides a connectionless network layer service. also known as the OSI protocol suite. while Frame Relay is a non-reliable protocol. it provided virtual circuits to the user.25 protocol suite. In connectionless networks. and for automated teller machines. GPRS. MPLS. Frame Relay was used to interconnect LANs or LAN segments. maximum packet length is 1000 bytes.25 is a notable use of packet switching in that. despite being based on packet switching methods. Ethernet and Frame Relay are common. the system has to do as much work for every packet as the connection-oriented system has to do in connection set-up. do not require these technologies to be able to forward variable-length packets at multigigabit speeds across the network. potentially. the original message/data is reassembled in the correct order. and this information needs to be looked up in power-hungry content-addressable memory. and does not provide logical addresses and routing.25 and Frame Relay provide connection-oriented packet switching. which uses fixed-length cell relay connection oriented packet switching. mainly in the 1990s by large companies that had a requirement to handle heavy telecommunications [8] :250 Despite the benefits of frame relay packet switching. The most well-known use of packet switching is the Internet and most local area networks. many international traffic across wide area networks. . X. Thus a virtual connection. The X. Datagram packet switching is also called connectionless networking because no connections are established. Frame Relay packet switching Both X.25 is a reliable protocol. This precludes the need for a dedicated path to help the packet find its way to its destination. also known as a virtual circuit or byte stream is provided to the end-user by a transport layer protocol.Packet switching packets. For example. indeed. and to increase robustness of communication. Virtual circuits are especially useful in building robust failover mechanisms and allocating bandwidth for delay-sensitive applications. which is therefore larger. have been called "fast packet" technologies. while X. Modern routers. it may also be labeled with the sequence number of the packet. however. X. and is part of the X.25 and Frame Relay packet switching are that X. In 1978. but means that much more information is needed in the packet header.25 connections also can be established for each communication session. MPLS and its predecessors. Frame relay is a data link layer protocol. but with less information as to the application's requirements. the International Packet Switched Service (IPSS).25 protocol is a network layer protocol. Technologies such as Multiprotocol Label Switching (MPLS) and the resource reservation protocol (RSVP) create virtual circuits on top of datagram networks. as well as ATM. for example as an alternative to circuit mode terminal switching. Any retransmissions must be carried out by higher layer protocols. to minimize the transmission latency (the time it takes for data to pass across the network).

A. and P. particularly in Asia-Pacific and South America regions. Information Flow in Large Communication Nets (http://www. (IEEE Transactions on Communications Systems. T.). On Distributed Communications Networks (http://ieeexplore.edu/ bibliography-public_reports. rogerdmoore. 1964) • Paul Baran et al.ieee. Volumes I-XI (http://www. Living Internet.rand. Cambridge.html).rand.Packet switching companies are staying with the X.org/publications/RM/RM3420/) (RAND Memorandum RM-3420-PR. "Octopus: The Lawrence Radiation Laboratory Network" (http:/ / www. Toward a Cooperative Network of Time-Shared Computers (http://www.cs. M. & Marakas.org/about/history/ baran-list. Information Flow in Large Communication Nets (RLE Quarterly Progress Report. October 1966) Lawrence Roberts. Computerworld.html) (RAND Corporation Research Documents. Pildush [8] O’Brien. 1964) • Paul Baran. dir/ pages/ Photostore. [9] Girard. rand. Scantlebury. from ABI/INFORM Global database. G. New York. K. html). jsp?arnumber=1088883). Many companies did not intend to cross over to Frame Relay packet switching because it is more cost effective to use X. org/ pubs/ research_memoranda/ RM3420/ index. R. Bartlett. 1978) • • • • • .ucla. March 1964) D. com/ i/ ii_rand. A. May 31. Bartlett. A. cc/files/toward-coop-net.25 standard.cc/files/ev-packet-sw. (MIT.[9] 150 References [1] Stewart. The Evolution of Packet Switching (http://www. Thesis • Leonard Kleinrock. Columbia University Computing History [5] The IBM 1360 Photostore (http:/ / www. X. On Distributed Communications: I Introduction to Distributed Communications Network (http:// www. htm).. Wilkinson. Retrieved 2009-05-06. X. html). (2009). August. com/ cisco/ newsletter/ SL/ interview_08-12-03. and K.html) (Proceedings of the IEEE. July 1961) • Leonard Kleinrock. certificationzone. org/ pubs/ papers/ P2626/ [3] http:/ / www. Bibliography • Leonard Kleinrock. "Paul Baran Invents Packet Switching" (http:/ / www. dir/ index. columbia. January). Wilkinson.25 packet switching was used heavily in government and financial networks that use mainframe applications. X. . Lawrence Livermore Laboratory Computing History [6] Mendicino.25 was the only technology available. J. In the United States. html).packet. A digital communications network for computers giving rapid response at remote terminals (ACM Symposium on Operating Systems Principles. Communication Nets: Stochastic Message Flow and Delay (McGraw-Hill. Retrieved 2008-05-08. G. html [4] The IBM 2321 Data Cell Drive (http:/ / www. On Distributed Communications. 1961) Proposal for a Ph. Samuel (1970-11-30). html). August 1964) Paul Baran. edu/ acis/ history/ datacell. (Document ID: 10946641). October 1967) R.25 users remaining loyal despite frame-relay hype. 2009. K. The design of a message switching Centre for a digital communication network (IFIP 1968) Larry Roberts and Tom Merrill. . November.html) (Fall AFIPS Conference. 31(4). 16. info/ Page4. livinginternet. Scantlebury. rand. ca/ PS/ OCTOA/ OCTO.packet.lk.25 on slower networks. P. [7] Interview with the author (of an MPLS-based VPN article) (http:/ / www. In certain parts of the world.D. A. A. (1997. [2] http:/ / www. computer-history. Bill (2000-01-07). T.org/search/wrapper. Retrieved March 6. New York: McGraw-Hill/Irwin. Management Information Systems (9th ed. W. Davies.

writing and distribution of his eleven-volume work. There is a major distinction between Intranet telephony and VoIP." Baran discusses his interaction with the group at ARPA who were responsible for the later development of the ARPANET.umn. O'Neill. Judy E.edu/oh/display.htm). 1996) External links • Oral history interview with Paul Baran (http://www. the vision in to drive voice and data over a single multimedia (packet based N/W) allowing waves to engage in a media rich communication in a natural and straightforward manner. which is licensed under the GFDL. Transforming Computer Technology: Information Processing for the Pentagon. Roberts. The transaction to a new paradigm will take years to complete.shtml) This article was originally based on material from the Free On-line Dictionary of Computing. Minneapolis.rand. "On Distributed Communications. It consists of telephony and data tightly coupled on packet-based switched multimedia networks. Charles Babbage Institute University of Minnesota.isoc.html) • A Brief History of the Internet (http://www.cbi. Packet telephony Packet telephony is the use of personal computers and a packet data network to produce a voice conversation. Inventing the Internet (MIT Press.com/i/iw_packet.org/internet/history/brief. 1962-1982 (Johns Hopkins University. and Kleinrock • Paul Baran and the Origins of the Internet (http://www. as well as his initial interest in survivable communications. 1996) pp 52–67 • Janet Abbate. However technology matures and new application proliferate packet technology will appear in broader market. and the evolution.livinginternet. Where Wizards Stay Up Late (Simon and Schuster. 2000) ISBN 0-262-51115-0 • Arthur Norberg. • Packet Switching History and Design (http://www. . The packet and based fabric is capable of supporting future applications such as video streaming and video conferencing. Baran describes his working environment at RAND. site reviewed by Baran.org/about/history/baran.phtml?id=110).Packet switching 151 Further reading • Katie Hafner. The goal of packet switched fabric in both LAN and WAN.

The network over which packets are transmitted is a shared network which routes each packet independently from all others and allocates transmission resources as needed. Nodal processing: 1.Packet transfer delay 152 Packet transfer delay Packet transfer delay is a concept in packet switching technology. Transmission delay: 1. Check bit errors 2. R=Link bandwidth (bit/s) 2. Transmission Control Protocol /Internet Protocol (TCP/IP) is the best known example of a host to datagram protocol. The history of such networks can be divided into three eras: early networks before the introduction of X. When traversing network adapters. d = Length of physical link 2. The principal goals of packet switching are to optimize utilization of available link capacity. Depends on congestion level of router 3. L=Packet length (bits) 3. irrespective of content. Early networks ARPANET and SITA HLN became operational in 1969.25 era when many postal. Propagation delay: 1. the network guarantees sequenced delivery of data to the host. packets are buffered and queued. about twenty different network technologies were developed.25 in 1973 [1] .25 interfaces. Queuing: 1. and the Internet era when restrictions on connection to the Internet were removed. There are four sources of packet transfer delay: 1. Determine output link 2. In the virtual call system. s = Propagation speed in medium 3. In the datagram system the host must detect loss or duplication of packets. called packets. Packet transfer delay is influenced by the level of network congestion and the number of routers along the way of transmission. telephone and telegraph (PTT) companies introduced networks with X. Time waiting at output link for transmission 2. This results in a simpler host interface with less functionality than in the datagram model. The sum of store-and-forward delay that a packet experiences in each router gives the transfer or queuing delay of that packet across the network.25 and the OSI model. switches and other network nodes. resulting in variable delay and throughput. minimize response times and increase the robustness of communication. X. the X. There was a debate about the merits of two drastically different views as to proper division of labor between the hosts and the network. Propagation delay = d/s Packet-switched network A packet-switched network is a digital communications network that groups all transmitted data. depending on the traffic load in the network. Before the introduction of X.25 is the best . Time to send bits into link = L/R 4. or structure into suitably sized blocks. type.

[2] CYCLADES CYCLADES was an experimental French network. In 1965. offering batch processing services. Warner was right. apparently the world's first commercial online service. Louis Pouzin was the principal designer. Tymnet. GEIS created a network data center near Cleveland. a high-level marketing manager. Very little has been published about the internal details of their network. General Electric was a major international provider of information services. 153 ARPANET This is the principal survivor from the early era.) After going international some years later. Ferranti supplied the hardware and software. Ohio. and Phoenix) to facilitate a computer time-sharing service. based on Kemney's work at Dartmouth—which used a computer on loan from GE—could be profitable. Chicago. [3] [4] GEIS As General Electric Information Services (GEIS). Some ideas from this network were later incorporated into ARPANET. at the instigation of Warner Sinback. a data network based on this voice-phone network was designed to connect GE's four computer sales and service centers (Schenectady. which was an important component of ARPANET2.Packet-switched network known virtual call protocol.) The design was hierarchal with redundant communication links. EPSS EPSS (Experimental Packet Switching System) was an experiment of the UK Post Office. TCP/IP. (Though it has been stated by some that Tymshare copied the GEIS system to create their network. (In addition to selling GE computers. EIN nee COST II European Informatics Network was a project to link several national networks. was chosen for use in NSFNET which eventually became the Internet. The handling of link control messages (acknowledgements and flow control) was differed from that of most another networks and is not fully explained in the published literature. Phoenix. The company originally designed a telephone network to serve as its internal (albeit continent-wide) voice telephone network. It became operational in 1976. [5] [6] .25 project. and Sinback. It was succeeded by DDX-2. In some cases custom I/O devices were added to allow inexpensive or exotic attachments to communication lines. It initially had only one host but was designed to support many hosts. BNR later made major contributions to the CCITT X. They lost money from the beginning. DDX-1 This was an experimental network from Nippon PTT. It mixed circuit switching and packet switching. Inexpensive minicomputers were an important component in the early networks. BNRNET BNRNET was a network which Bell Northern Research developed for internal use. the centers were computer service bureaus. He decided that a time-sharing system. was given the job of turning the business around.

Further developments led to Xerox Network Systems (XNS). it was created by researchers at Xerox PARC in the mid-1970s. P." [18] . NPL built a single node network to connect sundry hosts at NPL. Surrey developed a packet switching network for internal use. as well as higher level functions such as a reliable byte stream. It was a datagram network with a single switching node. RCP emphasised terminal to host and terminal to terminal connection. [11] PUP The PARC Universal Packet (PUP or Pup) was one of the two earliest internetwork protocol suites. It was used to gain experience with packet switching technology before the specification of Transpac was frozen.Packet-switched network 154 IPSANET IPSANET was a semi-private network constructed by I. RCP RCP was an experimental network created by the French PTT. [15] [16] [17] SCANNET "The experimental packet-switched Nordic telecommunication network SCANNET was implemented in Nordic technical libraries in 70's. TRANSPAC was introduced as an X. Libraries were also among first ones in universities to accommodate microcomputers for public use in early 80's. The entire suite provided routing and packet delivery. It became operational in 1972 and thus was the first public network. It connected sundry hosts at the lab to interactive terminals and various computer peripherals including a bulk storage system.25 [12] [13] [14] RETD Red Especial de Transmisión de Datos was a network developed by Compañía Telefónica Nacional de España. It became operational in May 1976. NPL Donald Davies of the National Physical Laboratory. RCP influenced the specification of X. RCP was a virtual-circuit network in contrast to CYCLADES which was based on datagrams. [8] [9] [10] Philips Research Philips Research Laboratories in Redhill. and it included first Nordic electronic journal Extemplo. [7] OCTOPUS Octopus was a local network at Lawrence Livermore National Laboratory. UK made many important contributions to the theory of packet switching. Sharp Associates to serve their time-sharing customers. along with numerous applications. CYCLADES was concerned with host-to-host communication.25 network.

This allowed construction of a private network. Telenet was incorporated in 1973 and started operations in 1975. Another employee suggested the name.25 host interface in addition to older host connection schemes. educational institutions. as well as higher level functions such as a reliable stream.25/X.25 networks. and internationally via X. An IBM customer could acquire hardware and software from IBM and lease private lines from a common carrier. [20] Telenet Telenet was the first FCC-licensed public data network in the United States. X.25 networks. The private networks were often connected via gateways to the public network to reach locations not on the private network. A user or host could call a host on a foreign network by including the DNIC of the remote network as part of the destination address. Some older networks such as TELENET and TYMNET were modified to provide a X. BSC and ASCII interfaces to connect host computers (servers)at thousands of large companies. Bolt. (Interesting note: Tymnet was not named after Mr. Tyme. X. Northern Telecom sold several DATAPAC clones to foreign PTTs including the Deutsche Bundespost.75 gateways.25 external interface. Telenet designed these protocols and helped standardize them in the CCITT. He had tried to interest AT&T in buying the technology. It carried interactive traffic and message-switching traffic. CA that utilized virtual call packet switched technology and used X. The business consisted of a large public network that supported dial-up users and a private network business that allowed government agencies and large companies (mostly banks and airlines) to build their own dedicated networks. As with many non-academic networks very little has been published about it. . DATAPAC was developed by Bell Northern Research which was a joint venture of Bell Canada (a common carrier) and Northern Telecom (a telecommunications equipment supplier). Some such as DATAPAC and TRANSPAC were initially implemented with an X. and remote procedure calls.S. which provided routing and packet delivery.75 and X.25 era There were two kinds of X. [19] SNA Systems Network Architecture (SNA) is IBM's proprietary networking architecture created in 1974. Tymnet Tymnet was an international data communications network headquartered in San Jose. It was founded by former ARPA IPTO director Larry Roberts as a means of making ARPANET technology public. Beranack and Newman (BBN) provided the financing.29.25.Packet-switched network 155 SITA HLN SITA is a consortium of airlines.25 and the terminal interface to X. It initially used ARPANET technology but changed the host interface to X.) [21] [22] XNS Xerox Network Systems (XNS) was a protocol suite promulgated by Xerox. It went public in 1979 and was then sold to GTE.121 allowed the interconnection of national X. Tymnet was also connected to dozens of other public networks in the U. and government agencies. Users typically connected via dial-up connections or dedicated async connections. Their High Level Network became operational in 1969 at about the same time as ARPANET. but the monopoly's reaction was that this was incompatible with their future. It was developed from PARC Universal Packet (PUP). SNA/SDLC.

the name also referred to the public PAD service Telepad (using the DNIC 2049). Access can be via a dial-up terminal to a PAD. Switched virtual calls were not supported.25 packet switching. Datex-P Deutsche Bundespost operated this national network in Germany. replacing Euronet.25 node to the network. Datanet 1 Datanet 1 was the public switched data network operated by the Dutch PTT Telecom (now known as KPN). Eirpac is run by Eircom. supporting applications such as on-line betting. The technology was acquired from Northern Telecom. Datapac DATAPAC was the first operational X.Packet-switched network 156 AUSTPAC AUSTPAC was an Australian public X. [24] Iberpac Iberpac is the Spanish public packet switched network. ConnNet ConnNet was a packet switched data network operated by the Southern New England Telephone Company serving the state of Connecticut. .121 DNIC 2041).25 and X. Started by Telecom Australia in the early 1980s. Messages were buffered at the nodes adjacent to the sending and receiving terminals.25 network operated by Telstra. by linking a permanent X.25 services. but through the use of "logical ports" an originating terminal could have a menu of pre-defined destination terminals. message switching software was also included. Strictly speaking Datanet 1 only referred to the network and the connected users via leased lines (using the X. AUSTPAC was Australia's first public packet-switched data network. And because the main Videotex service used the network and modified PAD devices as infrastructure the name Datanet 1 was used for these services as well. It covered major Canadian cities and was eventually extended to smaller centres. or. financial applications — the Australian Tax Office made use of AUSTPAC — and remote terminal access to academic institutions. It was launched in 1984. HIPA-NET Hitachi designed a private network system for sale as a turnkey package to multi-national organizations. In addition to providing X.28. Iberpac is run by Telefonica. providing X. who maintained their connections to AUSTPAC up until the mid-late 1990s in some cases. Eirpac Eirpac is the Irish public switched data network supporting X. Although this use of the name was incorrect all these services were managed by the same [23] people within one department of KPN contributed to the confusion.25 network (1976).

The X. html). . Peter T. "Vint Cerf on why TCP/IP was so long in coming" (http:/ / www. publicly funded research laboratories. html). J. "Some Design Aspects of a public packet switching network" (http:/ / rogerdmoore. linking all universities. and various InterStream gateways to other services such as Telex. United Kingdom: Noordhoff International Publishing. 10–14. Proceedings of the 2nd ICCC 74. C. networkworld. C. Grushcow. Wilkin. National LambdaRail National LambdaRail is a high-speed national computer network in the United States that runs over fiber-optic lines.. Proceedings of the 2nd ICCC 74. pp. References [1] Taylor. (1974). . The user no longer saw network identifiers such as the DNIC. PSS also included public dial-up PAD access. Sussex. R. Wilkinson. Internet2 Internet2 is not an actual network. com/ newsletters/ frame/ 2008/ 0128wan1. A. . S. Smith. United Kingdom: Noordhoff International Publishing. higher education establishments. P. M.T.25 network in France. Proceedings of the NATO Advanced Study Institute on Computer Communication Networks. . [6] Schwartz. "The National Physical Laboratory Data Communications Network" (http:/ / www. Cunningham and M. Steve. and run X. "THE BNR NETWORK: A CANADIAN EXPERIENCE WITH PACKET SWITCHING TECHNOLOGY" (http:/ / rogerdmoore. 223–228. html#GEISCO). html). The JANET network grew out of the 1970s SRCnet (later called SERCnet) network. IFIP Congress 1974. [2] Martel. and is the first transcontinental Ethernet network working to establish a direct line of communications between international parties. PSS PSS was the UK Post Office (later to become British Telecom) national X.25 network with a DNIC of 2342. Michael A. ca/ PS/ EPSSFer/ EF. ca/ PS/ Kirs1973/ Ki. Rober R. Researchers have created some experimental networks to complement the existing Internet. rogerdmoore. the distinctions between national networks blurred.Packet-switched network 157 JANET JANET was the UK academic and research network. Boorstyn. D (1974). (1973). The development was done by the French PTT and influenced by the experimental RCP network. . [3] Bright. "Terminal-Oriented Computer-Communication Networks" (http:/ / rogerdmoore. 435–44. but the PSS name has remained better known. [4] Pearson. (1973). pp. html#GEISCO).. It is a research consortium which has created the Abilene Network. . pp. "EXPERIMENTAL PACKET SWITCHING PROJECT OF THE UK POST OFFICE" (http:/ / rogerdmoore. . It was developed locally at about the same time as DataPac in Canada. Some older technologies such as circuit switching have resurfaced with new names such as fast packet switching. html).25 links at up to 8 Mbit/s in its final phase before being converted to an IP based network. "A SURVEY OF PRESENT AND PLANNED GENERAL PURPOSE EUROPEAN DATA AND COMPUTER NETWORKS" (http:/ / rogerdmoore. [7] Scantlebury. [5] Kirstein. html).25 network was based mainly on GEC 4000 series switches. Raymond L. D J. pp. Mischa. ca/ PS/ NPLPh/ NPL1974A. ca/ PS/ BNR/ BNRnet. ca/ PS/ TONET/ TON. and Pickholtz. Roy D. It began operation in 1978[25] .. (November 1972). Jim Metzler (2008). 199–213. ca/ PS/ EPSSB. Proceedings of the IEEE 60 (11): 1408–23. Sussex. British Telecom renamed PSS under its GNS (Global Network Service) name. Proceedings of the NATO Advanced Study Institute on Computer Communication Networks. . Transpac Transpac was the national X. Internet era When Internet connectivity was made available to anyone who could pay for an ISP subscription.

16 May. Sethi. Matras (1976). Guillou. . "Principles of Design in the Octopus Computer network" (http:/ / portal. Long and Y. html?issue=18&id=3#article) • EPSS (http://www. [19] Chretien. [12] Després. (1974). ca/ PS/ HIPA/ HIA. IEEE. info/ Page4. . (1976).. Retrieved 15 June 2011 [24] Tomaru. pp. LA ROY W. rogerdmoore. html). Issue #2". Connections.htm) Pictures of the EPSS exchanges in London. Matras. [10] Fletcher. Zakon Group LLC (http://www. 1991. . 517–22. html). Proceedings of ICCC 76.. Robert H'obbes' Zakon. pp.Pre-Internet Data Networking" (http:/ / remi.com/coms/history/epss/index.4.H. A. de/ conferences/ eunis2001/ e/ Haarala/ HTML/ haarala-ch2.org/issues. html). [21] TYMES. N. html). G. Samuel F. dir/ index. "Packet Switching at Philips Research Laboratories" (http:/ / rogerdmoore. ca/ PS/ SITAB.. Proceedings of ICCC 76. Conference Record of ICC 80. [11] Burnett.phrack. ca/ PS/ RCPDEP/ RD.5. pp. G. David L. Proceedings of ICCC 74. G. nl/ extra1/ afstversl/ E/ 354398. "A Private Packet Network and Its Application in A Worldwide Integrated Communication Network" (http:/ / rogerdmoore. (1980).lt/hacking/icebook2. html). Steneker: Graduation Report on X. the Experimental Packet-Switching Data Transmission Service of the French PTT" (http:/ / rogerdmoore.Transpac in France . "RCP.org/robert/ internet/timeline/) • 20+ articles on packet switching in the 70s (http://www. "RCP. ca/ PS/ RCPBAC/ RB. J. D. 39. [16] Cuenca. (1974). (APRIL 1981). 158 External links • "The Guide to Hacking & Phreaking.'s PACKET SWITCHING NETWORK. ca/ PS/ CTNEA/ CTA.J. Luis (1980).J. LA ROY W.5.M. [17] Lavandera. pp. [15] Alarcia. ca/ PS/ TYMFlow/ TF. Proceedings of 2nd ICCC 74. ca/ PS/ RETDB. html). Computer Networks (North-Holland Publishing Company) 1: 341–348. Arja-Riitta. IEEE. 163–170.): 95–100. "ARCHITECTURE. "Fundamental Choices in the Development of RCP. . . Control" (http:/ / rogerdmoore. L. Herrera. ""1980 SNA'S First Six Years: 1974-1980"" (http:/ / rogerdmoore. tue.group. . (1972). T.25 Virtual Circuits .3.J. . S. . html). computer-history. (1973). free. despres. Proceedings of ICCC '80. [14] Bache. L. pp. . R. IEEE TRANSACTIONS ON COMMUNICATIONS COM-29 (4): 392–98.. PROTOCOLS AND PERFORMANCE OF RETD" (http:/ / rogerdmoore. Schultz (1980). cfm?id=810357). H. . . . [23] H. "The SITA Network" (http:/ / rogerdmoore.R.J. "Routing and Flow Control in TYMNET" (http:/ / www. Proceedings of 5th ICCC 80. Y. html). [13] Bache. 578–585.25 data services in GSM network (http:/ / alexandria.. html). Liquid Jesus (http://textfiles. THE EXPERIMENTAL PACKET-SWITCHED DATA TRANSMISSION SERVICE OF THE FRENCH PTT" (http:/ / rogerdmoore. (1970).ca/PS) • "An Introduction to Packet Switched Networks". . Yamaguchi (1980).D..1–28. pp. United Kingdom: Noordhoff International Publishing. pp. pdf) Electrical Engineering . [22] TYMES. Kato and S.zakon. Proceedings of the NATO Advanced Study Institute on Computer Communication Networks. "TYMNET — A terminal oriented communication network" (http:/ / rogerdmoore. ITS APPLICATIONS" (http:/ / rogerdmoore. 38. ca/ PS/ TYMNET/ TY. "1970 OCTOPUS: THE LAWRENCE RADIATION LABORATORY NETWORK" (http:/ / rogerdmoore. and Rech.TUE. the Experimental Packet-Switched Data Transmission Service of the French PTT: History.I. Layec.T. ca/ PS/ RCPHCC/ RH. [9] Pehrson.: Prentice-Hall Inc. .N. dir/ pages/ Octopus. ca/ PS/ NPLPh/ PhilipsA. .. B. . . html). acm. W. John G. html). [25] "X. Chapter 3: page 20 and further.1". H.rogerdmoore. ca/ PS/ OCTOA/ OCTO. R. Conference Record of ICC 80. fr/ Publications/ X25-TPC. "A PUBLIC PACKET SWITCHING DATA COMMUNICATIONS NETWORK: EIGHT YEARS OF OPERATING EXPERIENCE" (http:/ / rogerdmoore. html). Proceedings of the SJCC 1971. 373–396.txt) • "Hobbes' Internet Timeline v8. html). (1975). COMPUTER NETWORKS (Englewood Cliffs. K. 211–16.. org/ citation.. pp. ca/ PS/ SNA6Y/ SNA6. hu-berlin.E. 05/3/88 (http://www.1–39. Phrack. 28.Packet-switched network [8] Mendicino. .3. Konig. html). ca/ PS/ CTNEC1. A. html).4. html). [18] Haarala. pp.J. "C. [20] Sundstrom. "Libraries as key players at the local level" (http:/ / edoc. 171–85. Sussex. Manchester and Glasgow.euclideanspace. 311–16. "AN ENGINEERING VIEW OF THE LRL OCTOPUS COMPUTER NETWORK" (http:/ / www.

some of the protocols in the XNS suite (such as the Internetwork Datagram Protocol) were lightly modified versions of the ones in the PUP suite. but no PUP router was required to handle them. History The origins of the PUP suite lie in two developments. but it is also applied to the whole protocol suite. formatting.25 56 kbit/s host connections. as well as higher level functions such as a reliable byte stream. a node that contains data switches and equipment for controlling. a packet-switching node is usually configured to support up to thirty-two X. A protocol named the Gateway Information Protocol (a remote ancestor of RIP) was used as both the routing protocol. the name "PUP" only refers to the internetwork-level protocol. The network number had a particular special value which meant 'this network'. Note: In the Defense Data Network (DDN). However. which roughly corresponds to the Internet Protocol (IP) layer in TCP/IP. for in-house use. and the creation of the Ethernet local area network at PARC. A full PUP network address consisted of an 8-bit network number. Unlike TCP/IP. an optional 2-byte checksum covered the entire packet. Larger packets could be fragmented. The fundamental design of the PUP suite was substantially complete by 1974.Packet-switching node 159 Packet-switching node Packet-switching node: In a packet-switching network. but operating at a lower level. Basic internetwork protocol The main internetwork layer protocol was PUP. unlike IP). so that upper-layer protocols did not need to implement their own demultiplexing. PUP also supplied packet types (again. an 8-bit host number. as many as six 56 kbit/s interswitch trunk (IST) lines to other packet-switching nodes. socket fields were part of the full network address in the PUP header. and receiving data packets.) The entire suite provided routing and packet delivery. the development of PUP split off because Xerox PARC wished to move ahead with implementation. and a 16-bit socket number. although the original documents usually use Pup) was one of the two earliest internetwork protocol suites. reflecting the experience gained with PUP and IP. routing.  This article incorporates public domain material from the General Services Administration document "Federal Standard 1037C" [1] (in support of MIL-STD-188). it was created by researchers at Xerox PARC in the mid-1970s. . similar to IP's ping. In the 1980s Xerox used PUP as the base for the Xerox Network Systems (XNS) protocol suite. transmitting. PARC Universal Packet The PARC Universal Packet (commonly abbreviated to PUP. which requires all hosts to support at least 576 (but supports packets of up to 65K bytes. along with numerous applications. if the hosts support them). This was a smaller packet size than IP. PUP also included a simple echo protocol at the internetwork layer. (Technically. for use by hosts which did not (yet) know their network number. Also. and at least one Terminal Access Controller (TAC). PUP packets were up to 554 bytes long (including the 20 byte PUP header). individual PUP host pairs on a particular network might use larger packets. and the checksum. in the same events in the early 1970s as the very earliest stage of the development of TCP/IP (see History of the Internet). but others are quite different. and for hosts to discover routers.

BSP's semantics and operation were in terms of bytes. this was discarded in favour of packets for the equivalent protocol in XNS. One version of RIP served as one of the initial so-called interior gateway protocols for the growing Internet. Sequenced Packet Protocol. that demonstration would not have been anything like as powerful as it was without all the capabilities that a working internetwork provided. New York. Metcalfe. copying disk packs. name lookup. Palo Alto. Like TCP. BSP took over and managed the data transfer. RIP. which was analogous to TCP. PUP was very influential. The second was the primary transport layer protocol. Dealers of Lightning: Xerox PARC and the Dawn of the Computer Age (HarperBusiness. The Gateway Information Protocol's descendant. 1980). July. • Michael A.PARC Universal Packet 160 Transport layer protocols To establish a transport connection. Hupp. Pup Network Constants (Xerox Parc. Byte Stream Protocol (BSP). John F. and as the foundation for the later XNS protocols. The first. Palo Alto. Palo Alto. Taft. Naming and Addressing Conventions for Pup (Xerox Parc. remains in wide use today in other protocol suites. Taft. However.1980. Once RTP had started the connection. (somewhat modified to match the syntax of addresses of other protocol suites). "Pup: An Internetwork Architecture". 1975) • Jon A. Edward A. etc (although some of these capabilities had been seen before. Taft. 1979) Further reading • David R. 1999). in small sites with simple requirements. doi:10. 1978 and October. 1975) • Edward A. Hiltzik. Others were novel. July. IEEE Transactions on Communications 28 (4): 612–624. 1975) • Edward A. two protocols came into play. 1975) • Edward A. July.1109/TCOM. It is still in use as an interior routing protocol. Boggs. 1978 and October. References • Edward A. Robert M. July. remote management. Pup Specifications (Xerox Parc. were basically the same protocols as used on the ARPANET (much as occurred with the TCP/IP suite).g. 1978 and October. Impact In showing that internetworking ideas were feasible. Application protocols PUP supported a large number of applications. before the arrival of the more modern OSPF and IS-IS. page-level remote access to file servers. Some of them. State Machine for Rendezvous/Termination Protocol (Xerox Parc. June. including protocols for printer spooling. the ARPANET already made heavy use of remote management for controlling the Interface Message Processors which made it up). Pup Error Protocol (Xerox Parc. Metcalfe (April. Taft. pp. Taft. e. Shoch. Robert M. such as Telnet and File Transfer Protocol. as well as manage and terminate the connection.1094684. Palo Alto. 291-293 . the Rendezvous and Termination Protocol (RTP). its biggest impact was probably as a key component of the office of the future model first demonstrated at Xerox PARC. 1978 and October. in being influential in the early work on TCP/IP. Palo Alto. which was used to initiate communication between two entities.

Many game servers are not big enough to handle Denial of Service Attacks. Internet connection speed. the player aided by the higher ping skips around. the quality of a user's Internet service provider and the configuration of firewalls. and therefore it takes longer for data to be transmitted. . For this reason. Having a low ping is always desirable because lower latency provides smoother gameplay by allowing faster updates of game data. the amount of packet-switching and network hardware in between the two computers is often more significant. Servers will often disconnect a client if the ping is too high and it poses a detriment to others' gameplay. In these games. For instance. making it hard to judge where the character is exactly. Rather than using the traditional ICMP echo request and reply packets to determine ping times. game programmers often instead build their own latency detection into existing game packets (usually based on the UDP protocol).Ping (video gaming) 161 Ping (video gaming) In multiplayer online video games. very miserable. For instance. This could be reported quantitatively as an average time in milliseconds. if someone is in India. or qualitatively as low ping or high ping. Ping is often conflated with lag. playing on a server located in the United States. Similarly. and autokicking players more. and thus more elusive to target. The latter usage is common among players of first-person shooter and real-time strategy games. so having a high latency will usually be to the user's peril. rather.e. Ping is also affected by geographical location. who does not crash. One may "lag out" due to unacceptably high ping. However. a high ping causes lag. the server keeps track of where the user's avatar is. Some factors that might affect ping include: network protocol engineering. wireless network interface cards must modulate digital signals into radio signals. making the server liable to crash. ping refers to the network latency between a player's computer (client). making the player's gaming experience. many servers automatically remove players with higher than average ping . users with a high ping unintentionally gain an unfair advantage. which is often more costly than the time it takes an electrical signal to traverse a typical span of cable. as in some implementations of the Quake III Arena network protocol and game engine. and either the game server or another client (i. peer). it may make players' ping considerably higher. In more modern multiplayer online video games implementations.with thresholds as low as 130 milliseconds. Hacking If a hacker applies a Denial-of-Service Attack on a game server. Cheating In some games. A high ping is not the result of lag. client software will often mandate disconnection if the ping is too high. the distance between the two is greater than it would be for players located within the US.

All this additional information. decodes the data to extract the original service data unit. In order to do this. or data. it treats it as payload. For example: Bridge PDU or iSCSI PDU[1] PDUs are relevant in relation to each of the first 4 layers of the OSI model as follows: 1. constitutes the protocol data unit at this layer. a network address to help with routing. the term protocol data unit (PDU) has the following meanings: 1. The addition of addressing and control information (which is called encapsulation) to an SDU to form a PDU and the passing of that PDU to the next lower layer as an SDU repeats until the lowest layer is reached and the data passes over some medium as a physical signal.) Given a context pertaining to a specific layer. the layers pass service data units across the interfaces. the protocol layer will add to the SDU certain data it needs to perform its function. it might add a port number to identify the application. a protocol data unit (PDU) is best understood in relation to a service data unit (SDU). passing data chunks over multiple connected networks is done by the network layer and delivery of the data to the right software application at the destination is done by the transport layer. plus the original service data unit from the higher layer. the PDU is passed to the peer using services of the next lower layer in the protocol "stack". 2. In a layered system. When the PDU passes over the interface from the layer that constructed it to the layer that merely delivers it (and therefore does not understand its internal structure). or "peer". is done by the physical layer. Unless we have already arrived at the lowest (physical) layer. undertaking to get it to the same interface at the destination. The features or services of the network are implemented in distinct "layers". fiber. it becomes a service data unit to that layer. For example. The Layer 1 (Physical Layer) PDU is the bit The Layer 2 (Data Link Layer) PDU is the frame The Layer 3 (Network Layer) PDU is the packet The Layer 4 (Transport Layer) PDU is the segment (e.Protocol data unit 162 Protocol data unit In telecommunications. PDU is sometimes used as a synonym for its representation at that layer. sending ones and zeros across a wire. address information. a code to identify the type of data in the packet and error-checking information. etc. Information that is delivered as a unit among peer entities of a network and that may contain control information. 4. a unit of data which is specified in a protocol of a given layer and which consists of protocol-control information and possibly user data of that layer. decide if it is error-free and where to send it next. organizing the ones and zeros into chunks of data and getting them safely to the right place on the wire is done by the data link layer. TCP segment) (Layer 5 and above are referred to as data. but the lower layer at the interface does not. The significance of this is that the PDU is the structured information that is passed to a matching protocol layer further along on the data's journey that allows the layer to deliver its intended function or service.g. For example. 2. Between the layers (and between the application and the top-most layer). Packet-switched data networks In the context of packet-switched data networks. The matching layer. 3. etc. The application or higher layer understands the structure of the data in the SDU. .

and the crate is labelled with the region to which all the bags are to be sent. The sending post office might look only at the post code and place the letter in a mail bag so that the address on the envelope can no longer MAC layer PDU becomes physical layer SDU be seen. gov/ fs-1037/ fs-1037c. emerges. making it now an SDU. until it is combined with other bags in a crate.de/faq/archiv/osi-protocols/msg00000. When the crate reaches the destination matching its label. making the crate a PDU. 163 References [1] This article incorporates public domain material from the General Services Administration document "Federal Standard 1037C" (http:/ / www. External links • comp. When the addressee finally opens the envelope. the letter itself. bldrdoc. its. the top-level SDU. The letters themselves are SDUs when the bags are opened but become PDUs when the address is read for final delivery. when it is now an SDU.protocols. it is opened and the bags (SDUs) removed only to become PDUs when someone reads the code of the destination post office.uni-giessen. The mail bag is labelled with the destination post code and so becomes a PDU.iso FAQ (http://www.html) (search for "PDU") . htm).Protocol data unit The above process can be likened to the mail system in which a letter (SDU) is placed in an envelope on which is written an address (addressing and control information) making it a PDU.

This is the basic idea of the detection algorithm of Robust RED (RRED).. usually utilized for access to a packet-switched broadband IP network. a packet is dropped).T1. Tmax = max(f. they are not examples of it. The basic idea behind the RRED is to detect and filter out attack packets before a normal RED algorithm is applied to incoming flows. Whilst there are several technologies that are superficially similar to the PSDN. Tmax+T*] then 04 reduce local indicator by 1 for each bin corresponding to f 05 else . mostly used to provide leased-line connections between local area networks and the Internet using permanent virtual circuits (PVCs). such as Integrated Services Digital Network (ISDN) and the Digital Subscriber Line (DSL) technologies. T* is a short time period. Today. the sender will delay sending new packets if loss is detected (e. GPRS. RRED-ENQUE(pkt) 01 f←RRED-FLOWHASH(pkt) 02 Tmax←MAX(Flow[f].arrivaltime is within [Tmax. which is empirically choose to be 10ms in a default RRED algorithm.[1] A Robust RED (RRED) algorithm was proposed to improve the TCP throughput against LDoS attacks. Consequently.T1 is the arrival time of the last packet from flow f that is dropped by the detection and filter block.[1] The Design of Robust RED (RRED) A detection and filter block is added in front of a regular RED block on a router.g. distinct from the PSTN. an X. Within a benign TCP flow. How to distinguish an attacking packet from normal TCP packets is critical in the RRED design. and DSL uses point-to-point circuit switching communications overlaid on the PSTN local loop (copper wires). especially the Low-rate Denial-of-Service [4] (LDoS) attacks. Originally this term referred only to Packet Switch Stream (PSS). The basic idea behind the RRED is to detect and filter out LDoS attack packets from incoming flows before they feed to the RED algorithm. but also to Internet Protocol (IP). ISDN utilizes the PSTN circuit-switched network. and other packet-switching techniques. RRED algorithm can significantly improve the performance of TCP under Low-rate Denial of Service attacks. a packet is suspected to be an attacking packet if it is sent within a short-range after a packet is dropped. Experiments have confirmed that the existing RED-like algorithms are notably vulnerable under LDoS attacks due to the oscillating TCP queue size caused by the attacks. More Details [4] The Algorithm of the Robust RED (RRED) f.25-based packet-switched network. T2).Public switched data network 164 Public switched data network A public switched data network (PSDN) is a publicly-available packet-switched network. T2) 03 if pkt. the term may refer not only to Frame Relay and Asynchronous Transfer Mode (ATM). both providing PVCs.T1. Robust random early detection The existing Random Early Detection (RED) algorithm and its variants are found vulnerable to emerging attacks. T2 is the arrival time of the last packet from any flow that is dropped by the Random Early Detection block.

Low-rate DoS. etc.arrivaltime else Flow[f]. etc. IEEE Communications Letters.T1←pkt. com/ site/ cwzhangres/ home/ posts/ recentpublicationsinrandomearlydetectionredschemes .).arrivaltime drop(pkt) return 165 More Details [4] The Simulation code of the Robust RED (RRED) The simulation code of the RRED algorithm is published as an Active Queue Management and Denial-of-Service (AQM&DoS) Simulation Platform. ieee.I←maximum of local indicators from bins of f if Flow[f]. google. google. It automatically calculate and record the average throughput of normal TCP flows before and after DoS attacks to facilitate the analysis of the impact of DoS attacks on normal TCP flows and AQM algorithms. pdf?attredirects=0). pp. 14. com/ site/ cwzhangres/ home/ files/ RREDRobustREDAlgorithmtoCounterLow-rateDenial-of-ServiceAttacks. 489-491. The AQM&DoS Simulation Platform [3] is able to simulate a variety of DoS attacks (Distributed DoS. vol. 2010.Robust random early detection 06 07 08 09 10 11 12 13 14 15 increase local indicator by 1 for each bin of f Flow[f]. and Weifeng Chen. Jianping Yin. RRED. Ref (http:/ / ieeexplore.More Details [3] Related Publications Recent Publications in Low-rate Denial-of-Service (LDoS) attacks [12] Recent Publications in Random Early Detection (RED) schemes [2] Recent Publications in Active Queue Management (AQM) schemes [1] References [1] Changwang Zhang. org/ xpl/ freeabs_all.I >=0 then RED-ENQUE(pkt) //pass pkt to the RED block if RED drops pkt then T2←pkt.) and Active Queue Management (AQM) algorithms (RED. Spoofing DoS. jsp?arnumber=5456075) [2] http:/ / sites. Zhiping Cai. SFB. RRED: Robust RED Algorithm to Counter Low-rate Denial-of-Service Attacks (http:/ / sites.

Microsoft silently limited Winsock's raw socket support in a non-removable hotfix and offered no further support or workarounds for applications that used them.pm) Created by Sergey Kolychev (http://www. bypassing all encapsulation in the networking software of the operating system. • SOCK_RAW Demystified: article describing inner workings of Raw Sockets (http://sock-raw. Three years after the Windows XP release.org/papers/ sock_raw) .msdn. a raw socket is a socket that allows direct sending and receiving of network packets by applications. the media criticized Microsoft asserting that raw sockets are only of use to hackers to perform TCP reset attacks. the automatic addition of a header may be a configurable option of the socket.1/RawIP.lg.ic. • Network Programming for Microsoft Windows (ISBN 0-7356-1579-9) • A little more info on raw sockets and Windows XP SP2 .Michael Howard's Web Log (http://blogs.ua/~ksv/). Most socket application programming interfaces (APIs).al. When transmitting packets.html) • Net::RawIP. (http://search. support raw sockets.Raw socket 166 Raw socket In computer networking. Windows XP When Microsoft released Windows XP in 2001 with raw socket support implemented in the Winsock interface. as opposed to standard sockets which receive just the packet payload without headers. org/ nmap-hackers/ 2005/ 4) External links • Video Tutorials on Programming with Raw Sockets (http://security-freak.net/raw-sockets/raw-sockets.[1] References [1] Microsoft Tightens the Noose on Raw Sockets (http:/ / seclists. Usually raw sockets receive packets inclusive of the header. especially those based on Berkeley sockets. module for Perl applications.org/~skolychev/Net-RawIP-0.aspx) an indication of what's actually allowed on Windows.com/ michael_howard/archive/2004/08/12/213611.cpan.

The packets can then be searched using SQL queries. Not only does the SQLFilter allow users to search for packets across thousands of trace files. it also loads the resulting packets directly into OmniPeek or EtherPeek. The preamble of an Ethernet frame consists of a 56-bit (7-byte) pattern of alternating 1 and 0 bits. The SFD is immediately followed by the destination MAC address. The SFD is designed to break this pattern. com/ view_submission. It has the value 10101011.SQLFilter 167 SQLFilter SQLFilter [1] is a plugin for OmniPeek that indexes packets and trace files into an SQLite database. and signal the start of the actual frame. This cuts out many of the steps usually involved in this process and dramatically shortens time to knowledge. this revolutionizes the job of finding packets. As more companies save large quantities of network traffic to disk. The packet database can also be used to build multi-tier data mining and network forensics systems. html Start Frame Delimiter The Start Frame Delimiter (SFD) is the 8-bit (1-byte) value marking the end of the preamble of an Ethernet frame. The matching packets are loaded directly into OmniPeek and analyzed. wildpackets. For a more indepth discussion of the SQLFilter read Packet Data Mining and Network Forensics [2] . . For network trouble shooters. which allows devices on the network to easily detect a new incoming frame. References [1] https:/ / mypeek. com/ 2009/ 01/ network-forensics. tools like the WildPackets SQLFilter make it possible to search through packet data more efficiently. wildpackets. php?id=33 [2] http:/ / blog. and time to fix.

Comparison with static TDM Time domain statistical multiplexing (packet mode communication) is similar to time-division multiplexing (TDM). very similar to dynamic bandwidth allocation (DBA). statistical multiplexing can provide a link utilization improvement. The transmission capacity of the link will be shared by only those users who have packets. where different amount of spreading codes or spreading factors can be assigned to different users. the packets may be delivered according to some scheduling discipline for fair queuing or differentiated and/or guaranteed quality of service. is also facilitated through the following schemes: • Random frequency-hopping orthogonal frequency division multiple access (RFH-OFDMA) • Code-division multiple access (CDMA). Alternatively. while statistical multiplexing is carried out at the data link layer and above. audio and data streams of different data rates to be transmitted over a bandwidth-limited channel (see #Statistical multiplexer). Statistical multiplexing is facilitated through packet mode or packet oriented communication. The channel number is denoted Program ID (PID). The port numbers constitute channel identification numbers (and also . where data streams from several application processes are multiplexed together. This is an alternative to creating a fixed sharing of a link. except that. The packets have constant lengths. each data stream is assigned time slots (of fixed length) or data frames (of variable lengths) that often appear to be scheduled in a randomized order. Channel identification In statistical multiplexing. Statistical multiplexing is used to allow several video. Statistical multiplexing ensures that slots will not be wasted (whereas TDM can waste slots). The packets may have varying lengths. or (in the case of datagram communication) complete destination address information. which amongst others is utilized in packet switched computer networks. Statistical multiplexing schemes do not control user data transmissions. for example a wireless channel. Statistical multiplexing normally implies "on-demand" service rather than one that preallocates resources for each data stream. Static TDM and other circuit switching is carried out at the physical layer in the OSI model and TCP/IP model. When performed correctly. • The UDP and TCP protocols. Usage Examples of statistical multiplexing are: • The MPEG transport stream for digital TV transmission. Statistical multiplexing of an analog channel. rather than assigning a data stream to the same recurrent time slot in every TDM frame. Statistical multiplexing allows the bandwidth to be divided arbitrarily among a variable number of channels (while the number of channels and the channel data rate are fixed in TDM). each packet or frame contains a channel/data stream identification number. such as in general time division multiplexing (TDM) and frequency division multiplexing (FDM). In statistical multiplexing.Statistical time division multiplexing 168 Statistical time division multiplexing Statistical multiplexing is a type of communication link sharing. The link sharing is adapted to the instantaneous traffic demands of the data streams that are transferred over each channel. a communication channel is divided into an arbitrary number of variable bit-rate digital channels or data streams. Each stream is divided into packets that normally are delivered asynchronously in a first-come first-serve fashion. called the statistical multiplexing gain. and experience varying delay (while the delay is fixed in TDM).

a syncword. . while other systems use ASCII armor. An example of a syncword is 0x0B77 for an AC-3 encoded stream. For example. a statistical multiplexer is a content aggregating device that allows broadcasters to provide the greatest number of audio or video services for a given bandwidth by sharing a pool of fixed bandwidth among multiple services or streams of varying bitrates. The channel identification number consists of a Virtual Connection Identifier (VCI) and a Virtual Path Identifier (VPI).25 and Frame relay packet-switching protocols. then other special characters to synchronize to the beginning of a frame of characters. For example. • The X. or start-of-header synchronization from a byte stream. Alternatives In some communication systems. CRC-based framing achieves character and start-of-header synchronization. HDLC uses bit stuffing or "octet stuffing".[1] [2] Various techniques are used to "disguise" bytes of data at the data link layer that might otherwise be (incorrectly) recognized as the sync word. where the packets have varying lengths. The bisync protocol of the 1960s used a minimum of two ASCII "SYN" characters (0x16…0x16) to achieve character synchronization in an undifferentiated bit stream. the FSK441 protocol achieves character synchronization by synchronizing on any "space" characters in the message -. 169 Statistical multiplexer In for example digital audio and video broadcasting. where the packets have fixed length. The international collection of X. The multiplexer allocates to each service the bandwidth required for its real-time needs so that services with complex scenes receive more bandwidth than services with less complex ones. • The Asynchronous Transfer Mode packet-switched protocol.25 providers.Statistical time division multiplexing address information). and the channel number is denoted Virtual Connection Identifier (VCI). External links • Example of Statistical Multiplexing [1] (Chart from a real DVB-T multiplex) References [1] http:/ / igorfuna.in effect. every "space" character in the message does double duty as a syncword.25 protocol suite was colloquially known as "the Packet switched network" in the 1980s and into the beginning of the 1990s. a receiver can achieve character synchronization from an undifferentiated bit stream. com/ dvb-t/ slovenia/ multiplex-a-usage-chart Syncword In computer networks. For example. using the X. sync character or preamble is used to synchronize a transmission by indicating the end of header information and the start of data. This bandwidth sharing technique produces the best video quality at the lowest possible aggregate bandwidth. Examples For example an audio receiver is receiving a bit stream of data. without the overhead of an explicit syncword.

it will then receive packets from the old pre-crash connection. p. Retrieved July 5. One common application is the scenario where a computer (we'll call it computer A) crashes while a TCP connection is in progress. These terms refer to a method of tampering with Internet communications. such as video clips. a syncword. in effect. 12.). Although some web pages are small enough for a single packet. "spoofed TCP reset packets" or "TCP reset attacks". Computer communications and networks (http:/ / books. Made IT. made-it. which computer should receive it. which is usually coupled with additional protocols such as TCP (Transmission Control Protocol[1] ) or UDP (User Datagram Protocol). Technical Background The Internet is. Freer (1996). called "protocols". The computer on the other end (computer B) will continue to send TCP packets since it does not know computer A has crashed. Each protocol has a block of information. preamble is a sequence of known bits are sent in each frame. TCP resets The stream of packets in a TCP connection each contains a TCP header. TCP (as opposed to other protocols such as UDP) is used with IP when a virtual connection is required between two computers. . email attachments. the packet size. and can be used to achieve character synchronization in an undifferentiated bit stream. so it might send a TCP reset to the sender of the packets . TCP reset attack TCP reset attack. This reset lets . also known as "forged TCP resets". Taylor & Francis. This system includes hardware to carry the messages. Sometimes. they are sent over TCP connections for convenience. every character is. It is used for both frame synchronization such as for Ethernet frames. com/ books?id=ye4DwILZhq0C& pg=PA12) (2nd ed. ISBN 9781857283792. The basic protocol used on the Internet is the IP protocol.Syncword In a self-synchronizing code. When computer A reboots. 2011. Headers contain information about which computer sent the packet. TCP software on the two machines which will communicate (for example a workstation with a browser and a web server) by exchanging a stream of packets. Connectivity Knowledge Platform. other times. com/ bisync. the tampering is malicious. as well as channel estimation.computer B. and discard any further packets it receives with headers indicating they belong to that connection. References [1] "BiSync.It should not send any more packets using the connections identifying numbers (called ports). A TCP reset basically kills a TCP connection instantly.. BSC" (http:/ / ckp. however if this bit is set to 1 it indicates to the receiving computer that the computer should immediately stop using the TCP connection . Each of these headers contains a bit known as the "reset" (RST) flag. When used as designed this can be a useful tool. such as copper and fiber optics cables. TCP/IP is the protocol set used for email and web browsing. in essence. it is beneficial. google. etc. . a system for individual computers to exchange electronic messages. and a formalized system for formatting the messages. [2] John R. Computer A has no context for these packets and no way of knowing what to do with them. 170 Preamble In digital communication. or packets of data. called a header. or music files. Using a TCP connection gives the computers an easy way to exchange data items too big for a single packet. html). In most packets this bit is set to 0 and has no effect. included near the front of each packet.

This started a controversy. It's possible for a 3rd computer to monitor the TCP packets on the connection. The headers in the forged packet must indicate. which could detect Comcast's forged TCP resets and distinguish them from real endpoint-generated resets. org/ ) [7] Article on validity of resets as management tool (http:/ / www. html) [3] SNORT discussion archive re: TCP resets (http:/ / www. falsely. html) [4] Section of Wikipedia Comcast article [5] Associated Press. David Farber. and the open source Snort used TCP resets to disrupt suspicious connections as early as 2003. Ironically the technology to detect the resets was developed from the earlier Open-source "Buster" software which used forged resets to block malware and ads in web pages. com/ id/ 21376597/ ) [6] NNSquad home page (http:/ / www. msn. org/ archives/ interesting-people/ 200805/ msg00163. A prototype "Buster" software package was demonstrated in 1995 that would send forged resets to any TCP connection which used port numbers in a short list. html) . ietf. Linux volunteers proposed doing something similar with Linux firewalls in 2000 [2] .[7] References [1] TCP specification (http:/ / www. not the forger. snort.From Dave Faber's IP list . Craig Newmark and other well-known founders of and champions of openness on the Internet. org/ pipermail/ netfilter/ 2000-May/ 003971. Properly formatted forged TCP resets can be a very effective way to disrupt any TCP connection the forger can monitor. Are forgeries good or bad? One obvious application of forged TCP reset is to maliciously disrupt TCP connections without the consent of the two parties which own the endpoints . that it came from an endpoint.[6] In 2008 the NNSquad released the NNSquad Network Measurement Agent. nnsquad. 171 Forging TCP resets In the scenario above the TCP reset bit was sent by a computer which was one of the connection endpoints.more on this below. and on August 21. which was followed by the creation of the Network Neutrality Squad (NNSquad) by Lauren Weinstein. Every field in the IP and TCP headers must be set to a convincing forged value for the fake reset to trick the endpoint into closing the TCP connection. This information includes the endpoint IP addresses and port numbers. The user on computer B can now try another connection or take other action. txt) [2] May 2000 Linux discussion archives (http:/ / lists. org/ rfc/ rfc0793. However. They have also argued that these resets are a legitimate way to reduce network traffic. 2008 it ordered Comcast to terminate the practice. and then send a "forged" packet containing a TCP reset to one or both endpoints. In January 2008 the FCC announced it would investigate Comcast's use of forged resets.[3] Comcast Controversy By late 2007 Comcast began using forged TCP resets to cripple peer-to-peer and certain groupware applications on their customers computers [4] [5] . a Windows software program written by John Bartas. Vint Cerf. network security systems using forged TCP resets have been designed as well. The term "forged" Some representatives of ISPs dislike the use of the term "forged" when referring to these TCP resets. netfilter.TCP reset attack computer B know that the connection is no longer working. interesting-people. Comcast Blocks Some Internet Traffic (http:/ / www. org/ archive-1-1429. msnbc.

php). These "virtual packets" allow heterogeneous networks to talk to each other using a common protocol.snort. dcs.[1] References [1] Internet Protocol (IP) (http:/ / penguin. for example.org/wp/packet-forgery-isps-report-comcast-affair) Virtual packet In computer networking. ac.org/) • EFF report on Comcast use of resets (http://www. to simulate real-world network conditions such as packet storms • Packets at any layer or sublayer (as those terms are used in. uk/ academic/ networks/ network-layer/ ip/ index.TCP reset attack 172 External links • SNORT Official website (http://www. bbk. the OSI model) above the most basic packets or frames used in a network. virtual packet may refer to: • Packets created by a packet generator.eff. part of a course on computer networking hosted by the University of London .

Dispenser. Trevc63. 1001001. Phatom87. Tom harrison. Mukis. Boothy443. Akadruid. Belazu. Reactor12. Leafyplant. Rcragun. E Wing. Vanished User 1004. Lyonspotter. Mezzaluna. Mean as custard. Davidstrauss. Brian2wood. Aavindraa. NapoliRoma.Smith. Catapult. UrSuS. TheDJ. Naugahyde. Fry140. Garywill. RadioFan. Gilabrand. DavidBlackwell. Vijaypadiyar. Hmbr. Bongomatic. Nzd. Marathi mulgaa. SimonLyall. 2technical. Rio de serionata. Astor14. RadioFan2 (usurped). Astor14. Jbromhead. Kkm010. RJHall. GayCommunist. Jim62sch. Falcorian. Brainyiscool. KelleyCook. Muhandes. Yaronf. Piano non troppo. Gilabrand. Weyes.lala. Kimchi.php?oldid=444219406  Contributors: Agurwitz. Jimmy 21mar. Jopetersen. Lpmusix. Mcingue. Shuki.wikipedia. CraigB. Tkaizan. Harryzilber. Cmr08. Metadigm. Erik. Pmitrevs. Dawnseeker2000. Molly. John. Kittoo. Jpp42. ArtiePesh. OlEnglish. BTWheeler. Chris the speller. Businessmonkey. Washburnmav. Mosquitohawk. Greenshed. Irishguy. Anon515. Fuhrmanator. Billhunt. Mellery. Uncle Dick. Perspeculum. AndrewHowse. Petri Krohn. Cjsmed. Hu12. Shoeofdeath. Deepak175. Jnc. Smmgeek. Hobartimus. Ziyadbasheer. Darklilac. Unknown W. Ivan Velikii (2006-2008).golovko. RedWolf. Alvestrand. Santuccie. Cradel. Chenxiaoqino. Prodoom. The Rambling Man. TonyW. Cmdrjameson. Mdecampo8999. Ynhockey. Idaltu. Mtruch. RHaworth. Tri400. MikeLynch. Zvar. Mpeylo. Shirt58. Ohnoitsjamie. SNIyer12.php?oldid=445444053  Contributors: Aspects. Davidstrauss. Qwerty8991. Alerante. TexasAndroid. WilliamCaban. Stardust8212. Au k. Theothertomjones. SmartGuy. Ned Scott. Jasper Deng. Zr2d2. OlEnglish.org/w/index. Berford. DrachenFyre. Gmaxwell. Everyking. Zodon.org/w/index. Corvus cornix. Noir. 143 . For Loop. Kparisot. Bomazi. DaveBurstein. Maytran999. Mrmclean. YoavD. Plausible to deny. Astralblue. Ptwopdude. MartinHagberg. 6 anonymous edits Radware  Source: http://en. HamburgerRadio. 16@r. Plasticup. Kgrr. Surfingslovak. Moheed. TerrierHockey. Harumphy. Hasek is the best. Stavrinov. Lctech. Frecklefoot. Gavint0. Xyzzy288. Quigley. Robocoder.wikipedia. Gaius Cornelius. Sprinter76. Emersoni.org/w/index. Edgarde. MER-C. Mattyinwisconsin. Tasmanian56. ExplicitImplicity. Chris the speller. DerHexer. Tnash7d. Bewert. Shoone. Gwernol. Tregoweth. DMCer. G33k-3d1t. Nybubba. Haywire. WJetChao. BalkanFever. Ed Poor. Shadowjams. Jvcdude. PigFlu Oink. Center4499. Meldodd. Ernestvoice. Courtarro. Epolk. Smallfixer. Mr. Algotr. Jevansen. Sravisha. Andreas Kaufmann. Nathan. Beland. Alduhayman. Teraknor. Olivier. Travelbird. Niggurath. Mr. Solarisworld. Epbr123. Kinu. Guy Harris.nakul. Pursey. Jacklyne Hamilton. Davis. Agasta. JetBlast. Tomdo08. JosephBarillari. SDC. Brianhe. Capricorn42. Kamath. Kbdank71. Phillip Tyre. MrHat1065. OCTANE95. Mitchoyoshitaka. Piarres. Nthep. Langloisgroup. Teles.. Nuance13x. Biker Biker. CarolGray. BaRiMzI. Harryboyles. Caliper. Agencius. Visiting1. Austinmurphy. Treekids. Darth Panda. EmbeddedBSL. Junkware. Kozuch. Secretlondon. Ark25. Filterbob. Jim.org/w/index. Mcingue1. Mar Garina. Jni. Alepik. Eagleal. N328KF. Saffrony. Dcoetzee. Muzilino. Sdaronsky. StuffOfInterest. Ksensenig. Pristino. Andareed. Jamcib. Chaitanya. Felixcatuk. Airplaneman. TheNewPhobia. Dan100. Michal Nebyla. DannyDin. Psantora. Shymian. Larry V. Shashibg. Juliancolton. Rjwilmsi. Eugman. Monkeyman. 1exec1. Sceptre. Sbfw. PacketDude. Lemento. NiZhiDao. Kelvingeorge. Pathgrant. Coolian. Anetode. GreenJoe. Cooldeep. Tascha96. Aesalon. Ckt2packet. R. Lightmouse. Hu12. Coolcaesar. Hu12. Mikepelley. RockMFR. Vhann. JeffJonez. Brentyoung. Howardtheroarke. Machismo500. John Hyams. Nubiatech. Towel401. Wizardman. Cwolfsheep.php?oldid=442297051  Contributors: Admanonline. Katous1978. 999mal. Callidior.wikipedia. Ha us 70. Boism. Dinu. CliffC. Pooua. Ironholds. Eros.sg. Jesant13. Chulk90. Aymatth2. Squids and Chips. Bunni25. XSTRIKEx6864. ManosFate. Ta bu shi da yu. Stevebrigden. Pedant17. Ahunt. Polly. Sephiroth storm. Koavf. Qwertythecat. Kll. Ptwopdude. Nikolas Karalis. Sigma 7. Tjpayne. Zuras 538. SasiSasi. Rob1974. Selene 372. Dot-per-inch. Colonies Chris. Shervinafshar. The Anome. Imperi. Mmernex. Rsecker. Looxix. Pabouk. Fang Aili. Instantnood. Onoes. Mlluis. SaratogaH. Zedla. DutchTreat. Ethyr. Rabhyanker. Mariguzm. Klapouchy. Kate. Edcolins. Jessica Schieve. Scieberking. Baeksu. Rjwilmsi. Oli Filth. FlashSheridan. Rick Sidwell. KevinJones. Charlemagne11. Chrisn4255. Colonies Chris. JonHarder. Black206. Raanoo. Oo64eva. Frap. Favonian. Avaneendra. Edgar Waingortin.org/w/index. Adambro. Humphrey Churchill. InShaneee. Steven312. Superjordo. Ronambiar. Jesse Viviano. Ixfd64. Kirill Lokshin. Alecv. Kaplanmyrth. Nihiltres. Tedder. Gwernol. Rossumcapek. Thorprime. TachyonJack.henderson. Vespristiano. Kurauchi. Mjlodge. CaptainMorgan. CrypticBacon. Sbowers3. Qviri. Mt7. YUL89YYZ. Ash1932. The wub. Nzd. WadeSimMiser. SteveSims. Tachitsuteto.matthews. XKL.wikipedia. Rwcgroup. Iridescent. Mailer diablo. Hardikp12. Doretel. Mole2386. Dman727. EagleOne. @pple. Kubigula. HybRiDx24. Gsarwa. Namekatak. Frap. Moulding. Znx. Sophie.wikipedia. Scarpy. Pandich.php?oldid=446742035  Contributors: A.org/w/index. HamburgerRadio. AlfredWalsh. Alpha Quadrant. Rjwilmsi. Mineralè. CesarB. KansasCity. Bender235. Abhinvanand. Ailanto. NPatrick6. Mtmatt. Bpringlemeir. Brooke6969. Bleakcomb. Levineps. Rhsimard. LemonairePaides. SamJohnston. Cotisocetinoiu. Guy Harris. Bumm13. Shinson. Jbyers. Sophus Bie. KnowledgeOfSelf. Typhoon. 1 anonymous edits Labris Teknoloji  Source: http://en. Storytellershrink. Aspenjazz. Zeroday. Oroso. Luna Santin. Thepangelinanpost. JYOuyang. Robguru. Ranumao. D6. Neelix. Minesweeper. Marokwitz. Cybercobra. Caltas. Emadido. Bongwarrior. Tonkie67. Wadamja. Scott McNay. LesPoiEs. Shawnc. Danhm. Phil Urich. Tide rolls. Fatla00. Guyanakoolaid. Mosquitohawk. Van helsing. Cdc. Tinton5. Terrybader. Tqbf. Jdfirth. Erkan Yilmaz. Sig0. Togaaltos1. S51438. Astor14. Calltech. Pde. Goochelaar. Nonomy. Moe Epsilon. Labarnah. Biot. Flashcube. Apple17cm. Senzhang. DaRaeMan. SusanLesch.wikipedia. Hydraton31. Dragonnas. Jerryseinfeld. Firefighter Dog. DocWatson42. Rednblu. GavLewis. Yonatan. Venus 9274. Woohookitty. Mbell. Tinton5. Ttonyb1. Theaveng. Swellesley. Alsee.php?oldid=434934453  Contributors: AmySi41. Telecart. Sayden. Vikipedi. THEN WHO WAS PHONE?. Kgrr. EagleFan. 31 anonymous edits NebuAd  Source: http://en. Gail. Annirak. Alansohn.wikipedia. Gaius Cornelius. Hmains. Exobyte. Anthony71. Meehawl. Wikidemon. Altenmann. Nei1. Vsync. BendersGame. Factcheckrz. Bookbrad. 117 anonymous edits Allot Communications  Source: http://en. Informationh0b0. Y. Ferdiaob. Bill. Kirklander. EXTremY. Alison9. RandallJones. JohnnyBGood. Ninja247. Gordon Ecker. Funchords. Whisky drinker. Alex91dml. Amandeep 11. John K. Lamro. Zidoc. One. Papa9090. Homestarmy. Derickmoore. Hmains. PaulHanson. Tycoon24. FranzMeister. UncleDouggie. Cheemais. Admanonline. Kandsten. Hax0rw4ng. Ground Zero.php?oldid=425301933  Contributors: Azumanga1. KnowledgeOfSelf. Betacommand. Bovineone. Djeikyb. Raul654. PaulHanson. Philip Trueman. Tomlzz1. RexNL. Shanes. Jadams76. Paperclip777. ArnoldReinhold. Mattsday. JLaTondre. UU. Andy Marchbanks. True Pagan Warrior. Mahewa. Beto. CliffC. Verified360. Keesiewonder. Mild Bill Hiccup. Tintenfischlein. Krystalin 8159. 42 anonymous edits Sandvine  Source: http://en. Netwrecked. Elenabrown. Iridescent. 33 anonymous edits Network intelligence  Source: http://en. Kizor. Jlemos35.larsson. Piano non troppo. Dav92178. Common Man. Simslover.php?oldid=448514851  Contributors: 007007wiki. GraemeL. Goltz20707. Winchelsea. BD2412. Esrever. Bluemoose. Doctaweeks. Sherool. Dragomiloff. Mr. Rubyyasmin. 3 anonymous edits Narus (company)  Source: http://en. Catapult. Bearcat. Xrgtn. SomniOne. Srijith2007q.php?oldid=419184275  Contributors: Alexanderrock. Amitnme. SimonMackay. Therealcolletepierre.org/w/index. Rettetast. Everyking. Djaydem66. Naddy. Bevo. Dchapes. Behildeb. Truthcommission. Adrian. 972 anonymous edits Front Porch  Source: http://en. Liquid Chrome1. Jenrzzz. Csabo. Mmernex. Bobblewik. Yasakak. Scooby3. R'n'B. Storkk. Knff. DaBler. Psychlohexane. Cybercobra. 24 anonymous edits Barracuda Networks  Source: http://en. Muhgcee. Avernet. KelleyCook. Kinawi. Christopher Kraus. Uniwares. Bentogoa. Joy. Frosted14. Pdelong. Sreifa.). David. Gobonobo. Hansivers. Anna Lincoln. Macpl. Switzpaw. Dana boomer. Ejay. Cisco (With Greg). Thingg. Rrburke. BradReeseCom. Rupertb. Kim Rubin. Veinor. Jcraft50. Mitchdeweber. RamapoJohn. AntiVanMan. Apankrat. Jcharr. Alvarossjunior. Mandarax. Evildeathmath. JonJuan. Tiredmain. Lbelkind. Malepheasant. Jay. Xcentaur. Rutruth. Opelio. J04n. Edgar181. Blowfish.srinivaas. Zabby1982. SaxicolousOne. 82 anonymous edits Check Point  Source: http://en. Frap.moyal. Jpbowen. Liquidsnakejr. Rich Farmbrough.moyal. Lightmouse. Kwiki. Jrdioko. Guy Harris.org/w/index. Jwojdylo. Joseanda1006. Eric Klein. Ryker. Bsdguru. WurmWoode. Kuru. DJOMaul. Jerrycho13.Article Sources and Contributors 173 Article Sources and Contributors Deep packet inspection  Source: http://en. Sietse Snel. Rossami. Chris the speller. Jeff G. Elphion. Paradoxicalengineer. Randirocks37.bar. Michael Hardy. Pip2andahalf. Huiguo01. Agrechin. Acdx.org/w/index. B Pete. Richard Arthur Norton (1958. This user has left wikipedia. Marcus Brute. Barri. Ipsla.wikipedia. Zidane2k1. OrgasGirl. M2petite. Red Thrush. Ahbond. Pmsyyz. Cipher 107. Cisco crisco. Lloyd Wood. Akula4211. Powell1605. JamesAM. Sherryp22. Nealmcb. JHunterJ. Lboulton.php?oldid=440883331  Contributors: Alansohn. Truthdowser. JamesBWatson. Qwyrxian. CastAStone. Tombomp. Sdaman. Kgrr. A Man In Black. Moskovich. DMG413. R'n'B. Apankrat. Trutkowski. JLaTondre. Zigforjustice. Riick. Astor14. Voidvector. Dstivers. Jrtayloriv. Chkptone. The Thing That Should Not Be. Nina1995. Mwanner. Isonomia. Wprlh. 128 anonymous edits . Uncle G. Rcawsey. Eustress. Iztoku. Beebux. Woodshed. Tomich. Chowbok. Parrot. John Hyams. Quadra630. Brackets. Hairy Dude. Sonar610. Ceyockey. Frickeg. Postoak. Danroa. Specious. Kitch. Mrmodine. Amcl. Kateshortforbob. Rjwilmsi. Mehudson1. Tagishsimon. Manoj-jaiswar. HD999. Peipei. Shortride. The wub. Robina Fox. AlexeyV. FT2. Vitor Mazuco. Scnash. Katana0182. Spikehall1234. Yaronf. WikiDan61. ProjectmanagerCHKP. Amilator. Dawnseeker2000. Winheinhtut. Uosdwis. Wikipodium. Merope. DDerby. Downwards. Urbanrenewal. Mentallo 477. Ehudshapira. Dflasker. Matilda. B Pete. TimQuinn. MrChrome. EdJohnston. Melcombe.wikipedia. Blaxthos. Brholden. Aeons. Mehudson1. Cheung1303. Daveswagon. Madchester. Bluedisk. Kelly Martin. Edward. GNMC. Jalal0. Drughwan. Elenap221. Brianhe. Spoonboy42. Squirrelist. Notquiteleet. GregorB. Mikeblas.php?oldid=441907094  Contributors: A Doon. Noq. Mentifisto. Bobo192. Rsb7. Eiscosogin. Ckatz.org/w/index. Jamcib. Rjwilmsi. Minimavus. JonHarder. John. Agentbla. Kai-Hendrik. JonHarder. Singularity. Crusio. Vlad. Yngvarr. KiloByte. PAStheLoD. Mitensampat. Nehle. Seevinayin. Cdowninge. Qxz. Aristanet. Lostforwords. Apohran. Petrinarobins. KD5TVI. TaborL. Spearhead.php?oldid=447837259  Contributors: Aaron Rotenberg. Ftpaddict. Barrylb. Nishith Nand. Kyleflaherty. Mozart20d. Nikai. Eastofethan. Rocastelo. MARQUIS111. Swliv. Red Thrush. Evrik. Ronpeled. AliveFreeHappy. Hollaback22. Surv1v4l1st. Trbdavies. Rcawsey. Stepheng3. Mr. Romney yw. Viewfinder. Woohookitty. Kwsn. Tompsci. Jeffhane100. Drmies. Ilyasali khan. CecilWard. Krypticmind. Gogo Dodo. Slashme. Dr unix. Madhero88. West London Dweller. Mezigue. Lightmouse. Gutenbergj. Takerman. Woohookitty. CanisRufus. WhisperToMe. Chrisc8266. Pylori.org/w/index. Mjpresson. Amanfbd2002. Geofones. Aecis. Deineka.wikipedia. SMC. N5iln. Hellion 468. Rjwilmsi. Papajohnin. Dgtsyb. Ohconfucius. Presidentman. Fastilysock. Ryan0. Pearle. Johnpseudo. Phil Holmes. YUL89YYZ. Janegca. Soumyasch. Music Sorter. Ebizdaniel. Xnatedawgx.wikipedia. Hblackhawks. Giraffedata.php?oldid=396395157  Contributors: Bsimonis. Phaldo. Thogan.‫טרול רפאים‬ anonymous edits Cisco Systems  Source: http://en. Giraffedata.org/w/index. Funchords. Ashishkapahi. SirGrant. Malepheasant. Christopher Kraus. Winton. Numberonegenius. Phatom87. Arletty75. Vegaswikian. Chrisdab. BioPupil. ChrisRuvolo. Codwiki. Aluvus. Iridescent. WeisheitSuchen. Aaronproot. Sandspur1966. Thumperward. Casablanca2000in. Prolog. Jeffcrews. Y. Ryan Roos. Martin451. Trangana.moyal. Tinucherian. MementoVivere. Winston earl smith. Kigali1. O1001010. NeilN. Jiddisch. Umers90. Alansohn. 0x6D667061. Merzbow.wikipedia. King Lopez. DaveB549. Rhopkins8. Sjc07. UnitedStatesian. RJFJR. Aldie. Bunnyhop11. Aymatth2. Routergod. Ugilad. Fredrik. Zmiller923. ZimZalaBim. Mgurunathan. Axiome2. Versus22. Curps. Plasticup. Sam Hocevar. GoingBatty. QEDquid.

Cmdrjameson. Discospinster.wikipedia. Connormah. Pyrop. Edward.wikipedia. Brholden. Kyonmelg. Backpackadam. Intgr. Anclation. Glenn. Useight. John254. Joris. Vivio Testarossa. Shyamjithgift. Kyonmelg.php?oldid=409262059  Contributors: Alansohn. Nbarbettini. Emersoni. Michael Hardy. Bissinger. Kvng. Unaizu. Fantasy.henderson. Blahu77. 4twenty42o. Perry Bebbington. Iridescent. D o z y. Martin451. Graphitesmoothie. Unforgettableid. PaulHanson.php?oldid=354091201  Contributors: Adoniscik. Casey Abell. CesarB. Random user 39849958. Hqb. Splash. Bswilson. Angr. Calabraxthis. Fang Aili. Guy Harris. 8 anonymous edits Black hole (networking)  Source: http://en. CanisRufus. Jrcla2. Vaquerito.wikipedia.wikipedia. Richie SWFC. Remuel. Haichen12. Widefox. Sadads. Robert K S.org/w/index. Red Director. Alfrodull. Paul Weaver. Stefano85. 9 anonymous edits Cisco Express Forwarding  Source: http://en. Beezhive. Antandrus. IronGargoyle. Rettetast. Nurcanyilmaz. Dcoetzee. Copsewood. QTCaptain. EdH. Ews23. CarlHewitt. Maximus Rex. Scarian. BrainyBroad. Bryon575. Mange01.org/w/index. Eastlaw. 6 anonymous edits Broadcasting (computing)  Source: http://en. The Nut.. Benjaminmin. Joy.wikipedia. Dondegroovily. W Nowicki. Joel7687. 28 anonymous edits Deterministic jitter  Source: http://en. SueHay. Thomascjackson. Francs2000. Crakkpot. The Anome. Intgr. clown will eat me. Peaceray. Wilhelmina Will Data-dependent jitter  Source: http://en. Flewis. Duncan. Milan Keršláger. LachlanA. Rich Farmbrough. Karl Dickman. Eyrian. Alphachimp. Ale jrb. JonHarder.wikipedia.php?oldid=448568520  Contributors: !Darkfire!6'28'14. Bkonrad. Triwbe.php?oldid=398953190  Contributors: Dthomsen8. AlistairMcMillan. Karstbj.php?oldid=332546973  Contributors: Alerante. Ayla. Eyreland. Foobaz. Linuxbeak. Pboyd04. Pgautier-neuze. Robert K S. Hooperbloob.doom. AlephGamma. Ian Yorston. Woohookitty Theta Networks  Source: http://en. Addihockey10. Bobo The Ninja. Tohd8BohaithuGh1. The Anome. Capi. Guy Harris. 1 anonymous edits Datagram  Source: http://en. P. Rick Burns. R'n'B.org/w/index. Pig de Wig. Chrisdab.php?oldid=425344853  Contributors: CactusWriter. Apy886. Gronky. Captain-tucker. Ahoerstemeier. Avicennasis. Anna Lincoln. Aitias. VirulentIdeas. Badgernet. Roofbird. Borgx. Cryptosmith. 2 anonymous edits Network packet  Source: http://en. Park3r. Easyas12c. clown will eat me. Neutrality. Tillman. Intgr. Interbay. Jim. RoyBoy. TheParanoidOne. ZeroOne. South Philly. Heron. JonHarder. Hadal.wikipedia. RazorICE. Masterknighted.org/w/index. R.php?oldid=437684258  Contributors: Adoniscik. W163. Chetvorno. Alvestrand. Rich Farmbrough. Jpbowen. Aejr120. Valentinejoesmith. 18 anonymous edits Viaedge  Source: http://en. Ixfd64. RichardVeryard. Coconuts. Etacar11. Cheatochris13. Ucla90024. Avono.org/w/index. 123Hedgehog456. 5 anonymous edits Donald Davies  Source: http://en. Genetikayos. Daichinger. Bender235. Daniel farrell. Nurasko. Dixonjohnpaul. Harmil. Pb30. Wireless friend. Ocram. Gascreed. Cellspark. Dante Alighieri. Alan216. CecilWard. Beno1000. Jm34harvey. Giftlite.org/w/index. G7huiben. Warrickball. Mlewis000. SimonP. Asqueella. BananaFiend. Brianga. Manuel Anastácio.wikipedia. Icey. TravisTX. Kbrose. Phatmonkey.php?oldid=433421226  Contributors: A. Soldier.php?oldid=445291190  Contributors: AdjustShift. JeffBurdges. Mozzerati.php?oldid=439892905  Contributors: Ankur19852007. GcSwRhIc. Graham87. Twobells. Thepulse2007. Booster4324. Rajah. Kbdank71. YUL89YYZ. Boscobiscotti. Unyoyega. Sdedeo.henderson. Timrem. Timotheus Canens. Mongolmax. Sgeo.henderson. Tombrend. Incnis Mrsi. Porturology. Jamesd. Collin. Black Kite. Learjeff. Bryan Derksen. C:Amie. Mleoking.wikipedia. Taemyr.php?oldid=447898830  Contributors: Aaronthepro. Michael Snow. Alexius08. B. InfoElfiq. Carltonh. The Anome.org/w/index. Hadal. Ebraminio. Smohideen2000. Wik. All Hallow's Wraith.org/w/index. Pearle. Alex Middleton.sarcasm.wikipedia. Ryan Roos.benko. Middayexpress. Glamourtree. Retran. Ibarrere. Jcmcclurg. Bucketsofg. Rror. Gonzopancho. Henk. Jesse Viviano. Losthighway. Andem. Sinisterjim. Rdmoore6. Mysidia. Jscroggin. Kbrose. Acrosser. Storkk. Ched Davis. Mboverload. Can't sleep.org/w/index. Amirpak 86. Capricorn42. PaulHanson. Rsduhamel. Edaelon. Remarks999. Mhkay. W163. Anthony Appleyard. N5iln. B Pete. Frap. Alansohn. Chuck369. Zondor. Osu-mike. Kwi.dai. Retired username. OverlordQ. Golddragon24. Erkan Yilmaz. Lotje. Toffile. Adoniscik. J0lt C0la. RunBAMrunfaster. Bazsi. Marasmusine. P1h3r1e3d13. Cryptic C62. 9Nak. Bigbluefish. Black Falcon. Wrs1864. Stevenmyan Dynamic Packet Transport  Source: http://en. Aeon1006. M4gnum0n. Nikola Smolenski.wikipedia. Dimadick. Motyka. Lockley.Article Sources and Contributors SonicWALL  Source: http://en.org/w/index.php?oldid=332546963  Contributors: Babbage. Zginder.Hull. ImGz. SocratesJedi. JordoCo. Leafyplant.wikipedia. Abaddon314159. Darth Panda. Foaly19. Petr Kopač. Olivier Debre. Cburnett. Лев Дубовой. R Calvete. CliffC.php?oldid=438289667  Contributors: Alan Liefting. EdH. DataWraith. Altzinn. Yuriz. Phani96.org/w/index. Andrei Stroe. Janziff. La goutte de pluie.of. Kvng.org. 7 anonymous edits Catenet  Source: http://en. Helix84.wikipedia. Barakw. Chun-hian. Kvng. JonHarder. 1 anonymous edits Fast packet switching  Source: http://en. Eric Klein. Ryan Postlethwaite. SymlynX. JMiall. Owen.org/w/index. Teles. Wihwang. Nmacu. Jim. Adrian. Paintman. Chzz. Shaw. Jiraffe. Greswik. Stepheng3. Dawynn. Apparition11. Mro. Cffrost. Dcoetzee. Peter Ellis. Vulturell. Rameshbabu.php?oldid=444144130  Contributors: Alan Liefting. Jengelh. Torla42. JonHarder. Mithaca. CoolingGibbon. 5 anonymous edits Cut-through switching  Source: http://en. 23 anonymous edits Business Control Layer  Source: http://en. Mindmatrix. Phatom87. Boomshadow. Obvious.wikipedia. Cxxl. The wub. Jnc. Mr Sheep Measham. GoingBatty. KennethJ. Jkl. Vipinhari.php?oldid=332547061  Contributors: 1exec1.php?oldid=442910119  Contributors: 2doorsdown.php?oldid=434903517  Contributors: Alinja.php?oldid=447766851  Contributors: Bearcat. Phatom87. Bluebusy. Oicumayberight. Incnis Mrsi. Robofish. Jeffq. Kbrose.muller.henderson. Steven.org/w/index. Berford. HereToHelp. Corpx. HupHollandHup. Aviv007. Crystallina.php?oldid=440433412  Contributors: Bearcat.wikipedia. Albedo. Jim. Djg2006. Timan123. Sgeo. Edward Z. DaveBurstein. Beetstra. Sreeji. ConradPino. Borgx. GoingBatty. Donreed.Fred. Torla42. Jeck. 134 anonymous edits Stonesoft Corporation  Source: http://en. Jim. Lethe. Edward. CesarB. Mirv. Woohookitty. Jnc. Lerdsuwa. Leif. Michael Devore.wikipedia.Harris. Bugkarma. JonHarder. Jec. C. Jim. Deb.g. Networkengine. Chrisdab.org/w/index. Jcy1978. PaulWay. Eraserhead1. Eric Shalov. Fernvale. Toon05. Rjgodoy. Dream of Goats. Moonraker12. The wub. Trasz. Can't sleep. Elfguy. SDC. 7 anonymous edits Paul Baran  Source: http://en. Hmains. YellowMonkey. Jec. Bobo192. FruitMonkey. Cit helper. Ash. Kazfernandes. Glenn. Huon. Zack. Suruena. R6144. Arakunem. Sarath02. 19 anonymous edits Blue (queue management algorithm)  Source: http://en. 174 . Shaddack. Jrcla2. JECompton. W Nowicki. Whywhenwhohow. Chriswaterguy. Mintleaf. Nbilogorskiy. Nagy. Uncle Dick.wikipedia. Yang. Kbh3rd. Nbirkel. KConWiki. The Thing That Should Not Be. Kgrr. S. Hairy Dude. Wine Guy. Bkil. Maradine. Bryan Derksen. Johnuniq.wikipedia. Crystallina. The Anome Chernobyl packet  Source: http://en. 9 anonymous edits Firewall (computing)  Source: http://en. Craiglew1508.org/w/index. Reliablesources. Jeff Paine. Kbrose. CarlHewitt. Discospinster. JLaTondre. 4 anonymous edits Christmas tree packet  Source: http://en. Derbeth. Timneu22. D6. Ketiltrout.org/w/index.org/w/index. Schusch. Mike Rosoft. Yuriybrisk.wikipedia. Ameliorate!. AmiDaniel. Bencejoful. TheKoG. Lewisoaten. Storkk. RickK.php?oldid=435868393  Contributors: Addshore. Takamaxa. Biot. Timrollpickering. Closedmouth. C'est moi. Zacharyjos. Rich Farmbrough. Koavf. Johnshepler. Maniamin. CrescentCaren.org/w/index.harris1.org/w/index.org/w/index. Jeh. Muhgcee. 85 anonymous edits Berkeley Packet Filter  Source: http://en. Frap. Javacat. Remuel. Dawynn. TNLNYC. Blanchardb. Manoj2009patel20dec. Msirivia. Joyous!. Ans-mo. Frehley. Capricorn42. Haseo9999. CanadianLinuxUser. Elonka. SCΛRECROW. Daicaregos.org/w/index. Jim. Jcrifasi. Jaimie Henry. Jnc. Judgesurreal777. Icairns. Simple Bob.henderson. 26 anonymous edits Data Path Acceleration Architecture (DPAA)  Source: http://en. Suruena.php?oldid=445083184  Contributors: Alvestrand. Crystallina. Michael Hardy. JMiall. Martarius.andrew. Caydel. Baccala@freesoft. Jpbowen.php?oldid=375135832  Contributors: Dpr. Frap. Devil0150. Quatloo. Nickaubert. Trevor. Flatterworld. Kbdank71. Barticus88. Mr. Hetar. 151 anonymous edits Active queue management  Source: http://en. JLM.org/w/index. Freeingmind. EagleOne. Jim. Greenshed. Studerby.wikipedia. Storkk. Nasa-verve. Philip Trueman. Hqb. DrDry55. =Josh. Rick Sidwell. Bayerischermann.wikipedia. Bband11th.NaZ. Caerwine.wikipedia. Cutter. Gary King. Lemeza Kosugi. Dawynn. Slakr.org/w/index. Bevo.wikipedia. Arastcp. Scott5114. Chris55. Edcolins. TTZnju. LeaveSleaves. Jni. Cander0000. AAriel42. D6. Marcika. Biot. Ahunt. Hectorthebat. Bearcat. Dtcdthingy.php?oldid=442321342  Contributors: Alai. Hadrianheugh.org/w/index.php?oldid=431099959  Contributors: Chowbok.pitre.org/w/index. Lawrennd. Jnc. Boleyn. M3tainfo.henderson. DSatz. 11 anonymous edits Datakit  Source: http://en. Kenny sh. 9 anonymous edits Context-based access control  Source: http://en. Svick. Blueronin. MPerel. Gordon Ecker.henderson. Cybercobra. Deineka. CharlotteWebb.org/w/index. Tassedethe. Oe2k. Cander0000. Dogaroon. EncMstr. CesarB. Goldenrowley.itian. Cantons-de-l'Est.php?oldid=441679490  Contributors: Auric. ChibaRagi. Android Mouse.php?oldid=408009017  Contributors: Cedars. Thumperward. Katharineamy. Wildwild. Srimech.wikipedia. Kubanczyk. Black Kite. Chowbok. Brownh2o. TheMoog. Slightsmile. Noorg.telnet. Mleoking. Xmm0. Latitudinarian.org/w/index. Celarnor. Bangowiki. Caerwine. Demophon.wikipedia.php?oldid=444739845  Contributors: 16@r.wikipedia. Tikiwont. Anabus.wikipedia. Roy464. West. JonHarder. Mboltz7664. Jpbowen. Pnm.

Jramsey. DavidChipman.org/w/index. Dcampbell30. JForget. Kvng.wikipedia. Niteowlneils. Wmahan. Smallgene. Dcoetzee. Accdude92. Fabioj. Goodyhusband. Weylinp.C. Zabanio. FreplySpang. December21st2012Freak. Boscobiscotti. Giftlite. Hiebert. CYD. Gardar Rurak. Ordo. Bobbis. CesarB. Phatom87. The Kinslayer. Lolsalad. Gurch. EBorisch. Wimt. JSpung. Shiro jdn. Sceptre. Xaje. Tsunanet. K001. Ciaran H. Watson Ladd. Arkrishna. BigFatBuddha. Nwk. Demonkoryu. Guitardemon666. Hairy Dude. Kjwu. Cenarium. Sysy909.. HappyCamper. Wubrgamer. Wtmitchell. Jec. Danutz. W Nowicki. Nneonneo. NeonMerlin. Kvng. The Thing That Should Not Be. Emailtonaved. VasilievVV. Gerbrant. Reguiieee. Raanoo.org/w/index. Malo. Rebel. JonHarder. Electron9. SarahKitty. Ground Zero. Simetrical. Fulizer. Rp751786. Qrsdogg. Cybjit. Hugger and kisser. Object01. Ham Pastrami. Chenzw. Prari. Paul. Indefatigable. Yik Lin Khoo. Grammarmonger. Wrs1864. Kbrose. Biot. Verfee. E Wing. Kubanczyk. Bobo192. Bvavasseur. Djdancy. Kvladiko. Casablanca2000in. Msebast. JZelos. Linkoman. Claude. Meaghan. Rchandra. Ilpostinouno. Nposs. MickWest. Crazysane. Cmathio. Michael Hardy. ShyShocker.wikipedia. Tad Lincoln. WikiLaurent.wikipedia.org/w/index. Netalarm. Lambtron. Siroxo. Mendaliv. Secret. Manuel Anastácio. Piet Delport. Chair Blaster. Marek69. Stuartyeates. The Anome. Jpgordon. Ifeme. Japanese Searobin. Rchandra.org/w/index. 3 anonymous edits Maximum segment size  Source: http://en. Grapht. Justin20. BeaverWithChainsaw. Sporkmonger. J. Sferrier. Mysdaao. Talyian. Dman727. DARTH SIDIOUS 2.Dunstan. Tommysander. MichaelMan64. Alksub. Ghaly. Greg Grahame. Martarius. Scientus. Rl. RainbowCrane. Tdcrone. Insanity Incarnate. Aulis Eskola. Wheely Guy. Ws227. SJP. Gdt. ENeville. Snigbrook. Disorganized 676. Kenyon. ILRainyday. Sleske. Tranzent. Lukevenegas.php?oldid=441847423  Contributors: Achilles2. JonHarder.org/w/index. Deelkar. Guoguo12. Jim. Luna Santin. Ophel. NawlinWiki. Jigesh. Shawnj99. Weylin. Jalal0. Florescent. Kvng. Nnp. Davidoff. Seano1. The Garden Gnome. Dysepsion. Rror. Wk muriithi. Lauk. Leizer. Piet Delport. Ixfd64. Hoods11. Rjwilmsi. Emmzyy. Chscholz. Schlyne. Karnesky. Materialscientist. 138 anonymous edits Jumbo frame  Source: http://en. Frecklefoot. Petzi1969. Jalara. Pinethicket. Anonymous Dissident. Deville.org/w/index. Gogo Dodo. Frap. Transcend.wikipedia. Lee Carre. Wavelength. Muhandes.org/w/index. Frap. David Haslam.fachkha. Gaiterin. Rtouret. Tjbk tjb. Yorick8080. Gogo Dodo. Josemi. Mro. Eyreland. Tide rolls. Randilyn. Batmanand. Sanfranman59. Woohookitty. Dean14. Lee Carre. Cybercobra. Twinkie Assassin.php?oldid=446854804  Contributors: Abdull. Mwanner. Luna Santin. Wyatt915. 9 anonymous edits Lag  Source: http://en. Monkeyman. MichaelGoldshteyn. Mrwojo. RoMo37. Philip Trueman. Phatom87. Soap. Joyous!. Jurgen Hissen. Cwolfsheep. Brewcrewer. Rbmcnutt. Rwessel. 8 anonymous edits Packet loss  Source: http://en. Info lover. Johnshepler. Rich Farmbrough. VernoWhitney. Sg313d. CanisRufus. Pabouk. Sensiblekid. Woohookitty. FatalError. DerHexer. Kyleflaherty. Wrs1864. Kbdank71. SGGH. Wiki Wikardo. Hamzanaqvi. Megaboz. Kinema. Storkk. NellieBly. R'n'B. Qwyrxian. KnowledgeOfSelf.8261  Source: http://en. Trevor1. Sheridp. JonHarder. Phatmonkey. Liveste. DGJM. Indefatigable.php?oldid=445711028  Contributors: 1ForTheMoney. Otisjimmy1.php?oldid=436367126  Contributors: Bobblewik. Jackrockstar. Sam Hocevar. Jaho. Thatguyflint. Petzi1969. Willy on Wheels over Ethernet. Griffenboy. Pharos. Bubbachuck. Materialscientist. Rwxrwxrwx.. Newone.batters. Josh Parris. LeonTang. NawlinWiki. Wmasterj. Tigermonkey. Can't sleep. Jeff G. OwenX. Kenyon. OlEnglish. Minnaert. Kyonmelg. TheGreatFoo. Kbrose. Kamathvasudev. Maheshkumaryadav. Kralizec!. Apshore. HarisM. Manop. Statkit1. Ju66l3r.org/w/index. Deewiant. Maxamegalon2000. Skrewz. Kizor.org/w/index. Split Infinity. Vonvon. Muheer. Jennavecia. Douggie1085. TheYmode. Wtfnoob. Crissov. Occamsrazorwit. TenOfAllTrades. Expertour.org/w/index. Rod57. The undertow. Lilac Soul. Dark Lord of the Sith. Fresheneesz. Allen3.wilton. Kandarp.delanoy. DeathByROFL. NortyNort. Kevin Saff. Davipo. Fish and karate. Jec. Discospinster. Noctibus. Akassix. XandroZ. Unschool. Od Mishehu.php?oldid=440686361  Contributors: AdmJamrep-NJITWILL. Hps@hps. Everyking. Mange01. Harkathmaker. Patrick. Dysprosia. Rafiwiki. Red Thrush. ZimZalaBim. SecPHD. TexasAndroid. OGoncho. Seba5618. Eraserhead1. El C. Random name. TheMandarin.wikipedia. Shawniverson. Gascreed. Nealmcb. Rami R. Alansohn. Mariagor. Rs2. Stevenmyan.org/w/index. KnightLago. Deville. Firefly322. Toffile. DevastatorIIC. Nihiltres. Stratadrake. Storkk. JonnyJinx.delanoy. Matt Britt. Brown. Lets Enjoy Life. Someguy1221. Tcncv. Harryboyles. Jlavepoze. Fresheneesz. Taxman.php?oldid=441693061  Contributors: Dub13. Radagast83. Heywüd. Kermesbeere.wikipedia. Jóna Þórunn. RayneZXZX.php?oldid=446204325  Contributors: A5b. Rich Farmbrough. NewEnglandYankee. JonHarder. MER-C.org/w/index. MarkRose. Intchanter. Requestion. JYOuyang. Desirsar. 8 anonymous edits Martian packet  Source: http://en. Twinxor. Woohookitty. Lee Carre. Rick Sidwell. Tellyaddict. Pielover87. Convenient ByStander.wikipedia.pande. Iune. KCinDC. Peyre. Gracefool.php?oldid=423816246  Contributors: ArtsCountyFair. DoogieConverted. Jebba.php?oldid=438815409  Contributors: Bearcat. DESiegel. Haakon. Jmprtice. Spartanhelmet. Ascánder. Cavebear42. Splintercellguy. J Milburn. Barcex. OlEnglish. JonHarder. Red856. Tapuwiki IPv6 packet  Source: http://en. Vlhsrp. RedWolf. Mrzaius. Osky283. Eldraco. Fahadsadah. Sitearm. Jay. Frap. Quercusrobur. BlueEarth. Ary29. Muhandes. Kglavin. Acegik. Widefox. 5tych5. Persian Poet Gal. DJ Clayworth. T Houdijk. Egil. Enric Naval. JanCeuleers. Huyi. Scetoaux. Keegscee. Khirbat. Mernen. Vakanuvis789. ADobkin. OisinisiO. CanisRufus. TheRa'ike. DStoykov. Mspraveen. Deville. JonHarder. KnowledgeOfSelf. Zack. Haseo9999. Spearhead. GDallimore. Cryptosmith. Zeroshell. Lockeownzj00. Eliteops1. Charles Matthews. WPANI. Suruena. Rocketgoat. BazookaJoe. Fudoreaper. ToobMug. AlistairMcMillan. PuzzletChung. Woohookitty. Suruena. Sepersann. YUL89YYZ. FreplySpang. Mange01. Jeffrey Mall. G7yunghi. RoyBoy. Mindmatrix. Prasan21. Vilerage. Imcdnzl. Tlesher. Stephen G. Boardtc. Badmonkey0001. Visor. David. Ramu50. Dawynn. Mctmike. Furrykef. Blakewestwood. Ryan Roos. JasonTWL. Jan1nad. Marcuswittig. Elieb001. Jaraics. Drmies. Hussam92. Ryan Roos. Da monster under your bed. Postrach. Jusdafax. Joseaperez. Schmitt. J. Ptk. Quentin X. Why Not A Duck. JDavis680.org/w/index. Ttwaring. Geffmax. Mwalsh34. Javert. Zetawoof. Vendettax. Richard001. Jusdafax. Tobias Bergemann. Gonzonoir. Roseurey. Akendall. Rich Farmbrough. Fang Aili. SkyWalker. TheCommunist1994. Rninneman. Wsmarz. Isilanes. Terronis. Katalaveno. Storkk. Heywüd. Suruena. PrestonH. Nasa-verve. Kbdank71. Danhm. Nasa-verve. Anderson. JonHarder. Eagleamn. Cougar w. Omegatron. Stephenman882. Dfranke. Nimiew. Moldylemonmedia. CecilWard. CyberSkull. Frap. ElKevbo. Isheden. Mix Bouda-Lycaon. Chrumps. Tinucherian. Turnstep. Vinucube. Mad9cat. Stephenb. Ancheta Wis. The Anome. Richard.wikipedia. Julesd. OpenToppedBus. Edcolins. Gatta. Kvng. Mashby. Ulrichlang. Electron. LeoNomis. Doctorfluffy. Femto. Jeff G. Purplepumpkins. Halmstad. CronoDAS. Cillie. Tushard mwti. Robofish. NightFalcon90909. Arise Sir Loin of Beef. Imroy. DagErlingSmørgrav. Nachoman-au. Phirenzic. Hairy Dude. Njaard. Mattgibson. Elagatis. DSatz. Cubbyhouse. Mark Chung. M347758. Voidxor. Willisja. Nuttycoconut. Oli Filth. Silver seren. Dreadstar. Pb30.php?oldid=448310043  Contributors: Closedmouth. MrBenCai. Robertvan1.wikipedia. Lordjamex. Pmattos.48  Source: http://en. Fastily. Draglon. 297 anonymous edits Link state packet  Source: http://en. Moreati. Interiot. Frap. Prashanthns. MrOllie. John Siau. Vrenator. Qxz. Yama. Dols. Tim874536. Bevo. Kf4yfd. Purpleslog. Hadal. Casito. The Anome. Danshelb. Fightingirishfan. Dbrooksgta. MartinHarper. Seb az86556. Slakr. Drbreznjev. TripleF. Jclemens. Brianjd. Aleksey Gerasimov. Katharineamy. LachlanA. Da Vynci. Poccil. Rj. Miremare. RJFJR. Stevietheman. Tim. Chris the speller. AndrewMollison. Geoff B. Rurigok. New Age Retro Hippie. Mac.kandy. Leszek Jańczuk. Viriditas.henderson. Dismas. LachlanA. Hazawazawaza. Hetar. Wordwizz. Charles Matthews. Jdeere man.php?oldid=422163972  Contributors: AndreasWittenstein. Piano non troppo. Ouzo. Rsrikanth05. Tcosta. Lee Carre. DragonHawk.Article Sources and Contributors Corvus cornix. 4 anonymous edits GSM 03. Kgentryjr.mtview.php?oldid=443908554  Contributors: Adoniscik. Canis Lupus. Mirv. Ntolkin. Intgr. Coolhandscot. Pabouk. Codinghorror. JzG. Bagatelle. Doug. Xaosflux. Grand Edgemaster. GTBacchus. Dandorid. Intgr. Smalljim. S0me l0ser. Ggiust. JohnCD. 54 anonymous edits Jumbogram  Source: http://en.wikipedia. Gxojo. Fragglet. Rpspeck. Benlisquare. Skacel8. LilHelpa. Sephiroth storm. Gilliam.bar. Kvng. MMuzammils. Milan Kerslager. Gurch. Debresser. Oddbodz. Henriquevicente. Regancy42. Tom k&e. Nachico. Nuno Tavares.0. Joy. DonDiego. Rumping. FunkyBike1. Jeh. Feureau. AB. 18 anonymous edits 175 . Just James. Firsfron. Creed1928. Rev3rend. Mcicogni. Jimyoo. Johnaduley. Knacker ITA. Booch. JTN. CASE. Σ. La Pianista. Auric. Nick Number. JonHarder. Michael Hardy. Hungery. SoCalSuperEagle. Jobeard. MJ94. TombraideerIIdeadmanschest. Khym Chanur. Markrpw. DMahalko. Bryan Derksen. NetRolller 3D. Nuno Tavares. Iamxsj. N328KF. Jrmwng. Timotab. Pnm. Colin Marquardt. Forenti. Rivanvx. Simeon H.php?oldid=444465818  Contributors: Alq131. Cheetoian. JonHarder. GoodwinC. Greenrd. Phoenix314. Dcoetzee. WikipedianMarlith. Debackerl. Mortein.wikipedia. JohnCub. Bookandcoffee.wikipedia. Suicidalhamster. Dandorid. Wai Wai. Neurolysis. Janitor5. Peter.wikipedia. Equendil. Graham87. Loren. Oxymoron83. Meandtheshell. Mailer diablo. Lincolnite. Escape Orbit. EliasAlucard. Tbird1965. Adrignola. Ruzihm. Pissant. Missionary. Netsnipe. Trevor MacInnis. Gstroot. TutterMouse. Learjeff. Diberri. Imcdnzl. Rbarreira. clown will eat me. Haqpunk. Jibjibjib. Dan6hell66.php?oldid=407829618  Contributors: Alan Liefting. Burfdl. Aarktica. Djg2006. Henry W. Noctibus. DerHexer. HatlessAtlas. Satori Son. Theymos. MercuryFree. DVdm. Ch'marr. Matticus78. Intgr. Storkk. Waskage. L337p4wn.piegorsch. UncleBubba. Damadm00. EdwinGroothuis. Mike. CohenTheBavarian. Epbr123. Eequor. Zntrip. Waelder. Mc6809e. JonHarder. Tobias Bergemann. Debresser.php?oldid=436864929  Contributors: 16@r. DeadEyeArrow. KangKnight. Cyndler. Mitaphane.wikipedia. Equazcion. Iokerapid. Nancy. Hax0rw4ng. Mange01. Elcasc. Rigworm. WikiDao. Nmadhubala. V8rik. Woohookitty. Cometstyles. Danski14. DemonThing. Jtir. Nunquam Dormio. Njmanson. Mikm. Nageh. Lee Carre. Heron. Tbhotch. RadioActive. 52 anonymous edits Mangled packet  Source: http://en. Harland1. CesarB. Pabouk. Sephiroth storm. Mysterytrey. LeinaD natipaC. Thingg. Gc9580. Jhi247. EQ5afN2M.amdphreak. Lakshmin. Ross Fraser. Flewis. Jpbowen. Dse. Stonehead. Teenboi001. Thearcher4. Wk muriithi. Prunesqualer. Jfilcik. Yk Yk Yk. Killiondude. 28 anonymous edits G. Thoobik. Dmccreary. Seb26. Robofish. L33th4x0rguy. Blahbleh. Ohnoitsjamie. SlipperyHippo. Closedmouth. Cwolfsheep. Mygerardromance. Sparky132. Kealper. Lubos. 4 anonymous edits Gigapackets  Source: http://en. LeaveSleaves. Racerboy. Legotech. Dzordzm. 38 anonymous edits Frame check sequence  Source: http://en. Husond. Jec. Lucy1981.org/w/index. Hokiehead. CosineKitty. Ciphergoth. Phatom87. Possum. JonHarder. Seddon. Nakon. Paul D. Cmdrjameson. Tinton5. FisherQueen. Tombomp. FleetCommand. Ricky. Jchandlerhall. Graphitesmoothie. Fynali. CraigB. WilliamSun. Kbrose. Skyezx. Hadal. Hpa. Topspinslams. LegitimateAndEvenCompelling. Ricky81682. Kablammo. Wikialoft. Tide rolls. OlavN. Rjwilmsi. Mr. Dandorid. Erencexor. Hibernian. Thecheesykid. Robbie Cook. Kozuch. Attilios. Mandramas. Theda. Πrate. Venom8599. Radiant!. Daichinger. Hu12. Mattloaf1.wikipedia. LOL. Hans Persson. Amire80. Wknight94. Eponymosity. 1263 anonymous edits Frame (networking)  Source: http://en. Inov8er. Kubanczyk. Spazure. Mild Bill Hiccup. Nneonneo. Matthäus Wander. L'Aquatique.org/w/index. Sgeo. Tevildo. Emperorbma. KnowledgeOfSelf. Lir. 11 anonymous edits Jitter  Source: http://en. Dougher. Mouchoir le Souris. Wahooker. EddieNiedzwiecki. Mrlumpycole. ST47.

David-Sarah Hopwood. Wipe. Mange01. Mudalagi.php?oldid=332547289  Contributors: Big Bob the Finder. SunCreator. FJPB.php?oldid=444871256  Contributors: Althena.smith. Malcolma. The Singing Badger. PabloCastellano.php?oldid=332547189  Contributors: Phatom87. Wheet. RedWolf. 217. Itusg15q4user. No1Jenny. Roy2009. Ec2049. Jedi Master Brownlow. Ali@gwc. Fumblebruschi. Тиверополник. Ioeth. Kgrr. Nv8200p. Woohookitty. 3 anonymous edits Packet analyzer  Source: http://en. Maximaximax. Wa3frp. Prondou. Niteowlneils. WereSpielChequers. Hetar. Yang. Mleoking. Manop.php?oldid=408353584  Contributors: Adamantios.php?oldid=447899712  Contributors: Amorymeltzer. Intgr.dai. Teancum. Can't sleep. Gazpacho. Hamster2. Jpbowen. Woohookitty. JTN. Harryzilber. Selfev.org/w/index. Ahoerstemeier. JTN. Pedant17.org/w/index. Kungfuadam. Mild Bill Hiccup. Xchbla423. Usangel1066. 802geek. Josh Parris. Rwhalb. W Nowicki. Veinor. Itai. Mange01. Guy Harris. Rogger. Isnow. Darth Panda. AlphaPyro. 1 anonymous edits Ping (video gaming)  Source: http://en. Betbest1. GPHemsley. Dgtsyb.xxx.Article Sources and Contributors Maximum transmission unit  Source: http://en. Phatom87. Mange01. Brooks. Frap. ExDPN100Engineer. Marasmusine. Benhoyt.org/w/index. Chameleons84. Kvng. Evil saltine. Bevo. 3 anonymous edits OmniPeek  Source: http://en. ManuelGR. Knuckles. Voidxor. Fresheneesz. Piet Delport. Thegn. Voyagerfan5761. Thingg. Airplaneman. NBuccalo. Richard cocks. Maurreen. Timsk. Merope. Kbrose. Winterst. FromOrleans. Devourer09.php?oldid=406216024  Contributors: Baggie. Jaizovic. Qwghlm.cn. Incompetence. Calmcz. Excirial. Zondor. Itusg15q4user.org/w/index. Enduser32. GPHemsley.org/w/index. MCBastos. Nicenevil. CanadianLinuxUser. Imcdnzl.wikipedia. Diodime. Peruvianllama. Zackman90. Jkl. Mini-Geek.wikipedia. Diberri.henderson.php?oldid=390003240  Contributors: Guy Harris. 40 anonymous edits Public switched data network  Source: http://en.php?oldid=435085280  Contributors: Bearcat. JonHarder. Jim. Torla42. Lightmouse. Bearcat. DylanW.wikipedia. Gundark. Mandarax. Zhou Yu. Ewlyahoocom. AlphaEta. Lambiam. Shaddack. Barberio. WereSpielChequers. NapoliRoma. Haseo9999. Radiojon. Packetman. Jtk. Johnbojaen. Imcdnzl. Jedonnelley. EvanCarroll. Riffle. Jpbowen. PaulHanson. 175 anonymous edits Network congestion  Source: http://en. A. Ron shelf. Yinwulanyu. Bryanarnold.wikipedia. Abdull.delanoy. BarretBonden. Storkk.wikipedia.org/w/index. Boscobiscotti. Kai. Jim. Edward Z. JonHarder. Welsh. Newman9997.126. Yamaguchi先 生 . Luk. PeteShanosky. Loftenter. Kundor. Seifried.php?oldid=427695232  Contributors: DR (usurped). Mikeblas. Julesd. BradBeattie. M4gnum0n. Badseed. Nmatpt. Joshurtree. Waskage. Gerald. The Anome Packet aggregation  Source: http://en.php?oldid=441122659  Contributors: Frap. Kvng. Hooperbloob. Karol Langner. Dave Cohoe. Chris the speller. 4 anonymous edits PARC Universal Packet  Source: http://en. Nmacu. Omegatron.php?oldid=377480337  Contributors: ApolloCreed. DylanW. Tatrgel. Ashwin18. Christophernoland. Ciphers. Btyner.H. Graeme Bartlett.M. MS3FGX. PrimroseGuy. JMiall. J. Alxeedo. Nitiniit. Eastmain. KVDP.org/w/index. Dead3y3. Wpifer. My007ms. Nimiew. Paquitotrek. Hcberkowitz. Charles Matthews. Rvalles.org/w/index. Wingsandsword. Cgarciap86. Jnc. LeviathinXII. Dgtsyb.php?oldid=418128155  Contributors: KelleyCook Packet drop attack  Source: http://en. Rhobite.wikipedia.org/w/index. Yuanli. Jimj wpg.php?oldid=442089761  Contributors: Billc. Someone42. Bsadowski1. Karada. Suplamer. Fromageestciel.org/w/index. 12 anonymous edits Packet capture  Source: http://en. 2 anonymous edits 176 . Edward. Sricciar. Wmasterj.wikipedia. Leblondleblond. Itusg15q4user. Gentleman wiki. Widefox. CesarB.wikipedia.39. Psmith811. Netcrash87. Crossmr. R'n'B. RJHall. SpacePacket. Mebden. Bobier. Dawnseeker2000. X!. Rabarberski.wikipedia. Watson Ladd. Omegium. Waveguy.wikipedia. Tinucherian. Kbrose. Ospalh. Mantipula. Giftlite. Gbelknap. YUL89YYZ. DonDaMon. Dky89.0.henderson.hprastiawan. EagleOne. Groundeyes. JohnOwens. Thumperward. Rspanton. Frap. Gbelknap. PaulELong. Jopsen. Networked. Nick Number. Paul1337. Discospinster. Steven Zhang. JTN. JNW. Foobaz. Fishyghost. Ryan Roos. Glenn. Pyrotec. Gerfaut. Lucanos. Kthnxrick. Guy Harris. John Vandenberg. Jeremy Swinarton. Phatom87.org/w/index.org/w/index. Rhodekyll. Malcolm.php?oldid=369677408  Contributors: Adamantios. 28 anonymous edits Packet injection  Source: http://en.wikipedia. Eastlaw. Colasoft capsa. Jokes Free4Me. Mange01. Aldaron. Steven. Dnas. Edcolins. Giftlite. Gogo Dodo. Martyvis. Securitywiki. Groyolo.php?oldid=448224650  Contributors: 213. Smithwillscott. WaffleMonster.wikipedia. Andrewpmk. The Evil IP address. Lee Carre. Kate. 39 anonymous edits Protocol data unit  Source: http://en. AlistairMcMillan. Guitarist6987876. Blerg1. Ricojonah. Wirbelwind. Lostchicken. Piet Delport. Wheet. MOM4Evr. Yuanli. Andponomarev.org/w/index. Philbarker.H. GregorB.wikipedia. CarolGray. Jy. 4 anonymous edits Packet transfer delay  Source: http://en. DragonflySixtyseven. Gaius Cornelius. Kbrose. JonHarder. TubularWorld. Tempshill. Kvng. Fredeccles. Reliablesources. Gurch. Selket. Brewhahaitsme. W Nowicki. Ged Davies. Ynhockey. Roger Davies. JeLuF. Mitch Ames. Skier Dude. Chris the speller. J. Francs2000. Gfoley4. Unixguy. Getcrunk. Bearcat. Idril. Jerrysmith222. Rich Farmbrough. Tgwaltz. CosineKitty. Terra Xin. MarkmacVSS.php?oldid=442837325  Contributors: Bbx. Hm2k. Milan Keršláger. Toreau.php?oldid=447756520  Contributors: AManWithNoPlan. Oli Filth. Psrdotcom. Djsuess. MetalGearLiquid. R'n'B. Babbage.wikipedia. Palmer1973.org/w/index. Btilm.org. Mormegil. Closedmouth. Skyschulz. Dkleeman. Cxxxap. Frencheigh. Tsange. Philip Trueman. Rich Farmbrough. Vary. Bobblehead. I2so4. Miracle Pen. Let4time. Neilc. Mendaliv. Retodon8. Netmoninc. Justin Piper. Rememberway. Wpifer.org/w/index. Ee02b022. Jerrysmith222.wikipedia. Schmloof. CarlHewitt.wasylewski.H.125. QmunkE. Rich Farmbrough. Skapur. Jpatokal. Sonic Mew. Jim. Kalathalan. Bp2010.Ferguson. Tmaufer. Rdmoore6. Woohookitty. Guy Harris. Wireless friend. NawlinWiki. The Anome. Meredyth. Rogue Editor. Dgrahame. Bumm13. Dcoetzee. Storkk. Paulfeakins. Yuanli. Guy Harris. Niclas Wiberg. Rjwilmsi. Stephen. Corpx. Gaius Cornelius. Thomas d stewart. JIP. The Original Wildbear. Cgdallen. Тиверополник. Michael Devore. B4hand. N3ddy. 325 anonymous edits Packet Assembler/Disassembler  Source: http://en. Jim. Dhar.org/w/index. Biasoli. 14 anonymous edits Robust random early detection  Source: http://en. Nightstallion. Omegatron. Stwalkerster. Tammyzhou1983. 16 anonymous edits Packet concatenation  Source: http://en. Phatom87.wikipedia. EGSchwartz. Kbrose. Vidiii. SarahStierch. Ishi Gustaedr. Rholton. Brookshawn. Mjb4567. Shilpi2809. EAderhold. ZeroOne. Jim. Ground Zero. Jeffmcfarland. Fleminra. Plugwash. Jamescfield. Graeme Bartlett. Jpbowen. Zaf. Crispmuncher. Pcap.php?oldid=422939538  Contributors: Barberio. MER-C. Mange01. Richard W. 11 anonymous edits Packet segmentation  Source: http://en. Coolgamer. Maurreen. PeterEasthope. 48 anonymous edits Packet-switching node  Source: http://en. DeadEyeArrow. Xxsquishyxx.org/w/index. Gardar Rurak. Frap. Synchrodyne. PBP. Nurg. Kablammo. Teemu Maki. Nurg.org/w/index. Adambiswanger1. Jnc. Lee Carre.uk.henderson.org/w/index. Huntscorpio. NI Team. Itusg15q4user. Jnc. AxelBoldt. 7 anonymous edits Out-of-order delivery  Source: http://en. Ali Esfandiari. clown will eat me. Thumperward. Polyakov. GoingBatty. MER-C. Foelectric. Woohookitty. Negrulio. Xofc. Dawnseeker2000. Margin1522. Pegship.wikipedia. Kaare. Anaxial.wikipedia. Storkk. Mild Bill Hiccup.xxx.org/w/index. Timtim101. BertK. Giftlite. Chancemill. Manaskb.org/w/index.wikipedia. W163. Zhou Yu. M4gnum0n. Ilario.php?oldid=421573374  Contributors: 4twenty42o. BenFrantzDale.delanoy. Wafulz. Michael Devore. Capricorn42.php?oldid=444049931  Contributors: A. L Kensington. Sowsnek. Mleoking. Kgrr. Sephiroth storm Packet Switch Stream  Source: http://en. NoExec. R2jitu. Mild Bill Hiccup. BayTech. Ninjakttty. From That Show!. Pgr94. Jmaes123. LachlanA.henderson. Hu12. Alex6273. Thparkth. Deema AlShamaa. Vrenator. John 34345. Avalon. CecilWard. Ewlyahoocom.php?oldid=440067247  Contributors: Akshaygs. Nekohakase. Rdmoore6. Conversion script. Jnc. Whitepaw. Lightmouse. David-Sarah Hopwood.253. MacStep. Jonnyct. Jones. Watson1966. The Anome. William Avery. Timwi. JonHarder.combs. Storkk. Xezbeth. Abune. Bogsat. 6 anonymous edits Packet switching  Source: http://en. Katharineamy. Bradyok. Cburnett. Tmaufer. Rick Sidwell. Logicat. That Guy. Freedomfighter21. Rich Farmbrough. Kenyon. CesarB's unpriviledged account. YUL89YYZ.Petrenko. Jm34harvey.php?oldid=425345090  Contributors: Pnm.filmond. Alantekore. GrahamDavies. Malcolma. Dhammala. Kvng. Bobblewik. Marksza. Hjf. Jonnyct. JonHarder.wikipedia. Loadmaster. Jason Stormchild. Glenn. Noctibus. 4 anonymous edits Packet-switched network  Source: http://en. RedWolf. LawrenceGRoberts. Smsarmad. Haza-w. Excirial. UU. Discospinster. Nubiatech. R'n'B. Kk2mkk. Helix84.a. Dirtydan667. Itusg15q4user. JohnGrantNineTiles. El Cubano. Ppike.org/w/index. Casey Abell. J. Wizard191. Midnightcomm.wikipedia. CyberSkull. Tonkie67. Tobias Bergemann. Lexikorn. Cwolfsheep. Useight. Mbarbier. Trevor d. The Anome. Xcentaur.org/w/index. Jrtayloriv. Mojodaddy. GoingBatty. Gardar Rurak. Pearle. Aldie. Kabdcn. Logictheo. NetRolller 3D. Mboverload. Xaje. Bloodshedder. Donreed. K12u.wikipedia. Joy. Bjelleklang. Jasrocks. Hairy Dude. Mancini. Stw.php?oldid=389942039  Contributors: Guy Harris. JosephBarillari. Jdm64. Liotier. Tagishsimon. Scoutersig. Tom94022. 17 anonymous edits NIST RBAC model  Source: http://en.wikipedia. GoingBatty. Onthegogo. CIreland. JoanneB. Binksternet. Jpbowen. Moondyne. The Thing That Should Not Be. Hgmichna.org/w/index. ZoFreX. PierreAbbat. Mjb4567. Wrs1864. 8 anonymous edits Packet generator  Source: http://en. Peyre. 223 anonymous edits Packet telephony  Source: http://en. Guy Harris. MrOllie.wikipedia. Deineka.org/w/index. PerryTachett. RedWolf. Rjwilmsi.wikipedia. Faithtear. ThreePD. SpacePacket.php?oldid=421972347  Contributors: AlistairMcMillan. Bezzm. Nuno Tavares. LouScheffer. SCΛRECROW. Bobier. JTN.henderson. Neurolysis. Borgx. Epbr123. Jamsignal. Jaffar.php?oldid=441691777  Contributors: Alynna Kasmira. MarkFrancisMullins.

wikipedia. Mmernex. Pentap101. Phatom87. Cmdrjameson. LilHelpa. Algocu. SpacePacket.org/w/index. Btyner. Makibaohm.wikipedia. Tbhotch.org/w/index. The Anome. Nealcardwell. Mascurader. Greenrd 177 . NortyNort. Choalbaton. Fred Condo. Suruena. Kbrose. IMSoP.php?oldid=437942335  Contributors: Daniel.Article Sources and Contributors Raw socket  Source: http://en. Riggler. Ximensions. Thomasyen. Mikm. Mboverload.org/w/index. Jeaux Bleaux. Kubanczyk.org/w/index. Legotech. Modify. 1 anonymous edits Start Frame Delimiter  Source: http://en. Jbartas. The Anome. OliverTwisted.org/w/index.Cardenas. 8 anonymous edits Virtual packet  Source: http://en. Jonverve. Flydpnkrtn. Enduser. Storkk. Ryan Roos.php?oldid=432452324  Contributors: Adrignola. Discospinster. Vobrcz. Mange01. ILF.wikipedia. Fredgoat. Melcombe. Fschoenm. Kvng. Sam Hocevar. Jleedev. 49 anonymous edits SQLFilter  Source: http://en. Sietse Snel. 28 anonymous edits Syncword  Source: http://en.wikipedia. Frap. R'n'B.wikipedia.wikipedia. Edward.wikipedia. Pparazorback.org/w/index. JonHarder. Pseudomonas. 2 anonymous edits Statistical time division multiplexing  Source: http://en. Edward. Noted trip3. Martin Hinks. Radagast83. Bonadea. Zgadot. Frap. Storkk.php?oldid=447807544  Contributors: Are you ready for IPv6?.php?oldid=332547334  Contributors: Biot.php?oldid=332547365  Contributors: Commnerd. 6 anonymous edits TCP reset attack  Source: http://en. Guy Harris. Wdscxsj. W Nowicki.php?oldid=421971650  Contributors: Invitatious. Mdupont. JMay. Jaeger5432. Erik9. UnicornTapestry.php?oldid=418660128  Contributors: DanielPharos. Jgm7. Reisio. Clamum.org/w/index. Robofish. JonHarder. Tassedethe. Rholton. JonHarder.

svg  Source: http://en.png  Source: http://en.png  License: Fair Use  Contributors: User:BetacommandBot. User:Iztoku Image:Sandvine logo.php?title=File:Radware. User:MBisanz. Image:Viaedge Logo.php?title=File:Firewall.04. H Padleckas.org/w/index.org/w/index.wikipedia.org/w/index.org/w/index.org/w/index.org/w/index.0  Contributors: Bruno Pedrozo Image:Gufw 9.php?title=File:Sandvine_logo. 1 anonymous edits image:unicast.org/w/index.org/w/index.php?title=File:Anycast.wikipedia.jpg  Source: http://en.php?title=File:Viaedge_Logo.svg  License: unknown  Contributors: Sarang Image:Barracuda-networks-logo.org/w/index.png  Source: http://en.svg  Source: http://en.jpg  License: Fair Use  Contributors: Dchapes. User:Pabouk Image:Cisco logo.php?title=File:Allot_logo.php?title=File:Ciscosystemsrouteratcern.php?title=File:Sonicwalllogo.PNG  Source: http://en. User:Cydebot.svg  Source: http://en. User:Cydebot.2.php?title=File:Check_point_logo.jpg  License: GNU Free Documentation License  Contributors: Original uploader was Coolcaesar at en.png  Source: http://en.png  License: Creative Commons Attribution-Sharealike 3.php?title=File:PD-icon.org/w/index.org/w/index.Image Sources.org/w/index.svg  Source: http://en.svg  Source: http://en.png  Source: http://en.svg  Source: http://en.png  Source: http://en.wikipedia.wikipedia.org/w/index.php?title=File:Stonesoft_Logo.PNG  License: unknown  Contributors: Daichinger.wikipedia.org/w/index.svg  Source: http://en.php?title=File:Labris_Teknoloji_logo-orta.wikipedia.svg  License: Public Domain  Contributors: Dbenbenn.svg  License: Creative Commons Attribution 2. 1 anonymous edits File:Decrease2..svg  License: Public Domain  Contributors: Mik81 Image:ethernet frame. Technion.php?title=File:Ethernet_frame.wikipedia.wikipedia.wikipedia.wikipedia.wikipedia. Presidentman.org/w/index.php?title=File:Increase2. Rockfang.png  Source: http://en.svg  License: Public Domain  Contributors: Self-made Image:Stressed Eye.wikipedia.org/w/index.jpg  Source: http://en.jpg  License: Fair Use  Contributors: Lamro Image:Check point logo.wikipedia. User:Ehudshapira.wikipedia. Lupo. User:STBotI File:Increase2.wikipedia.svg  Source: http://en.wikipedia.0.wikipedia. Licenses and Contributors Image:Allot logo.wikipedia. Jarekt. UrSuS.svg  Source: http://en.svg  License: Public Domain  Contributors: Easyas12c.0  Contributors: Gaiterin Image:Ethernet frame. PhilKnight.PNG  License: Creative Commons Attribution-Sharealike 3.svg  Source: http://en. Sfan00 IMG Image:Sonicwalllogo.svg  License: Public Domain  Contributors: Easyas12c image:cast.php?title=File:Flag_of_the_United_States.php?title=File:Stressed_Eye.php?title=File:Cast.wikipedia.) File:Firewall.org/w/index.wikipedia.svg  License: Public Domain  Contributors: Self-made .png  Source: http://en.wikipedia. Zscout370.php?title=File:Gufw_9.png by Duesentrieb.wikipedia. (Original SVG was based on File:PD-icon.jpg  License: unknown  Contributors: Eraserhead1 image:broadcast.org/w/index.png by Rfl.png  License: Fair Use  Contributors: User:Ilyasali khan.org/w/index.2.04.php?title=File:Decrease2.php?title=File:Multicast.wikipedia.org/w/index.wikipedia.jpg  License: GNU Free Documentation License  Contributors: Coolcaesar File:Labris Teknoloji logo-orta.php?title=File:Ethernet_frame. which was based on Image:Red copyright.php?title=File:Ciscosystemsheadquarters.svg  Source: http://en.svg  License: Fair Use  Contributors: Jeff G.svg  License: Public Domain  Contributors: Easyas12c image:anycast.wikipedia. 1 anonymous edits image:multicast.jpg  Source: http://en.jpg  Source: http://en. 1 anonymous edits Image:standard deviation diagram.jpg  Source: http://en.0.php?title=File:Broadcast.org/w/index.png  License: GNU Free Documentation License  Contributors: Phani Bhushan File:Paul Baran.php?title=File:Barracuda-networks-logo.org/w/index.5.org/w/index.org/w/index.org/w/index.svg  Source: http://en.svg  License: Public Domain  Contributors: Sarang Image:Ciscosystemsheadquarters.png  License: Fair Use  Contributors: User:Bjelleklang.wikipedia.svg  Source: http://en. See log.org/w/index.org/w/index.php?title=File:Unicast.php?title=File:Paul_Baran.5  Contributors: Mwtoews Image:Pdu and sdu.png  License: Fair Use  Contributors: Impakti File:Flag of the United States.org/w/index. Licenses and Contributors 178 Image Sources.svg  License: Creative Commons Zero  Contributors: Revolus Image:PD-icon.PNG  Source: http://en.svg  License: Public Domain  Contributors: Easyas12c.svg  Source: http://en.svg  License: Public Domain  Contributors: Easyas12c.php?title=File:Cisco_logo. Indolences.php?title=File:Geocast.svg  Source: http://en.1.wikipedia. Jacobolus. Perhelion image:geocast.svg  License: Public Domain  Contributors: Various.wikipedia Image:Ciscosystemsrouteratcern.wikipedia.png  License: Fair Use  Contributors: User:Mongolmax Image:Stonesoft Logo. User:Polbot.jpg  License: Free Art License  Contributors: Yasakak Image:Radware.org/w/index.wikipedia.php?title=File:Standard_deviation_diagram.jpg  Source: http://en.org/w/index.php?title=File:Pdu_and_sdu.wikipedia.

0/ .License 179 License Creative Commons Attribution-Share Alike 3.0 Unported http:/ / creativecommons. org/ licenses/ by-sa/ 3.

Firewall (computing). Active queue management. Stand Out and Pay Off. It reduces the risk of your technology. Are you looking to learn more about Deep Packet Inspection (DPI)? You’re about to discover the most spectacular gold mine of Deep Packet Inspection (DPI) materials ever created. Radware.and Much. Frame (networking). or for the purpose of collecting statistical information. Jitter. Catenet. while you still can. Network intelligence.8261.) is normally considered to be shallow packet inspection (usually called Stateful Packet Inspection) despite this definition.. Front Porch. Business Control Layer.” Deep Packet Inspection (DPI) (also called complete packet inspection and Information eXtraction . Broadcasting (computing). Packet loss. learn EVERYTHING you need to know about Deep Packet Inspection (DPI).The Knowledge Solution. Narus (company). The #1 ALL ENCOMPASSING Guide to Deep Packet Inspection (DPI). Lag. Theta Networks. Much More! This book explains in-depth the real drivers and workings of Deep Packet Inspection (DPI). Link state packet. GSM 03. Christmas tree packet. Allot Communications. Data-dependent jitter. An Important Message for ANYONE who wants to learn about Deep Packet Inspection (DPI) Quickly and Easily. proposal and implementation with the ultimate book – guaranteed to give you the education that you need. IPv6 packet. Cut-through switching. “Here’s Your Chance To Skip The Struggle and Master Deep Packet Inspection (DPI). Datakit. network equipment only needs to use the first of these (the IP header) for normal operation. Deep Packet Inspection (and filtering) enables advanced network management. Berkeley Packet Filter. intrusions or predefined criteria to decide if the packet can pass or if it needs to be routed to a different destination. Martian packet. and ace any discussion. Datagram. Sandvine. Frame check sequence. Deterministic jitter. analysis. and censorship.IX -) is a form of computer network packet filtering that examines the data part (and possibly also the header) of a packet as it passes an inspection point. UDP etc.Grab your copy now. With the Least Amount of Effort. Here you will find the most up-to-date information. In 2 Days Or Less. background and everything you need to know. . service providers and governments in a wide range of applications. This book is your ultimate resource for Deep Packet Inspection (DPI). Paul Baran. viruses. Fast packet switching. Mangled packet. and security functions as well as internet data mining. eavesdropping. Cisco Express Forwarding. searching for protocol non-compliance.. Stop Searching. In easy to read chapters. Jumbogram. some advocates of net neutrality fear that the technology can be used anticompetitively or to reduce the openness of the Internet. Get the edge. Although DPI technology has been used for Internet management for many years.... Chernobyl packet. Network packet. Labris Teknoloji.48. Black hole (networking). Blue (queue management algorithm). this book is a unique collection to help you become a master of Deep Packet Inspection (DPI). Barracuda Networks. faster than you ever dreamed possible! The information in this book can show you how to be an expert in the field of Deep Packet Inspection (DPI). G. Stonesoft Corporation. spam. A quick look inside: Deep packet inspection. time and resources investment decisions by enabling you to compare your understanding of Deep Packet Inspection (DPI) with the objectivity of experienced professionals . user service. SonicWALL. but use of the second header (TCP. Dynamic Packet Transport. with extensive references and links to get you to know all there is to know about Deep Packet Inspection (DPI) right away. Donald Davies. Viaedge. Data Path Acceleration Architecture (DPAA). Cisco Systems. There are multiple headers for IP packets. NebuAd. Check Point. Context-based access control.. DPI is currently being used by the enterprise. Jumbo frame. Gigapackets.

You're Reading a Free Preview

Download
scribd