P. 1
Deep Packet Inspection (DPI): High-impact Strategies - What You Need to Know: Definitions, Adoptions, Impact, Benefits, Maturity, Vendors

Deep Packet Inspection (DPI): High-impact Strategies - What You Need to Know: Definitions, Adoptions, Impact, Benefits, Maturity, Vendors

|Views: 1,224|Likes:
Published by Emereo Publishing
The Knowledge Solution. Stop Searching, Stand Out and Pay Off. The #1 ALL ENCOMPASSING Guide to Deep Packet Inspection (DPI).

An Important Message for ANYONE who wants to learn about Deep Packet Inspection (DPI) Quickly and Easily...

"Here's Your Chance To Skip The Struggle and Master Deep Packet Inspection (DPI), With the Least Amount of Effort, In 2 Days Or Less..."

Deep Packet Inspection (DPI) (also called complete packet inspection and Information eXtraction - IX -) is a form of computer network packet filtering that examines the data part (and possibly also the header) of a packet as it passes an inspection point, searching for protocol non-compliance, viruses, spam, intrusions or predefined criteria to decide if the packet can pass or if it needs to be routed to a different destination, or for the purpose of collecting statistical information. There are multiple headers for IP packets, network equipment only needs to use the first of these (the IP header) for normal operation, but use of the second header (TCP, UDP etc.) is normally considered to be shallow packet inspection (usually called Stateful Packet Inspection) despite this definition.

Deep Packet Inspection (and filtering) enables advanced network management, user service, and security functions as well as internet data mining, eavesdropping, and censorship. Although DPI technology has been used for Internet management for many years, some advocates of net neutrality fear that the technology can be used anticompetitively or to reduce the openness of the Internet.
DPI is currently being used by the enterprise, service providers and governments in a wide range of applications.

Get the edge, learn EVERYTHING you need to know about Deep Packet Inspection (DPI), and ace any discussion, proposal and implementation with the ultimate book – guaranteed to give you the education that you need, faster than you ever dreamed possible!

The information in this book can show you how to be an expert in the field of Deep Packet Inspection (DPI).

Are you looking to learn more about Deep Packet Inspection (DPI)? You're about to discover the most spectacular gold mine of Deep Packet Inspection (DPI) materials ever created, this book is a unique collection to help you become a master of Deep Packet Inspection (DPI).

This book is your ultimate resource for Deep Packet Inspection (DPI). Here you will find the most up-to-date information, analysis, background and everything you need to know.

In easy to read chapters, with extensive references and links to get you to know all there is to know about Deep Packet Inspection (DPI) right away. A quick look inside: Deep packet inspection, Allot Communications, Barracuda Networks, Check Point, Cisco Systems, Front Porch, Labris Teknoloji, Narus (company), NebuAd, Network intelligence, Radware, Sandvine, SonicWALL, Stonesoft Corporation, Theta Networks, Viaedge, Network packet, Active queue management, Paul Baran, Berkeley Packet Filter, Black hole (networking), Blue (queue management algorithm), Broadcasting (computing), Business Control Layer, Catenet, Chernobyl packet, Christmas tree packet, Cisco Express Forwarding, Context-based access control, Cut-through switching, Data Path Acceleration Architecture (DPAA), Data-dependent jitter, Datagram, Datakit, Donald Davies, Deterministic jitter, Dynamic Packet Transport, Fast packet switching, Firewall (computing), Frame (networking), Frame check sequence, G.8261, Gigapackets, GSM 03.48, IPv6 packet, Jitter, Jumbo frame, Jumbogram, Lag, Link state packet, Packet loss, Mangled packet, Martian packet...and Much, Much More!

This book explains in-depth the real drivers and workings of Deep Packet Inspection (DPI). It reduces the risk of your technology, time and resources investment decisions by enabling you to compare your understanding of Deep Packet Inspection (DPI) with the objectivity of experienced professionals - Grab your copy now, while you still can.
The Knowledge Solution. Stop Searching, Stand Out and Pay Off. The #1 ALL ENCOMPASSING Guide to Deep Packet Inspection (DPI).

An Important Message for ANYONE who wants to learn about Deep Packet Inspection (DPI) Quickly and Easily...

"Here's Your Chance To Skip The Struggle and Master Deep Packet Inspection (DPI), With the Least Amount of Effort, In 2 Days Or Less..."

Deep Packet Inspection (DPI) (also called complete packet inspection and Information eXtraction - IX -) is a form of computer network packet filtering that examines the data part (and possibly also the header) of a packet as it passes an inspection point, searching for protocol non-compliance, viruses, spam, intrusions or predefined criteria to decide if the packet can pass or if it needs to be routed to a different destination, or for the purpose of collecting statistical information. There are multiple headers for IP packets, network equipment only needs to use the first of these (the IP header) for normal operation, but use of the second header (TCP, UDP etc.) is normally considered to be shallow packet inspection (usually called Stateful Packet Inspection) despite this definition.

Deep Packet Inspection (and filtering) enables advanced network management, user service, and security functions as well as internet data mining, eavesdropping, and censorship. Although DPI technology has been used for Internet management for many years, some advocates of net neutrality fear that the technology can be used anticompetitively or to reduce the openness of the Internet.
DPI is currently being used by the enterprise, service providers and governments in a wide range of applications.

Get the edge, learn EVERYTHING you need to know about Deep Packet Inspection (DPI), and ace any discussion, proposal and implementation with the ultimate book – guaranteed to give you the education that you need, faster than you ever dreamed possible!

The information in this book can show you how to be an expert in the field of Deep Packet Inspection (DPI).

Are you looking to learn more about Deep Packet Inspection (DPI)? You're about to discover the most spectacular gold mine of Deep Packet Inspection (DPI) materials ever created, this book is a unique collection to help you become a master of Deep Packet Inspection (DPI).

This book is your ultimate resource for Deep Packet Inspection (DPI). Here you will find the most up-to-date information, analysis, background and everything you need to know.

In easy to read chapters, with extensive references and links to get you to know all there is to know about Deep Packet Inspection (DPI) right away. A quick look inside: Deep packet inspection, Allot Communications, Barracuda Networks, Check Point, Cisco Systems, Front Porch, Labris Teknoloji, Narus (company), NebuAd, Network intelligence, Radware, Sandvine, SonicWALL, Stonesoft Corporation, Theta Networks, Viaedge, Network packet, Active queue management, Paul Baran, Berkeley Packet Filter, Black hole (networking), Blue (queue management algorithm), Broadcasting (computing), Business Control Layer, Catenet, Chernobyl packet, Christmas tree packet, Cisco Express Forwarding, Context-based access control, Cut-through switching, Data Path Acceleration Architecture (DPAA), Data-dependent jitter, Datagram, Datakit, Donald Davies, Deterministic jitter, Dynamic Packet Transport, Fast packet switching, Firewall (computing), Frame (networking), Frame check sequence, G.8261, Gigapackets, GSM 03.48, IPv6 packet, Jitter, Jumbo frame, Jumbogram, Lag, Link state packet, Packet loss, Mangled packet, Martian packet...and Much, Much More!

This book explains in-depth the real drivers and workings of Deep Packet Inspection (DPI). It reduces the risk of your technology, time and resources investment decisions by enabling you to compare your understanding of Deep Packet Inspection (DPI) with the objectivity of experienced professionals - Grab your copy now, while you still can.

More info:

Published by: Emereo Publishing on Sep 15, 2011
Copyright:Traditional Copyright: All rights reserved
List Price: $39.95

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
This book can be read on up to 6 mobile devices.
Full version available to members
See more
See less

10/31/2014

Sections

  • Deep packet inspection
  • Allot Communications
  • Barracuda Networks
  • Check Point
  • Cisco Systems
  • Front Porch
  • Labris Teknoloji
  • Narus (company)
  • NebuAd
  • Network intelligence
  • Radware
  • Sandvine
  • SonicWALL
  • Stonesoft Corporation
  • Theta Networks
  • Viaedge
  • Network packet
  • Active queue management
  • Paul Baran
  • Berkeley Packet Filter
  • Black hole (networking)
  • Blue (queue management algorithm)
  • Broadcasting (computing)
  • Business Control Layer
  • Catenet
  • Chernobyl packet
  • Christmas tree packet
  • Cisco Express Forwarding
  • Context-based access control
  • Cut-through switching
  • Data Path Acceleration Architecture (DPAA)
  • Data-dependent jitter
  • Datagram
  • Datakit
  • Donald Davies
  • Deterministic jitter
  • Dynamic Packet Transport
  • Fast packet switching
  • Firewall (computing)
  • Frame (networking)
  • Frame check sequence
  • G.8261
  • Gigapackets
  • GSM 03.48
  • IPv6 packet
  • Jitter
  • Jumbo frame
  • Jumbogram
  • Link state packet
  • Packet loss
  • Mangled packet
  • Martian packet
  • Maximum segment size
  • Maximum transmission unit
  • Network congestion
  • NIST RBAC model
  • OmniPeek
  • Out-of-order delivery
  • Packet aggregation
  • Packet analyzer
  • Packet Assembler/Disassembler
  • Packet capture
  • Packet concatenation
  • Packet drop attack
  • Packet generator
  • Packet injection
  • Packet segmentation
  • Packet Switch Stream
  • Packet switching
  • Packet telephony
  • Packet transfer delay
  • Packet-switched network
  • Packet-switching node
  • PARC Universal Packet
  • Ping (video gaming)
  • Protocol data unit
  • Public switched data network
  • Robust random early detection
  • Raw socket
  • SQLFilter
  • Start Frame Delimiter
  • Statistical time division multiplexing
  • Syncword
  • TCP reset attack
  • Virtual packet
  • Article Sources and Contributors
  • Image Sources, Licenses and Contributors
  • License

Deep Packet Inspection (DPI

)
IN-DEPTH: THE REAL DRIVERS AND
WORKINGS

Kevin Roebuck

REDUCES THE RISK OF YOUR TECHNOLOGY, TIME AND RESOURCES
INVESTMENT DECISIONS

ENABLING YOU TO COMPARE YOUR
UNDERSTANDING WITH THE OBJECTIVITY OF EXPERIENCED PROFESSIONALS

High-impact Strategies - What You Need to Know: Definitions, Adoptions, Impact, Benefits, Maturity, Vendors

Topic relevant selected content from the highest rated entries, typeset, printed and shipped. Combine the advantages of up-to-date and in-depth knowledge with the convenience of printed books. A portion of the proceeds of each book will be donated to the Wikimedia Foundation to support their mission: to empower and engage people around the world to collect and develop educational content under a free license or in the public domain, and to disseminate it effectively and globally. The content within this book was generated collaboratively by volunteers. Please be advised that nothing found here has necessarily been reviewed by people with the expertise required to provide you with complete, accurate or reliable information. Some information in this book maybe misleading or simply wrong. The publisher does not guarantee the validity of the information found here. If you need specific advice (for example, medical, legal, financial, or risk management) please seek a professional who is licensed or knowledgeable in that area. Sources, licenses and contributors of the articles and images are listed in the section entitled “References”. Parts of the books may be licensed under the GNU Free Documentation License. A copy of this license is included in the section entitled “GNU Free Documentation License” All used third-party trademarks belong to their respective owners.

Contents
Articles
Deep packet inspection Allot Communications Barracuda Networks Check Point Cisco Systems Front Porch Labris Teknoloji Narus (company) NebuAd Network intelligence Radware Sandvine SonicWALL Stonesoft Corporation Theta Networks Viaedge Network packet Active queue management Paul Baran Berkeley Packet Filter Black hole (networking) Blue (queue management algorithm) Broadcasting (computing) Business Control Layer Catenet Chernobyl packet Christmas tree packet Cisco Express Forwarding Context-based access control Cut-through switching Data Path Acceleration Architecture (DPAA) Data-dependent jitter Datagram Datakit 1 8 10 14 19 28 29 30 33 40 43 46 49 51 54 55 57 62 64 68 69 70 72 73 75 75 76 77 78 79 80 80 81 81

Donald Davies Deterministic jitter Dynamic Packet Transport Fast packet switching Firewall (computing) Frame (networking) Frame check sequence G.8261 Gigapackets GSM 03.48 IPv6 packet Jitter Jumbo frame Jumbogram Lag Link state packet Packet loss Mangled packet Martian packet Maximum segment size Maximum transmission unit Network congestion NIST RBAC model OmniPeek Out-of-order delivery Packet aggregation Packet analyzer Packet Assembler/Disassembler Packet capture Packet concatenation Packet drop attack Packet generator Packet injection Packet segmentation Packet Switch Stream Packet switching Packet telephony Packet transfer delay

83 85 85 86 87 92 93 94 94 95 96 102 108 110 111 113 114 116 116 117 117 122 129 130 132 133 133 135 137 140 140 141 143 144 144 147 151 152

Packet-switched network Packet-switching node PARC Universal Packet Ping (video gaming) Protocol data unit Public switched data network Robust random early detection Raw socket SQLFilter Start Frame Delimiter Statistical time division multiplexing Syncword TCP reset attack Virtual packet

152 159 159 161 162 164 164 166 167 167 168 169 170 172

References
Article Sources and Contributors Image Sources, Licenses and Contributors 173 178

Article Licenses
License 179

Deep packet inspection

1

Deep packet inspection
Deep Packet Inspection (DPI) (also called complete packet inspection and Information eXtraction - IX -) is a form of computer network packet filtering that examines the data part (and possibly also the header) of a packet as it passes an inspection point, searching for protocol non-compliance, viruses, spam, intrusions or predefined criteria to decide if the packet can pass or if it needs to be routed to a different destination, or for the purpose of collecting statistical information. There are multiple headers for IP packets, network equipment only needs to use the first of these (the IP header) for normal operation, but use of the second header (TCP, UDP etc.) is normally considered to be shallow packet inspection (usually called Stateful Packet Inspection) despite this definition.[1] Deep Packet Inspection (and filtering) enables advanced network management, user service, and security functions as well as internet data mining, eavesdropping, and censorship. Although DPI technology has been used for Internet management for many years, some advocates of net neutrality fear that the technology can be used anticompetitively or to reduce the openness of the Internet.[2] DPI is currently being used by the enterprise, service providers and governments in a wide range of applications.[3]

Background
DPI combines the functionality of an Intrusion Detection System (IDS) and an Intrusion Prevention System (IPS) with a traditional stateful firewall.[4] This combination makes it possible to detect certain attacks that neither the IDS/IPS nor the stateful firewall can catch on their own. Stateful firewalls, while able to see the beginning and end of a packet flow, cannot on their own catch events that would be out of bounds for a particular application. While IDSs are able to detect intrusions, they have very little capability in blocking such an attack. DPIs are used to prevent attacks from viruses and worms at wire speeds. More specifically, DPI can be effective against buffer overflow attacks, Denial of Service (DoS) attacks, sophisticated intrusions, and a small percentage of worms that fit within a single packet. DPI-enabled devices have the ability to look at Layer 2 and beyond Layer 3 of the OSI model, in cases DPI can be evoked to look through Layer 2-7 of the OSI model. This includes headers and data protocol structures as well as the actual payload of the message. DPI functionality is evoked when a device looks or takes other action based on information beyond Layer 3 of the OSI model. DPI can identify and classify traffic based on a signature database that includes information extracted from the data part of a packet, allowing finer control than classification based only on header information. End points can utilize encryption and obfuscation techniques to evade DPI actions in many cases. A classified packet can be redirected, marked/tagged (see quality of service), blocked, rate limited, and of course reported to a reporting agent in the network. In this way, HTTP errors of different classifications may be identified and forwarded for analysis. Many DPI devices can identify packet flows (rather than packet-by-packet analysis), allowing control actions based on accumulated flow information.

DPI at the enterprise
Until recently, security at the enterprise was just a perimeter discipline, with a dominant philosophy of keeping unauthorized users out, and shielding authorized users from the outside world. The most frequently used tool for accomplishing this has been a stateful firewall. It can permit fine-grained control of access from the outside world to pre-defined destinations on the internal network, as well as permitting access back to other hosts only if a request to the outside world has been made previously.[5] However, vulnerabilities exist at network layers that are not visible to a stateful firewall. Also, an increase in the use of laptops in the enterprise makes it more difficult to prevent threats such as viruses, worms and spyware from penetrating the corporate network, as many users will connect the laptop to less-secure networks such as home

When an e-mail user tries to send a protected file he may be given information on how to get the proper clearance to send the file.[11] Poor network performance increases customer dissatisfaction and leads to a decline in service revenues. . Service providers say a minority of users generate large quantities of P2P traffic and degrade performance for the majority of broadband subscribers using applications such as email or Web browsing which use less bandwidth. including the application and user layer to help combat those threats. and probably also Embarq. P2P traffic is typically used by applications that do file sharing. Front Porch and Phorm.to access a user's datastream. Decades ago in a legacy telephone environment. and as many of 10% of US customers have been tracked in this way. and at the same time enforce an acceptable use policy. they are able to monitor web-browsing habits in a very detailed way allowing them to gain information about their customers' interests. policy definition and enforcement. DPI allows service providers to "readily know the packets of information you are receiving online—from e-mail. which can be used by companies specializing in targeted advertising. In addition. to websites. Deep Packet Inspection is able to detect a few kinds of buffer overflow attacks.[10] Quality of service Applications such as peer-to-peer (P2P) traffic present increasing problems for broadband service providers. Common uses of DPI by ISPs are lawful intercept.[8] Policies can be defined that allow or disallow connection to or from an IP address.[9] and Wide Open West. including DPI.when directed by a court order . video and software downloads". certain protocols. P2P drives increasing traffic loads. and copyright enforcement. music and videos.Deep packet inspection broadband connections or wireless networks in public locations.[6] 2 DPI at network/Internet service providers In addition to using DPI to secure their internal networks. This can be documents. the UK ISP British Telecom has admitted testing technology from Phorm without their customers' knowledge or consent. Targeted advertising Because ISPs route all of their customers' traffic. may make use of DPI to implement certain policies that cover copyright infringements. and unfair use of bandwidth. quality of service. illegal materials. or even heuristics that identify a certain application or behavior. In some countries the ISPs are required to perform filtering depending on the country's laws. to sharing of music. Lawful interception Service providers are required by almost all governments worldwide to enable lawful intercept capabilities. DPI enabled products that are "LI or CALEA-compliant" can be used . offering tiered services. The acquisition component of this functionality can be provided in many ways. Internet service providers also apply this technology on the public networks provided to customers. requiring additional network capacity. Technology providers include NebuAd. At least 100. Firewalls also do not distinguish between permitted and forbidden uses of legitimately-accessed applications. targeted advertising. US ISPs monitoring their customers include Knology. Due to the frequently large size of media files being transferred. This is not possible in contemporary digital networks. DPI enables IT administrators and security officials to set policies and enforce them at all layers.[7] Policy definition and enforcement Service providers obligated by the service level agreement with their customers to provide a certain level of service.000 US customers are tracked this way. DPI can be used by the enterprise for Data Leak Prevention (DLP). this was met by creating a traffic access point (TAP) using an intercepting proxy server that connects to the government's surveillance equipment.

DPI was one of the platforms essential to meeting this requirement and has been deployed for this purpose throughout the U. was given a court injunction and told it must block its customers from accessing The Pirate Bay. per service. many of these programs are classified. “all-you-can-eat" and "one-size-fits-all” data services. has required that all telecommunication providers. .[14] Instead of prosecuting file sharers one at a time. the FCC adopted new Title 47. Sony BMG. per application.[18] United States FCC adopts Internet CALEA requirements. despite European directive 2000/31/EC clearly stating that ISPs may not be put under a general obligation to monitor the information they transmit and directive 2002/58/EC granting European citizens a right to privacy of communications. a launching point for BitTorrent.[12] This is the approach that service providers use to dynamically allocate bandwidth according to traffic that is passing through their networks. to differentiate "walled garden" services from "value added".[16] The IFPI wants ISPs to filter traffic to remove illicitly uploaded and downloaded copyrighted material from their network. or "all-you-can-eat" rather than a "one-size-fits-all" package. A policy is created per user or user group. governments in North America. The FCC.[13] By being able to charge for a "walled garden". Tele2. Subpart Z. Copyright enforcement ISPs are sometimes requested by copyright owners or required by courts or official policy to help enforce copyrights. Other Vendors claim that DPI is ineffective against P2P and that other methods of Bandwidth Management are more effective. be capable of supporting the execution of a court order to provide real-time communication forensics of specified users. a higher priority can be allocated to a VoIP or video conferencing call which requires low latency versus web browsing which does not.S.[17] Statistics DPI allows ISPs to gather statistical information about usage patterns by user group. Universal Music and Warner Music have begun suing ISPs like Eircom for not doing enough about protecting their copyrights. In 2006. The Motion Picture Association of America (MPAA) which enforces movie copyrights. In 2006. For instance. on the other hand has taken the position with the Federal Communications Commission (FCC) that network neutrality could hurt anti-piracy technology such as Deep Packet Inspection and other forms of filtering. pursuant to its mandate from the US Congress. allowing the user access to different services and applications. 3 Tiered services Mobile and broadband service providers use DPI as a means to implement tiered service plans. Additionally. it might be of interest whether users with a 2 Mbit connection use the network in a dissimilar manner to users with a 5 Mbit connection. the operator can tailor his offering to the individual subscriber and increase their Average Revenue Per User (ARPU).Deep packet inspection DPI allows the operators to oversell their available bandwidth while ensuring equitable bandwidth distribution to all users by preventing network congestion. Access to trend data also help network planning. and in line with the policies of most countries worldwide. rules requiring Internet Access Providers meet these requirements. Europe and Asia use DPI for various purposes such as surveillance and censorship. one of Denmark's largest ISPs. and the DPI system in turn enforces that policy.[15] the International Federation of the Phonographic Industry (IFPI) and the big four record labels EMI. Deep Packet Inspection by governments In addition to using DPI for the security of their own networks. including Internet services.

That relates to intercepting data for the purposes of combating terrorism.' at the end of March."[20] Narus's Semantic Traffic Analyzer software which runs on IBM or Dell Linux servers. or a variety of anti-Communist movements[25] as those materials were signed as DPI sensitive keywords already. reportedly for deep packet inspection.." and thus. by selling it to Perusa [27] Partners Fund 1 LP. Bush and Attorney General Alberto R. 2009. the Dalai Lama.. People within China often find themselves blocked while accessing Web sites containing content related to Taiwanese and Tibetan independence.[24] Chinese network ISPs use DPI to see if there's any sensitive keyword going through their network. The monitoring center that Nokia Siemens Networks sold to Iran was described in a company brochure as allowing 'the monitoring and interception of all types of voice and data communication on all networks.. the German conglomerate. using DPI technology. The DPI is used to find which packets are carrying e-mail or a Voice over Internet Protocol (VoIP) phone call. in the case of VoIP. the system "enables authorities to not only block communication but to monitor it to gather information about individuals. sorting and forwarding more intelligent. China also blocks VoIP traffic in and out of their country. Narus states that such devices are capable of real-time data collection (recording data for consideration) and capture at 10 gigabits per second. to exclude data sources comprised primarily of domestic data. Falun Gong. a capability that most if not all telecom companies have. phone number. he said. a joint venture Siemens AG.com.. the Finnish cellphone company.[22] The Defense Information Systems Agency has developed a sensor platform that uses Deep Packet Inspection.. the Tiananmen Square protests and massacre of 1989. in 2008 from Nokia Siemens Networks (NSN).' The joint venture exited the business that included the monitoring equipment. with no notification provided to either participant in the conversation. According to unnamed experts cited in the article. "the designers of the . the connection will be cut. China also blocks visual media sites like YouTube. and political dissent.[19] Traffic associated with AT&T’s Common Backbone was "split" between two fibers. Voice traffic in Skype is unaffected. The secure room contained Narus traffic analyzers and logic servers. According to Marcus’s affidavit. with cooperation from AT&T has used Deep Packet Inspection technology to make internet traffic surveillance. Roome said. the diverted traffic "represented all. Roome. dividing the signal so that 50 percent of the signal strength went to each output fiber. and messages containing sensitive material. This material includes pornography. are simply not delivered. although text messages are subject to DPI.[26] Iran The Iranian government purchased a system. NSN "provided equipment to Iran last year under the internationally recognized concept of 'lawful intercept. as well as alter it for disinformation purposes.[21] President George W. He said the company determined it was no longer part of its core business. according to a report in the Wall Street Journal in June. If so. drug trafficking and other criminal activities carried out online. or substantially all.' said Mr. Gonzales have asserted that they believe the president has the authority to order secret intercepts of telephone and e-mail exchanges between people inside the United States and their contacts abroad without obtaining a FISA warrant. One of the output fibers was diverted to a secure room." The system was purchased by the Telecommunication Infrastructure Co.. of AT&T’s peering traffic in the San Francisco Bay area. child pornography. IP address or. Mr.Deep packet inspection The National Security Agency (NSA).[23] 4 China The Chinese government uses Deep Packet Inspection to monitor and censor network traffic and content that it claims harmful to Chinese citizens or state interests. Certain traffic was selected and sent over a dedicated line to a "central location" for analysis. quoting NSN spokesperson Ben Roome. and Nokia Corp. According to the Journal. a Munich-based investment firm. in terms of location or position of the fiber split. and various photography and blogging sites. information on religion. part of the Iranian government's telecom monopoly. what it called 'intelligence solutions.. configuration made no attempt." . the other carried communications on to AT&T’s switching equipment. political parties that oppose that of the ruling Communist party. such as curse-words. sorts through IP traffic at 10Gbit/s to pick out specific messages based on a targeted e-mail address.

New York City. The Washington Post. Retrieved 2010-02-01. lightreading. . [11] "Deep Packet Inspection: Taming the P2P Traffic Beast" (http:/ / www. "Global technology trends and national regulation: Explaining Variation in the Governance of Deep Packet Inspection. "The End of the Internet?" (http:/ / www. com/ landing/ op1.Added and Tiered Service Packages" (http:/ / news. "Ball State uses Deep Packet Inspection to ensure videoconferencing performance" (http:/ / www. itbusinessedge. Money Central. . 15–18 February 2009" (http:/ / userpage. Thomas Porter (2005-01-11). computerworld. including The Washington Times. com/ insider/ details.-based analyst and Cato Institute Adjunct Scholar. "the 'Net was built on open access and non-discrimination of packets!"[32] Critics of network neutrality rules. Retrieved 2008-03-03.[35] The open source community offers a wide array of options for performing deep packet inspection functions. web censorship or Internet filtering capability to Iran. com/ ticker/ article.289142. priv. Isenberg. . call them "a solution in search of a problem" and say that net neutrality rules would reduce incentives to upgrade networks and launch next-generation network services. do?command=viewArticleBasic& taxonomyId=16& articleId=9036959& intsrc=hm_topic). [4] Ido Dubrawsky (2003-07-29). Retrieved 2006-02-06.Deep packet inspection The NSN system followed on purchases by Iran from Secure Computing Corp. Paper presented at the International Studies Annual Convention. php/ essays/ just-deliver-the-packets/ ).Deep Packet Inspection" (http:/ / www. com/ infocus/ 1817). html). PACE includes obfuscated/encrypted protocols like Skype or encrypted BitTorrent. de/ ~bendrath/ Paper_Ralf-Bendrath_DPI_v1-5." and reviewed censorship of the Internet and other media in the country. International Studies Association. html). D. com/ articles/ culture/ Deep-packet-inspection-meets-net-neutrality.org community [36] References [1] Dr. securityfocus. [6] Michael Morisy (2008-10-23). . [12] Matt Hamblen (2007-09-17). but did not mention DPI. securityfocus. . Chris Lewis (2009). Retrieved 2008-05-14. . Retrieved 2006-02-06. Office of the Privacy Commissioner of Canada. com/ action/ article. . "Deep Packet Inspection meets 'Net neutrality. [3] Ralf Bendrath (2009-03-16).C. [2] Hal Abelson. meanwhile. charter. IT Business Edge. . com/ wp-dyn/ content/ article/ 2008/ 04/ 03/ AR2008040304052. fu-berlin. "The Perils of Deep Packet Inspection" (http:/ / www. ars). [10] Peter Whoriskey (2008-04-04). thenation.[29] NSN has issued the following denial: NSN "has not provided any deep packet inspection. [13] "Allot Deploys DPI Solution at Two Tier 1 Mobile Operators to Deliver Value. Retrieved 2008-03-03. SearchNetworking. Retrieved 2008-03-02. specifically saying that Mr. washingtonpost. 2008-02-05. Computer World. The Nation. ars technica. com/ doc/ 20060213/ chester). . Light Reading. [5] Elan Amir (2007-10-29).[28] Questions have been raised about the reporting reliability of the Journal report by David Isenberg. Retrieved 2008-03-02. html)."[30] A concurrent article in The New York Times said the NSN sale had been covered in a "spate of news reports in April [2009]. pdf). techtarget. msn.[7] saying for example. aspx?Feed=PR& Date=20080205& ID=8139811& Symbol=ALLT). . CALEA" (http:/ / arstechnica. "Firewall Evolution . Security Focus. [9] "Charter Communications: Enhanced Online Experience" (http:/ / connect. com/ infocus/ 1716). earlier in the decade. com/ item/ ?ci=35275). . moneycentral.com. . [8] Jeff Chester (2006-02-01). Ottawa" (http:/ / dpi. ca/ index. an independent Washington.[31] 5 DPI and net neutrality People and organizations concerned about privacy or network neutrality find inspection of the content layers of the Internet protocol to be offensive. in: "Essays on Deep Packet Inspection". Retrieved 2008-03-02. . gc. . a comprehensive list is maintained by the dPacket. "Just Deliver the Packets. asp?sku_id=1221& skuitem_itemid=957).[33] Software Opendpi[34] is the open source version for non obfuscated protocols. Retrieved 2008-04-08. com/ news/ article/ 0. Ken Ledeen. [7] Nate Anderson (2007-07-25). Security Focus. had similar complaints with one of the same Journal reporters himself in an earlier story. "Every Click You Make: Internet Providers Quietly Test Expanded Tracking of Web Use to Target Advertising" (http:/ / www. "Data leak prevention starts with trusting your users" (http:/ / searchnetworking. "The Case for Deep Packet Inspection" (http:/ / www.00. Retrieved 2010-01-08. Retrieved 2010-01-08.sid7_gci1335767. Roome is denying the quotes attributed to him and that he.

com/2011/02/08/ what-is-deep-packet-inspection-and-why-the-controversy/) • White Paper "Deep Packet Inspection – Technology. Retrieved 2008-03-03. Matt Blaze. Retrieved 2008-03-12. com/ global/ Press/ Press+ releases/ news-archive/ Provision+ of+ Lawful+ Intercept+ capability+ in+ Iran. html). Cybertelecom. com/ news. 2009. Isenberg. htm). dpacket. [29] "Questions about WSJ story on Net Management in Iran" (http:/ / www. Retrieved 2008-03-12. . .138599-c.ranum. [18] Carolyn Duffy Marsan (2007-06-27).registration required (http://www. [27] http:/ / www. de/ english/ who_we_are. Retrieved 2008-03-12. networkworld. [25] "Internet Filtering in China in 2004-2005: A Country Study" (http:/ / www. html).Deep packet inspection Retrieved 2008-03-03. Ph. .com/security/computer_security/editorials/deepinspect/) • A collection of essays from industry experts (http://dpi. Retrieved 2008-03-03. cybertelecom. com/ wp-dyn/ content/ article/ 2006/ 01/ 06/ AR2006010601772. ars) [36] (https:/ / www. The Washington Post.Domestic Action's Legality Challenged" (http:/ / www. June 22. com/ article/ SB124562668777335653. Retrieved 2008-06-26. The New York Times. Retrieved 2008-03-03. . nytimes. Nelson. org/ group-posts/ open-source-software-general-discussion/ open-source-software-related-deep-packet-inspect) 6 External links • Test Methodology . Network World. "Network Neutrality: Insufficient Harm" (http:/ / www. "OEM provider Bivio targets government market" (http:/ / www. crypto. [17] Anne Broach (2007-07-19). Retrieved 6/22/09. com/ science/ discoveries/ news/ 2006/ 05/ 70914). Retrieved 2008-10-30. . com/ 8301-10784_3-9746938-7. infoworld.sites/ article. . html). wired. "Report Rebuts Bush on Spying . html) by David S. "Risking Communications Security: Potential Hazards of the Protect America Act" (http:/ / www. Retrieved 6/22/09. cybertelecom. [20] Bellovin. Retrieved 2008-03-13. "Eircom and BT won't oppose music firms" (http:/ / www.gc. pdf). html).breakingpointsystems. . "Deep Security: DISA Beefs Up Security with Deep Packet Inpection of IP Transmissions" (https:/ / www. Whitfield Diffie. IEEE Security and Privacy (IEEE Computer Society) 6 (1): 24–33. Retrieved 6/23/09. com/ technology/ content/ jan2006/ tc20060112_434051. Susan Landau.. [32] Genny Pershing. [30] "Provision of Lawful Intercept capability in Iran" (http:/ / www. Business Week. perusa-partners. Retrieved 6/22/09. doi:10. org/ ) [35] Deep packet inspection engine goes open source (http:/ / arstechnica. ""Year of filters" turning into year of lawsuits against ISPs" (http:/ / arstechnica. html). 2009. Retrieved 2008-03-13.ca/) • What Is Deep Packet Inspection and Why the Controversy (http://netequalizernews. Retrieved 2008-03-03. ENN. pcworld.io/?p=9) • What is "Deep Inspection"? (http://www. June 23. CNET News. html). [34] Opendpi (http:/ / www. [24] Ben Elgin and Bruce Einhorn (2006-01-12). html) by Christopher Rhoads in New York and Loretta Chao in Beijing. enn. com/ article/ 08/ 02/ 13/ Danish-ISP-prepares-to-fight-Pirate-Bay-injunction_1. Leonnig (2007-01-07). opendpi. php [28] "Iran's Web Spying Aided By Western Technology" (http:/ / online. news. "Danish ISP prepares to fight Pirate Bay injunction" (http:/ / www. com/ blog/ 2009/ 06/ questions-about-wsj-story-on-net. html?_r=1& hp) by Brian Stelter and Brad Stone. [14] Jeremy Kirk (2008-02-13). [15] Matthew Clark (2005-07-05). . 2007-10-18. Retrieved 2008-03-12. "Network Neutrality: Historic Neutrality" (http:/ / www.D. com/ newsletters/ isp/ 2007/ 0625isp1. Steven M.2008. dpacket. . [26] "China Blocks YouTube. Retrieved 2008-03-03. Cybertelecom. . June 22.1109/MSP. org/ articles/ deep-security-disa-beefs-security-deep-packet-inpection-ip-transmissions). I. html). [19] J. Retrieved 2008-06-26. htm#his). ars/ post/ 20080311-year-of-filters-turning-into-year-of-lawsuits-against-isps. com/ papers/ paa-ieee. PC World. "How the NSA warrantless wiretap system works" (http:/ / www.blog. ie/ frontpage/ news-9617239. org/ ci/ neutral. Wired.inputoutput. Peter G. [33] Genny Pershing. isen. html). June 22. [16] Eric Bangeman (2008-03-11). . washingtonpost. Retrieved 2008-03-13. Open Net Initiative. htm) Company press release. The Wall Street Journal. nerdylorrin. and Jennifer Rexford (January/February 2008). com/ 2009/ 06/ 23/ world/ middleeast/ 23censor. Neumann. "The Great Firewall of China" (http:/ / www.ipoque. businessweek. Restores Flickr and Blogspot" (http:/ / www. . [23] Cheryl Gerber (2008-09-18). [31] "Web Pries Lid of Iranian Censorship" (http:/ / www. . ars technica. 2009.com/ resources/white-papers/) . isen. opennetinitiative. Applications & Net Neutrality" (http://www. org/ ci/ neutral. wsj. (2006-09-26). net/ jerry/ politics/ Warrantless/ WarrantlessFACTS. 2009. [22] Carol D. IDG News Service.priv. "MPAA: Net neutrality could hurt antipiracy tech" (http:/ / www. net/ studies/ china/ ).com/resources/ resiliency-methodologies/dpi-resiliency-methodology) • Subverting Deep Packet Inspection the Right Way (http://www. nokiasiemensnetworks. com/ article/ id. [21] Robert Poe (2006-05-17). htm#ins).17. "The Ultimate Net Monitoring Tool" (http:/ / www. . . com/ open-source/ news/ 2009/ 09/ deep-packet-inspection-engine-goes-open-source.

mudynamics.com/products/mu-test-suite/ scale-testing.savetheinternet.com/ • Deep Packet Inspection puts its stamp on an evolving Internet (http://advancedtca-systems.com/t2/latest-news/ best-of-web?task=videodirectlink&id=9042) .Deep packet inspection • Egypt's cyber-crackdown aided by US Company (http://therealnews.com/ deep-stamp-an-evolving-internet/) • Validate DPI policy using real applications (http://www.DPI technology used by Egyptian government in recent internet crackdown • http://www.html) 7 .

JAFCO Investment.com [2] Allot Communications (NASDAQ: ALLT [1].[5] Jacoby previously founded Armon Networking. including: Genesis Partners. from several venture capital funds. BancBoston Capital. which was sold to Bay Networks for $33m in 1996. and the company began trading publicly on the Nasdaq Global Market under the ticker symbol ALLT. Bandwidth optimization US$ 56.[5] By 2004 Allot raised $38 million.97 million (2010) US$ 5. a manufacturer of RMON-based network management solutions. Gemini. QoS Solutions.[4] Corporate history Allot Communications was founded in 1996. TASE: ALLT [3]) is a provider of IP service optimization solutions for service providers. and Tamar Technology Ventures. This ranking represented revenue growth of nearly 1900% in a year's time. by Michael Shurman and Yigal Jacoby.allot. Allot solutions use deep packet inspection (DPI) technology to change broadband pipes into smart networks offering complete network visibility. Communication systems 1996 Key people CEO: Rami Hadar. application control and subscriber management.[5] In 2006.Allot Communications 8 Allot Communications Allot Communications Type Industry Founded Public (NASDAQ: ALLT [1] ) Technology. in several rounds of funding. following an IPO which raised $78m. carriers and enterprises. Jerusalem Venture Partners. CTO: Jay Klein VP Operations: Pini Gvili Products Revenue Net income Networking. Walden Israel. Deloitte & Touche named Allot the fourth fastest growing company on its Israel Technology Fast 50 list.76 million (2010) Employees 400 Website www.[7] .[6] In November 2003. who served as chief executive and chairman until 2006. Rami Hadar appointed President and Chief Executive Officer.

com/ doc/ 1G1-18165625.[8] • In January 2008 Allot Acquired Esphion. html). so that value-added Internet services can be rapidly deployed. [5] Dar. Allot's portfolio of hardware platforms and software applications employs Deep Packet Inspection (DPI) technology to turn broadband pipes into smart networks. September 24. co. htm). in Nasdaq listing" (http:/ / www. March 24.com. Combines Teams and Technologies to Form Solid Base for Continued Growth. 2009). asp?articleID=2128). The Marker. highbeam. allot. service providers.[4] References [1] http:/ / quotes. Light Reading. TMCnet. il/ TASEEng/ Management/ GeneralPages/ SimpleSearchResult. Richard (March 17. Avi (November 17. Zuri (25-08-2004). The Jerusalem Post.[9] Products Allot provides intelligent IP service optimization solutions for DSL. External links • Allot Communications (http://allot. highbeam. a provider of network application priority switches (NAPS). com/ ivcWeeklyItem. 2008. html). Allot solutions are also used to support the need of service providers to charge more from heavy users of peer-to-peer. "Allot Communications wraps up $8 million financing round" (http:/ / www. 2002.Allot Communications 9 Acquisitions • In September 2002 Allot acquired NetReality. 2006). com/ doc/ 1G1-92808325. nasdaq. [6] "Bay Networks acquires Armon Networking" (http:/ / www. htm?objectId=& objectType=& securityType=& searchTerm=ALLT [4] Grigonis. and enterprises. Business Wire. [9] "Allot Acquires Esphion" (http:/ / www. VoIP and Video applications. [7] Krawitz. tmcnet. January 3. 1996. asp?symbol=ALLT& selected=ALLT [2] http:/ / www. lightreading. "Allot raises $78m. tase. com/ [3] http:/ / www. Israel Business Today.com) . in order to enhance its quality of service (QoS) and bandwidth management solutions. com/ document. "Allot Communications' Sigma Service Gateway" (http:/ / www. ivc-online. asp?doc_id=142343). a New Zealand based developer of network protection solutions for carriers and internet service providers. com/ asp/ SummaryQuote. html). [8] "Allot Communications Acquires NetReality. encyclopedia. com/ channels/ bandwidth-management/ articles/ 52408-allot-communications-sigma-service-gateway. wireless broadband carriers." (http:/ / www. com/ doc/ 1P1-131347725.

trojans. California.Barracuda Networks 10 Barracuda Networks Barracuda Networks Type Industry Founded Private Telecommunication 2003 Headquarters Campbell. web hackers and instant messaging threats such as spam. Google. load balancing. spyware. IM firewalls. Netscreen. and Yahoo!.[6] On January 29. Sequoia Capital had previously provided financing to Cisco Systems. its proprietary and dynamic list of known spam servers. it closed its first outside investment of $40 million from Sequoia Capital and Francisco Partners.[14] . Load balancers. Web filters.[8] In December 2008. Backup solutions. backup services and data protection. for free and public use in blocking spam at the gateway. California.[4] and opened an office in Ann Arbor. Inc.[9] Soon after opening BRBL many IP addresses got blacklisted without apparent reason and without any technical explanation.[10] [11] [12] [13] As of October 2009. Michigan. SSL VPNs. The company’s security products include solutions for protection against email. networking and storage solutions based on appliances and cloud services.[3] In 2007 the company moved its headquarters to Campbell. in July 2008 Barracuda launched a countersuit against Trend Micro claiming Trend Micro violated several antivirus patents Barracuda Networks had acquired from IBM.barracudanetworks. Email Archivers.000 customers. and viruses. application delivery controllers. Web Site Firewalls.[7] In addition to providing samples of prior art in an effort to render Trend Micro's patent invalid. the company launched the BRBL (Barracuda Reputation Block List). Barracuda Networks was sued by Trend Micro over their use of the open source anti-virus software Clam AntiVirus. CudaTel PBX Employees Website 500-1000 www.[2] Barracuda Networks was established in 2003 and introduced the Barracuda Spam and Virus Firewall. Barracuda had over 85. web surfing.[5] In January 2006.com [1] Barracuda Networks. which Trend Micro claimed to be in violation of their patent on 'anti-virus detection on an SMTP or FTP gateway'. NG Firewalls. United States Key people Dean Drako (CEO) Michael Perone (CMO) Zach Levow (CTO) Products Spam Firewalls. message archiving. 2008. is a privately held company providing security. The company's networking and storage solutions include web filtering. NG firewalls.

and Windows system states.[26] • NG Firewall . allowing the company to introduce Secure Sockets Layer (SSL) Virtual Private Network (VPN) products to perform malware scans on files uploaded during a VPN session to network file shares or internal Web sites. content security.Barracuda Networks 11 Products • Spam and virus firewall . and network access control into one platform that is centrally managed across multiple distributed enterprise network locations.[16] • Web filter . Barracuda added message-level backup for Microsoft Exchange and Novell GroupWise. Barracuda Networks acquired controlling interest in phion AG. a VOIP Private branch exchange designed for IT administrators. to optimize and aggregate internet connections from different providers. a software as a service (SaaS) company offering cloud based web filtering and security. integrating Barracuda Backup Service with Yosemite Backup. and to control web surfing.Announced in September 2008. remote access. the company launched its secure sockets layer virtual private network product to provide secure.[29] In November 2008. including [24] In January 2009.In October 2003. a open-source project sponsored by Barracuda Networks. on-site backup with data deduplication and off-site data replication for disaster recovery.[30] In November 2008.[19] • Message archiver . for securing Web applications for large enterprises and to address regulation compliance such as PCI DSS. an Austria-based public company delivering enterprise-class firewalls.In November 2006. Barracuda Networks acquired Yosemite Technologies to add software agents for incremental backups of applications such as Microsoft Exchange Server and SQL Server.[17] • IM Firewall .[27] • CudaTel Communication Server (PBX) . and safe web surfing. Barracuda Networks acquired Purewire Inc.Announced in February 2008. Barracuda announced the release of CudaTel. Barracuda Networks launched the Purewire Web Security Service which is a software as a service offering for Web filtering.[22] • Link Balancer . Barracuda Networks acquired NetContinuum.[34] .In November. the company introduced message archiving to index and preserve emails.[25] • Purewire Web Security Service .In November 2008. layer 7 application profiling.[21] • Web Application Firewall .[28] Acquisitions In September 2007.Launched in September 2005 to protect and archive instant messaging content. in conjunction with its acquisition of Purewire.In February 2010. Barracuda announced its spam and virus firewall plug-in appliance. Barracuda Networks acquired 3SP. The firewalls integrate web and email filtering.[23] • Backup services .[18] • Load balancer .[33] In October 2009.[20] • SSL VPN . Barracuda announced its NG Firewalls to protect enterprise network infrastructures.In July 2007. CudaTel features FreeSWITCH.In April 2005.[32] September 2009.[15] In June 2008. Barracuda launched a spam and virus firewall for large enterprises and ISPs.in August 2010. NG Firewalls are available both as hardware or as a virtual appliance and include wide area network traffic optimization. the company introduced a load balancing appliance for high availability distribution of network traffic across multiple servers. Barracuda Networks expanded into cloud-based backup services by acquiring BitLeap. a company providing application controllers to secure and manage enterprise web applications. 2008. formerly Tapeware. the company introduced its web filtering appliance to prevent spyware and viruses from gathering and transmitting user data. the company announced a service to back up data in the cloud.[31] In January 2009. intrusion prevention.In October 2009. and to meet legal and regulatory compliance. clientless.

com/ [2] Company Product Page. ars/ post/ 20080702-barracuda-bites-back-at-trend-micro-in-clamav-patent-lawsuit. informationweek. Yosemite (http:/ / www. html) [33] Silicon Valley Business Journal Barracuda Networks takes controlling interest in phion (http:/ / sanjose. com/ usa/ story. computerworld. triumf. community-newspapers. html) [26] Channel Insider Barracuda Acquires Cloud Security Vendor Purewire (http:/ / www. pcworld. com/ blog/ main/ archives/ 2008/ 11/ barracuda_swims. com/ news. com/ article/ 158462/ backup_merger_unites_barracuda_yosemite. com/ news/ networking-equipment/ floor-boxes/ new-ssl-vpn-announced-18881252/ ) [22] eChannelline Barracuda puts bite on SMB Web application controller (http:/ / www. linux. isp-planet. scmagazineus. com/ usa/ brief.Barracuda Networks 12 References [1] http:/ / www. html. shtml) [6] NetworkWorld Barracuda attracts $40 million in venture investment (http:/ / www. shtml) [5] Crain's Detroit Business Silicon Valley firm picks Ann Arbor for office (http:/ / www. ca/ barracuda-problems. cfm?item=23340) [17] InformationWeek Barracuda Rolls Out Spyware-Blocking Appliance (http:/ / www. com/ ns/ news_and_events/ index. html) [24] Information Week Barracuda Swims Into The Cloud (http:/ / www. eweek. html) [34] Atlanta Business Chronicle Barracuda buys Purewire Inc. linux. com/ archive/ articles/ 155880) [10] http:/ / andrew. com/ news/ 2006/ 011106-barracuda. bizjournals. isp-planet. computerworld. html) [15] ComputerWorld Barracuda Networks launches antispam appliance line (http:/ / www. com/ s/ article/ 104909/ Security_Log?taxonomyId=017) [19] IT & Security Portal Barracuda Networks Launches Barracuda Load Balancer (http:/ / www. bizjournals. com/ equipment/ 2008/ barracuda+ link+ balancer. ars/ post/ 20080129-barracuda-defends-open-source-antivirus-from-patent-attack. com/ barracuda-networks-buys-netcontinuum/ article/ 35669/ ) [30] InformationWeek Barracuda Swims Into The Cloud (http:/ / www. com/ news. infosecurity-magazine. bizjournals. com/ blog/ main/ archives/ 2008/ 11/ barracuda_swims. com/ ns/ products/ ) Barracuda Networks.jsessionid=OVGGXQ5J5OOQHQE1GHPCKH4ATMY32JVN) [31] Eweek Barracuda Networks Breaks into SSL VPN Space (http:/ / www. com/ 2009/ 10/ 13/ barracuda-swallows-purewire-as-it-becomes-a-bigger-fish-in-web-based-security-services/ ) [4] The Campbell Reporter Barracuda Networks sinks its teeth into site on Winchester Boulevard (http:/ / www. Retrieved 2010-02-10.jsessionid=XDFD2WAXZBEB3QE1GHPCKH4ATMY32JVN) [25] PCWorld Backup Merger Unites Barracuda. com/ atlanta/ stories/ 2009/ 10/ 19/ story7. com/ news/ security/ vulnerabilities/ showArticle. heyvan.com Barracuda offers a new alternative to Spamhaus (http:/ / www. com/ equipment/ 2007/ barracuda_message_archiver. com/ view/ 7138/ barracuda-moves-into-distributed-firewall-technology/ ) [28] Barracuda Networks Launches CudaTel – New VoIP PBX Based on the Open Source FreeSWITCH Project (http:/ / www. Yosemite (http:/ / www. html) [9] Linux. html?fsrc=rss-virusworms) [7] Ars Technica Barracuda defends open-source antivirus from patent attack (http:/ / arstechnica. comms-express. informationweek. it-observer. [3] VentureBeat Barracuda swallows Purewire as it becomes a bigger fish in web-based security services (http:/ / venturebeat. barracudanetworks. html?ana=from_rss) . pcworld. barracudanetworks. (http:/ / www. (http:/ / www. com/ 2008/ 11/ 06/ barracudacentral-another-blacklist-black-hole/ [13] http:/ / community. com/ sanjose/ stories/ 2009/ 10/ 12/ daily19. html. com/ article/ 158462/ backup_merger_unites_barracuda_yosemite. jhtml?articleID=160902103) [18] ComputerWorld Security Security Log (http:/ / www. com/ c/ a/ Security/ Barracuda-Networks-Breaks-Into-SSL-VPN-Space-for-Small-Business/ ) [32] PC World Backup Merger Unites Barracuda. com/ archives/ campbellreporter/ 20070323/ business2. echannelline. com/ c/ a/ Security/ Barracuda-Acquires-Cloud-Security-Vendor-Purewire-559167/ ) [27] InfoSecurity Barracuda moves into distributed firewall technology (http:/ / www. com/ archive/ ?module=comments& func=display& cid=1204572 [12] http:/ / steve. html) [20] ISP Planet Barracuda's Message Archiver (http:/ / www. community-newspapers. com/ barracuda-networks-launches-barracuda-load-balancer. com/ archives/ campbellreporter/ 20070323/ business2. com/ sanjose/ stories/ 2009/ 09/ 28/ daily9. html [11] http:/ / www. spiceworks. cfm?item=15073) [23] ISP Planet Barracuda Networks' Link Balancer (http:/ / www. echannelline. com/ topic/ 32502 [14] San Jose Business Journal Barracuda Networks buys Purewire (http:/ / sanjose. informationweek. barracudanetworks. channelinsider. html) [8] Ars Technica Barracuda bites back at Trend Micro in ClamAV patent lawsuit (http:/ / arstechnica. networkworld. php?nid=368) [29] SCMagazine Barracuda Networks buys NetContinuum (http:/ / www. com/ s/ article/ 86007/ Barracuda_Networks_launches_antispam_appliance_line?taxonomyId=086) [16] eChannelline Barracuda launches Spam Firewall for large enterprises (http:/ / www. html) [21] Comms Express New SSL VPN Announced (http:/ / www.

com/ns/products/) • CudaTel .com) • Barracuda Networks company Products page (http://www.Barracuda Networks 13 External links • Barracuda Networks corporate website (http://www.Barracuda Networks PBX/Phone System (http://www.cudatel.barracudanetworks.barracudanetworks.com) .

com [3] Products Check Point Software Technologies Ltd. Marius Nacht (currently serving as Vice Chairman) and Shlomo Kramer (who left Check Point in 2003 to set up a new company – Imperva. security. Texas area. Ontario area. The company's development centers are located in Israel. Sweden (Former Protect Data development centre) and in Belarus.checkpoint. including network security. in Redwood City.097. Gil had the initial idea for the company’s core technology known as stateful inspection. (NASDAQ: CHKP [1]) is a global provider of IT security solutions.8 million (2010) [2] 2. History Check Point was established in 1993. UTM-1.Check Point 14 Check Point Check Point Software Technologies Ltd. Founded in 1993 in Ramat-Gan. Check Point Integrity. at the age of 25. SofaWare www. The company also has offices in the United States. markets and supports a wide range of software and combined hardware and software products that cover all the aspects of IT security. Israel. which became the foundation for the company’s first product (simply called FireWall-1). Security appliances. VPN-1. soon afterwards they also developed one of the world’s first . endpoint security. Today the company develops. Web Application Security Revenue Net income Employees Subsidiaries Website US$ $1. as well as in Canada in the Ottawa. Endpoint. Chairman & CEO Marius Nacht. Israel (before May 2007: Ramat Gan) Key people Gil Shwed. together with two of his friends. Founder FireWall-1. where he serves as President and CEO). Founder. California and in the Dallas. Check Point today counts approximately 2. by the company’s current Chairman & CEO Gil Shwed. Type Public NASDAQ-100 component NASDAQ: CHKP IT security Computer software Computer hardware [1] Traded as Industry Founded 1993 Headquarters Tel Aviv.300 employees worldwide.9 million (2010) US$ $452. Check Point first pioneered the industry with FireWall-1 and its patented stateful inspection technology. Intrusion prevention systems. data security and security management. California (ZoneAlarm). Best known for its firewall and VPN products.200 (2010) ZoneAlarm.

UTM-1.000 was provided by BRM Group. multi-domain security management. managed service providers.[10] In 1998. and Integrated Appliance Solutions platforms. and a VPN client. IPsec VPN. the U. full disk encryption.g. Antivirus. Check Point started acquiring other IT security companies. with a portfolio of 11 management software blades including event analysis. or on Check Point’s own line of appliances which includes Safe@Office. • Security Management . These products are deployed as software on x86 based servers or appliances. The security policies for networked endpoints can be centrally managed from a single location via the Endpoint Policy Management Software Blade product. and tablet PCs. which runs on VMware ESX and ESXi. set policy and apply protections across the entire security infrastructure from a single interface. removable media encryption. URL filtering. Check Point established a successful partnership with Nokia. . anti-spyware. [5] [6] Initial funding of $600. culminating in the acquisition of Nokia’s network security business unit in 2009. enterprises. network access control. IP Appliances. By February 1996. allowing remote access of the corporate network via a VPN connection. Data Loss Prevention and Application Control. • Mobile Security .[11] by 2000 the company became the world’s leading provider of VPN solutions (in terms of market share).Allows administrators to manage events. Anti-spam. I/O port protection (e.S.The Security Gateway VE product for virtual environments.the Check Point Mobile Access software product provides secure access to corporate resources via a SSL VPN portal for devices such as laptops.Data security solutions focus on securing data throughout the stages of the data lifecycle. • Virtualization Security . VPNs.deployed as a single security agent that combines firewall. • Data Security . Intrusion Prevention.Check Point VPN products (VPN-1). Check Point Document Security focuses on protecting data-in-use. California. Check Point raised $67 million from its initial public offering on NASDAQ. The Check Point Abra USB device provides a secure virtual desktop for Microsoft Windows machines. antivirus. and telecommunications carriers: • Network Security .[12] 15 Products Check Point offers the following primary solutions and product lines.[4] During the 2000s. mobile phones. and device provisioning. secures virtual machines and applications via either hypervisor integration using the VMSafe API. A separate product called VPN Power-1 VSX can host multiple virtual security gateways on a single machine. correlation.[7] The company’s first commercial breakthrough came in 1994 when Check Point signed an OEM agreement with Sun Microsystems. a venture capital fund established by brothers Eli and Nir Barkat (who on November 11. access controls. head office was established in Redwood City. and also contains encrypted storage for confidential data.[4] Shwed developed the idea while serving in the Israel Defense Forces. either from technology partners like Crossbeam and Hewlett-Packard. UTM-1 Edge. 2008 was elected as mayor of Jerusalem).[4] followed by a distribution agreement with HP in 1995. USB).[8] The same year.[9] In June 1996. Solutions are based on the Software Blade architecture. Media Encryption and Port Control secure data-at-rest on endpoints. just over 10 years after first establishing the partnership with Nokia. and the DLP security gateway product secure data-in-motion and data-in-use. the company was named worldwide firewall market leader by IDC with a market share of 40 percent. Mobile Access. which bundled Check Point’s Software with Nokia’s computer Network Security Appliances. which are sold to small and medium businesses (SMBs). • Endpoint Security . Full Disk Encryption. where he worked on securing classified networks.Check Point's core business has historically focused on network security components including Firewall. Power-1. or as a VMware network appliance.

[25] In 2009. Bogner sought court approval to file a shareholder derivative suit. a data security startup company based in Boston. the holding company for PointSec Mobile Technologies. but later lost the appeal.[23] Relations between Check Point and the SofaWare founders went sour after the company acquisition in 2002. Etay Bogner. was acquired in April 2009. which owns 60% of Sofaware. in a cash deal valued at $586m in late 2006. which includes Bogner. for $205 million in cash and shares. the company started selling the Safe@Office / Safe@Home line of security appliances. with a 38% revenue market share. in 2003. As part of the settlement it acquired the SofaWare shares held by Bogner and Ruppin. was acquired in June 2010. has behaved belligerently.1 million in alleged damage to SofaWare.[13] In 2011. under the Check Point brand. Check Point settled all litigation relating to SofaWare.Check Point 16 Acquisitions • SofaWare Technologies. as a cooperation between Check Point and SofaWare's founders.[19] but later withdrew its offer after it became clear US authorities would try to block the acquisition. makers of the ZoneAlarm personal firewall software.[13] • Zone Labs. has veto power to prevent SofaWare from taking any decision of which he disapproves.[12] • Privately held Liquid Machines. to the small business. anti-virus and more. Protect Data acquired Reflex Software.[21] By the fourth quarter of 2002.[18] In 2005.[16] • NFR security. co-founder of SofaWare scored a legal victory over Check Point. Adi Ruppin and Etay Bogner. with the purpose of extending Check Point's success in the enterprise market. the Tel Aviv District Court Judge ruled that Bogner SofaWare could sue Check Point by proxy for $5. resulting in SofaWare becoming a wholly owned subsidiary.[13] The court ruled that the three founders could not individually exercise their veto power. but only as a group and by majority rule. consumer and branch office market. sales of SofaWare's Safe@Office firewall/VPN appliances skyrocketed.[22] In 2002. Check Point tried to acquire intrusion prevention system developers Sourcefire for $225 million. the Israeli Supreme Court ruled that a group of founders of SofaWare. "The Company's vision is to take this enterprise-strength technology and make it as simple to use and as affordable as possible without detracting from its quality. According to SofaWare's co-founder Adi Ruppin.[24] Bogner claimed that Check Point. following its failed plan to acquire the larger IPS vendor Sourcefire. for $20 million in late 2006. claiming Check Point was not transferring funds to SofaWare as required for its use of SofaWare's products and technology.[26] . and withheld monies due for use of SofaWare technology and products[24] Check Point appealed the ruling. and SofaWare held the #1 revenue position in the worldwide firewall/VPN sub-$490 appliance market. content filtering. in January 2002 (partial acquisition).[13] His derivative suit was ultimately approved and Check Point was ordered to pay SofaWare NIS 13 million for breach of contract.[15] Prior to their acquisition by Check Point.[20] SofaWare Legal Battle SofaWare Technologies was founded in 1999. "[21] In 2001. One of the key aspects of this effort has been the creation of a management system designed to enable service providers or value added resellers to lift the burden of security management from the end users while at the same time delivering additional services such as automatic security and software updates. an intrusion prevention system developer. and began a process of acquiring the remaining shares.[17] • Nokia Security Appliances division. SofaWare began selling firewall appliances under the SofaWare S-Box brand.[14] • Protect Data.[13] In 2004.[13] In 2006.

Worldwide Market Share of 40 Percent Represents Significant Lead in Providing Enterprise Network Security Solutions. Founder and Managing Director of SofaWare. [18] Check Point Acquires Data Security Startup Liquid Machines (http:/ / www. Retrieved 2008-10-12. nasdaq. Retrieved 2008-10-13. html). Chairman & CEO. Research Policy 36 (9): Research Policy. html). by Berislav Kucan . 15. encyclopedia. [14] "Check Point Software Technologies to Acquire Zone Labs" (http:/ / www. com/ asp/ SummaryQuote. Retrieved 2008-10-12. 2003-12-15. com/ press-release/ Check-Point-Acquires-Data-Security-Startup-Liquid-Machines-NASDAQ-CHKP-1273411. com/ press/ 2009/ check-point-completes-nokia-acquisition-041309. 18 . [16] "Protect Data acquires Reflex Software Limited to extend product portfolio" (http:/ / www. haaretz. businessweek. Retrieved 2009-07-01. "CIO 20/20 Honorees--Innovator's Profile: Gil Schwed of Check Point Software Technologies Ltd" (http:/ / www. htm) [19] "Check Point and Sourcefire to Explore Alternative Business Relationship" (http:/ / www. Oct 1. Gil Shwed. com/ press/ 2006/ nfrsecurity121906. [11] Press Release . [13] Roth. com/ press/ 2006/ sourcefire032306. 2006-11-02. 1999. com/ science?_ob=ArticleURL& _udi=B6V77-4PTN8PN-1& _user=10& _rdoc=1& _fmt=& _orig=search& _sort=d& _docanchor=& view=c& _searchStrId=1085105296& _rerunOrigin=google& _acct=C000050221& _version=1& _urlVersion=0& _userid=10& md5=3cf69059540492454dd362317b553b2f). 1995.Tuesday. checkpoint. Retrieved 2009-04-13. Nov. html). David. Expands Intrusion Prevention Capabilities to Fortify Enterprise Networks" (http:/ / www. checkpoint. html). com/ press/ 2003/ zonelabs121503. Tracy. securityfocus. . [20] "Check Point calls off Sourcefire buy" (http:/ / www. sciencedirect.October 19. ). cio. Haaretz. encyclopedia. Dan. org/ article. com/ doc/ 1G1-17461605. htm). "CheckPoint Software and HP sign distribution agreement.Check Point Certified Master Architect References [1] http:/ / quotes.Check Point Certified Security Expert CCSE+ .September 25." (http:/ / www. [17] "Check Point to Acquire NFR Security. retrieved 2009-11-09 [8] Company Press Release. asp?symbol=CHKP& selected=CHKP [2] "Check Point Software Facts @ A Glance" (http:/ / www. CIO (http:/ / books. Nurit (26-11-09). php?id=361) [22] Check Point bolsters new firewall appliance. html). html). "CheckPoint Software Named Firewall Market Share Leader by IDC. checkpoint.Check Point Certified Security Expert Plus CCMSE . . . 2006-11-20. 2002 [7] Wallace. Marcia.Check Point Certified Managed Security Expert CCMA . Business Week . "MOVERS & SHAKERS: Eli Barkat: Making Push More Polite -.February 5. CRN. [9] Press Release. [12] "Check Point Completes Acquisition of Nokia Security Appliance Business" (http:/ / www. "Etay Bogner bests Check Point in court once again" (http:/ / www. checkpoint. Check Point Software Tech (http:/ / www. com/ news/ 11382). 2006-03-23.Check Point 17 Certification Check Point has a long-running history of training and certification on their products. 1999. including the following: • • • • • • CPCS . checkpoint. com/ print-edition/ business/ etay-bogner-bests-check-point-in-court-once-again-1. Business Wire . . sciencedirect. Retrieved 2008-10-12. checkpoint. com/ news/ channel-programs/ 18836954/ gil-shwed-chairman-ceo-check-point-software-tech. com/ books?id=MA0AAAAAMBAJ& lpg=PA76& dq=Gil Shwed& pg=PA76#v=onepage& q=Gil Shwed& f=false). html). 2009-04-13. net-security. com/ science?_ob=ArticleURL& _udi=B6V77-4PTN8PN-1& _user=10& _rdoc=1& _fmt=& _orig=search& _sort=d& _docanchor=& view=c& _searchStrId=1085105296& _rerunOrigin=google& _acct=C000050221& _version=1& _urlVersion=0& _userid=10& md5=3cf69059540492454dd362317b553b2f). com/ [4] Mayor. [10] Breznitz. crn. . .and Ready for Prime Time" (http:/ / www. html). [21] Interview with Adi Ruppin. com/ ebiz/ 9912/ em1201. checkpoint.December 1. Retrieved 2008-10-12. "Industrial R&D as a national policy: Horizontal technology policies and industry-state co-evolution in the growth of the Israeli software industry" (http:/ / www. com/ press/ 2006/ pointsec112006. [5] Savage. Retrieved 2008-10-12. checkpoint." (http:/ / www. 2002. 21 January 2003. p. 2001. com/ corporate/ facts. 2006-03-24. com/ press/ pointsec/ 2006/ 11-02. market-leading FireWall-1 solution now available through HP and its reseller channel. Business Wire . 2006-12-19. .Check Point Certified Specialist CCSA .com. google. . (http:/ / www. 3385).Check Point Certified Security Administrator CCSE . Business Wire . 2001. com/ article/ 31405/ CIO_20_20_Honorees_Innovator_s_Profile_Gil_Schwed_of_Check_Point_Software_Technologies_Ltd. marketwire. 1996. [15] "Check Point Announces a Cash Tender Offer to Acquire Protect Data" (http:/ / www. [6] Gil Shwed. htm). com/ doc/ 1G1-17461605. 07. CIO Magazine October 1. [3] http:/ / www.. Network World Dec 17. html). "Check Point Software & Nokia Expand Partnership" (http:/ / www. .

themarker. "Sofaware founder cleared to sue Check Point for $5. com/ press/ 2003/ infonetics031203. נ‬ ‫)הנדל‬ [26] Check Point 20-F SEC filing. com/ economy-finance/ sofaware-founder-cleared-to-sue-check-point-for-5-1-million-1. . 186085). 2011 18 External links • Corporate website (http://www. 2006). Oded (April 25. 2850/08 ‫ עא‬CHECK POINT SOFTWARE TECHNOLOGIES LTD ‫'נ' איתי בוגנר )עליון. checkpoint. ח' מלצר. Ha'aretz. א' רובינשטיין. [25] Israeli Supreme Court. html) [24] Arbel.Check Point [23] Check Point Software Stakes Claim in Small Business Internet Security Space Company Duplicates Market-leading Enterprise Success in Sub-$490 Appliance Segment (http:/ / www.com/) .1 million" (http:/ / english.checkpoint. Retrieved 14 June 2010.

09 billion (2011) [4] US$ 47. Security Datacenter List of Cisco Products Revenue Operating income Net income Total assets Total equity Employees Subsidiaries Website [4] US$ 43. California.25 billion (2011) [5] 70. (NASDAQ: CSCO [1]. voice.49 billion (2011) [4] US$ 87. Inc. VOIP. Chambers (Chairman & CEO) Networking Device Network Management Cisco IOS and NX-OS Software Interface and Module Optical networking Storage area networks Wireless.21 billion (2011) [4] US$ 7. and communications technology and .com] Headquarters Area served Key people Products Cisco Systems.67 billion (2011) [4] US$ 6. that designs and sells consumer electronics.cisco. networking. California (1984) Len Bosack Sandy Lerner Richard Troiano [2] [3] San Jose.com www. California.Cisco Systems 19 Cisco Systems Cisco Systems. United States Worldwide John T.cisco. Inc. SEHK: 4333 [6]) is a multinational corporation headquartered in San Jose. Type Traded as Public NASDAQ: CSCO [1] Dow Jones Industrial Average Component S&P 500 Component Industry Founded Founder(s) Computer networking San Francisco. Telepresence.700 (2011) List of acquisitions [www.

[8] In 1988. with a market capitalization of more than US$500 billion. Bosack adapted multiple-protocol router software originally written some years before by William Yeager. For Cisco's first product. 2006. later joined by Richard Troiano. due to lower than expected profit. presidential honor to recognize companies "for the exemplary quality of their relationships with employees and communities". Cutting as many as 10. 70% of which was committed to their own charity. cut annual expenses by $1 billion in July 2011. Lerner moved on to direct computer services at Schlumberger. NASDAQ 100 Index and the Russell 1000 Growth Stock Index.03 billion.[12] [13] In July 2009.[21] [22] a U. On August 28.000 jobs that would be eliminated by the end of August 2011. 1990.000 employees and annual revenue of US$ 40. upon hearing the news.Cisco Systems services. and is also included in the S&P 500 Index. Cisco commonly stays on top of Fortune "100 Best Companies to work for". the company went public (with a market capitalization of $224 million) and was listed on the Nasdaq stock exchange.000 employees with an early-retirement program who accepted buyout and 7. a married couple who worked as computer operations staff members at Stanford University.[7] 20 Corporate history Len Bosack and Sandy Lerner. another Stanford employee who later joined Sun Microsystems. The company's first CEO was Bill Graves.400 total employees before curtailment.0 billion as of 2010. On February 16.[9] it was one of the first to sell commercially successful routers supporting multiple network protocols. Cisco System Inc.[17] However. Cisco's largest routers are primarily used to deliver IP packets.[14] it is still one of the most valuable companies.[10] As the Internet Protocol (IP) became widely adopted. The name "Cisco" was derived from the city name. Lerner was fired.S.[11] In late March 2000. founded Cisco Systems in 1984. at the height of the dot-com boom. and succeeded in 1995 by John Chambers. Cisco has more than 70. her husband Bosack resigned in protest. Cisco was the most valuable company in the world. John Morgridge was appointed CEO. 2009. One of the many buildings on the Cisco Systems campus in San Jose While Cisco was not the first company to develop and sell a router. most notably IP phones and Telepresence are frequently sighted in movies and TV series [20] The company itself and its history was featured in the documentary film Something Ventured which premiered in 2011. the importance of multi-protocol routing declined. The couple walked away from Cisco with $170 million. it has built its Globalization Centre East in Bangalore for $1 billion and 20% of Cisco's leaders will be based there. San Francisco. with position #20 in 2011 [23] . Cisco introduced a new logo that was created in collaboration with Joe “Phenom” Finocchiaro and Jerry “The King” Kuyper. 1990. Cisco was a 2002-03 recipient of the Ron Brown Award. The company cut around 3. with a market cap of about US$108.000 jobs means around 14 percent of the 73. who held the position from 1987 to 1988. which is why the company's engineers insisted on using the lower case "cisco" in the early days. the Russell 1000 Index. moving full time to Cisco in 1987. Today.[15] On September 7.[18] [19] Media and Awards Cisco products.[16] As part of the company's overseas strategy. The stock was added to the Dow Jones Industrial Average on June 8.

a start-up company located in Petaluma. and only the acquisition of Scientific Atlanta has been larger. 2011. Cisco acquired Linksys in 2003. Several acquired companies have grown into $1Bn+ business units for Cisco. WebEx. entitlement and content delivery systems. TelePresence. Call Center systems.[24] Several acquisitions. switches. During the Internet boom in 1999. including LAN switching. became a key stakeholder in e-Skills Week.[29] • IP NGN (Next Generation Networks): High-end routing and switching for fixed and mobile service provider networks. security systems. HealthPresence. a product design consulting firm that helped develop Cisco's Flip video camera. In March 2011. Storage Networking and Cloud services. Data Centre Switching. Cisco Group.[34] [35] . This move did not go well and on April 12. Unified Communications. In 1995-1996 the company completed 11 acquisitions. It was the most expensive acquisition made by Cisco to date. energy and building management systems and media aware networks. wireless systems. Small Business and the Home. were the biggest deals in the industry when they occurred. which form the basis for how Cisco approaches each market. • Corporate market: Enterprise networking and Service Providers • Borderless networks: for their range of routers. Cisco bought Starent Networks (a mobile technology company) and Moto Development [25] Also in 2010.[32] Voice and conferencing solutions: VOIP phones and gateway-systems. Cisco announced they were discontinuing all Flip camera production.[30] • Small businesses[31] • • • • • Routers and switches Security and surveillance: IP cameras. Unified Fabric. Enterprise social networks and Mobile applications[28] • Datacenter and Virtualization: Unified Computing. Enterprise Voice over Internet Protocol (VOIP).video conferencing Cisco also attempted to enter consumer market with a line of video recording devices dubbed "Flip". and home networking. Cisco completed the acquisition of privately held network configuration and change management solutions company Pari Networks. It will no longer carry the making of Flip cameras. such as Stratacom. • Broadband: cable modems • Cisco ūmi . video conferencing Wireless: WiFi Access points Network storage systems • Home user[33] • Linksys product line of access points.Cisco Systems 21 Acquisitions Cisco acquired a variety of companies to bring in products and talent into the company. California. switches etc. In the recent merger deals. for about US$7 billion. The solutions for each market are segmented into Architectures. data and network security solutions etc. WAN acceleration.[26] Products and services Cisco's current portfolio of products and services is focused upon three market segments – Enterprise and Service Provider. broadcast video contribution/distribution.[27] • Collaboration: IP video and phones. the company acquired Cerent Corporation.

6900 series) • Cisco Application Control Engine (ACE): Application Delivery Controller • Routers. 2500 Series. Cisco acquired Tandberg. 9900 series. Cisco Manufacturing Mobile Video Collaboration with Librestream. Hardware • Datacenter products: Nexus Switches (1000v.Cable/IP . 4000. 7942. 7000).[36] These are: • • • • • • Borderless Networks Collaboration Data Center and Virtualization IP NGN (Next Generation Networks) Small Business Consumer Under these architectures. PIX 500 series A Cisco ASM/2-32EM router deployed at CERN in 1987. 12000. ASR Series and CRS-1 and CRS-3 • Cisco Security Manager • Security appliances: ASA 5500. and introduce new products and features in order to provide a complete set of capabilities in each area. Cisco Catalyst 6500 Series • Collaboration systems such as Cisco TelePresence. 3600 Series. 7965. Cisco Catalyst 3000 Series. as opposed to focussing on discussions around products. 1000 Series. 5000. 8900 series. Cisco intends to gradually knit together its various products. MDS. the world leader in Telepresence systems[39] • VOIP: Wireless IP Phone 7920 • CLEO: Low Earth Orbit router • Cisco Wireless LAN • Cisco Cius: a new Android-based collaboration tablet • Cisco Wide Area Application Services (WAAS) • Set Top Boxes (High Definition PVRs). • Unified Computing: Cisco Unified Computing System (UCS) virtual server platform: with VMWare [38] virtualization system run servers on Cisco hardware • Catalyst switches: Cisco Catalyst 2900 Series. Catalyst 4500. 2000.Cisco Systems 22 Architectures In an effort to allow their sales team to have more business-focused conversations with customers. including: 837. Cisco announced a new focus around six ‘Architectures’ in 2009. 7600. Unified Computing System (UCS) • Flip pocket camera (Discontinued in April 2011[37] ) • Cisco SPA500 Series IP Phones • Linksys SPA900 Series IP Phones • Cisco Unified IP Phones (7945.

[41] Network Emergency Response The company maintains several Network Emergency Response Vehicles (NERV)s which are staffed by Cisco employees during natural disasters and other public crises. deployed to incidents such as the October 2007 California wildfires. UPC. Cisco received the Innovation Preparedness award from the American Red Cross. Ike. NERVs are normally stored at Cisco facilities in San Jose.Cisco Systems 23 Software • • • • • • • • • • • • • • • • • • Internetwork Operating System NX-OS Cisco Active Network Abstraction Cisco Fabric Manager Cisco AnyConnect Secure Mobility Client Cisco Systems VPN Client CiscoView Data Center Management and Automation .8-meter satellite antenna. and is now moving into the home user market through its acquisitions of Scientific Atlanta and Linksys. hurricanes Gustav. and Cisco Webex Meeting Center. Linksys has partnered with companies such as Skype and Yahoo to integrate consumer VoIP services with wireless and cordless phones. Cisco Unified Mobility. California and Research Triangle Park. North Carolina for strategic deployment in North America and are capable of being [42] [43] The NERV has been fully operational within 15 minutes of arrival.[45] . Scientific Atlanta provides VoIP equipment to cable service providers such as Time Warner. network based video surveillance and secured high definition video conferencing for leaders and first responders in crisis areas with up to 5 Mbps of bandwidth via a 1. Cisco Unified Contact Center. and others. Hosted Collaboration Solution Cisco partners can now offer cloud-based services based on Cisco's virtualized Unified Computing System (UCS). Cisco Unity Connection (unified messaging). A part of the Cisco Unified Services Delivery Solution. voice over IP. Rogers Communications. it will include hosted versions of Cisco Unified Communications Manager (UCM). [44] In 2011. Cisco NAC Appliance Cisco Eos Packet Tracer. Cisco Unified Presence. didactic network simulator Cisco Network Magic Pro Cisco Unified Communications Manager Cisco IP Communicator Cisco Quad Cisco Security Manager WebEx Collaboration Tools VoIP services Cisco became a major provider of Voice over IP to enterprises. Cablevision. the 2010 San Bruno gas pipeline explosion. and Katrina. and tornado outbreaks in North Carolina and Alabama in 2011. running for 72 hours continuously. Silicon Valley Chapter for it's development and use of these vehicles in disasters.Cisco Intelligent Automation [40] CiscoWorks Network Management software Clean Access Agent. The vehicles are self contained and provide wired and wireless services including voice and radio interoperability.

journalist Sarah Stirland accuses Cisco of marketing its technology "specifically as a tool of repression. its directors. British born Peter Alfred-Adekeye. Multiven filed an antitrust lawsuit[55] [56] [57] [58] [59] [60] against Cisco Systems. in an effort to open up the network maintenance services marketplace for Cisco equipment.[47] Intellectual property disputes On December 11. the Brazilian Federal Police and Brazilian Receita Federal (equivalent to the American IRS) under the "Persona Operation" uncovered an alleged tax fraud scheme employed by Cisco Systems since 2002 that exempted the company from paying over R$1. Criticisms and controversy Shareholder Relations A class action lawsuit filed on April 20. with hacking and pressured the US government to extradite him from Canada where he was giving evidence against Cisco in an anti-trust hearing. There are five levels of certification: Entry. Design. and Wireless. 2001 accused Cisco of making misleading statements that "were relied on by purchasers of Cisco stock" and of insider trading. Cisco responded by accusing the person who filed the anti-trust suit. Routing & Switching. and recently Architect. Cisco says that it does not customize or develop specialized or unique filtering capabilities to enable governments to block access to information and that it sells the same equipment in China as it sells worldwide. Cisco settled this lawsuit by complying with FSF licensing terms and making a monetary contribution to the [49] FSF. who oversaw the extradition hearing. the newly introduced Service Provider Operations.5 billion (US$824 million) in taxes. 2006. Multiven's complaint alleges that Cisco harmed Multiven and consumers by bundling and tying bug fixes/patches and updates for its operating system software to its maintenance services (SMARTnet) and through a series of other illegal exclusionary and anticompetitive acts designed to maintain Cisco's alleged monopoly in the network maintenance services market for Cisco networking equipment." Tax fraud investigation On October 16. the Free Software Foundation filed suit against Cisco regarding Cisco's failure to comply with the GPL and LGPL license models and make the applicable source code publicly available. Cisco and other telecommunications equipment providers supplied the Chinese government with surveillance and Internet infrastructure equipment that is used to block Internet websites and track Chinese on-line activities.75 million to settle the suit.[50] According to author Ethan Gutmann. Service Provider. Censorship in China Cisco has been criticized for its involvement in censorship in the People's Republic of China. promote competition and ensure consumer choice and value. 2009.[53] [54] Antitrust lawsuit On December 1. Expert.[52] In her article.[51] Wired News had uncovered a leaked. Voice. Canadian Judge Ronald McKinnon. 2008." He also condemned the US . Storage Networking. Cisco's liability insurers. 2008. Associate. stated the real reason for the extradition proceedings was because Alfred-Adekeye "dared to take on a multinational giant. Network Security. on August 18. and officers paid the plaintiffs US$91. 2007. confidential Cisco powerpoint presentation that details the commercial opportunities of the Golden Shield Project of Internet control.[46] While Cisco denied all allegations in the suit. as well as eight different paths.Cisco Systems 24 Cisco Career Certifications Cisco Systems also sponsors a line of IT Professional certifications for Cisco products. Professional.[48] On May 20. Inc.

com/ press-release-content?type=webcontent& articleId=456320). [26] "Cisco Completes Acquisition Of Pari Networks (Started By Former Cisco Execs)" (http:/ / www. Retrieved 2010-08-14. GM in Dow" (http:/ / online.S. visited 27 Feb 2011 . com/ doc/ 1G1-108316480. html). "The History of Cisco" (http:/ / www. Forbes. nasdaq. Retrieved 2010-10-15. html). cgi?f=/ c/ a/ 2006/ 05/ 05/ BUC200MARKETCAP. hkex. com/ 2011/ 03/ 02/ cisco-completes-acquisition-of-pari-networks-started-by-former-cisco-execs/ ). pbs. brighthub. Retrieved 2008-11-13.org. networkworld. 1997-08-25.Bloomberg (http:/ / www.[62] [63] Notes [1] http:/ / quotes. Retrieved 21 December 2009. . . htm). asp?symbol=CSCO& selected=CSCO [2] "Cisco Reports Fourth Quarter and Fiscal Year 2011 Earnings" (http:/ / newsroom. [14] Cisco Systems Summary (http:/ / finance. html). . 2011-08-10. com/ cgi-bin/ article. aspx). [18] Cisco to cut costs and jobs as profit stalls (http:/ / news. Cisco Systems. com/ article/ SB124386244318072033. forbes. half-truths and falsehoods" adding "This speaks volumes for Cisco's duplicity" and accused them of "unmitigated gall" in using such a heavy-handed move as an unsupportable arrest and jailing to pressure Alfred-Adekeye to drop or settle his civil antitrust complaint. . com/ node/ 17414206). . 2011). BSTR083. com/ cisco/ web/ UK/ about/ tvmovies. cnn. html). [17] "The other elephant" (http:/ / www. com/ news/ story/ cisco-pushes-past-microsoft-market/ story. html) [20] http:/ / www. . The Indian Express. html). com/ computing/ enterprise-security/ articles/ 65663. com/ q?s=csco& d=t) [15] Fost. Retrieved 2011-08-10. com/ ie/ daily/ 20000326/ ibu26043. expressindia. Retrieved 2007-01-25. March 1. Dan (2006-05-05). Retrieved 2011-09-03. [4] "Cisco Reports 2011 Earnings" (http:/ / newsroom. html [24] Garza. NetworkWorld. Inc). com/ en/ US/ netsol/ ns1015/ products. hk/ eng/ invest/ company/ quote_page_e. Retrieved 2009-06-02. us/ cisco-logo). html). cisco. com/ dlls/ corp_093003. com/ dlls/ 2004/ hd_061404. sfgate. [5] "News@Cisco -> Corporate Overview" (http:/ / newsroom. icmrindia. aspx?guid={FA6BADEF-05F2-4169-ADDA-12E9D17C4433}).us. com/ dlls/ corpinfo/ corporate_overview. " Cisco Buys Moto – no. html#~24 [21] Highbeam Research website Presidential Award For Corporate Leadership Presented to Cisco Systems (http:/ / www. famouslogos. Retrieved on 2009-01-04. Interview. com/ opinion/ displaystory. marketwatch. economist. The Economist. for stating that Alfred-Adekeye had left the USA in a time period when he had not and a formal request for extradition was not filed against Alfred-Adekeye when he was taken into custody. html). Retrieved Jan 28. com/ news/ 2011-07-11/ cisco-may-cut-about-5-000-jobs-in-august-gleacher-analyst-says. FamousLogos. com. yahoo. html). com/ s/ ap/ 20110511/ ap_on_hi_te/ us_earns_cisco) [19] Cisco Said to Plan Cutting Up to 10. . techcrunchit. [25] By Jim Duffy. 2010-04-15. [12] "Cisco pushes past Microsoft in market value" (http:/ / www. [3] "A special report on innovation in emerging markets: The world turned upside down" (http:/ / www. NerdTV. 2000-03-25. . Retrieved 2007-01-25. 2011-08-10. not that Moto (http:/ / www. bloomberg. [8] "Cisco's Acquisition Strategy" (http:/ / www. CBS Marketwatch. html?hpg1=bn). San Francisco Chronicle. cisco. cisco. yahoo. (2009-06-01). com/ asp/ SummaryQuote. highbeam." May 18. org/ cringely/ nerdtv/ transcripts/ 013. Wall Street Journal (Dow Jones & Company. Cringely. com/ news/ 2010/ 051810-cisco-acquires-moto. com/ magazines/ fortune/ bestcompanies/ 2011/ snapshots/ 20. TechCrunch. June 14. 2000-03-25. Transcript | PBS" (http:/ / www. January 2004. . [10] Cisco claim of first multi-protocol router. Retrieved 2011-08-19. com/ forbes/ 1997/ 0825/ 6004058a_2. cfm?story_id=15879369). cisco. [13] "Cisco replaces Microsoft as world's most valuable company" (http:/ / www. [27] Cisco website Borderless network products (http:/ / www. . Reuters. html). Pbs. visited 10 Apr 2011 [23] http:/ / money. George (Jan 9. [9] "I. cisco. . visited 10 Apr 2011 [22] Cisco News website Cisco Systems Receives Presidential Award for Corporate Leadership (http:/ / newsroom. . 2010. Judge McKinnon described the information provided by Cisco and the US prosecutor as "full of innuendo. DTL). . The Evolution of Access Routing (http:/ / newsroom. Retrieved 2007-01-25.Cisco Systems prosecutor for hiding the fact that Alfred-Adekeye was in legal proceedings against Cisco Systems. asp?WidCoID=4333& WidCoAbbName=& Month=& langcode=e [7] Browning. Cisco Replace Citi. wsj. org/ casestudies/ catalogue/ Business Strategy2/ BSTR083. cisco. [16] "Cisco Logo: Design and History" (http:/ / www. . [11] "Does Pink Make You Puke?" (http:/ / www. . cisco.[61] 25 Intimidation Cisco has been reported as using intimidation tactics in several news reports. 2011. 2010-11-04. economist. E. "Chron 200 Market capitalization" (http:/ / www. com/ press-release-content?type=webcontent& articleId=456320). 2011.000 Jobs to Buoy Profit . 2004. "Travelers. Retrieved June 28. Cisco Systems. [6] http:/ / www. Case Studies In Business Strategy (ICMR) IV: 2. 2011. The Economist.

Cisco Systems [28] Cisco website Collaboration products and services (http:/ / www. . March 13. Sarah (2008-05-20). techtarget. Retrieved 2007-01-25. com/ sanjose/ stories/ 2006/ 08/ 14/ daily75. com/ watch?v=V1L7pgotdEo) [46] Cisco Systems. techtarget. 2010-07-02. [38] Cisco website Products and Services on Unified Computing (http:/ / www. close Cisco System's offices in São Paulo. 2008-12-04. Jon Paula. com/ en/ US/ partner/ netsol/ ns537/ networking_solutions_solution_category. [35] ""World According to Jon" video about discontinuation" (http:/ / www. com/ news?article_id=12). com/ news/ article/ 0. crn. org/ news/ 2008-12-cisco-suit). . com/ en/ US/ netsol/ ns1007/ products. CNET. UCStrategies. catholic. Cisco Can Deliver Its Own 911" (http:/ / www. Retrieved 2008-12-02. Retrieved 2008-12-01.. com/ threatlevel/ 2008/ 05/ leaked-cisco-do/ ).Cisco Tactical Operations‬‫ . pbs. NetworkWorld. wral.. Press release. cisco. 2007-10-17. 2007-10-16. (2006-08-18). com/ articles/ ap/ 2007/ 10/ 17/ business/ LA-FIN-Brazil-Cisco. Inc. . Inc. networkworld. . . . [57] "Cisco Accused Of Monopoly In Antitrust Lawsuit" (http:/ / www. providing phone and video communications according to the National Incident Management System. Silicon Valley/San Jose Business Journal. lightreading. ChannelWeb. html). [48] Free Software Foundation (December 11. php?id=41037). visited 27 Feb 2011 [39] "Tandberg product inquiry page". html?track=sy540). 2006-08-18. bizjournals. . wired. youtube. [36] Post on IT Knowledge Exchange Cisco internal memo: changes to sales strategy and channel org (http:/ / itknowledgeexchange. networkworld. . org/ news/ 2009-05-cisco-settlement.‏‬YouTube (http:/ / www. Retrieved 2007-01-25." (http:/ / multiven. cisco. Tandberg. . techrepublic. com/ en/ US/ products/ ps10265/ index. Retrieved 2008-11-13. Retrieved 2007-10-16. com/ blog/ networking/ cisco-nerv-the-ultimate-first-responder-vehicle/ 581) [45] ‪2011 Innovative Preparedness . html). 2008-12-02. fsf. . cisco. visited 6 April 2011 [37] "Cisco gives Flip video biz the boot" (http:/ / news. WRAL. com/ news/ 2007/ 101607-cisco-brazil-arrests. "FSF Settles Suit Against Cisco" (http:/ / www. Rio de Janeiro" (http:/ / www. Press release. com/ networking/ 212201523). cisco. [44] Cisco NERV: The ultimate first responder vehicle | TechRepublic (http:/ / www. [55] "Multiven Sues Cisco" (http:/ / www. visited 06 Apr 2011 [31] Products for small businesses (http:/ / www. html). .289142. cisco. com/ 8301-30686_3-20053075-266. [53] "Cisco offices raided. cisco. "Cisco Leak: ‘Great Firewall’ of China Was a Chance to Sell More Routers" (http:/ / www. (2008-12-01). fsf. visited 26 Feb 2011 [30] Cisco website on IP Next-Generation Networks (http:/ / www. visited 27 Feb 2011 [29] Cisco website on Datacenter products (http:/ / www. archive. com/ news-analysis/ cisco-launches-hosted-collaboration-solution. lightreading. cnet. ucstrategies. html). 2011. cisco. [50] "FRONTLINE: the tank man: the struggle to control information | PBS" (http:/ / www. html) on company website. com/ cisco/ web/ solutions/ small_business/ products/ index. com/ en/ US/ products/ ps6505/ Products_Sub_Category_Home.sid96_gci1341067. April 12. com/ community/ node/ 35852). html). Cisco. . John (2006-02-15). NetworkWorld. aspx). "Multiven Files Antitrust Lawsuit Against Cisco Systems. [47] "Cisco resolves class action lawsuit" (http:/ / sanjose. html). iht. Retrieved 2011-08-21.org." [43] [providing phone and video communications according to the National Incident Management System "Cisco Network Emergency Response Vehicle at a glance"]. org/ technology/ story. [40] http:/ / www. Retrieved 2008-12-02. . . "Cisco Shareholder Class Action Lawsuit Resolved" (http:/ / newsroom. SearchITChannel. com/ gov/ 2006/ 02/ cisco_testimony_before_house_i. html). . . com/ gov/ 2006/ 02/ cisco_testimony_before_house_i. "Cisco Testimony Before House International Relations Subcommittee" (http:/ / web. Press release. html) on 2006-12-06.com. March 12. com/ document. Inc. 2011. [56] "Net maintenance provider sues Cisco over allegedly monopolistic SMARTnet" (http:/ / www. asp?doc_id=168775). Retrieved 2007-10-17. 2008-12-01. Retrieved 2009-06-27. html). cisco. Retrieved 2008-12-02. php). com/ business/ legacy_local_tech_wire/ news/ video/ 2285408/ #/ vid2285408). "Free Software Foundation Files Suit Against Cisco For GPL Violations" (http:/ / www.00. [54] "Brazilian tax authorities raid. Retrieved 2007-01-25. html [41] "Cisco Launches Hosted Collaboration Solution" (http:/ / www. 2008-12-01. visited 25 Feb 2011 [32] SME Products and services (http:/ / www. cisco. com/ cisco/ web/ solutions/ small_business/ products/ security/ index. com/ en-us/ home) on company website. Retrieved 2009-01-04.visited 27 Feb 2011 [34] "Catholic Online Statement about Flip Camera" (http:/ / www. 2011. html). cisco. com/ networkhub/ cisco-internal-memo-changes-to-sales-strategy-and-channel-org/ ). com/ dlls/ 2006/ corp_081806. Cisco Systems. Pbs. org/ wgbh/ pages/ frontline/ tankman/ internet/ ). youtube.com. . [52] Stirland. CatholicOnline. "Like a good neighbor. Cisco Systems is now ready to help communities in need of disaster assistance with emergency communications capability. visited 27 Feb 2011 [33] Cisco Home products (http:/ / home. 26 . [42] "In a Disaster. [49] Free Software Foundation (May 20. Archived from the original (http:/ / blogs. org/ web/ 20061206095153/ http:/ / blogs. Press release. com/ en/ US/ netsol/ ns1007/ products. Retrieved 2008-12-04. [59] "Cisco Systems hit with antitrust lawsuit" (http:/ / searchitchannel. html). [58] Multiven. 2009). Retrieved 2009-05-20. cisco. Inc. Press release. . html?page=1). . 2008). executives arrested in Brazil: reports" (http:/ / www. [51] Earnhardt. com/ watch?v=SVhxp4F_qD8).

xhtml) at Hoover's Cisco Systems (http://www.com/?sym=CSCO) SEC filings at EDGAR Online Cisco Systems (http://www. J.com/videos/cisco-systems/) (Videos) Business data • • • • • • Cisco Systems (http://finance. • Bunnell. ISBN 1-84112-087-1. K. ISBN 0-471-41425-5. fiercetelecom.cisco.com/finance/stocks/overview?symbol=CSCO) at Reuters Cisco Systems (http://google. [61] "Cisco charged with duplicity" (http:/ / www. nwsource. .allvoipnews. D.am/) • USA Today Q&A with CEO John Chambers (http://www. ISBN 0-06-018887-1. by Stanford students of iinnovate (http://iinnovate. Wiley. Prima Lifestyles. html).com) • VoIP for business Cisco (http://www.google. • Paulson. Nothing but Net Business the Cisco Way. Cisco Unauthorized: Inside the High-Stakes Race to Own the Future. the contest which was the main reason to build the AKS-team and start generating ideas (http://power-idea.html) • AKS-Innovations team ~ Find out more about Cisco I−Prize. Wiley. • Stauffer.yahoo.html) • Cisco Systems vs. D. (2001). Further reading • Bunnell.htm) -Broken • Interview with former CEO. S.hoovers. . [62] Duffy. 27 [63] "Cisco Rivals Woo Users With Price Cuts. Retrieved 5 June 2011.com/news/2010/ 060710-tech-argument-cisco-juniper.Armenia (http://netacad. (2001).com/web/mobile/index. Retrieved 5 June 2011. "Cisco resorting to intimidation tactics" (http:/ / www. Juniper Networks (http://www. (2000).edgar-online.usatoday.html)) • Cisco Networking Academy . (2001).com/q?s=CSCO) at Yahoo! Finance Cisco Systems (http://www. uk/ 2011/ 06/ 03/ cisco_charged_with_duplicity/ ). (2003). channelregister. (2001). co.gov/cgi-bin/browse-edgar?action=getcompany&CIK=858877) SEC filings at the Securities and Exchange Commission . Network World. ISBN 0-471-35711-1.com) ( Mobile (http://www. networkworld.com/ 2007/12/john-morgridge. E. fiercetelecom.Cisco Systems [60] "Lawsuit: Cisco blocks outsider gear maintenance" (http:/ / www. com/ story/ lawsuit-cisco-blocks-outsider-gear-maintenance/ 2008-12-03).blogspot. Inside Cisco: The Real Story of Sustained M&A Growth. Bloomberg. J.reuters.cisco. 2 June 2011.com/money/compnies/ 2007-03-18-cisco-advice-usat_N. R. • Young. Less ‘Intimidation’" (http:/ / seattletimes. ISBN 3-478-35995-3. (2002). ISBN 0-7615-2775-3. com/ html/ businesstechnology/ 2015242310_btcisco06. .com//--ID__13494--/free-co-factsheet. HarperCollins.com/finance?q=CSCO) at Google Finance Cisco Systems (http://finance. John Morgridge. & Brate. Die Cisco Story (in German). ISBN 0-471-00833-8. . Making the Cisco Connection: The Story Behind the Real Internet Superpower. External links • Official website (http://www. • Slater. D. John Chambers and the Cisco Way: Navigating Through Volatility. Retrieved 2008-12-03. 2008-12-03. Wiley.networkworld.sec. Wiley. Jim (2 June 2011). A. The Eye of the Storm: How John Chambers Steered Cisco Through the Technology Collapse. • Waters. com/ community/ blog/ cisco-resorting-intimidation-tactics). Moderne Industrie.brand.

. "A Seat on the Front Porch" (http:/ / www. Founder and Chief Technology Officer. PR Newswire. com/ columns/ article. Headquarters Sonora. Derek Maxson. [5] Stone. Multichannel News. aspx). a provider in Massillon. com/ NewsRoom/ News/ 2010/ NR-2010-06-14. Front Porch technology enables an Internet Service Provider (ISP) to insert its own messages to be presented to users as they use their web browsers. com/ html/ ff012808.com (http://www.com/) . References [1] http:/ / www. USA Key people Website Jim Owen. multichannel. FreeFi Networks' provides ad-supported Internet access throughout John Wayne Airport in Orange County. Type Founded Founder(s) Privately held Company 1998 Zach Britton. Asia and Emerging Markets = Online advertising www. php/ 3587581). Ohio. Front Porch also creates the software to manage advertising campaigns or billing messages. Linda (2008-01-07). frontporch. Applications Massillon Cable TV. California [3] and Denver International Airport[4] . Inc. 2010-06-14. [3] "JOHN WAYNE AIRPORT INTRODUCES FREE WI-FI SERVICE" (http:/ / www. but is also found in the more traditional "wired" broadband ISPs[2] . Internet Service Providers use products by Front Porch to present its own interstitial. Founder and Chief Executive Officer. Chief Operating Officer.frontporch. ocair. .com network uses Front Porch technology[5] to present a terms-of-service and portal page to users with local advertising and content. . . uses the technology to notify customers about complaints from Copyright holders[2] . com/ [2] Haugsted. California. This technology is often used in the delivery of advertiser-supported wireless Internet access. Inc. provides services to Internet Service Providers. External links • www. . Vice President. Raul Vaughn. Wi-Fi Planet.frontporch. frontporch. com/ article/ CA6517230. "Fair Warning for Copyright Holders" (http:/ / www. wi-fiplanet. Adam (2006-02-24). html). 2008-01-28. or pop-under advertising or service messages while the browser transitions to or between web pages. html).com [1] Front Porch. pop-up. The European free-hotspot. [4] "Denver International Airport Offers FreeFi Networks' Free Wi-Fi Service to Passengers" (http:/ / www. sidebar.frontporch.Front Porch 28 Front Porch Front Porch. such as customer service notices[2] or online advertising.

todayszaman.eu/) • Labris in Azerbaijan (http://www.action?load=detay& link=168835) 6 March 2009 • Labris Teknoloji (http://www2. Wireless Authentication (WAUTH). Antivirus.ssm.labris.gov.Labris Teknoloji 29 Labris Teknoloji Labris Teknoloji Informatic Solutions Industry Founded Network security & Internet security 2001 Headquarters Ankara. VPN. Turkey Key people Products Website Founder and CEO: Seçkin Gürler. Intrusion Prevention (IPS). LBRLOG Series) have Firewall. Oğuz Yılmaz Unified threat management (UTM). Logging and Detailed Reporting modules. It is deemed to deserve to be the third most successful private sector project by TÜBİTAK. [1] http:/ / www. labristeknoloji.com/newsDetail_getNewsById. Zero Time. It is headquartered in ODTÜ Technopolis in Ankara. The products which Labris manufactures (LBRUTM Series. Lawful Interception. Web filtering www. Labris is one of the 12 Common Criteria EAL4+ certified gateway brand in the world and the first and only gateway in Turkey. Antispyware. Antivirus/Antispam Gateway.tr/katalog2007/data\4313\firmaeng.labristeknoloji. It manufactures high-technology business network security appliances and software. Intrusion-prevention system.html) . Antispam. Webfilter. L Series. Firewalls. VPN/SSL VPN.eu [1] Labris Teknoloji Informatic Solutions is a Turkish R&D company. eu/ References • Corporate Website (http://www. Server Load Balancer.

It was founded in 1997 by Ori Cohen. to prevent what they term "revenue leakage". Narus engaged the former Deputy Director of the National Security Agency. Several of the partners are funded by In-Q-Tel. From the Press Release announcing this:[5] "Crowell is an independent security consultant and holds several board positions with a variety of technology and technology-based security companies. Walden International. Narus has several business partners who provide various technologies similar to the features of NarusInsight. AT&T.narus. . the National Research Council Committee on Science and Technology for Countering Terrorism and the Markle Foundation Task Force on National Security in the Information Age. Dr.[3] Management and investors According to Narus's own website listing of the Board of Directors [4].Narus (company) 30 Narus (company) Narus Type Industry Founded Subsidiary of Boeing Telecommunication 1997 Headquarters Sunnyvale. Since 9/11. California. a supercomputer system which is allegedly used by the NSA and other bodies to perform mass surveillance and monitoring of citizens' and corporations' Internet communications in real-time. who had been in charge of technology development for VDONet. United States Key people Products Parent Website Founder. In 2004. and whose installation in AT&T's San Francisco Internet backbone gave rise to a 2006 class action lawsuit by the Electronic Frontier Foundation against AT&T. Presidio Venture Partners. Prior to 9/11 Narus worked on building carrier-grade tools to analyze IP network traffic for billing purposes. Ori Cohen Monitoring/surveillance systems Boeing www. now owned by Boeing which produces mass surveillance systems. Post-9/11 they have continued down that path while adding more semantic monitoring abilities for surveillance purposes. an early media streaming pioneer. NTT Software and Sumisho Electronics. Mayfield. Crowell has served on the Defense Advanced Research Projects Agency (DARPA) Task Force on Terrorism and Deterrence." Narus has venture funding from companies including JP Morgan Partners.[2] It is notable for being the creator of NarusInsight.com [1] Narus is a company. NeoCarta. Cohen is no longer the Chairman of the Board. William Crowell as a director. Hepting v. Intel.

000 telephone modems. [7] .g.000 DSL lines or 195. protocol. such as Pen-Link. Aggregation and Analysis provide a model of user. offer the ability to quickly analyze information collected by the Directed Analysis or Lawful Intercept modules. instant messaging applications. • Certified by Telecommunication Engineering Center (TEC) in India for lawful intercept and monitoring systems for ISPs. structure and significance of traffic in real time. Correlation. as the public is not authorized to see what types of activities and ideas are being monitored. element.e. According to a company press release. and Gawab Mail (English and Arabic [8] versions). This data is stored and analyzed for surveillance and Other capabilities include playback of streaming media (i. The intercepted data flows into NarusInsight Intercept Suite forensic analysis purposes. • NarusInsight's functionality can be configured to feed a particular activity or IP service such as security. web browsers. But. the 10 Gbit/s capacity of one NarusInsight installation enables it to monitor the combined traffic of several million broadband users. which enables it to sift through the vast quantities of information that travel over the Internet. . in other words analyze the content. and see how users' activities are connected to each other (e.g. in practical terms. application and network behaviors. meaning. • Normalization.g. examination of e-mail and the ability to analyze the payload/attachments of e-mail or file transfer protocols. the latest version of NarusInsight Intercept Suite (NIS) is "the industry's only network traffic intelligence system that supports real-time precision targeting. rendering of web pages.Narus (company) 31 NarusInsight System specification and capabilities Some features of NarusInsight include:[6] • Scalability to support surveillance of large.. what they have written in their emails/IM conversations). since individual internet connections are not continually filled to capacity. including Google Gmail. email) and what they are doing with those applications (e. That is it can track individual users. • Compliance with CALEA and ETSI.. lawful intercept or even Skype detection and blocking. in real-time. A single NarusInsight machine can monitor traffic equal to the maximum capacity (10 Gbit/s) of around 39. monitor which applications they are using (e. complex IP networks (such as the Internet) • High-speed Packet processing performance. compiling lists of people who visit a certain type of web site or use certain words or phrases in their emails). Narus partner products. VoIP). • High reliability from data collection to data processing and analysis." It can also perform semantic analysis of the same traffic as it is happening. capturing and reconstruction of webmail traffic. MSN Hotmail. which web sites they have visited. The exact use of this data is not fully documented. Yahoo! Mail.

Reuters. CA] • DailyKos. com/ index.com/) • Wired News article (http://www. • Frontline Flash Video "Spying on the Home Front" (http://www. html) [7] http:/ / www. php/ about/ board [5] Narus Appoints Former Deputy Director of the National Security Agency To Its Board of Directors (http:/ / web. [9] "One U. eff. org/ cases/ att) [4] http:/ / narus. com/ index.archive. html) [6] Key Features list of NarusInsight (http:/ / narus. 2007-12-10. "This company.Narus (company) 32 Mass surveillance Narus provides technology to governments such as the United States and Egypt to facilitate the mass surveillance of their citizens. reuters. 2007).pdf) at the Wayback Machine (archived December 1. and equipment lists and installation dates. narus.com/news/technology/0. com/ [2] "James Bamford: "The Shadow Factory: The Ultra-Secret NSA from 9/11 to the Eavesdropping on America"" (http:/ / www. .wired. shtml). 2011-01-29.org/20071201184647/http://blog. Retrieved 2008-02-13. wiring diagrams. Corporation's Role in Egypt's Brutal Crackdown" (http:/ / axisoflogic. External links • Official website (http://www.narus.com/27BStroke6/att_klein_wired. php/ solutions/ intercept [8] "Narus Expands Traffic Intelligence Solution to Webmail Targeting" (http:/ / www. org/ web/ 20050206184639/ narus. including pictures. archive. .[9] References [1] http:/ / www. does the—basically the tapping of the communications on AT&T. Huffington Post.S." [3] EFF vs AT&T (http:/ / www.com/news/technology/0. ironically also founded in Israel and largely controlled by and developed by people in Israel called Verint.org/wgbh/pages/frontline/homefront/ view/)` TV documentary originally aired on PBS 15 May 2007 with a section entitled "The NSA's Eavesdropping at AT&T" with the story of Mark Klein exposing NSA wiretapping with a secure room and Narus STA 6400 at an AT&T facility in San Francisco. . Narus.com: Source story for implications of the company's product (http://dailykos. com/ products/ index. narus.70914-0. org/ 2008/ 10/ 14/ james_bamford_the_shadow_factory_the). which was founded in Israel and has large Israel connections.com/storyonly/2006/4/ 8/14724/28476) . And Verizon chose another company. com/ press/ 2004/ 0929. democracynow. Retrieved 2008-10-30.pbs.wired. from Mark Klein (http://web. com/ article/ pressRelease/ idUS140435+ 10-Dec-2007+ BW20071210?sp=true).wired.html) • Wired News article (http://www.html) (AT&T whistleblower Mark Klein discusses Narus STA 6400) • Documents.70908-0. com/ artman/ publish/ Article_62125. Retrieved 2011-01-30.

followed by the US in May 2009 [7] . courts or law enforcement. California. www. As a result.com [2] NebuAd was an American online advertising company based in Redwood City. At one point. . Chairman. NebuAd closed for business in the UK in August 2008.adjuggler. Each device can monitor up to 50. micro-targeted advertising. Overview of the service NebuAd's solution has three main parts: Hardware hosted within the ISP that is capable of inserting content into pages.[5] its agreements with providers covering 10 percent of the broadband users in America[6] . with offices in New York and London and was funded by the investment companies Sierra Ventures and Menlo Ventures[3] . that information may be subject to access requests by governments. founder.[15] One customer spent hours trying to disinfect his machine as he wrongly believed that it had been infected with spyware after noticing problems with Google loading slowly and the creation of these non-Google cookies. but there is no way for users to prevent ISPs from sending the data to NebuAd in the first place[12] [13] . mostly Internet access providers. Kira Makagon Chief Executive Officer and co-founder. eventually resorted to reinstalling his . unexpected cookies for sites such as nebuad. Because ISPs route all of their customers' traffic. seeking deals with ISPs to enable them to [4] analyse customer's websurfing habits in order to provide them with more relevant.NebuAd. and relationships with advertising networks willing to present NebuAd's targeted advertising[9] .NebuAd 33 NebuAd NebuAd. NebuAd says it gains more information about customers' particular interests than less intrusive methods can provide[14] . It was one of several companies developing behavioral targeting advertising systems. Phorm is a similar company operating out of Europe.com were being read and written. NebuAd's privacy policy says that they will "specifically not store or use any information relating to confidential medical information. WOW initially denied that it was responsible for this activity. religious beliefs.000 users. an off-site server complex to analyze and categorize the contents of users' Internet communications. but when they contacted WOW's support department. "The information we collect is stored and processed on NebuAd's servers in the United States. NebuAd UK Ltd was dissolved in February 2010[8] . By analyzing this traffic. USA Key people Website [1] Robert Dykes. NebuAd had signed up more than 30 customers. NebuAd's largest ISP customers have all pulled out. racial or ethnic origins. .[10] Users can "opt-out" of NebuAd’s information collection and targeted ads[11] . The System works by installing a hardware device inside an ISP network." At least two customers of a Middle America ISP known as WOW! noticed that when they used Google. Adzilla and Project Rialto also appear to be developing similar systems. Inc Former type Industry Founded Defunct Privately held Company Online advertising 2006 2009 Headquarters California."[11] It also advises. or sexuality which are tied to personally identifiable information ('sensitive personal information'). it is a perfect vantage point from which to monitor all the traffic to and from a consumer using Deep packet inspection (DPI). Due to fallout following public and Congressional concern.

Advertisers are offered better targeted adverts. the roll out was completed in the first week of March 2008. sometime after the third week of March 2008[15] .[20] Privacy advocates criticize the lack of disclosure[21] that some ISPs provided prior to using NebuAd. identification information from the ISP. Nebuad buy impressions from ad networks including Valueclick. which could increase profits or reduce the amount of page-space dedicated to advertising. NebuAd provided an additional income stream to network operators. but may be able to discover this through traffic monitoring (for example. WOW! (formerly Wide Open West) started rolling out Nebuad in February 2008. email traffic may tie an email address to an ip address). Bob Dykes. Better targeted advertising also leads to a more relevant and personalized online experience. Owners of previously thought ad-unfriendly websites are offered a chance to make money not on the subject matter of their website but on the interests of their visitors. According to Nebuad's sales. not for sale.[19] 34 Controversies Generally. Consumer Notification A large American cable operator. the lack of oversight over what any third-party company does with the contents of Internet communications[22] . and the company's refusal to name its partner ISPs. its conflicts with United States wiretap laws[13] [16] . hence reducing the "scattergun approach" (publish as many ads as possible in the hope of catching a client) and users are offered more relevant adverts: Just because one visits the financial pages of a newspaper does not mean all they are interested in is financial product and books on investing. ISPs were paid for allowing NebuAd access to their network on a per-user per-active profile basis. One ISP expects to earn at least $2. Customers were not explicitly notified about NebuAd until later. zip code.[23] and in some cases informed customers that the terms had been updated. Charter changed its mind in June.[25] A Knology user in Knoxville. Nebuad uses data such as Web search terms. page views. In response to an inquiry from members of the United States House of Representatives Telecommunications Subcommittee about its pilot test of NebuAd's services. website owners are offered an improved click-through rate (CTR).[24] Embarq said that it notified consumers by revising its privacy policy two weeks prior to sending its users' data streams to NebuAd. [18] Nebuad does not have access to user browser info and connection speed to categorise its user's interests. time spent on specific sites. page and ad clicks. which may maintain or lower consumers' Internet access bills.[27] [28] But after customers voiced their concerns. NebuAd CEO claims "We have 800 [consumer interest segments] today and we're expanding that to multiple thousands". WOW updated its terms and conditions to include a mention of Nebuad. Tennessee reports that she also was not notified that she was being monitored. Firstly.50 per month for each [16] user. a weak opt-out method[13] .[26] In May 2008.[29] .[15] On July 9. Charter Communications announced that it planned to monitor websites visited by its customers via a partnership with NebuAd. less than 1% of users opt-out.[17] NebuAd argues that behavioral targeting enriches the Internet on several fronts.NebuAd machine from scratch. Critics believe that the raw content of their internet communications are entrusted to the ISP for handling without being inspected or modified. 2008 WOW! suspended the use of Nebuad services to its subscribers. only to discover the problem had not gone away.

chairman of the House Subcommittee on Telecommunications and the Internet. a Texas based ISP was using a NebuAd technology to inject Redmoon's own advertising into pages visited by its users. it does not prevent the ISP from sending the data to NebuAd. Use of Packet Forgery and Browser Exploits A report by Robert M.[35] . Opt-In Members of US Congress.[32] Superimposing or Adding Advertising to Web Pages Critics are concerned that NebuAd superimposes its own advertising over the ads of other advertisers. California[35] . famous for ad software known as Gator[35] . patent application data that mention such inventions. Topolski.faireagle. In 2007 it was reported that Redmoon.[31] All of the inbound and outbound information is intercepted and sent to NebuAd's offsite server to be processed.[13] An engineer who has examined the system confirms there is no way to Opt-Out of the monitoring. describing its hiring of Claria employees as a result of that company shedding employees in a tight market for experienced advertising sales staff in the Valley. shows that NebuAd's devices create cookies on end-users machines by injecting a specious packet into the end of the data stream returned in response to some web page requests submitted to major search engines Google and Yahoo. or if they will only be able to opt-out of receiving targeted ads.[34] Relationship with Claria Corporation Some senior staff members of NebuAd used to work at ad company Claria Corporation (formerly. These are not correct. The ads featured a window with the "Fair Eagle" title bar. The June 2006 creation[36] of nebuad.NebuAd 35 Friction between ISP Staff and Management Plans to implement NebuAd had not gone down well with some ISP's employees. and one employee was planning to re-route his traffic to avoid NebuAd's Deep Packet Inspection hardware. or places additional advertising to page. which will be added to the end of the web page when it is rendered by the end-user's browser. The content of this specious packet. and Joe Barton.com. provided by NebuAd. The injected ads stopped appearing toward the end of June.[16] Opt-Out vs. chief technology consultant of the Free Press and Public Knowledge. Ed Markey. The substance to these concerns can likely be traced to the company's "Fair Eagle" operation.[33] The "Fair Eagle" advertisement hardware.com coincides with timing of Claria's decision to shutdown[37] the Gator service. contains HTML Script tags which cause the browser to request Javascript from http://a. the Gator Corporation). a ranking member of the House Committee on Energy and Commerce. and a loose relationship to Claria Corporation whose products and history suggest such tactics. inserted additional advertising alongside the content of web pages. have argued that such services must be opt-in only to comply with the provisions laid down by Section 631 of the US Communications Act.[13] The same writer has asked if it would breach anti-wiretapping laws. and have written to Charter requesting they suspend the test "We respectfully request that you do not move forward on Charter Communications' proposed venture with NebuAd until we have an opportunity to discuss with you issues raised by this proposed venture". Both Claria and NebuAd are located in Redwood City. 2007. Even if a user has opted out of the service.[30] A writer for Wired News has questioned whether Charter users can really opt-out of being monitored. NebuAd has repeatedly denied any corporate connection to Claria.

WOW! indicated. 2008[58] . Nexicom's Paul Stewart replied. "Blackfoot tested NebuAd on its internal corporate network. Blackfoot's Mary Worden later explained. notified customers in late May 2008 that it was deploying the hardware[53] . and has not decided whether to move forward[51] with Behavioral Targeting advertising "either through NebuAd or with any other vendor"[52] . "Nexicom was investigating using the NebuAd service. [17] Metro Provider . • Charter Communications suspended its plans[49] to test NebuAd following scrutiny from lawmakers and privacy groups[50] . Bresnan told a blogger that their NebuAd trial had ended and they would comply with whatever regulatory model emerges from the current debate. serving Central Ontario and the Kawarthas. Following the announcements by Charter. WOW! . of Missoula. Reed Freeman Kelley Drye & Warren LLC NebuAd's ISP Partners ISPs which trialled or deployed or prepared to deploy Nebuad included: • • • • • [42] [43] Broadstripe (formerly and formally Millennium Digital Media). notified users via its Privacy Policy page that it was using NebuAd as of April 23.Net . Canada. References to NebuAd in Nexicom's Privacy Policy has been removed.Net) . only to pull out of the deal alongside of Charter a month later[54] . [44] Decaturnet Internet Services . Inc."[59] • WOW![15] [49] (formerly Wide Open West) completed suspension of NebuAd services on July 9. in March 2008.NebuAd 36 Current and Former Officers and Employees in Common to NebuAd and Claria Name Scott Tavenner Chuck Gilbert Mike Miller Amy Auranicky Jeanne Houwelingis Deepak Nair [38] [39] [40] of Relationship to NebuAd Vice President of Business Development Senior Product Manager Vice President of Ad Sales Director of Advertising Sales Vice President of Advertising Services Business Intelligence Marketing Consultant Attorney for NebuAd before the Federal Trade Commission Relationship to Claria Vice President of Business Development Senior Product Manager Director of Sales Integration Manager Senior Director of Business Development Database Developer & Data Architect Associate Marketing Manager Chief Privacy Officer and Regulatory Affairs [41] Counsel Melissa Horwath D. • Bresnan Communications used the NebuAd technology[55] .[56] . [48] 20/20 Communications (2020comm. "With Congress in active review of online behavioral advertising.net) All ISPs have ended or suspended their relationship with NebuAd. Indiana). Embarq. Inc. • An Embarq[49] spokesperson told the Associated Press that it ended its trial with NebuAd. (EONI) . • • • • [44] OnlyInternet. Montana appeared to have tried NebuAd between March and May 2008[57] . [45] Eastern Oregon Net. one of the earliest known ISPs to test NebuAd[5] . • CenturyTel. In a response to customer inquiries. and CenturyTel that they would no longer use NebuAd on their networks. but had similar concerns to those raised by consumer groups and elected not to launch the service."[57] • Nexicom. Following a question to users on a public forum. [44] Progressive Internet Services (Jayco. • Web cache evidence indicated that Blackfoot Telecommunications Group. [47] RTC on Line (Rochester Telephone Company. [46] High Speed Networks -E50 (HSNe50) . with employees only and not with its customers. The software was never implemented at any time as there were concerns on several levels regarding privacy issues.

[4] "American ISPs already sharing data with outside ad firms" (http:/ / www. archive. Ryan (2008-05-16). co. Cable One conducted NebuAd tests on 14. . [19] "ISPs Collect User Data for Behavioral Ad Targeting" (http:/ / www. cdt."[60] • Knology[42] [61] reported to the United States House Committee on Energy and Commerce that it discontinued a trial of NebuAd in all markets as of July 14. . [10] Hansell. The Register. dslreports. ClickZ. Broadband Reports. uk/ 2008/ 04/ 22/ wide_open_west_users_with_nebuad/ ). . com/ showPage. and we welcome the opportunity for that discussion to take place. com/ 27bstroke6/ 2008/ 05/ congressmen-ask. [13] Single. uk/ 2008/ 04/ 10/ american_isps_embrace_behavioral_ad_targeting/ ).tv. 2008-09-03." (http:/ / www. . wired. [17] "Questions for Bob Dykes. Retrieved 2008-05-21. Crescendo Networks and TeleNav. Retrieved 2008-05-17. The Register. wsj. Ryan (2008-05-16). Retrieved 2008-04-26. Retrieved 2008-06-28. Karl (2008-05-28). . html). 2008-01-03. showArticle& art_aid=106277). htm). [20] "CDT Urges Stronger Guidelines for Behavioral Advertising" (http:/ / www. Threat Level from Wired. . com/ 27bstroke6/ 2008/ 05/ theres-no-optin. gov. uk/ 2008/ 09/ 03/ bob_dykes_nebuad_quits/ ). Retrieved 2008-09-04.com. Retrieved 2008-06-28. wired. com/ NebuAD. html?mod=todays_us_nonsub_marketplace). com/ wp-dyn/ content/ article/ 2008/ 04/ 03/ AR2008040304052. Retrieved 2008-05-14. [7] "Case Closed: NebuAd Shuts Down" (http:/ / www. but Innocuous’ Web Browsing" (http:/ / bits. "NebuAd Observes ‘Useful. mediapost. [8] " (http:/ / wck2.Cable.[63] As of August 2008. juniperamspmarketing. org/ web/ 20080713030851/ http:/ / www. Ex-employees moved to work within a variety of other online advertising and technology companies. AdChemy. clickz. co. . "Infighting At ISPs Over Using NebuAD" (http:/ / www. htm) on 2008-07-13. com/ privacy/ servicesPrivacy. com/ shownews/ Wide-Open-West-Using-NebuAD-92520).. Saul (2008-04-07). Archived from the original (http:/ / www. . 2008-04-22. . theregister.Phone is suspending its deployment of NebuAd services to our subscribers at this time. Peter (2008-04-04). 2008-06-12. The New York Times. html?page=3628004). uk/ c3aac31df2e47117900ab23b5d4530e6/ companysearch?disp=1& frfsh=1281110903#result)"UK Companies House website [9] "Juniper Networks partners with NebuAd to enable ISPs to participate in online advertising revenues on the web" (http:/ / web. com/ NebuAD. com/ shownews/ Infighting-At-ISPs-Over-Using-NebuAD-94835). Red Aril. 2008-04-10. org/ headlines/ 1126). Retrieved 2008-04-18. "Congressmen Ask Charter to Freeze Web Profiling Plan" (http:/ / blog. php).[65] 37 The End of NebuAd NebuAd was closed down in the UK in August 2008 and in the US in May 2009[7] . [18] "Charter Cable to Spy on its Broadband Users to Serve Targeted Ads via NebuAd" (http:/ / www. [12] Singel. companieshouse. Plaxo. html). References [1] "NebuAd CEO quits" (http:/ / www. clickz. com/ publications/ ?fa=Articles. com/ showPage. . . theregister. Retrieved 2008-06-19. . "Every Click You Make" (http:/ / www. democraticmedia. html). org/ jcblog/ ?p=586). "Watching What You See on the Web" (http:/ / online. Bobby (2007-12-06). [2] http:/ / www. . The Register. 2008. dslreports. 2009-06-18. [14] "Robert Dykes (CEO) presenting NebuAd at OnMediaNYC-01/28/2008" (http:/ / vator. washingtonpost. co. com/ company/ management. . 2008-01-03. [11] "NebuAd / Privacy" (http:/ / www.com. including VeriFone. [15] "Data pimping catches ISP on the hop" (http:/ / www. NebuAd CEO" (http:/ / www. MediaPost. Retrieved 2008-04-23. washingtonpost. [16] Bode. tv/ pitch/ show/ transforming-online-ad-industry?play=false).000 customers in Alabama for six months beginning in November 2007. nebuad. Retrieved 2008-04-18. 2008-05-14. . com/ [3] "Management & Investors" (http:/ / www.[62] • Unbenownst to its users. Retrieved 2008-05-14. . . 2008-03-11. juniperamspmarketing. 2008-02-18. Retrieved 2008-05-14. html?page=3628009). nytimes. clickz. PubMatic. juniperamspmarketing. [5] White. vator. . nebuad. nebuad. . php). [21] "Wide Open West Using NebuAD Users don't get much of a heads up. The Wall Street Journal. Retrieved 2008-07-03. Wired. Zscaler. Cable One had decided against using the technology "commercially" on its systems[64] but in September said it was waiting for "clear rules and boundaries". blogs. "Can Charter Broadband Customers Really Opt-Out of Spying? Maybe Not" (http:/ / blog. com/ 2008/ 04/ 07/ nebuad-observes-useful-but-innocuous-web-browsing/ ). theregister. Retrieved 2008-05-14.. [6] Whoriskey. .NebuAd Internet. com/ article/ SB119690164549315192. We believe that all parties are best served by a thoughtful and thorough review of this emerging advertising model. Digital Destiny.

html?pr=pr040420). [42] "Broadstripe Now Selling User Browsing History. And unless they alter the architecture of their system drastically. ars/ post/ 20080723-embarq-dont-all-users-read-our-5000-word-privacy-policy. dslreports. [47] "RTC on Line aka Rochester Telephone Company sells to NebuAd" (http:/ / www. "Charter Will Monitor Customers' Web Surfing to Target Ads" (http:/ / bits. so you would need some sort of magical layer-two switching device upstream that switched frames from users that have opted out around the NebuAd appliance. . broadstripe. they won't ever have one. As Chief Privacy Officer And Vice President Of Regulatory And Legislative Affairs" (http:/ / www. com/ press-release-article. 2004-04-20. Retrieved 2008-06-19. com/ forum/ r20704276-OnlyInternetNet-uses-NebuAd-for-Behavioral-Targeting). . Retrieved 2008-06-19. Retrieved 2008-06-24. [41] "Claria Names D. . The Register. Retrieved 2008-05-14.com. ars technica. 2008-06-26. marketingvox. [44] "OnlyInternet. "NebuAd and Partner ISPs: Wiretapping." [38] "LinkedIn Profile of Deepak Nair" (http:/ / www. com/ in/ melissahorwath). com/ embarq-pleads-the-fifth-on-disclosing-nebuad-test-to-customers-040002/ ).com. . Techcrunch. Nate (2008-07-23). . The Register. [27] Hansell.net-Fair Eagle taking over the world? ISPs being compromised or just cheap?" (http:/ / www. via The New York Times Company. . "Embarq: Don't all users read our 5. html). com/ terms/ privacypolicy. Reed Freeman. broadstripe. [23] "WOW Terms and Conditions" (http:/ / www1. "Congress goes after NebuAd. . 2008-06-06. php?id=D20070622). Retrieved 2008-06-26. Retrieved 2008-07-23. 2007-06-23. How would you build a device like this without profiling your users in the first place to determine who had opted out? It's not like there is an opt-out bit you can flip in the header of an Ethernet frame. . Retrieved 2008-06-29. [28] http:/ / www. gov/ os/ comments/ behavioraladprinciples/ 080411nebuad..com. com/ terms/ privacypolicy. Retrieved 2008-05-17. html?ref=technology). [35] "NebuAd looks to 'spyware' firm for recruits" (http:/ / www. nytimes. com/ in/ deepaknair73). again" (http:/ / arstechnica. Retrieved 2010-05-20. dslreports. Free Press.NebuAd [22] "ISP Data Collection — Congress Investigation Urged (NebuAd-CDT Press Release)" (http:/ / www. "Ready — Fire — Aim: NebuAd and Charter Shellacked -. . . net/ files/ NebuAd_Report. 2008-06-26. . uk/ 2008/ 06/ 20/ nebuad_claria/ ).com.000 word privacy policy?" (http:/ / arstechnica. wowway. [33] "Real Evil: ISP Inserted Advertising" (http:/ / www. Their system is a bridge. . they didn't have one. ars technica. "He points out that the system is essentially a massive bridge running Fedora. org/ web/ 20080224042248/ http:/ / www. . . 2008-06-26. Retrieved 2008-06-25. Gregg. "Charter Won’t Track Customers’ Web Use" (http:/ / www.com. html). Robert (2008-06-18). On The Commission Staff's Proposed Self-Regulatory Principles For Online Behavioral Advertising" (http:/ / www. 2007-06-22.Right Idea. Archived from the original (http:/ / www. com/ 2007/ 06/ 23/ real-evil-isp-inserted-advertising/ ). "Claria Abandons Adware" (http:/ / www. freepress. com/ forum/ r20600537-ISP-Data-Collection-Congress-Investigation-Urged-NebuAd). Jr. everyone's data is still pumped into a third-party box. 38 . [25] "Customers Shoulda Read the Privacy Policy. Nate (2008-07-15). techweb.. org/ node/ 1664). com/ wow/ wow. linkedin. [40] "Comments Of Nebuad. nytimes. [26] Topolski. linkedin. publicknowledge. com/ forum/ r20705904-RTC-on-Line-aka-Rochester-Telephone-Company-sells-to-NebuAd). Robb (2008-07-21). 2008-06-26. com/ nebuad. pdf) (PDF). com/ shownews/ Broadstripe-Now-Selling-User-Browsing-History-94378). "Claria will exit out of the adware business by the end of the second quarter of 2006.. . co. com/ news. and that NebuAd advises ISPs to install it inline in their networks in such a way that all web traffic passes through it. com/ news. Says Embarq" (http:/ / www. com/ 2008/ 05/ 14/ charter-will-monitor-customers-web-surfing-to-target-ads/ index. htm)." [32] Topolski. claria. Inc. dslreports. [36] http:/ / whois.opted out or not. dslreports. com/ forum/ r20703445-And-Even-One-More-ISP-to-add-to-NebuAds-Harem). 2008). htm) on 2008-02-24. BroadbandReports. [39] "LinkedIn Profile of Melissa Horwath" (http:/ / www. . html). theregister. Retrieved 2008-06-20. BroadbandReports. Forgery and Browser Hijacking" (http:/ / www. . The New York Times. BroadbandReports. "US Congress questions legality of Phorm and the Phormettes" (http:/ / www. [46] "And Even One More ISP to add to NebuAds Harem" (http:/ / www. net/ gb/ inquirer/ news/ 2008/ 05/ 14/ charter-track-users-replace [29] The Associated Press (June 25. Retrieved 2008-06-24. Cade (2008-05-16). com/ wire/ security/ 183701933). theinquirer. [24] Anderson. Retrieved 2008-06-26.. . BroadbandReports. aspx?ConIdent=28& RCView=False& TermID=11#TPA). blogs. dslreports. ars/ post/ 20080715-congress-goes-after-nebuad-again. BroadbandReports. As the engineer explains. Retrieved 2008-06-20. . net/ blog/ weblog. dslreports. 2008-05-14. . [45] "One More ISP to add to the list of ISPs" (http:/ / www. archive. .Net uses NebuAd for Behavioral Targeting" (http:/ / www. MarketingVOX: The Voice of Online Marketing. Public Knowledge Policy Blog. [43] "Broadstripe High Speed Internet Online Privacy Policy" (http:/ / web.. ftc." So while the data actually created and stored by NebuAd or Embarq may end up being totally anonymous and innocuous. benanderson. theregister. . pdf) (PDF). Retrieved 2008-06-26. [34] "benanderson. techcrunch. com/ 2008/ 06/ 25/ technology/ 25charter. Wrong Targets" (http:/ / www. 2008-06-20. [30] Metz. co. . Retrieved 2008-06-26. com/ forum/ r20703209-One-More-ISP-to-add-to-the-list-of-ISPs). domaintools. Retrieved 2008-04-30. Retrieved 2008-07-02. Joins growing list of NebuAD customers" (http:/ / www. TechWeb Technology News. . "When we asked them about an opt-out method for our customers. Saul (2008-05-14). Retrieved 2008-04-26. com [37] Keizer. [31] Anderson. uk/ 2008/ 05/ 16/ congress_questions_nebuad/ ).

com/ forum/ r20554465-Centurytel-and-NebuAd).. Associated Press via Google. U.. Retrieved 2008-07-01. Anick (September 1. 2008-07-03. . Inc. 2008-06-26. Retrieved 2008-09-01.O. [60] prack (2008-07-03). nexicom. com/ article/ ALeqM5hojy5UugX8vlpZa1urv5KYVDHDjAD92TSRNG0). pdf) (PDF). 2008-09-26. google. BroadbandReports. CEO and Chairman of the Board.com. pdf) (PDF via Google HTML). [64] Ji. google. nebuad. Retrieved 2008-06-30. . 080108responseKnology. Committee on Energy and Commerce. [63] Jesdanun. Retrieved 2008-06-27. seoserpent. pdf) (PDF). By opting out you will continue to receive advertisements as normal. . dslreports. 2008-05-28. Retrieved 2008-06-26. com/ privacy/ optout. . [52] Svensson. nytimes. BroadbandReports. .. "9. Rodger. . 2008-06-26. Saul (2008-05-14). Knology will partner with a third party to deliver or facilitate delivery of advertisements to our users while they are surfing the web. php). 2008-07-01. . This anonymous information will not include those users' name. 2008). 2008-06-27.com. 080108responseCABLE001. dslreports. com/ forum/ r20711216-Centurytel-drops-NebuAd). .com. You will continue to receive advertisements as normal. html). BroadbandReports. com/ forum/ r20737958-Nexicom-is-using-NebuAd). These advertisements will be based on those users' anonymous surfing behavior while they are online. .'Enhanced user experience' apparently not so enhanced. [53] "CenturyTel and NebuAd" (http:/ / www. . (2008-08-08). [56] "Bresnan — Internet Privacy Update" (http:/ / johnlinko. "6 Internet providers disclose Web tracking for ads" (http:/ / ap. Retrieved 2008-07-02.NebuAd [48] "20/20 Communications and NebuAd" (http:/ / www. com/ privacy/ optout. . telephone number. [55] "Bresnan actively intercepting ALL packets" (http:/ / www. [54] "CenturyTel Drops NebuAd" (http:/ / www. com/ forum/ r20736487-WOW-Suspension-of-Nebuad-Services). Karl (2008-06-24). . dslreports. "RE: Internet Advertising Inquiry" (http:/ / energycommerce. Committee on Energy and Commerce — US House of Representatives. If you would like to opt out. BroadbandReports. Retrieved 2008-09-01. "Ad targeting based on ISP tracking now in doubt" (http:/ / ap. salon. Philip P. 2008 Letters to Network Operators Regarding Data Collection Practices" (http:/ / energycommerce. Third Party Advertisers. "Letter. com/ forum/ r20706000-Blackfoot-Telecommunications-Group-Inc-Missoula-MT-Nebuad). com/ shownews/ Charter-User-Monitoring-Plans-Suspended-95551). . Retrieved 2008-06-18. Peter (2008-06-25). "Charter Will Monitor Customers’ Web Surfing to Target Ads" (http:/ / bits. house. Retrieved 2008-07-21. If You would like to opt out. Canadian Broadband Forum on BroadbandReports.W. Retrieved 2008-06-25. . Salon. house. Retrieved 2008-06-25. com/ forum/ r20258823-Bresnan-actively-intercepting-ALL-packets). Associated Press via Google. from Responses to August 1. [61] "Knology Customer Service Agreement" (http:/ / support. [65] Jesdanun. net/ content/ custService_agree_121207. The New York Times.com. dslreports. gov/ Press_110/ Responses to 080108 TI Letter/ 110-ltr. we will partner with a third party to deliver or facilitate delivery of advertisements to our users while they are surfing on the web. Retrieved 2008-08-11. knology. gov/ Press_110/ Responses to 080108 TI Letter/ 110-ltr. php page)" [59] "Nexicom is using Nebuad" (http:/ / www. html). or any other personally identifiable information.com. click here. 39 .. dslreports. telephone number. com/ article/ ALeqM5i0jj6e-BuV4qnseoMIL1fJFB7uhAD92TEAE80). dslreports. John Linko (Blog). These advertisements will be based on those users' anonymous surfing behavior while they are online. This anonymous information will not include those users' name. "Charter User Monitoring Plans Suspended . php" [62] Johnson. [51] "ISP Behavioral Targeting Versus You" (http:/ / www. . email address. .S. blogspot. Inc. House of Representatives. [57] "Blackfoot Telecommunications Group." (http:/ / www. "WOW! Suspension of Nebuad Services" (http:/ / www.com Forums — US Cable Support — W. 2008). . html?ref=business). [49] Hansell. except these advertisements will be less relevant and less useful to you. By opting out. email address. Retrieved 2008-09-01. (links to http:/ / www. com/ forum/ r20704629-2020-Communications-and-NebuAd). Knology. [58] "Nexicom Privacy Policy" (http:/ / www. dslreports. Retrieved 2008-05-14. DSLReports. Retrieved 2008-06-27. except these advertisements will be less relevant and less useful to you. [50] Bode. or any other personally identifiable information. net/ privacy. dslreports. com/ 2008/ 07/ bresnan-internet-privacy-update. com/ 2008-09/ isp-behavioral-targeting/ ). BroadbandReports. .com. "Beginning April 23rd. go to: http:/ / nebuad. com/ wires/ ap/ scitech/ 2008/ 06/ 25/ D91HAQHO1_tec_web_tracking/ index.. "ISPs still considering tracking Web use" (http:/ / www. blogs.com. Missoula MT Nebuad" (http:/ / www. com/ 2008/ 05/ 14/ charter-will-monitor-customers-web-surfing-to-target-ads/ index. Anick (August 31.

Sometimes referred to as Network Acceleration. in real time. instant messaging. market research mega panel analytics.[8] [9] Traditional DPI tools from established vendors like Sandvine and Allot have historically addressed specific network infrastructure applications such as bandwidth management. security functions and data mining for new products and services needed since the emergence of Web 2.. where and how. applications. With ongoing changes in communications networks and how information can be exchanged. or who accesses what database. NI technology goes beyond traditional DPI. revenue assurance. business capabilities. It enables vendors to create an information layer with metadata from IP traffic to feed multiple applications for more detailed and expansive visibility into network-based activity. For example. NI’s value-add to solutions traditionally based on DPI has attracted the attention of industry [10] now includes NI companies on its analysts who specialize in DPI market research. traffic shaping.. online chat. .[1] [2] [3] [4] Background [7] The evolution and growth of Internet and wireless technologies offer possibilities for new types of products and services. The technology enables a global understanding of network traffic for applications that need to correlate information such as who contacts whom. social networks – and from different access points via desktops. laptops and mobile devices. and the information viewed. Packet Capture and Business Intelligence (BI). service assurance. Network optimization and security solutions therefore need to address the exponential increases in IP traffic. NI provides more granular analysis. NI technology correlates network traffic data from a variety of data communication vehicles for network visibility. and protocols whether or not the protocols are tunneled or follow the OSI model. methods of access. people are no longer linked exclusively to physical subscriber lines. IP data packets that cross communications networks by identifying the protocols used and extracting packet content and metadata for rapid analysis of data relationships and communications patterns.[4] Business Intelligence for data networks In much the same way that BI technology synthesizes business application data from a variety of sources for business visibility and better decision-making. blogs. It examines. Heavy Reading Deep Packet Inspection Semi-Annual Market Tracker. enabling better cyber security and IP services. when. lawful interception and cyber security. policy management. examine and correlate interactions involving Internet users. It is currently being incorporated into a wide range of applications by vendors who provide technology solutions to Communications Service Providers (CSPs). governments and large enterprises. charging and billing (including usage-based and content billing).[4] [5] as well as opportunities for hackers and criminals to exploit weaknesses and perpetrate cyber crime[6] . VoIP. The same person can communicate in multiple ways – FTP. NI provides the means to quickly identify. since it not only recognizes protocols but also extracts a wide range of valuable metadata. performance optimization and Quality of Service (QoS). NI extends network controls. NI is used as a middleware to capture and feed information to network operator applications for bandwidth management.0 and wireless 3G and 4G technologies. types of activity and volume of content generated.. DPI focuses on recognizing different types of IP traffic as part of a CSP’s infrastructure. Webmail. when. When combined with traditional BI tools that examine service quality and customer care. NI creates a powerful nexus of subscriber and network data.Network intelligence 40 Network intelligence Network Intelligence (NI) is a technology that builds on the concepts and capabilities of Deep Packet Inspection (DPI).

as well as manage usage once deployed. and correlates activity between all layers. User Behavior Analysis. The cost savings and revenue opportunities driving smart pipe strategies also apply to Network Equipment Providers. applicable for Bandwidth & Resource Optimization. A vendor can demonstrate hardened network security to prevent Data Leakage or Data Theft and an irrefutable audit trail of all network transaction – communication and content – related to a customer’s account. Because NI captures detailed information from the hundreds of IP applications that cross mobile networks. . Content-Based Billing. and critical transparency to allay fears of potential customers. Quality of Service (QoS).Network intelligence 41 Use in telecommunications Telcos. Real-time network metrics are equally important for companies to deliver and manage services. NI classifies protocols and applications from layers 2 through 7. regulatory compliance and auditing[14] [15] [16] . NI mitigates the risks by providing Infrastructure as a Service (IaaS). Internet Service Providers (ISPs) and Mobile Network Operators (MNOs) are under increasing competitive pressures to move to smart pipe business models. e-discovery. Customer Segmentation. Use in cloud computing The economics and deployment speed of cloud computing is fueling rapid adoption by companies and government agencies. however. are risks of information security. generates metadata for communication sessions. VoIP Fraud Monitoring and Regulatory Compliance. Software Vendors and Systems Integrators that serve the industry. Platform as a Service (PaaS) and Software as a Service (SaaS) vendors with real-time situational awareness of network activity. and Personalized Services. Quality of Experience (QoE).[11] [12] [13] Among concerns. it provides the required visibility and analysis of user demand to create and deliver differentiating services. Requirement Purpose • • • • Network Metrics • • services events Identify / deliver / manage services • • • • • Example Applications Audience measurement User behavior analysis Customer segmentation Personalized services Bandwidth / resources optimization Content / application-aware billing Quality of Experience (QoE) analysis VoIP fraud monitoring Regulatory compliance Customer Metrics Understand customer demand NI as enabling technology for smart pipe applications Customer metrics are especially important for telecom companies to understand consumer behaviors and create personalized IP services. NI enables faster and more sophisticated Audience Measurement.

. govinfosecurity. pdf). [5] Aditya Kishore (2008-07-21). html). "Gartner: Seven cloud-computing security risks" (http:/ / www. Light Reading. [13] Tom Sullivan (2008-03-29). asp?doc_id=159415). Info World. com/ 2009/ 07/ 21/ will-p2p-soon-be-the-scourge-of-mobile-networks/ #more-59491). com [11] Stacey Higginbotham (2009-07-21). GigaOM. "The Everyday Relationship Between You and ‘Your’ Information: What’s Out There on the Internet" (http:/ / ipcommunications.Network intelligence 42 Use in government NI extracts and correlates information such as who contacts whom. com/ ResearchDocument. "More Cash for Cloud Computing in 2009" (http:/ / www. com/ topics/ ip-communications/ articles/ 52992-everyday-relationship-between-and-information-whats-out-there. PC World. . Content Filtering. [4] Simon Sherrington (2010-06). [8] "2008 Internet Security Trends" (http:/ / www. [9] Jordan Golson (2009-07-21). com/ podcasts. [14] Henry Sienkiewicz (2008-04-30). [2] Brian Partridge (2010-05-17). Retrieved 2009-07-28. messagelabs. and internal billing of networked applications. . . [15] Ephraim Schwartz (2008-07-07). Retrieved 2009-07-27. networkworld. com/ offer/ windriver_intel?source=ebook_tab). Retrieved 2009-07-27. heavyreading. Retrieved 2009-07-27. "A Brave New World: 700M New Net Users Seen By 2013" (http:/ / gigaom. . com/ mlireport/ MLIReport_Annual_2008_FINAL. providing situational awareness for Lawful Interception and Cyber Security. Light Reading. com/ getdoc.Managing Data Growth" (http:/ / www. com/ news/ 2008/ 070208-cloud. htm). . Retrieved 2009-07-28. . Use in business Because NI combines real-time network monitoring with IP metadata extraction. IDC. php?podcastID=229). Database Auditing and Network Protection. TMCnet. Customer Experience Management. lightreading. Retrieved 2010-06-15. com). heavyreading. The network visibility afforded by NI can also be used to build enhancements and next-generation solutions for Network Performance Management. . htm). MessageLabs. . it enhances the effectiveness of applications for Database Security. [10] http:/ / www. com/ topics/ caas-saas/ articles/ 49997-qosmos-network-intelligence-helps-development-smart-pipe-solutions. [6] Shireen Dee (2009-02-03). infoworld. tmcnet. "DISA’s Cloud Computing Initiatives" (http:/ / www. [12] "IDC Finds Cloud Computing Entering Period of Accelerating Adoption and Poised to Capture IT Spending Growth Over the Next Five Years" (http:/ / idc. pcworld. 2008. Real-time data capture. fiercetelecom. com/ businesscenter/ article/ 162157/ more_cash_for_cloud_computing_in_2009. yankeegroup. References [1] Jessica Schieve (2011-02-23). do?id=53513). "Deep Packet Inspection Semi-Annual Market Tracker" (http:/ / www. Retrieved 2009-07-28. Retrieved 2010-06-15. . jsp?containerId=prUS21480708). Retrieved 2011-03-15. GigaOM. "Will P2P Soon Be the Scourge of Mobile Networks?" (http:/ / gigaom. "Light Reading report: Network Acceleration . com/ securitytrends/ ). Retrieved 2009-07-28. Retrieved 2009-07-27. . Retrieved 2009-07-27. when where and how. Info World. tmcnet. WAN Optimization. TMCnet. ironport. "Network Intelligence is Key to Profiting from Anywhere Demand" (http:/ / www. Yankee Group Anchor Report. "Market Research: New Opportunity for Service Providers?" (http:/ / www. . "Qosmos Network Intelligence Helps Development of Smart Pipe Solutions" (http:/ / caas. . com/ d/ cloud-computing/ dangers-cloud-computing-839). Retrieved 2009-07-27. 2008-10-20. Heavy Reading. . Retrieved 2009-07-28. Retrieved 2010-06-15. . com/ document. [16] Jon Brodkin (2008-07-02). extraction and analysis allow security specialists to take preventive measures and protect network assets in real time as a complement post-mortem analysis after an attack. com/ 2009/ 07/ 21/ a-brave-new-world-700m-new-net-users-seen-by-2013/ #more-59899). html). IronPort. [7] "MessageLabs Intelligence: 2008 Annual Security Report" (http:/ / www. [3] Thibaut Bechetoille (2009-03-25). . Government Information Security Podcasts. 2009. "The dangers of cloud computing" (http:/ / www.

Sales markets The company markets and sells its products worldwide through an indirect sales channel that includes distributors and resellers located in the Americas. government. Europe. cloud computing.[3] History Radware was co-founded by Yehuda Zisapel and Zohar Zisapel in 1997. e-Commerce. insurance. and security. . is a provider of integrated Application Delivery and Network Security solutions based in Tel Aviv. healthcare. Its customers cover all major industry segments including financial services. In February 2009 Radware acquired Nortel’s Application Delivery business (Alteon) and now offers them under a merged brand. education. now President of Payoneer.radware. CEO and Director. retail.[4] The company is headquartered in Tel Aviv. Israel Key people Products Revenue Employees Subsidiaries Website CEO: Roy Zisapel CFO: Meir Moshe COO: Ilan Kinreich Application Delivery and Network Security $144. For the enterprise. Middle East. Africa and Asia Pacific. application & WAN optimization.Radware 43 Radware Radware Type Industry Founded Public (NASDAQ: RDWR Technology 1997 [1] ) Headquarters Tel Aviv.[5] Radware former VP of business development is businessman Yuval Tal. Israel and is a member of the Rad Group of companies. Radware Alteon.1 million USD (2010) 700+ Radware Alteon www. transportation. Radware offers networking solutions for data center virtualization. mobile communications. Israel.com [2] Radware (NASDAQ:RDWR). The disposal by Nortel was part of a move to reduce its debt and recover from Chapter 11. services and carriers. Roy Zisapel is the current President. manufacturing. In 1999 the company had an initial public offering and was listed on the NASDAQ stock exchange.

retrieved 2009-10-16 [4] Net Management Firm. 2011 • Smartphones and Social Media Can Be a Risky Combination (http://www. Finjan. com/ [3] Magic Quadrant for Application Delivery Controllers. Radware USA: Facebook hacked: a reminder for on-line businesses (http://www. Blue Coat. bnet. . Security (http://www. InfoSys. BNET. (http:/ / www.com/newsevents/mediacoveragedetail. 2011 . Gartner. Files for $43m IPO (http:/ / www. pdf). 2011 • Carl Herberger VP of security solutions. SAP AG. ByteMobile.com/newsevents/ mediacoveragedetail. .aspx?id=8361) CTO Edge.aspx?id=8363) TechNewsWorld. radware. com/ resource/ networking/ loadbalancing/ Mediaproducts-gartner. January 27. aspx). Computer Business Online.radware. . 2011 • Facebook Once Again Hangs Up on Phone Rumors (http://www. BEA.aspx?id=8419) Fox News. January 26. FBI Wants New Tools (http://www.com/newsevents/mediacoveragedetail.com/newsevents/ mediacoveragedetail. retrieved 2009-10-16 [6] Radware partners (http:/ / www. .com/newsevents/ mediacoveragedetail.[6] References [1] http:/ / quotes. Oracle Corporation. com/ news/ net_management_firm_radware_files_for_43m_ipo). com/ Company/ TechnologyAlliances/ default.com. cbronline. VMWare. retrieved 2009-10-16 External links • To Probe 'Dark Spots' Where Cybercrooks Lurk. aspx?id=8295) Investor’s Business Daily. February 11.com/newsevents/mediacoveragedetail. January 21.radware.radware. 2011 • Radware Makes ADCs Virtual (http://www.Radware 44 Core technology The core technologies that make up Radware’s offering include: • • • • • • • • • • • • Application Delivery Virtualization Global Load Balancing VoIP Load Balancing SIP Load Balancing Application Acceleration SSL Acceleration XML Acceleration/Security MultiWAN Switching Quality of Service (QoS) Web Application Firewalling Network Intrusion Prevention DPI/DFI Partners Radware partners with leading industry application and technology providers such as: AT&T.radware. nasdaq. January 19. 2011 • Inside Data Center Preparedness (http://www. Blackboard. February 24. HP. radware. Riverbed.aspx?id=8315) Infosecurity Magazine. Forum. Radware. February 1.com/newsevents/mediacoveragedetail.aspx?id=8365) Global Security Mag. securitytechnet. Microsoft. com/ asp/ SummaryQuote.radware. com/ 2448-14061_23-272392. 2011 • Web Traffic Requires Traffic Cop. IBM. retrieved 2009-10-16 [5] Radware acquires Nortel division for USD18m (http:/ / www.aspx?id=8417) Processor.radware. asp?symbol=RDWR& selected=RDWR [2] http:/ / www. RSA and BEA.radware. html). Juniper Networks.

com • Radware on Yahoo Finance (http://finance.com/newsevents/ mediacoveragedetail.by Hoovers.Radware • Virtualized infrastructure key to enticing enterprise to carrier cloud services (http://www. 2011 • WikiLeaks Hacktivists Explain “Operation Payback” (http://www.aspx?id=8239) ConnectedPlanet. 2010 • Radware Factsheet (http://www.com/q/pr?s=RDWR) 45 .com/ newsevents/mediacoveragedetail.com/free/co/factsheet.xhtml?ID=61374&cm_ven=PAID& cm_cat=OVR&cm_pla=CO4&cm_ite=radware) .radware.aspx?id=8211) Investor’s Business Daily.hoovers. December 10.radware.yahoo. January 13.

A subsequent round of financing of $19M (Cdn) was completed in May 2005. Many operators have shifted focus to revenue generating services and reducing operational expenditure. and substitute it for the one selected by the P2P . Co-Founder. Sandvine network policy control products are designed to implement broad network policies. In October 2006 Sandvine completed an initial public offering on the Toronto stock exchange under the ticker 'SVC'. President and CEO Scott Hamilton. Stateful Policy Management [14] uses stateful deep-packet inspection and packet spoofing to allow the networking device to determine the details of the p2p conversation. Canada. Rather than identifying individual messages.[6] congestion management.sandvine. quality of service. VoIP and gaming. Ontario. and security. Technology Sandvine's technology focuses on policy management.Sandvine 46 Sandvine Sandvine Incorporated Type Public [1] TSX: SVC [2] AIM: SAND Networking Hardware and Software Waterloo. Ontario (2001) Industry Founded Headquarters Waterloo. Initial product sales focused at congestion management as operators struggled with the high growth of broadband. CTO Website www. using multiple source (EHLO) domains and large address books. Co-Founder. EVP Marketing & Sales Brad Siim.[11] [12] The P2P path optimizer [13] focuses on Gnutella.[7] Sandvine targets its products at consumer Tier 1 and Tier 2 networks including cable.[9] [10] Quality of service control is provided for a range of media applications including video conferencing. and mobile. spam control is based on identifying sources of spam from behaviors such as using multiple SMTP servers. ranging from service creation. AIM: SAND [2]). In March 2006 Sandvine completed an initial public offering on the London AIM exchange under the ticker 'SAND'. usage-based billing. by a team of approximately 30 people from a recently closed Cisco acquisition. is a networking equipment company based [4] in Waterloo. PixStream. Ontario Key people Dave Caputo. CFO Tom Donnely. and uses a path cost algorithm to reduce congestion while still delivering the same content. including the control of spam. Co-Founder. including the hash requested. COO and VP Engineering Don Bowman. Co-Founder. and P2P path optimisation. The device can then determine the optimal peer to use.com [3] Sandvine Incorporated (TSX: SVC [1]. An initial round of VC funding launched the company with $20M (Cdn). DSL. Canada.[5] billing.[8] Company history Sandvine was formed in August 2001 in Waterloo. Ontario.

Patent EP1743466 (http:/ / www. imitating both ends of the connection. ca/ en/ releases/ archive/ October2006/ 10/ c6288. sandvine.Major Wireless Carrier Selects Sandvine’s 10-Gigabit Ethernet Solution to Give Subscribers More Control over their Mobile Internet Experience (http:/ / www. sandvine. sandvine. sandvine. com/ http:/ / www.[20] Comcast injected reset packets into peer-to-peer connections. cgi?native_or_pdf=pdf& id_document=6520169715) [19] Comcast's Protocol-Agnostic Congestion Management System (http:/ / tools.. May 2000 article "Nonintrusive TCP Connection Admission Control for Bandwidth Management of an Internet Access Link". html) [10] (WO/2005/109816) A SYSTEM AND METHOD FOR DETECTING SOURCES OF ABNORMAL COMPUTER NETWORK MESSAGES (http:/ / www. This method of network management was described in the IEEE Communications. com/ news/ pr_detail. com/ general/ getfile. com/ news/ pr_detail.[17] 47 Comcast Controversy Sandvine products are used by Comcast in the United States to manage Internet traffic generated by peer-to-peer file sharing software. com/ GetFile. asp) [12] CNW Group | VECIMA NETWORKS INC. as well as all fixed access. asp?ID=100) [6] Sandvine Incorporated: Press Release . int/ pctdb/ en/ wo. -a0139417017) [8] Sandvine Management's Discussion and Analysis (http:/ / sedar. the subscriber may be session managed without negative impact. html) [13] (WO/2003/094465) PATH OPTIMIZER FOR PEER TO PEER NETWORKS (http:/ / www. com/ EP1743466. sandvine. groupware clients affected (http:/ / arstechnica. which effectively caused a certain limited number of outbound connections to immediately terminate. wipo. asp?ID=148) [7] Adelphia Selects Sandvine to Protect Subscribers from Worms and Spam. com/ news/ pr_detail. org/ html/ rfc6057) [20] eff. ietf. sandvine. and sending reset packets to both client and server. jsp?wo=2005109816) [11] Sandvine Incorporated: Service Delivery Engine (http:/ / www. . Fairshare. cantechletter. ars/ post/ 20071021-comcast-traffic-blocking-even-more-apps-groupware-clients-affected. asp?ID=283) [18] Comcast's compliance report to FCC on its previous network management techniques (http:/ / gullfoss2. freepatentsonline. com/ 2011/ 05/ cantech-letter-interviews-dave-caputo-of-sandvine-tsxsvc/ Sandvine Incorporated: Press Release . session management is an effective strategy. quotemedia. eff.. fcc. patch distribution and illegal downloads).org article on Comcast jamming Gnutella and Lotus (http:/ / www. jsp?wo=2003094465) [14] "Meeting the Challenge of Today's Evasive P2P Traffic" (http:/ / www. com/ news/ pr_detail. com/ Adelphia+ Selects+ Sandvine+ to+ Protect+ Subscribers+ from+ Worms+ and+ Spam. thefreelibrary.Sandvine algorithm. com/ news. do?lang=EN& docClass=7& issuerNo=00024246& fileName=/ csfsprod/ data106/ filings/ 01560378/ 00000001/ s:\svcMDA. com/ products/ service_delivery_engine.StarHub Selects Sandvine to Deploy End-to-End PacketCable MultiMedia Solution (http:/ / www. londonstockexchange. References [1] [2] [3] [4] [5] http:/ / tmx. This affects all uses of BitTorrent (such as open-source project distribution.and post-paid service plans across converged networks (http:/ / www. wipo. asp?FILEID=16) [15] Comcast traffic blocking: even more apps. int/ pctdb/ en/ wo. This is the default behaviour for Sandvine’s session management policy and limits external leechers from [23] connecting to internal seeds. html) [16] Sandvine Supports Cricket Broadband Internet (http:/ / www. php?qm_symbol=SVC http:/ / www." [15] The usage-based-billing includes[16] pre-paid and post-paid 3G and 4G mobile access.[18] Sandvine's current congestion management product. In cases where a subscriber is a “seeder” and uploads content to an off net “leecher”.[19] According to independent testing. pdf) [9] A SYSTEM AND METHOD FOR DETECTING SOURCES OF ABNORMAL COMPUTER NETWORK MESSAGES . by "[sitting] in the middle. com/ quote. is described in detail in an RFC. asp?ID=243) [17] Sandvine supports pre. com/ en-gb/ pricesnews/ prices/ Trigger/ genericsearch. org/ deeplinks/ 2007/ 10/ comcast-also-jamming-gnutella-and-lotus-notes) .[21] [22] A product whitepaper published by Sandvine confirms that its products are configurable to use "Session Management" capability to prevent customers using BitTorrent from providing uploads to peers who are not close to them on the network. newswire. sandvine. htm?bsg=true& ns=SAND http:/ / www.Free Online Library (http:/ / www. | CableMatrix and VCom Showcase First QoS Enhanced Video Conferencing over WiMAX Solution (http:/ / www. gov/ prod/ ecfs/ retrieve.

comsoc.com/forum/ r18323368-Comcast-is-using-Sandvine-to-manage-P2P-Connections) • http://www.comsoc. html) [23] Session Management: BitTorrent Protocol . org/ ci/ private/ 2000/ may/ Kumar.org/ci/private/2000/ may/Kumar. comsoc.Managing the Impact on Subscriber Experience http:/ / www.dslreports.Sandvine [21] IEEE Communications Interactive (http:/ / www.html) .org/ci/private/2000/may/Kumar.org/article. com/ general/ getfile. comsoc.html (http://www. sandvine. org/ ci/ public/ 2000/ may/ index. asp?FILEID=21 48 External links • Sandvine (http://www.com) • Slashdot: Comcast filtering network packets (http://slashdot. html) [22] Nonintrusive TCP Connection Admission Control for Bandwidth Management of an Internet Access Link (http:/ / www.pl?sid=07/10/19/1417238) • Dslreports: Comcast is using Sandvine to manage P2P Connections (http://www.sandvine.

com [2] [1] SonicWALL is a private company headquartered in San Jose. The company also markets information subscription services related to their products. .[3] The company solutions also serve to solve issues surrounding HIPPA and PCI compliance issues. (Matt) Medeiros CFO: Robert D. Viruses and other Malware USD 219 million (2008) 700 (January 2008) www. CA.[8] On July 23. Selvi Founders: Sreekanth Ravi.[4] History The company was founded in 1991 under the name "Sonic Systems" by brothers Sreekanth and Sudhakar Ravi to develop Ethernet and Fast Ethernet cards. In November 1999 they went public (SNWL). Backup and Recovery. Security appliances. UTMs (Unified Threat Management). hubs and bridges. backup and recovery. Spyware.sonicwall.[3] [5] In the late 1990s they released a security product later branded "SonicWALL" which was a dedicated hardware appliance with firewall and VPN software intended for the small-business market. Teachers' Private Capital.[7] The company has acquired a number of companies through the years. which includes the Ontario Teachers' Pension Plan through its private investor department. LLC.SonicWALL 49 SonicWALL SonicWALL Type Industry Founded Private Backup and Recovery. It sells a range of internet appliances primarily directed at content control and network security. California Key people CEO: Matthew T. and anti-spam for email. These include devices providing services for network firewalls. Internet security 1991 Headquarters San Jose. (Matt) Medeiros (formerly of Philips Components) became CEO in March 2003. expanding its product line in the process. Sudhakar Ravi Products Revenue Employees Website Security Appliance filtering Spam.[6] Matthew T. After the merger SonicWall was delisted from NASDAQ. 2010 SonicWALL announced that it has completed its merger with affiliates of an investor group led by Thoma Bravo. VPNs (Virtual Private Network).

com/ ) [10] AIS (Access Information Security) (http:/ / www. htm) [2] http:/ / www. co. . Retrieved 2011-06-06. com/ Corporate_Info/ index. google. 2011. 2010. com/ story/ 1715. redzonetech. com/ q/ pr?s=SNWL). Archived from the original (http:/ / www. archive. [5] "Corporate Information" (http:/ / web.SonicWALL 50 Resellers • • • • New England[9] UK & Ireland[10] UK & Ireland[11] United States[12] References [1] sec." (http:/ / finance. NSIserv. uk/ ) [12] RedZone Technologies (http:/ / www.) (http:/ / www.Reuters" (http:/ / www. pdf). sec. Retrieved 2010-03-05. [9] NSI (New England Systems Inc. 1999. Google.gov (http:/ / www. O). Yahoo!. sonicwall. reuters. ecommercetimes. sonicsys. Retrieved 2010-03-05. Retrieved 2010-03-05. . Ecommerce Times. com/ Corporate_Info/ index. . aisec. 2010. net/ wp-content/ uploads/ 2011/ 06/ Davco_Restaurants_SW. html). com/ archivesearch?um=1& cf=all& ned=us& hl=en& q=SonicWall+ acquisition& cf=all). Reuters. . net/ ) . Retrieved 2010-03-05. com/ finance/ stocks/ companyOfficers?symbol=SNWL. uk/ ) [11] SonicWALL Online (UK Gold Partner) (http:/ / www. html) on 1999-05-04. Retrieved 2010-03-05. redzonetech. 1999. SonicWALL. gov/ Archives/ edgar/ data/ 1093885/ 000109388509000007/ f10k. [7] "SonicWall Company Officers . sonicsys. [6] "SonicWall IPO Should Make Noise" (http:/ / www. yahoo. . sonicwallonline. Inc. org/ web/ 19990504153444/ http:/ / www. 2010. . html?wlc=1267835772). [4] "Sonicwall PCI Compliance Case Study" (http:/ / www. com [3] "SNWL: Profile for SonicWALL. co. SonicWALL. [8] "News Archive Search of "SonicWall acquisition" including frequency chart" (http:/ / news.

[6] Each of the components.Stonesoft Corporation 51 Stonesoft Corporation Stonesoft Corporation Secure Information Flow Type Public [1] NASDAQ OMX: SFT1V Network Security Helsinki. as well as third-party devices. can be managed from the StoneGate Management Center. United States. Stonesoft does business globally.[5] each available as hardware appliances. originally developed for Check Point FireWall-1. with a regional headquarters in Atlanta. Finland Area served Key people Worldwide Ilkka Hiidenheimo (Chairman & CEO) Juha Kivikoski (COO) Mikael Nyberg [2] (CFO) Products Network security Firewall IPS VPN Security appliances Virtual appliances Employees Website [3] 174 (Dec 2009) stonesoft. Finland (1990) Ilkka Hiidenheimo Hannu Turunen Industry Founded Founder(s) Headquarters Helsinki. the Middle East. Its product portfolio includes firewall/VPN devices. and SSL VPN systems. . and China. IPS (intrusion detection and prevention systems). Finland-based vendor of network security solutions. software. Georgia.[7] The product portfolio differentiates through unique clustering and load balancing technologies based on the company's older StoneBeat technology. and VMware-certified virtual appliances.com [4] Stonesoft Corporation is a publicly owned Helsinki. and sales offices throughout Europe.

stonesoft. 2001.Stonesoft Corporation 52 History Stonesoft started as a systems integrator in the Nordic regions of Europe. vmware. the company extended StoneBeat with a patented load balancing clustering technology. and is currently placed in the niche quadrant. stonesoft. vadition.[12] Controversy In 2008.[11] The StoneGate firewall/VPN is regarded for its "robust performance and feature set relative to company resources. and it has a loyal customer base". com/ us/ products/ smc/ index. PN. the company introduced the first virtual firewall/VPN solution. nasdaqomxnordic. pl?ACCT=104& STORY=/ www/ story/ 01-22-2003/ 0001876476& EDATE= [11] http:/ / www. It is also certified by ICSA Labs Network Intrusion Prevention and Detection category. com/ export/ download/ financial_files/ stonesoft_annual_report_2009_en.[8] launching StoneBeat FullCluster. a technology for creating a high availability pair of firewalls in an active-passive configuration. html [10] http:/ / www2.621 [9] http:/ / www. the Helsinki Court of Appeal issued a decision in a case brought against Stonesoft and several members of its management team. for IBM mainframes.856. html [8] http:/ / patft.621. icsalabs.621& RS=PN/ 6. Stonesoft expanded its product set into the firewall/VPN space. html& r=1& f=G& l=50& co1=AND& d=PTXT& s1=6. com/ pdf/ Gartner_Magic_Quadrant_Firewalls_2010. & OS=PN/ 6. com/ us/ products/ index.[13] The District Court of Helsinki had originally dismissed the claims in a decision on November 15. uspto. com/ cgi-bin/ stories.[9] In 2001.856.856. com/ products?tid[]=4222 . stonesoft. gov/ netacgi/ nph-Parser?Sect1=PTO2& Sect2=HITOFF& p=1& u=%2Fnetahtml%2FPTO%2Fsearch-bool. com/ appliances/ directory/ cat/ 522?k=Stonesoft& c=522 [7] http:/ / www. stonesoft. com/ aktier/ shareinformation?Instrument=HEX24350 [2] http:/ / www. yet "a profit warning should in fact have been issued". It was one of the first technologies certified in Check Point's OPSEC program. html [6] http:/ / www. The reports indicated the company was sound and profitable. pdf [4] http:/ / www.[13] The issue at hand was discrepancies between the profitability forecasted in the company's year 2000 interim reports and the actual state of the company at that time. stonesoft. prnewswire. com [5] http:/ / www.[11] The StoneGate IPS has also placed in Gartner's Magic Quadrant for Network Intrusion Prevention.[10] Products Stonesoft's current product portfolio can be divided into four major categories[5] : • • • • StoneGate Firewall/VPN StoneGate IDS/IPS StoneGate SSL VPN StoneGate Management Center (SMC) The StoneGate Firewall/VPN has placed in Gartner's Magic Quadrant for Enterprise Network Firewalls for several years. pdf [12] https:/ / www. The court "held that two members of the company's board of directors and a former CEO through gross negligence had failed to give a profit warning in due time". becoming a direct competitor to Check Point. com/ solutions/ partners/ stonesoft_fc. opsec. and is one of only four vendors in the consortium to achieve that certification. high availability is key or when the leaders are otherwise not welcome". 2006.[14] References [1] http:/ / www. In January 2003. The StoneGate Firewall/VPN was launched on March 19. In 1994 it introduced StoneBeat.[11] Gartner notes that Stonesoft "serves a set of placements well – usually. In 1999. com/ en/ investor_relations/ corporate_governance/ management/ [3] http:/ / www.

uk/ news/ story. dittmar.stonesoft.stonesoft. fi/ whats_new/ newsletters/ D& I%20Q4%202008.com) • Semi-official community Web site (http://stoneblog. PDF [14] http:/ / www. euroinvestor. aspx?id=10020587 53 External links • Official website (http://www.Stonesoft Corporation [13] http:/ / www. co.com) .

com/ news_events/ china_mobile_thanks_theta_networks_for_its_unique_support_during_the_olympics. (http:/ / investing. Ericsson. vanillaplus. html [9] http:/ / www. thetanetworks. and China. a DPI-based network security product. com/ resources/ deep_session_inspection. php?press_id=1162 [7] http:/ / www. ossnewsreview. html [12] http:/ / www. co. co. and Russia. Theta Networks company works in France through a partner[11] . thetanetworks. and Streaming Technology. thetanetworks. html [5] http:/ / www. Theta Networks has been a major supplier to Nokia Siemens [1] [3] . MMS. com/ [3] http:/ / www. subscriber management and security on mobile networks. SMS. Theta Networks also offers VirusGuardMax. com/ extras/ ict_telecom_press_release_article. Inc. thetanetworks. genetel. com/ telecom-oss/ theta-networks-and-syrus-systems-form-partnership-in-russia/ . and assisted China Mobile during the Olympic Networks. htm [4] http:/ / www.[1] The company develops Deep Packet Inspection-based software that can be used for monitoring. com/ global/ Press/ Press+ releases/ news-archive/ Nokia+ Siemens+ Networks+ to+ expand+ its+ customer+ base+ in+ service+ management+ through+ channel+ partners. Orange and China Mobile [4] [5] Games Recently. com/ resources/ cross_session_inspection. South America. and also recently established partnerships in Australia[12] . connect-world. rl. businessweek. asp?privcapId=28831084) BusinessWeek. optimization. html& src=searchsecurity. html [8] http:/ / www. com/ news_events/ theta_networks_manage_data_services_for_beijing_2008_olympic_games. and Cross Session Inspection.[13] References [1] Theta Networks. Motorola. Cross Packet Inspection.com [2] http:/ / www. html [10] http:/ / searchsecurity. com/ research/ stocks/ private/ snapshot.Theta Networks 54 Theta Networks Theta Networks Type Industry Founded Founder(s) Headquarters Key people Products Website Private Telecommunication [1] 2005 Steve Zhu New Jersey. Theta's solutions reassembles and finds relationships between subscriber application sessions at Open Systems Interconnection layer 7 using Deep Packet Inspection. DNS. fr/ Press-Announcements/ Press-AnnouncementTheta-Networks. thetanetworks. com/ resources/ cross_packet_inspection. techtarget.[10] The company has office in New Jersey. uk/ detail/ PROD/ 1110792023_599. United States Steve Zhu (CEO) DPI Software [2] Theta Networks is a New Jersey based Telecommunication solutions company that was founded in 2005. uk [11] http:/ / www. thetanetworks. HTTP. nokiasiemensnetworks. html [6] http:/ / www. com/ news/ view/ 119 [13] http:/ / www.[7] [8] [9] This technology can be applied to mobile use of WAP. rl. Theta Networks has also been working with China Mobile on monitoring and support for their new TD-SCDMA networks[6] . techtarget.

Ltd.. Crescendo Networks. Type Industry Founded Private Limited company Technology 2002 Headquarters Mumbai. In 2010. Radware and Zeus Technology. Coyote Point Systems. Maharashtra and has development and marketing offices PAN India. It originally manufactured and sold load balancing products. Armorlogic. VLD directed traffic away from that server to other servers that could handle the load. KEMP Technologies. Products V-Load Director (VLD) Viaedge's VLD product is based on a network appliance (either virtual or physical). It is headquartered in Mumbai. 75% of the Viaedge business was with ET 500 companies. Other competitors include A10 Networks. . which runs on top of Linux. If a server went down or became overloaded.com [1] Viaedge Software Technologies.Theta Networks 55 External links • Company Site (http://www. Gartner cite the most significant competitors (in terms of market share) as Cisco Systems and Citrix Systems.com) Viaedge Viaedge Software Technologies (I) Pvt.ThetaNetworks. Viaedge' flagship product. Brocade. was originally a network load balancer but today also offers other functionality such as access control and application security. Barracuda Networks. Viaedge offers products in various segments of the Application Delivery Controller market. . which provide the VLD functionality. Corporate focus is on networking gears. Array Networks.viaedge. is a networking appliances company. Corporate history Viaedge Software Technologies was founded in 2002. India Key people Products Website MD: Phani Bhushan Networking www. Add-on modules to VLD family of products offer email filtering and intelligent compression to allow for lower bandwidth and faster downloads in addition to load balancing and local traffic management capabilities. the V-Load Director. This appliance can then run one or more product modules (depending on the appliance selected). Viaedge's first product was a Server load balancer called VLD.

The previous platforms had two internal boards . which runs on top of Linux. The full model line-up is as follows. This appliance can then run one or more product modules (depending on the appliance selected). The current hardware line-up uses Intel CPUs.a PC/server-type motherboard .[2] with approximate best-case throughput indicated: Model VLD 100 Advertised throughput 1 Gbit/s VLD Pro 4101 1 Gbit/s VLD Pro 4102 2 Gbit/s VLD Pro 4202 2 Gbit/s VLD Pro 4204 4 Gbit/s VLD Pro 4206 6 Gbit/s VLD Ent 5404 4 Gbit/s VLD Ent 5408 8 Gbit/s VLD Ent 5812 12 Gbit/s VLD Ent 5816 16 Gbit/s Model Throughput WAN Ports 2 2 3 4 6 8 10 12 Restricted Maximum Bandwidth 2 Mbps 4 Mbps 6 Mbps 10 Mbps 20 Mbps 45 Mbps 100 Mbps 500 Mbps LLB S-002 200 Mbps LLB S-004 200 Mbps LLB P-006 300 Mbps LLB P-010 2 Gbps LLB E-020 3 Gbps LLB E-045 4 Gbps LLB T-100 5 Gbps LLB T-500 6 Gbps . and the hardware models internally use a single custom-fabricated system board.Viaedge 56 V-NetLink (VLLB) Viaedge's V-Netlink product is based on a network appliance (either virtual or physical). which provide the VLD functionality. Some models include hardware SSL acceleration for key exchanges and bulk encryption/decryption . and hardware compression assistance. Viaedge Appliances The current line of VLD & V-NetLink appliance was released between 2009 and 2010. but some previous models have included AMD Opteron CPUs. Hardware models include a front LCD panel for configuration and monitoring and a separate service processor for out-of-band management.

Typically. When data is formatted into packets. Different communications protocols use different conventions for distinguishing between the elements and for formatting the data. By using packet switched networking it is also harder to guarantee a lowest possible bitrate. is that some networks can break a larger packet into smaller packets when necessary (note that these smaller data elements are still formatted as packets). . the packet is formatted in 8-bit bytes. such as traditional point-to-point telecommunications links. Packet framing A packet consists of two kinds of data: control information and user data (also known as payload). like Ethernet. A network design can achieve two major results by using packets: error detection and multiple host addressing. Other protocols. and the data area is whatever the person puts inside the envelope. control information is found in packet headers and trailers. Some protocols format the information at a bit level instead of a byte level. com/ solutions/ data-centre-solutions/ application-load-balancer).Viaedge Viaedge Product Modules • • • • V-Load Director : Local load balancing based on a full-proxy architecture. error detection codes like checksums. however. and special characters are used to delimit the different elements. com/ [2] "Viaedge Hardware Data Sheet" (http:/ / viaedge. Computer communications links that do not support packets.com/) Network packet In computer networking. the bitrate of the communication medium can be better shared among users than if the network were circuit switched. or bits alone. A difference. A good analogy is to consider a packet to be like a letter: the header is like the envelope. . and sequencing information. In Binary Synchronous Transmission. 57 References [1] http:/ / www. The control information provides data the network needs to deliver the user data. simply transmit data as a series of bytes. characters. viaedge.viaedge. Retrieved 2010-08-17. with user data in between. NetLink: Inbound and outbound ISP load balancing.com (http://www. a packet is a formatted unit of data carried by a packet mode computer network. External links • viaedge. V-Application Delivery Controller: Global Server Load Balancing using DNS. establish the start of the header and data elements by their location relative to the start of the packet. WAN OptimiZation Module: A data centre symmetric WAN optimization solution. for example: source and destination addresses.

datagrams In general. whereas UDP and IP provide an unreliable one. it would send an error message back to the sending host. This led to the development of the end-to-end principle. while an "unreliable" one does not notify the user if delivery fails. 4. a field to identify position of fragment within original packet . TCP and IP provide a reliable service. an acknowledgement was delivered to the sending host. 5 means 20 bytes). Example: IP packets IP packets are composed of a header and payload. which is one of the Internet's fundamental design assumptions. Once the message was delivered to the destination host. Subsequent experience on the ARPANET indicated that the network itself could not reliably detect all packet delivery failures. but UDP packets are generally called datagrams. also referred to as Quality of Service (QoS). 13 bits that contain the fragment offset. and sent the message across the interface to its connected Interface Message Processor. then it becomes the host's responsibility to provide reliability by detecting and retransmitting lost packets. and a flag to state whether more fragments of a packet follow (MF: More Fragments) 7. If the network could not deliver the message. 5.[1] When the ARPANET pioneered packet switching. and this pushed responsibility for error detection onto the sending host in any case. Host addressing Modern networks usually connect three or more host computers together. like the ARPANET and the modern Internet. Together. the term packet applies to any message formatted as a packet. inserted the address of the destination host computer. Meanwhile.g. 3. This lesson was later embraced by the designers of Ethernet. while the term datagram is generally reserved for packets of an "unreliable" service. Packets vs.Network packet 58 Error detection It is more efficient and reliable to calculate a checksum or cyclic redundancy check over the contents of a packet than to check errors using character-by-character parity bit checking. 4 bits that contain the version. 2. in such cases the packet header generally contains addressing information so that the packet is received by the correct host computer. 6. 4 bits that contain the Internet Header Length which is the length of the header in multiples of 4 bytes (e. In complex networks constructed of multiple routing and switching nodes. which describes what priority the packet should have. 16 bits that contain the length of the packet in bytes. 3 bits that contain a zero. A host computer simply arranged the data in the correct packet format. the developers of CYCLADES and of ALOHAnet demonstrated that it was possible to build an effective computer network without providing reliable packet transmission. If a network does not guarantee packet delivery. This technology is called packet switching. 16 bits that contain an identification tag to help reconstruct the packet from several fragments. The IPv4 packet header consists of: 1. that specifies if it's an IPv4 or IPv6 packet.[1] A "reliable" service is one that notifies the user if delivery fails. 8 bits that contain the Type of Service. it provided a reliable packet delivery procedure to its connected hosts via its 1822 interface. a series of packets sent from one host computer to another may follow different routes to reach the same destination. All these protocols use packets. The packet trailer often contains error checking data to detect errors that occur during transmission. a flag that says whether the packet is allowed to be fragmented or not (DF: Don't fragment). IP provides an unreliable service. For example.

the Transport Layer. which has its own header and trailer. Telecom processing notes Data in a frame is typically protected from channel errors by error-correcting codes. 32 bits that contain the source IP address. the UDP protocol of the Internet. However. 32 bits that contain the destination address. Under this standard. which can change based on the protocol used. Handling data loss Deleted undecodable whole frames are the principal type of data loss that affects compressed data sets.) 10. a number used in error detection. ICMP. nonduplication of packets. 8 bits that contain the protocol (TCP. it is possible to layer a transport protocol on top of the packet service that can provide such protection. an IP packet is often carried as the payload inside an Ethernet frame. ranging from 7 to 65. which are fixed-length data blocks. Because packet lengths are variable but frame lengths are fixed. . An IP packet has no trailer. optional flags can be added of varied length. of the seven layered OSI model. However. 12. The header of a packet specifies the data type. e. • Packetized data is transmitted via frames. There generally would be little to gain from attempting to use compressed data from a frame marked as undecodable.542 bytes. packet number. etc. can range up to 2048 bytes. including the packet header.Network packet 8. packet boundaries usually do not coincide with frame boundaries. a packet with a TTL of 16 will be allowed to go across 16 routers to get to its destination before it is discarded).. The size of a frame. • Even when the channel errors exceed the correction capability of the error-correcting code. and the sender's and receiver's IP addresses. The term frame is sometimes used to refer to a packet exactly as transmitted over the wire or radio. then the data that packet carries is added. total number of packets. UDP. 8 bits that contain the Time to live (TTL) which is the number of hops (router. 59 Delivery not guaranteed Many networks do not provide guarantees of delivery. an image or other data sent from a spacecraft instrument is transmitted using one or more packets. 16 bits that contain the Header Checksum. including frame header and control information. 9. or in-order delivery of packets. computer or device along a network) the packet is allowed to pass before it dies (for example. After those 160 bits. TCP and UDP are the best examples of layer 4.g. the presence of errors nearly always is detected by the error-correcting code or by a separate error-detecting code. Example: the NASA Deep Space Network The Consultative Committee for Space Data Systems (CCSDS) packet telemetry standard defines the protocol used for the transmission of spacecraft instrument data over the deep-space channel. • Packet sizes are fixed during the development phase. • Frames for which uncorrectable errors are detected are marked as undecodable and typically are deleted. CCSDS packet definition A packet is a block of data with length that can vary between successive packets. 11.

fewer than 1 in 40. Thus. • All frames not employing the Reed–Solomon code use a cyclic redundancy check (CRC) error-detecting code. data. In the case of private streams the first byte of the payload is the sub-stream number. long-blocklength error-correcting codes. a single bit error is often just as disruptive as many bit errors.000 erroneous frames can escape detection. A typical method of transmitting elementary stream data from a video or audio encoder is to first create PES packets from the elementary stream data and then to encapsulate these PES packets inside an MPEG transport stream (TS) packets or an MPEG program stream (PS). Video streams (0xE0-0xEF) Note: The above 4 bytes is called the 32 bit start code. compressed data usually are protected by powerful. PES packet header Name Packet start code prefix Stream id 1 byte Examples: Audio streams (0xC0-0xDF). such as those used in an ATSC and DVB. • If an erroneous frame escapes detection. • Fortunately. The TS packets can then be multiplexed and transmitted using broadcasting techniques.Network packet • When errors are present in a frame. 60 Example: Radio & TV Broadcasting MPEG packetized stream Packetized Elementary Stream (PES) is a specification defined by the MPEG communication protocol (see the MPEG-2 standard) that allows an elementary stream to be divided into packets. but all subsequent decoded bits in the segment usually will be completely corrupted. Can be zero as in not specified for video streams in MPEG transport streams [2] [3] [4] [5] Size 3 bytes 0x000001 Description . but not misleading. This data loss can be compensated for with the following mechanisms. the decompressor can base its reconstruction on incomplete. • Furthermore. which has an undetected frame-error rate of less than 1 in 32. the bits of the subband pixels are already decoded before the first bit error will remain intact. it is extremely rare for an erroneous frame to go undetected. PES Packet length Optional PES header Stuffing bytes Data 2 bytes variable length variable length See elementary stream. which are the types of codes most likely to yield substantial fractions of bit errors throughout those frames that are undecodable. the decompressor will blindly use the frame data as if they were reliable.000. • For frames coded by the CCSDS Reed–Solomon code. The elementary stream is packetized by encapsulating sequential data bytes from the elementary stream inside PES packet headers. whereas in the case of detected erroneous frames. frames with detected errors would be essentially unusable even if they were not deleted by the frame processor.

Only the first two of the ones listed are known to be in general use however. NICAM packet transmission The NICAM packet (except for the header) is scrambled with a nine-bit pseudo-random bit-generator before transmission. in a similar manner to that used for in-flight movies on international flights. This means that the FM or AM regular mono sound carrier is left alone for reception by monaural receivers. NICAM offers the following possibilities. the NICAM signal is transmitted on a subcarrier alongside the sound carrier. 10 = only PTS 10 binary or 0x2 hex 00 implies not scrambled Description 61 Marker bits Scrambling control Priority Data alignment indicator 1 Copyright Original or Copy PTS DTS indicator ESCR flag ES rate flag DSM trick mode flag Additional copy info flag CRC flag extension flag PES header length Optional fields Stuffing Bytes 1 1 2 1 1 1 1 1 1 8 variable length variable length gives the length of the remainder of the PES header presence is determined by flag bits above 0xff NICAM In order to provide mono "compatibility". The four other options could be implemented at a later date. Two completely different digital mono sound channels. One 704 kbit/s data channel. the user can select which soundtrack to listen to when watching the content by operating a "sound-select" control on the receiver. . • The topology of this pseudo-random generator yields a bitstream with a repetition period of 511 bits. The mode is auto-selected by the inclusion of a 3-bit type field in the data-stream • • • • One digital stereo sound channel. A NICAM-based stereo-TV infrastructure can transmit a stereo TV programme as well as the mono "compatibility" sound at the same time. or can transmit two or three entirely different sound streams. One digital mono sound channel and a 352 kbit/s data channel. This latter mode could be used to transmit audio in different languages.Network packet Optional PES header Name Number of Bits 2 2 1 1 indicates that the PES packet header is immediately followed by the video start code or audio syncword 1 implies copyrighted 1 implies original 11 = both present. In this mode.

and probabilistically dropping or marking packets even when the queue is short. com/ EP1827030. html) [4] European publication server (http:/ / www. dTS101154. and dropped otherwise. jsp?PN=EP1827030%20EP%201827030& iDocId=6296342& iFormat=0 • Dean. • The pseudo-random generator is initialized with: 111111111. Typically. Network+ Guide to Networks. 8. org/ patents/ patent-information/ european-patent-documents/ publication-server. active queue management (AQM) is a technique that consists in dropping or ECN-marking packets before a router's queue is full. freepatentsonline. Active queue management In Internet routers. Making the NICAM bitstream look more like white noise is important because this reduces signal patterning on adjacent TV channels. Drawbacks of AQM Early AQM disciplines (notably RED and SRED) require careful tuning of their parameters in order to provide good performance. org/ PublicationServer/ document. 62 References [1] Kurose. they operate by maintaining one or more drop/mark probabilities. such queues use a drop-tail discipline: a packet is put onto the queue if the queue is shorter than its maximum size (measured in packets or in bytes). & Ross. "Computer Networking: A Top-Down Approach" ISBN 0-321-49770-8 [2] http:/ / www. • The NICAM header is not subject to scrambling. Active queue disciplines drop or mark packets before the queue is full. that hold packets scheduled to go out on that interface. Tamara (2006). (2007). epo. By dropping packets probabilistically. and to cause global synchronisation between flows. AQM disciplines are able to maintain a shorter queue length than drop-tail queues. This is necessary so as to aid in locking on to the NICAM data stream and resynchronisation of the data stream at the receiver. Queue management An Internet router typically maintains a set of queues.[2] By providing endpoints with congestion indication before the queue is full.Patent EP1827030 (http:/ / www. Recent Publications in Active Queue Management (AQM) schemes [1] Benefits of AQM Drop-tail queues have a tendency to penalise bursty flows. which reduces network latency ("ping time"). and can be run with their default parameters in most or all circumstances. html?iAction=3& cc=EP& pn=1827030& ki=A2) [5] https:/ / publications. For AQM systems that drop packets (rather than using ECN marking). dvb. the result seems counter-intuitive to many network engineers: "Why should I drop perfectly good packets when I still have free buffer space?" . 1. James F. AQM disciplines typically avoid both of these issues.Network packet • The pseudo-random generator's polynomial is: x^9 + x^4 + 1. european-patent-office. v1. Modern AQM disciplines (ARED. org/ technology/ standards/ a001r7. Keith W. • At the start of each NICAM packet the pseudo-random bit generator's shift-register is reset to all-ones. one per interface. Blue. tm1214r30. Massachusetts: Thomson Course Technology. Boston. pdf [3] Method and apparatus for changing codec to reproduce video and/or audio data streams encoded by different codecs within a channel . PI) are self-tuning. Historically.

Random Exponential Marking (REM). acm. Jacobson.1109/90. RSFB: a Resilient Stochastic Fair Blue algorithm against spoofing DDoS attacks (http:/ / sites. IEEE/ACM Transactions on Networking 1 (4): 397–413. org/ citation. Van (August 1993). org/ xpl/ freeabs_all. google. Robust random early detection (RRED) [4][5] • RSFB [6]: a Resilient Stochastic Fair Blue algorithm against spoofing DDoS attacks [7] References [1] http:/ / sites. google. cfm?id=1789954. com/ site/ cwzhangres/ home/ files/ RSFBaResilientStochasticFairBluealgorithmagainstspoofingDDoSattacks. Retrieved 2008-03-16. The AQM&DoS Simulation Platform [3] can simulate a variety of DoS attacks (Distributed DoS. pdf?attredirects=0). com/ site/ cwzhangres/ home/ files/ RSFBaResilientStochasticFairBluealgorithmagainstspoofingDDoSattacks. pdf?attredirects=0 [7] Changwang Zhang.Active queue management 63 The Simulation and Analysis Platform for AQM algorithms An Active Queue Management and Denial-of-Service (AQM&DoS) Simulation Platform is established based on the NS-2 simulation code of the RRED algorithm. com/ site/ cwzhangres/ home/ posts/ aqmdossimulationplatform [4] http:/ / sites. [3] http:/ / sites.More Details [3] AQM algorithms • • • • • • • Adaptive Virtual Queue (AVQ). Low-rate DoS. Jianping Yin. 1790341) . Ref (http:/ / portal. PI controller. RRED. ieee.) and Active Queue Management (AQM) algorithms (RED. google. Jianping Yin. Ref (http:/ / ieeexplore. Blue and Stochastic Fair Blue (SFB). Spoofing DoS. "Random Early Detection (RED) gateways for Congestion Avoidance" (http:/ / www. 14. google. 489-491. SFB. RRED: Robust RED Algorithm to Counter Low-rate Denial-of-Service Attacks (http:/ / sites. pp. . It automatically calculate and record the average throughput of normal TCP flows before and after DoS attacks to facilitate the analysis of the impact of DoS attacks on normal TCP flows and AQM algorithms. org/ floyd/ papers/ red/ red. html). Zhiping Cai. in International Symposium on Communication and Information Technology (ISCIT). doi:10. 2010. com/ site/ cwzhangres/ home/ files/ RREDRobustREDAlgorithmtoCounterLow-rateDenial-of-ServiceAttacks. pdf?attredirects=0 [5] Changwang Zhang. CHOKe. icir.251892. google. and Zhiping Cai.). com/ site/ cwzhangres/ home/ files/ RREDRobustREDAlgorithmtoCounterLow-rateDenial-of-ServiceAttacks. google. 2009. etc. pdf?attredirects=0). com/ site/ cwzhangres/ home/ posts/ recentpublicationsinactivequeuemanagementaqmschemes [2] Floyd. jsp?arnumber=5456075) [6] http:/ / sites. etc. Random early detection (RED). Sally. IEEE Communications Letters. vol. and Weifeng Chen.

Paul Baran

64

Paul Baran
Paul Baran

Born

April 29, 1926 Grodno, Poland March 26, 2011 (aged 84) Palo Alto, California United States (Polish born) RAND Corporation UCLA, Drexel Institute of Technology, Philadelphia Packet Switching

Died

Citizenship Institutions Alma mater Known for

Notable awards IEEE Alexander Graham Bell Medal, National Medal of Technology and Innovation, National Inventors Hall of Fame Spouse Evelyn Murphy Baran, PhD

Paul Baran (1926–2011) was a Polish American engineer who was a pioneer in the development of computer networks. He invented packet switching techniques, and went on to start several companies and develop other technologies that are an essential part of the Internet and other modern digital communication.

Early life
Paul Baran was born in Grodno, Poland (which is now in Belarus) on April 29, 1926.[1] [2] He was the youngest of three children in a Jewish family,[3] with the Yiddish given name "Pesach". His family moved to the United States on May 11, 1928,[4] settling in Boston and later in Philadelphia, where his father, Morris "Moshe" Baran (1884–1979), opened a grocery store. He graduated from Drexel University in 1949 (then called Drexel Institute of Technology), with a degree in electrical engineering. He then joined the Eckert-Mauchly Computer Company, where he did technical work on UNIVAC models, the first brand of commercial computers in the USA.[5] In 1955 he married Evelyn Murphy, moved to Los Angeles, and worked for Hughes Aircraft on radar systems. He obtained his Masters degree in engineering from UCLA in 1959, with advisor Gerald Estrin while taking night classes. His thesis was on character recognition.[1]

Packet switched network design
After joining the RAND Corporation that same year, Baran took on the task of designing a "survivable" communications system that could maintain communication between end points in the face of damage from nuclear weapons.[6] At the time of the Cold War, most American military communications used High Frequency connections which could be put out of action for many hours by a nuclear attack. Baran decided to automate RAND director Franklin R. Collbohm's previous work with emergency communication over conventional AM radio networks and

Paul Baran showed that a distributed relay node architecture could be survivable. The Rome Air Development Center soon showed that the idea was practicable.[7] Using the mini-computer technology of the day, Baran and his team developed a simulation suite to test basic connectivity of an array of nodes with varying degrees of linking. That is, a network of n-ary degree of connectivity would have n links per node. The simulation randomly 'killed' nodes and subsequently tested the percentage of nodes who remained connected. The result of the simulation revealed that networks where n ≥ 3 had a significant increase in resilience against even as much as 50% node loss. Baran's insight gained from the simulation was that redundancy was the key.[8] His first work was published a RAND report in 1960,[9] with more papers generalizing the techniques in the next two years.[10] After proving survivability Baran and his team needed to show proof of concept for this design such that it could be built. This involved high level schematics detailing the operation, construction and cost of all the components required to construct a network that leveraged this new insight of redundant links. The result of this was one of the first store-and-forward data layer switching protocols, a link-state/distance vector routing protocol, and an unproved connection-oriented transport protocol. Explicit detail of these designs can be found in the complete series of reports "On Distributed Communications", published by RAND in 1964.[11] The design flew in the face of telephony design of the time, placing inexpensive and unreliable nodes at the center of the network, and more intelligent terminating 'multiplexer' devices at the endpoints. In Baran's words, unlike the telephone company's equipment, his design didn't require expensive "gold plated" components to be reliable.

65

Selling the idea
After the publication of "On Distributed Communications'", Paul Baran presented the findings of his team to a number of audiences, including AT&T engineers (not to be confused with Bell labs engineers, who at the time provided Paul Baran with the specifications for the first generation of T1 circuit which he used as the links in his network design proposal). In subsequent interviews Baran mentions how his idea of non-dedicated physical circuits for voice communications were scoffed at by the AT&T engineers who at times claimed that Baran simply did not understand how voice telecommunication worked.[12] Leonard Kleinrock developed a theoretical basis for the operation of packet networks in his Ph.D. thesis in 1961. Baran used the term "message blocks" for his units of communication. Donald Davies at the National Physical Laboratory in the United Kingdom was the first to use the term "packet switching" in 1965, and apply the concept to a general-purpose computer network. Davies' key observation was that computer network traffic was inherently "bursty" with periods of silence, compared with relatively constant telephone traffic.[1] [13] In 1969 when the US Defense Advanced Research Projects Agency (ARPA) was developing the idea of an inter-networked set of terminals to share computing resources, among the number of reference materials considered was Baran and the RAND Corporation's "On Distributed Communications" volumes.[1] The resiliency of a packet switched network that uses link-state routing protocols used on the Internet stems in some part from the research to develop a network that could survive a nuclear attack.[1] [14]

Later work
In 1968 Baran was a founder of the Institute for the Future, and then involved in other networking technologies developed in Silicon Valley. He was involved in the origin of the packet voice technology developed by StrataCom at its predecessor, Packet Technologies. This technology led to the first commercial pre-standard Asynchronous Transfer Mode product. He was also involved with the discrete multitone modem technology developed by Telebit, which was one of the roots of Orthogonal frequency-division multiplexing which is used in DSL modems. In 1985, Paul Baran founded Metricom, the first wireless Internet company, which deployed Ricochet,[2] the first public wireless mesh networking system. He also founded Com21, an early cable modem company.[5] Following Com21, Baran founded and was president of GoBackTV, which specializes in personal TV and cable IPTV infrastructure

Paul Baran equipment for television operators.[15] Most recently he founded Plaster Networks, providing an advanced solution for connecting networked devices in the home or small office through existing wiring.[16] Baran extended his work in packet switching to wireless-spectrum theory, developing what he called "kindergarten rules" for the use of wireless spectrum.[17] In addition to his innovation in networking products, he is also credited with inventing the first metal detector, a doorway gun detector.[5] [18] He received an honorary doctorate when he gave the commencement speech at Drexel in 1997.[19]

66

Death
Baran died in Palo Alto, California at the age of 84 on March 26, 2011,[1] [20] due to complications from lung cancer.[14] Upon his death James Thomson, the president of RAND stated that "Our world is a better place for the technologies Paul Baran invented and developed, and also because of his consistent concern with appropriate public policies for their use."[20] One of the fathers of the internet, Vinton Cerf, stated that "Paul wasn't afraid to go in directions counter to what everyone else thought was the right or only thing to do."[14] According to Paul Saffo, Baran also believed that innovation was a "team process" and he didn't seek credit for himself.[18] On hearing news of his death, Robert Kahn, co-inventor of the Internet, said: "Paul was one of the finest gentlemen I ever met and creative to the very end."

Awards and honors
• • • • • • • • IEEE Alexander Graham Bell Medal (1990)[21] Marconi Prize (1991) Nippon Electronics Corporation C&C Prize (1996) Bower Award and Prize for Achievement in Science (2001)[5] Fellow of the American Academy of Arts and Sciences (2003)[22] National Inventors Hall of Fame (2007) National Medal of Technology and Innovation (2007)[23] UCLA Engineering Alumnus of the Year (2009)[24]

References
[1] Katie Hafner (March 27, 2011). "Paul Baran, Internet Pioneer, Dies at 84" (http:/ / www. nytimes. com/ 2011/ 03/ 28/ technology/ 28baran. html). The New York Times. . [2] Nathan Brewer; et al (March 28, 2011). "Paul Baran" (http:/ / www. ieeeghn. org/ wiki/ index. php/ Paul_Baran). IEEE Global History Network. New York: IEEE. . Retrieved March 28, 2011. [3] Georgi Dalakov. "Paul Baran" (http:/ / history-computer. com/ Internet/ Birth/ Baran. html). History of Computers web site. . Retrieved March 31, 2011. [4] David Ira Snyder (August 4, 2009). "Morris "Moshe" Baran (1884 - 1979)" (http:/ / www. geni. com/ people/ Morris-Moshe-Baran/ 6000000005033975818). Genealogy of the Baran family. Geni.com web site. . Retrieved March 29, 2011. [5] "Paul Baran - Franklin Laureate Database" (http:/ / www. fi. edu/ winners/ 2001/ baran_paul. faw?winner_id=2272). The Franklin Institute Awards - Laureate Database. Philadelphia, PA: The Franklin Institute. . Retrieved March 29, 2011. [6] "Internet pioneer Paul Baran passes away" (http:/ / www. bbc. co. uk/ news/ technology-12879908). BBC News. March 28, 2011. . Retrieved March 28, 2011. [7] Brand, Stewart (March 2001). "Founding Father" (http:/ / www. wired. com/ wired/ archive/ 9. 03/ baran. html). Wired (New York: Condé Nast Digital) 9 (3). ISSN 1059-1028. OCLC 433726773. . Retrieved March 27, 2011. "Paul Baran conceived the Internet's architecture at the height of the Cold War. Forty years later, he says the Net's biggest threat wasn't the USSR—it was the phone company". Stewart Brand's interviews Paul Baran about his work at RAND on survivable networks. [8] "Paul Baran and the Origins of the Internet" (http:/ / www. rand. org/ about/ history/ baran. list. html). RAND corporation. . Retrieved March 29, 2011. [9] Paul Baran (1960). "Reliable Digital Communications Systems Using Unreliable Network Repeater Nodes" (http:/ / www. rand. org/ pubs/ papers/ P1995. html). RAND Corporation papers, document P-1995. . Retrieved March 29, 2011.

Retrieved March 29. php). Retrieved March 29. American Academy of Arts and Sciences. html). 1997).umn. [24] "In Memoriam: Paul Baran MS ’59" (http:/ / www.NII . Retrieved March 29. document P-2626. org/ 20060615000308/ http:/ / www. Retrieved March 31. 2. engineer. . co. org/ publications/ BookofMembers/ ChapterB. pdf). ieee. "Paul Baran dies at 84. 2011.livinginternet. html). Baran discusses his interaction with the group at ARPA who were responsible for the later development of the ARPANET. . rand. 2011. "Oral history interview with Paul Baran" (http://www. Inc February 1999.Wireless/Cellular/Radio" Archive (http:/ / w2. Engineer Tells Drexel Grads Paul Baran. IEEE. pdf). [17] Barran. his initial interest in survivable communications. plasternetworks. March 29. [12] "Internet Architect Paul Baran Dies at 84" (http:/ / www. Present. the evolution of his plan for distributed networks. Retrieved March 31. rand. William Stewart. eff. . [18] Jessica Guynn (March 29. "On Distributed Communications Networks" (http:/ / www.html) Louisville. History of Computers web site. www.php)) 3 (2): 239–274. The United States Patent and Trademark Office. gov/ about/ nmti/ recipients/ 2007. 67 External links • "Paul Baran Invents Packet Switching" (http://www. .ssrn. and Future: Paul Baran Addresses CableLabs® Winter Conference" (http://www. wired. phtml). Patrick S. Retrieved March 29. Boulder. [14] "Internet pioneer Paul Baran passes away" (http:/ / www. Retrieved May 17. Silicon Flatirons Telecommunications Program (http://www. A 44-page transcript in which Baran describes his working environment at RAND. Retrieved March 29. 2011. Judy E. goBackTV web site. 2011. EFF "GII . the objections he received. San Francisco.livinginternet. .cbi. . (June 1.org/index. BBC. philly. ISSN 1543-8899. Retrieved March 29. and the writing and distribution of his eleven-volume work. uk/ news/ business-of-it/ 2011/ 03/ 29/ packet-switching-inventor-paul-baran-dies-aged-84-40092315/ ). org/ Infrastructure/ Wireless_cellular_radio/ ). Minneapolis. . 1990). (March 5. "On Distributed Communications" (http:/ / replay. org/ pubs/ papers/ P2626. [21] "IEEE Alexander Graham Bell Medal Recipients" (http:/ / www. com/ about. co. MN: Charles Babbage Institute. January 7. rand. latimes. He Received An Honorary Doctorate" (http:/ / articles.0. March 28.htm). "Keynote Talk Transcript. 2011. org/ about/ history/ baran-list.phtml?id=110). [19] Nita Lelyveld (June 15. 2011. Retrieved March 31. [11] Paul Baran et al. eff. 2011. March 28. Journal on Telecommunications & High Technology Law (Boulder.cbi. UCLA Engineering web site. html) on June 15. amacad.com/news/newsletter/SPECS/JanFeb_SPECSTECH/tech. org/ documents/ bell_rl. Retrieved March 28.Paul Baran [10] Paul Baran (1962). 2011. The Inquirer (Philadelphia). 1994).edu/oh/index. Retrieved March 29. OCLC 66137086. . 2011. . "SSRN-Wireless Communications and Computing at a Crossroads: New Paradigms and Their Impact on Theories Governing the Public's Right to Spectrum Access" (http://papers. html). School of Law. Los Angeles Times.pdf?abstractid=732483&mirid=5) (PDF). RAND Corporation papers. Retrieved March 31. uspto. com/ news/ obituaries/ la-me-paul-baran-20110329. . Wired. ZDNet UK. waybackmachine.pgs/leadstory.com (http://www. inventor helped lay foundation for Internet" (http:/ / www. html). January 17. Retrieved March 29. Paul (November 9. com/ 1997-06-15/ news/ 25524943_1_constantine-papadakis-paul-baran-graduation-ceremony). 2011. On Distributed Communications. . Retrieved March 29. Plaster Networks web site. org/ Infrastructure/ Wireless_cellular_radio/ false_scarcity_baran_cngn94. . "the Grandfather Of The Internet" Spoke At His Alma Mater. 2011. com/sol3/Delivery. [16] "About Plaster Networks" (http:/ / www. [23] "The National Medal of Technology and Innovation 2007 Laureates" (http:/ / www. gobacktv.4562265. 2011.com/i/ii_rand. 8th Annual Conference on Next Generation Networks Washington.silicon-flatirons. Retrieved March 31. Retrieved March 31. . [20] "Packet switching inventor Paul Baran dies aged 84" (http:/ / www. 2011. bbc. 2011. ucla.livinginternet. 1780-2010: Chapter B" (http:/ / www. org/ about/ history/ baran-list.umn.com/). com/ Internet/ Birth/ Davis. 2006. Retrieved March 29. [15] "Management Team" (http:/ / www. transcript). • Ryan.edu/oh/ display. zdnet.cfm/SSRN_ID732483_code355448. CO: Cable Television Laboratories. uk/ news/ technology-12879908). edu/ newsroom/ featured-news/ archive/ 2011/ in-memoriam-paul-baran-ms-201959). . • O'Neill. Rand. p. cablelabs. story). com/ epicenter/ 2011/ 03/ internet-architect-paul-baran-dies-at-84/ ). . 2011. "Donald Davies" (http:/ / history-computer. [13] Georgi Dalakov. [22] "Book of Members. (1964). 2011. CA: Electronic Frontier Foundation. jsp). 2005). "Opportunity Lies In Ideas. Archived from the original (http:/ / www. This describes Paul Baran's development of packet switching and its application to wireless computing. 2011. 2010. • "Convergence: Past. CO: University of Colorado. CBI'S COLLECTIONS > Oral history database (http://www. 2011). DC" (http:/ / w2. 2011. com/ company-management. 2011. 2011. 2011 A transcript of Baran's keynote . 2011.

2011. Programmers quickly discovered the code in question was the Berkeley Packet Filter. just-in-time compilation is used to convert virtual machine instructions into native code in order to further avoid overhead.edu/) and the School of Journalism and Mass Communication at the University of North Carolina at Chapel Hill. That interpreter can also be used when reading a file containing packets captured using pcap. although. Retrieved April 8. BPF's filtering capabilities are implemented as an interpreter for a machine language for the BPF virtual machine. • Brown.ibiblio. George (June 2. "Paul Baran. 1997).org/pioneers/baran. In addition. can be received. A user-mode interpreter for it is provided with the libpcap/WinPcap implementation of the pcap application programming interface (API). although legal action is ongoing that may eventually force an answer. including those that will be filtered out. with some wrapping them in macros such as BPF_MTAP() and BPF_TAP(). In addition. 2011. Retrieved April 2. Internet Pioneers (http://www.org/). including FreeBSD and WinPcap.ibiblio. reducing the CPU requirement to capture packets and the buffer space required to avoid dropping packets.com/Switching/gilder. packets can be filtered in user mode. rather than to the entire interface. and compare the results against constants or against data in the packet or test bits in the results.html). Archived from the original (http://www. even those destined for other hosts. "Baran credited with inventing packet switching in 1960s against military backdrop" • "Paul Baran" (http://www. While clear that SCO did not own the BPF code. Kernel-mode interpreters for that same virtual machine language are used in raw data link layer mechanisms in other operating systems.ibiblio.privateline. 68 Berkeley Packet Filter The Berkeley Packet Filter or BPF provides.html) on April 10.com/news/2011/032811-paul-baran-packet-switching-obit.gilder. BSD kernels implement routines such as bpf_mtap() and bpf_tap(). . accepting or rejecting the packet based on the results of those tests. Chapel Hill.org (http://www. 2011. it supports "filtering" packets.org/ pioneers/) at ibiblio. this can avoid copying "uninteresting" packets from the operating system kernel to software running in user mode. and for socket filters in Linux and in the WinPcap packet capture mechanism. on some Unix-like systems.html). 2005. OCLC 173437996. is mourned" (http://www. BPF is sometimes used to refer just to the filtering mechanism. Framingham. Retrieved April 2. networkworld. if the driver for the network interface supports promiscuous mode. SCO Group publicly claimed to own Unix code which they alleged the Linux kernel infringed. code using the pcap API will work on both types of systems. ISSN 1078-9901. Bob (March 27. permitting raw link-layer packets to be sent and received. so that all packets on the network. • Gilder. Internet and packet switching pioneer. Forbes ASAP (New York: Forbes) 159 (11): 106–120. 2011). a raw interface to data link layers. In August 2003. programs in that language can fetch data from the packet. html). "Inventing the Internet Again" (http://www. so that. NC: School of Information and Library Science (http://sils. 2006. on systems where the filtering is done in user mode. so that only "interesting" packets can be supplied to the software using BPF. it allows the interface to be put into that mode. November 6. are copied from the kernel to user space. On some platforms. they did not explain or acknowledge the mistake. all packets. perform arithmetic operations on data from the packet. which are called by network interface drivers (and pseudo-drivers) to deliver incoming and outgoing packets to the BPF mechanism.com/public/telecosm_series/inventing. such as Tru64 Unix. when capturing packets on systems without kernel-mode support for that filtering mechanism.unc. MA: Network World.Paul Baran address at the Countdown to Technology 2000 Winter Conference that includes a photo. Inc.

Firewalls and "stealth" ports Most firewalls can be configured to silently discard packets addressed to forbidden hosts or ports. hence the name. Robert Watson and Christian Peron added zero-copy buffer extensions to the BPF implementation in the FreeBSD operating system. watson. this preserves the independence of different BPF device consumers. black holes refer to places in the network where incoming traffic is silently discarded (or "dropped"). pdf [3] http:/ / www. including description of zero-copy BPF buffers [3] bpfc. FreeBSD. org/ cgi/ man. a BPF compiler for Linux (part of netsniff-ng) [4] References [1] http:/ / www. often dynamically to respond quickly to distributed denial-of-service attacks. tcpdump. as well as allowing the packing of headers into the BPF buffer rather than copying complete packet data. org/ papers/ bpf-usenix93. traffic destined for such addresses is often just dropped. When examining the topology of the network. Dead addresses The most common form of black hole is simply an IP address that specifies a host machine that is not running or an address to which no host has been assigned. While one copy remains in the receipt path for user processes. .Berkeley Packet Filter In 2007. org/ Black hole (networking) In networking.x BPF(4) man page. allowing kernel packet capture in the device driver interrupt handler to write directly to user process memory in order to avoid the requirement for two copies for all packet data received via the BPF device. the black holes themselves are invisible. cgi?query=bpf& apropos=0& sektion=0& manpath=FreeBSD+ 8-current& format=html [4] http:/ / netsniff-ng. pdf [2] http:/ / www. usually using a routing protocol to implement the filtering on several routers at once. resulting in small or large "black holes" in the network. 69 External links • • • • 1993 USENIX paper that describes BPF [1] (PDF) FreeBSD Developer Summit presentation describing Zero-copy BPF [2] (PDF) FreeBSD 8. without informing the source that the data did not reach its intended recipient. Even though TCP/IP provides means of communicating the delivery failure back to the sender via ICMP. Black hole filtering Black hole filtering refers specifically to dropping packets at the routing level. org/ ~robert/ freebsd/ 2007asiabsdcon/ 20070309-devsummit-zerocopybpf. and can only be detected by monitoring the lost traffic.

p is decreased by a constant pi<pd. net/ http:/ / blog. p is increased by a small constant pd. better behaved. pdf http:/ / hubble. Operation of Blue A Blue queue maintains a drop/mark probability p. cs. Stochastic Fair Blue (SFB)[2] is a stochastically fair variant of Blue which hashes flows and maintains a different mark/drop probability for each hash value. it requires little or no tuning on the part of the network administrator. Whenever the queue overflows. and whenever the queue is empty. is that it doesn't distinguish between flows. and drops/marks packets with probability p as they enter the queue. ipexpert. . however. it operates by randomly dropping or ECN-marking packets in a router's queue before it overflows. which it shares with most single-queue queueing disciplines. Like RED. SFB is able to provide a fair share of buffer space for every flow. Unlike RED. Unlike other stochastically fair queuing disciplines. Assuming the mix of traffic on the interface doesn't change. In the presence of hash collisions. com/ warp/ public/ 732/ Tech/ security/ docs/ blackhole. and treats all flows as a single aggregate. which dramatically reduces its storage requirements when the number of flows is large.Black hole (networking) 70 PMTUD black holes Some firewalls incorrectly discard all ICMP packets. SFB can be implemented using a Bloom filter rather than a hash table. SFB is only stochastically fair. and never stored or seen by humans. This causes TCP connections from/to hosts with a lower MTU to hang. External links • • • • Remotely triggered black hole filtering (Cisco Systems) [1] University of Washington blackhole monitor/lookup system (link doesn't work) [2] Tools for detecting a blackhole attack in an ad hoc wireless network [3] Remote Triggered Black Hole Filtering [4] References [1] [2] [3] [4] http:/ / www. sourceforge. washington. such as SFQ. Black hole e-mail addresses A black hole e-mail address is an e-mail address which is valid (messages sent to it will not generate errors). p will slowly converge to a value that keeps the queue within its bounds with full link utilisation. edu/ http:/ / safewireless. flows. com/ 2010/ 11/ 24/ remote-triggered-black-hole-filtering/ Blue (queue management algorithm) Blue[1] is an Active Queue Management algorithm. a single aggressive flow can push out of the queue packets belonging to other. Stochastic Fair Blue The main flaw of Blue. Therefore. Assuming no hash collisions. including the ones needed for Path MTU discovery to work correctly. but to which all messages sent are automatically deleted. cisco. These addresses are often used as return addresses for automated e-mails.

eecs. . 71 Resilient Stochastic Fair Blue (RSFB [6]) The existing Active Queue Management (AQM) algorithms. "Stochastic Fair Blue: an algorithm for enforcing fairness" (http:/ / www. pps. cfm?id=1789954. Kandlur. 2009.6. Jianping Yin. thefengs. An implementation of SFB for Linux[4] has been included in Linux since version 2. PDF). Dilip D. U. and Zhiping Cai. Kang G. [3] Implementations An implementation of Blue is part of ALTQ. jussieu. google. Kandlur. in International Symposium on Communication and Information Technology (ISCIT). the alternative AQM framework for BSD Unix. Proc.thefengs. INFOCOM 2001 3: 1520–1529. Ref (http:/ / portal.pps. acm. retrieved 2010-01-02 [3] Changwang Zhang. Kang G. . 1790341) [4] Juliusz Chroboczek. An implementation of SFB for the Linux kernel (http:/ / www. umich. Debanjan Saha.916648. • An implementation of SFB for the Linux kernel (http://www.fr/~jch/software/sfb/). . Such an inelastic flow is put in a "penalty box".39. edu/ techreports/ cse/ 99/ CSE-TR-387-99. Shin (April 2001). including the fairness-aimed ones. Shin (April 1999). A Resilient Stochastic Fair Blue (RSFB) algorithm was proposed against spoofing DDoS attacks. pdf). and rate-limited.2001. com/ wuchang/ blue/ 41_2. "BLUE: A New Class of Active Queue Management Algorithms" (http:/ / www.Blue (queue management algorithm) When a flow's drop/mark probability reaches 1. Michigan Computer Science Technical Report (CSE–TR–387–99). The basic idea behind RSFB is to record the responsive normal TCP flows and rescue their dropped packets. RSFB: a Resilient Stochastic Fair Blue algorithm against spoofing DDoS attacks (http:/ / sites. doi:10. the flow has been shown to not react to congestion indications from the network. are notably vulnerable to spoofing Distributed Denial-of-Service (DDoS) attacks. RSFB algorithm is effective in preserving the TCP throughput in the presence of spoofing DDoS attacks. retrieved 2010-12-22 [2] Wu-Chang Feng.jussieu. fr/ ~jch/ software/ sfb/ ) External links • Wu-chang Feng's page about Blue and SFB (http://www. org/ citation. pdf?attredirects=0). Debanjan Saha.1109/INFCOM.com/wuchang/blue/). References [1] Wu-chang Feng. Dilip D. com/ site/ cwzhangres/ home/ files/ RSFBaResilientStochasticFairBluealgorithmagainstspoofingDDoSattacks.

the scope of the broadcast is limited to a broadcast domain. for example broadcasting Message Passing Interface. or it may be a low level networking operation. broadcasting refers to a method of transferring a message to all recipients simultaneously. Overview Routing schemes anycast broadcast multicast unicast geocast In computer networking. Broadcast a message is in contrast to unicast addressing in which a host sends datagrams to another single host identified by a unique IP address. for example broadcasting on Ethernet. Broadcasting can be performed as a high level operation in a program. .Broadcasting (computing) 72 Broadcasting (computing) In telecommunication and information theory. In practice. broadcasting refers to transmitting a packet that will be received by every device on the network[1] .

) the business control layer is capable of dynamically adapting network or service behavior. Instead it relies on multicast addressing a conceptually similar one-to-many routing methodology. multicasting limits the pool of receivers to those that join a specific multicast receiver group. content) and all sources (telecommunications networks. Broadcasting may be abused to perform a DoS-attack. In the emerging fields of service over the Internet Protocol (IP). most notably Ethernet and token ring. customer experience.comptechdoc. p. IPv6 also does not implement the broadcast method to prevent disturbing all nodes in a network when only a few may be interested in a particular service.org/independent/networking/guide/ netbroadcasting. External links • Encyclopedia Britannica entry broadcast network (http://www.com/EBchecked/topic/80540/ broadcast-network) • Network Broadcasting and Multicast (http://www. and hierarchies to the OSS layer. Broadcasting is largely confined to local area network (LAN) technologies. Taking all customer interaction into account. Computer Networks. It allows providers to address customer service plans from a holistic business perspective bringing state-of-the-art capabilities like bundling. Token Ring uses a special value in the IEEE 802.Broadcasting (computing) Not all network technologies support broadcast addressing. ISBN 0130661023. etc. The successor to Internet Protocol Version 4 (IPv4).Each customer interaction should be analyzed and handled from a business standpoint rather than from just the simple network management or charging perspectives. from all services (voice. Network Business Control allows service providers to • Inject business sense into the network . The attacker sends fake ping request with the source IP-address of the victim computer. data. and Packet Cable Multi-Media (PCMM) the need for real-time network changes continues to grow. for example. 2) Balance management 3) Business rule engine or Business Control engine 4) Dynamic real-time execution and provisioning 5) On-line charging and rating.britannica. IP Multimedia Subsystem (IMS). nor is there any form of Internet-wide broadcast. 368. 73 References [1] Andrew Tanenbaum (2003). Business control layer key functions include: 1) Ability to simultaneously collect events from any source. neither X. at customer level. in order to improve operators' transaction revenue and at the same time. customer-recognition. Both Ethernet and IPv4 use an all-ones broadcast address to indicate a broadcast packet.2 control field. customer-premises equipment. The victim computer is flooded by the replies from all computers in the domain. However.25 nor frame relay have broadcast capability. . where the performance impact of broadcasting is not as large as it would be in a wide area network.html) Business Control Layer Business Control Layer (BCL) is a software layer in the provider's infrastructure residing between the network/OSS and the BSS.

Allot Communications "Bandwidth Management enables IP Service Optimization" [3]. shtml http:/ / ieeexplore.Providers should be able to analyze. NV is the first company to deploy such a solution in their network. Cisco Systems "Bridging the Infrastructure Gap: the Importance of Service Control in Broadband Networks" [4]. Reengineering Legacy Application to E-Business with a modified rational unified process [5] 4.g. org/ xpls/ abs_all.E. allowing providers to interact with the network during active sessions. fts-soft. cisco. Changing dynamically the bandwidth for a customer when reaching monetary values. com/ html/ products_netenforcer.g. com/ . aradial. E. Telenet. jsp?arnumber=1192421 [6] http:/ / www. The technology underlying these 74 services are built upon the Cisco SCE DPI device and the FTS Leap Business Control Engine BCE) [2] .Aradial Radius & Policy servers [6]. References [1] [2] [3] [4] [5] http:/ / www. shtm http:/ / www. com/ http:/ / www. 3. Retrieved 2006-08-24.Business Control Layer • Analyse and monitor of customer-consumed services . Sources 1. page http:/ / www. charge for P2P. allot. Aradial Technologies . • Dynamically detecting and charging for IP services. Retrieved 2006-08-24.IP services should be managed in real time. • Example of applications: Boots an internet connection for a limited time. Charging for IP services . • Real-time control for IP sessions and events .Integrates with operator legacy billing system or as a full billing for the IP services replacing the existing. record and charge for IP services. telenet. • Deployments . This solution is the underlying network intelligence behind their Broadband service and their TeleMeter [1] (in Dutch). ieee. Download a movie. com/ en/ US/ products/ ps6151/ products_white_paper0900aecd801d8a83. charge for VOIP traffic.FTS Software. placing value on every aspect of their service plan so that their services satisfy customers needs. with online responses (provisioning) based on customer or operator-defined business rules. be/ nl/ klantendienst/ klantendienst_thuis/ internet/ topvragen/ telemeter. 2.

The typical scenario involves an IP Ethernet datagram that passes through a gateway with both source and destination Ether and IP address set as the respective broadcast addresses for the subnetworks being gated between. pp.Catenet 75 Catenet Catenet is an obsolete term for a system of packet-switched communication networks interconnected via gateways. Chernobyl packet A Chernobyl packet is a network packet that induces a broadcast storm or some other kind of "network meltdown". References [1] http:/ / www. Proceedings of EUROCOMP. Catenet was the concept of linking these networks into a network of networks with specifications for compatibility of addressing and routing. Bronel University. edu/ in-notes/ ien/ ien48. The term catenet was gradually displaced by the short-form of the term internetwork. The term was named after the April 1986 nuclear accident at Chernobyl. DARPA Information Processing Techniques Office. txt The Catenet Model for internetworking. L. internet (lower-case i). at a time when network meant what is now called a local area network. isi. V.[1] The term was coined by Louis Pouzin. May 1974. .[2] a pioneer in packet-switching technology and founder of the CYCLADES network. when the Internet Protocol replaced earlier protocols on the ARPANET. July 1978 [2] A Proposal for Interconnecting Packet Switching Networks. IEN 48. Cerf. 1023-36. Pouzin.

The term derives from a fanciful image of each little option bit in a header being represented by a different-colored light bulb. URG and PSH set." It can also be known as a kamikaze packet. assumptions can be made regarding the host's operating system. Versions of Microsoft Windows. A large number of Christmas tree packets can also be used to conduct a DoS attack by exploiting the fact that Christmas tree packets require much more processing by routers and end-hosts than the 'usual' packets do. When used as part of scanning a system.Christmas tree packet 76 Christmas tree packet In information technology. nastygram or a lamp test segment. Many operating systems implement their compliance with the Internet Protocol standard (RFC 791) in varying or incomplete ways. the TCP header of a Christmas tree packets has the flags SYN. External links • Nmap documentation [1] References [1] http:/ / insecure. MVS. HP-UX. Christmas tree packets are always suspicious and indicate a high probability of network reconnaissance activities. From a network security point of view. packets that initiate connection according to the standards). as in. Christmas tree packets can be used as a method of divining the underlying nature of a TCP/IP stack by sending the packets and awaiting and analyzing the responses. and IRIX display behaviors that differ from the RFC standard when queried with said packets. html . FIN. Some stateless firewalls only check against security policy those packets which have the SYN flag set (that is. Since Christmas tree scan packets do not have the SYN flag turned on. BSD/OS. "the packet was lit up like a Christmas tree. Christmas tree packets can be easily detected by intrusion-detection systems or more advanced firewalls. they can pass through these simple systems and reach the target host. org/ nmap/ man/ man-port-scanning-techniques. a Christmas tree packet is a packet with every single option set for whatever protocol is in use. all turned on. Cisco IOS. such as a Christmas tree packet. By observing how a host responds to an odd packet.

but the prefix will be checked. The adjacency maintains layer 2 or switching information linked to a particular FIB entry. CEF consists of two key components: The Forwarding Information Base (FIB) and adjacencies. shtml . cisco. Instead. External links • CEF (Cisco Express Forwarding) site [1] • Choosing the best routing switching path [2] References [1] http:/ / www. tunnels. like packets sent to the router itself. and Cisco HDLC. html [2] http:/ / www. avoiding the need for an ARP request for each table lookup. There are five types of adjacencies: • Null adjacency: Handles packets destined to a NULL interface. but without layer 2 information. com/ en/ US/ docs/ ios/ 12_1/ switch/ configuration/ guide/ xcdcef. This avoids the need for querying the main processor or routing table in order to get the next-hop information.Cisco Express Forwarding 77 Cisco Express Forwarding Cisco Express Forwarding (CEF) is an advanced layer 3 switching technology used mainly in large core networks or the Internet to enhance the overall network performance. com/ en/ US/ tech/ tk827/ tk831/ technologies_white_paper09186a00800a62d9. The FIB is similar to the routing table generated by multiple routing protocols. • Punt adjacency: Deals with packets that require special handling or can not be switched by CEF. maintaining only the next-hop address for a particular IP-route. Function CEF is mainly used to increase packet switching speed by reducing the overhead and delays introduced by other routing techniques. cisco. it is recommended to use distributed CEF (dCEF). • Drop adjacency: Packets pointing to this entry are dropped. FDDI. CEF currently supports Ethernet. In order to take full advantage of CEF. Frame Relay. Such packets are forwarded to the next switching layer (generally fast switching) where they can be forwarded correctly. where there is a FIB table on each of the line cards. • Discard adjacency: FIB entries pointing to this type of adjacency will be discarded. fast switching will be performed on the line card itself. Packets with FIB entries pointing to NULL adjacencies will normally be dropped. ATM. PPP. • Glean adjacency: Handles packets destined for currently attached hosts.

Without CBAC. CBAC can inspect traffic for sessions that originate from either side of the firewall.) However. CBAC does the deep packet inspection and hence it is termed to be a IOS Firewall. CBAC also provides the following benefits: • Denial-of-Service prevention and detection • Real-time alerts and audit trails . Most of the multimedia protocols as well as some other protocols (such as FTP. CBAC examines not only network layer and transport layer information but also examines the application-layer protocol information (such as FTP connection information) to learn about the state of the TCP or UDP session.Context-based access control 78 Context-based access control Context-based access control (CBAC) intelligently filters TCP and UDP packets based on application layer protocol session information and can be used for intranets. and SQL*Net) involve multiple control channels. while this example discusses inspecting traffic for sessions that originate from the external network. This state information is used to create temporary openings in the firewall's access lists to allow return traffic and additional data connections for permissible sessions (sessions that originated from within the protected internal network). CBAC inspects traffic that travels through the firewall to discover and manage state information for TCP and UDP sessions. This allows support of protocols that involve multiple channels created as a result of negotiations in the FTP control channel. traffic filtering is limited to access list implementations that examine packets at the network layer. or at most. RPC. CBAC can inspect traffic for sessions that originate from the external network. This is the basic function of a stateful inspection firewall. (In other words. extranets and internets. CBAC can be configured to permit specified TCP and UDP traffic through a firewall only when the connection is initiated from within the network needing protection. However. the transport layer.

html) on 2010-06-18. Use in InfiniBand Cut-through switching is very popular in InfiniBand networks.[2] Use in ATM Cut-through routing was one of the important features of IP networks using ATM networks since the edge routers of the ATM network were able to use cell switching through the core of the network with low latency at all points. com/ support/ express/ switches/ sb/ cs-014410. such as supercomputer clusters.. wherein the switch starts forwarding a frame (or packet) before the whole frame has been received. since these are often deployed in environments where latency is a prime concern.What Are Forwarding Modes and How Do They Work?" (http:/ / support. htm). The alternative to cut-through switching is store and forward. This is only useful if there is a chance of a collision on the source port. Leading Ethernet Switching Company" (http:/ / www. this has become less of a problem since packet latency has become much smaller. because the frame check sequence appears at the end of the frame. com/ dlls/ 1994/ corp_102494. With higher speed links. Fragment free will hold the frame until the first 64 bytes are read from the source to detect a collision before forwarding. but decreases reliability. Pure cut-through switching is only possible when when the speed of the outgoing interface is equal to the incoming interface speed. Archived from the original (http:/ / newsroom. Retrieved 2011-08-13. Use in Ethernet When cut-through switching is used in Ethernet. The technology was developed by Kalpana the company that introduced the first Ethernet switch. cisco. org/ 5qaWOQRdn). References [1] "Cisco to Acquire Kalpana. Inc. . Adaptive switching dynamically selects between cut-through and store and forward behaviors based on current network conditions. This technique reduces latency through the switch. normally as soon as the destination address is processed. intel.Cut-through switching 79 Cut-through switching In computer networking. . the switch is not able to verify the integrity of an incoming packet before forwarding it. . A cut-through switch will forward corrupted packets where a store and forward switch will drop them. [2] "Switches . webcitation. Cisco Systems.[1] Fragment free is a variation on cut-through switching that partially addresses this problem by assuring that collision fragments are not forwarded. cut-through switching is a method for packet switching systems.

The infrastructure required to facilitate the flow of packets between the above The DPAA also addresses various performance related requirements especially those created by the high speed network I/O found on multicore SoCs such as the P4080 References External links • http://freescalesemi. DDJ's PDF is always a series of pulses at the locations where a specific bit pattern experiences a cross over. Therefore. in order to get an accurate measure of the DDJ in a particular system. Hardware offload accelerators. .com/2010/08/ freescale-three-new-qoriq-processors-incorporate-data-path-acceleration/ Data-dependent jitter Data-dependent jitter (DDJ) is a specific class of timing jitter.pdf • http://www. it is a form of deterministic jitter which is correlated with the sequence of bits in the data stream. The DPAA includes Cores.Data Path Acceleration Architecture (DPAA) 80 Data Path Acceleration Architecture (DPAA) The QorIQ™ DPAA is a comprehensive architecture which integrates all aspects of packet processing in the SoC. addressing issues and requirements resulting from the multicore nature of QorIQ™ SoCs.com. This creates a probability distribution for the timing of the signal edge. Network and packet I/O. Properties Depending on characteristics of the signal and transmission topology.cn/cstory/ftf/2009/download/net_f0279. In particular. It is also a form of ISI. which is usually recorded in a PDF. a large number of bit patterns must be analyzed (often just a PRBS) unless an analytical solution can be found. previously transmitted symbols can affect the edge cross over time.electropages.

and in widespread deployment by the Regional Bell Operating Companies (RBOCs)[3] . then its fragments may be referred as packets. and remote command execution. On a network with misordering. developed at Bell Labs[1] for both local-area and wide-area networks[2] .25. which means that for this situation immediate packet processing is no longer possible[7] . URP assumes that packets arrive in order. but there are some nuances. several operating systems (including UNIX) implemented UUCP for electronic mail and dkcu for remote login[6] . Keith W. not packets. remote printing. .[1] Second. For example. where the header contains information sufficient for routing from the originating equipment to the destination without relying on prior exchanges between the equipment and the network.Datagram 81 Datagram A datagram is a basic transfer unit associated with a packet-switched network in which the delivery arrival time and order are not guaranteed. First. IP itself provides an unreliable service and UDP over IP also provides an unreliable one. TCP refers to its fragments as TCP segments. remote login. the term packet applies to any message formatted as a packet. packets would have to be reordered before processing. References [1] Kurose. from slow speed EIA-232 to 500Mbit fiber optic links (called FIBERKIT)[4] . Datakit offers a packet-switched protocol called Universal Receiver Protocol (URP) that spreads PDU overhead across multiple packets and performs immediate packet processing. Datakit Virtual Circuit Switch (VCS) nodes connect to the Datakit network with a Datakit interface (IOA)[5] . However. At the physical layer. (2007). James F. if a datagram fragments. A datagram consists of header and data areas. An "unreliable" service does not notify the user if delivery fails. but not as datagrams. It supports file transfers. However. The term datagram is often considered synonymous to "packet". ISN is the version of Datakit that was supported by AT&T Information Systems. Most of Bell Laboratories was trunked together on Datakit. On top of DK transport service. while the term datagram is generally reserved for packets of an "unreliable" service. & Ross. TCP/IP is also run over Datakit links. it can operate over multiple media. "Computer Networking: A Top-Down Approach" ISBN 0-321-49770-8 [2] RFC 793 Datakit Datakit is a virtual circuit-switched network layer computer networking protocol similar to X.[2] presumably to assert that its fragments are reliable. The source and destination addresses as well as a type field are found in the header of a datagram. That is why UDP packets are generally called datagrams.

com/ 5583859. org/ Xplore/ login. freepatentsonline. pdf?arnumber=25918 [5] http:/ / stratadoc. html?issue=18& id=9#article [7] http:/ / www. jsp?url=/ iel2/ 717/ 971/ 00025918. htm?context=r307-00& file=ch5r307-00d. stratus. edu/ accessPages/ CSD-88-474. ieee. 1/ r307-00/ wwhelp/ wwhimpl/ js/ html/ wwhelp. 1.Datakit 82 References [1] Datakit. from the Free On-line Dictionary of Computing [2] http:/ / techreports. html . com/ issues. html [6] http:/ / www. phrack. com/ vos/ 15. lib. berkeley. html [3] Network Dictionary By Javvin [4] http:/ / ieeexplore.

[5] From 1947.[4] He first presented his ideas on packet switching at a conference in Edinburgh on 5 August 1968. he worked at the National Physical Laboratory (NPL) where Alan Turing was designing the Automatic Computing Engine (ACE) computer. which first worked in May 1950. where he headed and transformed its computing activity. where he saw that a significant problem with the new time-sharing computer systems was the cost of keeping a phone connection open for each user. A commercial spin-off. he married Diane Burton. The ACE project was overambitious and foundered.[3] He received a BSc degree in physics (1943) at Imperial College London. He became interested in data communications following a visit to the Massachusetts Institute of Technology. and remained in operation until 1986. These were perhaps some of the first "programming" errors in existence. he was also awarded the Lubbock memorial Prize as the outstanding mathematician of his year. and then joined the war effort working as an assistant to Klaus Fuchs. and his mother took Donald and his twin sister back to her home town of Portsmouth.[4] Davies took the project over and concentrated on delivering the less ambitious Pilot ACE computer. where he went to school. influencing other research in the UK and Europe. CBE FRS[1] (7 June 1924 – 28 May 2000) was a Welsh computer scientist who was the inventor of packet switching (and originator of the term).[7] Larry Roberts of the Advanced Research Projects Agency in the United States became aware of the idea. Davies helped build a packet switched network called the Mark I to serve the NPL in the UK. Wales 28 May 2000 (aged 75) Welsh Computer science National Physical Laboratory Died Nationality Fields Institutions Alma mater Imperial College Known for Packet switching Donald Watts Davies. which evolved into the Internet. Wales.[4] He then returned to Imperial taking a first class degree in mathematics (1947). In 1955. leading to Turing's departure.[4] . In the early 1960s. a clerk at a coalmine.[4] Davies then worked for a while on applications such as traffic simulation and machine translation. died a few months later. His father.[2] Career history Davies was born in Treorchy in the Rhondda Valley. DEUCE was manufactured by English Electric Computers and became one of the best-selling machines of the 1950s.Donald Davies 83 Donald Davies Donald Watts Davies Born 7 June 1924 Treorchy. the universal Turing machine. much to Turing's annoyance. In 1966 he returned to the NPL at Teddington just outside London. It is said that Davies spotted mistakes in Turing's seminal 1936 paper On Computable Numbers. and built it into the ARPANET.[6] In 1970.[3] on the nuclear weapons Tube Alloys project at Birmingham University. they had a daughter and two sons. he worked on Government technology initiatives designed to stimulate the British computer industry. It was replaced with the Mark II in 1973. even if they were for a theoretical computer.

uk/about/famous_names/) • Obituary (http://www. Internet Guide. Wiley.E. livinginternet. • Biography (http://www. He became particularly interested in computer network security. uk/ news/ 2000/ jun/ 02/ guardianobituaries2). Charles Babbage Institute.K. 84 Books • With D.livinginternet.Donald Davies Biography (http:/ / www.uk/news/2000/jun/02/guardianobituaries2) from The Guardian • Obituary (http://www.htm) from the History of Computing Project (http://www.thocp. internet-guide. 1973.isoc.livinginternet. 6 September 2008 [7] Packet Switching (http:/ / www. IET. Computer Resurrection.edu/oh/display. Price. ISSN 0958-7403 [5] Obituary (http:/ / www. Includes footage of Donald W. second ACE. Davies discusses a much larger. [6] Luke Collins.cbi. com/ i/ iw_packet. Wiley.co. "Donald Watts Davies. The Guardian. Pioneer Profiles: Donald Davies. htm) External links • Oral history interview with Donald W. Davies describes computer projects at the U.co.com/i/ii_npl. (2002).guardian. htm) [4] Martin Cambell-Kelly.npl. Davies (http://www. C. [2] "Donald Watts Davies" (http:/ / www. R. becoming a security consultant to the banking industry. guardian. Davies (at 19m20s). 44.com/ videoplay?docid=4989933629762859961). co. uk/ DonaldWattsDavies. Engineering & Technology. from the 1947 design work of Alan Turing to the development of the two ACE computers.Donald Davies Davies relinquished his management responsibilities in 1979 to return to research. 7 June 1924 . 1979. D. .28 May 2000". 1972 about the ARPANET. Wiley.org/internet/history/davies. Biographical Memoirs of Fellows of the Royal Society 48: 87. a CBE in 1983 and a Fellow of the Royal Society in 1987.1098/rsbm.[4] Davies was appointed a Distinguished Fellow of the British Computer Society in 1975.shtml) from the Internet Society (ISOC) • UK National Physical Laboratory (NPL) & Donald Davies (http://www. • With W. National Physical Laboratory. [3] The History of Computing Project .B.google. M.net/) • Famous names at NPL (http://www. Barber.umn. Solomonides: Computer Networks and Their Protocols.possibly the first commercially produced computer in Great Britain. net/ biographies/ davies_donald. doi:10. documentary ca. 2 June 2000.2002. co.phtml?id=116). Barber: Communication Networks for Computers. thocp. • With W. .0006. He retired from the NPL in 1984. Autumn 2008.htm) from Living Internet (http://www. Price: Security for Computer Networks.net/biographies/davies_donald. and the decision to contract with English Electric Company to build the DEUCE -. References [1] Needham. html).com/) • Computer Networks: The Heralds of Resource Sharing (http://video. 2010.thocp. C. 1984. University of Minnesota. "Network pioneer remembered".

It was one of the major influences on the Resilient Packet Ring/802. it is quite similar to POS and DTM. In overview. but once a failure occurs.17 standard. and duty-cycle dependent jitter. and increased throughput in common situations. this means that traffic between two nodes of a DPT ring does not affect intermediate nodes. Protocol Design DPT is implemented as two counter-rotating rings. data dependent jitter. With the introduction of DPT came the introduction of another Cisco developed MAC layer protocol. The use of SRP in conjunction with DPT makes it possible for DPT to communicate with the physical layer. Dynamic Packet Transport Dynamic packet transport (DPT) is a Cisco transport protocol designed for use in optical fiber ring networks. This means the network is composed of two completely separate rings of fiber that are both able to transmit data concurrently. there are methods for communicating not only application data between the nodes of a DPT network. Types of Data in DPT Networks As with most other lower layer protocols. and data packets are transmitted on both rings in order to maintain connectivity and full bandwidth utilization in normal situations. It is necessary for the nodes to be able to communicate control data between each other in case of a fiber cut or link failure so the nodes can forward traffic on the appropriate interfaces and maintain network connectivity. Deterministic Jitter includes different categories such as periodic jitter. the control data will notify the applicable routers of the failure and all the routers will switch to using only their active interfaces for data and control packets. The peak-to-peak value of this jitter is bounded. Spatial Reuse Protocol or SRP. Characteristics Deterministic jitter is clock timing jitter or data signal jitter that is predictable and reproducible. and the bounds can easily be observed and predicted. DPT is not a PPP whereas POS is. or random jitter. The other major class of jitter is non-deterministic. Both control packets. Cisco claims that DPT can run with double the bit-rate of POS due to this characteristic. . DPT as opposed to POS or normal SONET/SDH is able to use both rings at the same time whereas POS only uses one ring under normal circumstances but switches to the second upon failure of the first. This design provides for redundancy in case of a fiber cut or link failure.Deterministic jitter 85 Deterministic jitter Deterministic jitter (or DJ) is a type of jitter with a known non-Gaussian probability distribution.

This ensures that a fiber cut or link failure (layer 1 error) will be rectified and IP traffic will be resumed within 50 ms.Dynamic Packet Transport 86 DPT Packet Structure The structure of a DPT Packet is quite similar to that of Ethernet. Cell relay and frame relay are two implementations of fast packet switching. References •  This article incorporates public domain material from the General Services Administration document "Federal Standard 1037C" [1].25 switches. As aforementioned. DPT is composed of two rings for fault tolerance and increased throughput. FPS does not refer to a switch that can directly support packet switching over an X. This means that the DPT protocol can operate above several physical mediums such as SONET/SDH.25 interfaace as faster speeds than eisting X. DPT also contains a "plug and play" feature which dynamically fetches the MAC addresses of neighboring devices which provides for very simple configuration with little to no setup prior to functional data transfer. bldrdoc. or IPS. Fast packet switching In telecommunications. Gigabit Ethernet. References [1] http:/ / www. its. and an FCS used to validate the data. DPT Topologies Both DPT and SRP are independent of their physical layers. a protocol type identifier (used for identifying the upper layer protocol contained in the payload). gov/ fs-1037/ fs-1037c. fast packet switching is a packet switching technique that increases the throughput by eliminating overhead. and others. The method for switching between these two rings in the event of a failure is called Intelligent Protection Switching. It contains a source and destination MAC address (both 48-bits long). htm . Overhead reduction is accomplished by allocating flow control and error correction functions to either the user applications or the network nodes that interface with the user.

and NASA Ames. Firewall technology emerged in the late 1980s when the Internet was a fairly new technology in terms of its global use and connectivity. firewall on each computer help to prevent the spread of virus in a network Many personal computer operating systems include software-based firewalls to protect against threats from the public Internet. An illustration of where a firewall would be located in a network. an employee at the NASA Ames Research Center in California sent a memo by email to his colleagues [3] that read. conversely. The predecessors to firewalls for network security were the routers used in [2] the late 1980s: An example of a user interface for a firewall on Ubuntu (Gufw) • Clifford Stoll's discovery of German spies tampering with his system[2] • Bill Cheswick's "Evening with Berferd" 1992 in which he set up a simple electronic to observe an attacker[2] • In 1988. such as the metal sheet separating the engine compartment of a vehicle or aircraft from the passenger compartment. many firewalls can perform [1] basic routing functions. Later uses refer to similar structures. Lawrence Livermore. Many routers that pass data between networks contain firewall components and. UC San Diego. Stanford." . • Firewall helps to prevent viruses and worms to enter into your computer.Firewall (computing) 87 Firewall (computing) A firewall is a device or set of devices designed to permit or deny network transmissions based upon a set of rules and is frequently used to protect networks from unauthorized access while permitting legitimate communications to pass. • If one of the computers is infected. History The term firewall originally referred to a wall intended to confine a fire or potential fire within a building. • A Firewall is a security system that adds a level of protection between your computer and the internet. "We are currently under attack from an Internet VIRUS! It has hit Berkeley.

those types of traffic (such as web browsing. email transmission. For example. unless the machines on each side of the packet filter are both using the same non-standard ports. it stores no information on connection "state"). Although it was not malicious in intent. developed the second generation of firewalls.[8] When a packet originates from the sender and filters through a firewall. [6] for TCP and UDP traffic. it filters each packet based only on information contained in the packet itself (most commonly using a combination of the packet's source and destination address. When the packet passes through the firewall.Firewall (computing) • The Morris Worm spread itself through multiple vulnerabilities in the machines of the time. Though there is still a set of static rules in such a firewall. the online community was neither expecting an attack nor prepared to deal with one. a "stateless" packet filter can distinguish between. calling them circuit level firewalls. Second-generation firewalls.[5] Packet filters act by inspecting the "packets" which represent the basic unit of data transfer between computers on the Internet. it filters the packet on a protocol/port number basis (GSS). or reject it (discard it. and Kshitij Nigam. [9] Second generation: "stateful" filters From 1989-1990 three colleagues from AT&T Bell Laboratories. and because TCP and UDP traffic by convention uses well known ports for particular types of traffic. then the firewall will block the TCP protocol for port number 23. a part of an existing connection. If a packet matches the packet filter's set of rules. if a rule in the firewall exists to block telnet access. This fairly basic system was the first generation of what became a highly evolved and technical internet security feature. and. file transfer).[4] 88 First generation: packet filters The first paper published on firewall technology was in 1988. or is an invalid packet. Dave Presetto.e. when engineers from Digital Equipment Corporation (DEC) developed filter systems known as packet filter firewalls. This technology is generally referred to as a stateful packet inspection as it maintains records of all connections passing through the firewall and is able to determine whether a packet is the start of a new connection. TCP and UDP protocols constitute most communication over the Internet. Bill Cheswick and Steve Bellovin were continuing their research in packet filtering and developed a working model for their own company based on their original first generation architecture. Instead. the state of a connection can itself be one of the criteria which trigger specific rules. the port number). in addition to what first-generation look for. the Morris Worm was the first large scale attack on Internet security. This type of packet filtering pays no attention to whether a packet is part of an existing stream of traffic (i. At AT&T Bell Labs. which means most of the work is done between the network and physical layers. its protocol. the device checks for matches to any of the packet filtering rules that are configured in the firewall and drops or rejects the packet accordingly. This type of firewall can actually be exploited by certain Denial-of-service attacks which can fill the connection tables with illegitimate connections. . work up to layer 4 (transport layer) of the OSI model. and send "error responses" to the source). Therefore they regard placement of each individual packet within the packet series.[7] Packet filtering firewalls work mainly on the first three layers of the OSI reference model. with a little bit of peeking into the transport layer to figure out source and destination port numbers. and thus control. remote printing. Janardan Sharma. the packet filter will drop (silently discard) the packet.

It is expected that due to the nature of malicious communications this trend will have to continue to enable organizations to be truly secure. UDP and TFTP (GSS). An application firewall can filter higher-layer protocols such as FTP. Bob Braden and Annette DeSchon at the University of Southern California (USC) were refining the concept of a firewall. Telnet. An application firewall is much more secure and reliable compared to packet filter firewalls because it works on all seven layers of the OSI model. HTTP. Software-based firewalls (MS-ISA) are much slower than hardware based stateful firewalls but dedicated appliances (McAfee & Palo Alto) provide much higher performance levels for Application Inspection. which could be easily implemented and accessed on a computer operating system such as Microsoft's Windows or Apple's MacOS. and it can detect if an unwanted protocol is sneaking through on a non-standard port or if a protocol is being abused in any harmful way. Many firewalls provide such features by binding user identities to IP or MAC addresses. DNS. This is similar to a packet filter firewall but here we can also filter information on the basis of content. or web browsing). For example. from the application down to the physical Layer. The existing deep packet inspection functionality of modern firewalls can be shared by Intrusion-prevention systems (IPS). after authentication via SSH. DNS. The NuFW firewall provides real identity-based firewalling. if an organization wants to block all the information related to "foo" then content filtering can be enabled on the firewall to block that particular word. Many of these applications can not only be blocked or allowed but manipulated by the more advanced firewall products to allow only certain functionality enabling network security administrations to give users functionality without enabling unnecessary vulnerabilities. Good examples of application firewalls are MS-ISA (Internet Security and Acceleration) server. by requesting the user's signature for each connection. DHCP. In 1994 an Israeli company called Check Point Software Technologies built this into readily available software known as FireWall-1. The product known as "Visas" was the first system to have a visual integration interface with colors and icons. As a consequence these advanced version of the "Third Generation" firewalls are being referred to as "Next Generation" and surpass the "Second Generation" firewall. TCP. In 2009/2010 the focus of the most comprehensive firewall security vendors turned to expanding the list of applications such firewalls are aware of now covering hundreds and in some cases thousands of applications which can be identified automatically. Another axis of development is about integrating identity of users into Firewall rules. McAfee Firewall Enterprise & Palo Alto PS Series firewalls. authpf on BSD systems loads firewall rules dynamically per user. . which is very approximate and can be easily turned around.Firewall (computing) 89 Third generation: application layer The key benefit of application layer filtering is that it can "understand" certain applications and protocols (such as File Transfer Protocol. Currently. the Middlebox Communication Working Group of the Internet Engineering Task Force (IETF) is working on standardizing protocols for managing firewalls and other middleboxes. Subsequent developments In 1992.

These per process rulesets have limited efficacy in filtering every . They block other packets (usually dropping them without acknowledgment to the sender). stateful and stateless. pf (OpenBSD.e. The extent of the filtering that occurs is defined by the provided ruleset. all browser traffic. or completion connection). not allowing packets to pass through the firewall unless they match the established rule set. TTL values. They can filter based on protocols. and use that "state information" to speed packet processing. Application firewalls accomplish their function by hooking into socket calls to filter the connections between the application layer and the lower layers of the OSI model. However. Network layer firewalls generally fall into two sub-categories. Application firewalls work much like a packet filter but application filters apply filtering rules (allow/block) on a per process basis instead of filtering connections on a per port basis. ipfw (FreeBSD/Mac OS X). UDP or TCP ports. and may intercept all packets traveling to or from an application. It is rare to find application firewalls not combined or used in conjunction with a packet filter. [10] Network layer and packet filters Network layer firewalls. operate at a relatively low level of the TCP/IP protocol stack. Application firewalls that hook into socket calls are also referred to as socket filters. destination service like WWW or FTP. They may also be necessary for filtering stateless network protocols that have no concept of a session.[11] Also. Application firewalls function by determining whether a process should accept any given connection. Modern firewalls can filter traffic based on many packet attributes like source IP address.Firewall (computing) 90 Types There are different types of firewalls depending on where the communication is taking place. Generally. and all other BSDs). or default rules may apply. destination IP address or port. Given the variety of software that exists.. it will be evaluated according to the ruleset for new connections. iptables/ipchains (Linux). The term "packet filter" originated in the context of BSD operating systems. Commonly used packet filters on various versions of Unix are ipf (various). of the source. In principle. where the communication is intercepted and the state that is being traced. application firewalls can prevent all unwanted outside traffic from reaching protected machines. Stateless firewalls require less memory. prompts are used to define rules for processes that have not yet received a connection. handshaking. application firewalls further filter connections by examining the process ID of data packets against a ruleset for the local process involved in the data transmission. If a packet does not match an existing connection. data transfer. and the current stage of the connection's lifetime (including session initiation. Application-layer Application-layer firewalls work on the application level of the TCP/IP stack (i. firewalls can restrict or prevent outright the spread of networked computer worms and trojans. The additional inspection criteria can add extra latency to the forwarding of packets to their destination. and many other attributes. application firewalls only have more complex rulesets for the standard services. The firewall administrator may define the rules. also called packet filters. such as sharing services. and can be faster for simple filters that require less time to filter than to look up a session. or all telnet or ftp traffic). Any existing network connection can be described by several properties. On inspecting all packets for improper content. it will be allowed to pass without further processing. netblock of originator. Stateful firewalls maintain context about active sessions. source port. including source and destination IP address. If a packet matches an existing connection based on comparison with the firewall's state table. they cannot make more complex decisions based on what stage communications between hosts have reached.

edu.Firewall (computing) possible association that may occur with other processes. Hiding the addresses of protected devices has become an increasingly important defense against network reconnaissance. Rubin (2003). to protect vulnerable services. & pg=PA176#v=onepage& q=Firewalls and Internet Security. org/ article/ internet-firewall-basics/ the-history-of-firewalls. com/ firewall. symantec. by Cheswick et al. the NAT function was developed to address the limited number of IPv4 routable addresses that could be used or assigned to companies or individuals as well as reduce both the amount and therefore cost of obtaining enough public addresses for every computer in an organization. wanredundancy. com/ books?id=_ZqIh0IbcrgC& lpg=PA142& dq=Firewalls and Internet Security. Originally. while blocking other packets. these per process ruleset cannot defend against modification of the process via exploitation. net/ tcpudp. google. kfupm. Network address translation Firewalls often have network address translation (NAT) functionality. application firewalls are beginning to be supplanted by a new generation of application firewalls that rely on mandatory access control (MAC). References [1] Definition of Firewall (http:/ / www. 2003 Virus may elude computer defenses (http:/ / news.[12] 91 Proxies A proxy device (running either on dedicated hardware or as software on a general-purpose machine) may act as a firewall by responding to input packets (connection requests. Also. also referred to as sandboxing. html [11] http:/ / www. Steven M. checkpoint.Talal Alkharobi [4] RFC 1135 The Helminthiasis of the Internet (http:/ / tools. Washington Post [10] Firewall http:/ / www. skullbox. Bellovin. symantec. intruders may hijack a publicly-reachable system and use it as a proxy for their own purposes. com/ connect/ articles/ software-firewalls-made-straw-part-1-2 . and the hosts protected behind a firewall commonly have addresses in the "private address range". com/ connect/ articles/ software-firewalls-made-straw-part-1-2 [12] http:/ / www. tech-faq. Aviel D. internetfirewall. crackers may still employ methods such as IP spoofing to attempt to pass packets to a target network. as defined in RFC 1918. While use of internal address spaces enhances security. php TCP vs. unm. An example of a next generation application firewall is AppArmor included in some Linux distributions. " Google Books Link (http:/ / books. com/ resources/ firewall/ ). edu/ ~treport/ tr/ 02-12/ firewall. pdf) Firewalls by Dr. pdf) Kenneth Ingham and Stephanie Forrest [3] (http:/ / ocw. google. Check PointResources [2] A History and Survey of Network Firewalls (http:/ / www. org/ html/ rfc1135) [5] http:/ / www. the proxy then masquerades as that system to other internal machines. Proxies make tampering with an internal system from the external network more difficult and misuse of one internal system would not necessarily cause a security breach exploitable from outside the firewall (as long as the application proxy remains intact and properly configured). by Cheswick et al. for example) in the manner of an application. html The History of Firewalls [6] http:/ / www. sa/ user062/ CSE55101/ firewall. Firewalls and Internet security: repelling the wily hacker [9] Aug 29. Firewalls often have such functionality to hide the true address of protected hosts. UDP By Erik Rodriguez [8] William R. Conversely. com/ newspapers?id=neIqAAAAIBAJ& sjid=Vo4EAAAAIBAJ& pg=4057.6607496& dq=firewall& hl=en) by Charles Duhigg. cs. org/ resources/ firewall/ network-layer-firewall Network Layer Firewall [7] http:/ / www. Because of these limitations. Cheswick. such as memory corruption exploits. ietf. & f=false)".

htm) . RFC 1122. a frame is a digital data transmission unit or data packet that includes frame synchronization. where the mobile terminal may transmit during some timeslots and receive during others. .a technical view on software firewall design and potential weaknesses • Building Internet Firewalls (http://oreilly. IETF. 2005-09-20.org/faqs/firewalls-faq/). how packets are processed. one for each logical TDM channel or TDMA transmitter. specifically time-division multiplex (TDM) and time-division multiple access (TDMA). .e. References [1] "Data Link Layer (Layer 2)" (http:/ / www. tcpipguide.securityfocus.pdf) provides an overview of firewalls at the various ISO levels.com/infocus/1839) and Software Firewalls: Made of Straw? Part 2 (http://www. October 1989. Retrieved 2010-06-07. • Software Firewalls: Made of Straw? Part 1 (http://www. PPP frames and V.[1] A frame is "the unit of transmission in a link layer protocol.page-18). In this consist.faqs.securityfocus. a frame is a data packet on the Layer 2 of the OSI model. and consists of a link-layer header followed by a packet.cisco. TDMA examples are the 2G and 3G circuit switched cellular voice services. com/ free/ t_DataLinkLayerLayer2. • A History and Survey of Network Firewalls (http://www. a frame is a cyclically repeated data block that consists of a fixed number of time slots.edu/~treport/tr/02-12/firewall. p."[2] Examples are Ethernet frames (maximum 1500 byte plus overhead). it ignores the data until it detects a new frame synchronization sequence. and provides a timeline of the evolution. . 18. with references to the original papers where first firewall work was reported.a thorough reference and tutorial Frame (networking) In computer networking and telecommunication. org/ html/ rfc1122& #035. O’Reilly . In computer networking. htm).com/univercd/cc/td/doc/product/iaabu/centri4/user/ scf4ch3. In telecommunications.com/infocus/1840) .Discusses different architectures and their differences.com/catalog/9781565928718) Second Edition. compiled by Matt Curtin.Firewall (computing) 92 External links • Internet Firewalls: Frequently Asked Questions (http://www.42 modem frames. • Evolution of the Firewall Industry (http://www. i. a frame is typically an entity at the physical layer. TDM application examples are SONET/SDH and the ISDN circuit switched B-channel. Marcus Ranum and Paul Robertson. [2] "RFC 1122: Requirements for Internet Hosts — Communication Layers" (http:/ / tools.cs.unm. The frame is also an entity for time-division duplex. Retrieved 2010-01-31. ietf. The TCP/IP Guide. If a receiver is connected to the system in the middle of a frame transmission. a sequence of bits or symbols making it possible for the receiver to detect the beginning and end of the packet in the stream of symbols or bits.

Frames are used to send upper-layer data and ultimately the user application data from a source to a destination. an error is assumed. and adds control information to help deliver the packet to the destination node. (OSI model) All frames and the bits. X. When the destination node receives the frame the FCS number is recalculated and compared with the FCS number included in the frame. com/ en/ US/ tech/ tk713/ tk237/ technologies_tech_note09186a00801e32e7. and compares it to the received FCS. or user application data. used in the Ethernet with 32 bits. and fields contained within them. Frame Relay 16 bits. Extra bytes may be added so frames have a minimum length for timing purposes. and request retransmission of the faulty frame. the frame is discarded. The data package includes the message to be sent. shtml) .Frame check sequence 93 Frame check sequence A frame check sequence (FCS) refers to the extra checksum characters added to a frame in a communication protocol for error detection and correction.com . An Ethernet frame.25 16 or 32 bits. The FCS is often transmitted in such a way that the receiver can compute a running sum over the entire frame. Layer 2 communicates with the upper layers through LLC. References [1] "Frame Relay Glossary [Frame Relay (http:/ / www. bytes. Such an FCS generally appears immediately before the frame-ending delimiter. By far the most popular FCS algorithm is a cyclic redundancy check (CRC). It may then discard the data. The FCS field contains a number that is calculated by the source node based on the data in the frame. This number is added to the end of a frame that is sent. and expect to see a fixed result (such as zero) when it is correct. If the two numbers are different. cisco. which is an IP packet. including the FCS terminating the frame. LLC bytes are also included with the Data field in the IEEE standard frames. The sending host computes a checksum on the entire frame and appends this as a trailer to the data.[1] Point-to-Point Protocol (PPP) 16 or 32 bits. This way it can detect whether any data was lost or altered in transit. The LLC sublayer takes the network protocol data. 100615 cisco. The receiving host computes the checksum on the frame using the same algorithm. HDLC 16 or 32 bits. are susceptible to errors from a variety of sources.Cisco Systems"]. including the trailing FCS. and other data link layer protocols. .

The packet is the fundamental unit of information in computer networks. especially fiber optic networks. 8261-200804-I/ en Gigapackets Gigapackets are billions (109) of packets or datagrams. External links • ITU-T G.8261 94 G. int/ rec/ T-REC-G.5 Gbit/s and OC-192 at 10 Gbit/s. itu. The bit rates that are used to create gigapackets are in the range of gigabits per second.8261 ITU-T Recommendation G.1361 (formerly G.8261/Y. the minimum requirements that network equipment at the TDM interfaces at the boundary of these packet networks can tolerate.8261 recommendation publication [1] References [1] http:/ / www. These rates are seen in network speeds of gigabit Ethernet or 10 Gigabit Ethernet and SONET Optical Carrier rates of OC-48 at 2. Usage Packet networks have been inherently asynchronous. However. as the communications industry moves toward an all IP core and edge network. This is essential for the interworking with PSTN. .pactiming) "Timing and Synchronization Aspects in Packet Networks" specifies the upper limits of allowable network jitter and wander.G. Data transfer rates in gigapackets per second are associated with high speed networks. The goal is provide a Primary Reference Clock (PRC) traceable clock for the TDM applications. there is a need to provide synchronization functionality to traditional TDM-based applications. and the minimum requirements for the synchronization function of network equipment.

[1] [2] [3] Overview The Sending Application prepares an Application Message and forwards it to the Sending Entity.48 Scope It is used to the exchange of secured packets between an entity in a GSM PLMN and an entity in the SIM. (e. . The Sending Entity prepends a Security Header (the Command Header) to the Application Message. The resulting structure is here referred to as the (Secured) Command Packet. .48 Java API and Realization Library" (https:/ / gsm0348. 3gpp. It then applies the requested security to part of the Command Header and all of the Application Message. org/ ftp/ Specs/ html-info/ 0348.GSM 03. [2] "GSM 03.g. zip). [3] "3GPP Standard Page" (http:/ / www. application specific data supplied by the Receiving Application. com). The Response Packet consists of a Security Header (the Response Header) and optionally. The Response Packet will be returned to the Sending Entity. References [1] "GSM 03. The Receiving Entity subsequently forwards the Application Message to the Receiving Application indicating to the Receiving Application the security that was applied. . including any padding octets. Retrieved 16 May 2011.48 have been applied.48 Version 890" (http:/ / www. Application messages are commands or data exchanged between an application resident in or behind the GSM PLMN and on the SIM. googlecode. If so indicated in the Command Header. 3gpp. 48/ 0348-890. with an indication of the security to be applied to the message.48 95 GSM 03. Retrieved 16 May 2011. The interface between the Sending Application and Sending Entity and the interface between the Receiving Entity and Receiving Application are proprietary. Both the Response Header and the application specific data are secured using the security mechanisms indicated in the received Command Packet. . Under normal circumstances the Receiving Entity receives the Command Packet and unpacks it according to the security parameters indicated in the Command Header. subject to constraints in the transport layer. timing). Secured Packets contain application messages to which certain mechanisms according to GSM 03. org/ ftp/ Specs/ archive/ 03_series/ 03. the Receiving Entity shall create a (Secured) Response Packet. Retrieved 16 May 2011. htm).

OSPF) instead. such as Ethernet which encapsulates each packet in a frame. The 6 most-significant bits are used for DSCP. and a payload consisting of user data. Flow Label (20 bits) Originally created for giving real-time applications special service.g. which is used to classify packets. [1] Routers do not fragment IPv6 packets. The control information in IPv6 packets is subdivided into a mandatory fixed header and optional extension headers. but this may also be a higher layer tunneling protocol. ICMPv6) or Link Layer (e.IPv6 packet 96 IPv6 packet An IPv6 packet is the smallest message entity exchanged via the Internet Protocol across an Internet Protocol version 6 (IPv6) network.g. but may be data for an Internet Layer (e. Hosts are "strongly recommended" to implement path MTU discovery to take advantage of MTUs greater than the smallest MTU of 1280 octets.[5] [6] and first uses of this field are emerging.. Packets consist of control information for addressing and routing.[1] It has the following format: Fixed header format Offsets Octet Octet 0 4 8 12 16 20 24 28 32 36 Bit   0  32  64  96 128 160 192 224 256 288 Destination Address 0 1 2 3  0  1  2  3  4  5  6  7  8  9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 Version Traffic Class Payload Length Source Address Flow Label Next Header Hop Limit Version (4 bits) The constant 6 (bit sequence 0110). Fixed header The fixed header of an IPv6 packet consists of its first 40 octets (320 bits). such as IPv4 when using 6to4 or Teredo transition technologies..[7] Payload Length (16 bits) . Hosts may use fragmentation to send packets larger than the observed path MTU. IPv6 packets are typically transmitted over a Link Layer protocol.[2] [3] The remaining two bits are used for ECN. Traffic Class (8 bits) The bits of this field hold two values.[1] Flow Label specifications and minimum requirements are described. as they do for IPv4. The payload of an IPv6 packet is typically a datagram or segment of the higher-level Transport Layer protocol.[4] priority values subdivide into ranges: traffic where the source provides congestion control and non-congestion control traffic.

should there be more than one extension header following the fixed header. Destination Address (128 bits) The IPv6 address of the destination node(s). the Next Header field of the last extension header indicates the type of the upper-layer protocol header in the payload of the packet. When the counter reaches 0 the packet is discarded. All extension headers are a multiple of 8 octets in size. and are placed between the fixed header and the upper-layer protocol header. Note that all extension headers are optional and should only appear at most once. and since current link layer technology is assumed to provide sufficient error detection[9] . The Next Header field in the fixed header indicates the type of the first extension header.IPv6 packet The size of the payload in octets. This value is decremented by one at each intermediate node the packet visits. the header has no checksum to protect it. Hop Limit (8 bits) Replaces the time to live field of IPv4. code 1). Extension headers are to be examined and processed at the packet's destination only. In order to increase performance. The defined extension headers below are listed in the preferred order. some extension headers require internal padding to meet this requirement. . as both fields have the same function (see List of IP protocol numbers). except for Hop-by-Hop Options. except for the Destination Options header. [1] There are several extension headers defined.[1] 97 Extension headers Extension headers carry optional Internet Layer information.[1] The headers form a chain. The length is set to zero when a Hop-by-Hop extension header carries a Jumbo Payload option. The values are shared with those used for the IPv4 protocol field. Source Address (128 bits) The IPv6 address of the sending node. including sending and receiving node. When extension headers are present in the packet this field indicates which extension header follows.[1] When a Next Header value 0 appears in a header other than the fixed header a node should do the same. which need to be processed at every intermediate node on the packet's path. If a node does not recognize a specific extension header. using the Next Header fields.[8] Next Header (8 bits) Specifies the type of the next header. including any extension headers. This field usually specifies the transport layer protocol used by a packet's payload. which may appear twice. and new extension headers may be defined in the future. it should discard the packet and send an Parameter Problem message (ICMPv6 type 4.

Carries encrypted data for secure communication.. Options and Padding Next Header (8 bits) Specifies the type of the next header. Options that need to be examined only by the destination of the packet. Options (variable) Contains one or more options. Options are TLV-coded.[1] There could. if more options are present than will fit in that space. not including the first 8 octets.. Hop-by-Hop Options and Destination Options extension header format Offsets Octet Octet 0 4 8 .. 0 1 2 3  0  1  2  3  4  5  6  7  8  9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 Next Header Hdr Ext Len Options and Padding Optional: more Options and Padding . but passed unaltered by routers. including sending and receiving nodes. Contains parameters for fragmentation of datagrams. Hop-by-hop options and destination options The Hop-by-Hop Options extension header needs to be examined by all nodes on the packet's path. Bit   0  32  64 . the IPv6 packet ends right after it: the payload should be empty. The extension headers are both at least 8 octets in size.. and optional padding fields to align options and to make the total header length a multiple of 8 octets.. Destination Options (before upper-layer header) 60 Value 59 (No Next Header) in the Next Header field indicates that there is no next header whatsoever following this one. from the header's point of view. Contains information used to verify the authenticity of most parts of the packet. Options that need to be examined only by the destination of the packet. The Destination Options extension header need to be examined by the destination node(s) only.IPv6 packet 98 Extension Header Hop-by-Hop Options Destination Options (before routing header) Routing Fragment Authentication Header (AH) Encapsulating Security Payload (ESP) Type 0 60 43 44 51 50 Description Options that need to be examined by all devices on the path. It means that. not even a header of an upper-layer protocol. Methods to specify the route for a datagram (used with Mobile IPv6). Hdr Ext Len (8 bits) Length of this header in 8-octet units. .. still be data in the payload if the payload length in the first header of the packet is greater than the length of all extension headers in the packet. This data should be ignored by hosts. blocks of 8 octets are added to the header repeatedly—containing options and padding—until all options are represented. however.

or 2.[1] ..[1] Routing extension header format Offsets Octet Octet 0 4 8 . Hdr Ext Len (8 bits) The length of this header. Fragment In order to send a packet that is larger than the path MTU. Routing Header type 2 is a limited version of type 0 and is used for Mobile IPv6.. not including the first 8 octets. Routing types Due to the fact that with Routing Header type 0 a simple but effective[10] denial-of-service attack could be launched. Routing Header type 1 is used for the Nimrod[12] project funded by DARPA.. Routing Type (8 bits) 0. in multiples of 8 octets. blocks of 8 octets are added to the header repeatedly. The header is at least 8 octets in size. the sending node splits the packet into fragments. The Fragment extension header carries the information necessary to reassemble the original (unfragmented) packet. until all Type-specific Data is placed. Next Header (8 bits) Indicates the type of the next header. Bit   0  32  64 .. 0 1 2 3  0  1  2  3  4  5  6  7  8  9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 Next Header Hdr Ext Len Type-specific Data Routing Type Segments Left Optional: more Type-specific Data . this header is deprecated[11] and host and routers are required to ignore these headers. where it can hold the Home Address of the Mobile Node. if more Type-specific Data is needed than will fit in 4 octets..IPv6 packet 99 Routing The Routing extension header is used to direct a packet to one or more intermediate nodes before being sent to its destination. Type-specific Data (variable) Data that belongs to this type of routing header.. 1. Segments Left (8 bits) Number of nodes this packet still has to visit before reaching its final destination.

Fragment Offset (13 bits) Offset. 0 means last fragment.[8] Jumbograms are only relevant for links that have a MTU larger than 65583 octets (more than 65535 octets for the payload. Authentication Header (AH) and Encapsulating Security Payload (ESP) The Authentication Header and the Encapsulating Security Payload are part of IPsec and are used identically in IPv6 and in IPv4. M Flag (1 bit) 1 means more fragments follow. by making use of a 32-bit length field. the jumbo payload option in a Hop-By-Hop Options extension header[8] . M Next Header (8 bits) Identifies the type of the next header. Identification (32 bits) Packet identification value. urgent data pointer). Since both TCP and UDP include fields limited to 16 bits (length.IPv6 packet 100 Fragment extension header format Offsets Octet Octet 0 4 Bit   0  32 0 1 2 3  0  1  2  3  4  5  6  7  8  9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 Next Header Reserved Identification Fragment Offset Rsvd. for example a TCP segment or a UDP datagram. allows the exchange of packets with payloads of up to one byte less than 4 GB (232 − 1 = 4294967295 bytes).[13] [14] Payload The fixed and optional IPv6 headers are followed with the upper-layer payload. relative to the start of the fragmentable part of the original packet. Packets with such payloads are called jumbograms. initialized to zeroes. in 8-octet units. Needed for reassembly of the original packet. plus 40 octets for the fixed header. capable of specifying a maximum size of 65535 octets for the payload. Jumbogram An optional feature of IPv6. support for IPv6 jumbograms requires modifications to the Transport Layer protocol implementation. Standard payload length The payload length field of IPv6 (and IPv4) has a size of 16 bits. plus 8 octets for the Hop-by-Hop extension header). generated by the source node. the data provided by the transport layer. Reserved (8 bits) Initialized to all zeroes. (2 bits) Reserved. Rsvd. Most Link Layer protocols cannot process packets larger than 65535 octets. . The Next Header field of the last IPv6 header indicates what type of payload is contained in this packet.

Fragmenting A packet containing a fragment of an original (larger) packet consists of two parts: the unfragmentable part of the original packet (which is the same for all fragments). if the packet was discarded for this reason. Each Fragment extension header has its M flag set to 1 (indicating more fragments follow). reassembly of the original packet is abandoned and all fragments are discarded. Receiving hosts must make a best-effort attempt to reassemble fragmented IP datagrams that. except the last fragment. Therefore. Any data link layer conveying IPv6 data must be capable of delivering an IP packet containing 1280 bytes without the need to invoke end-to-end fragmentation at the IP layer. Packets containing fragments need not arrive in sequence. code 1) is returned to the node originating the fragmented packet. . if the upper-layer protocol is unable to do so. IPv6 routers never fragment IPv6 packets. The first fragment(s) hold the rest of the extension headers (if present). If the first fragment was received (which contains the fixed header). the sending host may use the Fragment extension header in order to perform end-to-end fragmentation of IPv6 packets. unless they have previous assurance that the receiver is capable of reassembling such large datagrams. Each fragment is a multiple of 8 octets in length. If not all fragments are received within 60 seconds after receiving the first packet with a fragment. and a piece of the fragmentable part of the original packet. or else the Hop-by-Hop extension header. the unfragmentable part is just the fixed header. The Next Header value of the last (extension) header of the unfragmentable part is set to 44 to indicate that a Fragment extension header follows. After the Fragment extension header a fragment of the rest of the original packet follows. and the upper-layer protocol is expected to limit the payload size. identified by a fragment offset. except the last. contain up to 1500 bytes. senders should avoid sending fragmented IP datagrams with a total reassembled size larger than 1500 bytes. Hosts are permitted to make an attempt to reassemble fragmented datagrams larger than 1500 bytes.IPv6 packet 101 Fragmentation Unlike in IPv4. whose flag is set to 0. similarly to the IPv4 method when the Don't Fragment bit set. Packets exceeding the size of the maximum transmission unit of the destination link are dropped and this condition is signaled by a Packet too Big ICMPv6 type 2 message to the originating node. after reassembly. a Time Exceeded message (ICMPv6 type 3. The unfragmentable part of a packet consists of the fixed header and some of the extension headers of the original packet (if present): all extension headers up to and including the Routing extension header. Reassembly The original packet is reassembled by the receiving node by collecting all fragments and placing each fragment at the right offset and discarding the Fragment extension headers of the packets that carried them.[1] End nodes in IPv6 are expected to perform path MTU discovery to determine the maximum size of packets to send. However. but they are also permitted to silently discard any datagram after it becomes apparent that the reassembled packet would be larger than 1500 bytes. If neither extension headers are present. they will be rearranged by the receiving node. After that the rest of the payload follows.

"IPv6 Routing Header Security" (http:/ / www. RFC 5095. ITU-T G. or peak-to-peak displacement." [11] Abley. (April 2002) New Terminology and Clarifications for DiffServ (http:/ / tools. PCI-e. html) IETF. Chiappa. [6] Rajahalme. (August 1999). S. G. version 6 (IPv6) Specification (http:/ / tools. often in relation to a reference clock source. Also like other time-varying signals. ietf. org/ html/ rfc3697).. S. RFC 1992.. RFC 3260... Neville-Neil. Black. [12] Castineyra. RMS. "Type 0: the evil mechanism. RFC 2460. IETF. ietf. org/ html/ rfc4303. html).IPv6 packet 102 References [1] Deering. ietf. ietf. org/ html/ rfc3168. . Jitter may be caused by electromagnetic interference (EMI) and crosstalk with carriers of other signals. [3] Grossman. R. Jitter can cause a display monitor to flicker.. Hinden. B. [9] RFC 1726 section 6. html) IETF.. jitter can be expressed in terms of spectral density (frequency content). Carpenter. ietf. K. Steenstrup. the more commonly quoted figure. e.... RFC 3697. [5] Wijnen. S. Deering. IETF. org/ html/ draft-blake-ipv6-flow-label-nonce-02) [8] Borman. [4] Ramakrishnan..[1] Jitter can be quantified in the same terms as all time-varying signals. IETF.. (December 2005) IP Encapsulating Security Payload (http:/ / tools. I. Retrieved 3 December 2010. D. Jitter is a significant. org/ html/ rfc4302.g.. Black. M. (December 2005) IP Authentication Header (http:/ / tools. [2] Nickols. Conta. B. Deprecation of Type 0 Routing Headers in IPv6 (http:/ / tools. (March 2004) IPv6 Flow Label Specification (http:/ / tools. (December 2007). pdf) (pdf).. ietf. ietf. (September 2003) Textual Conventions for IPv6 Flow Label (http:/ / tools. S. secdev. Internet Protocol. html). Savola. RFC 4203. ietf. IETF. html). org/ html/ rfc2460)..g. ietf. S. org/ html/ rfc5095). The amount of tolerable jitter depends on the affected application. IETF. org/ html/ rfc3595). RFC 2675. SATA. K. RFC 4202. J. RFC 2474. ietf.. IETF.810 classifies jitter frequencies below 10 Hz as wander and frequencies at or above 10 Hz as jitter. (September 2001) The Addition of Explicit Congestion Notification (ECN) to IP (http:/ / tools. IPv6 Jumbograms (http:/ / tools. org/ html/ rfc2675). IETF.. Arnoud Ebalard (April 2007). D. the signal amplitude. P. EADS. F. org/ html/ rfc3260. org/ html/ rfc1992)'. and loss of transmitted data between network devices. (Augustus 1996) The Nimrod Routing Architecture (http:/ / tools..2 [10] Philippe Biondi. introduce clicks or other undesired effects in audio signals. R. ietf. Jitter frequency. . A. N. RFC 3168. factor in the design of almost all communications links (e. IETF. org/ conf/ IPv6_RH_security-csw07. Baker.. S. org/ html/ rfc2474. In clock recovery applications it is called timing jitter. IETF. RFC 3595. [7] draft-blake-ipv6-flow-label-nonce-02 (http:/ / tools. Jitter may be observed in characteristics such as the frequency of successive pulses.. D. [13] Kent. or phase of periodic signals. and usually undesired. USB. S. Deering. J. affect the performance of processors in personal computers. Blake. ietf. Jitter Jitter is the time variation of a periodic signal in electronics and telecommunications. is its inverse. Floyd. Jitter period is the interval between two times of maximum effect (or minimum effect) of a signal characteristic that varies regularly with time. (December 1998) Definition of the Differentiated Service Field (DS Field) in the IPv4 and IPv6 Headers (http:/ / tools. OC-48). (December 1998). Hinden. [14] Kent. D.

less than a nanosecond of jitter can reduce the effective bit resolution of a converter with a Nyquist frequency of 22 kHz to 14 bits. A successful approach to correction in software involves performing overlapping reads and fitting the data to find overlaps at the edges. A network with constant latency has no variation (or jitter).Jitter 103 Sampling jitter In conversion between digital and analog signals. Samples should be converted at regular intervals. . seek jitter causes extracted audio samples to be doubled-up or skipped entirely if the Compact Disc drive re-seeks. or where the clock signal is especially prone to interference. The standards-based term is packet delay variation (PDV). Packet jitter in computer networks In the context of computer networks. CD-ROM data discs are not subject to seek jitter. These glitches often sound like tiny repeating clicks during playback. Various effects can come about depending on the pattern of the jitter in In telecommunications circuit analysis an Eye diagram shows distortions caused by jitter. A jitter meter is a testing instrument for measuring clock jitter values. the extraction process may restart a few samples early or late. As a result. and is used in manufacturing DVD and CD-ROM discs. the term jitter is often used as a measure of the variability over time of the packet latency across a network. Most extraction programs perform seek jitter correction. However. Due to additional sector level addressing added in the Yellow Book (CD standard). CD manufacturers avoid seek jitter by extracting the entire disc in one continuous read operation using special CD drive models at slower speeds so the drive does not re-seek. The problem occurs because the Red Book (audio CD standard) does not require block-accurate addressing during seeking. relation to the signal. resulting in doubled or omitted samples.[2] Packet jitter is expressed as an average of the deviation from the network mean latency. the term is imprecise. Compact disc seek jitter In the context of digital audio extraction from Compact Discs. the sampling frequency is normally assumed to be constant. for this use. If there is jitter present on the clock signal to the analog-to-digital converter or a digital-to-analog converter then the instantaneous signal error introduced will be proportional to the slew rate of the desired signal and the absolute value of the clock error.[3] PDV is an important quality of service factor in assessment of network performance. In some conditions. This is a consideration in high-frequency signal conversion.

synchronous circuitry benefits from minimizing period jitter. it is usually quantified using the standard deviation of this distribution (aka.Jitter 104 Phase jitter metrics For clock jitter. In telecommunications. so that the shortest clock period approaches the average clock period. In these cases. Often. Period jitter tends to be important in synchronous circuitry like digital state machines where the error-free operation of the circuitry is limited by the shortest possible clock period. Period jitter (aka cycle jitter) is the difference between any one clock period and the ideal clock period. Many efforts have been made to meaningfully quantify distributions In the normal distribution one standard deviation from the mean (dark blue) accounts for that are neither Gaussian nor have about 68% of the set. the unit used for the above types of jitter is usually the Unit Interval (abbreviated UI) which quantifies the jitter in terms of a fraction of the ideal period of a bit. jitter distribution is significantly non-Gaussian. it can be thought of as the discrete-time derivative of absolute jitter. Absolute jitter is the absolute difference in the position of a clock's edge from where it would ideally be. it can be thought of as the discrete-time derivative of period jitter. Accordingly. different circuit effects. Since they have different generation mechanisms. in particular IP networks such as the Internet. . It can be important for some types of clock generation circuitry used in microprocessors and RAM interfaces. peak-to-peak measurements are more useful. all real jitter). This can occur if the jitter is caused by external sources such as power supply noise. All have shortcomings but most tend to be good enough for the purposes of engineering work. Absolute units such as picoseconds are more common in microprocessor applications. RMS). there are three commonly used metrics: absolute jitter. medium. and cycle to cycle jitter.7%. Hence. and dark blue) meaningful peaks (which is the case in account for about 99. period jitter. it is useful to quantify them separately. In networking. If jitter has a Gaussian distribution. and different measurement methodology. the reference point for jitter is defined such that the mean jitter is 0. This unit is useful because it scales with clock frequency and thus allows relatively slow interconnects such as T1 to be compared to higher-speed internet backbone links such as OC-192. and the performance of the circuitry is limited by the average clock period. Note that typically. Cycle-to-cycle jitter is the difference in length of any two adjacent clock periods. Accordingly. while two standard deviations from the mean (medium and dark blue) account for about 95% and three standard deviations (light. Units of degrees and radians are also used. jitter can refer to the variation (statistical dispersion) in the delay of the packets.

For example. Testing Testing for jitter and its measurement is of growing importance to electronics engineers because of increased clock frequencies in digital electronic circuitry to achieve higher device performance. which has a Gaussian distribution. The central limit theorem states that composite effect of many uncorrelated noise sources. One example of bounded uncorrelated jitter is Periodic jitter. and the bounds can easily be observed and predicted. For example. The peak-to-peak value of this jitter is bounded.Jitter 105 Types Random jitter Random Jitter. and thus impose tighter tolerances on jitter. Determistic jitter can either be correlated to the data stream (data-dependent jitter) or uncorrelated to the data stream (bounded uncorrelated jitter). is unpredictable electronic timing noise. modern computer motherboards have serial bus architectures with eye openings of 160 picoseconds or less. A common bit error rate used in communication standards such as Ethernet is 10−12. which may have eye openings on the order of 1000 picoseconds. approaches a Gaussian distribution. n BER 6. also called Gaussian jitter. regardless of the distributions.3 10−13 7. Testing of device performance for jitter tolerance often involves the injection of jitter into electronic components with specialized test equipment. Another reason for random jitter to have a distribution like this is due to the central limit theorem. A less . It is believed to follow this pattern because most noise or jitter in a electrical circuit is caused by thermal noise.4 10−10 6. Jitter is measured and evaluated in various ways depending on the type of circuitry under test.7 10−11 7 10−12 7. One of the main differences between random and deterministic jitter is that deterministic jitter is bounded and random jitter is unbounded. T = Dpeak-to-peak + 2× n×Rrms.6 10−14 Total jitter Total jitter (T) is the combination of random jitter (R) and deterministic jitter (D): in which the value of n is based on the bit error rate (BER) required of the link. Random jitter typically follows a Gaussian distribution or Normal distribution. Deterministic jitter Deterministic jitter is a type of clock timing jitter or data signal jitter that is predictable and reproducible. according to industry accepted standards. jitter in serial bus architectures is measured by means of eye diagrams. This is extremely small compared to parallel bus architectures with equivalent performance. Higher clock frequencies have commensurately smaller eye openings. Examples of data-dependent jitter are duty-cycle dependent jitter (also known as duty-cycle distortion) and intersymbol interference.

Examples of anti-jitter circuits include phase-locked loop and delay-locked loop. Dejitterizer A dejitterizer is a device that reduces jitter in a digital signal. They are widely used in clock and data recovery circuits in digital communications.[4] In all cases. Filtering A filter can be designed to minimize the effect of sampling jitter.Jitter direct approach—in which analog waveforms are digitized and the resulting data stream analyzed—is employed when measuring pixel jitter in frame grabbers. thus minimizing the perceptual impact of the adaptation. AJCs operate by re-timing the output pulses so they align more closely to an idealised pulse signal. Minimizing the effects of sampling jitters in wireless sensors networks. jitter transfer function and jitter generation. compliant systems are required to conform to these standards. 106 Mitigation Anti-jitter circuits Anti-jitter circuits (AJCs) are a class of electronic circuits designed to reduce the level of jitter in a regular pulse signal. that allows the lengths of the silence periods to be adjusted. which may appear offensive to the listener or viewer. A dejitterizer is usually ineffective in dealing with low-frequency jitter. the term packet delay variation is often preferred over jitter. Adaptive de-jittering involves introducing discontinuities in the media play-out. Ahmed and T. Chen entitled. the goal of jitter measurement is to verify that the jitter will not disrupt normal operation of the circuitry. Adaptive de-jittering is usually carried out for audio play-outs that feature a VAD/DTX encoded audio. A dejitterizer usually consists of an elastic buffer in which the signal is temporarily stored and then retransmitted at a rate based on the average rate of the incoming signal. For more information. In the context of packet-switched networks. Jitter buffers Jitter buffers or de-jitter buffers are used to counter jitter introduced by queuing in packet switched networks so that a continuous playout of audio (or video) transmitted over the network can be ensured. Inside digital to analog converters jitter causes unwanted high-frequency distortions. These are known as adaptive de-jitter buffers and the adaptation logic is based on the jitter estimates computed from the arrival characteristics of the media packets. Where applicable. as well as for data sampling systems such as the analog-to-digital converter and digital-to-analog converter. . The maximum jitter that can be countered by a de-jitter buffer is equal to the buffering delay introduced before starting the play-out of the mediastream. such as waiting-time jitter. In this case it can be suppressed with high fidelity clock signal usage. There are standards for jitter measurement in serial bus architectures. Some systems use sophisticated delay-optimal de-jitter buffers that are capable of adapting the buffering delay to changing network jitter characteristics. The standards cover jitter tolerance. see the paper by S. with the required values for these attributes varying among different applications.

com/QoS/QoS_Jitter.techtarget.cisco.shtml) • Clock and data recovery/Introduction/Definition of (phase) jitter (http://en. Jitter and Signal Integrity Verification for Synchronous and Asynchronous I/Os at Multiple to 10 GHz/Gbps (http://www. • Li. Ohtani. google.html) .com/appnotes.pdf).com/en/US/tech/tk652/tk698/ technologies_tech_note09186a00800945df.edu/pub/mplsServices/other/ QoS_Testing_Methodology.cfm/an_pk/1916/ CMP/WP-34) • Jitter Specifications Made Easy (http://www. SOC-System Jitter Resonance and Its Impact on Common Approach to the PDN Impedance (http:// www. htm). Prentice Hall. (2008).sid66_gci906844. "Pixel Jitter in Frame Grabbers" (http:/ / www. Patrick R.org/wiki/ Clock_and_data_recovery/Introduction/Definition_of_(phase)_jitter) • Zamek. Data Encoding. Presented at International Test Conference 2008.pdf). sensoray. 476.altera.pdf) • An Introduction to Jitter in Communications Systems (http://www. Further reading • Wolaver.html) • Definition of Jitter in a QoS Testing Methodology (ftp://ftp.phabrix. and Zhe Li.Hand-held Tool for eye and jitter measurement and analysis (http://www.en. [1] Wolaver. in/ books?id=tm-evHmOs3oC& pg=PA476). Presented at DesignCon 2009.. IP Packet Delay Variation Metric for IP Performance Metrics (IPPM). and Spectroscopic Mechanisms (http://www.com/literature/cp/cp-01049-jitter-si-verification. Hui.ppt) (Causes. • Li. Pre-Driver PDN SSN.211 [2] Comer.com) • Miki.Causes.com/literature/cp/cp-01048-jitter-resonance. com/ support/ pixjiter. OPD.pdf). Mike P. Artech ISBN 089006248X External links • Jitter in VoIP .com/en/digital_clocking.Jitter 107 References  This article incorporates public domain material from the General Services Administration document "Federal Standard 1037C" [1] (in support of MIL-STD-188). Phase-Locked Loop Circuit Design. pages 211-237 • Trischitta. A New Jitter Classification Method Based on Statistical.11/dcn/04/ 11-04-1458-00-000n-jitter-requirements.00. • Liu.com/literature/cp/cp-01055-impact-ssj. 1991. Eve L. IETF (2002) [4] Khvilivitzky.wikibooks. solutions and recommended values (http://www. Presented at Electronics Components and Technology Conference 2009. • Phabrix SxE .com/literature/cp/cp-01052-jitter-classification. and Kowalski Jitter Requirements (https://mentor.pdf). Alexander (2008). and Varma. and Their Impact on SSJ (http://www. Iliya. Prentice Hall.com/appnotes. Retrieved 2008-02-15. .unh.com/sDefinition/0. [3] RFC 3393. Douglas E. Dan H. ISBN 0-13-662743-9.antelopeaudio. Hong Shi. solutions and recommended values for digital audio) • Igor Levin Terms and concepts involved with digital clocking related to Jitter issues in professional quality digital audio (http://www. php) • Jitter Buffer (http://searchenterprisevoice.org/802. 1989.ieee.iol. p.maxim-ic. Computer Networks and Internets (http:/ / books. . 1991. co. pp.cfm/an_pk/377/CMP/WP-35) A Heuristic Discussion of Fibre Channel and Gigabit Ethernet Methods • Jitter in Packet Voice Networks (http://www. Jitter in Digital Transmission Systems.altera.altera. Presented at International Test Conference 2008. ISBN 9780136061274. Physical.maxim-ic. Mike P.voipforo. Xiaohong Jiang.altera.

they did not become part of the official IEEE 802. and without requiring any changes to other stations on the network. . if one receives a corrupted packet. although this does not reduce the receiver CPU load. network interface cards capable of jumbo frames require explicit configuration to use jumbo frames. and work without special consideration and without requiring all stations to support jumbo frames. instead of the frames around the data. especially on low bandwidth links.Jumbo frame 108 Jumbo frame In computer networking. federal government networks. jumbo frames can carry up to 9000 bytes of payload. interfaces using the standard frame size and interfaces using the jumbo frame size should not be in the same subnet. can provide effectively all the gains of jumbo frames without the re-send costs. jumbo frames are Ethernet frames with more than 1500 bytes of payload.[1] Most national research and education networks (such as Internet2/NLR. however. Many other vendors also adopted the size. Thus. Many Gigabit Ethernet switches and Gigabit Ethernet network interface cards support jumbo frames.663 bits.3 Ethernet standard. but variations exist and some care must be taken when using the term. however. In order to meet this mandatory purchasing criterion. This gives two additional bits of error detection ability at MTU-sized data words compared to the Ethernet CRC standard polynomial while not sacrificing HD=4 capability for data word sizes up to and beyond 72k bits. However.[2] Adoption The IEEE 802 standards committee does not recognize jumbo frames.S. If the frame size is increased. Interrupt-combining Ethernet chipsets. Jumbo frames gained initial prominence when Alteon WebSystems introduced them in their ACEnic Gigabit Ethernet adapters. Zero-copy NICs and device drivers.11 Wireless LAN. including 802. when combined with interrupt combining. The Castagnoli polynomial 0x11EDC6F41 achieves the Hamming Distance HD=6 beyond one Ethernet MTU (to a 16. which is more than 9 times the length of an Ethernet MTU. and AARNet) support jumbo frames. only 1500 bytes (plus 18 bytes for the frame header and other overhead) must be re-sent to correct the error. To reduce interoperability issues. IETF solutions for adopting Jumbo Frames avoids the data integrity reductions through use of the Castagnoli CRC polynomial being implemented within the SCTP transport (RFC 4960). do provide most of the same gain for the receiver. manufacturers have in turn adopted 9000 bytes as the conventional jumbo frame size. Their recommendation has been adopted by all other national research and education networks.360 bit data word length) and HD=4 to 114. Selection of this polynomial was based upon work documented in the paper "32-Bit Cyclic Redundancy Codes for Internet Applications"[3] . The use of 9000 bytes as preferred size for jumbo frames arose from discussions within the Joint Engineering Team of Internet2 and the U. The presence of Jumbo frames may have an adverse effect on network latency. the same amount of data can be transferred with less effort. Conventionally. a similar reduction in CPU utilization can be achieved by using TCP segmentation offloading. This reduces CPU utilization (mostly due to interrupt reduction) and increases throughput by allowing the system to concentrate on the data in the frames. At the sender. each frame requires that the network hardware and software process it. but most commercial Internet service providers do not. ESnet. As a result. GÉANT. Inception The original 1500-byte payload size for Ethernet frames was used because of the high error rates and low speed of communications. as doing so would remove interoperability with existing Ethernet equipment and other 802 protocols. Some Fast Ethernet switches and Fast Ethernet network interface cards support jumbo frames.5 Token Ring and 802. Internet Protocol subnetworks require that all hosts in a subnet have an identical MTU. and iSCSI (RFC 3720).

. edu/ ~koopman/ networks/ dsn02/ dsn02_koopman. 1016/ .[1] Super jumbo frames Super jumbo frames (SJFs) are generally considered to be Internet packets which have a payload in excess of the tacitly accepted jumbo frame size of 9000 bytes. Generally. References [1] "Jumbo/Giant Frame Support on Catalyst Switches Configuration Example" (http:/ / www. "Alteon still stumping for Jumbo Frames" (http:/ / www. Cisco. errors generated internal to NICs can be detected as well. and within a TCP transport designed to carry SCSI data. org/ 10. Testing that led to adoption of RFC 3309 compiled evidence based upon simulated error injection against real data that demonstrated as much as 2% of these errors were not being detected. process to increase the path MTU of high performance national research and education networks from 1518 bytes to 9000 bytes or so. This however implies the covariant scaling of numerous intermediating logic circuits along the network path. 2011. com/ news/ 1022alteon. osn. to accommodate the maximum transmission unit (MTU). [3] "32-Bit Cyclic Redundancy Codes for Internet Applications" (http:/ / www. a subsequent increase. "Catalyst 3750/3560 Series switches support an MTU of 1998 bytes for all 10/100 interfaces" [2] Jeff Caruso (October 22. CRC calculations done in software have always resulted in slower performance than that achieved when using simple additive checksums. 1998). 10. the packet payload size should increase in direct proportion to maintain equivalent timing parameters. The relative scalability of network data throughput as a function of packet transfer rates is related in a complex manner [4] to payload size per packet. doi. As it has been a relatively difficult. Retrieved 2011-08-22. as line bit rate increases. as found with TCP and UDP. Retrieved July 4. As the nodes in general use reciprocating logic to handle the packets. possibly to 64000 bytes for example. One of the major impediments toward the adoption of Jumbo Frames has been the inability to upgrade existing Ethernet infrastructure that would be needed to avoid a reduction in the ability to detect errors. The main factor involved with an increase in the maximum segment size (MSS) is an increase in the available memory buffer size in all of the intervening persistence mechanisms along the path. Both TCP and UDP have proven ineffective at detecting bus specific bit errors. 2006. Intel now offers 1Gb NIC (82576) and 10Gb NIC (X520) that off-load SCTP checksum calculations and Core i7 processors support the CRC32c instruction as part of their new SSE4 vector math instruction set. pdf) by Philip Koopman. since these errors with simple summations tend to be self cancelling. com/ en/ US/ products/ hw/ switches/ ps700/ products_configuration_example09186a008010edab.Jumbo frame By using a CRC checksum rather than simple additive checksums as contained within the UDP and TCP transports. cmu. ece. The main benefit of this is the reduction of the packet rate. . the number of machine cycles spent parsing packet headers decreases as the average MSS per packet increases. and above. cisco. networkworld. 109 Baby giant frames Baby giants are frames that are only slightly larger than allowed by the IEEE Ethernet standards. To overcome the performance penalty. ECE Department & ICES. required. and somewhat lengthy. may take some time. both provide improved error detection rates despite the use of Jumbo Frames where increase of the Ethernet MTU would have otherwise resulted in a significant reduction in error detection. html). This relationship becomes increasingly important as average network line bit rate increases to 10 gigabits per second. Carnegie Mellon University j. shtml). Network World. 001) [4] 16 000–64 000 B pMTU experiments with simulation: The case for super jumbo frames at Supercomputing ’05 (http:/ / dx. both at end nodes and intermediate transit nodes. Support of Castagnoli CRC polynomial within a general purpose transport designed to handle data chunks.

In discussions of jumbograms for Link Layer technologies.Jumbo frame 110 External links • Jumbo Frames . 2/23/1998 in NetworkWorld • SJF Supercomputing 2005 Demo (http://www. include data size parameters limited to only 16 bits (length.pdf) • Need To Know: Jumbo Frames in Small Networks (http://www. such as the Transmission Control Protocol (TCP) and the User Datagram Protocol (UDP). .psc. The support for IPv6 jumbograms required a redesign in all Transport Layer protocols.wareonearth. by making use of a 32-bit length field. however. The payload length field of IPv4 and IPv6 has a size of 16 bits. RFC 2675.archlinux.ieee802. Hinden. urgent data pointer). allows the exchange of packets with payloads of up to one byte less than 4 GiB (232 − 1 = 4. R. While IPv4 has no facilities to exceed its theoretical IP MTU limit. D..Where to use it? (http://sd. Historically. Alteon Networks. org/ html/ rfc2675).php) • Pushing up the Internet MTU (http://www.org/index.php/Jumbo_Frames) Jumbogram In packet-switched computer networks. the designers of IPv6 have provided a protocol extension to permit packets of larger size.html) • Jumbo frames? Yes! (http://www.295 bytes).html) • 32-Bit Cyclic Redundancy Codes for Internet Applications (http://www. (August 1999).html).com/content/view/30201/54/ ) • How to Jumbo Frames in Archlinux (http://wiki.ece.org/3/frame_study/index. in the context of IPv6 a jumbogram is understood as an IPv6 packet carrying a payload larger than 65535octets[1] IPv6 jumbograms An optional feature of IPv6.rutherford-research. the jumbo payload option. References [1] Borman.edu/~mathis/MTU) • IEEE 802. a jumbogram (portmanteau of jumbo and datagram) is a packet of any size exceeding the standard Maximum Transmission Unit (MTU) of the underlying network technology at either the Link Layer or the Internet Layer. they are often referred to as jumbo frames. thus allowing data of up to 65535octets. The jumbo payload option and the transport-layer modifications are described in RFC 2675. IETF.cmu. Transport Layer protocols. This theoretical limit for the Internet Protocol (IP) MTU. by Selina Lo.com/forum/0223jumboyes.294.3as Frame Expansion Task Force (http://www.edu/~koopman/networks/ dsn02/dsn02_koopman.ca/rrx/hpc/sc05.smallnetbuilder. Thus.. S.com/~phil/jumbo.NetworkWorld. Deering. ietf. is reached only on networks that have a suitable Link Layer infrastructure. IPv6 Jumbograms (http:/ / tools.967.

The tolerance for lag depends heavily on the type of game. Lag in local video gaming All video games incur some lag.Lag 111 Lag Lag is a common word meaning to fail to keep up or to fall behind. World of Warcraft. For the cloud gaming experience to be acceptable. the video and audio compression and decompression. Lag is also often used in reference to video games to describe to the delay (or latency) between an action by a player and the reaction of the game. etc.[2] [3] The most common use regards online gaming when the game doesn't respond in sync with the player's controls.[4] In distributed applications (such as MMORPGs). Heroes of Newerth. allowing for fast local response most of the time. The term lag is often also used as a synonym for communication latency. [1] In real-time applications. And. a strategy game or a turn-based game with a low pace may have a high threshold or even be mostly unaffected by high delays. It includes the time to encode the packet for transmission and transmit it. the game must compute the next frame of video and that video frame must be scanned out to a display device. A minimum bound on latency is determined by the distance between communicating devices and the speed at which the signal propagates in the circuits (typically 70–95% of the speed of light in vacuum). the round-trip lag of all elements of the cloud gaming system (the thin client. Call of Duty. The game server then renders the next frame of the game video which is compressed using low-lag video compression and is sent downstream and decompressed by the thin client. and other traffic. Actual latency is often much higher because of packet processing in networking equipment. For instance. and the user is only running a thin client locally that forwards game controller actions upstream to the game server.[4] Lag in cloud gaming Cloud gaming is a type of online gaming where the entire game is hosted on a game server in a data center. This is also known as "one-way latency". fast chess is a turn-based game that is fast action and may not tolerate high lag. the Internet and/or LAN connection the game server.[5] This can be misleading because there can be other causes for the symptom. since once an input from the player is received. similarly as it does for local gaming. and user tolerance for lag depends highly upon the type of game. video game lag refers to delays that are noticeable to a player. the time for that data to traverse the network equipment between the nodes. Lag in online multiplayer gaming All online video games such as Minecraft. the specific characteristic of the game matter. lag is often caused by communication latency. But in general parlance. some twitch games can be designed such that only events that impact the outcome of the game introduce lag. incur online lag due to a combination of local and remote processing lag and communications latency. RuneScape. server latency or overworked hardware. League of Legends. But. the round-trip network latency between a client game and the host server is referred to as the client's ping time. usually due to a slow internet connection. Final Fantasy XI. For example. and the display of the video on a display device) must be low enough that the user perception is that the game is running . Adventure Quest Worlds. which is the time taken for a sent packet of data to be received at the other end. the game execution on the game server. whereas a twitch gameplay game such as a first-person shooter with a considerably higher pace may require significantly lower delay to be able to provide satisfying gameplay. and the time to receive and decode the data.[6] In general parlance. the term is used when the application fails to respond in a timely fashion to inputs.

. according to OnLive. Retrieved 2010-08-27.Lag locally. Bright Hub!. [9] "Beta Testing at the Speed of Light" (http:/ / blog. iPhone" (http:/ / video. org/ wiki/ lag) [3] Mitigating the Effects of Time Lags on Driving Performance (robotics) (http:/ / www. cloud gaming lag is only slightly higher than local console lag.htm) • It's the Latency. com/ 2010/ 01/ 21/ beta-testing-at-the-speed-of-light/ ).com (http:/ / dictionary.htm) . [10] "Console Gaming: The Lag Factor" (http:/ / www. OnLive has managed to get within spitting distance of console response times". Retrieved 2010-08-27.com/guide/lag. Wall Street Journal. Retrieved 2010-01-23. edu/ videos/ 545/ 60/ 79). Gamezone. Retrieved 2010-08-27.reference. onlive. asp) [6] "Latency Can Kill: Precision and Deadline in Online Games" (http:/ / www. currently limiting the distance between a user and a cloud gaming game server to approximately 1000 miles. Eurogamer Digital Foundry. OnLive. Retrieved 2010-01-23. [12] "OnLive Does What Consoles Can’t: The promise of constant performance upgrades may pull it ahead of today’s consoles. edu/ ~almeroth/ classes/ W10. Retrieved 2010-08-27. Console.[9] Cloud gaming is a very new technology. . I forgot that it wasn't running natively on my PC.Lag Section (http://www. 2009-09-05. . org/ downloads/ GVSETS/ GVSETSPapers/ Robotic Systems/ Mitigating the Effects of Time Lags on Driving Performance. brighthub.stanford. . gamezone. [8] "The Process of Invention: OnLive Video Game Service" (http:/ / tv. Retrieved 2010-08-27. com/ browse/ lag) [2] "lag" at wiktionary (http:/ / en. com/ video/ d8-video-onlive-demo/ 9D57A2C6-24ED-4351-8266-F3F7BA0C4D18/ ). . PC.[7] [8] Because of such tight lag requirements. wiktionary. to the point where "the actions on screen were one-to-one with my input controls. reviewers reported a steady reductions in lag due to constant improvements in the technology. reference. [7] "D8 Video:OnLive demoed on iPad. com/ video-games/ pc/ articles/ 45925.about."[12] 112 References [1] "lag" at dictionary. allthingsd. the only company thus far operating a cloud gaming service. eurogamer. net/ articles/ digitalfoundry-lag-factor-article?page=3/ ). 2010-02-23. 2010-01-21. ndia-mich.net (http:/ / www. columbia. Stupid (http://rescomp. pdf) [4] "Noob Glossary: Ping. . ucsb. pdf/ ). net/ articles/ digitalfoundry-vs-onlive-article/ ). Lag and Servers" (http:/ / www. 2009-12-13. [5] What is Lag? at gamedev. but early tests have shown that in practice. 2010-08-09. In fact. 2010-07-09.com/od/speedtweaks/l/aa021902a. aspx/ ). Mac. .html) • Bandwidth and Latency (http://compnetworking. 290F/ papers/ claypool-10. Eurogamer Digital Foundry. OnLive" (http:/ / www. For example.edu/~cheshire/rants/Latency. . net/ reference/ articles/ article712. distance considerations of the speed of light through optical fiber come into play.[11] In September 2010. [11] "Digital Foundry vs. Retrieved 2010-08-19. eurogamer. External links • The Gamer's Guide from Blues News . seas.[11] resulting in the assessment in July 2010 that "Out of controlled conditions. ACM. gamedev. com/ editorials/ item/ onlive_succeeds_consoles_by_constant_performance_upgrades/ ). cs." (http:/ / www.bluesnews. The FU Foundation School of Engineering & Applied Science (Columbia University). Unreal Tournament 3 incurs up to 133ms of lag on a console[10] and was tested in July 2010 as incurring 150ms in lag on OnLive. 2010-09-06.

Building a link state packet is usually easy. or when some significant event occurs. but cannot use the routing database. Link State Update packets are multicast on those physical networks that support multicast/broadcast. Link state update packet Link State Update packets are OSPF packet type 4. They must be acknowledged. flooded advertisements are explicitly acknowledged. Link state acknowledgment packet Link State Acknowledgment Packets are OSPF packet type 5. Link state packet can also be further defined as special datagrams that determine the names of and the cost or distance to any neighboring routers and associated networks. These packets implement the flooding of link state advertisements. a router then builds a packet containing all the data. the retransmitted advertisements are always carried by unicast Link State Update packets. LSPs are queued for transmission. because it generates exponential behavior. that is. OSPF's reliable update mechanism is implemented by Link State Update and Link State Acknowledgment packets. and the cost of changing a link if the need arises. If retransmission of certain advertisements is necessary. and can be distributed throughout the network. ordinary flooding may result in problems. . and a list of neighbors. the complex part is determining when to build them. such as a line or neighbor going down or coming back up again. if a link failure occurs. flooded advertisements are acknowledged in Link State Acknowledgment packets. Multiple link state advertisements can be acknowledged in a single Link State Acknowledgment packet. Smart flooding.Link state packet 113 Link state packet Overview Link State Packet (LSP) is a packet of information generated by a network router in a link state routing protocol that lists the router's neighbors. Several link-state advertisement may be included in a single packet. a Link State Acknowledgment packet is sent either to the multicast address AllSPFRouters. For each neighbor. Developing Link State Packets When Information needed for exchange is collected. However. the delay to that neighbor is given. followed by a sequence number and age. to the multicast address AllDRouters. One way to reduce this problem is to build them periodically. The packet starts with the identity of the sender. In order to make the flooding procedure reliable. Depending on the state of the sending interface and the source of the advertisements being acknowledged. on the other hand recognizes link state packets appropriately. and must time out at about the same time. A major procedure called flooding which is used for distributing link state algorithms throughout the routing domain can be implemented with link state packets. or as a unicast. They are used to efficiently determine what the new neighbor is. at regular intervals. This acknowledgment is accomplished through the sending and receiving of Link State Acknowledgment packets. Types of Link State packets Link state packets are usually implemented with Open Shortest Path First(OSPF) protocol. or changing its properties appreciatively. To make the flooding of link state advertisements reliable. Each Link State Update packet carries a collection of link state advertisements one hop further from its origin.

Packet loss Packet loss occurs when one or more packets of data travelling across a computer network fail to reach their destination. In the event of packet loss. Effects When caused by network problems. and therefore “[m]issing one . NJ : Prentice Hall. if a transmitted packet is lost. packet drop because of channel congestion [1] [2] . [4] However. Packet loss is distinguished as one of the three main error types encountered in digital communications. online gaming and videoconferencing. : Addison-Wesley. the receiver asks for retransmission or the sender automatically resends any segments that have not been acknowledged. Martha Steenstrup Englewood Cliffs. This drop in throughput is due to the sliding window protocols used for acknowledgment of received packets. packet loss probability is also affected by signal-to-noise ratio and distance between the transmitter and receiver. Acceptable packet loss “The fraction of lost packets increases as the traffic intensity increases. 1953Reading. In certain variants of TCP. This retransmission causes the overall throughput of the connection to drop. Mass. Causes Packet loss can be caused by a number of factors including signal degradation over the network medium due to multi-path fading. Therefore. Don Anderson Anderson. Inc. faulty network drivers or normal routing routines (such as DSR in ad-hoc networks ). In addition to this. For example. but also in terms of the probability of packet loss…a lost packet may be retransmitted on an end-to-end basis in order to ensure that all data are[sic] eventually transferred from source to destination. . c1999 • Routing in communications networks / editor. for Voice over IP traffic. it will be re-sent along with every packet that had been sent after it. Protocols such as UDP provide no recovery for lost packets. and will affect all other network applications to a degree. the only effect seen due to the occasional dropped packet is jitter. Applications that use UDP are expected to define their own mechanisms for handling packet loss. voice over IP. If the latency and the packet loss at the destination hop are acceptable then the hops prior to that one don't matter.Link state packet 114 References • FireWire system architecture : IEEE 1394a / MindShare. the other two being bit error and spurious packets caused due to noise. Infocom 2004. faulty [3] networking hardware. 1995 • Radia Perlman “Rbridges: Transparent Routing”.” [7] The amount of packet loss that is acceptable depends on the type of data being sent. retransmitting missing packets causes the throughput of the connection to decrease. lost or dropped packets can result in highly noticeable performance issues or jitter with streaming technologies. it is important to note that packet loss does not always indicate a problem. performance at a node is often measured not only in terms of delay. [5] Packet recovery Some network transport protocols such as TCP provide for reliable delivery of packets. corrupted packets rejected in-transit. [6] Although TCP can recover from packet loss. Don.

J. F. then there is no other solution than to drop packets.”[8] On the other hand. Kurose. K. & Ross. which is where the aforementioned packet retransmission schemes are used. (2001). Computer Networking: A Top-Down Approach. Kurose. K. J. This type of packet dropping is called tail drop. Mansfield. F. & Antonakos. P 282-283 External links • Interactive animation of TCP fast retransmit simulation: packet loss detection and recovery. [10] The data packets will be transmitted over a longer duration. New York: Addison-Wesley.php?simu=tcp_fast_retransmit&protocol=TCP&title=4. Cengage Learning. F. E. P 30. (2010). New York: Addison-Wesley. & Ross. Retrieved 2007-02-25. F.[9] The TCP protocol is designed with a slow-start connection strategy so that excessive packet loss will cause the sender to throttle back and stop flooding the bottleneck point with data (using perceived packet loss as feedback to discover congestion). W. (2010). There are many methods used for determining which packets to drop. (2010). P 242.net/tcp_histrory. F. [10] Kurose. P 602. C. Computer Networking: A Top-Down Approach. (http://www. P501. K. W. Perkins. K." (http:/ / www. F. J. K. K.Packet loss or two packets every now and then will not affect the quality of the conversation.Fast transmit&ctype=1) . Computer Networking: A Top-Down Approach. P 42-43. com/ kb/ 24) (HTTP). packets may be intentionally dropped in order to slow down specific services for no other reason than to dissuade users from using those services. Computer Networking from LANs to WANs: Hardware. New York: Addison-Wesley. nessoft. J. & Ross. New York: Addison-Wesley. (2010). and Security. W. J. New York: Addison-Wesley. P 147. & Ross. & Ross. P 30. "Packet loss or latency at intermediate hops. C. Most basic networking equipment will use FIFO queuing for packets waiting to go through the bottleneck and they will drop the packet if the queue is full at the time the packet is received. J. Computer Networking: A Top-Down Approach. dropping packets when the queue is full is a poor solution for any connection that requires real-time throughput. Losses between 5% and 10% of the total packet stream will affect the quality significantly. New York: Addison-Wesley. J. K. W. Kurose. [9] Kurose. (2010). In some connections. & Ross. W. packet loss is not necessarily an indication of poor connection reliability or a bottleneck. However. New York: Addison-Wesley. visualland. W. a single dropped packet could result in losing part of the file. K. (2010). For these types of connections. P 30. W. quality of service and other methods are applied. 115 References [1] [2] [3] [4] [5] [6] [7] [8] Kurose. (2010). Ad-Hoc Networking. F. Software. and is related to the erlang unit of measure. (2010). also known as a bottleneck. Computer Networking: A Top-Down Approach. For this reason. Kurose. when transmitting a text document or web page. Computer Networking: A Top-Down Approach. Boston: Addison-Wesley. Packet loss is closely associated with quality of service considerations. When given a situation where the amount of content due to be pushed through a connection is growing at a rate greater than it is possible to push through that connection. L. Boston: Course Technology. J. Computer Networking: A Top-Down Approach. & Ross. .

References [1] Javvin Www Networkdictionary Com (1 March 2007). Mangled packets can be generated by dedicated software such as nmap or Nessus. org/ assignments/ ipv4-address-space/ ). • An incoming or outgoing packet whose source or destination address is in the range 127. routers or any service present on the network. a place where packets clearly can not originate. Retrieved 21 April 2011.Special Use IPv4 Addresses [5] "IANA IPv4 Address Space Registry" (http:/ / www.255. 300. which is reserved for loopback within the host. when not participating in a private network.0/4.0/8.[1] The name is derived from packet from Mars. html).255. which is reserved for internal broadcast.Ingress Filtering for Multihomed Networks [3] "Jargon File: martian" (http:/ / www.0. • An incoming or outgoing packet with a Bogon source or destination address in an as-yet-unallocated range. . or 192. a mangled or invalid packet is a packet—especially IP packet—which either lacks order or self-coherence.Requirements for IP Version 4 Routers [2] RFC 3704 . iana.255/32.0. .[2] but can also arise from network equipment malfunction or misconfiguration of a host. Martian packet A Martian packet is an IP packet which specifies a source or destination address that is reserved for special-use by Internet Assigned Numbers Authority (IANA) and cannot actually originate as claimed or be delivered.0. or in [5] the future-use range 240.0.0. or contains code aimed to confuse or disrupt computers. 172.0/12.0. References [1] RFC 1812 .0. catb. • An incoming packet with a destination address of 255. .. google. most invalid packets are easily filtered by modern stateful firewalls.Mangled packet 116 Mangled packet In computer networking.[1] Martian packets commonly arise from IP address spoofing in denial-of-service attacks. ISBN 9781602670006.168.0/16. firewalls. org/ jargon/ html/ M/ martian. Their usage is associated with a type of network attack called a denial-of-service (DoS) attack. .[3] Examples of Martian packets are[4] : • A packet with a source or destination IPv4 address in the ranges 10.[1] As of 2008. [4] RFC 5735 .0/8. p. com/ books?id=On_Hh23IXDUC& pg=PA300).0. Javvin Technologies Inc.16. It aims to destabilize the network and sometimes to reveal its available services – when network operators need to restart the disabled ones. Network Dictionary (http:/ / books.

that a computer or communications device can receive in a single TCP segment. Internetworking with TCP/IP (5E ed.4k modem for about one second. com/ free/ t_TCPMaximumSegmentSizeMSSandRelationshiptoIPDatagra-2. A larger MTU brings greater efficiency because each packet carries more user data while protocol overheads. Large packets can occupy a slow link for some time. (2006). NJ. MTU parameters usually appear in association with a communications interface (NIC. ties up a 14." [2] http:/ / www.). Section 3. Charles M. causing greater delays to following packets and increasing lag and minimum latency. Douglas E.[1] The IP datagram containing a TCP segment may be self-contained within a single packet. Retransmissions of larger packets take longer. either way. remain fixed. Therefore: MSS + Header ≤ MTU Every host is required to be able to handle an MSS of at least 536 bytes. the MSS limit applies to the total amount of data contained within the final reconstructed TCP segment. ietf. org/ html/ rfc879#section-3). Each direction of data flow can use a different MSS. serial port. Retrieved 2007-11-28. (2005-09-20). htm Maximum transmission unit In computer networking. Corruption of a single bit in a packet requires that the entire packet be retransmitted. Large packets are also problematic in the presence of communications errors. It does not count the TCP header or the IP header. or it may be reconstructed from several fragmented pieces. . the largest allowed by Ethernet at the network layer (and hence over most of the Internet). In some systems. At a given bit error rate larger packets are more likely to be corrupted. or systems (such as point-to-point serial links) may decide MTU at connect time. "The MSS counts only data octets in the segment. References [1] RFC 879 (http:/ / tools. a 1500-byte packet. specified in bytes. per-packet-processing can be a critical performance limitation. such as headers or underlying per-packet delays. the resulting higher efficiency means a slight improvement in bulk protocol throughput. The TCP/IP Guide [2] (3E ed. for example) can fix the size of an MTU. For most computer users. A larger MTU also means processing of fewer packets for the same amount of data. page 2. Further reading • Comer.).). the MSS option is established by operating system on the SYN packet during the TCP handshake. etc.Maximum segment size 117 Maximum segment size The maximum segment size (MSS) is a parameter of the TCP protocol that specifies the largest amount of data. tcpipguide. Upper Saddle River. Standards (Ethernet. and therefore in a single IP datagram. the maximum transmission unit (MTU) of a communications protocol of a layer is the size (in bytes) of the largest protocol data unit that the layer can pass onwards. • Kozierok. it does not count the TCP header or the IP header. USA: Prentice Hall. For example.

This should not be mistaken [5] with the packet size every host must be able to handle. 2272 4464 [8] 4352 [4] IP (Internet protocol) DARPA designed the Internet protocol suite to work over many networking technologies. which has a value of 576 for IPv4[1] and of 1280 for IPv6.5) FDDI At least 1280 [4] [4] [6] 1500 1492 1500-9000 The limit varies by vendor. Another potential problem is that higher-level protocols may create packets larger than a particular link supports. For correct interoperation. but each packet now has to be sent in two fragments. each small enough to pass over the single link that is being fragmented for. The MTU must not be confused with the minimum datagram size that all hosts must be prepared to accept. The same amount of payload is being moved. IP allows fragmentation: dividing the datagram into pieces. To get around this issue.11) Token Ring (802. the whole Ethernet network must have the same MTU. • When the size of most or all packets exceed the MTU of a particular link that has to carry those packets. but every intermediate router has to do double the work in terms of header parsing and routing decisions.[2] Media Maximum Transmission Unit (bytes) Internet IPv4 Path MTU At least 68 [3] Practical path MTUs are generally higher. In certain cases the overhead this causes can be considered unreasonable or unnecessary. . [7] Practical path MTUs are generally higher.Maximum transmission unit 118 Table of MTUs of common media Note: the MTUs in this section are given as the maximum size of IP packet that can be transmitted without fragmentation . Nearly all IP over Ethernet implementations use the Ethernet V2 frame format. For example. Jumbo frames are usually only seen in special purpose networks.including IP headers but excluding headers from lower levels in the protocol stack. each of which may have different sized packets. Systems must use Path MTU Discovery to find the actual path MTU. so that the IP layer of the destination host knows it should reassemble the packets into the original datagram. which is 576. almost everything has to be fragmented. If the network drops any fragment. Systems may use Path MTU Discovery to find the actual path MTU. the entire packet is lost. various tunneling situations cross the MTU by very little as they add just a header's worth of data.3) Ethernet Jumbo Frames WLAN (802. While a host will know the MTU of its own interface and possibly that of its peers (from initial handshakes). it will not initially know the lowest MTU in a chain of links to any other peers. using the MTU parameter configured for that interface. This fragmentation process takes place at the IP layer (OSI layer 3) and marks packets it fragments as such. the second of which carries very little payload. Notes Internet IPv6 Path MTU Ethernet v2 Ethernet (802. This method implies a number of possible drawbacks: • All fragments of a packet must arrive for the packet to be considered received. IPv4 links must be able to forward packets of size up to 68 [4] bytes. The addition is small.

However. but get no response after that. however. intact. etc. the path from the source address to the destination address often gets modified dynamically. The process repeats until the MTU becomes small enough to traverse the entire path without fragmentation. This information allows the source host to reduce its assumed path MTU appropriately. a technique for determining the path MTU between two IP hosts. which prevents path MTU discovery from working. • There is no simple method to discover the MTU of links beyond a node's direct peers.Maximum transmission unit • As it is normal to maximize the payload in every fragment. increasing numbers of networks drop ICMP traffic (e. separate from IP's own fragmentation mechanism. for example one can change the MSS (maximum segment size) in the initial packet that sets up the TCP connection at one's firewall. One often detects such blocking in the cases where a connection works for low-volume data but hangs as soon as a host sends a large block of data at a time. the path MTU is the largest packet size that can traverse this path without suffering fragmentation. allowing for an MTU up to 9000 bytes).g. Unfortunately. RFC 4821. which may introduce further packet drops before the host finds the new safe MTU. to ensure that a 1280-byte IP datagram can be delivered. congestion. in an IP network. 1500) and the Path MTU causes Path MTU Discovery to come into effect. then the link layer MUST provide its own fragmentation and reassembly mechanism. The Internet Protocol requires that hosts must be able to process IP datagrams of at least 576 bytes (for IPv4) or 1280 bytes (for IPv6). It works by setting the DF (Don't Fragment) option in the IP headers of outgoing packets. with IRC a connecting client might see the initial messages up to and including the initial ping (sent by the server as an anti spoofing measure). to prevent denial-of-service attacks). This is because the large set of welcome messages are sent out in packets bigger than the real MTU. describes a Path MTU Discovery technique which responds more robustly to ICMP filtering. with the possible result of making some sites behind badly-configured firewalls unreachable. . Packetization Layer Path MTU Discovery. Most Ethernet LANs use an MTU of 1500 bytes (modern LANs can use Jumbo frames. any further fragmentation that turns out to be necessary will increase the overhead even more. in response to various events (load-balancing.g.) . border protocols like PPPoE will reduce this.this could result in the path MTU changing (sometimes repeatedly) during a transmission. 119 Path MTU Discovery The Internet Protocol defines the "Path MTU" of an Internet transmission path as the smallest MTU of any of the IP hops of the "path" between a source and destination. Any device along the path whose MTU is smaller than the packet will drop such packets and send back an ICMP "Destination Unreachable (Datagram Too Big)" message containing its MTU. Also. Put another way. depending on which part of the network one controls. this does not preclude Data Link Layers with an MTU smaller than IP's minimum MTU from conveying IP data. to the IP layer. The difference between the MTU seen by end-nodes (e. according to IPv6's specification. in general as well as when fragmenting. if a particular Data Link Layer physically cannot deliver an IP datagram of 1280 bytes in a single frame. For example. One can possibly work around this. RFC 1191 (IPv4) and RFC 1981 (IPv6) describe "Path MTU Discovery". outages. For example.

This gives a total cost of 31*53=1643 bytes transmitted via ATM from a 1478 byte packet passed to PPPoA. For example. we obtain a desired optimal reduced MTU figure of 1478 = 31*48-10 taking into account an overhead of 10 bytes consisting of a Point-to-Point Protocol overhead of 2 bytes. each of which can carry a payload of 48 bytes of user data with 5 bytes of overhead for a total cost of 53 bytes per cell. Many network switches have a built-in capability to detect when a device is jabbering and block it until it resumes proper operation. developed by ITU-T. one additional cell is needed to transmit the one last byte of payload. in the form of one extra ATM cell. artificially declaring a reduced MTU in software maximises protocol efficiency at the ATM layer by making the ATM AAL5 total payload length a multiple of 48 bytes whenever possible. again choosing to fill 31 ATM cells as before. keeping to a self-imposed reduced MTU of 1478 as opposed to sending IP packets of total length 1500 saves 53 bytes per packet at the ATM layer at a cost of a 22 byte reduction of the length of IP packets.Maximum transmission unit 120 ATM backbones. Some providers. This is because ATM is sent as a stream of fixed-length packets (known as 'cells'). where the total length = (48*n+1) bytes. In the case where the user would normally send 1500 byte packets. For the example of IP over DSL connections using PPPoA/VC-MUX. In the case of IP sent over ADSL using PPPoA the figure of 1478 would be the total length of the IP packet including IP headers. 31 completely filled ATM cells carry a payload of 31*48=1488 bytes.[9] .hn defines a procedure for segmentation that divides the data frame into smaller segments. So in this example. RFC 2516 prescribes a maximum MTU for PPPoE/DSL connections of 1492: a PPPoE header of 6 bytes.for example: where an ATM (Asynchronous Transfer Mode) network carries IP traffic. and an AAL5 overhead of 8 bytes. use ATM on their internal backbone network. G. In order to avoid the problem of long data-frames taking up the medium for long periods of time. where ncells = the number of required cells of = INT((payload_length+47)/48). sending between 1489 and 1536 bytes requires an additional fixed cost of 53 bytes transmitted. leaving enough room for a 1488 byte payload. For this reason. The G. So in the worst case.hn standard. an example of MTU tuning Sometimes the demands of efficiency encourage artificially declaring a reduced MTU in software below the true maximum possible length supported . particularly those with a telephony background. ATM operates at optimum efficiency when packet length is a multiple of 48 bytes. Disruption The transmission of a packet on a physical network segment that is larger than the segment's MTU is known as jabber. So the total length of the transmitted data length is 53 * ncells bytes. or 31 full ATM cells. the final cell costing an extra 53 transmitted bytes 47 of which are padding. MTU in other standards The G. provides a high-speed (up to 1 Gigabit/s) local area network using existing home wiring (power lines. Taking this figure of 1488 and subtracting from it any overheads contributed by all relevant higher protocols we can obtain a suggested value for an artificially-reduced optimal MTU. phone lines and coaxial cables).hn Data Link Layer accepts data frames of up to 214 bytes (16384 bytes). This is almost always caused by faulty devices.

com/drtcp) – a utility for optimizing MTU under Microsoft Windows • mturoute (http://www.com/projects/mturoute. p. 13 [2] RFC 2460. p.Wlan. p.shtml) via ping and setting it in Microsoft Windows • DrTCP (http://www.Maximum transmission unit 121 References [1] RFC 791.expedient.html). "Every internet destination must be able to receive a datagram of 576 octets either in one piece or in fragments to be reassembled.uk/kitz/) • How to set the TCP MSS value using iptables (http://www.com/products/mtupath.net/iptables-tutorial/iptables-tutorial.phildev.Optimization Tips (http:/ / www. 24. External links • Tweaking your MTU / RWin for Orange Broadband Users (http://www.and. htm) • Marc Slemko (January 18. p.com/~marcs/ mtu/index. net/ Wireless-Internet-Technologies-and-Applications/ 1925. "Path MTU Discovery and Filtering ICMP" (http://alive. 13 [3] RFC 791.11 MAC Frames ." [4] RFC 1191 [5] RFC 791. Retrieved 2007-09-02.net/mss/) • MTU Path (http://www.Configuration.cfm)   MTU discovery tool for IPv4 and IPv6 networks .dslreports.elifulkerson. html#TCPMSSTARGET) • Discovering of MTU value (http://help. html) [9] 3Com SuperStack Switch Management Guide (http:/ / support.orangeproblems. 24.php) – a console utility for debugging mtu problems • MSS Initiative (http://www.net/broadband/mtu_ping_test.iea-software. 3com.znep. "Every internet module must be able to forward a datagram of 68 octets without further fragmentation.Wireless. 1998). com/ infodeli/ tools/ switches/ ss3/ management/ ug/ cli_mg6a. wireless-center." [6] RFC 2460 [7] RFC 6145 [8] Structure of the IEEE 802.co.frozentux.wifi.

• Denial of service attacks by botnets are capable of filling even the largest Internet backbone network links (40 Gbit/s as of 2007). RFC 2914 addresses the subject of congestion control in detail. An example of this is 802. Typical effects include queueing delay. the backbone can easily be congested by a few servers and client PCs.hn standard. • Even on fast computer networks (e. A DSL modem is the most common small network example. or to an actual reduction in network throughput. networks using these protocols can exhibit two stable states under the same level of load. Congestion collapse generally occurs at choke points in the network.1p. where the total incoming bandwidth to a node exceeds the outgoing bandwidth.Network congestion 122 Network congestion In data networking and queueing theory. However: • today's (2006) Wireless LAN effective bandwidth throughput (15-100Mbit/s) is easily filled by a single personal computer. . When a network is in such a condition. file transmissions by P2P have no problem filling and will fill an uplink or some other network bottleneck. A consequence of these latter two is that incremental increases in offered load lead either only to small increases in network throughput. One example of this is the use of Contention-Free Transmission Opportunities (CFTXOPs) in the ITU-T G. Network protocols which use aggressive retransmissions to compensate for packet loss tend to keep systems in a state of network congestion even after the initial load has been reduced to a level which would not normally have induced network congestion. Thus. Another method to avoid the negative effects of network congestion is implementing priority schemes. Modern networks use congestion control and network congestion avoidance techniques to try to avoid congestion collapse. particularly when nearby peers are preferred over distant peers. network congestion occurs when a link or node is carrying so much data that its quality of service deteriorates. it has settled (under overload) into a stable state where traffic demand is high but little useful throughput is available. 1 Gbit).11's CSMA/CA and the original Ethernet. Priority schemes do not solve network congestion by themselves. The stable state with low throughput is known as congestive collapse. so that some packets are transmitted with higher priority than others. which provides high-speed (up to 1 Gbit/s) Local area networking over existing home wires (power lines. These include: exponential backoff in protocols such as 802. and fair queueing in devices such as routers. when little or no useful communication is happening due to congestion. but they help to alleviate the effects of congestion for some services. including router processing time and link throughput. phone lines and coaxial cables). window reduction in TCP. Network capacity The fundamental problem is that all network resources are limited. and there are high levels of packet delay and loss (caused by routers discarding packets because their output queues are too full) and general quality of service is extremely poor. with between 10 and 1000 Mbit/s of incoming bandwidth and at most 8 Mbit/s of outgoing bandwidth.g. A third method to avoid network congestion is the explicit allocation of network resources to specific flows. packet loss or the blocking of new connections. generating large-scale network congestion Congestive collapse Congestive collapse (or congestion collapse) is a condition which a packet switched computer network can reach. • Because P2P scales very well. Connection points between a local area network and a wide area network are the most likely choke points.

such as reducing the rate of sending packets. However. When this packet loss occurred. which gives rise to a Lagrange multiplier. The mathematical expression for optimal rate allocation is as follows. This pushed the entire network into a 'congestion collapse' where most packets were lost and the resultant throughput was negligible. and this continued to occur until end nodes started implementing Van Jacobson's congestion control between 1987 and 1988. Congestion control Congestion control concerns controlling traffic entry into a telecommunications network. vectors and matrix. Many current congestion control algorithms can be modelled in this framework. . who applied microeconomic theory and convex optimization theory to describe how individuals controlling their own rates can interact to achieve an "optimal" network-wide rate allocation. exactly the opposite of what should be done during congestion. Let be the rate of flow and .Network congestion 123 History Congestion collapse was identified as a possible problem as far back as 1984 (RFC 896. be the be the corresponding be an increasing. The optimal rate allocation then satisfies much benefit a user obtains by transmitting at rate such that The Lagrange dual of this problem decouples. Examples of "optimal" rate allocation are max-min fair allocation and Kelly's suggestion of proportional fair allocation. It was first observed on the early Internet in October 1986. early TCP implementations had very bad retransmission behavior. which measures how . dated 6 January). strictly convex function. Each link capacity imposes a constraint. although many others are possible. is the price to which the flow responds. Let capacity of link . the intermediate routers discarded many packets. so that each flow sets its own rate. with being either the loss probability or the queueing delay at link . Congestion control then becomes a distributed optimisation algorithm for solving the above problem. . when the NSFnet phase-I backbone dropped three orders of magnitude from its capacity of 32 kbit/s to 40 bit/s. It should not be confused with flow control. called the utility. The sum of these Lagrange multipliers. while sliding window flow control causes "burstiness" which causes different flows to observe different loss or delay at a given link. and be 1 if flow uses link and 0 otherwise. doubling the data rate sent. Let . based only on a "price" signalled by the network. so as to avoid congestive collapse by attempting to avoid oversubscription of any of the processing or link capabilities of the intermediate nodes and networks and taking resource reducing steps. expecting the end points of the network to retransmit the information. Cause When more packets were sent than could be handled by intermediate routers. A major weakness of this model is that it assumes all flows observe the same price. the end points sent extra packets that repeated the information lost. Theory of congestion control The modern theory of congestion control was pioneered by Frank Kelly. which prevents the sender from overwhelming the receiver.

in itself. the congestion lifts and good use of the network occurs. The backbone can thus be provisioned with enough bandwidth to keep congestion at the periphery. Some end-to-end protocols are better behaved under congested conditions than others. have this property. Protocols built atop UDP must handle congestion in their own way. Fortunately. fairness. and the end points all get a fair share of the available bandwidth. Other strategies such as slow-start ensure that new connections don't overwhelm the router before the congestion detection can kick in. Provided all end points do this. The correct end point behaviour is usually still to repeat dropped information. The most common router mechanisms used to prevent congestive collapses are fair queueing and other scheduling algorithms. variable-rate links • By the fairness criterion it uses: max-min. cheap fiber-optic lines have reduced costs in the Internet backbone. where the mechanisms described above can handle it. special measures. TCP is perhaps the best behaved. UDP does not. delay. must be taken to keep packets from being dropped from streams. Larger routers must rely on RED. • By the aspect of performance it aims to improve: high bandwidth-delay product networks. End-to-end flow control mechanisms designed into the end points which respond to congestion and behave appropriately. independent of congestion. Thus. lossy links. including many Voice over IP protocols. sender. "minimum potential delay" Avoidance The prevention of network congestion and collapse requires two major components: 1. have any congestion control mechanism. advantage to short flows. receiver and routers need modification. Fair queueing is most useful in routers at choke points with a small number of connections passing through them. 2. and random early detection. or RED. The first TCP implementations to handle congestion well were developed in 1984. congestion in pure datagram networks must be kept out at the periphery of the network. where packets are randomly dropped proactively triggering the end points to slow transmission before congestion collapse actually occurs. In general. Protocols atop UDP which transmit at a fixed rate. Congestion in the Internet backbone is very difficult to deal with. proportional. Real-time streaming protocols. sender and receiver need modification. but progressively slow the rate that information is repeated. such as quality-of-service routing.Network congestion 124 Classification of congestion control algorithms There are many ways to classify congestion control algorithms: • By the type and amount of feedback received from the network: Loss. can be troublesome. . but it was not until Van Jacobson's inclusion of an open source solution in the Berkeley Standard Distribution UNIX ("BSD") in 1988 that good TCP implementations became widespread. single-bit or multi-bit explicit signals • By incremental deployability on the current Internet: Only sender needs modification. A mechanism in routers to reorder or drop packets under overload. only router needs modification.

Random early detection [8] [9] On network One solution is to use random early detection (RED) on network equipments port queue buffer.g. generally watch for packet errors. Recent Publications in low-rate Denial-of-Service (DoS) attacks [12] . such as the widely-used TCP protocol. time. The link utilization will increase because less TCP global synchronization will occur. The connection bandwidth will be more equally shared among connection oriented flows. Robust random early detection (RRED) Robust Random Early Detection (RRED) algorithm was proposed to improve the TCP throughput against Denial-of-Service (DoS) attacks.g. or delays (see Quality of Service) in order to adjust the transmit speed. RRED algorithm can significantly improve the performance of TCP under Low-rate Denial-of-Service attacks [11] . [2] [3] [4] [5] [6] Problems occur when many concurrent TCP flows are experiencing port queue buffer tail-drops.this is called TCP global synchronization. By keeping the average queue size small. e. Experiments have confirmed that the existing RED-like algorithms are notably vulnerable under Low-rate Denial-of-Service [4] (LDoS) attacks due to the oscillating TCP queue size caused by the attacks [11] . since there are a number of different trade-offs available. Active Queue Management (AQM) Purpose "Recommendations on Queue Management and Congestion Avoidance in the Internet" (RFC 2309[7] ) states that: • • • • Fewer packets will be dropped with Active Queue Management (AQM). The average queue buffer lengths are computed over 1 second at a packets. even without flow-based RED or WRED. Then TCP's automatic congestion avoidance is not enough. 50% (lower threshold) filled and deletes linearly more or (better according to paper) cubical more [10] up to e. There are many different network congestion avoidance processes.g. weighted random early detection (WRED) could be used if available.Network congestion 125 Practical network congestion avoidance Implementations of connection-oriented protocols. [1] TCP/IP congestion avoidance The TCP congestion avoidance algorithm is the primary basis for congestion control in the Internet. when the average queue buffer lengths are more than e. 100% (higher threshold). particularly Low-rate Deinal-of-Service (LDoS) attacks. queue management will reduce the delays and jitter seen by flows. All flows that experience port queue buffer tail-drop will begin a TCP retrain at the same moment . RED indirectly signals to sender and receiver by deleting some packets. losses. equipment ports with more than one queue buffer.

. More information on the status of ECN including the version required for Cisco IOS. this causes WiFi. 3G or other networks with a radio layer to have poor throughput in some cases since wireless networks are susceptible to data loss due to interference. it will set an ECN-flag notifying the sender of congestion. However. the remote servers will send less data. This is better than the indirect packet delete congestion notification performed by the RED/WRED algorithms. by Sally Floyd. by decreasing the tcp window size (sending rate) or by other means. Engine IV and V has the possibility to classify all flows in "aggressive" (bad) and "adaptive" (good). This technique can reduce congestion in a network by a factor of 40. It ensures that no flows fill the port queues for a long time. this data creates a congestion point at an upstream provider by flooding the queue much faster than it can be emptied. DBL can utilize IP ECN instead of packet-delete-signalling. When an application requests a large file. [14] Some outdated or buggy network equipment drops packets with the ECN bit set. With Another approach is to use IP ECN. The TCP connections running over a radio based physical layer see the data loss and tend to believe that congestion is occurring when it isn't and erroneously reduce the data rate sent. e. this method. rather than ignoring the bit. [15] [16] TCP Window Shaping Congestion avoidance can also efficiently be achieved by reducing the amount of traffic flowing into a network. The sender then ought to decrease its transmission bandwidth. errors during transmission are rare on today's fiber based Internet. graphic or web page. Side effects of congestive collapse avoidance Radio links The protocols that avoid congestive collapse are often based on the idea that data loss on the Internet is caused by congestion. IP ECN [13] ECN is only used when the two hosts signal that they want to use it. Cisco AQM: Dynamic buffer limiting (DBL) Cisco has taken a step further in their Catalyst 4000 series with engine IV and V. When there are many applications simultaneously requesting downloads. thus reducing the congestion and allowing traffic to flow more freely. it usually advertises a "window" of between 32K and 64K.Network congestion Flowbased-RED/WRED Some network equipment are equipped with ports that can follow and measure each flow (flowbased-RED/WRED) and are hereby able to signal to a too big bandwidth flow according to some QoS policy. but it requires explicit support by both hosts to be effective. A policy could divide the bandwidth among all flows by some criteria. By using a device to reduce the window advertisement. 126 When a router receives a packet marked as ECN capable and anticipates (using RED) congestion.g. an ECN bit is used to signal that there is explicit congestion.[8] one of the authors of ECN. This results in the server sending a full window of data (assuming the file is larger than the window). This is true in nearly all cases.

ist. September.ietf. edu/ bagal99comparative.. November. edu/ lee00tcp. Zhiping Cai.1(4): pp. This paper originated many of the congestion avoidance algorithms used in TCP/IP. Sally Floyd. This kept most connections in the slow start mode. no parameters are to be adjusted. The applicability of the derived function is independent of the load range. ist. com/ RealtimeMantra/ Networking/ TCP_Congestion_Avoidance. psu.org/html/rfc896) . pdf?attredirects=0). eventhelix. and Fast Recovery Algorithms [4] RFC 2581 . google.The Addition of Explicit Congestion Notification (ECN) to IP [14] Comparative study of RED. Michael J. org/ floyd/ red..TCP Congestion Control [5] RFC 3390 . pdf) [7] RFC 2309 . ist-mobydick.gov/papers/congavoid. However. [10] An Analytical RED Function Design Guaranteeing Stable System Behavior (http:/ / www. psu. Invented Random Early Detection (RED) gateways. Clarence Filsfils (Morgan Kaufmann. org/ publications/ aqm_iscc2003. CA. 2010.314–329.Our example with realistic system parameters gives an approximation function of the cubic of the queue size. html) [15] Active Queue Management (http:/ / www. com/ site/ cwzhangres/ home/ files/ RREDRobustREDAlgorithmtoCounterLow-rateDenial-of-ServiceAttacks. icir. Compared to the original linear drop function applicability is extended by far. cisco.lbl. vol. which resulted in poor response time. and Weifeng Chen. ist. Older web browsers would create many consecutive short-lived connections to the web server. To avoid this problem. ist. 127 References [1] TCP Tunnels: Avoiding Congestion Collapse (2000) (http:/ / citeseer. Random Early Detection Gateways for Congestion Avoidance (http:/ / citeseer. htm#1271759) • "Deploying IP and MPLS QoS for Multiservice Networks: Theory and Practice" by John Evans. Jianping Yin. and would open and close the connection for each file requested." [11] Changwang Zhang.Network congestion Short-lived connections The slow-start protocol performs badly for short-lived connections. modern browsers either open multiple connections simultaneously or reuse one connection for all files requested from a particular web server. 1988 .. 6 January 1984 • Introduction to Congestion Avoidance and Control (http://ee. [3] RFC 2001 . google. html) (1988). IEEE/ACM Transactions on Networking. significantly increasing latency. cisco. html) [9] Sally Floyd. August. ECN and TCP Rate Control (1999) (http:/ / citeseer. edu/ 462978. pp. psu. org/ xpl/ freeabs_all. 14.April 1998: Recommendations on Queue Management and Congestion Avoidance in the Internet [8] Sally Floyd: RED (Random Early Detection) Queue Management (http:/ / www.TCP Increasing TCP's Initial Window [6] TCP Congestion Avoidance Explained via a Sequence Diagram (http:/ / www.18(4): pp. Ref (http:/ / ieeexplore.TCP Slow Start. 1988. Congestion Avoidance and Control (http:/ / citeseer. Proceedings of the Sigcomm '88 Symposium.397–413. edu/ 484335. John Nagle. Stanford.pdf). html) [2] Van Jacobson. 2000 • RFC 896 (http://tools. com/ univercd/ cc/ td/ doc/ product/ lan/ cat4000/ 12_1_19/ config/ qos. html) (1993). Congestion Avoidance. the initial performance can be poor.. and many connections never get out of the slow-start regime. Karels. com/ univercd/ cc/ td/ doc/ product/ lan/ cat4000/ 12_1_19/ config/ qos."Congestion Control in IP/TCP".The advantage of this function lies not only in avoiding heavy oscillations but also in avoiding link under-utilization at low loads. psu. ISBN 0-12-370549-5) • RFC 2914 (http://tools. com/ site/ cwzhangres/ home/ posts/ recentpublicationsinlow-ratedosattacks [13] RFC 3168 . RRED: Robust RED Algorithm to Counter Low-rate Denial-of-Service Attacks (http:/ / sites. ieee. jsp?arnumber=5456075) [12] http:/ / sites. Van Jacobson and Michael J. vol. Fast Retransmit.Congestion Control Principles. 2007. pdf) Quote: ". 489-491... Karels. Van Jacobson.ietf.org/html/rfc2914) . IEEE Communications Letters. htm#1271743) [16] Enabling Dynamic Buffer Limiting (http:/ / www. vol.

com/q/queuing. Promoting the Use of End-to-End Congestion Control in the Internet (http://www.wustl.duth.edu/Homepages/shivkuma/research/cong-papers.ecse.ccs.icir.net/tcp_histrory. Clarence Filsfils (Morgan Kaufmann.html) (IEEE/ACM Transactions on Networking.99/floyd/floyd.rpi.google. S.html) • TFRC Homepage (http://www.linktionary. Sriram Chellappan. On the Evolution of End-to-end Congestion Control in the Internet: An Idiosyncratic View (http:// www. J.org/floyd/ecn. Mukundan Sridharan. Fall.html) • Random Early Detection Homepage (http://www. ISBN 0-12-370549-5) External links • Nagle. S.edu/home/ladrian/abstract/aimdfc. Ratul Mahajan.org/tfrc/) • AIMD-FC Homepage (http://www. Arjan Durresi. org/floyd/end2end-paper. Hitay Ozbay. " Guidelines for optimizing Multi-Level ECN. October 1999) (pdf format) • Linktionary term: Queuing (http://www.Network congestion 128 Books • "Deploying IP and MPLS QoS for Multiservice Networks: Theory and Practice" by John Evans.com/p/ guduz/) • Approaches to Congestion Control in Packet Networks (http://utopia.visualland.cs.edu/ ~jain/papers.icir.html) • Pierre-Francois Quet.org/floyd/red. David Wetherall: RED-PD: RED with Preferential Dropping (http://www.neu. 2007.umn.html) • TCP congestion control simulation: Fast recovery (http://www.html) • Explicit Congestion Notification Homepage (http://www. php?simu=tcp_fast_recovery&protocol=TCP&title=5.html) • Sally Floyd.pdf) • Papers in Congestion Control (http://www.Fast recovery&ctype=1) .edu/talks/workshops/10-22-24. RFC 896: Congestion control in IP/TCP internetworks (1984) • Floyd.icir.cse.edu/homes/ratul/red-pd/) • A Generic Simple RED Simulator for educational purposes by Mehmet Suzen (http://code. Raj Jain.aciri. and K. RFC 2914: Congestion control principles (2000) • Floyd. washington.pdf) (IMA Workshop on Scaling Phenomena in Communication Networks.gr/~emamatas/jie2007. August 1999) • Sally Floyd. using fluid flow based TCP model" (http://www.ima.

NIST RBAC model 129 NIST RBAC model The NIST RBAC model is a standardized definition of role based access control. Although originally developed by the National Institute of Standards and Technology. Ferraiolo. the standard was adopted and is copyrighted and distributed as INCITS 359-2004 by the International Committee for Information Technology Standards (INCITS). History In 2000.1109/MSP. Ferraiolo. Feinstein. and Kuhn later published an explanation of the design choices in the model. (Nov/Dec 2007). "The NIST Model for Role Based Access Control: Toward a Unified Standard" (http:/ / csrc. 5th ACM Workshop Role-Based Access Control. . R. pdf) (PDF).F. the standard received ballot approval and was adopted as INCITS 359-2004.F. Following debate and comment within the RBAC and security communities. doi:10. It is managed by INCITS committee CS1. D. pdf) (PDF). and Kuhn. D..S. and Sandhu. integrating the RBAC model published in 1992 by Ferraiolo and Kuhn with the RBAC framework introduced by Sandhu.gov/groups/SNS/rbac/index. gov/ groups/ SNS/ rbac/ documents/ ferraiolo-kuhn-sandhu-07. nist. Kuhn.. national standard for RBAC through the INCITS. [2] References [1] Sandhu.R. [2] Ferraiolo. (July 2000). and Youman (1996). R. . Ferraiolo. Sandhu.org) (INCITS web site) . NIST called for a unified standard for RBAC. 47–63. and Kuhn [1] and presented at the ACM 5th Workshop on Role Based Access Control.2007. pp. "RBAC Standard Rationale: comments on a Critique of the ANSI Standard on Role Based Access Control" (http:/ / csrc. In 2004. External links • (http://csrc. D.html) (NIST RBAC web site) • (http://incits. This proposal was published by Sandhu.R.nist.173. NIST made revisions and proposed a U. IEEE Security & Privacy (IEEE Press) 5 (6): 51–53. gov/ rbac/ sandhu-ferraiolo-kuhn-00. D.. nist. Coyne.

History WildPackets.. It is used for network troubleshooting and protocol analysis.[5] Plug-ins: There are over 40 different plug-in's available for the OmniPeek Platform. Their product. an expert system for network troubleshooting. Adapters are also available to aggregate packets from multiple network segments and wireless channels at the same time.[4] Extensibility OmniPeek has API's on the front-end for automation.wildpackets. It supports a plugin API.[3] WildPackets acquired Optimized Engineering Corporation in 2001. Decoders: The most notable of these are the protospecs and decoder files. which added support for 802. which are interpreted text files that can be extended by the user to enhance the display and analysis of existing protocols. These plug-ins range from simple logging extensions to full-blown applications that are hosted by OmniPeek. In 2001. the WildPackets' building in Walnut Creek California completely burnt to the ground. and as a hardware network recorder appliance. and called EtherPeek. It was later ported to Windows. API's on the back-end for analysis. Currently. These plug-in wizards make it easy and . The first product by WildPackets was written for the Mac. a dialog appears providing options for different types of functionality that sample code will be generated for. the user is left with a working plugin with entry points for adding application logic. the company survived the fire. AiroPeek was released. as well as other mechanisms to extend and enhance the program.11 wireless networks. Cisco AP's. there are remote adapters to capture from RMON. However. On the morning of July 15.OmniPeek 130 OmniPeek OmniPeek Developer(s) WildPackets Operating system Windows Type Website Packet analyzer www. and linux boxes. NetSense. without releasing new versions of the application. was converted into a plug-in and integrated into a new version of the product called EtherPeekNX. Inc. 2002. Aruba AP's. and add knowledge of completely new protocols. Optimized network analysis training courses and instructors were added to WildPackets services.[2] Acquisitions WildPackets acquired Net3 Group in November 2000.com [1] OmniPeek is a packet analyzer software tool from WildPackets Inc. Remote Adapters: Adapters provide a means to capture packets and stats from various sources. In 2003. was founded in 1990 by Mahboud Zabetian and Tim McCreery. When the wizard is run.[6] Plugin Wizards: The Plugin Wizards for both the OmniPeek Console and the OmniEngine are Microsoft Visual Studio Project Templates that generate working plug-ins. which was released in 1997. NetFlow. the OmniEngine Distributed Capture Engine was released as software.. SFlow. It was a protocol analyzer for ethernet networks. When the wizard is complete.

scripts. com/ news/ technology/ 575128/ wildpackets_offers_free_google_map_plugin/ index. html).Collect and report web statistics Remote TCPDump Adapter Plugin . accessmylibrary. .Decode packets WatchMe Plugin . PlaceMap is a notable example of extensibility in that it uses exactly the same Google Map plugin that is also available for the OmniPeek.OmniPeek quick to develop extensions to OmniPeek.0. [5] "An Open API Sets WildPackets Apart" (http:/ / windowsitpro. Retrieved 2009-07-23. php/ 1433881). .stream packets from any machine with SSH and tcpdump Cisco Remote Adapter Plugin . bizjournals. redorbit. [9] "WildPackets Offers Free Google Map Plug-In" (http:/ / www. [3] "WildPackets to buy Net3" (http:/ / eastbay. [8] "PlaceMap 1. MyPeek: The MyPeek Community Portal is a website dedicated to the extension of OmniPeek. html). Retrieved 2009-07-23. internetnews. .0. . . Retrieved 2009-07-23.Display web sites in real-time from URL's Browser Plugin . . com/ products/ distributed_network_analysis/ omnipeek_network_analyzer [2] "WildPackets Survives Fire" (http:/ / www." (http:/ / www. Retrieved 2009-07-23. 2001-01-31. com/ coms2/ summary_0286-10587967_ITM). Retrieved 2009-07-23. [4] "WildPackets to Acquire Optimized Engineering Corporation.Map nodes to a Google Map[9] SQLFilter Plugin .stream packets from Cisco Access Points Aruba Remote Adapter Plugin . cnet. wildpackets.[7] PlaceMap: is a freely available standalone Google Maps Packet sniffer application for Windows that captures network traffic and maps nodes to the Google Map. Expands Protocol Analysis Training and Services. Retrieved 2009-07-23. com/ wireless/ article.stream packets from Aruba Networks Air Monitors References [1] http:/ / www. [7] "WildPackets Launches MyPeek Community Portal" (http:/ / www. -a0179645388).4" (http:/ / download. tools. wildpackets. Retrieved 2009-07-23.Display instant message screen names and chat WebStats Plugin . Retrieved 2009-07-23. . thefreelibrary. Business Wire. [6] "Throwin' Down The Decoder Gauntlet!" (http:/ / blog. 2000-11-20.Write scripts that process packets Decoder Plugin . It provides plug-in's. html). html). and expertise for those interested in extending OmniPeek themselves.Construct and display web pages from packets IM Plugin . com/ eastbay/ stories/ 2000/ 11/ 20/ daily2. adapters. . com/ article/ articleid/ 95726/ an-open-api-sets-wildpackets-apart. and is uses the peek driver API to capture packets.Save and query packets from a database PeekPlayer Plugin . com/ PlaceMap/ 3000-2085_4-10588141. .Send packet an adapter or a capture window PowerBar Plugin . and various levels of support for the different plug-ins posted there. com/ WildPackets+ Launches+ MyPeek+ Community+ Portal.[8] 131 Example Plugins • • • • • • • • • • • • Google Map Plugin . html). com/ 2008/ 05/ throwin-down-the-decoder-gauntlet.

shtml) Out-of-order delivery In computer networking. A.com) • Network World. A. out-of-order delivery is the delivery of data packets in a different order from which they were sent.html?nlhttest=ts_031108& nladname=031108producttestal) • Cisco Website.edu/monitoring/reorder/ . or via parallel processing paths within network equipment that are not designed to ensure that packet ordering is preserved. html) • IT Week. R.0 (http://www. T. Jayasumana.com/reviews/2008/031008-voip-analysis-tools-test.1. Piratla.wildpackets. WildPackets' latest OmniPeek tool makes it easier to inspect traffic and troubleshoot networks. Banka. Morton.networkworld. 22. Sept.com/reviews/2006/091806-voip-test-analysis-wildpackets.net/PERTKB/PacketReordering • http://www-iepm.com/en/US/tech/tk722/tk809/technologies_tech_note09186a008063e5de. Robert Smithers. Bare.pert. by Dave Bailey.cisco. Out-of-order delivery can be caused by packets following multiple paths through a network.uk/networkitweek/software/2161896/packet-inspector-offers-simple) • Network World. Packet Reordering Metrics.networkworld. Tested: WildPackets OmniPeek Enterprise 4. Rand Dvorak (http://www. N. Perser. March 10. 19 Aug 2006.com/reviews/2007/042307-wireless-lan-test-omnipeek. By Rob Smithers of Miercom (http:// www. One of the functions of TCP is to prevent the out-of-order delivery of data. 2008: Clear Choice Test VoIP analysis tools. Improved Packet Reordering Metrics. June 2008 • http://kb. Packet reordering is a common behavior in real-world networks. G.networkworld.OmniPeek 132 External links • Official website (http://www. Robert Tarpley (http://www. co. By Tom Henderson. By Anthony Mosco. J.itweek. L.stanford. Network IT Week. External links • RFC 4737.slac.html) • Network World . Mar. Ciavattone. 2006: LWAPP Decodes Enablement on WildPackets OmniPeek and EtherPeek 3.0 Software (http://www. Whitner. 18.geant. Ramachandran. 2006: Review of WildPackets' OmniPeek. April 23. Shalunov. S. November 2006 • RFC 5236. A. 2007: WLAN analyzers: WildPackets' OmniPeek For Windows 4. either by reassembling packets into order or forcing retries of out-of-order packets.

headers. The captured information is decoded from raw digital form into a human-readable format that permits users of the protocol analyzer to easily review the exchanged information. The ITU-T G. if needed. one can capture traffic on a particular channel. depending on the network structure (hub or switch). Packet analyzer A packet analyzer (also known as a network analyzer. decodes the packet's raw data. To use a network tap is an even more reliable solution than a monitoring port since taps are less likely to drop packets during high traffic loads.[2] On wireless LANs.) or where the expected packet size is small compared to the maximum amount of information that can be transmitted.Packet aggregation 133 Packet aggregation In a packet-based communications network. either in probe format. multicast traffic sent to a multicast group to which that machine is listening. which provides a way to create a high-speed (up to 1 Gigabit/s) Local area network using existing home wiring (power lines. showing the values of various fields in the packet. generate timing diagrams.g. cyclic redundancy check. the adapter must be in monitor mode. Capabilities On wired broadcast LANs. and may also have the ability to deliberately introduce errors to test for the DUT's ability to deal with error conditions. Such testers generate protocol-correct traffic for functional testing. ARP spoofing). and broadcast traffic. is an example of a protocol that employs packet aggregation to increase efficiency. whose purpose is to mirror all packets passing through all ports of the switch when systems (computers) are connected to a switch port. These devices record packets (or a slice of the packet) to a disk array. to capture traffic other than unicast traffic sent to the machine running the sniffer software. an Ethernet sniffer or wireless sniffer) is a computer program or a piece of computer hardware that can intercept and log traffic passing over a digital network or part of a network. etc. in order to reduce the overhead associated with each transmission.hn standard. packet aggregation may be responsible for joining multiple MSDUs into a single MPDU that can be delivered to the physical layer as a single unit for transmission. or for particular types of networks. the sniffer captures each packet and. even if the adapter is in promiscuous mode. one can capture traffic on all or just parts of the network from a single machine within the network. Packet aggregation is useful in situations where each transmission unit may have significant overhead (preambles. packets not for the service set for which the adapter is configured will usually be ignored. packet aggregation is the process of joining multiple packets together into a single transmission unit. these can act as protocol testers. This allows historical forensic analysis of packets without the user having to recreate any fault. For network monitoring purposes it may also be desirable to monitor all data packets in a LAN by using a network switch with a so-called monitoring port. On wired broadcast and wireless LANs. Protocol analyzers vary in their abilities to display data in multiple views. the network adapter being used to capture the traffic must be put into promiscuous mode. . Some protocol analyzers can also generate traffic and thus act as the reference device. phone lines and coaxial cables). there are some methods to avoid traffic narrowing by switches to gain access to traffic from other systems on the network (e. determine the root causes of errors.[1] As data streams flow across the network. automatically detect errors. protocol analyzer or sniffer. some sniffers support this. etc. Protocol Analyzers can also be hardware based. On wireless LANs. or as is increasingly more common combined with a disk array. others don't. In a communication system based on a layered OSI model. and analyzes its content according to the appropriate RFC or other specifications. however. To see those packets.

• • • • • • • • • • • • • • • • • • • • • Capsa Cain and Abel dSniff Justniffer ettercap Microsoft Network Monitor ngrep Network Grep snoop tcpdump Wireshark (formerly known as Ethereal) Carnivore (FBI) Clarified Analyzer Congruity Inspector Software Fluke Lanmeter NetScout nGenius Infinistream NetScout Sniffer Global Analyzer NetScout Sniffer Portable Professional Analyzer Network Instruments Observer Niksun NetDetector OPNET Technologies ACE Analyst SkyGrabber . Web filter. access control. see Comparison of packet analyzers. proxy) Notable packet analyzers For a more comprehensive list. moves and changes Verify internal control system effectiveness (firewalls.Packet analyzer 134 Uses The versatility of packet sniffers means they can be used to: • • • • • • • • • • • • • • • • • • • Analyze network problems Detect network intrusion attempts Detect network misuse by internal and external users Documenting regulatory compliance through logging all perimeter and endpoint traffic Gain information for effecting a network intrusion Isolate exploited systems Monitor WAN bandwidth utilization Monitor network usage (including internal and external users and systems) Monitor data-in-motion Monitor WAN and endpoint security status Gather and report network statistics Filter suspect content from network traffic Serve as primary data source for day-to-day network monitoring and management Spy on other network users and collect sensitive information such as passwords (depending on any content encryption methods which may be in use) Reverse engineer proprietary protocols used over the network Debug client/server communications Debug network protocol implementations Verify adds. Spam filter.

networksecuritytoolkit. Many commercial PAD products provided completely different enhanced user interfaces. for a connection to an X. Sometimes.pdf) • Packet Sniffing FAQ (http://web. php?page=Multi-Tap_Network_Packet_Capturing) • How to Deploy a Packet Analyzer under Different Network Environment (http://www. including the commands for making and clearing down connections.colasoft. The commands were very crude. ISBN 978-0735542730.Packet analyzer • WildPackets OmniPeek (old name AiroPeek. X.25 (packet-switching) network or host computer.e.irongeek.robertgraham. a bit like (but not at all compatible with) Hayes modem commands. character echo.pdf) • The Making of a Professional cTrace Packet Analyzer (http://www.28 defines the DTE-C (asynchronous character mode) interface to a PAD.aesclever. netresec. X.29 defines the DTE-P (packet mode) interface to a PAD. due to the three X series recommendations which define it. 131.121 14-digit X. A PAD also does the reverse.25 host.org/web/20050221103207/http://www.25 packets.com/i. i. Connections are established using X. Connolly (2003). how the PAD encapsulates characters and control information in X. it takes data packets from packet-switching network or host computer and returns them into a character stream that can be sent to the terminals (disassembly). A FRAD (Frame Relay Assembler/Disassembler) is a similar device for accessing Frame Relay networks. External links • Protocol Analyzers (http://www. EtherPeek) 135 References [1] Kevin J. .html) • A Quick Intro to Sniffers (http://www. X.3 parameters. this is referred to as a Triple-X PAD. Retrieved 2011-03-13. [2] "Sniffing Tutorial part 1 .25 packets (assembly). abbreviated PAD is a communications device which provides multiple asynchronous terminal connectivity to an X. NETRESEC Network Security Blog. flow control.28. . pp.3 parameters are similar in function to present day Telnet options. It collects data from a group of terminals and places the data into X.com/pages/current/ ProfessionalCPA.php) Packet Assembler/Disassembler A packet assembler/disassembler.25 addresses.3 specifies the parameters for terminal-handling functions such as line speed.Intercepting Network Traffic" (http:/ / www.php?page=security/AQuickIntrotoSniffers) • Multi-Tap Network Packet Capture (http://www.html) by Robert Graham • Video Tutorials on Sniffer Programming using Raw Sockets (http://security-freak.net/raw-sockets/ raw-sockets. and manipulating the X.dmoz.29. com/ ?page=Blog& month=2011-03& post=Sniffing-Tutorial-part-1---Intercepting-Network-Traffic). 2011-03-11.com/pubs/ sniffing-faq. Law of Internet Security and Privacy. et al. ITU-T (Triple-X PAD) The structure of a PAD is defined by the ITU-T in recommendations X. X. The X.org/nst/tools/wiki-redirect.evilfingers.com/publications/howto_EN/HowTo .Use Packet Sniffers.org/Computers/Software/Networking/Network_Performance/ Protocol_Analyzers//) at the Open Directory Project • How-to Packet Sniff (http://www. Aspen Publishers. and X.com/support/ installation.3.archive.

tdt.29 that generally the two will interwork. org. Green Book was developed by (UK) Post Office Telecommunications in the 1970s. htm .3 and X. and is a completely different protocol. a very similar protocol which ran over the Yellow Book Transport Service. Green Book is sufficiently similar to X. uk/ ca/ technology/ networking/ p001. ITP ITP (Interactive Terminal Protocol) was an early PAD protocol for use over X. Green Book. Although not identical to Triple-X. the predecessor of PSS). Products • Das Multiprotokoll-Talent mit zwei ISDN und vier Benutzerschnittstellen [1] External links • ITP: Protocols in the SERC/NERC Network" [2] References [1] http:/ / www. which is another of the Coloured Book protocols. Science and Engineering Research Council (SERC) also used ITP on SERCnet and continued developing ITP after EPSS. de/ produkte/ ta/ taomega [2] http:/ / www.25 developed in the 1970s for use with UK GPO's EPSS (Experimental Packet Switching System.Packet Assembler/Disassembler 136 Green Book PAD One of the UK Coloured Book protocols. ITP predated Triple-X. although it eventually gave way to Triple-X. chilton-computing. also defines two PAD protocols. Green Book also specifies TS29.

using known criteria for analysis. Headers include information about what is contained in the packet and could be synonymous to an address or other printed information on the outside of an envelope. The payload includes the actual content of the packet and therefore synonymous to the contents of the envelope. unfiltered. IP address. Historical capture and analysis Once data is captured. and after. they may be flushed away and actual packet contents are no longer available.Packet capture 137 Packet capture Packet capture is the act of capturing data packets crossing a computer network. or stored. This includes headers and payload. either in short-term memory or long-term storage.[1] Partial packet capture can record headers without recording the total content of datagrams. Complete capture Packet capture has the ability to capture packet data from the data link layer on up (layers 2-7) of the OSI model. the alert?” . Historical capture and analysis stores all captured packets for further analysis. With the application of filters. If packets are not stored after capture. the historical record can be analyzed to apply context to the alert. Once captured and stored. MAC address. diverted. protocol or other distinguishing bits of data in the packet. As DPI and analysis tools deliver alerts. Complete capture encompasses every packet that crosses a network segment. Complete capture is the unrestricted. and avoid legal problems. Many deep packet inspection tools rely on real-time inspection of data as it crosses the network. inspect. This can reduce storage requirements. Some DPCs can be coupled with DPI and can as a result manage. complete network packets (header and payload) crossing a network with a high traffic rate. after the data has already crossed the network. Deep packet capture (DPC) is the act of capturing. [2] answering the question “what happened leading up to. but yet have enough data to reveal the essential information required for problem diagnosis. perform designated analysis and act on the results. software tools can perform Deep packet inspection (DPI) to review network packet data. Short-term capture and analysis tools can typically detect threats only when the triggers are known in advance but can act in real-time. at full network speed. regardless of source. DPI tools make real-time decisions on what to do with packet data. raw capture of all network packets. and analyze all network traffic in real-time at wire speeds while keeping a historical archive of all network traffic for further analysis. only complete packets that meet the criteria of the filter (header and payload) are captured. Filtered capture Packet capture devices may have the ability to limit capture of packets by protocol. it can be analyzed right away or stored and analyzed later. and ensure data communications and network usage complies with outlined policy. Filtering Packet capture can either capture the entire data stream or capture a filtered portion of stream. identify security threats. perform forensics analysis to uncover the root cause of network problems. etc.

Lawful intercept Packet capture can be used to fulfill a warrant from a law enforcement agency (LEA) to produce all network traffic generated by an individual. When an event happens.[3] Using packet capture and storage.[8] This helps reduce the Mean Time To Repair.[9] However DPC appliances may be unable to provide chain of evidence audit logs. and ensure that the problem will not reoccur. Deep Packet Capture provides a record of all network activities. a system administrator may replay that attack against systems which have been patched to prevent the attack. Internet service providers and VoIP providers in the United States of America must comply with CALEA (Communications Assistance for Law Enforcement Act) regulations.Packet capture 138 Use Identifying security breaches Analysis of historical data captured with DPC assists in pinpointing the source of the intrusion. Verifying security fixes If an exploit or intrusion was monitored via DPC. etc. take corrective action.[7] Network Troubleshooting If an adverse event is detected on a network. Collection of data from a carrier system without a warrant is illegal due to laws about interception. DPC probes can provide lossless capture of target traffic without compromising network performance. social security numbers. This could be very helpful in the event of litigation or in the case of a credit card company receiving possibly fraudulent claims of unauthorized purchases on cards whose numbers were not compromised. a network administrator can then assess the exact circumstances surrounding a performance event. DPC can capture all packets on important network links continuously.[4] However this technique cannot function as an intrusion prevention system. This will help the administrator know whether or not their fix worked. or satisfactory security for use in this application.[5] [6] Analysis of DPC data can also reveal what files that have been sent out from the network. an administrator could verify exactly which information was stolen and which information was safe. telecommunications carriers can provide the legally required secure and separate access to targeted network traffic and are able to use the same device for internal security purposes.) to be stolen. medical records. Detecting data loss In the event that an intrusion allowed information (credit card numbers. .[3] DPC can capture network traffic accessing certain servers and other systems to verify that the traffic flows belong to authorized employees. Identifying data leakage Analyzing historical data flows captured with DPC assists in content monitoring and identifying data leaks and pinpointing their source. its cause or source can be more reliably determined if the administrator has access to complete historical data.

every packet included in that event is available. Net Scout Systems. jhtml?articleID=204802907). [11] "Sniffing Tutorial part 2 . soleranetworks. Inc. Triggers can be set up to capture certain events or breaches. .[3] All traffic or a selected segment on any given interface can be captured with a DPC appliance. Retrieved 2008-03-13. archive. html). [2] (Business Wire) (2007-12-06). exactly how many systems were affected. When an event triggers.. infoworld. com/ ?page=Blog& month=2011-03& post=Sniffing-Tutorial-part-2---Dumping-Network-Traffic-to-Disk) . informationweek. "Rewind and replay what happens on your network" (http:/ / www. 2008. Retrieved 2008-04-01. . [9] "Application overview" (http:/ / web. com/ what-we-do/ application-overview). netresec. Retrieved 2008-03-15. worm or other problem has been detected on a network.Dumping Network Traffic to Disk". . . bivio.[11] Benchmarking performance If performance suddenly takes a hit. asp). forensicfocus. html). htm).[10] Packet capturing for forensic investigations can also be performed reliably with free open source tools and systems.Solera Networks and Bivio Networks announce product interoperability" (http:/ / web. "Startup Of The Week: NetWitness Is Like TiVo For IT" (http:/ / www. "Solera Networks Announces Advanced Deep Packet Inspection and Capture Solution for Full 10Gbps Speeds" (http:/ / www. Forensic Focus. htm) on 2008-05-01. Retrieved 2009-08-28. . 2007. Retrieved 2008-03-15. com/ solutions/ top-ten. Retrieved 2008-03-15. historical data may allow a system administrator to determine. com/ passive-network-security-analysis-networkminer). [5] Tom Bowers (2007-02-05). [7] Erik Hjelmvik (2008). "NetDetector captures intrusions" (http:/ / www. NETRESEC Network Security Blog. the device can send e-mail notifications and SNMP traps. Retrieved 2008-03-15. 2011 (http:/ / www. 2008. Solera Networks. Reuters. Retrieved 2007-03-13. Retrieved 2008-04-01. 2007-10-07. . archive. conclusively. Archived from the original (http:/ / www. com/ newsletters/ techexec/ 2007/ 0716techexec1.Packet capture 139 Forensics Once an intrusion. net/ news_releases/ 102407-solera. [3] Linda Musthaler (2007-07-16). org/ web/ 20080304025423/ http:/ / www. . reuters. both in raw packet form or accurately rendered in its original format. Information Week. endace. org/ web/ 20080501222529/ http:/ / www. the historical data allows an administrator to view a specific window of time and determine the cause of the performance issues. netscout. Bivio Networks. Network World. com/ article/ pressRelease/ idUS169612+ 06-Dec-2007+ BW20071206). Endace. networkworld. net/ news_releases/ 102407-solera. endace. virus. [10] Paul Venezia (2003-07-11).[3] References [1] "Press Release . php). com/ columnists/ 2007/ 020507insider. Once a particular attack or signature has been identified. bivio. Infoworld. com/ what-we-do/ application-overview) on 2008-03-04. [4] "Capture Appliances" (http:/ / www. . [8] "Network Troubleshooting" (http:/ / www. networkworld. . html). [6] Andrew Conry-Murray (2008-12-15). Retrieved 2008-03-15. . "Getting started with content monitoring" (http:/ / www. Network World. com/ news/ showArticle. com/ article/ 03/ 07/ 11/ 27TCniksun_1. Archived from the original (http:/ / www. "Passive Network Security Analysis with NetworkMiner" (http:/ / www. com/ solutions/ iti_packet_analysis. such as FreeBSD and dumpcap.

a packet drop attack or blackhole attack is a type of denial-of-service attack in which a router supposed to relay packets discards them instead. However. Mohammad. "Black Hole Attack in Mobile Ad Hoc Networks" (http:/ / engsci. edu/ srds2009/ dncms2009_submission_Wang. Retrieved 5/5/2011. pdf). dk/ kurser/ ETC/ Wms2/ Papers/ Ad-hocSec/ Sub/ al-shurman. hosts are specifically vulnerable to collaborative attacks where multiple hosts will become compromised and deceive the other hosts on the network. . pdf). icmp: 263. . Because wireless networks have a much different architecture than that of a typical wired network. if the malicious router begins dropping packets on a specific time period or over every n packets. aau.[1] The packet drop attack can be frequently deployed to attack Wireless Ad-Hoc Networks. ieee-icnp. "Malicious packet dropping: how it might impact the TCP performance and how we can detect it" (http:/ / www. buffalo. This is rather called a gray hole attack. and the host is able to drop packets at will. all traffic will be directed to the host that has been compromised. [2] Al-Shurman. al. at a certain time of the day. Retrieved 5/5/2011. Packet drop attack In computer networking.[1] Because packets are routinely dropped from a lossy network. the attack can actually be discovered fairly quickly through common networking tools such as traceroute. If the malicious router attempts to drop all packets that come in. when other routers notice that the compromised router is dropping all traffic. cse. By doing this. . by dropping packets for a particular network destination. This usually occurs from a router becoming compromised from a number of different causes. et. a host can broadcast that it has the shortest path towards a destination. Also. it is often harder to detect because some traffic still flows across the network. or a randomly selected portion of the packets. The malicious router can also accomplish this attack selectively. a packet every n packets or every t seconds. . [3] Wang. Weichao.g. Xiaobing. org/ 2000/ papers/ 2000-24. pdf).Packet concatenation 140 Packet concatenation Packet concatenation is a computer networking optimization that coalesces multiple packets under a single header. they will generally begin to remove that router from their forwarding tables and eventually no traffic will flow to the attack. (2000). e. "Defending against Collaborative Packet Drop Attacks on MANETs" (http:/ / www. [2] Also over a Mobile Ad-Hoc Network. the packet drop attack is very hard to detect and prevent. [3] References [1] Zhang. One cause mentioned in research is through a denial-of-service attack on the router using a known DDoS tool.

Windows Windows(Cygwin)/Linux Linux/Unix/Windows Linux. linuxfoundation. sourceforge. net/ [3] http:/ / packetbuilder. Unix Windows/Linux/BSD Windows CLI CLI GUI AnetTest Bit-Twist GPL GPLv2 Packet Builder License [4] Cat Karat packet [3] builder Colasoft Packet [7] [8] [5] Windows GUI Packet Builder License: [6] Freeware BSD GPLv3 GPLv2 GPLv2 free BSD GPLv2 ? ? Jeff Nathan pstavirs Linux Foundation Miha Jemec aka jemcek Pieter Blommaert Philippe BIONDI Mixter ? Windows. com/ packet_builder/ [6] http:/ / www. Packet generators utilize raw sockets. org/ en/ Net:Pktgen .Packet generator 141 Packet generator A packet generator or packet builder is a type of software that generates random packets or allows the user to construct detailed custom packets. Unix Windows/Linux/BSD/MacOSX Linux Linux. org/ [9] http:/ / www. colasoft. sourceforge. Yakov Tetruashvili Colasoft Windows. net/ [8] http:/ / ostinato. net/ [2] http:/ / bittwist. This is useful for testing implementations of IP stacks for bugs and security vulnerabilities. sourceforge. Comparison General Information Title Author OS Interface Link [1] [2] License AnetTest Bit-Twist Cat Karat packet builder Colasoft Packet Builder Nemesis Ostinato Pktgen packETH pierf Scapy targa3 Winsock Packet Editor UMPA Anton aka kronos256 ayeowch aka det_re Valery Diomin. php [7] http:/ / nemesis. net/ [4] Custom: free for personal use [5] http:/ / www. com/ download/ products/ download_packet_builder. Unix Windows CLI GUI CLI GUI CLI CLI CLI ? Nemesis Ostinato Pktgen [9] [10] packETH pierf [11] [12] [13] Scapy targa3 Winsock Packet [14] Editor UMPA [15] [4] Adriano Monteiro Marques Daniel Borkmann cxxxap Author Cross-platform (Python) Linux Windows OS ? CLI GUI Interface GPLv2 GPLv2 trafgen xcap Title netsniff-ng xcap [16] License Link [1] http:/ / anettest. colasoft.

c [14] http:/ / wpepro.c) UMPA (http://umpa. sourceforge.net/) Colasoft Packet Builder (http://www.sourceforge. org/ DoS/ targa3.net/) trafgen.googlecode. org/ [16] http:/ / xcap.html) . net/ [11] http:/ / pierf.org) Winsock Packet Editor (http://wpepro.youtube.Packet generator [10] http:/ / packeth.linuxfoundation.sourceforge. secdev. part of the netsniff-ng suite (http://www.secdev. html 142 External links • • • • • • • • • • • • • • • • AnetTest (http://anettest.org/DoS/targa3.org/) Ostinato (http://ostinato.net/) Bit-Twist (http://bittwist.netsniff-ng. sourceforge.sourceforge.sourceforge.com/index. weebly. net/ [15] http:/ / umpa.net/) Scapy (http://www. org/ projects/ scapy/ [13] http:/ / packetstormsecurity. net/ [12] http:/ / www.net) xcap .com/) Pktgen (http://www.weebly.com/watch?v=O_pk5Wr2_8I) Nemesis (http://nemesis.colasoft.com/packet_builder/) Video: Generate Packets to Test Firewall (http://www.umitproject.org/en/Net:Pktgen) packETH (http://packeth.org/projects/scapy/) targa3 (http://packetstormsecurity.net/) pierf (http://pierf. umitproject.net/) Cat Karat packet builder (http://packetbuilder.sourceforge. com/ index.packet generator & sender (http://xcap.

aircrack-ng. net http:/ / www. security-freak. net/ packet-injection/ packet-injection. Winsock. org/ Contents/ Void11Main. Void11. packeteditor. pcap. aircrack-ng. Ostinato [8]. Software A popular packet injection application for wireless networks is aireplay-ng[1]. AirJack. Other packet-injectors are Nemesis. Sometimes IP address spoofing is used. htm http:/ / wpepro. org/ doku. External links • PacketEditor [2] • Void11 [3] • Winsock Packet Editor [4] • • • • Nemesis Ostinato [8] Packet Injection using raw sockets [5] aircrack-ng [6] [7] References [1] [2] [3] [4] [5] [6] http:/ / www. which is part of the aircrack-ng suite. and libradiate. com http:/ / wirelessdefence. file2air. This is accomplished by crafting a packet using raw sockets. php?id=aireplay-ng& DokuWiki=a96e889dd81ae5677cf2eaa686569563 http:/ / www. usually by a party not otherwise participating in the said connection. html http:/ / www.Packet injection 143 Packet injection Packet injection is a computer networking term which refers to sending a packet on a network into an already established connection. org . CommView for WiFi Packet Generator.

Packet Switch Stream In the United Kingdom. which provides a way to create a high-speed (up to 1 Gigabit/s) local area network using existing home wiring (power lines. chose to dial up via an analog modem over the then UK analog telephony network to their nearest public PAD. This process may include automatic repeat-request (ARQ) mechanisms to detect missing segments and to request the source to re-transmit specific segments. packet segmentation may be responsible for splitting one MPDU into multiple physical layer service data units so that reliable transmission (and potential re-transmission via ARQ) of each one can be performed individually. via a Kilostream digital access circuit (actually a baseband modem). The ITU-T G.3/X. is an example of a protocol that employs packet segmentation to increase reliability over noisy media. • When the network is unreliable and it's desirable to divide the information into smaller segments to maximize the probability that each one of them can be delivered correctly to the destination. PSS could be used to connect to a variety of online databases and mainframe systems. using an ID/password provided as a subscription service. However most customers. Of particular note was the use of PSS for the first networked Clearing House Automated Payment System (CHAPS). In this early 1980s era installation lead times for suitable 4-wire analog lines could be more than 6 months in the UK. Some customers connected to the PSS network via the X. phone lines and coaxial cables).25 interface. The experimental predecessor network (EPSS) formally closed down on 31 July 1981 after all the existing connections had been moved to PSS. PSS was one of the first telecommunications networks in the UK to be fully liberalized in that customers could connect their own equipment to the network. for cost reasons. provided by the British Post Office Telecommunications and then British Telecom starting in 1980. This was a network system .25 service and bought their own PADs. Companies and individual users could connect in to the PSS network using the full X. The current day analogy of ISP's offering broadband always on and dial up services to the internet applies here. Segmentation may be required in many scenarios: • When the data packet is larger than the maximum size supported by the network. This was before privatization and the creation of British Telecommunications plc (BT) in 1984. After a period of pre-operational testing with customers (mainly UK Universities and computer manufacturers at this early phase) the service was launched as a commercial service on 20 August 1981.25-based packet-switched network. via published phone numbers.28/X. In a communication system based on a layered OSI model.29 PAD (Packet Assembler/Disassembler) service oriented to the then prevalent dumb terminal market place. Protocols that perform packet segmentation at the source usually include a mechanism at the destination to reverse the process and reassemble the original packet from individual segments.Packet segmentation 144 Packet segmentation In a data communications networks.24 asynchronous character based interface via an X. The PAD service could be connected to via a dedicated four-wire telephone circuit using a PSS analog modem and later on via a Kilostream digital access circuit.hn standard. Companies and individual users could also connect in to the PSS network using a basic non-error correcting RS232/V. when problems of 10-100ms transmission failures with the PCM Voice based transmission equipment used by the early Kilostream service were resolved. Packet Switch Stream (PSS) was an X. via a dedicated four-wire telephone circuit using a PSS analog modem and later on. packet segmentation is the process of dividing a data packet into smaller units for transmission over the network.

1. On analog links 2400 bit/s. These network management systems were based in London 145 . The operating system and the packet switching software was developed by Telenet (later on GTE Telenet). Network management had been run on a system of 24 Prime 63xx and 48xx computers running a modified versions of Revisions 20 and 22 of the Primos operating system. Logica (now LogicaCMG) designed the CHAPS system and incorporated an encryption system able to cope with HDLC bit stuffing on X. and a portfolio of products designed for a global market place.200 or 2.25 links. Customers would be able to enjoy one-stop-shopping for global data networks. 2M (Mega) Baud and 256K (kilo) Baud respectively. This started in about 1978 before PSS went into operation due to the high demand for affordable access to US based database and other network services.400 Baud PSTN modem to connect a Data Terminal Equipment terminal into a local PSS exchange. 4800 bit/s. A PAD service was provided by IPSS to this market in advance of PSS launch. plus its associates private and hybrid (mixed public and private) network activities. June 28. and developing dedicated or hybrid networks that embraced major trading areas. Individual users could link into PSS. the US market leader in electronic data interchange. In the words of BT's own history: British Telecom purchased the Tymnet network systems business and its associated applications activities from the McDonnell Douglas Corporation on 19 November (1989) for $355 million. 1200/75. 2006. There was a choice of different speeds of PSS lines.400 Baud modems were quite rare. For a brief time the EEC operated a packet switched network. and subsequently by Concert as part of Concert Global Network Services after the Concert joint venture company was launched on 15 June 1994. the public network business. The highest and lowest speed lines were provided by the Megastream and Kilostream services. 300. although 110 and 300 Baud modems were not uncommon. The network was initially based upon a dedicated modular packet switch using DCC's TP 4000 communication processor hardware. The last PSS (node) in the UK was finally switched off Wednesday. the Card Service processing business. Euronet. the faster the line the more expensive it cost to rent it. It replaced a paper based system that operated in the City of London using electrical vehicles similar to milk floats.25 network service launched by the international division of BT to which PSS was linked to other packet switched networks around the world.000 UKP (in early 1980s monetary value) between the major UK banks and other major financial institutions based in the UK. by using a 110. These services were subsequently offered by BT Global Network Services. Note: in those days 2. These connections moved over to PSS and other European networks as commercial X. BT bought Telenet's system via Plessey Controls of Poole. 9600 bit/s and 48 kbit/s were offered. the OnTyme electronic mail service. At the time of PSS's launch this was in advance of both Telenet's own network and most others that used general purpose mini-computers as packet switches. and EDI*Net. It is believed BT subsequently exchanged major US elements of the Tymnet business with MCI for other assets when the proposed merger of their two businesses was thwarted by MCI's purchase by WorldCom. on a pay as you go basis. BT Tymnet anticipated developing an end to end managed network service for multi-national customers.200 Baud was the usual speed in the 1980s. and a related project Diane to encourage more database and network services to develop in Europe.Packet Switch Stream used to transfer all payments over £10. Dorset who also sold Telex and Traffic light systems.25 services launched. The International Packet Switch Stream (IPSS) is an international X. Later on the InterStream gateway between the Telex network and PSS was introduced based on a low speed PAD interface. Later on BT used Telematics packet switches for the Vascom network to support the Prestel service and also bought the Tymnet network from McDonneld Douglas. Its activities included TYMNET. 1.

BT's attitude to packet switching was ambivalent at best. Ideas like providing a more user friendly menu based interface. But not before PSS management was allowed to commit to large investments that caused serious problems later. than X. Despite healthy demand for basic X. Investments in value added network services (VANS) and BT's own access level packet switching hardware delayed operating profit.25 host traffic. However significant on-going expenditure had been committed already to manufacture packet switch hardware and by using the very expensive Tandem computers in existing VANS. Even in its recent history BT's senior management stated that the Internet was "not fit for purpose".25 services and the obvious trend for more demanding bandwidth intensive applications that required investment in more powerful switches a decision to develop BT's own hardware and network applications was made instead. The DNICs used by IPSS and PSS were 2341 and 2342 respectively. for managed SNA services in the UK. as one concern of regulators was this joint venture might damage work on Open Systems Interconnection. This only made cost control worse and achieving operating profit delayed further. PSS was then merged with other failing business like Prestel as it became part of a larger Managed Network Services division that was used to fix or close BT's problem businesses. While a decision was eventually made to put some of the basic network services people in senior positions and try to launch what had been developed this proved to be a major mistake. etc. An exodus of people who were developing the value added network services helped reduce some costs. Each low end packet switch installed added costs for floor space. without any significant value added revenue benefit resulting. named PSS Plus collectively. As the added value services. One of the few successful value added applications was the transaction phone used to check credit cards by retailer to validate transactions and prevent fraud. added significant costs and headcount while contributed virtually no revenue a change in PSS's management eventually resulted. Eventually the UK government decided the SNA joint venture was anti-competitive and vetoed it. McKinsey's startling insight that increasing revenue while cutting costs was required to turn around the business was duly followed by the new management and an operating profit achieved in about 1988.Packet Switch Stream and Manchester. BT did not capitalise as much as other packet switch operators by subsequent mistakes concerning the internet. This rested on running PSS efficiently and cutting the VANS as much as possible. PSS being the major part. Tymnet. The lesson of Tymnet's similar transaction phone that just used a dial up link to a standard PAD based service was not followed. BT's North American operations and the Concert Global Services with ATT. power. Sometimes not enough and sometimes too much but mostly for the wrong reasons. called Jove. This in turn dented PSS's low credibility with BT's management still further. In the midst of this IBM (the then market leader in computing) and BT attempted to launch a joint venture. Operating profit was still not achieved and a further change in management with McKinsey consultant being called in was the result. 146 . Packet switches were installed at major trunk exchanges in most major conurbations in the UK. And for a time significant extra expenditure was allowed for BT's data services. Compared to France's Transpac that had a separate commercial company with dedicated management and saw X. While PSS eventually went the way of all X. Nor were they adequate for X.28 was proven obsolete by the advent windows based clients on PCs.25 packet switching as a core offering BT's then senior management regarded packet switching as a passing phase until the telecommunications nirvana of ISDN's 64 kbit/s for everyone arrived. called Epad.25 networks and was overwhelmed by the internet and more significantly the internet's superior application suite and cost model. PSS suffered from inconsistent investment during its early years. It was believed that putting a packet switch in every local telephone exchange would allow this and other low bandwidth applications to drive revenue.

a method which sets up a limited number of dedicated connections of constant bit rate and constant delay between nodes for exclusive use during the communication session. type. Statistical multiplexing. resulting in variable delay and throughput depending on the traffic load in the network. An emergency rights issue also helped resolve the debt from acquiring second or third ranked old telcos style companies around the world. and (2) connection-oriented packet switching. Demon and Energis based virtual ISPs in the same sector has only been recovered from recently. In case of traffic fees. Only after BT changed its most senior management who were fixated on circuit switching/ISDN based on System X/Y telephone exchanges and embracing broadband/internet lock stock and barrel has this changed. As the commodity price of IP services based in their core 21st century MPLS network to carry voice and data finally gives them the real cost efficiencies that packet switching always promised. In case of a shared physical medium. In the first case each packet includes complete addressing or routing information. packets are buffered and queued. called packets. com/ coms/ history/ pss/ index. Packet mode communication may be utilized with or without intermediate forwarding nodes (packet switches or routers). such as weighted fair queuing or leaky bucket. Packet switching contrasts with another principal networking paradigm. 147 External links • Pictures of the BT PSS equipment [1] References [1] http:/ / www. first-out buffering. also known as datagram switching. Alternatively. while packet switching is characterized by a fee per unit of information. In all packet mode communication. and are delivered in order. routers and other network nodes. The packets include a connection identifier rather than address information. circuit switching.Packet Switch Stream BT's failure to become the major ISP in its own home market unlike every other former PTT and the success of Dixon's Freeserve. Each logical stream consists of a sequence of packets. switches. traffic shaping or for differentiated or guaranteed quality of service. . network resources are managed by statistical multiplexing or dynamic bandwidth allocation in which a communication channel is effectively divided into an arbitrary number of logical variable-bit-rate channels or data streams. as CSC and Reuters sell up their networks to BT. the packets may be delivered according to some packet-mode multiple access scheme. In the second case a connection is defined and preallocated in each involved node during a connection phase before any packet is transferred. based on packet switching. Two major packet switching modes exist. The packets are routed individually. Now BT appears to be inheriting a dominating position in the Global Network Services market. See below. htm Packet switching Packet switching is a digital networking communications method that groups all transmitted data – regardless of content. sometimes resulting in different paths and out-of-order delivery. (1) connectionless packet switching. When traversing network adapters. or structure – into suitably sized blocks. for example in cellular communication services. packet switching and other store-and-forward buffering introduces varying latency and throughput in the transmission. Packet switching features delivery of variable-bit-rate data streams (sequences of packets) over a shared network. the packets may be forwarded according to some scheduling discipline for fair queuing. which normally are forwarded by the multiplexers and intermediate network nodes asynchronously using first-in. also known as virtual circuit switching. euclideanspace. circuit switching is characterized by a fee per time unit of connection time. even when no data is transferred.

In connection oriented networks. distributed. Roberts and the ARPANET team took the name "packet switching" itself from Davies's work. he also later played a leading role in building and management of the world's first packet switched network. and published a book in the related field of digital message switching (without the packets) in 1961. A member of Davies' team met Lawrence Roberts at the 1967 ACM Symposium on Operating System Principles. first presented to the Air Force in the summer of 1961 as [1] [2] in 1962 and then including and expanding somewhat briefing B-265 then published as RAND Paper P-2626 within a series of eleven papers titled On Distributed Communications [3] in 1964. delivery of these messages by store and forward switching. Connectionless and connection-oriented packet switching The service actually provided to the user by networks using packet switching nodes can be either connectionless (based on datagram messages). The first computer network and packet switching network deployed for computer resource sharing was the Octopus Network at the Lawrence Livermore National Laboratory that began connecting four Control Data 6600 computers to several shared storage devices (including an IBM 2321 Data Cell[4] in 1968 and an IBM Photostore[5] in 1970) and to several hundred Teletype Model 33 ASR terminals for time sharing use starting in 1968. and it helped influence Lawrence Roberts to adopt the technology when Taylor put him in charge of development of the ARPANET. Donald Davies at the National Physical Laboratory (NPL) in the UK had developed the same ideas (Abbate. Baran developed the concept of message block switching during his research at the RAND Corporation for the US Air Force into survivable communications networks. and acceptable values for service parameters to be negotiated. The paper focuses on three key ideas: first. both wide-area network evangelists. survivable communications network. Independently. and second. and TCP. Some connectionless protocols are Ethernet. or sequence number) which is different for different . then third. Baran's P-2626 paper described a general architecture for a large-scale. The NPL Data Communications Network entered service in 1970. In 1966 Davies proposed that a network should be built at the laboratory to serve the needs of NPL and prove the feasibility of packet switching. after which a person from the Ministry of Defence (MoD) told him about Baran's work. connection oriented packet-switching protocols include X. an internetworking protocol for sharing resources using packet-switching among the nodes. The packet header can be small. bringing the two groups together. The signalling protocols used allow the application to specify its requirements and the network to specify what capacity etc.[6] In 1973 Vint Cerf and Bob Kahn wrote the specifications for Transmission Control Protocol (TCP). or virtual circuit switching (also known as connection oriented). use of a decentralized network with multiple paths between any two points. timestamp. Address information is only transferred to each node during a connection set-up phase.R. He gave a talk on the proposal in 1966. as it just requires the node to look up the ID in the table. Asynchronous Transfer Mode (ATM). dividing complete user messages into what he called message blocks (later called packets). and UDP. the ARPANET.C. Licklider at the Information Processing Technology Office. UK. each packet is labeled with a connection ID rather than an address. when the route to the destination is discovered and an entry is added to the switching table in each network node through which the connection passes.Packet switching 148 History The concept of switching small blocks of data was first explored by Paul Baran in the early 1960s. as it only needs to contain the ID and any information (such as length. Multiprotocol Label Switching (MPLS). In 1965. Davies had chosen some of the same parameters for his original network design as Baran. 2000). Frame relay. is available. Interestingly.25. Baran's study made its way to Robert Taylor and J. Baran's work was similar to the research performed independently by Donald Davies at the National Physical Laboratory. Davies developed the concept of packet-switched networks and proposed development of a UK wide network. such as a packet size of 1024 bits. Routing a packet is very simple. IP. Leonard Kleinrock conducted early research in queueing theory which would be important in packet switching.

and this information needs to be looked up in power-hungry content-addressable memory. Frame relay is a further development of X.25 vs. and is part of the X. although intermediate network nodes only provides a connectionless network layer service.25 and Frame Relay provide connection-oriented packet switching. while X. also known as the OSI protocol suite.g. Datagram packet switching is also called connectionless networking because no connections are established. GPRS. also known as virtual circuit switching. have been called "fast packet" technologies. X. Frame Relay was used to interconnect LANs or LAN segments. the original message/data is reassembled in the correct order. the system has to do as much work for every packet as the connection-oriented system has to do in connection set-up. Thus a virtual connection.Packet switching packets. MPLS and its predecessors. despite being based on packet switching methods. has been [7] called "ATM without cells". I-mode) also use packet switching. for example as an alternative to circuit mode terminal switching. however. based on the packet sequence number. Modern routers. also known as a virtual circuit or byte stream is provided to the end-user by a transport layer protocol. A major difference between X. based on node-to-node automatic repeat request. potentially. do not require these technologies to be able to forward variable-length packets at multigigabit speeds across the network. Newer mobile phone technologies (e. Technologies such as Multiprotocol Label Switching (MPLS) and the resource reservation protocol (RSVP) create virtual circuits on top of datagram networks. X.25 protocol suite. and for automated teller machines.25 connections also can be established for each communication session. and does not provide logical addresses and routing. Any retransmissions must be carried out by higher layer protocols. as well as ATM. . while Frame Relay is a non-reliable protocol. The X. Each packet is dispatched and may go via different routes.. each packet is labeled with a destination address. The simplicity of Frame Relay made it considerably faster and more cost effective than X. At the destination. Virtual circuits are especially useful in building robust failover mechanisms and allocating bandwidth for delay-sensitive applications. 149 Packet switching in networks Packet switching is used to optimize the use of the channel capacity available in digital telecommunication networks such as computer networks. Ethernet and Frame Relay are common. The most well-known use of packet switching is the Internet and most local area networks. Asynchronous Transfer Mode (ATM) also is a virtual circuit technology.25 and Frame Relay packet switching are that X. This precludes the need for a dedicated path to help the packet find its way to its destination.25 is a reliable protocol. it provided virtual circuits to the user. many international traffic across wide area networks. to minimize the transmission latency (the time it takes for data to pass across the network). It was widely used in switching networks during the 1980s and early 1990s. which is therefore larger. maximum packet length is 1000 bytes. Frame relay is a data link layer protocol. X.25 packet switching. The Internet is implemented by the Internet Protocol Suite using a variety of Link Layer technologies.25. mainly in the 1990s by large companies that had a requirement to handle heavy telecommunications [8] :250 Despite the benefits of frame relay packet switching.25 is a notable use of packet switching in that. source address. and to increase robustness of communication. For example. but with less information as to the application's requirements. it may also be labeled with the sequence number of the packet. indeed. the International Packet Switched Service (IPSS). MPLS. It is only used for "semi-permanent" connections. These virtual circuits carry variable-length packets. In connectionless networks. and port numbers. In 1978. which uses fixed-length cell relay connection oriented packet switching.25 provided the first international and commercial packet switching network. but means that much more information is needed in the packet header.25 protocol is a network layer protocol. Frame Relay packet switching Both X.

Davies. G. Samuel (1970-11-30). Wilkinson. Management Information Systems (9th ed. Cambridge. May 31.org/search/wrapper. Information Flow in Large Communication Nets (http://www. T.html). 1978) • • • • • . On Distributed Communications Networks (http://ieeexplore.ieee. Bartlett.[9] 150 References [1] Stewart.D. & Marakas. October 1967) R. August 1964) Paul Baran. 16. November. jsp?arnumber=1088883).cs. Thesis • Leonard Kleinrock. M.packet. html).html) (Fall AFIPS Conference. January). . The design of a message switching Centre for a digital communication network (IFIP 1968) Larry Roberts and Tom Merrill. html [4] The IBM 2321 Data Cell Drive (http:/ / www.lk. X. (IEEE Transactions on Communications Systems. 2009. and P. 31(4).Packet switching companies are staying with the X. html). rogerdmoore. and K. X. In certain parts of the world. The Evolution of Packet Switching (http://www. Columbia University Computing History [5] The IBM 1360 Photostore (http:/ / www. cc/files/toward-coop-net. com/ cisco/ newsletter/ SL/ interview_08-12-03. 1964) • Paul Baran et al. html).ucla. X. "Octopus: The Lawrence Radiation Laboratory Network" (http:/ / www. rand. Retrieved 2008-05-08. A digital communications network for computers giving rapid response at remote terminals (ACM Symposium on Operating Systems Principles.html) (RAND Corporation Research Documents. In the United States. (MIT. (Document ID: 10946641). A. Bibliography • Leonard Kleinrock.25 on slower networks. org/ pubs/ research_memoranda/ RM3420/ index.25 was the only technology available. A. Bill (2000-01-07). G. Lawrence Livermore Laboratory Computing History [6] Mendicino. 1961) Proposal for a Ph. A. July 1961) • Leonard Kleinrock. dir/ pages/ Photostore. 1964) • Paul Baran. Information Flow in Large Communication Nets (RLE Quarterly Progress Report. Living Internet. html).). htm). New York: McGraw-Hill/Irwin. dir/ index. livinginternet. edu/ acis/ history/ datacell. computer-history. P.cc/files/ev-packet-sw.edu/ bibliography-public_reports. A. com/ i/ ii_rand.org/publications/RM/RM3420/) (RAND Memorandum RM-3420-PR. [9] Girard. J. (1997.25 users remaining loyal despite frame-relay hype. Scantlebury.org/about/history/ baran-list. R. Retrieved March 6. "Paul Baran Invents Packet Switching" (http:/ / www. Retrieved 2009-05-06. Communication Nets: Stochastic Message Flow and Delay (McGraw-Hill. Many companies did not intend to cross over to Frame Relay packet switching because it is more cost effective to use X.rand..packet. rand. Scantlebury. from ABI/INFORM Global database. Computerworld. K. ca/ PS/ OCTOA/ OCTO. info/ Page4. Toward a Cooperative Network of Time-Shared Computers (http://www. Volumes I-XI (http://www. W. August. On Distributed Communications.25 packet switching was used heavily in government and financial networks that use mainframe applications. [7] Interview with the author (of an MPLS-based VPN article) (http:/ / www. New York. T. particularly in Asia-Pacific and South America regions. Wilkinson. . October 1966) Lawrence Roberts.html) (Proceedings of the IEEE.25 standard. On Distributed Communications: I Introduction to Distributed Communications Network (http:// www. Pildush [8] O’Brien. [2] http:/ / www. certificationzone. (2009). A. columbia. org/ pubs/ papers/ P2626/ [3] http:/ / www. K. Bartlett. March 1964) D.rand.

However technology matures and new application proliferate packet technology will appear in broader market.htm).rand. Where Wizards Stay Up Late (Simon and Schuster. The packet and based fabric is capable of supporting future applications such as video streaming and video conferencing. Packet telephony Packet telephony is the use of personal computers and a packet data network to produce a voice conversation. and Kleinrock • Paul Baran and the Origins of the Internet (http://www. Transforming Computer Technology: Information Processing for the Pentagon. 2000) ISBN 0-262-51115-0 • Arthur Norberg. Judy E.cbi.org/about/history/baran. . Roberts. writing and distribution of his eleven-volume work. The goal of packet switched fabric in both LAN and WAN. Baran describes his working environment at RAND.shtml) This article was originally based on material from the Free On-line Dictionary of Computing.org/internet/history/brief. 1962-1982 (Johns Hopkins University.livinginternet. "On Distributed Communications. 1996) External links • Oral history interview with Paul Baran (http://www." Baran discusses his interaction with the group at ARPA who were responsible for the later development of the ARPANET.com/i/iw_packet. and the evolution.Packet switching 151 Further reading • Katie Hafner. The transaction to a new paradigm will take years to complete.html) • A Brief History of the Internet (http://www. Charles Babbage Institute University of Minnesota. O'Neill. site reviewed by Baran.edu/oh/display. Minneapolis. Inventing the Internet (MIT Press. It consists of telephony and data tightly coupled on packet-based switched multimedia networks. • Packet Switching History and Design (http://www. which is licensed under the GFDL. 1996) pp 52–67 • Janet Abbate.phtml?id=110).isoc. There is a major distinction between Intranet telephony and VoIP. the vision in to drive voice and data over a single multimedia (packet based N/W) allowing waves to engage in a media rich communication in a natural and straightforward manner. as well as his initial interest in survivable communications.umn.

There are four sources of packet transfer delay: 1. Propagation delay = d/s Packet-switched network A packet-switched network is a digital communications network that groups all transmitted data. The history of such networks can be divided into three eras: early networks before the introduction of X. minimize response times and increase the robustness of communication. s = Propagation speed in medium 3. the network guarantees sequenced delivery of data to the host. When traversing network adapters. R=Link bandwidth (bit/s) 2. Queuing: 1. L=Packet length (bits) 3. the X.25 era when many postal. Determine output link 2. Packet transfer delay is influenced by the level of network congestion and the number of routers along the way of transmission. X.25 is the best . There was a debate about the merits of two drastically different views as to proper division of labor between the hosts and the network. The network over which packets are transmitted is a shared network which routes each packet independently from all others and allocates transmission resources as needed. resulting in variable delay and throughput.25 interfaces.25 in 1973 [1] . depending on the traffic load in the network. telephone and telegraph (PTT) companies introduced networks with X. type. Time waiting at output link for transmission 2. Check bit errors 2. packets are buffered and queued. Depends on congestion level of router 3. switches and other network nodes.Packet transfer delay 152 Packet transfer delay Packet transfer delay is a concept in packet switching technology. Nodal processing: 1. and the Internet era when restrictions on connection to the Internet were removed. In the datagram system the host must detect loss or duplication of packets. Before the introduction of X. In the virtual call system. Transmission delay: 1. irrespective of content.25 and the OSI model. The principal goals of packet switching are to optimize utilization of available link capacity. Time to send bits into link = L/R 4. Transmission Control Protocol /Internet Protocol (TCP/IP) is the best known example of a host to datagram protocol. The sum of store-and-forward delay that a packet experiences in each router gives the transfer or queuing delay of that packet across the network. called packets. d = Length of physical link 2. Propagation delay: 1. This results in a simpler host interface with less functionality than in the datagram model. about twenty different network technologies were developed. Early networks ARPANET and SITA HLN became operational in 1969. or structure into suitably sized blocks.

) After going international some years later. a data network based on this voice-phone network was designed to connect GE's four computer sales and service centers (Schenectady. at the instigation of Warner Sinback. GEIS created a network data center near Cleveland.25 project. He decided that a time-sharing system. TCP/IP. offering batch processing services. Louis Pouzin was the principal designer. and Sinback. It was succeeded by DDX-2. BNRNET BNRNET was a network which Bell Northern Research developed for internal use. Inexpensive minicomputers were an important component in the early networks. 153 ARPANET This is the principal survivor from the early era. EPSS EPSS (Experimental Packet Switching System) was an experiment of the UK Post Office. General Electric was a major international provider of information services. [5] [6] . Ohio. Tymnet. Ferranti supplied the hardware and software. DDX-1 This was an experimental network from Nippon PTT. It became operational in 1976. [2] CYCLADES CYCLADES was an experimental French network. a high-level marketing manager. It initially had only one host but was designed to support many hosts. Some ideas from this network were later incorporated into ARPANET. Chicago. Phoenix. [3] [4] GEIS As General Electric Information Services (GEIS). which was an important component of ARPANET2.Packet-switched network known virtual call protocol. apparently the world's first commercial online service. They lost money from the beginning. the centers were computer service bureaus. In 1965. In some cases custom I/O devices were added to allow inexpensive or exotic attachments to communication lines. BNR later made major contributions to the CCITT X. based on Kemney's work at Dartmouth—which used a computer on loan from GE—could be profitable. (In addition to selling GE computers. was given the job of turning the business around.) The design was hierarchal with redundant communication links. The company originally designed a telephone network to serve as its internal (albeit continent-wide) voice telephone network. It mixed circuit switching and packet switching. was chosen for use in NSFNET which eventually became the Internet. Very little has been published about the internal details of their network. The handling of link control messages (acknowledgements and flow control) was differed from that of most another networks and is not fully explained in the published literature. Warner was right. (Though it has been stated by some that Tymshare copied the GEIS system to create their network. EIN nee COST II European Informatics Network was a project to link several national networks. and Phoenix) to facilitate a computer time-sharing service.

P. Sharp Associates to serve their time-sharing customers.25 network." [18] . RCP influenced the specification of X. It connected sundry hosts at the lab to interactive terminals and various computer peripherals including a bulk storage system. Libraries were also among first ones in universities to accommodate microcomputers for public use in early 80's. TRANSPAC was introduced as an X. NPL Donald Davies of the National Physical Laboratory. It became operational in May 1976. as well as higher level functions such as a reliable byte stream. [15] [16] [17] SCANNET "The experimental packet-switched Nordic telecommunication network SCANNET was implemented in Nordic technical libraries in 70's. NPL built a single node network to connect sundry hosts at NPL. CYCLADES was concerned with host-to-host communication. Surrey developed a packet switching network for internal use. [8] [9] [10] Philips Research Philips Research Laboratories in Redhill. RCP emphasised terminal to host and terminal to terminal connection. UK made many important contributions to the theory of packet switching. [7] OCTOPUS Octopus was a local network at Lawrence Livermore National Laboratory. The entire suite provided routing and packet delivery. It became operational in 1972 and thus was the first public network. and it included first Nordic electronic journal Extemplo. RCP was a virtual-circuit network in contrast to CYCLADES which was based on datagrams.25 [12] [13] [14] RETD Red Especial de Transmisión de Datos was a network developed by Compañía Telefónica Nacional de España. along with numerous applications. Further developments led to Xerox Network Systems (XNS). it was created by researchers at Xerox PARC in the mid-1970s. [11] PUP The PARC Universal Packet (PUP or Pup) was one of the two earliest internetwork protocol suites. RCP RCP was an experimental network created by the French PTT. It was used to gain experience with packet switching technology before the specification of Transpac was frozen.Packet-switched network 154 IPSANET IPSANET was a semi-private network constructed by I. It was a datagram network with a single switching node.

as well as higher level functions such as a reliable stream. It carried interactive traffic and message-switching traffic.25 host interface in addition to older host connection schemes. [19] SNA Systems Network Architecture (SNA) is IBM's proprietary networking architecture created in 1974. and remote procedure calls. A user or host could call a host on a foreign network by including the DNIC of the remote network as part of the destination address.75 gateways.25 networks. and government agencies. The business consisted of a large public network that supported dial-up users and a private network business that allowed government agencies and large companies (mostly banks and airlines) to build their own dedicated networks.Packet-switched network 155 SITA HLN SITA is a consortium of airlines. Tymnet was also connected to dozens of other public networks in the U. DATAPAC was developed by Bell Northern Research which was a joint venture of Bell Canada (a common carrier) and Northern Telecom (a telecommunications equipment supplier). Telenet designed these protocols and helped standardize them in the CCITT. Bolt. [20] Telenet Telenet was the first FCC-licensed public data network in the United States. X. It was developed from PARC Universal Packet (PUP). SNA/SDLC. Some such as DATAPAC and TRANSPAC were initially implemented with an X. but the monopoly's reaction was that this was incompatible with their future. Beranack and Newman (BBN) provided the financing. He had tried to interest AT&T in buying the technology. Tymnet Tymnet was an international data communications network headquartered in San Jose. The private networks were often connected via gateways to the public network to reach locations not on the private network. Northern Telecom sold several DATAPAC clones to foreign PTTs including the Deutsche Bundespost. Another employee suggested the name. .25 networks. Tyme.25 external interface.25. which provided routing and packet delivery. CA that utilized virtual call packet switched technology and used X.25 and the terminal interface to X.25 era There were two kinds of X. BSC and ASCII interfaces to connect host computers (servers)at thousands of large companies. Users typically connected via dial-up connections or dedicated async connections.75 and X. X. (Interesting note: Tymnet was not named after Mr. An IBM customer could acquire hardware and software from IBM and lease private lines from a common carrier.S. This allowed construction of a private network. It was founded by former ARPA IPTO director Larry Roberts as a means of making ARPANET technology public. and internationally via X. Telenet was incorporated in 1973 and started operations in 1975. It initially used ARPANET technology but changed the host interface to X. It went public in 1979 and was then sold to GTE.25/X. Some older networks such as TELENET and TYMNET were modified to provide a X.121 allowed the interconnection of national X.) [21] [22] XNS Xerox Network Systems (XNS) was a protocol suite promulgated by Xerox.29. educational institutions. As with many non-academic networks very little has been published about it. Their High Level Network became operational in 1969 at about the same time as ARPANET.

25 network (1976). Datex-P Deutsche Bundespost operated this national network in Germany. Iberpac is run by Telefonica. supporting applications such as on-line betting.25 network operated by Telstra.25 node to the network. In addition to providing X. or. Strictly speaking Datanet 1 only referred to the network and the connected users via leased lines (using the X. message switching software was also included.25 and X. by linking a permanent X. . Datapac DATAPAC was the first operational X.121 DNIC 2041). but through the use of "logical ports" an originating terminal could have a menu of pre-defined destination terminals. financial applications — the Australian Tax Office made use of AUSTPAC — and remote terminal access to academic institutions. who maintained their connections to AUSTPAC up until the mid-late 1990s in some cases. Messages were buffered at the nodes adjacent to the sending and receiving terminals.Packet-switched network 156 AUSTPAC AUSTPAC was an Australian public X. It covered major Canadian cities and was eventually extended to smaller centres. Switched virtual calls were not supported. It was launched in 1984. And because the main Videotex service used the network and modified PAD devices as infrastructure the name Datanet 1 was used for these services as well. Although this use of the name was incorrect all these services were managed by the same [23] people within one department of KPN contributed to the confusion. ConnNet ConnNet was a packet switched data network operated by the Southern New England Telephone Company serving the state of Connecticut. Datanet 1 Datanet 1 was the public switched data network operated by the Dutch PTT Telecom (now known as KPN). Eirpac is run by Eircom. HIPA-NET Hitachi designed a private network system for sale as a turnkey package to multi-national organizations. providing X.28. Started by Telecom Australia in the early 1980s.25 packet switching. replacing Euronet. the name also referred to the public PAD service Telepad (using the DNIC 2049). The technology was acquired from Northern Telecom. Access can be via a dial-up terminal to a PAD.25 services. AUSTPAC was Australia's first public packet-switched data network. Eirpac Eirpac is the Irish public switched data network supporting X. [24] Iberpac Iberpac is the Spanish public packet switched network.

Wilkinson. "The National Physical Laboratory Data Communications Network" (http:/ / www.25 network with a DNIC of 2342. Jim Metzler (2008).25 links at up to 8 Mbit/s in its final phase before being converted to an IP based network.. pp. Michael A. [7] Scantlebury. linking all universities. Peter T. . [2] Martel. pp. Internet2 Internet2 is not an actual network. html). 435–44. html). Grushcow. pp. United Kingdom: Noordhoff International Publishing. Sussex. Some older technologies such as circuit switching have resurfaced with new names such as fast packet switching. Smith.25 network in France. United Kingdom: Noordhoff International Publishing. (1973). J. (1974). Proceedings of the NATO Advanced Study Institute on Computer Communication Networks. PSS also included public dial-up PAD access. html#GEISCO). .. networkworld. Wilkin. M. "THE BNR NETWORK: A CANADIAN EXPERIENCE WITH PACKET SWITCHING TECHNOLOGY" (http:/ / rogerdmoore. R. [4] Pearson. publicly funded research laboratories. C.. . IFIP Congress 1974. Roy D. html). Proceedings of the NATO Advanced Study Institute on Computer Communication Networks. ca/ PS/ NPLPh/ NPL1974A. com/ newsletters/ frame/ 2008/ 0128wan1. higher education establishments. Sussex. D J. "Vint Cerf on why TCP/IP was so long in coming" (http:/ / www. ca/ PS/ EPSSFer/ EF. Proceedings of the 2nd ICCC 74. "EXPERIMENTAL PACKET SWITCHING PROJECT OF THE UK POST OFFICE" (http:/ / rogerdmoore. It was developed locally at about the same time as DataPac in Canada. The X. PSS PSS was the UK Post Office (later to become British Telecom) national X.25 network was based mainly on GEC 4000 series switches. Mischa. Rober R. C. (1973). . "Terminal-Oriented Computer-Communication Networks" (http:/ / rogerdmoore.Packet-switched network 157 JANET JANET was the UK academic and research network. . A. The user no longer saw network identifiers such as the DNIC. html). "Some Design Aspects of a public packet switching network" (http:/ / rogerdmoore. and various InterStream gateways to other services such as Telex. 10–14. [3] Bright. British Telecom renamed PSS under its GNS (Global Network Service) name. html). Transpac Transpac was the national X. Cunningham and M. Raymond L. Proceedings of the IEEE 60 (11): 1408–23. Internet era When Internet connectivity was made available to anyone who could pay for an ISP subscription. and Pickholtz. Researchers have created some experimental networks to complement the existing Internet. Steve.T. "A SURVEY OF PRESENT AND PLANNED GENERAL PURPOSE EUROPEAN DATA AND COMPUTER NETWORKS" (http:/ / rogerdmoore. P. National LambdaRail National LambdaRail is a high-speed national computer network in the United States that runs over fiber-optic lines. but the PSS name has remained better known. It began operation in 1978[25] . It is a research consortium which has created the Abilene Network. html#GEISCO). the distinctions between national networks blurred. (November 1972). ca/ PS/ TONET/ TON. ca/ PS/ EPSSB. ca/ PS/ Kirs1973/ Ki. and run X. ca/ PS/ BNR/ BNRnet. The development was done by the French PTT and influenced by the experimental RCP network. . [6] Schwartz. S. [5] Kirstein. and is the first transcontinental Ethernet network working to establish a direct line of communications between international parties. 223–228. pp. Boorstyn. The JANET network grew out of the 1970s SRCnet (later called SERCnet) network. . rogerdmoore. 199–213. D (1974). Proceedings of the 2nd ICCC 74. References [1] Taylor. .

[12] Després. (1980).J. . . . "Routing and Flow Control in TYMNET" (http:/ / www.J. (APRIL 1981).. Chapter 3: page 20 and further..Transpac in France . 1991..J..R. pp. W.25 Virtual Circuits . (1976). despres. . . ITS APPLICATIONS" (http:/ / rogerdmoore.Pre-Internet Data Networking" (http:/ / remi. 163–170. Conference Record of ICC 80. Computer Networks (North-Holland Publishing Company) 1: 341–348. "Principles of Design in the Octopus Computer network" (http:/ / portal. (1970). html). [21] TYMES.'s PACKET SWITCHING NETWORK. 373–396. Y. dir/ index. (1973).euclideanspace.N. . "TYMNET — A terminal oriented communication network" (http:/ / rogerdmoore. html). Phrack. pp. html). org/ citation. Konig. "A Private Packet Network and Its Application in A Worldwide Integrated Communication Network" (http:/ / rogerdmoore. D. United Kingdom: Noordhoff International Publishing. H. the Experimental Packet-Switched Data Transmission Service of the French PTT: History. pp. html). (1975). Layec. pp. Manchester and Glasgow. html). Proceedings of 2nd ICCC 74.D. Proceedings of the SJCC 1971. Arja-Riitta. Proceedings of ICCC 74.: Prentice-Hall Inc. Proceedings of ICCC '80. . G. Yamaguchi (1980). fr/ Publications/ X25-TPC.zakon. cfm?id=810357). ca/ PS/ NPLPh/ PhilipsA. [20] Sundstrom. G. html). html). the Experimental Packet-Switching Data Transmission Service of the French PTT" (http:/ / rogerdmoore. . IEEE. Liquid Jesus (http://textfiles. dir/ pages/ Octopus. [25] "X.25 data services in GSM network (http:/ / alexandria. Robert H'obbes' Zakon. Conference Record of ICC 80. 171–85. acm. "C. [14] Bache. pp. html). Sussex. "RCP. Long and Y. html). COMPUTER NETWORKS (Englewood Cliffs. H. [17] Lavandera. Luis (1980).5. pp. [9] Pehrson.J. . html). ca/ PS/ RETDB. 311–16. ca/ PS/ CTNEC1. 578–585.1–28. [10] Fletcher. html?issue=18&id=3#article) • EPSS (http://www.Packet-switched network [8] Mendicino. . 517–22. Connections. L. R. ca/ PS/ OCTOA/ OCTO. ca/ PS/ TYMFlow/ TF. info/ Page4. "Libraries as key players at the local level" (http:/ / edoc. . "A PUBLIC PACKET SWITCHING DATA COMMUNICATIONS NETWORK: EIGHT YEARS OF OPERATING EXPERIENCE" (http:/ / rogerdmoore.): 95–100.3. "Fundamental Choices in the Development of RCP.1–39.TUE.com/coms/history/epss/index. Herrera. pp.lt/hacking/icebook2. K.rogerdmoore.1". pdf) Electrical Engineering . B. PROTOCOLS AND PERFORMANCE OF RETD" (http:/ / rogerdmoore. Samuel F. LA ROY W. Proceedings of ICCC 76. L. John G.3. html). "AN ENGINEERING VIEW OF THE LRL OCTOPUS COMPUTER NETWORK" (http:/ / www.group. "ARCHITECTURE. 39. . (1972). Steneker: Graduation Report on X.H. R. ""1980 SNA'S First Six Years: 1974-1980"" (http:/ / rogerdmoore. [15] Alarcia. "RCP.org/robert/ internet/timeline/) • 20+ articles on packet switching in the 70s (http://www. ca/ PS/ RCPBAC/ RB. G. 16 May.4. hu-berlin. Schultz (1980). . [18] Haarala. LA ROY W. N. 158 External links • "The Guide to Hacking & Phreaking. Retrieved 15 June 2011 [24] Tomaru. THE EXPERIMENTAL PACKET-SWITCHED DATA TRANSMISSION SERVICE OF THE FRENCH PTT" (http:/ / rogerdmoore.. T. (1974). tue.org/issues.. Matras. Guillou. ca/ PS/ RCPDEP/ RD. ca/ PS/ TYMNET/ TY.M. A. "The SITA Network" (http:/ / rogerdmoore. html). [19] Chretien. Control" (http:/ / rogerdmoore. ca/ PS/ SITAB. ca/ PS/ RCPHCC/ RH. pp. free. . [11] Burnett. (1974). rogerdmoore.phrack. David L. . 05/3/88 (http://www. nl/ extra1/ afstversl/ E/ 354398.ca/PS) • "An Introduction to Packet Switched Networks".T. [23] H.txt) • "Hobbes' Internet Timeline v8. J.I. Proceedings of the NATO Advanced Study Institute on Computer Communication Networks. 38. ca/ PS/ CTNEA/ CTA. . A. Sethi.5. "1970 OCTOPUS: THE LAWRENCE RADIATION LABORATORY NETWORK" (http:/ / rogerdmoore. IEEE TRANSACTIONS ON COMMUNICATIONS COM-29 (4): 392–98. .. and Rech. de/ conferences/ eunis2001/ e/ Haarala/ HTML/ haarala-ch2. .J. Issue #2".. ca/ PS/ SNA6Y/ SNA6. Zakon Group LLC (http://www. S. html). [13] Bache. 28. Proceedings of 5th ICCC 80. Matras (1976). html). ca/ PS/ HIPA/ HIA.htm) Pictures of the EPSS exchanges in London. Proceedings of ICCC 76. [16] Cuenca. pp. 211–16. html). html). "Packet Switching at Philips Research Laboratories" (http:/ / rogerdmoore. [22] TYMES. computer-history. Kato and S.4.E. IEEE..

Larger packets could be fragmented. in the same events in the early 1970s as the very earliest stage of the development of TCP/IP (see History of the Internet). socket fields were part of the full network address in the PUP header. an optional 2-byte checksum covered the entire packet. although the original documents usually use Pup) was one of the two earliest internetwork protocol suites. individual PUP host pairs on a particular network might use larger packets. formatting. reflecting the experience gained with PUP and IP. the development of PUP split off because Xerox PARC wished to move ahead with implementation.) The entire suite provided routing and packet delivery.25 56 kbit/s host connections. and the checksum. which roughly corresponds to the Internet Protocol (IP) layer in TCP/IP. and for hosts to discover routers. it was created by researchers at Xerox PARC in the mid-1970s. Unlike TCP/IP. In the 1980s Xerox used PUP as the base for the Xerox Network Systems (XNS) protocol suite. A protocol named the Gateway Information Protocol (a remote ancestor of RIP) was used as both the routing protocol. but operating at a lower level. PARC Universal Packet The PARC Universal Packet (commonly abbreviated to PUP. However. routing. if the hosts support them). Basic internetwork protocol The main internetwork layer protocol was PUP. The fundamental design of the PUP suite was substantially complete by 1974. along with numerous applications. and receiving data packets. but no PUP router was required to handle them. History The origins of the PUP suite lie in two developments. an 8-bit host number.  This article incorporates public domain material from the General Services Administration document "Federal Standard 1037C" [1] (in support of MIL-STD-188). as well as higher level functions such as a reliable byte stream. transmitting. some of the protocols in the XNS suite (such as the Internetwork Datagram Protocol) were lightly modified versions of the ones in the PUP suite. Also. . This was a smaller packet size than IP. for use by hosts which did not (yet) know their network number. and the creation of the Ethernet local area network at PARC. which requires all hosts to support at least 576 (but supports packets of up to 65K bytes. so that upper-layer protocols did not need to implement their own demultiplexing. and at least one Terminal Access Controller (TAC). Note: In the Defense Data Network (DDN). similar to IP's ping. but others are quite different. a packet-switching node is usually configured to support up to thirty-two X.Packet-switching node 159 Packet-switching node Packet-switching node: In a packet-switching network. The network number had a particular special value which meant 'this network'. (Technically. a node that contains data switches and equipment for controlling. A full PUP network address consisted of an 8-bit network number. PUP also included a simple echo protocol at the internetwork layer. PUP also supplied packet types (again. but it is also applied to the whole protocol suite. and a 16-bit socket number. the name "PUP" only refers to the internetwork-level protocol. PUP packets were up to 554 bytes long (including the 20 byte PUP header). for in-house use. as many as six 56 kbit/s interswitch trunk (IST) lines to other packet-switching nodes. unlike IP).

291-293 . "Pup: An Internetwork Architecture". Application protocols PUP supported a large number of applications. 1978 and October. Edward A. that demonstration would not have been anything like as powerful as it was without all the capabilities that a working internetwork provided. Taft. as well as manage and terminate the connection. July. PUP was very influential. 1979) Further reading • David R. etc (although some of these capabilities had been seen before. Shoch. the Rendezvous and Termination Protocol (RTP). were basically the same protocols as used on the ARPANET (much as occurred with the TCP/IP suite). Palo Alto. which was used to initiate communication between two entities. which was analogous to TCP. Once RTP had started the connection. Pup Error Protocol (Xerox Parc. The first. and as the foundation for the later XNS protocols. before the arrival of the more modern OSPF and IS-IS. The second was the primary transport layer protocol. Palo Alto. Like TCP. 1999). Boggs. BSP's semantics and operation were in terms of bytes. Taft. New York. RIP. name lookup. page-level remote access to file servers.1980. State Machine for Rendezvous/Termination Protocol (Xerox Parc. 1975) • Jon A.1109/TCOM. remote management. e. Some of them. including protocols for printer spooling. July.g. Metcalfe. June. Naming and Addressing Conventions for Pup (Xerox Parc. 1975) • Edward A. Palo Alto. Hupp. Pup Specifications (Xerox Parc. Others were novel. two protocols came into play. Metcalfe (April. (somewhat modified to match the syntax of addresses of other protocol suites). doi:10. Impact In showing that internetworking ideas were feasible. 1975) • Edward A. References • Edward A. July. Robert M. 1978 and October. • Michael A. However. The Gateway Information Protocol's descendant.1094684. its biggest impact was probably as a key component of the office of the future model first demonstrated at Xerox PARC. Palo Alto. 1980). It is still in use as an interior routing protocol. such as Telnet and File Transfer Protocol. 1978 and October. Taft. Dealers of Lightning: Xerox PARC and the Dawn of the Computer Age (HarperBusiness. remains in wide use today in other protocol suites. Byte Stream Protocol (BSP).PARC Universal Packet 160 Transport layer protocols To establish a transport connection. Pup Network Constants (Xerox Parc. Taft. BSP took over and managed the data transfer. in small sites with simple requirements. pp. IEEE Transactions on Communications 28 (4): 612–624. Hiltzik. 1978 and October. July. One version of RIP served as one of the initial so-called interior gateway protocols for the growing Internet. 1975) • Edward A. Sequenced Packet Protocol. copying disk packs. Robert M. in being influential in the early work on TCP/IP. the ARPANET already made heavy use of remote management for controlling the Interface Message Processors which made it up). Taft. this was discarded in favour of packets for the equivalent protocol in XNS. Palo Alto. John F.

as in some implementations of the Quake III Arena network protocol and game engine. who does not crash. Many game servers are not big enough to handle Denial of Service Attacks. rather. This could be reported quantitatively as an average time in milliseconds. making it hard to judge where the character is exactly. a high ping causes lag. In more modern multiplayer online video games implementations. game programmers often instead build their own latency detection into existing game packets (usually based on the UDP protocol). making the player's gaming experience. or qualitatively as low ping or high ping. ping refers to the network latency between a player's computer (client). Ping is often conflated with lag. Internet connection speed. Ping is also affected by geographical location. For this reason. the server keeps track of where the user's avatar is. A high ping is not the result of lag. it may make players' ping considerably higher. client software will often mandate disconnection if the ping is too high. wireless network interface cards must modulate digital signals into radio signals. and thus more elusive to target. the player aided by the higher ping skips around.Ping (video gaming) 161 Ping (video gaming) In multiplayer online video games. and either the game server or another client (i. making the server liable to crash. The latter usage is common among players of first-person shooter and real-time strategy games. peer).with thresholds as low as 130 milliseconds. playing on a server located in the United States. the quality of a user's Internet service provider and the configuration of firewalls. the distance between the two is greater than it would be for players located within the US. In these games. One may "lag out" due to unacceptably high ping. Servers will often disconnect a client if the ping is too high and it poses a detriment to others' gameplay. very miserable. For instance. users with a high ping unintentionally gain an unfair advantage. Some factors that might affect ping include: network protocol engineering. and autokicking players more. Similarly. Rather than using the traditional ICMP echo request and reply packets to determine ping times. Hacking If a hacker applies a Denial-of-Service Attack on a game server. if someone is in India. which is often more costly than the time it takes an electrical signal to traverse a typical span of cable. many servers automatically remove players with higher than average ping . Cheating In some games. Having a low ping is always desirable because lower latency provides smoother gameplay by allowing faster updates of game data. .e. and therefore it takes longer for data to be transmitted. the amount of packet-switching and network hardware in between the two computers is often more significant. However. so having a high latency will usually be to the user's peril. For instance.

The Layer 1 (Physical Layer) PDU is the bit The Layer 2 (Data Link Layer) PDU is the frame The Layer 3 (Network Layer) PDU is the packet The Layer 4 (Transport Layer) PDU is the segment (e. . Information that is delivered as a unit among peer entities of a network and that may contain control information. The significance of this is that the PDU is the structured information that is passed to a matching protocol layer further along on the data's journey that allows the layer to deliver its intended function or service. When the PDU passes over the interface from the layer that constructed it to the layer that merely delivers it (and therefore does not understand its internal structure). For example. a protocol data unit (PDU) is best understood in relation to a service data unit (SDU). the term protocol data unit (PDU) has the following meanings: 1. 2. a unit of data which is specified in a protocol of a given layer and which consists of protocol-control information and possibly user data of that layer. 2. PDU is sometimes used as a synonym for its representation at that layer. organizing the ones and zeros into chunks of data and getting them safely to the right place on the wire is done by the data link layer. For example: Bridge PDU or iSCSI PDU[1] PDUs are relevant in relation to each of the first 4 layers of the OSI model as follows: 1. The features or services of the network are implemented in distinct "layers". 3. or "peer". the protocol layer will add to the SDU certain data it needs to perform its function. All this additional information. but the lower layer at the interface does not. Between the layers (and between the application and the top-most layer). 4. sending ones and zeros across a wire. decide if it is error-free and where to send it next. In a layered system. In order to do this. passing data chunks over multiple connected networks is done by the network layer and delivery of the data to the right software application at the destination is done by the transport layer. etc. etc. the layers pass service data units across the interfaces. or data. decodes the data to extract the original service data unit. a network address to help with routing. is done by the physical layer. Packet-switched data networks In the context of packet-switched data networks.g. TCP segment) (Layer 5 and above are referred to as data. For example. Unless we have already arrived at the lowest (physical) layer. The application or higher layer understands the structure of the data in the SDU. undertaking to get it to the same interface at the destination. fiber. it might add a port number to identify the application. address information. constitutes the protocol data unit at this layer. it treats it as payload. a code to identify the type of data in the packet and error-checking information. The addition of addressing and control information (which is called encapsulation) to an SDU to form a PDU and the passing of that PDU to the next lower layer as an SDU repeats until the lowest layer is reached and the data passes over some medium as a physical signal.) Given a context pertaining to a specific layer. plus the original service data unit from the higher layer. the PDU is passed to the peer using services of the next lower layer in the protocol "stack". The matching layer. it becomes a service data unit to that layer.Protocol data unit 162 Protocol data unit In telecommunications.

making the crate a PDU. its. When the crate reaches the destination matching its label. emerges. the top-level SDU. and the crate is labelled with the region to which all the bags are to be sent. htm).html) (search for "PDU") . it is opened and the bags (SDUs) removed only to become PDUs when someone reads the code of the destination post office. when it is now an SDU. External links • comp. The letters themselves are SDUs when the bags are opened but become PDUs when the address is read for final delivery.uni-giessen.protocols.Protocol data unit The above process can be likened to the mail system in which a letter (SDU) is placed in an envelope on which is written an address (addressing and control information) making it a PDU. making it now an SDU.de/faq/archiv/osi-protocols/msg00000. bldrdoc. 163 References [1] This article incorporates public domain material from the General Services Administration document "Federal Standard 1037C" (http:/ / www. until it is combined with other bags in a crate. The sending post office might look only at the post code and place the letter in a mail bag so that the address on the envelope can no longer MAC layer PDU becomes physical layer SDU be seen.iso FAQ (http://www. The mail bag is labelled with the destination post code and so becomes a PDU. gov/ fs-1037/ fs-1037c. the letter itself. When the addressee finally opens the envelope.

[1] The Design of Robust RED (RRED) A detection and filter block is added in front of a regular RED block on a router. a packet is suspected to be an attacking packet if it is sent within a short-range after a packet is dropped. T2) 03 if pkt. This is the basic idea of the detection algorithm of Robust RED (RRED). Whilst there are several technologies that are superficially similar to the PSDN. both providing PVCs. and other packet-switching techniques. the term may refer not only to Frame Relay and Asynchronous Transfer Mode (ATM). such as Integrated Services Digital Network (ISDN) and the Digital Subscriber Line (DSL) technologies. T2 is the arrival time of the last packet from any flow that is dropped by the Random Early Detection block. an X. How to distinguish an attacking packet from normal TCP packets is critical in the RRED design.25-based packet-switched network. but also to Internet Protocol (IP). a packet is dropped). Within a benign TCP flow. Robust random early detection The existing Random Early Detection (RED) algorithm and its variants are found vulnerable to emerging attacks. T* is a short time period.Public switched data network 164 Public switched data network A public switched data network (PSDN) is a publicly-available packet-switched network. Originally this term referred only to Packet Switch Stream (PSS). mostly used to provide leased-line connections between local area networks and the Internet using permanent virtual circuits (PVCs). Tmax = max(f.[1] A Robust RED (RRED) algorithm was proposed to improve the TCP throughput against LDoS attacks.g. Experiments have confirmed that the existing RED-like algorithms are notably vulnerable under LDoS attacks due to the oscillating TCP queue size caused by the attacks. The basic idea behind the RRED is to detect and filter out attack packets before a normal RED algorithm is applied to incoming flows.T1. RRED algorithm can significantly improve the performance of TCP under Low-rate Denial of Service attacks. GPRS. Consequently.arrivaltime is within [Tmax. they are not examples of it. ISDN utilizes the PSTN circuit-switched network. distinct from the PSTN. The basic idea behind the RRED is to detect and filter out LDoS attack packets from incoming flows before they feed to the RED algorithm..T1 is the arrival time of the last packet from flow f that is dropped by the detection and filter block. the sender will delay sending new packets if loss is detected (e. usually utilized for access to a packet-switched broadband IP network. Tmax+T*] then 04 reduce local indicator by 1 for each bin corresponding to f 05 else . RRED-ENQUE(pkt) 01 f←RRED-FLOWHASH(pkt) 02 Tmax←MAX(Flow[f]. T2). which is empirically choose to be 10ms in a default RRED algorithm. and DSL uses point-to-point circuit switching communications overlaid on the PSTN local loop (copper wires). especially the Low-rate Denial-of-Service [4] (LDoS) attacks. More Details [4] The Algorithm of the Robust RED (RRED) f.T1. Today.

It automatically calculate and record the average throughput of normal TCP flows before and after DoS attacks to facilitate the analysis of the impact of DoS attacks on normal TCP flows and AQM algorithms. vol. jsp?arnumber=5456075) [2] http:/ / sites.) and Active Queue Management (AQM) algorithms (RED. pp. google.). SFB. ieee. etc.Robust random early detection 06 07 08 09 10 11 12 13 14 15 increase local indicator by 1 for each bin of f Flow[f]. Zhiping Cai. 2010. 489-491. RRED. pdf?attredirects=0). google. Low-rate DoS.T1←pkt. etc. Ref (http:/ / ieeexplore. 14. org/ xpl/ freeabs_all. Jianping Yin.I←maximum of local indicators from bins of f if Flow[f]. and Weifeng Chen.arrivaltime else Flow[f]. Spoofing DoS. com/ site/ cwzhangres/ home/ posts/ recentpublicationsinrandomearlydetectionredschemes .More Details [3] Related Publications Recent Publications in Low-rate Denial-of-Service (LDoS) attacks [12] Recent Publications in Random Early Detection (RED) schemes [2] Recent Publications in Active Queue Management (AQM) schemes [1] References [1] Changwang Zhang. The AQM&DoS Simulation Platform [3] is able to simulate a variety of DoS attacks (Distributed DoS. com/ site/ cwzhangres/ home/ files/ RREDRobustREDAlgorithmtoCounterLow-rateDenial-of-ServiceAttacks.arrivaltime drop(pkt) return 165 More Details [4] The Simulation code of the Robust RED (RRED) The simulation code of the RRED algorithm is published as an Active Queue Management and Denial-of-Service (AQM&DoS) Simulation Platform. IEEE Communications Letters. RRED: Robust RED Algorithm to Counter Low-rate Denial-of-Service Attacks (http:/ / sites.I >=0 then RED-ENQUE(pkt) //pass pkt to the RED block if RED drops pkt then T2←pkt.

org/~skolychev/Net-RawIP-0. Microsoft silently limited Winsock's raw socket support in a non-removable hotfix and offered no further support or workarounds for applications that used them. the media criticized Microsoft asserting that raw sockets are only of use to hackers to perform TCP reset attacks. Three years after the Windows XP release.pm) Created by Sergey Kolychev (http://www.aspx) an indication of what's actually allowed on Windows. Windows XP When Microsoft released Windows XP in 2001 with raw socket support implemented in the Winsock interface. • Network Programming for Microsoft Windows (ISBN 0-7356-1579-9) • A little more info on raw sockets and Windows XP SP2 . Most socket application programming interfaces (APIs).ic. module for Perl applications. • SOCK_RAW Demystified: article describing inner workings of Raw Sockets (http://sock-raw. especially those based on Berkeley sockets.msdn. Usually raw sockets receive packets inclusive of the header. support raw sockets.cpan. When transmitting packets. (http://search.Michael Howard's Web Log (http://blogs.[1] References [1] Microsoft Tightens the Noose on Raw Sockets (http:/ / seclists.Raw socket 166 Raw socket In computer networking.com/ michael_howard/archive/2004/08/12/213611.lg. a raw socket is a socket that allows direct sending and receiving of network packets by applications.al. org/ nmap-hackers/ 2005/ 4) External links • Video Tutorials on Programming with Raw Sockets (http://security-freak.org/papers/ sock_raw) .net/raw-sockets/raw-sockets. bypassing all encapsulation in the networking software of the operating system.ua/~ksv/).html) • Net::RawIP. the automatic addition of a header may be a configurable option of the socket.1/RawIP. as opposed to standard sockets which receive just the packet payload without headers.

com/ view_submission. and signal the start of the actual frame. Not only does the SQLFilter allow users to search for packets across thousands of trace files. The preamble of an Ethernet frame consists of a 56-bit (7-byte) pattern of alternating 1 and 0 bits. it also loads the resulting packets directly into OmniPeek or EtherPeek. and time to fix.SQLFilter 167 SQLFilter SQLFilter [1] is a plugin for OmniPeek that indexes packets and trace files into an SQLite database. The SFD is designed to break this pattern. php?id=33 [2] http:/ / blog. html Start Frame Delimiter The Start Frame Delimiter (SFD) is the 8-bit (1-byte) value marking the end of the preamble of an Ethernet frame. wildpackets. which allows devices on the network to easily detect a new incoming frame. It has the value 10101011. . The SFD is immediately followed by the destination MAC address. For network trouble shooters. wildpackets. The packet database can also be used to build multi-tier data mining and network forensics systems. For a more indepth discussion of the SQLFilter read Packet Data Mining and Network Forensics [2] . The packets can then be searched using SQL queries. As more companies save large quantities of network traffic to disk. The matching packets are loaded directly into OmniPeek and analyzed. This cuts out many of the steps usually involved in this process and dramatically shortens time to knowledge. this revolutionizes the job of finding packets. References [1] https:/ / mypeek. com/ 2009/ 01/ network-forensics. tools like the WildPackets SQLFilter make it possible to search through packet data more efficiently.

The transmission capacity of the link will be shared by only those users who have packets. is also facilitated through the following schemes: • Random frequency-hopping orthogonal frequency division multiple access (RFH-OFDMA) • Code-division multiple access (CDMA). Statistical multiplexing normally implies "on-demand" service rather than one that preallocates resources for each data stream. very similar to dynamic bandwidth allocation (DBA). Usage Examples of statistical multiplexing are: • The MPEG transport stream for digital TV transmission. or (in the case of datagram communication) complete destination address information. Statistical multiplexing allows the bandwidth to be divided arbitrarily among a variable number of channels (while the number of channels and the channel data rate are fixed in TDM). The channel number is denoted Program ID (PID). statistical multiplexing can provide a link utilization improvement. and experience varying delay (while the delay is fixed in TDM). Statistical multiplexing is used to allow several video. which amongst others is utilized in packet switched computer networks. • The UDP and TCP protocols. Statistical multiplexing schemes do not control user data transmissions. the packets may be delivered according to some scheduling discipline for fair queuing or differentiated and/or guaranteed quality of service. Statistical multiplexing ensures that slots will not be wasted (whereas TDM can waste slots). each packet or frame contains a channel/data stream identification number. audio and data streams of different data rates to be transmitted over a bandwidth-limited channel (see #Statistical multiplexer). In statistical multiplexing. Alternatively.Statistical time division multiplexing 168 Statistical time division multiplexing Statistical multiplexing is a type of communication link sharing. where different amount of spreading codes or spreading factors can be assigned to different users. called the statistical multiplexing gain. a communication channel is divided into an arbitrary number of variable bit-rate digital channels or data streams. The packets have constant lengths. each data stream is assigned time slots (of fixed length) or data frames (of variable lengths) that often appear to be scheduled in a randomized order. except that. Statistical multiplexing of an analog channel. Statistical multiplexing is facilitated through packet mode or packet oriented communication. The packets may have varying lengths. When performed correctly. Each stream is divided into packets that normally are delivered asynchronously in a first-come first-serve fashion. while statistical multiplexing is carried out at the data link layer and above. Channel identification In statistical multiplexing. rather than assigning a data stream to the same recurrent time slot in every TDM frame. The port numbers constitute channel identification numbers (and also . This is an alternative to creating a fixed sharing of a link. Comparison with static TDM Time domain statistical multiplexing (packet mode communication) is similar to time-division multiplexing (TDM). where data streams from several application processes are multiplexed together. The link sharing is adapted to the instantaneous traffic demands of the data streams that are transferred over each channel. for example a wireless channel. such as in general time division multiplexing (TDM) and frequency division multiplexing (FDM). Static TDM and other circuit switching is carried out at the physical layer in the OSI model and TCP/IP model.

25 protocol suite was colloquially known as "the Packet switched network" in the 1980s and into the beginning of the 1990s.in effect. CRC-based framing achieves character and start-of-header synchronization. while other systems use ASCII armor. then other special characters to synchronize to the beginning of a frame of characters. and the channel number is denoted Virtual Connection Identifier (VCI).25 and Frame relay packet-switching protocols. . the FSK441 protocol achieves character synchronization by synchronizing on any "space" characters in the message -. External links • Example of Statistical Multiplexing [1] (Chart from a real DVB-T multiplex) References [1] http:/ / igorfuna. com/ dvb-t/ slovenia/ multiplex-a-usage-chart Syncword In computer networks. The multiplexer allocates to each service the bandwidth required for its real-time needs so that services with complex scenes receive more bandwidth than services with less complex ones. The channel identification number consists of a Virtual Connection Identifier (VCI) and a Virtual Path Identifier (VPI). a syncword. This bandwidth sharing technique produces the best video quality at the lowest possible aggregate bandwidth. a statistical multiplexer is a content aggregating device that allows broadcasters to provide the greatest number of audio or video services for a given bandwidth by sharing a pool of fixed bandwidth among multiple services or streams of varying bitrates. where the packets have fixed length. where the packets have varying lengths. a receiver can achieve character synchronization from an undifferentiated bit stream.[1] [2] Various techniques are used to "disguise" bytes of data at the data link layer that might otherwise be (incorrectly) recognized as the sync word. 169 Statistical multiplexer In for example digital audio and video broadcasting. or start-of-header synchronization from a byte stream. • The X. Examples For example an audio receiver is receiving a bit stream of data.25 providers. HDLC uses bit stuffing or "octet stuffing". For example. For example. The international collection of X. using the X. sync character or preamble is used to synchronize a transmission by indicating the end of header information and the start of data. The bisync protocol of the 1960s used a minimum of two ASCII "SYN" characters (0x16…0x16) to achieve character synchronization in an undifferentiated bit stream. without the overhead of an explicit syncword. • The Asynchronous Transfer Mode packet-switched protocol. For example. An example of a syncword is 0x0B77 for an AC-3 encoded stream. every "space" character in the message does double duty as a syncword. Alternatives In some communication systems.Statistical time division multiplexing address information).

It is used for both frame synchronization such as for Ethernet frames. Using a TCP connection gives the computers an easy way to exchange data items too big for a single packet. etc. it is beneficial. . such as video clips. Each protocol has a block of information. preamble is a sequence of known bits are sent in each frame. In most packets this bit is set to 0 and has no effect. called a header. which computer should receive it. This reset lets . The basic protocol used on the Internet is the IP protocol. Although some web pages are small enough for a single packet. in essence. TCP software on the two machines which will communicate (for example a workstation with a browser and a web server) by exchanging a stream of packets. a system for individual computers to exchange electronic messages. This system includes hardware to carry the messages. also known as "forged TCP resets". A TCP reset basically kills a TCP connection instantly. ISBN 9781857283792. email attachments. The computer on the other end (computer B) will continue to send TCP packets since it does not know computer A has crashed.It should not send any more packets using the connections identifying numbers (called ports). google. One common application is the scenario where a computer (we'll call it computer A) crashes while a TCP connection is in progress. as well as channel estimation. the packet size. TCP resets The stream of packets in a TCP connection each contains a TCP header.. Each of these headers contains a bit known as the "reset" (RST) flag. other times. [2] John R. 170 Preamble In digital communication. com/ bisync. Connectivity Knowledge Platform. Headers contain information about which computer sent the packet. . called "protocols". Made IT. it will then receive packets from the old pre-crash connection. the tampering is malicious. TCP (as opposed to other protocols such as UDP) is used with IP when a virtual connection is required between two computers.). or packets of data. References [1] "BiSync. or music files. and can be used to achieve character synchronization in an undifferentiated bit stream. p. in effect. a syncword. TCP/IP is the protocol set used for email and web browsing. Computer communications and networks (http:/ / books. When used as designed this can be a useful tool. and a formalized system for formatting the messages. made-it. BSC" (http:/ / ckp. included near the front of each packet. every character is. com/ books?id=ye4DwILZhq0C& pg=PA12) (2nd ed. When computer A reboots. Sometimes. Computer A has no context for these packets and no way of knowing what to do with them. These terms refer to a method of tampering with Internet communications. Freer (1996). Retrieved July 5. so it might send a TCP reset to the sender of the packets . and discard any further packets it receives with headers indicating they belong to that connection. which is usually coupled with additional protocols such as TCP (Transmission Control Protocol[1] ) or UDP (User Datagram Protocol). Technical Background The Internet is. 2011. 12.Syncword In a self-synchronizing code. "spoofed TCP reset packets" or "TCP reset attacks". Taylor & Francis. however if this bit is set to 1 it indicates to the receiving computer that the computer should immediately stop using the TCP connection . they are sent over TCP connections for convenience. TCP reset attack TCP reset attack. such as copper and fiber optics cables. html).computer B.

and on August 21. com/ id/ 21376597/ ) [6] NNSquad home page (http:/ / www. org/ pipermail/ netfilter/ 2000-May/ 003971. and the open source Snort used TCP resets to disrupt suspicious connections as early as 2003. and then send a "forged" packet containing a TCP reset to one or both endpoints.TCP reset attack computer B know that the connection is no longer working. org/ archives/ interesting-people/ 200805/ msg00163. Comcast Blocks Some Internet Traffic (http:/ / www. ietf.From Dave Faber's IP list . They have also argued that these resets are a legitimate way to reduce network traffic. which could detect Comcast's forged TCP resets and distinguish them from real endpoint-generated resets. msnbc. txt) [2] May 2000 Linux discussion archives (http:/ / lists. Are forgeries good or bad? One obvious application of forged TCP reset is to maliciously disrupt TCP connections without the consent of the two parties which own the endpoints . 2008 it ordered Comcast to terminate the practice.[3] Comcast Controversy By late 2007 Comcast began using forged TCP resets to cripple peer-to-peer and certain groupware applications on their customers computers [4] [5] . The headers in the forged packet must indicate. not the forger. Ironically the technology to detect the resets was developed from the earlier Open-source "Buster" software which used forged resets to block malware and ads in web pages. html) [4] Section of Wikipedia Comcast article [5] Associated Press. org/ archive-1-1429. David Farber. Linux volunteers proposed doing something similar with Linux firewalls in 2000 [2] . netfilter. Every field in the IP and TCP headers must be set to a convincing forged value for the fake reset to trick the endpoint into closing the TCP connection. a Windows software program written by John Bartas. It's possible for a 3rd computer to monitor the TCP packets on the connection. Vint Cerf. html) [3] SNORT discussion archive re: TCP resets (http:/ / www. org/ rfc/ rfc0793. Craig Newmark and other well-known founders of and champions of openness on the Internet. Properly formatted forged TCP resets can be a very effective way to disrupt any TCP connection the forger can monitor. The term "forged" Some representatives of ISPs dislike the use of the term "forged" when referring to these TCP resets. The user on computer B can now try another connection or take other action. falsely. 171 Forging TCP resets In the scenario above the TCP reset bit was sent by a computer which was one of the connection endpoints. html) . msn. org/ ) [7] Article on validity of resets as management tool (http:/ / www. which was followed by the creation of the Network Neutrality Squad (NNSquad) by Lauren Weinstein. A prototype "Buster" software package was demonstrated in 1995 that would send forged resets to any TCP connection which used port numbers in a short list. However.more on this below.[6] In 2008 the NNSquad released the NNSquad Network Measurement Agent. interesting-people. This information includes the endpoint IP addresses and port numbers. that it came from an endpoint. This started a controversy. snort. In January 2008 the FCC announced it would investigate Comcast's use of forged resets. network security systems using forged TCP resets have been designed as well.[7] References [1] TCP specification (http:/ / www. nnsquad.

snort. php). for example.eff. to simulate real-world network conditions such as packet storms • Packets at any layer or sublayer (as those terms are used in. dcs.org/) • EFF report on Comcast use of resets (http://www.[1] References [1] Internet Protocol (IP) (http:/ / penguin. bbk. These "virtual packets" allow heterogeneous networks to talk to each other using a common protocol.TCP reset attack 172 External links • SNORT Official website (http://www. uk/ academic/ networks/ network-layer/ ip/ index. ac. part of a course on computer networking hosted by the University of London .org/wp/packet-forgery-isps-report-comcast-affair) Virtual packet In computer networking. the OSI model) above the most basic packets or frames used in a network. virtual packet may refer to: • Packets created by a packet generator.

Zuras 538.. Mitchdeweber. Nikolas Karalis. Hasek is the best. Thumperward. Rwcgroup. Vanished User 1004. Bovineone. Erkan Yilmaz. Leafyplant. Lamro. Keesiewonder. Naddy. Minimavus. Ttonyb1. Ivan Velikii (2006-2008). Hobartimus. Ark25. Malepheasant.golovko. Y. Rsecker. Ksensenig. Eustress. Woohookitty. THEN WHO WAS PHONE?. Woodshed. Quadra630. Mild Bill Hiccup.php?oldid=444219406  Contributors: Agurwitz. Mezigue. Callidior. Tinton5. Hblackhawks. Y. Mentifisto. Kittoo. Fang Aili. AlfredWalsh. GregorB. Mpeylo. Alansohn. BD2412. SteveSims. Phillip Tyre. Ohnoitsjamie. 143 . Mosquitohawk. Mcingue. Pmsyyz. Psychlohexane. Scieberking. Muhandes. Jeff G. Danhm. West London Dweller. Plasticup. Caliper. Znx. Amilator. Winchelsea. 1 anonymous edits Labris Teknoloji  Source: http://en. Mcingue1. Coolian. Bobo192. Akadruid. Weyes. Brholden. Mezzaluna. Petri Krohn. Hu12. Hmains. Chaitanya. Alduhayman. Rjwilmsi. Calltech. Mailer diablo. CarolGray. Zidane2k1. Fastilysock. Bpringlemeir. Ilyasali khan. Vespristiano. Alvarossjunior.Article Sources and Contributors 173 Article Sources and Contributors Deep packet inspection  Source: http://en. Ninja247. Brackets.php?oldid=447837259  Contributors: Aaron Rotenberg. R. Mehudson1. Towel401. DrachenFyre. Uncle G. Rob1974. Anetode. Ejay. Fatla00. Metadigm. The wub. SmartGuy. Courtarro. Catapult. Ashishkapahi. Garywill. Manoj-jaiswar. Nina1995. Agasta. Mwanner. JohnnyBGood. Washburnmav. MrChrome. Dcoetzee. Chenxiaoqino.sg. DavidBlackwell. Haywire. DerHexer. GayCommunist. Mjpresson. PaulHanson. Alpha Quadrant. SasiSasi. Elenap221. Billhunt. Andreas Kaufmann. Tregoweth. RexNL. Lloyd Wood. Cmdrjameson. Wikidemon. Ned Scott. Ipsla. Apankrat. Eiscosogin. Trevc63. Secretlondon. Iridescent. Robguru. Tkaizan. Yaronf. Nzd. 972 anonymous edits Front Porch  Source: http://en. Funchords. QEDquid. Phil Holmes. Bearcat. Doctaweeks. Tnash7d. Frap. N5iln. Mtmatt. Hellion 468. Jiddisch. Dman727. Katous1978. The wub. Cipher 107.nakul.wikipedia. DaBler. Richard Arthur Norton (1958. Jnc. Bewert. Bobblewik. Surv1v4l1st. Alex91dml. Hmains. MER-C. BioPupil. SamJohnston. Rcawsey. Jim. For Loop. LemonairePaides. Kozuch. Niggurath. Lostforwords. Phaldo. Juliancolton. Ckt2packet. Rubyyasmin. Guy Harris. Vegaswikian. Shuki. Unknown W. Soumyasch. Idaltu. JLaTondre. Ptwopdude. Cmr08.org/w/index. Jimmy 21mar. Dinu. Aaronproot. Everyking. Stepheng3. Mentallo 477. Noq. RockMFR. GavLewis. Ryan Roos. Danroa.php?oldid=396395157  Contributors: Bsimonis. Maytran999. Homestarmy. Center4499. Kgrr. Favonian. JYOuyang. Guyanakoolaid. Numberonegenius. Curps. SimonMackay. Mehudson1. Mineralè. Cotisocetinoiu. KiloByte. Astor14. Bunnyhop11. Pdelong. Gogo Dodo. Aluvus. OCTANE95. Stevebrigden. NapoliRoma. Rich Farmbrough. Romney yw.org/w/index. Ckatz. Visiting1. Elenabrown. Trangana. TheNewPhobia. Guy Harris. JonJuan. Qwertythecat. Shoone. Solarisworld. Kelvingeorge. 117 anonymous edits Allot Communications  Source: http://en. Tinucherian. Jasper Deng. Rsb7. TimQuinn. Agrechin. WadeSimMiser. Daveswagon. Biot. The Anome. JeffJonez.wikipedia. Moe Epsilon. Andareed. Trbdavies. Jalal0. RJFJR. Teles. Beland. Davidstrauss. Colonies Chris. WurmWoode. Molly. SaxicolousOne. WikiDan61. Marathi mulgaa. @pple. Looxix. Sherryp22.matthews. Giraffedata. Mattyinwisconsin. Jbyers. Darth Panda. Ha us 70. Pursey. Red Thrush. Michal Nebyla. Notquiteleet. Machismo500. Routergod. Madhero88. Epbr123. Gilabrand. RandallJones. Chulk90. EagleFan. Agentbla. Apple17cm. 1exec1.org/w/index. Ynhockey. Aldie. Qwyrxian. Gobonobo. CaptainMorgan. Takerman.wikipedia.wikipedia. Guy Harris. Bentogoa. Capricorn42. Pearle. Berford. DaveB549. Jdfirth. Spikehall1234. Viewfinder. SDC. John K. Davidstrauss. M2petite. Epolk. R'n'B.wikipedia. Behildeb. Van helsing. Hmbr. Dr unix. Woohookitty. ZimZalaBim. Tagishsimon. Dflasker. Chris the speller. Xnatedawgx. Lemento. Corvus cornix. John Hyams. Reactor12. Amanfbd2002. Aeons. Rcragun. Madchester. RHaworth.wikipedia. Krystalin 8159. E Wing. Jay. Eros. Veinor. Brianhe. Cradel. JetBlast. Specious. Xyzzy288. Firefighter Dog. Nei1. Uosdwis. Mosquitohawk.org/w/index. Beto. Mitensampat. Ahbond. Junkware. Philip Trueman. B Pete. ChrisRuvolo. Sayden. Lyonspotter. Terrybader. Ftpaddict. Cheemais. JamesAM. Felixcatuk. Edgar181. N328KF. Caltas. Piano non troppo. Dstivers. Downwards. Mr. KD5TVI. Alerante. KansasCity. Storkk. Tri400. Harryboyles. Rjwilmsi. Winheinhtut. Smmgeek. Geofones. KelleyCook. Hansivers. Vijaypadiyar. YUL89YYZ.wikipedia. True Pagan Warrior. Mandarax. OrgasGirl. Kurauchi. Seevinayin.). Djeikyb.org/w/index. Moskovich. Cisco (With Greg). BaRiMzI. Kinu. Scarpy. ManosFate. Ptwopdude. Verified360. Edgarde. FT2. Gwernol. Shinson. Shoeofdeath. Jadams76. Prolog. Derickmoore. Goltz20707. StuffOfInterest. Ixfd64. Powell1605. Tasmanian56. Tqbf. JLaTondre. Therealcolletepierre. Sjc07. S51438. Chrisn4255. Aspenjazz. Spearhead. Ronpeled. Belazu.‫טרול רפאים‬ anonymous edits Cisco Systems  Source: http://en. EXTremY. Langloisgroup. Jwojdylo. PigFlu Oink. Lboulton. Tompsci. Postoak. TexasAndroid. Kbdank71. Quigley. Oli Filth. Jbromhead. Tomlzz1. SusanLesch. Djaydem66. Jessica Schieve. Rjwilmsi. One. Ground Zero. 33 anonymous edits Network intelligence  Source: http://en. Gaius Cornelius. Jevansen. Common Man. SaratogaH. Mgurunathan. Squirrelist. Evrik. Tascha96. Mikeblas. Urbanrenewal. Plasticup. Macpl. Tombomp. Boothy443. Kparisot. Charlemagne11. Kizor. Zidoc. Chkptone.php?oldid=419184275  Contributors: Alexanderrock. XKL. Blowfish. Shortride. Tonkie67. JHunterJ. Davis. Ryan0. Prodoom. ArnoldReinhold. Moheed. Shymian. Jeffcrews. Janegca. Betacommand. GoingBatty. Versus22. Phatom87. UU. Eastofethan.php?oldid=448514851  Contributors: 007007wiki. Arletty75.org/w/index. Astor14. Ryker. Luna Santin. Nathan. Kim Rubin. Malepheasant. Mmernex. Rettetast. Tom harrison. Shashibg. Ebizdaniel. Kateshortforbob. Marokwitz. CliffC. Tycoon24. Admanonline. Astor14. Pylori. Zedla. Beebux. Frap. Psantora. Ferdiaob. Simslover. InShaneee. Stardust8212. Ugilad. Au k. Naugahyde. Teraknor. Pmitrevs. Randirocks37. Giraffedata. Darklilac. Papajohnin. Jacklyne Hamilton. Altenmann. Jopetersen. Barri. Adrian. Nihiltres. Mrmodine. Axiome2. Acdx. G33k-3d1t. Anna Lincoln. FlashSheridan. 1001001. Thepangelinanpost. Kwiki. Sherool. 128 anonymous edits . Sprinter76. Rupertb. Woohookitty. WeisheitSuchen. Stavrinov. Kgrr. Tomich. Casablanca2000in. Sbowers3. Chrisc8266. Aristanet. Rossami. Bender235. Deineka. Chris the speller. Nybubba. Rhsimard. Blaxthos. Pip2andahalf. Chowbok. TonyW. Onoes. Sephiroth storm. Astor14. Moulding. Christopher Kraus. Jamcib. ExplicitImplicity. UncleDouggie. CanisRufus. DMCer.php?oldid=442297051  Contributors: Admanonline. Hydraton31. Exobyte. Jesant13. Rjwilmsi. Colonies Chris. Pathgrant. CliffC. Opelio. DaveBurstein. 0x6D667061. SimonLyall. Kamath. Sbfw. Lpmusix. Dan100. O1001010.php?oldid=446742035  Contributors: A. Cybercobra. Alsee. AliveFreeHappy. Mdecampo8999. Spoonboy42.srinivaas. Kai-Hendrik. Mitchoyoshitaka. Ta bu shi da yu. Dragonnas. JonHarder. Mole2386. Hu12. Kyleflaherty. GraemeL. Rrburke. TaborL. Frecklefoot. DaRaeMan. Koavf. Dawnseeker2000. Ironholds. Senzhang. Apohran. Johnpseudo.php?oldid=440883331  Contributors: Alansohn. Qviri. Papa9090. Rjwilmsi. Rcawsey. OlEnglish. NiZhiDao. Cybercobra. Minesweeper. Martin451. Paperclip777. Kirklander. Frap. Irishguy. Fuhrmanator. Sophus Bie. KevinJones. DutchTreat. Kirill Lokshin. Jim62sch. Frosted14. Hardikp12. Kaplanmyrth. Singularity. Boism. MementoVivere. Instantnood. DocWatson42. Amitnme. Uniwares. Merope. Noir. YUL89YYZ. A Man In Black. Mean as custard. Dragomiloff. NeilN. Tachitsuteto. Rocastelo. Dchapes. Eugman. Surfingslovak. Gsarwa. Baeksu. Truthdowser. Trutkowski. Informationh0b0. Factcheckrz.wikipedia. Peipei. Cisco crisco. Gilabrand. Mbell. AlexeyV. Bumm13. Matilda. BTWheeler. Jerryseinfeld. Hu12. Sietse Snel. Robocoder. King Lopez. Jesse Viviano. RamapoJohn. Qxz.wikipedia. Fry140. BendersGame. Namekatak. BradReeseCom. J04n. Wadamja. Kuru. Michael Hardy. Zigforjustice. Aavindraa. The Thing That Should Not Be. Tjpayne. SMC. 82 anonymous edits Check Point  Source: http://en. EmbeddedBSL. WhisperToMe. Vikipedi. Monkeyman. Meldodd. David. Jcraft50. Brainyiscool. CesarB. TerrierHockey. Nzd. JamesBWatson. JonHarder. Mlluis. Emadido. Cjsmed. Sdaronsky. Astralblue. Netwrecked. Alvestrand. Saffrony. Brooke6969. Piarres.wikipedia. Iridescent. Csabo. Kitch. Cheung1303.php?oldid=425301933  Contributors: Azumanga1. Joy. Crusio.moyal. PAStheLoD. Jeffhane100. Yasakak. Switzpaw. Elphion. GNMC. Shervinafshar. Adambro. Nikai. Dgtsyb. YoavD. Yngvarr. This user has left wikipedia. Harryzilber. Falcorian. Sonar610. Paradoxicalengineer. DJOMaul. 31 anonymous edits NebuAd  Source: http://en. Amcl. Frickeg. Dot-per-inch. Aecis. Kandsten. MARQUIS111. Vsync. Kkm010. Wikipodium. Huiguo01. Bongomatic.wikipedia. Pandich.org/w/index. Sdaman. Lbelkind. Superjordo. Businessmonkey. Vhann. Theaveng. Bleakcomb. Gutenbergj. Thogan. RedWolf. Thorprime. KelleyCook. Mellery. R'n'B.henderson. 16@r. Hairy Dude. Lightmouse. Greenshed. Muzilino. Swliv. Emersoni. Ahunt. Zmiller923. Black206. Bsdguru. Esrever. Yaronf. Wprlh. Qwerty8991. Bunni25. Telecart. Evildeathmath. Dana boomer. Jrdioko. Mt7. Cooldeep. Isonomia. Brian2wood.lala. Rio de serionata. Mmernex. Raanoo. EdJohnston. Sophie. Iridescent. Mar Garina.larsson. 24 anonymous edits Barracuda Networks  Source: http://en. Funchords. Vitor Mazuco. Drughwan. Zodon. Winston earl smith. Oroso. Shawnc. Nishith Nand. Yonatan. TheDJ. OlEnglish. Sandspur1966. KnowledgeOfSelf. Mariguzm.org/w/index. Umers90. Mr. Algotr. Tinton5. Agencius. Shanes. Typhoon. HybRiDx24. Jni. Chrisdab. Bevo. John Hyams. Edgar Waingortin. Oo64eva. Scnash. Shadowjams. Bluemoose. CastAStone. Venus 9274. Codwiki. Gail.bar. Nuance13x. Bill. PaulHanson. Zr2d2. Eric Klein. Riick. D6. Phil Urich. Aymatth2. Xrgtn. Lightmouse.php?oldid=441907094  Contributors: A Doon. Gwernol. Bookbrad. Jamcib. Kelly Martin. Mrmclean. RJHall. Marcus Brute. Scott McNay. 3 anonymous edits Narus (company)  Source: http://en. Ceyockey. Ronambiar. Joseanda1006. Iztoku. Mtruch. Krypticmind. Gmaxwell. Santuccie. Squids and Chips. Amandeep 11. ArtiePesh. Zabby1982. Uncle Dick. Melcombe. Ailanto. Sceptre.org/w/index. Cwolfsheep. Bongwarrior. Sam Hocevar. Filterbob. Whisky drinker.php?oldid=434934453  Contributors: AmySi41. Selene 372.php?oldid=445444053  Contributors: Aspects. Rutruth. Akula4211. Knff. Jvcdude. Robina Fox. HamburgerRadio. Mahewa. Meehawl.moyal. JosephBarillari. SNIyer12. Pristino. Rabhyanker. Goochelaar. Red Thrush. Everyking. GreenJoe. EagleOne. Rhopkins8. HamburgerRadio.org/w/index. 2technical. Mr. Katana0182. Petrinarobins. Kubigula. Jpp42. Plausible to deny. Ziyadbasheer. UrSuS. NPatrick6. Doretel. XSTRIKEx6864. Liquidsnakejr. Harumphy. CraigB. Kll. Brianhe. Pedant17. Tintenfischlein. Mr. Dav92178. Erik. Polly. Bluedisk. Phatom87. Gavint0. Kwsn. Treekids. Levineps. PacketDude. Nonomy.org/w/index. JonHarder. Aesalon. Tide rolls. Abhinvanand. Rednblu. Avaneendra. Barrylb. Sravisha. Apankrat. Tedder. HD999. Hax0rw4ng. DDerby. Larry V. Travelbird. Klapouchy. Mjlodge. Dispenser. Cdowninge. Pooua. Vlad. Humphrey Churchill. Theothertomjones. Annirak. Xcentaur. Nthep. TachyonJack. Truthcommission. CecilWard. Kinawi. Mikepelley. Anthony71. Jcharr. SirGrant. Ed Poor. Deepak175. Presidentman. Alison9. Dawnseeker2000. Chris the speller. Olivier. Neelix. Drmies. 6 anonymous edits Radware  Source: http://en. Flashcube. Eagleal. Wizardman. MikeLynch. Kgrr. AntiVanMan. Labarnah. Lctech. Steven312. Mukis. RadioFan2 (usurped). Rjwilmsi.wikipedia. John. 999mal. The Rambling Man. Pabouk. Coolcaesar. Zvar. RadioFan. Ethyr. Brentyoung. Jpbowen. Tomdo08. DannyDin. Raul654. Austinmurphy. Biker Biker.Smith. Nehle. MartinHagberg. Alepik. KnowledgeOfSelf. Smallfixer.moyal. SomniOne. Ranumao. Alecv. Fredrik. Rick Sidwell. Perspeculum. Liquid Chrome1. Nubiatech. Lightmouse. Ehudshapira. Ernestvoice. Rossumcapek. Anon515. Nealmcb. Storytellershrink. Togaaltos1. Thingg. Edward. AndrewHowse. Piano non troppo. Jenrzzz. Shirt58. Kate. WilliamCaban. Alansohn. Catapult. Voidvector. Scooby3. ProjectmanagerCHKP. Jrtayloriv. Avernet. UnitedStatesian. Jerrycho13. Kimchi. Edcolins. John. Gordon Ecker. Mattsday. Parrot. Andy Marchbanks. Sig0. Srijith2007q. Sigma 7. Airplaneman. 42 anonymous edits Sandvine  Source: http://en. B Pete. Swellesley. WJetChao.org/w/index. MrHat1065. Bomazi. Tiredmain. Jlemos35. Music Sorter. Slashme. Aymatth2. Winton. Ohconfucius. BalkanFever. FranzMeister. Sreifa. Hollaback22. DMG413. Zeroday. Pde. Imperi. Gaius Cornelius. Muhgcee. CrypticBacon. Cdc. Mozart20d. Merzbow. Ash1932. Kigali1. LesPoiEs. Christopher Kraus. Howardtheroarke.

VirulentIdeas. =Josh. JMiall. 11 anonymous edits Datakit  Source: http://en. Black Falcon. Sdedeo. Discospinster.itian. Thumperward. Bryon575. Guy Harris. Lotje.php?oldid=447766851  Contributors: Bearcat. Katharineamy. M3tainfo. Fantasy. The Nut. KConWiki. 85 anonymous edits Berkeley Packet Filter  Source: http://en. Cellspark. Bencejoful. CliffC. IronGargoyle. Zginder. Shyamjithgift. Jim. Mongolmax. Bangowiki.wikipedia. Genetikayos. W163. Jrcla2. Muhgcee. Dawynn. Eraserhead1. Cburnett. Intgr. The Thing That Should Not Be.php?oldid=332546963  Contributors: Babbage. ZeroOne. AmiDaniel.wikipedia. Gonzopancho. P. Ews23.org/w/index.wikipedia. OverlordQ. Bissinger. Msirivia. Carltonh. Yang. Phatom87. Elfguy. Bkil. RickK. Bkonrad. Studerby. Connormah. 4twenty42o. Glenn. Marcika. Taemyr. Vipinhari. Pearle. Timan123. Smohideen2000. SueHay. D6. TheMoog. Beezhive. Jnc. Twobells.php?oldid=447898830  Contributors: Aaronthepro. Tillman. Jim. Duncan. Nagy. Discospinster. Corpx. Oicumayberight. Kbrose. The wub. AAriel42.henderson. Greswik. RoyBoy.php?oldid=442321342  Contributors: Alai. Philip Trueman. Anna Lincoln. Borgx. Whywhenwhohow. Tikiwont. John254. Frap. Mboltz7664. Hadal. Coconuts.wikipedia. Michael Devore. R6144.org/w/index. Aeon1006. C:Amie. Quatloo. GoingBatty. Edcolins. Pboyd04. Foobaz. Collin.php?oldid=435868393  Contributors: Addshore. Stefano85. Johnshepler. 2 anonymous edits Network packet  Source: http://en. Alexius08. Losthighway.wikipedia. Manuel Anastácio. Dcoetzee. QTCaptain. Goldenrowley. South Philly. Tohd8BohaithuGh1. The Anome. La goutte de pluie. Ucla90024.pitre. Capi. Timrem.php?oldid=433421226  Contributors: A. Ocram. Jscroggin. PaulWay. Ayla. Blueronin. Wik. EagleOne. Jnc. Milan Keršláger. Acrosser. Jengelh. Altzinn. Cryptosmith.wikipedia. Sadads. Karl Dickman. Learjeff. Slakr.henderson. Kbdank71. Jrcla2. Eyrian. R Calvete.Fred.telnet.g. 23 anonymous edits Business Control Layer  Source: http://en. Cantons-de-l'Est. Paintman.org/w/index. C. D6. The Anome. W163. Hadrianheugh. Ebraminio. Mhkay. LachlanA.wikipedia. AlephGamma.php?oldid=437684258  Contributors: Adoniscik. Anclation. Osu-mike. Black Kite. Lewisoaten. Erkan Yilmaz. Jiraffe. Jim. Bluebusy. Phani96. N5iln. Richie SWFC. The wub. Wrs1864. Iridescent. Bband11th. Djg2006. Baccala@freesoft. 7 anonymous edits Catenet  Source: http://en. W Nowicki. Mintleaf. Chetvorno. Maximus Rex. Dixonjohnpaul.org/w/index. Nikola Smolenski.org/w/index.org/w/index.php?oldid=408009017  Contributors: Cedars. M4gnum0n.org/w/index. Boleyn. JonHarder. JMiall. Giftlite.org/w/index. Albedo. Gordon Ecker. Gary King. Zacharyjos. Vaquerito. Ans-mo. Peaceray. Cffrost. Roy464.php?oldid=441679490  Contributors: Auric.wikipedia.Hull. Dtcdthingy. Jesse Viviano.wikipedia.muller. JLM.of.org/w/index. JeffBurdges. Daichinger. CesarB. Linuxbeak. Thepulse2007. Shaw. Can't sleep. Graham87. Android Mouse. Daniel farrell. Caydel. Perry Bebbington.wikipedia. Kwi. Eric Shalov. W Nowicki. Svick. Robofish.wikipedia. 134 anonymous edits Stonesoft Corporation  Source: http://en. Dondegroovily. TNLNYC. Intgr. Alfrodull.dai. Jpbowen.php?oldid=439892905  Contributors: Ankur19852007.wikipedia. Etacar11. Kenny sh.org/w/index.henderson. KennethJ. Angr.php?oldid=438289667  Contributors: Alan Liefting. RichardVeryard. Edward. Bswilson. PaulHanson. Glamourtree. Random user 39849958. Bucketsofg.php?oldid=398953190  Contributors: Dthomsen8. Torla42. Greenshed. 6 anonymous edits Broadcasting (computing)  Source: http://en. Nbilogorskiy. Black Kite. CarlHewitt. Hmains. Bobo The Ninja.org. ConradPino. Jm34harvey. Anthony Appleyard. Rajah. Yuriz.php?oldid=332547061  Contributors: 1exec1. Bryan Derksen. Storkk. Zondor. SimonP. Elonka. Unyoyega. Huon. Eastlaw. Capricorn42. Joris. Sgeo.org/w/index. Park3r. Celarnor. Can't sleep. Mlewis000. Avicennasis.wikipedia. Martarius. Robert K S. Demophon. YUL89YYZ. Michael Snow. Mozzerati. Donreed. RazorICE. Neutrality. CanadianLinuxUser. Kazfernandes. Daicaregos. Leif.php?oldid=445291190  Contributors: AdjustShift. ImGz. Remuel. Chrisdab. Cybercobra. Nurasko. Barticus88. DaveBurstein. Lockley. Haichen12. Takamaxa. Woohookitty.wikipedia. 123Hedgehog456.org/w/index. TheKoG. Unforgettableid. Cheatochris13. Hadal. Rich Farmbrough. Chrisdab. Edaelon. Mleoking. Лев Дубовой. Rick Sidwell. Dimadick. Ahunt. Capricorn42. Thomascjackson. Noorg. 9 anonymous edits Cisco Express Forwarding  Source: http://en. InfoElfiq. Alvestrand. Michael Hardy. Frehley.wikipedia. Edward Z. PaulHanson. Captain-tucker. Francs2000. Scarian. Peter Ellis. Aitias. Kvng. Steven. Bigbluefish. Kbrose. Kyonmelg. 8 anonymous edits Black hole (networking)  Source: http://en. Pig de Wig. 19 anonymous edits Blue (queue management algorithm)  Source: http://en. Jkl. Mro. CharlotteWebb. Trasz.henderson.php?oldid=448568520  Contributors: !Darkfire!6'28'14.wikipedia. Ian Yorston. Nasa-verve. Judgesurreal777. Jni. Pnm. Middayexpress. Leafyplant. Latitudinarian. Red Director. clown will eat me.php?oldid=375135832  Contributors: Dpr. Chuck369. Guy Harris. Reliablesources. Benjaminmin. B Pete. Nbirkel. Jec. Chun-hian.wikipedia. AlistairMcMillan. Porturology. Jnc. Darth Panda.org/w/index. Chris55. Lethe. Mirv. Fang Aili. BananaFiend. Jim. Nmacu. Arastcp.wikipedia. Martin451. Alansohn. Maniamin. Michael Hardy. Icey. The Anome Chernobyl packet  Source: http://en. Jeh. Alex Middleton. Intgr.harris1. Craiglew1508. CecilWard. JordoCo.org/w/index. Foaly19. Retran. Pb30. 9Nak. Mindmatrix. Flatterworld. Eyreland. Amirpak 86. Ash. Brownh2o. Javacat.org/w/index. Dcoetzee. Brholden.doom. Ale jrb.org/w/index.org/w/index. Rdmoore6. Bayerischermann.org/w/index. Ryan Roos.org/w/index. JonHarder. Alan216. Xmm0. Wine Guy. Helix84. Borgx. Ameliorate!. Remuel.php?oldid=431099959  Contributors: Chowbok.org/w/index. JonHarder. HereToHelp. DataWraith. Timneu22. Roofbird. D o z y.. SCΛRECROW. Mleoking. West. 28 anonymous edits Deterministic jitter  Source: http://en. Jeck. FruitMonkey.org/w/index. Boscobiscotti. Ixfd64. Addihockey10. Scott5114. 5 anonymous edits Donald Davies  Source: http://en. Crystallina. Hectorthebat. 9 anonymous edits Firewall (computing)  Source: http://en. Ibarrere. Rror. Easyas12c. J0lt C0la. Edward. Slightsmile. Graphitesmoothie. Frap. Deb. GoingBatty. Koavf. HupHollandHup. Cxxl. Sarath02. Adoniscik. Incnis Mrsi. Kyonmelg. JonHarder. Biot. EncMstr. Barakw.php?oldid=332546973  Contributors: Alerante.org/w/index. Jpbowen. Andem. Simple Bob. Manoj2009patel20dec. Sgeo. Dawynn. Rettetast.benko. Abaddon314159. Jim. Lemeza Kosugi. Bender235.org/w/index. Apparition11. Freeingmind. Cryptic C62. Booster4324. JonHarder. G7huiben. Ahoerstemeier. Woohookitty Theta Networks  Source: http://en. Torla42. Flewis. Icairns.Harris. Cander0000. JLaTondre. RunBAMrunfaster. Eric Klein. Aviv007. Vulturell. Hqb. Toffile. Golddragon24. Devil0150.wikipedia. Nickaubert. Blahu77. S. R'n'B. CrescentCaren. Soldier. Uncle Dick.php?oldid=445083184  Contributors: Alvestrand. Johnuniq. Rsduhamel. Joel7687. Crakkpot. P1h3r1e3d13. BrainyBroad. Copsewood. Zack. MPerel.php?oldid=440433412  Contributors: Bearcat. Bazsi. Sreeji. Janziff. CanisRufus. Fernvale. 1 anonymous edits Datagram  Source: http://en. Rjgodoy. YellowMonkey. Arakunem. Yuriybrisk. EdH. 151 anonymous edits Active queue management  Source: http://en.henderson. Robert K S. Jim.php?oldid=434903517  Contributors: Alinja. TTZnju. Mr Sheep Measham. Blanchardb. Mike Rosoft. Pgautier-neuze. CoolingGibbon. Gronky. DSatz. Widefox. Hairy Dude. SymlynX. Aejr120. Hqb. Antandrus. Remarks999. Chzz. Crystallina.andrew. Tombrend. Oe2k.wikipedia. Rich Farmbrough. Deineka. Triwbe. Warrickball. CarlHewitt. 26 anonymous edits Data Path Acceleration Architecture (DPAA)  Source: http://en. Kvng. Kbdank71. All Hallow's Wraith. Unaizu. Glenn. Caerwine. Casey Abell.org/w/index. Mysidia.php?oldid=354091201  Contributors: Adoniscik. Jeff Paine. Phatom87. Jaimie Henry. Marasmusine. Pyrop. Toon05. Phatmonkey. Jeffq. SocratesJedi. DrDry55. Karstbj. CesarB.henderson. EdH. Splash. Bobo192. TheParanoidOne.wikipedia. 5 anonymous edits Cut-through switching  Source: http://en. Ryan Postlethwaite. Jcmcclurg. Mange01. Wihwang. Owen. Teles. Calabraxthis. Kbrose. Brianga. Anabus. Srimech. Cit helper. Dogaroon. Bevo. Bryan Derksen. Beetstra. Interbay. Kvng. Rick Burns. Petr Kopač. Networkengine.org/w/index. B. Olivier Debre. Jnc. C'est moi. Wilhelmina Will Data-dependent jitter  Source: http://en. Kbh3rd. Jec. TravisTX. ChibaRagi. Storkk. Sinisterjim. R.org/w/index.wikipedia.wikipedia. Wildwild. Dante Alighieri. Cander0000.php?oldid=442910119  Contributors: 2doorsdown. Storkk. Stepheng3. Frap.php?oldid=425344853  Contributors: CactusWriter. GcSwRhIc. Mithaca. Timrollpickering. Kgrr. Chriswaterguy. Avono. Trevor.php?oldid=444144130  Contributors: Alan Liefting. Jim. Suruena. Adrian. Rich Farmbrough. The Anome. Timotheus Canens. Stevenmyan Dynamic Packet Transport  Source: http://en. Ched Davis. Haseo9999. Alphachimp.wikipedia.php?oldid=409262059  Contributors: Alansohn. JECompton.sarcasm. Biot. Rameshbabu.wikipedia. Lawrennd. JonHarder. Jamesd. Useight. 174 . Harmil. Suruena. Caerwine.org/w/index. Henk. Backpackadam. Retired username. Obvious. Jcy1978. LeaveSleaves. Maradine. Nbarbettini. Hooperbloob. 4 anonymous edits Christmas tree packet  Source: http://en. Ketiltrout. CesarB.php?oldid=444739845  Contributors: 16@r. clown will eat me. Cmdrjameson. Valentinejoesmith. Joy. Joyous!. Jcrifasi. Andrei Stroe. Cutter. Wireless friend. Nurcanyilmaz. Vivio Testarossa. Motyka. Kubanczyk. Beno1000.NaZ. Dream of Goats. Hetar. Masterknighted. 1 anonymous edits Fast packet switching  Source: http://en. Derbeth. Asqueella. Closedmouth. Lerdsuwa. Berford. Shaddack. Crystallina. Emersoni. Boomshadow. Moonraker12. Chowbok. Incnis Mrsi. Mr. Mboverload. Heron. Paul Weaver. Tassedethe. Schusch.Article Sources and Contributors SonicWALL  Source: http://en. Apy886. Kbrose. Badgernet. Bearcat. 9 anonymous edits Context-based access control  Source: http://en. 7 anonymous edits Paul Baran  Source: http://en. Bugkarma. 18 anonymous edits Viaedge  Source: http://en.wikipedia. SDC. Dawynn. Jpbowen.henderson.wikipedia. Gascreed.

ToobMug.org/w/index. Njmanson. Dcoetzee. Debresser. 11 anonymous edits Jitter  Source: http://en. WilliamSun. Wk muriithi. Mange01. 297 anonymous edits Link state packet  Source: http://en. Wubrgamer. Interiot. Jeff G. Cillie. EdwinGroothuis. Hussam92. Ascánder. OwenX. TheRa'ike. Dandorid. Spazure. Kubanczyk.org/w/index. Jhi247. Mac. Kubanczyk. Dark Lord of the Sith. Wmahan. Fang Aili. Heywüd. Cheetoian. DoogieConverted. Mike. JonHarder. JTN. Radagast83. OlEnglish. GDallimore. Nakon. Rror. LeinaD natipaC. Ptk. 4 anonymous edits GSM 03. Mariagor. Simetrical. Random name. Unschool. Bubbachuck. VernoWhitney. KnowledgeOfSelf. JanCeuleers. JonHarder. DerHexer. Jramsey. Fulizer. Hokiehead. Toffile. Goodyhusband. ENeville. Muheer. Ancheta Wis. Closedmouth. Scientus. MartinHarper. KnowledgeOfSelf. Geffmax.amdphreak. Frap. Jalara. New Age Retro Hippie. Hibernian. DSatz. EBorisch. KCinDC. JonHarder. Johnshepler. Eldraco. Theymos. J Milburn. JSpung. Firefly322. AB. Sceptre. Rod57.mtview. Michael Hardy. Thingg. Emperorbma. 3 anonymous edits Maximum segment size  Source: http://en. Pabouk. Lee Carre. Blakewestwood. Feureau. Prunesqualer. Hu12. Electron. Burfdl.php?oldid=440686361  Contributors: AdmJamrep-NJITWILL. Sephiroth storm. Akassix. Inov8er. Guoguo12. Dawynn.org/w/index. Geoff B.org/w/index.wikipedia. Sepersann. LeoNomis. Ttwaring. Cougar w.batters.piegorsch. HappyCamper. Seba5618. NetRolller 3D. Njaard. Learjeff. Tobias Bergemann. Japanese Searobin. Monkeyman. MrBenCai. FreplySpang. Matthäus Wander. Qwyrxian. Dysepsion. The Garden Gnome. DonDiego. Mc6809e. Kyleflaherty. Aleksey Gerasimov. Emailtonaved. Stuartyeates. Storkk. BlueEarth. Pabouk. Isilanes.wikipedia. Xaosflux. Fastily. Da monster under your bed. Schmitt. Phatmonkey. Pissant. Kbdank71. Crazysane. Justin20. Florescent. Lucy1981. TutterMouse. Pnm. Jan1nad. UncleBubba. NewEnglandYankee. Verfee. Hadal. Epbr123. Kablammo. CanisRufus. Drmies. Benlisquare. Storkk. MrOllie. Seddon. Someguy1221. Manop. Mr. Transcend. MMuzammils. CYD. Equendil. Charles Matthews. Sanfranman59. EddieNiedzwiecki. Mwalsh34. Dysprosia. Weylin. DVdm. Jlavepoze. Gdt. Raanoo. Lee Carre. 138 anonymous edits Jumbo frame  Source: http://en. Niteowlneils.org/w/index. Zeroshell. Qxz. Danhm. Taxman. The Kinslayer. CesarB. DMahalko.bar. Loren. 1263 anonymous edits Frame (networking)  Source: http://en.php?oldid=438815409  Contributors: Bearcat. Furrykef. Rchandra. XandroZ. Sporkmonger. Minnaert. Deelkar. Ophel. RayneZXZX. 9 anonymous edits Lag  Source: http://en.wikipedia. Fightingirishfan. Zabanio. Sysy909. RoMo37. Kralizec!. Nneonneo. Gaiterin. Wahooker. Tim874536. Ilpostinouno. Nunquam Dormio. Cubbyhouse. Fresheneesz. SarahKitty. LegitimateAndEvenCompelling. Cwolfsheep. NawlinWiki. NellieBly. Piet Delport. Rumping. TexasAndroid. Manuel Anastácio. Ramu50. Kizor. Seb az86556. Jennavecia. Cybercobra. Willisja. Thatguyflint. BazookaJoe. Bookandcoffee. Suruena. Mro. Gerbrant. Marek69. Joyous!. Prashanthns. Kevin Saff. Rbmcnutt. Visor. Kgentryjr. Vlhsrp. L33th4x0rguy. Apshore. Kbdank71. EQ5afN2M. OlEnglish. JonHarder. Kvng. RoyBoy. Timotab. Matticus78. Desirsar. Khirbat. NightFalcon90909. ILRainyday. JohnCub.wikipedia. Jay. Henry W. RadioActive. Muhandes.fachkha. N328KF. Tsunanet.wikipedia. Hoods11. Flewis. Boscobiscotti. Danutz. Hamzanaqvi. Hazawazawaza. SlipperyHippo. CosineKitty. Fabioj. Attilios. PuzzletChung. Rwessel. Nageh. Rninneman. Wk muriithi. December21st2012Freak. Woohookitty. Jpbowen. Rich Farmbrough. HatlessAtlas. Can't sleep. Tellyaddict. John Siau. Iune. Erencexor. The Anome. Kvng. Mikm. Davipo. Jeff G. Rick Sidwell. Spartanhelmet. Rsrikanth05. Mirv. Tom k&e. Husond.org/w/index. YUL89YYZ. Topspinslams. Tad Lincoln. Frecklefoot. Mspraveen. Prasan21. Vrenator. Jchandlerhall. David Haslam. Dan6hell66. Twinxor. Ham Pastrami. DevastatorIIC. Jrmwng. Demonkoryu. Trevor1. Tdcrone. JonHarder. Rich Farmbrough. Expertour. Pmattos. DStoykov. Mrlumpycole.php?oldid=448310043  Contributors: Closedmouth. JonHarder. Newone. Smallgene.wilton. NortyNort. Sam Hocevar. KnowledgeOfSelf. Jec. Neurolysis.wikipedia. Hetar. Insanity Incarnate. Rs2. Lee Carre. Ws227. Charles Matthews. Lubos. Nachoman-au. Grammarmonger. ElKevbo. Joy. JForget. MickWest. RJFJR. Waelder. Splintercellguy. Hpa. Phoenix314. LachlanA. Just James. Cmdrjameson. DeadEyeArrow. LeonTang. Scetoaux. Henriquevicente. Mwanner. Storkk.php?oldid=445711028  Contributors: 1ForTheMoney. Miremare. Requestion. Dbrooksgta. GTBacchus. Everyking. OlavN. K001.org/w/index. Dman727. Martarius. Fahadsadah.. Tjbk tjb. Vilerage. Mild Bill Hiccup. Matt Britt. Iokerapid. Wtfnoob. Jalal0. Seb26. Ciaran H. Mange01. Gogo Dodo. Acegik. Indefatigable. Thearcher4. Lakshmin. Cavebear42. Purpleslog. 18 anonymous edits 175 . Batmanand. Hax0rw4ng. NeonMerlin. Pabouk. TombraideerIIdeadmanschest. Peter. Ryan Roos. Kvng. Linkoman. Otisjimmy1. Richard001. Wknight94. Lukevenegas. FatalError. Missionary. Daichinger. Lauk.org/w/index. Nick Number. Draglon. T Houdijk. EliasAlucard. Accdude92. ADobkin. El C. Maheshkumaryadav. WikiLaurent. 4 anonymous edits Gigapackets  Source: http://en. Turnstep. DESiegel.org/w/index. Crissov. Djdancy. JDavis680. Creed1928. Gc9580. Kglavin. Suicidalhamster. Nuttycoconut. Oli Filth. TripleF. Ohnoitsjamie. Rtouret. Split Infinity. Barcex. Peyre. Oddbodz. DemonThing. Zetawoof. Gatta. TheCommunist1994. Debresser. Piet Delport. Rafiwiki. Auric. Alksub. Giftlite. Why Not A Duck. Enric Naval. Graphitesmoothie. Colin Marquardt. Kvng. Chenzw. Katharineamy. Storkk. Iamxsj. Killiondude.wikipedia. Theda. Vinucube. Grapht. Bryan Derksen. Gracefool.kandy. CecilWard. Djg2006. Siroxo. Rami R. MichaelMan64. Hairy Dude. Emmzyy. Mysterytrey. M347758.org/w/index. Dismas. Tapuwiki IPv6 packet  Source: http://en. Nealmcb. Stevenmyan. Info lover. Petzi1969. OisinisiO. Racerboy. Trevor MacInnis. MarkRose. Nnp. Malo. Nachico. Alansohn. Imcdnzl.wikipedia. Xaje. Weylinp. Mcicogni. Leszek Jańczuk. Rjwilmsi. 5tych5.delanoy. Nmadhubala. Hungery. Mange01. The Anome. Lolsalad.org/w/index.wikipedia. L'Aquatique. Huyi. GoodwinC. DJ Clayworth. Cybjit.php?oldid=436367126  Contributors: Bobblewik. Deville. Ulrichlang. Quentin X. Tcosta. Dcampbell30. Richard. Jeffrey Mall. Waskage. Paul. Widefox. Mattgibson. Canis Lupus. Jmprtice. Khym Chanur. Tbhotch. Doug. Intchanter.php?oldid=446204325  Contributors: A5b. Liveste. Jfilcik. Tinton5. Philip Trueman. Fynali. Jusdafax. Discospinster. Robbie Cook. Chair Blaster. Bvavasseur. Wimt. Ary29. Grand Edgemaster. JonnyJinx. Hugger and kisser. Tranzent. Legotech. Mandramas. Dols. Viriditas.php?oldid=444465818  Contributors: Alq131. Sg313d. Kvng.0. Netalarm. Codinghorror. Frap. R'n'B. FisherQueen. Gardar Rurak. Secret. Woohookitty. Electron9. Omegatron. Rbarreira. RedWolf. G7yunghi. CyberSkull. Shawniverson. KnightLago. Pb30. Wmasterj. Mattloaf1. Hairy Dude. Ordo.wikipedia. Eequor. JzG. Wai Wai. NawlinWiki. Disorganized 676. Nuno Tavares. Woohookitty. Twinkie Assassin. Badmonkey0001. Greenrd. Randilyn. Stephenb. Teenboi001. Venom8599. Vakanuvis789. Nihiltres. Mitaphane. WikiDao. 28 anonymous edits G. Jóna Þórunn. Moreati. Smalljim. Jaraics. Milan Kerslager. MichaelGoldshteyn. Cryptosmith. Rebel. Intgr. AlistairMcMillan. La Pianista. Intgr. Egil. Ch'marr. Dougher. Possum. Heywüd. Harkathmaker. Mashby. Kamathvasudev. Doctorfluffy. Eliteops1. Pinethicket. Woohookitty. Fresheneesz. Ground Zero. Rp751786. Stephen G. Pharos. Jackrockstar. Hadal. Luna Santin. Dfranke. Meaghan. Watson Ladd. Prari. Edcolins. Diberri.henderson. JasonTWL. Adrignola. Sitearm. CASE. Stratadrake. JonHarder. Rocketgoat. FunkyBike1. Dse.php?oldid=443908554  Contributors: Adoniscik. Griffenboy. FreplySpang. Forenti. Qrsdogg. Jec. Tobias Bergemann. ZimZalaBim. Patrick. Robofish. Wtmitchell. WPANI. TheGreatFoo. Isheden. JonHarder. Janitor5. Object01. SecPHD. J. Jclemens.pande. Deville. Gstroot. ST47. Nneonneo. Yk Yk Yk. Marcuswittig. 8 anonymous edits Packet loss  Source: http://en. JYOuyang. Femto. LilHelpa. DeathByROFL. JonHarder. Graham87.php?oldid=422163972  Contributors: AndreasWittenstein. Terronis. Wikialoft. Pielover87. Wiki Wikardo. Lir. Tombomp. AndrewMollison. WikipedianMarlith. MER-C. Josemi. Simeon H. Yama. Wavelength. Rev3rend. Cwolfsheep. Stonehead. Danshelb. TenOfAllTrades. Intgr. Jeh.delanoy. Cmathio. CraigB. Rivanvx. Kenyon. The Thing That Should Not Be. Boardtc. 38 anonymous edits Frame check sequence  Source: http://en. Nimiew. Dandorid. Davidoff. Nasa-verve. Skacel8. HarisM. OpenToppedBus. Tim. Convenient ByStander. Hans Persson. Regancy42. Brown. Danski14. clown will eat me. Materialscientist. SoCalSuperEagle. Mark Chung. Noctibus. Sensiblekid.php?oldid=423816246  Contributors: ArtsCountyFair. Markrpw. Knacker ITA. Ryan Roos. Heron.org/w/index. Rpspeck. Wyatt915. Nwk. Zack. Tbird1965. Tushard mwti. BigFatBuddha. Mendaliv. Javert. MJ94. Imcdnzl. TheMandarin. Gascreed. Dreadstar. Fish and karate. Greg Grahame. L337p4wn. Tide rolls. Harland1. Materialscientist. Jurgen Hissen. Jpgordon. Sferrier. Poccil. Zntrip. Dandorid. Mad9cat. Drbreznjev. Rigworm. Elcasc. Wheely Guy. Keegscee. Wsmarz. Elieb001. Imroy. Occamsrazorwit. Tcncv. Dzordzm.org/w/index. Gurch.php?oldid=436864929  Contributors: 16@r. Jibjibjib. Talyian. Lets Enjoy Life.8261  Source: http://en. Rjwilmsi. Ciphergoth. Mrwojo. Od Mishehu. Lilac Soul. Eagleamn. DragonHawk.Article Sources and Contributors Corvus cornix. Vendettax. Equazcion. Thoobik. Kyonmelg. Kjwu. Chris the speller. Hps@hps. Mctmike. Mrzaius. V8rik. Wrs1864. Paul D. Tlesher. Frap. Leizer.Dunstan. Jusdafax. Lincolnite. Blahbleh. Michael Hardy. ShyShocker. Bobbis. Brianjd. The undertow. Casablanca2000in. DavidChipman.wikipedia. Rurigok. W Nowicki. Rchandra. Wordwizz. Julesd. OGoncho. Mernen. Skrewz. Chscholz. Cenarium. JonHarder. BeaverWithChainsaw. Jaho. Eraserhead1. Haakon. Woohookitty. Jigesh. Jebba. TheYmode. Vonvon. Akendall.wikipedia. Mix Bouda-Lycaon.org/w/index. Gurch. Lockeownzj00.wikipedia. 8 anonymous edits Martian packet  Source: http://en. DARTH SIDIOUS 2. Megaboz. Schlyne. Biot. Stephenman882. 54 anonymous edits Jumbogram  Source: http://en. Dcoetzee. Allen3. Robertvan1. Shiro jdn.wikipedia. LeaveSleaves. Luna Santin. Rl. Seano1. Bagatelle. Chrumps. Rwxrwxrwx. Persian Poet Gal.php?oldid=441847423  Contributors: Achilles2.php?oldid=407829618  Contributors: Alan Liefting. Kbrose. Gogo Dodo. Osky283. Indefatigable. Da Vynci. Jim.wikipedia. Deville. Σ. Tigermonkey. Nposs. Arkrishna. Phatom87. Noctibus. Jdeere man.C. Radiant!. Petzi1969. Johnaduley. Piano non troppo. Roseurey. Phatom87. Oxymoron83. Nancy. Snigbrook. Quercusrobur. PrestonH. Katalaveno. Douggie1085. Phatom87. JohnCD. Kandarp. Tevildo. Moldylemonmedia. Ricky81682. CohenTheBavarian. FleetCommand. Frap. Mysdaao. Sparky132. Kf4yfd. Booch. LOL. Willy on Wheels over Ethernet. Rj. Netsnipe. Harryboyles. Eyreland. Msebast. SGGH. Kealper. Suruena. Kozuch. Kenyon. Lee Carre. Josh Parris. Amire80. Dean14. Satori Son. Thecheesykid. RainbowCrane. Robofish. Wrs1864. DerHexer. Sephiroth storm. Tide rolls.. Sleske. Firsfron. Joseaperez. Sheridp. S0me l0ser. Sgeo. Spearhead. Casito. Mygerardromance. The Anome. Brewcrewer. Lambtron. SkyWalker. Gonzonoir. Guitardemon666. Coolhandscot. Aulis Eskola. Postrach. Meandtheshell. Anonymous Dissident. CanisRufus. Kbrose. Fragglet.php?oldid=441693061  Contributors: Dub13. Rich Farmbrough. 52 anonymous edits Mangled packet  Source: http://en. E Wing.php?oldid=446854804  Contributors: Abdull. DGJM. Ghaly. Kbrose. Mouchoir le Souris. Gilliam. Ross Fraser. Claude. Kvladiko. Cometstyles. Yik Lin Khoo. Shawnj99. Jec. Mailer diablo. Bobo192. Haqpunk. Eponymosity. Ggiust. Ixfd64. Mindmatrix. Tinucherian. Halmstad. Red856. Hiebert. Red Thrush. Maxamegalon2000. Haseo9999. Phirenzic. MercuryFree. KangKnight. Kinema. Karnesky. Voidxor. Escape Orbit.48  Source: http://en. Nuno Tavares. Reguiieee. Ouzo. Debackerl. Skyezx. Nasa-verve. Elagatis. Deewiant. Ju66l3r. Ifeme. VasilievVV. Tommysander. JZelos. Silver seren. Ruzihm. David. Frap. J. Lee Carre. Mortein. Anderson. Muhandes. Slakr. Dmccreary. LachlanA. Arise Sir Loin of Beef. CronoDAS. Damadm00. CesarB. Jimyoo. Kermesbeere. Yorick8080. Suruena. Πrate. Purplepumpkins. Bevo. Statkit1.org/w/index. SJP. Aarktica. Gxojo. Cyndler. Ricky. Jtir. Fudoreaper. JonHarder. Stevietheman. DagErlingSmørgrav. Soap. Lordjamex. Ntolkin. Jobeard.

Brewhahaitsme. Manaskb. Chancemill. Selfev.org/w/index. Tmaufer. CarlHewitt. Tom94022. Liotier. Nicenevil. Ground Zero. Logictheo. Niteowlneils. Тиверополник. Meredyth. Mleoking. Onthegogo. Alxeedo. Gazpacho. Rich Farmbrough. Zackman90. Fishyghost. David-Sarah Hopwood. Gbelknap. Fredeccles. 16 anonymous edits Packet concatenation  Source: http://en.php?oldid=447756520  Contributors: AManWithNoPlan. Mange01. Unixguy. Kablammo. Rogue Editor. BradBeattie. Тиверополник. EGSchwartz. Dnas. Dawnseeker2000. Winterst. AlphaPyro. Dgrahame. BertK. DragonflySixtyseven. My007ms.0. Jamescfield. Teemu Maki. Hooperbloob. Philip Trueman. Benhoyt. Someone42. R'n'B. Epbr123.henderson.wikipedia. I2so4. Isnow. Woohookitty. Casey Abell. A. MS3FGX. Smsarmad.php?oldid=418128155  Contributors: KelleyCook Packet drop attack  Source: http://en. Michael Devore. Bradyok. 7 anonymous edits Out-of-order delivery  Source: http://en.wikipedia.126. Kai. NawlinWiki. Thparkth. Tonkie67.php?oldid=421972347  Contributors: AlistairMcMillan. Hm2k. Coolgamer. Abune. Tempshill. Bobier. Discospinster. Mange01. Storkk. Guy Harris.H. Reliablesources. Capricorn42. Karada.php?oldid=442837325  Contributors: Bbx. Hgmichna. Kbrose. Bp2010. Gaius Cornelius. Bumm13. Marasmusine. Groundeyes.wikipedia. Jopsen.org/w/index. Enduser32. Glenn. Katharineamy. 802geek. Brooks. Cgarciap86. Maximaximax. Julesd. Wpifer. John Vandenberg. Smithwillscott.wikipedia. Aldie. Richard W. Yang.henderson. Waveguy.Article Sources and Contributors Maximum transmission unit  Source: http://en. 4 anonymous edits Packet transfer delay  Source: http://en. 3 anonymous edits Packet analyzer  Source: http://en. The Anome. Jnc. Crispmuncher.wikipedia. Thingg.wikipedia.xxx. Abdull. Ppike. JoanneB. PeterEasthope. MetalGearLiquid. Teancum. Jasrocks. Scoutersig. 4 anonymous edits Packet-switched network  Source: http://en. 2 anonymous edits 176 . Selket. Plugwash. Mjb4567. El Cubano.php?oldid=441122659  Contributors: Frap. 4 anonymous edits PARC Universal Packet  Source: http://en. Retodon8. Pedant17.H. JIP. David-Sarah Hopwood. Kvng. Jim. Mild Bill Hiccup. Cxxxap. JohnOwens. Noctibus. Djsuess. ZeroOne. Evil saltine. Jm34harvey. NapoliRoma. Lee Carre. Nick Number. Kbrose. NoExec. Jpbowen. 6 anonymous edits Packet switching  Source: http://en. Lightmouse.filmond. Steven. Mange01. Nmacu. Nv8200p. Getcrunk. Rememberway. Packetman. Bobblewik. Martyvis. NI Team. Charles Matthews. Seifried. The Anome. Sephiroth storm Packet Switch Stream  Source: http://en. Leblondleblond. Netcrash87. Timwi. Kbrose.org/w/index. Rdmoore6. Bogsat.org/w/index. Loadmaster. 14 anonymous edits Robust random early detection  Source: http://en. Jamsignal. Kbrose.wikipedia. JohnGrantNineTiles. Palmer1973. Bobblehead. Mandarax. The Thing That Should Not Be.henderson. Fumblebruschi. Piet Delport. Pcap. Richard cocks. Malcolma. Newman9997. Itusg15q4user.wikipedia. Blerg1. Jerrysmith222.org/w/index.org. Wrs1864. 3 anonymous edits OmniPeek  Source: http://en. EvanCarroll. PaulELong. Deineka. Tagishsimon.wikipedia. Closedmouth. Rdmoore6. Rvalles. QmunkE.combs. K12u. UU. Phatom87. Wirbelwind. Wafulz. Kabdcn. Foelectric. ThreePD. Riffle. Guy Harris. Cwolfsheep. Ewlyahoocom. Gerald. Marksza. Harryzilber. PBP. PrimroseGuy. Jpbowen. Ynhockey. Midnightcomm. No1Jenny. Nmatpt. CIreland. Wpifer. Woohookitty.php?oldid=440067247  Contributors: Akshaygs. Jnc.wikipedia. JosephBarillari.org/w/index. 48 anonymous edits Packet-switching node  Source: http://en. Josh Parris. 175 anonymous edits Network congestion  Source: http://en. Huntscorpio. 12 anonymous edits Packet capture  Source: http://en. Yamaguchi先 生 . Mleoking. Jedonnelley. Mboverload. PabloCastellano. Maurreen. The Original Wildbear. Neurolysis. Hcberkowitz. Mini-Geek. Mantipula. Deema AlShamaa. Jkl. 39 anonymous edits Protocol data unit  Source: http://en. Rjwilmsi.php?oldid=377480337  Contributors: ApolloCreed. Margin1522. Binksternet. Giftlite. Lambiam.org/w/index. RedWolf.php?oldid=427695232  Contributors: DR (usurped). Guy Harris. FJPB. JonHarder. LouScheffer. Guy Harris. Babbage. Moondyne. Psrdotcom. Kvng. Widefox. Frap. Sonic Mew. Radiojon. Pegship. Voyagerfan5761. BayTech. JTN. Skapur. Boscobiscotti. MarkFrancisMullins. Omegatron. Lostchicken. Welsh. Andponomarev. Jim. B4hand. MarkmacVSS. Phatom87. Nekohakase. KVDP. CyberSkull. Dcoetzee. Rhodekyll. Darth Panda.org/w/index. Incompetence. JTN. Jimj wpg. Jim. Rogger. Alantekore. Excirial. Watson1966. Maurreen.org/w/index. WereSpielChequers. Pyrotec. 40 anonymous edits Public switched data network  Source: http://en.hprastiawan. AlphaEta. Fromageestciel. Graeme Bartlett. Hjf.org/w/index.wikipedia. DeadEyeArrow. Alex6273. PierreAbbat. Xaje. Yuanli. Tammyzhou1983. Rick Sidwell. Zaf. Thumperward. Yuanli. JTN. Tobias Bergemann. Joy.org/w/index. Bearcat. Phatom87. Peyre. Peruvianllama. Rhobite.php?oldid=332547289  Contributors: Big Bob the Finder. Giftlite. Tinucherian. Colasoft capsa.php?oldid=408353584  Contributors: Adamantios.org/w/index. Xezbeth. Stephen. Gfoley4. Itusg15q4user. MacStep. RedWolf. GregorB. Ged Davies. Zhou Yu. Shaddack. CesarB. BarretBonden. The Anome. Veinor. Rabarberski. Ali Esfandiari. Gurch. Itusg15q4user. YUL89YYZ. GrahamDavies. Guitarist6987876. Anaxial. Networked. Storkk. Luk. Niclas Wiberg.php?oldid=441691777  Contributors: Alynna Kasmira. Frencheigh. Kenyon. Stw. Pearle. Rwhalb.php?oldid=447899712  Contributors: Amorymeltzer. Pgr94. Eastmain. MOM4Evr.a. Nurg. Excirial. Ospalh. Avalon. Jones.org/w/index. JNW. Sowsnek. Imcdnzl. Ioeth. Eastlaw. Mojodaddy. Synchrodyne. Psmith811. DylanW. Mange01. Kthnxrick.php?oldid=435085280  Contributors: Bearcat. J. LachlanA. Btyner. Knuckles. Diodime.39. Fleminra. Jmaes123.uk. Btilm. Schmloof. Kungfuadam. Rspanton. Chameleons84. Dead3y3. Lee Carre. AlistairMcMillan. MrOllie. RedWolf. Dkleeman. Jy. WaffleMonster. Jaizovic. Itusg15q4user.org/w/index.125. N3ddy. LawrenceGRoberts. GoingBatty. Mudalagi. Xxsquishyxx.delanoy. M4gnum0n. JTN. Rholton. X!. Shilpi2809. Dky89. 8 anonymous edits Packet generator  Source: http://en. Xchbla423.cn.php?oldid=332547189  Contributors: Phatom87. Dgtsyb. Jpbowen. Haseo9999. CosineKitty. Lucanos. L Kensington. W Nowicki. Jtk. Dawnseeker2000. RJHall.php?oldid=421573374  Contributors: 4twenty42o. WereSpielChequers. Dhar. Negrulio. Neilc. ExDPN100Engineer. W163. Wizard191. Rich Farmbrough. Jerrysmith222.Ferguson. Glenn.org/w/index.php?oldid=389942039  Contributors: Guy Harris. Nightstallion.smith.Petrenko.wikipedia. Mebden. Ali@gwc. Crossmr. Jpbowen. Tmaufer. Wingsandsword.org/w/index. Gardar Rurak. FromOrleans. Airplaneman. Philbarker. EAderhold. Qwghlm. Wa3frp. Xofc. Bearcat.H. Jnc. Miracle Pen. Piet Delport. LeviathinXII. Mitch Ames. Tatrgel. Mbarbier. Bsadowski1. J. Calmcz. Lexikorn. Kvng.wikipedia. ZoFreX. Bezzm. Borgx.php?oldid=442089761  Contributors: Billc. Paquitotrek. Kk2mkk. Woohookitty. Terra Xin. That Guy.org/w/index. Bloodshedder. Gentleman wiki. Gerfaut. MCBastos. Malcolma. GoingBatty. Johnbojaen. Tgwaltz. BenFrantzDale. Let4time. Omegatron. Mancini. Can't sleep. SpacePacket. Stwalkerster. Conversion script. Torla42. Jokes Free4Me. Woohookitty. Idril.php?oldid=422939538  Contributors: Barberio. Mild Bill Hiccup. Edcolins. Kate. Thegn. Ciphers.wikipedia. Merope. W Nowicki. Roy2009. Karol Langner. NBuccalo.org/w/index. Hamster2. Toreau. Itai. Wheet. YUL89YYZ. Betbest1. Xcentaur. Malcolm. Wireless friend. R2jitu.henderson. Mikeblas. SarahStierch. Prondou. Nimiew.wasylewski.253. Frap. JonHarder. DylanW. CecilWard. Wheet. 217.wikipedia. Jpatokal. William Avery. Manop.delanoy. Nubiatech. R'n'B. MER-C. Zondor. R'n'B.wikipedia. Watson Ladd. Skier Dude. Michael Devore.php?oldid=406216024  Contributors: Baggie.php?oldid=369677408  Contributors: Adamantios. GPHemsley. Chris the speller. Netmoninc.wikipedia. JonHarder.wikipedia. Lightmouse. Kgrr. Milan Keršláger. Foobaz. Hairy Dude. Adambiswanger1. Joshurtree. Nitiniit. Frap.org/w/index.M.org/w/index. Nuno Tavares. Zhou Yu. Jeffmcfarland. Bjelleklang. Kalathalan. clown will eat me. Jedi Master Brownlow. Intgr.org/w/index. Vidiii. Jonnyct. John 34345. Omegium. GPHemsley.wikipedia. 11 anonymous edits Packet segmentation  Source: http://en. Timsk. Ashwin18. Jeremy Swinarton. Roger Davies. Timtim101. Christophernoland. TubularWorld. Edward Z. Biasoli. 1 anonymous edits Ping (video gaming)  Source: http://en. Yinwulanyu. SCΛRECROW. Graeme Bartlett. Kvng. The Anome Packet aggregation  Source: http://en. Thomas d stewart. Loftenter. Yuanli.wikipedia. Ee02b022. Andrewpmk. Bobier. Bevo.wikipedia. Guy Harris. Groyolo. GoingBatty. Corpx. Waskage. Ewlyahoocom. Ilario. Ricojonah. Faithtear. Jaffar.wikipedia. M4gnum0n. NetRolller 3D. JeLuF.henderson. Gaius Cornelius. EagleOne. Aldaron. Suplamer. Securitywiki. Jonnyct.php?oldid=390003240  Contributors: Guy Harris. Ishi Gustaedr. Brookshawn. Imcdnzl. Trevor d. From That Show!.php?oldid=425345090  Contributors: Pnm. The Singing Badger. Kundor. Giftlite. 17 anonymous edits NIST RBAC model  Source: http://en. J. Hetar. Thumperward. Gardar Rurak.xxx. CesarB's unpriviledged account. Rich Farmbrough. Mormegil. Dave Cohoe.org/w/index. 223 anonymous edits Packet telephony  Source: http://en. Tsange.org/w/index. The Evil IP address.org/w/index. Cburnett. MER-C. Ryan Roos. Dirtydan667. Devourer09. Fresheneesz. Chris the speller. Paulfeakins. Francs2000. 325 anonymous edits Packet Assembler/Disassembler  Source: http://en. DonDaMon.wikipedia. Cgdallen. Storkk. Jdm64. 28 anonymous edits Packet injection  Source: http://en.wikipedia. Mange01. Donreed. Diberri. Barberio. Jnc. Gogo Dodo. Rjwilmsi. Freedomfighter21. Haza-w. Justin Piper. Helix84. Ahoerstemeier. Jim. Storkk. Paul1337. CanadianLinuxUser. Edward. JonHarder. PeteShanosky. Itusg15q4user. Bryanarnold. Whitepaw. Useight.php?oldid=444049931  Contributors: A. Skyschulz. Ninjakttty. JonHarder. Oli Filth. Mild Bill Hiccup. Wipe. Logicat. CarolGray. Wmasterj.php?oldid=448224650  Contributors: 213. SpacePacket. Gundark.wikipedia. Jrtayloriv. Steven Zhang. Usangel1066. JMiall. Discospinster. Hu12. Vary. Dgtsyb. Kaare. PerryTachett.php?oldid=444871256  Contributors: Althena. Badseed. Ron shelf. Sricciar. SunCreator. Dhammala. Kgrr. Vrenator. AxelBoldt. ManuelGR. Rich Farmbrough. PaulHanson. Nurg. Jim. Ec2049. Jason Stormchild. Mjb4567. Polyakov.org/w/index. Mendaliv. Voidxor. Gbelknap.dai.

Jleedev. Mange01. Sietse Snel. IMSoP. Legotech. Ximensions. UnicornTapestry.wikipedia.wikipedia. Choalbaton. Phatom87. Vobrcz. Melcombe. Kvng. JonHarder. Noted trip3.php?oldid=432452324  Contributors: Adrignola. Jaeger5432.php?oldid=447807544  Contributors: Are you ready for IPv6?.php?oldid=421971650  Contributors: Invitatious. JonHarder. Jonverve. Rholton. JonHarder. Guy Harris. Clamum. Mascurader. Cmdrjameson. The Anome. Jeaux Bleaux. Martin Hinks.wikipedia. Edward. OliverTwisted. Mboverload. Edward. Jgm7.php?oldid=332547365  Contributors: Commnerd. Suruena. Kubanczyk. 49 anonymous edits SQLFilter  Source: http://en. Jbartas. Pseudomonas.php?oldid=332547334  Contributors: Biot. Algocu. 28 anonymous edits Syncword  Source: http://en. R'n'B. The Anome. Modify.php?oldid=418660128  Contributors: DanielPharos. Kbrose.wikipedia.wikipedia. Sam Hocevar. Tassedethe. Nealcardwell. 2 anonymous edits Statistical time division multiplexing  Source: http://en.org/w/index. Bonadea. Frap.php?oldid=437942335  Contributors: Daniel.org/w/index. Fschoenm. Robofish.org/w/index. Fredgoat.Cardenas. Reisio. Riggler.wikipedia. Wdscxsj. W Nowicki. Btyner. 6 anonymous edits TCP reset attack  Source: http://en. JMay. Ryan Roos. Storkk. Thomasyen. NortyNort. Fred Condo. 8 anonymous edits Virtual packet  Source: http://en. ILF. Erik9. Discospinster. Mikm. Makibaohm.org/w/index. LilHelpa. Pentap101. Greenrd 177 .org/w/index. Radagast83.org/w/index. Enduser. Pparazorback. Storkk. Frap. Zgadot. Mmernex.org/w/index.wikipedia. 1 anonymous edits Start Frame Delimiter  Source: http://en. SpacePacket. Mdupont. Flydpnkrtn. Tbhotch.Article Sources and Contributors Raw socket  Source: http://en.

jpg  Source: http://en.jpg  Source: http://en.svg  Source: http://en.php?title=File:Increase2.jpg  Source: http://en. Technion.wikipedia.php?title=File:Stonesoft_Logo.svg  Source: http://en.php?title=File:Ciscosystemsrouteratcern.0. PhilKnight. Jacobolus.org/w/index.wikipedia.png  License: Fair Use  Contributors: Impakti File:Flag of the United States.wikipedia.svg  Source: http://en.org/w/index.png  Source: http://en.svg  Source: http://en. Sfan00 IMG Image:Sonicwalllogo.php?title=File:Barracuda-networks-logo.png  License: GNU Free Documentation License  Contributors: Phani Bhushan File:Paul Baran. Licenses and Contributors 178 Image Sources.org/w/index.wikipedia.php?title=File:Decrease2.jpg  License: unknown  Contributors: Eraserhead1 image:broadcast.svg  Source: http://en.org/w/index.wikipedia.0  Contributors: Gaiterin Image:Ethernet frame. User:STBotI File:Increase2.png  Source: http://en.jpg  License: GNU Free Documentation License  Contributors: Coolcaesar File:Labris Teknoloji logo-orta.org/w/index.wikipedia.wikipedia.png  Source: http://en. Image:Viaedge Logo.org/w/index.org/w/index.php?title=File:Pdu_and_sdu.org/w/index.wikipedia.php?title=File:Paul_Baran.wikipedia.svg  Source: http://en. (Original SVG was based on File:PD-icon. User:Polbot. See log.wikipedia.wikipedia.php?title=File:Broadcast.svg  License: unknown  Contributors: Sarang Image:Barracuda-networks-logo.04.org/w/index.php?title=File:Cast.jpg  License: Free Art License  Contributors: Yasakak Image:Radware.org/w/index.wikipedia.png  License: Fair Use  Contributors: User:Bjelleklang.svg  License: Public Domain  Contributors: Easyas12c.svg  Source: http://en.svg  Source: http://en.wikipedia.png  Source: http://en.svg  Source: http://en.wikipedia.org/w/index.PNG  License: unknown  Contributors: Daichinger.wikipedia.svg  License: Public Domain  Contributors: Easyas12c image:cast.jpg  Source: http://en.wikipedia.png  Source: http://en.php?title=File:Gufw_9. User:Iztoku Image:Sandvine logo.svg  Source: http://en.org/w/index.php?title=File:Ciscosystemsheadquarters. User:Cydebot.wikipedia.1.jpg  Source: http://en.Image Sources.org/w/index.php?title=File:Flag_of_the_United_States.svg  License: Public Domain  Contributors: Various. 1 anonymous edits File:Decrease2.04.org/w/index.svg  Source: http://en.png  License: Fair Use  Contributors: User:Mongolmax Image:Stonesoft Logo.svg  License: Public Domain  Contributors: Self-made Image:Stressed Eye.php?title=File:Unicast.php?title=File:PD-icon. Jarekt.org/w/index.org/w/index.png  License: Fair Use  Contributors: User:Ilyasali khan.php?title=File:Standard_deviation_diagram..org/w/index. 1 anonymous edits Image:standard deviation diagram. UrSuS.0  Contributors: Bruno Pedrozo Image:Gufw 9.jpg  License: Fair Use  Contributors: Dchapes.png  Source: http://en. 1 anonymous edits image:unicast. 1 anonymous edits image:multicast.wikipedia. Perhelion image:geocast.svg  License: Public Domain  Contributors: Sarang Image:Ciscosystemsheadquarters.jpg  Source: http://en. User:MBisanz.svg  License: Public Domain  Contributors: Self-made .php?title=File:Labris_Teknoloji_logo-orta.org/w/index.png by Duesentrieb.png  Source: http://en.php?title=File:Cisco_logo.org/w/index.svg  Source: http://en.svg  License: Fair Use  Contributors: Jeff G.wikipedia.wikipedia.svg  License: Public Domain  Contributors: Easyas12c image:anycast.wikipedia. Indolences.php?title=File:Viaedge_Logo.org/w/index.wikipedia.org/w/index.php?title=File:Sandvine_logo.jpg  License: GNU Free Documentation License  Contributors: Original uploader was Coolcaesar at en. User:Cydebot. User:Pabouk Image:Cisco logo.wikipedia.php?title=File:Ethernet_frame.svg  License: Creative Commons Attribution 2.org/w/index.5  Contributors: Mwtoews Image:Pdu and sdu.org/w/index. Zscout370.) File:Firewall.png by Rfl.png  License: Creative Commons Attribution-Sharealike 3.svg  Source: http://en.org/w/index.2.wikipedia.org/w/index.svg  License: Public Domain  Contributors: Easyas12c.org/w/index.5.svg  Source: http://en.PNG  Source: http://en.png  License: Fair Use  Contributors: User:BetacommandBot.svg  License: Public Domain  Contributors: Dbenbenn.wikipedia.svg  Source: http://en.PNG  Source: http://en. H Padleckas.wikipedia. Lupo.php?title=File:Sonicwalllogo. which was based on Image:Red copyright. Presidentman.org/w/index.svg  License: Public Domain  Contributors: Mik81 Image:ethernet frame.0.wikipedia.php?title=File:Radware.php?title=File:Geocast. Rockfang.2.php?title=File:Allot_logo.jpg  License: Fair Use  Contributors: Lamro Image:Check point logo.wikipedia.php?title=File:Firewall. User:Ehudshapira.PNG  License: Creative Commons Attribution-Sharealike 3.org/w/index.php?title=File:Stressed_Eye.svg  License: Creative Commons Zero  Contributors: Revolus Image:PD-icon.php?title=File:Check_point_logo.org/w/index.svg  License: Public Domain  Contributors: Easyas12c.php?title=File:Anycast.wikipedia.wikipedia.php?title=File:Multicast. Licenses and Contributors Image:Allot logo.php?title=File:Ethernet_frame.org/w/index.wikipedia Image:Ciscosystemsrouteratcern.

License 179 License Creative Commons Attribution-Share Alike 3. org/ licenses/ by-sa/ 3.0 Unported http:/ / creativecommons. 0/ .

Allot Communications. Theta Networks. Gigapackets. With the Least Amount of Effort. faster than you ever dreamed possible! The information in this book can show you how to be an expert in the field of Deep Packet Inspection (DPI).48. Get the edge. user service. Although DPI technology has been used for Internet management for many years. Data-dependent jitter. Sandvine. G. Cisco Express Forwarding. Catenet. Packet loss. Deep Packet Inspection (and filtering) enables advanced network management. Stonesoft Corporation. It reduces the risk of your technology.” Deep Packet Inspection (DPI) (also called complete packet inspection and Information eXtraction . but use of the second header (TCP. Lag. Here you will find the most up-to-date information. time and resources investment decisions by enabling you to compare your understanding of Deep Packet Inspection (DPI) with the objectivity of experienced professionals .. Martian packet. Much More! This book explains in-depth the real drivers and workings of Deep Packet Inspection (DPI). Christmas tree packet. and censorship. Donald Davies.) is normally considered to be shallow packet inspection (usually called Stateful Packet Inspection) despite this definition. this book is a unique collection to help you become a master of Deep Packet Inspection (DPI). Jumbo frame. Fast packet switching. Labris Teknoloji. GSM 03. Active queue management. eavesdropping. Link state packet. Blue (queue management algorithm). Firewall (computing). background and everything you need to know. some advocates of net neutrality fear that the technology can be used anticompetitively or to reduce the openness of the Internet. Business Control Layer.. Are you looking to learn more about Deep Packet Inspection (DPI)? You’re about to discover the most spectacular gold mine of Deep Packet Inspection (DPI) materials ever created. with extensive references and links to get you to know all there is to know about Deep Packet Inspection (DPI) right away. Context-based access control. Narus (company). viruses. intrusions or predefined criteria to decide if the packet can pass or if it needs to be routed to a different destination. Cisco Systems. Datakit. Data Path Acceleration Architecture (DPAA). Barracuda Networks.The Knowledge Solution. IPv6 packet. Broadcasting (computing). Chernobyl packet.IX -) is a form of computer network packet filtering that examines the data part (and possibly also the header) of a packet as it passes an inspection point. DPI is currently being used by the enterprise. Check Point. UDP etc. analysis. and security functions as well as internet data mining. service providers and governments in a wide range of applications.. Radware. Frame (networking).. “Here’s Your Chance To Skip The Struggle and Master Deep Packet Inspection (DPI).and Much. Dynamic Packet Transport. An Important Message for ANYONE who wants to learn about Deep Packet Inspection (DPI) Quickly and Easily. Stop Searching.. while you still can. Black hole (networking). or for the purpose of collecting statistical information. Network intelligence..Grab your copy now.8261. Berkeley Packet Filter. There are multiple headers for IP packets. A quick look inside: Deep packet inspection. This book is your ultimate resource for Deep Packet Inspection (DPI). NebuAd. Jumbogram. Frame check sequence. Viaedge. SonicWALL. Paul Baran. The #1 ALL ENCOMPASSING Guide to Deep Packet Inspection (DPI). spam. Front Porch. network equipment only needs to use the first of these (the IP header) for normal operation. Jitter. Deterministic jitter. Cut-through switching. and ace any discussion. Datagram. Network packet. learn EVERYTHING you need to know about Deep Packet Inspection (DPI). Stand Out and Pay Off. Mangled packet. In 2 Days Or Less. . proposal and implementation with the ultimate book – guaranteed to give you the education that you need. searching for protocol non-compliance. In easy to read chapters.

You're Reading a Free Preview

Download
scribd