P. 1
Deep Packet Inspection (DPI): High-impact Strategies - What You Need to Know: Definitions, Adoptions, Impact, Benefits, Maturity, Vendors

Deep Packet Inspection (DPI): High-impact Strategies - What You Need to Know: Definitions, Adoptions, Impact, Benefits, Maturity, Vendors

|Views: 1,220|Likes:
Published by Emereo Publishing
The Knowledge Solution. Stop Searching, Stand Out and Pay Off. The #1 ALL ENCOMPASSING Guide to Deep Packet Inspection (DPI).

An Important Message for ANYONE who wants to learn about Deep Packet Inspection (DPI) Quickly and Easily...

"Here's Your Chance To Skip The Struggle and Master Deep Packet Inspection (DPI), With the Least Amount of Effort, In 2 Days Or Less..."

Deep Packet Inspection (DPI) (also called complete packet inspection and Information eXtraction - IX -) is a form of computer network packet filtering that examines the data part (and possibly also the header) of a packet as it passes an inspection point, searching for protocol non-compliance, viruses, spam, intrusions or predefined criteria to decide if the packet can pass or if it needs to be routed to a different destination, or for the purpose of collecting statistical information. There are multiple headers for IP packets, network equipment only needs to use the first of these (the IP header) for normal operation, but use of the second header (TCP, UDP etc.) is normally considered to be shallow packet inspection (usually called Stateful Packet Inspection) despite this definition.

Deep Packet Inspection (and filtering) enables advanced network management, user service, and security functions as well as internet data mining, eavesdropping, and censorship. Although DPI technology has been used for Internet management for many years, some advocates of net neutrality fear that the technology can be used anticompetitively or to reduce the openness of the Internet.
DPI is currently being used by the enterprise, service providers and governments in a wide range of applications.

Get the edge, learn EVERYTHING you need to know about Deep Packet Inspection (DPI), and ace any discussion, proposal and implementation with the ultimate book – guaranteed to give you the education that you need, faster than you ever dreamed possible!

The information in this book can show you how to be an expert in the field of Deep Packet Inspection (DPI).

Are you looking to learn more about Deep Packet Inspection (DPI)? You're about to discover the most spectacular gold mine of Deep Packet Inspection (DPI) materials ever created, this book is a unique collection to help you become a master of Deep Packet Inspection (DPI).

This book is your ultimate resource for Deep Packet Inspection (DPI). Here you will find the most up-to-date information, analysis, background and everything you need to know.

In easy to read chapters, with extensive references and links to get you to know all there is to know about Deep Packet Inspection (DPI) right away. A quick look inside: Deep packet inspection, Allot Communications, Barracuda Networks, Check Point, Cisco Systems, Front Porch, Labris Teknoloji, Narus (company), NebuAd, Network intelligence, Radware, Sandvine, SonicWALL, Stonesoft Corporation, Theta Networks, Viaedge, Network packet, Active queue management, Paul Baran, Berkeley Packet Filter, Black hole (networking), Blue (queue management algorithm), Broadcasting (computing), Business Control Layer, Catenet, Chernobyl packet, Christmas tree packet, Cisco Express Forwarding, Context-based access control, Cut-through switching, Data Path Acceleration Architecture (DPAA), Data-dependent jitter, Datagram, Datakit, Donald Davies, Deterministic jitter, Dynamic Packet Transport, Fast packet switching, Firewall (computing), Frame (networking), Frame check sequence, G.8261, Gigapackets, GSM 03.48, IPv6 packet, Jitter, Jumbo frame, Jumbogram, Lag, Link state packet, Packet loss, Mangled packet, Martian packet...and Much, Much More!

This book explains in-depth the real drivers and workings of Deep Packet Inspection (DPI). It reduces the risk of your technology, time and resources investment decisions by enabling you to compare your understanding of Deep Packet Inspection (DPI) with the objectivity of experienced professionals - Grab your copy now, while you still can.
The Knowledge Solution. Stop Searching, Stand Out and Pay Off. The #1 ALL ENCOMPASSING Guide to Deep Packet Inspection (DPI).

An Important Message for ANYONE who wants to learn about Deep Packet Inspection (DPI) Quickly and Easily...

"Here's Your Chance To Skip The Struggle and Master Deep Packet Inspection (DPI), With the Least Amount of Effort, In 2 Days Or Less..."

Deep Packet Inspection (DPI) (also called complete packet inspection and Information eXtraction - IX -) is a form of computer network packet filtering that examines the data part (and possibly also the header) of a packet as it passes an inspection point, searching for protocol non-compliance, viruses, spam, intrusions or predefined criteria to decide if the packet can pass or if it needs to be routed to a different destination, or for the purpose of collecting statistical information. There are multiple headers for IP packets, network equipment only needs to use the first of these (the IP header) for normal operation, but use of the second header (TCP, UDP etc.) is normally considered to be shallow packet inspection (usually called Stateful Packet Inspection) despite this definition.

Deep Packet Inspection (and filtering) enables advanced network management, user service, and security functions as well as internet data mining, eavesdropping, and censorship. Although DPI technology has been used for Internet management for many years, some advocates of net neutrality fear that the technology can be used anticompetitively or to reduce the openness of the Internet.
DPI is currently being used by the enterprise, service providers and governments in a wide range of applications.

Get the edge, learn EVERYTHING you need to know about Deep Packet Inspection (DPI), and ace any discussion, proposal and implementation with the ultimate book – guaranteed to give you the education that you need, faster than you ever dreamed possible!

The information in this book can show you how to be an expert in the field of Deep Packet Inspection (DPI).

Are you looking to learn more about Deep Packet Inspection (DPI)? You're about to discover the most spectacular gold mine of Deep Packet Inspection (DPI) materials ever created, this book is a unique collection to help you become a master of Deep Packet Inspection (DPI).

This book is your ultimate resource for Deep Packet Inspection (DPI). Here you will find the most up-to-date information, analysis, background and everything you need to know.

In easy to read chapters, with extensive references and links to get you to know all there is to know about Deep Packet Inspection (DPI) right away. A quick look inside: Deep packet inspection, Allot Communications, Barracuda Networks, Check Point, Cisco Systems, Front Porch, Labris Teknoloji, Narus (company), NebuAd, Network intelligence, Radware, Sandvine, SonicWALL, Stonesoft Corporation, Theta Networks, Viaedge, Network packet, Active queue management, Paul Baran, Berkeley Packet Filter, Black hole (networking), Blue (queue management algorithm), Broadcasting (computing), Business Control Layer, Catenet, Chernobyl packet, Christmas tree packet, Cisco Express Forwarding, Context-based access control, Cut-through switching, Data Path Acceleration Architecture (DPAA), Data-dependent jitter, Datagram, Datakit, Donald Davies, Deterministic jitter, Dynamic Packet Transport, Fast packet switching, Firewall (computing), Frame (networking), Frame check sequence, G.8261, Gigapackets, GSM 03.48, IPv6 packet, Jitter, Jumbo frame, Jumbogram, Lag, Link state packet, Packet loss, Mangled packet, Martian packet...and Much, Much More!

This book explains in-depth the real drivers and workings of Deep Packet Inspection (DPI). It reduces the risk of your technology, time and resources investment decisions by enabling you to compare your understanding of Deep Packet Inspection (DPI) with the objectivity of experienced professionals - Grab your copy now, while you still can.

More info:

Published by: Emereo Publishing on Sep 15, 2011
Copyright:Traditional Copyright: All rights reserved
List Price: $39.95


Read on Scribd mobile: iPhone, iPad and Android.
This book can be read on up to 6 mobile devices.
Full version available to members
See more
See less



  • Deep packet inspection
  • Allot Communications
  • Barracuda Networks
  • Check Point
  • Cisco Systems
  • Front Porch
  • Labris Teknoloji
  • Narus (company)
  • NebuAd
  • Network intelligence
  • Radware
  • Sandvine
  • SonicWALL
  • Stonesoft Corporation
  • Theta Networks
  • Viaedge
  • Network packet
  • Active queue management
  • Paul Baran
  • Berkeley Packet Filter
  • Black hole (networking)
  • Blue (queue management algorithm)
  • Broadcasting (computing)
  • Business Control Layer
  • Catenet
  • Chernobyl packet
  • Christmas tree packet
  • Cisco Express Forwarding
  • Context-based access control
  • Cut-through switching
  • Data Path Acceleration Architecture (DPAA)
  • Data-dependent jitter
  • Datagram
  • Datakit
  • Donald Davies
  • Deterministic jitter
  • Dynamic Packet Transport
  • Fast packet switching
  • Firewall (computing)
  • Frame (networking)
  • Frame check sequence
  • G.8261
  • Gigapackets
  • GSM 03.48
  • IPv6 packet
  • Jitter
  • Jumbo frame
  • Jumbogram
  • Link state packet
  • Packet loss
  • Mangled packet
  • Martian packet
  • Maximum segment size
  • Maximum transmission unit
  • Network congestion
  • NIST RBAC model
  • OmniPeek
  • Out-of-order delivery
  • Packet aggregation
  • Packet analyzer
  • Packet Assembler/Disassembler
  • Packet capture
  • Packet concatenation
  • Packet drop attack
  • Packet generator
  • Packet injection
  • Packet segmentation
  • Packet Switch Stream
  • Packet switching
  • Packet telephony
  • Packet transfer delay
  • Packet-switched network
  • Packet-switching node
  • PARC Universal Packet
  • Ping (video gaming)
  • Protocol data unit
  • Public switched data network
  • Robust random early detection
  • Raw socket
  • SQLFilter
  • Start Frame Delimiter
  • Statistical time division multiplexing
  • Syncword
  • TCP reset attack
  • Virtual packet
  • Article Sources and Contributors
  • Image Sources, Licenses and Contributors
  • License

Deep Packet Inspection (DPI


Kevin Roebuck



High-impact Strategies - What You Need to Know: Definitions, Adoptions, Impact, Benefits, Maturity, Vendors

Topic relevant selected content from the highest rated entries, typeset, printed and shipped. Combine the advantages of up-to-date and in-depth knowledge with the convenience of printed books. A portion of the proceeds of each book will be donated to the Wikimedia Foundation to support their mission: to empower and engage people around the world to collect and develop educational content under a free license or in the public domain, and to disseminate it effectively and globally. The content within this book was generated collaboratively by volunteers. Please be advised that nothing found here has necessarily been reviewed by people with the expertise required to provide you with complete, accurate or reliable information. Some information in this book maybe misleading or simply wrong. The publisher does not guarantee the validity of the information found here. If you need specific advice (for example, medical, legal, financial, or risk management) please seek a professional who is licensed or knowledgeable in that area. Sources, licenses and contributors of the articles and images are listed in the section entitled “References”. Parts of the books may be licensed under the GNU Free Documentation License. A copy of this license is included in the section entitled “GNU Free Documentation License” All used third-party trademarks belong to their respective owners.

Deep packet inspection Allot Communications Barracuda Networks Check Point Cisco Systems Front Porch Labris Teknoloji Narus (company) NebuAd Network intelligence Radware Sandvine SonicWALL Stonesoft Corporation Theta Networks Viaedge Network packet Active queue management Paul Baran Berkeley Packet Filter Black hole (networking) Blue (queue management algorithm) Broadcasting (computing) Business Control Layer Catenet Chernobyl packet Christmas tree packet Cisco Express Forwarding Context-based access control Cut-through switching Data Path Acceleration Architecture (DPAA) Data-dependent jitter Datagram Datakit 1 8 10 14 19 28 29 30 33 40 43 46 49 51 54 55 57 62 64 68 69 70 72 73 75 75 76 77 78 79 80 80 81 81

Donald Davies Deterministic jitter Dynamic Packet Transport Fast packet switching Firewall (computing) Frame (networking) Frame check sequence G.8261 Gigapackets GSM 03.48 IPv6 packet Jitter Jumbo frame Jumbogram Lag Link state packet Packet loss Mangled packet Martian packet Maximum segment size Maximum transmission unit Network congestion NIST RBAC model OmniPeek Out-of-order delivery Packet aggregation Packet analyzer Packet Assembler/Disassembler Packet capture Packet concatenation Packet drop attack Packet generator Packet injection Packet segmentation Packet Switch Stream Packet switching Packet telephony Packet transfer delay

83 85 85 86 87 92 93 94 94 95 96 102 108 110 111 113 114 116 116 117 117 122 129 130 132 133 133 135 137 140 140 141 143 144 144 147 151 152

Packet-switched network Packet-switching node PARC Universal Packet Ping (video gaming) Protocol data unit Public switched data network Robust random early detection Raw socket SQLFilter Start Frame Delimiter Statistical time division multiplexing Syncword TCP reset attack Virtual packet

152 159 159 161 162 164 164 166 167 167 168 169 170 172

Article Sources and Contributors Image Sources, Licenses and Contributors 173 178

Article Licenses
License 179

Deep packet inspection


Deep packet inspection
Deep Packet Inspection (DPI) (also called complete packet inspection and Information eXtraction - IX -) is a form of computer network packet filtering that examines the data part (and possibly also the header) of a packet as it passes an inspection point, searching for protocol non-compliance, viruses, spam, intrusions or predefined criteria to decide if the packet can pass or if it needs to be routed to a different destination, or for the purpose of collecting statistical information. There are multiple headers for IP packets, network equipment only needs to use the first of these (the IP header) for normal operation, but use of the second header (TCP, UDP etc.) is normally considered to be shallow packet inspection (usually called Stateful Packet Inspection) despite this definition.[1] Deep Packet Inspection (and filtering) enables advanced network management, user service, and security functions as well as internet data mining, eavesdropping, and censorship. Although DPI technology has been used for Internet management for many years, some advocates of net neutrality fear that the technology can be used anticompetitively or to reduce the openness of the Internet.[2] DPI is currently being used by the enterprise, service providers and governments in a wide range of applications.[3]

DPI combines the functionality of an Intrusion Detection System (IDS) and an Intrusion Prevention System (IPS) with a traditional stateful firewall.[4] This combination makes it possible to detect certain attacks that neither the IDS/IPS nor the stateful firewall can catch on their own. Stateful firewalls, while able to see the beginning and end of a packet flow, cannot on their own catch events that would be out of bounds for a particular application. While IDSs are able to detect intrusions, they have very little capability in blocking such an attack. DPIs are used to prevent attacks from viruses and worms at wire speeds. More specifically, DPI can be effective against buffer overflow attacks, Denial of Service (DoS) attacks, sophisticated intrusions, and a small percentage of worms that fit within a single packet. DPI-enabled devices have the ability to look at Layer 2 and beyond Layer 3 of the OSI model, in cases DPI can be evoked to look through Layer 2-7 of the OSI model. This includes headers and data protocol structures as well as the actual payload of the message. DPI functionality is evoked when a device looks or takes other action based on information beyond Layer 3 of the OSI model. DPI can identify and classify traffic based on a signature database that includes information extracted from the data part of a packet, allowing finer control than classification based only on header information. End points can utilize encryption and obfuscation techniques to evade DPI actions in many cases. A classified packet can be redirected, marked/tagged (see quality of service), blocked, rate limited, and of course reported to a reporting agent in the network. In this way, HTTP errors of different classifications may be identified and forwarded for analysis. Many DPI devices can identify packet flows (rather than packet-by-packet analysis), allowing control actions based on accumulated flow information.

DPI at the enterprise
Until recently, security at the enterprise was just a perimeter discipline, with a dominant philosophy of keeping unauthorized users out, and shielding authorized users from the outside world. The most frequently used tool for accomplishing this has been a stateful firewall. It can permit fine-grained control of access from the outside world to pre-defined destinations on the internal network, as well as permitting access back to other hosts only if a request to the outside world has been made previously.[5] However, vulnerabilities exist at network layers that are not visible to a stateful firewall. Also, an increase in the use of laptops in the enterprise makes it more difficult to prevent threats such as viruses, worms and spyware from penetrating the corporate network, as many users will connect the laptop to less-secure networks such as home

including the application and user layer to help combat those threats. offering tiered services. and as many of 10% of US customers have been tracked in this way. Front Porch and Phorm. In addition. Decades ago in a legacy telephone environment.000 US customers are tracked this way. Deep Packet Inspection is able to detect a few kinds of buffer overflow attacks. music and videos. targeted advertising. Lawful interception Service providers are required by almost all governments worldwide to enable lawful intercept capabilities. Technology providers include NebuAd. Internet service providers also apply this technology on the public networks provided to customers. or even heuristics that identify a certain application or behavior.when directed by a court order . This is not possible in contemporary digital networks.[7] Policy definition and enforcement Service providers obligated by the service level agreement with their customers to provide a certain level of service. DPI enables IT administrators and security officials to set policies and enforce them at all layers. Common uses of DPI by ISPs are lawful intercept. Firewalls also do not distinguish between permitted and forbidden uses of legitimately-accessed applications. Due to the frequently large size of media files being transferred.[8] Policies can be defined that allow or disallow connection to or from an IP address. This can be documents. DPI enabled products that are "LI or CALEA-compliant" can be used .[6] 2 DPI at network/Internet service providers In addition to using DPI to secure their internal networks. P2P traffic is typically used by applications that do file sharing. and probably also Embarq. may make use of DPI to implement certain policies that cover copyright infringements. When an e-mail user tries to send a protected file he may be given information on how to get the proper clearance to send the file.to access a user's datastream.Deep packet inspection broadband connections or wireless networks in public locations. In some countries the ISPs are required to perform filtering depending on the country's laws. US ISPs monitoring their customers include Knology. Service providers say a minority of users generate large quantities of P2P traffic and degrade performance for the majority of broadband subscribers using applications such as email or Web browsing which use less bandwidth. and at the same time enforce an acceptable use policy. and copyright enforcement. requiring additional network capacity. to sharing of music. DPI allows service providers to "readily know the packets of information you are receiving online—from e-mail. to websites. certain protocols. the UK ISP British Telecom has admitted testing technology from Phorm without their customers' knowledge or consent. illegal materials. DPI can be used by the enterprise for Data Leak Prevention (DLP). including DPI.[9] and Wide Open West. The acquisition component of this functionality can be provided in many ways. and unfair use of bandwidth. P2P drives increasing traffic loads. At least 100.[11] Poor network performance increases customer dissatisfaction and leads to a decline in service revenues. they are able to monitor web-browsing habits in a very detailed way allowing them to gain information about their customers' interests. video and software downloads". this was met by creating a traffic access point (TAP) using an intercepting proxy server that connects to the government's surveillance equipment. policy definition and enforcement. quality of service.[10] Quality of service Applications such as peer-to-peer (P2P) traffic present increasing problems for broadband service providers. which can be used by companies specializing in targeted advertising. Targeted advertising Because ISPs route all of their customers' traffic. .

per service. . pursuant to its mandate from the US Congress. Other Vendors claim that DPI is ineffective against P2P and that other methods of Bandwidth Management are more effective. Sony BMG. be capable of supporting the execution of a court order to provide real-time communication forensics of specified users. Additionally. Universal Music and Warner Music have begun suing ISPs like Eircom for not doing enough about protecting their copyrights. despite European directive 2000/31/EC clearly stating that ISPs may not be put under a general obligation to monitor the information they transmit and directive 2002/58/EC granting European citizens a right to privacy of communications.S. Copyright enforcement ISPs are sometimes requested by copyright owners or required by courts or official policy to help enforce copyrights. The Motion Picture Association of America (MPAA) which enforces movie copyrights.[13] By being able to charge for a "walled garden". In 2006. one of Denmark's largest ISPs. In 2006. the FCC adopted new Title 47. rules requiring Internet Access Providers meet these requirements. many of these programs are classified. and the DPI system in turn enforces that policy. governments in North America. A policy is created per user or user group.[14] Instead of prosecuting file sharers one at a time.[16] The IFPI wants ISPs to filter traffic to remove illicitly uploaded and downloaded copyrighted material from their network. the operator can tailor his offering to the individual subscriber and increase their Average Revenue Per User (ARPU).[18] United States FCC adopts Internet CALEA requirements. it might be of interest whether users with a 2 Mbit connection use the network in a dissimilar manner to users with a 5 Mbit connection. Subpart Z. Tele2. Deep Packet Inspection by governments In addition to using DPI for the security of their own networks. and in line with the policies of most countries worldwide. 3 Tiered services Mobile and broadband service providers use DPI as a means to implement tiered service plans. on the other hand has taken the position with the Federal Communications Commission (FCC) that network neutrality could hurt anti-piracy technology such as Deep Packet Inspection and other forms of filtering. a higher priority can be allocated to a VoIP or video conferencing call which requires low latency versus web browsing which does not. has required that all telecommunication providers.[17] Statistics DPI allows ISPs to gather statistical information about usage patterns by user group. “all-you-can-eat" and "one-size-fits-all” data services. Access to trend data also help network planning. was given a court injunction and told it must block its customers from accessing The Pirate Bay. per application. to differentiate "walled garden" services from "value added". The FCC.[12] This is the approach that service providers use to dynamically allocate bandwidth according to traffic that is passing through their networks. or "all-you-can-eat" rather than a "one-size-fits-all" package. For instance.Deep packet inspection DPI allows the operators to oversell their available bandwidth while ensuring equitable bandwidth distribution to all users by preventing network congestion. DPI was one of the platforms essential to meeting this requirement and has been deployed for this purpose throughout the U.[15] the International Federation of the Phonographic Industry (IFPI) and the big four record labels EMI. Europe and Asia use DPI for various purposes such as surveillance and censorship. including Internet services. a launching point for BitTorrent. allowing the user access to different services and applications.

. Certain traffic was selected and sent over a dedicated line to a "central location" for analysis..[26] Iran The Iranian government purchased a system. IP address or. such as curse-words. of AT&T’s peering traffic in the San Francisco Bay area. as well as alter it for disinformation purposes. the Dalai Lama. using DPI technology. part of the Iranian government's telecom monopoly.[19] Traffic associated with AT&T’s Common Backbone was "split" between two fibers. to exclude data sources comprised primarily of domestic data. The secure room contained Narus traffic analyzers and logic servers. child pornography. The DPI is used to find which packets are carrying e-mail or a Voice over Internet Protocol (VoIP) phone call. dividing the signal so that 50 percent of the signal strength went to each output fiber. Roome. a capability that most if not all telecom companies have. According to unnamed experts cited in the article.. China also blocks visual media sites like YouTube. According to Marcus’s affidavit. or a variety of anti-Communist movements[25] as those materials were signed as DPI sensitive keywords already. political parties that oppose that of the ruling Communist party. the Tiananmen Square protests and massacre of 1989. Narus states that such devices are capable of real-time data collection (recording data for consideration) and capture at 10 gigabits per second. Bush and Attorney General Alberto R.. 2009.' at the end of March.. a joint venture Siemens AG.. reportedly for deep packet inspection. according to a report in the Wall Street Journal in June. or substantially all." and thus.[21] President George W. and messages containing sensitive material.[23] 4 China The Chinese government uses Deep Packet Inspection to monitor and censor network traffic and content that it claims harmful to Chinese citizens or state interests. Falun Gong. This material includes pornography. and political dissent. information on religion. the system "enables authorities to not only block communication but to monitor it to gather information about individuals. sorting and forwarding more intelligent. quoting NSN spokesperson Ben Roome. the diverted traffic "represented all. That relates to intercepting data for the purposes of combating terrorism."[20] Narus's Semantic Traffic Analyzer software which runs on IBM or Dell Linux servers. with cooperation from AT&T has used Deep Packet Inspection technology to make internet traffic surveillance." The system was purchased by the Telecommunication Infrastructure Co. and various photography and blogging sites. what it called 'intelligence solutions.[22] The Defense Information Systems Agency has developed a sensor platform that uses Deep Packet Inspection. Voice traffic in Skype is unaffected.com. in the case of VoIP. NSN "provided equipment to Iran last year under the internationally recognized concept of 'lawful intercept. China also blocks VoIP traffic in and out of their country. the other carried communications on to AT&T’s switching equipment. the connection will be cut. The monitoring center that Nokia Siemens Networks sold to Iran was described in a company brochure as allowing 'the monitoring and interception of all types of voice and data communication on all networks. configuration made no attempt. drug trafficking and other criminal activities carried out online. People within China often find themselves blocked while accessing Web sites containing content related to Taiwanese and Tibetan independence. and Nokia Corp. in terms of location or position of the fiber split. a Munich-based investment firm. According to the Journal. One of the output fibers was diverted to a secure room.. with no notification provided to either participant in the conversation. in 2008 from Nokia Siemens Networks (NSN). "the designers of the . He said the company determined it was no longer part of its core business. are simply not delivered. Mr. Roome said. sorts through IP traffic at 10Gbit/s to pick out specific messages based on a targeted e-mail address." . by selling it to Perusa [27] Partners Fund 1 LP. Gonzales have asserted that they believe the president has the authority to order secret intercepts of telephone and e-mail exchanges between people inside the United States and their contacts abroad without obtaining a FISA warrant. the German conglomerate.Deep packet inspection The National Security Agency (NSA). the Finnish cellphone company.[24] Chinese network ISPs use DPI to see if there's any sensitive keyword going through their network.' The joint venture exited the business that included the monitoring equipment. If so.' said Mr. although text messages are subject to DPI. he said. phone number.

moneycentral.[35] The open source community offers a wide array of options for performing deep packet inspection functions. Retrieved 2010-01-08. securityfocus.289142. html). International Studies Association. CALEA" (http:/ / arstechnica. gc. including The Washington Times. PACE includes obfuscated/encrypted protocols like Skype or encrypted BitTorrent. . [9] "Charter Communications: Enhanced Online Experience" (http:/ / connect. Thomas Porter (2005-01-11). [13] "Allot Deploys DPI Solution at Two Tier 1 Mobile Operators to Deliver Value. . . aspx?Feed=PR& Date=20080205& ID=8139811& Symbol=ALLT). The Nation. [10] Peter Whoriskey (2008-04-04). com/ insider/ details. meanwhile.[7] saying for example.Deep packet inspection The NSN system followed on purchases by Iran from Secure Computing Corp. The Washington Post. 2008-02-05. Retrieved 2008-03-03. Paper presented at the International Studies Annual Convention. "the 'Net was built on open access and non-discrimination of packets!"[32] Critics of network neutrality rules. securityfocus. com/ item/ ?ci=35275). php/ essays/ just-deliver-the-packets/ ). html). ars). "Just Deliver the Packets. Money Central. Office of the Privacy Commissioner of Canada. . had similar complaints with one of the same Journal reporters himself in an earlier story. Retrieved 2008-03-02.[29] NSN has issued the following denial: NSN "has not provided any deep packet inspection. specifically saying that Mr. call them "a solution in search of a problem" and say that net neutrality rules would reduce incentives to upgrade networks and launch next-generation network services. Security Focus. "Data leak prevention starts with trusting your users" (http:/ / searchnetworking. "Deep Packet Inspection meets 'Net neutrality. [3] Ralf Bendrath (2009-03-16). SearchNetworking. Computer World.C. earlier in the decade. IT Business Edge. com/ infocus/ 1817).[31] 5 DPI and net neutrality People and organizations concerned about privacy or network neutrality find inspection of the content layers of the Internet protocol to be offensive. lightreading. techtarget. [12] Matt Hamblen (2007-09-17). .[33] Software Opendpi[34] is the open source version for non obfuscated protocols. pdf). [4] Ido Dubrawsky (2003-07-29). thenation. D. "The Case for Deep Packet Inspection" (http:/ / www. "Every Click You Make: Internet Providers Quietly Test Expanded Tracking of Web Use to Target Advertising" (http:/ / www. com/ news/ article/ 0. an independent Washington. Retrieved 2008-05-14. computerworld. "The Perils of Deep Packet Inspection" (http:/ / www. Security Focus. Retrieved 2008-03-03. msn. Retrieved 2010-01-08. "The End of the Internet?" (http:/ / www. a comprehensive list is maintained by the dPacket. Retrieved 2010-02-01. Retrieved 2008-03-02. [11] "Deep Packet Inspection: Taming the P2P Traffic Beast" (http:/ / www. [6] Michael Morisy (2008-10-23).-based analyst and Cato Institute Adjunct Scholar. "Global technology trends and national regulation: Explaining Variation in the Governance of Deep Packet Inspection. "Ball State uses Deep Packet Inspection to ensure videoconferencing performance" (http:/ / www. asp?sku_id=1221& skuitem_itemid=957). Retrieved 2006-02-06. "Firewall Evolution . com/ action/ article. but did not mention DPI. [2] Hal Abelson. Retrieved 2008-03-02. Isenberg. web censorship or Internet filtering capability to Iran. . Light Reading." and reviewed censorship of the Internet and other media in the country. com/ landing/ op1. . [8] Jeff Chester (2006-02-01). Ottawa" (http:/ / dpi. New York City. priv.org community [36] References [1] Dr. com/ infocus/ 1716). Chris Lewis (2009).sid7_gci1335767. html). Retrieved 2006-02-06. washingtonpost. com/ articles/ culture/ Deep-packet-inspection-meets-net-neutrality.Added and Tiered Service Packages" (http:/ / news. com/ wp-dyn/ content/ article/ 2008/ 04/ 03/ AR2008040304052. fu-berlin. ars technica. . com/ ticker/ article. .[28] Questions have been raised about the reporting reliability of the Journal report by David Isenberg. 15–18 February 2009" (http:/ / userpage. de/ ~bendrath/ Paper_Ralf-Bendrath_DPI_v1-5.Deep Packet Inspection" (http:/ / www. .com. do?command=viewArticleBasic& taxonomyId=16& articleId=9036959& intsrc=hm_topic). . in: "Essays on Deep Packet Inspection". com/ doc/ 20060213/ chester).00. [5] Elan Amir (2007-10-29). Ken Ledeen. Retrieved 2008-04-08."[30] A concurrent article in The New York Times said the NSN sale had been covered in a "spate of news reports in April [2009]. . . charter. Roome is denying the quotes attributed to him and that he. ca/ index. itbusinessedge. . [7] Nate Anderson (2007-07-25).

ENN. [20] Bellovin.com/security/computer_security/editorials/deepinspect/) • A collection of essays from industry experts (http://dpi. (2006-09-26). [22] Carol D.Deep packet inspection Retrieved 2008-03-03. pcworld. opendpi. Neumann. The Washington Post. [30] "Provision of Lawful Intercept capability in Iran" (http:/ / www. . Peter G. 2009. pdf). com/ technology/ content/ jan2006/ tc20060112_434051. org/ ci/ neutral. wsj. June 22. "Deep Security: DISA Beefs Up Security with Deep Packet Inpection of IP Transmissions" (https:/ / www. "Danish ISP prepares to fight Pirate Bay injunction" (http:/ / www.2008. org/ ci/ neutral. [16] Eric Bangeman (2008-03-11). nerdylorrin. enn. Retrieved 6/22/09. Retrieved 2008-03-13. Open Net Initiative. [33] Genny Pershing. Retrieved 2008-03-12. "The Ultimate Net Monitoring Tool" (http:/ / www. . Retrieved 6/22/09. Retrieved 2008-03-03. Business Week. [19] J. com/ newsletters/ isp/ 2007/ 0625isp1. PC World. [18] Carolyn Duffy Marsan (2007-06-27).blog. Retrieved 2008-03-12. net/ jerry/ politics/ Warrantless/ WarrantlessFACTS. Retrieved 2008-03-03.138599-c. washingtonpost. [14] Jeremy Kirk (2008-02-13). Isenberg. Whitfield Diffie. . and Jennifer Rexford (January/February 2008). Leonnig (2007-01-07). dpacket. Retrieved 6/23/09. html). [15] Matthew Clark (2005-07-05). html) by David S. com/ 8301-10784_3-9746938-7. com/ papers/ paa-ieee. Steven M. "OEM provider Bivio targets government market" (http:/ / www. ""Year of filters" turning into year of lawsuits against ISPs" (http:/ / arstechnica. Nelson. htm#ins). com/ article/ 08/ 02/ 13/ Danish-ISP-prepares-to-fight-Pirate-Bay-injunction_1. com/ article/ id. Retrieved 2008-03-13. June 23. June 22. Restores Flickr and Blogspot" (http:/ / www.ca/) • What Is Deep Packet Inspection and Why the Controversy (http://netequalizernews.registration required (http://www. org/ articles/ deep-security-disa-beefs-security-deep-packet-inpection-ip-transmissions). 2009. "Eircom and BT won't oppose music firms" (http:/ / www. [29] "Questions about WSJ story on Net Management in Iran" (http:/ / www. htm#his). com/ open-source/ news/ 2009/ 09/ deep-packet-inspection-engine-goes-open-source. doi:10. [27] http:/ / www. .ranum. "Network Neutrality: Historic Neutrality" (http:/ / www. php [28] "Iran's Web Spying Aided By Western Technology" (http:/ / online. Network World. cybertelecom. news. Retrieved 2008-03-03. com/ article/ SB124562668777335653. html). html?_r=1& hp) by Brian Stelter and Brad Stone. crypto. isen. [17] Anne Broach (2007-07-19)..com/resources/ resiliency-methodologies/dpi-resiliency-methodology) • Subverting Deep Packet Inspection the Right Way (http://www. . [23] Cheryl Gerber (2008-09-18). cybertelecom. Retrieved 2008-03-13.sites/ article.com/2011/02/08/ what-is-deep-packet-inspection-and-why-the-controversy/) • White Paper "Deep Packet Inspection – Technology. IDG News Service. Retrieved 2008-03-03. html). html). ars technica. Retrieved 6/22/09. com/ science/ discoveries/ news/ 2006/ 05/ 70914). [31] "Web Pries Lid of Iranian Censorship" (http:/ / www. nokiasiemensnetworks. "The Great Firewall of China" (http:/ / www. businessweek. Susan Landau. html). CNET News. [32] Genny Pershing.breakingpointsystems. "How the NSA warrantless wiretap system works" (http:/ / www. "Report Rebuts Bush on Spying . com/ wp-dyn/ content/ article/ 2006/ 01/ 06/ AR2006010601772. com/ 2009/ 06/ 23/ world/ middleeast/ 23censor. infoworld.priv. html). isen. "Risking Communications Security: Potential Hazards of the Protect America Act" (http:/ / www. htm) Company press release. 2009. [26] "China Blocks YouTube. com/ global/ Press/ Press+ releases/ news-archive/ Provision+ of+ Lawful+ Intercept+ capability+ in+ Iran. . Wired. ars) [36] (https:/ / www. html). wired.Domestic Action's Legality Challenged" (http:/ / www. .D.inputoutput. The Wall Street Journal. "MPAA: Net neutrality could hurt antipiracy tech" (http:/ / www. opennetinitiative.com/ resources/white-papers/) . Cybertelecom. [21] Robert Poe (2006-05-17). org/ ) [35] Deep packet inspection engine goes open source (http:/ / arstechnica. Cybertelecom. de/ english/ who_we_are. Retrieved 2008-03-03. [25] "Internet Filtering in China in 2004-2005: A Country Study" (http:/ / www. . ars/ post/ 20080311-year-of-filters-turning-into-year-of-lawsuits-against-isps. Retrieved 2008-03-12. nytimes. html). Retrieved 2008-06-26. June 22. .17. htm). com/ blog/ 2009/ 06/ questions-about-wsj-story-on-net. Retrieved 2008-03-12. 2009. Retrieved 2008-10-30. dpacket. org/ group-posts/ open-source-software-general-discussion/ open-source-software-related-deep-packet-inspect) 6 External links • Test Methodology . [24] Ben Elgin and Bruce Einhorn (2006-01-12).1109/MSP. The New York Times. . IEEE Security and Privacy (IEEE Computer Society) 6 (1): 24–33. Matt Blaze. networkworld. Retrieved 2008-06-26.gc. html) by Christopher Rhoads in New York and Loretta Chao in Beijing. . perusa-partners.io/?p=9) • What is "Deep Inspection"? (http://www. "Network Neutrality: Insufficient Harm" (http:/ / www. I. ie/ frontpage/ news-9617239. com/ news. Applications & Net Neutrality" (http://www. .ipoque. . net/ studies/ china/ ). . Ph. 2007-10-18. [34] Opendpi (http:/ / www. .

com/ • Deep Packet Inspection puts its stamp on an evolving Internet (http://advancedtca-systems.Deep packet inspection • Egypt's cyber-crackdown aided by US Company (http://therealnews.com/products/mu-test-suite/ scale-testing.com/t2/latest-news/ best-of-web?task=videodirectlink&id=9042) .savetheinternet.com/ deep-stamp-an-evolving-internet/) • Validate DPI policy using real applications (http://www.mudynamics.DPI technology used by Egyptian government in recent internet crackdown • http://www.html) 7 .

Rami Hadar appointed President and Chief Executive Officer. Gemini. which was sold to Bay Networks for $33m in 1996.com [2] Allot Communications (NASDAQ: ALLT [1]. including: Genesis Partners. application control and subscriber management. This ranking represented revenue growth of nearly 1900% in a year's time. QoS Solutions. JAFCO Investment.[7] . Communication systems 1996 Key people CEO: Rami Hadar.[5] In 2006.76 million (2010) Employees 400 Website www. in several rounds of funding. Allot solutions use deep packet inspection (DPI) technology to change broadband pipes into smart networks offering complete network visibility. Jerusalem Venture Partners.[5] Jacoby previously founded Armon Networking. Walden Israel. and the company began trading publicly on the Nasdaq Global Market under the ticker symbol ALLT. who served as chief executive and chairman until 2006.[4] Corporate history Allot Communications was founded in 1996. and Tamar Technology Ventures. Bandwidth optimization US$ 56. TASE: ALLT [3]) is a provider of IP service optimization solutions for service providers.97 million (2010) US$ 5.Allot Communications 8 Allot Communications Allot Communications Type Industry Founded Public (NASDAQ: ALLT [1] ) Technology. following an IPO which raised $78m.[5] By 2004 Allot raised $38 million. a manufacturer of RMON-based network management solutions. BancBoston Capital.allot. carriers and enterprises. from several venture capital funds. CTO: Jay Klein VP Operations: Pini Gvili Products Revenue Net income Networking.[6] In November 2003. by Michael Shurman and Yigal Jacoby. Deloitte & Touche named Allot the fourth fastest growing company on its Israel Technology Fast 50 list.

Allot's portfolio of hardware platforms and software applications employs Deep Packet Inspection (DPI) technology to turn broadband pipes into smart networks. ivc-online.com. nasdaq. html). co. [9] "Allot Acquires Esphion" (http:/ / www. "Allot raises $78m. VoIP and Video applications. a New Zealand based developer of network protection solutions for carriers and internet service providers. htm). com/ channels/ bandwidth-management/ articles/ 52408-allot-communications-sigma-service-gateway. Combines Teams and Technologies to Form Solid Base for Continued Growth. html). tmcnet. html). The Jerusalem Post. "Allot Communications wraps up $8 million financing round" (http:/ / www. [5] Dar. 2002.[9] Products Allot provides intelligent IP service optimization solutions for DSL. The Marker. Allot solutions are also used to support the need of service providers to charge more from heavy users of peer-to-peer. com/ document." (http:/ / www. com/ [3] http:/ / www.[4] References [1] http:/ / quotes. allot. encyclopedia. Israel Business Today. [6] "Bay Networks acquires Armon Networking" (http:/ / www. asp?articleID=2128). 2006). com/ doc/ 1P1-131347725. lightreading. Business Wire. External links • Allot Communications (http://allot. September 24. com/ doc/ 1G1-92808325. com/ doc/ 1G1-18165625. [7] Krawitz. in Nasdaq listing" (http:/ / www. and enterprises. service providers. wireless broadband carriers.Allot Communications 9 Acquisitions • In September 2002 Allot acquired NetReality. highbeam. March 24. TMCnet. Zuri (25-08-2004). 1996. com/ ivcWeeklyItem. il/ TASEEng/ Management/ GeneralPages/ SimpleSearchResult. Light Reading. Richard (March 17.[8] • In January 2008 Allot Acquired Esphion. in order to enhance its quality of service (QoS) and bandwidth management solutions. asp?doc_id=142343). a provider of network application priority switches (NAPS). [8] "Allot Communications Acquires NetReality. com/ asp/ SummaryQuote. asp?symbol=ALLT& selected=ALLT [2] http:/ / www. Avi (November 17. 2008. tase. htm?objectId=& objectType=& securityType=& searchTerm=ALLT [4] Grigonis. so that value-added Internet services can be rapidly deployed.com) . "Allot Communications' Sigma Service Gateway" (http:/ / www. 2009). highbeam. January 3.

[4] and opened an office in Ann Arbor. for free and public use in blocking spam at the gateway.[14] . the company launched the BRBL (Barracuda Reputation Block List). and viruses. it closed its first outside investment of $40 million from Sequoia Capital and Francisco Partners. Google. web hackers and instant messaging threats such as spam.[5] In January 2006. Netscreen.[7] In addition to providing samples of prior art in an effort to render Trend Micro's patent invalid. 2008. Michigan. trojans. load balancing. networking and storage solutions based on appliances and cloud services. NG Firewalls. is a privately held company providing security. California. its proprietary and dynamic list of known spam servers.com [1] Barracuda Networks. The company's networking and storage solutions include web filtering.[8] In December 2008. The company’s security products include solutions for protection against email. Email Archivers. United States Key people Dean Drako (CEO) Michael Perone (CMO) Zach Levow (CTO) Products Spam Firewalls.[9] Soon after opening BRBL many IP addresses got blacklisted without apparent reason and without any technical explanation. SSL VPNs.Barracuda Networks 10 Barracuda Networks Barracuda Networks Type Industry Founded Private Telecommunication 2003 Headquarters Campbell. Inc. application delivery controllers.[6] On January 29.000 customers.[10] [11] [12] [13] As of October 2009. message archiving. spyware. which Trend Micro claimed to be in violation of their patent on 'anti-virus detection on an SMTP or FTP gateway'. web surfing.[2] Barracuda Networks was established in 2003 and introduced the Barracuda Spam and Virus Firewall. CudaTel PBX Employees Website 500-1000 www. Web Site Firewalls. backup services and data protection.barracudanetworks. Sequoia Capital had previously provided financing to Cisco Systems. IM firewalls.[3] In 2007 the company moved its headquarters to Campbell. in July 2008 Barracuda launched a countersuit against Trend Micro claiming Trend Micro violated several antivirus patents Barracuda Networks had acquired from IBM. NG firewalls. Load balancers. California. Backup solutions. Barracuda had over 85. and Yahoo!. Web filters. Barracuda Networks was sued by Trend Micro over their use of the open source anti-virus software Clam AntiVirus.

[20] • SSL VPN .[16] • Web filter . Barracuda launched a spam and virus firewall for large enterprises and ISPs.[23] • Backup services . remote access. CudaTel features FreeSWITCH. in conjunction with its acquisition of Purewire.In February 2010.In July 2007. 2008.[26] • NG Firewall .[25] • Purewire Web Security Service .Launched in September 2005 to protect and archive instant messaging content.[22] • Link Balancer . an Austria-based public company delivering enterprise-class firewalls.In November 2006. Barracuda announced the release of CudaTel. including [24] In January 2009. Barracuda Networks acquired NetContinuum.[31] In January 2009. content security.[28] Acquisitions In September 2007. a software as a service (SaaS) company offering cloud based web filtering and security.[33] In October 2009.In October 2003.Announced in February 2008. integrating Barracuda Backup Service with Yosemite Backup. the company introduced its web filtering appliance to prevent spyware and viruses from gathering and transmitting user data. intrusion prevention. the company introduced message archiving to index and preserve emails. and safe web surfing.Announced in September 2008. Barracuda Networks acquired Purewire Inc.[21] • Web Application Firewall .In November. and network access control into one platform that is centrally managed across multiple distributed enterprise network locations. a company providing application controllers to secure and manage enterprise web applications. the company launched its secure sockets layer virtual private network product to provide secure. Barracuda Networks acquired 3SP.[29] In November 2008. a VOIP Private branch exchange designed for IT administrators. on-site backup with data deduplication and off-site data replication for disaster recovery.[18] • Load balancer . and Windows system states. Barracuda Networks launched the Purewire Web Security Service which is a software as a service offering for Web filtering.Barracuda Networks 11 Products • Spam and virus firewall . the company introduced a load balancing appliance for high availability distribution of network traffic across multiple servers. NG Firewalls are available both as hardware or as a virtual appliance and include wide area network traffic optimization.[30] In November 2008.[27] • CudaTel Communication Server (PBX) . the company announced a service to back up data in the cloud. Barracuda Networks acquired controlling interest in phion AG. and to meet legal and regulatory compliance. The firewalls integrate web and email filtering. Barracuda announced its NG Firewalls to protect enterprise network infrastructures. Barracuda announced its spam and virus firewall plug-in appliance.[15] In June 2008.[19] • Message archiver . Barracuda Networks expanded into cloud-based backup services by acquiring BitLeap. and to control web surfing.In October 2009.in August 2010. to optimize and aggregate internet connections from different providers. allowing the company to introduce Secure Sockets Layer (SSL) Virtual Private Network (VPN) products to perform malware scans on files uploaded during a VPN session to network file shares or internal Web sites.In November 2008.[32] September 2009.[17] • IM Firewall . layer 7 application profiling. Barracuda added message-level backup for Microsoft Exchange and Novell GroupWise. for securing Web applications for large enterprises and to address regulation compliance such as PCI DSS.[34] .In April 2005. a open-source project sponsored by Barracuda Networks. formerly Tapeware. Barracuda Networks acquired Yosemite Technologies to add software agents for incremental backups of applications such as Microsoft Exchange Server and SQL Server. clientless.

com/ news/ 2006/ 011106-barracuda. com/ equipment/ 2007/ barracuda_message_archiver. isp-planet. jhtml?articleID=160902103) [18] ComputerWorld Security Security Log (http:/ / www. html. linux. Yosemite (http:/ / www. infosecurity-magazine. com/ s/ article/ 86007/ Barracuda_Networks_launches_antispam_appliance_line?taxonomyId=086) [16] eChannelline Barracuda launches Spam Firewall for large enterprises (http:/ / www. html?ana=from_rss) . html) [26] Channel Insider Barracuda Acquires Cloud Security Vendor Purewire (http:/ / www. html) [34] Atlanta Business Chronicle Barracuda buys Purewire Inc. informationweek. informationweek. echannelline. eweek. com/ [2] Company Product Page. (http:/ / www. com/ 2009/ 10/ 13/ barracuda-swallows-purewire-as-it-becomes-a-bigger-fish-in-web-based-security-services/ ) [4] The Campbell Reporter Barracuda Networks sinks its teeth into site on Winchester Boulevard (http:/ / www. html) [21] Comms Express New SSL VPN Announced (http:/ / www. com/ barracuda-networks-launches-barracuda-load-balancer. com/ archives/ campbellreporter/ 20070323/ business2. com/ news. html) [24] Information Week Barracuda Swims Into The Cloud (http:/ / www. (http:/ / www. com/ usa/ story. Yosemite (http:/ / www. com/ article/ 158462/ backup_merger_unites_barracuda_yosemite. com/ barracuda-networks-buys-netcontinuum/ article/ 35669/ ) [30] InformationWeek Barracuda Swims Into The Cloud (http:/ / www. informationweek. com/ view/ 7138/ barracuda-moves-into-distributed-firewall-technology/ ) [28] Barracuda Networks Launches CudaTel – New VoIP PBX Based on the Open Source FreeSWITCH Project (http:/ / www. shtml) [6] NetworkWorld Barracuda attracts $40 million in venture investment (http:/ / www. html) [9] Linux. com/ topic/ 32502 [14] San Jose Business Journal Barracuda Networks buys Purewire (http:/ / sanjose. php?nid=368) [29] SCMagazine Barracuda Networks buys NetContinuum (http:/ / www. com/ news/ security/ vulnerabilities/ showArticle. bizjournals. com/ sanjose/ stories/ 2009/ 10/ 12/ daily19. linux. [3] VentureBeat Barracuda swallows Purewire as it becomes a bigger fish in web-based security services (http:/ / venturebeat. ars/ post/ 20080702-barracuda-bites-back-at-trend-micro-in-clamav-patent-lawsuit. scmagazineus. bizjournals. computerworld. com/ news. computerworld. com/ equipment/ 2008/ barracuda+ link+ balancer. com/ s/ article/ 104909/ Security_Log?taxonomyId=017) [19] IT & Security Portal Barracuda Networks Launches Barracuda Load Balancer (http:/ / www. com/ sanjose/ stories/ 2009/ 09/ 28/ daily9. pcworld. cfm?item=15073) [23] ISP Planet Barracuda Networks' Link Balancer (http:/ / www. com/ archive/ articles/ 155880) [10] http:/ / andrew. html) [33] Silicon Valley Business Journal Barracuda Networks takes controlling interest in phion (http:/ / sanjose. com/ usa/ brief. heyvan. com/ news/ networking-equipment/ floor-boxes/ new-ssl-vpn-announced-18881252/ ) [22] eChannelline Barracuda puts bite on SMB Web application controller (http:/ / www. shtml) [5] Crain's Detroit Business Silicon Valley firm picks Ann Arbor for office (http:/ / www. comms-express. barracudanetworks. html) [15] ComputerWorld Barracuda Networks launches antispam appliance line (http:/ / www. ca/ barracuda-problems. networkworld. it-observer. barracudanetworks. com/ c/ a/ Security/ Barracuda-Acquires-Cloud-Security-Vendor-Purewire-559167/ ) [27] InfoSecurity Barracuda moves into distributed firewall technology (http:/ / www. bizjournals. com/ atlanta/ stories/ 2009/ 10/ 19/ story7.Barracuda Networks 12 References [1] http:/ / www. cfm?item=23340) [17] InformationWeek Barracuda Rolls Out Spyware-Blocking Appliance (http:/ / www. ars/ post/ 20080129-barracuda-defends-open-source-antivirus-from-patent-attack. com/ ns/ products/ ) Barracuda Networks. com/ blog/ main/ archives/ 2008/ 11/ barracuda_swims.jsessionid=OVGGXQ5J5OOQHQE1GHPCKH4ATMY32JVN) [31] Eweek Barracuda Networks Breaks into SSL VPN Space (http:/ / www. com/ ns/ news_and_events/ index. community-newspapers. com/ archives/ campbellreporter/ 20070323/ business2. pcworld. com/ 2008/ 11/ 06/ barracudacentral-another-blacklist-black-hole/ [13] http:/ / community. Retrieved 2010-02-10.jsessionid=XDFD2WAXZBEB3QE1GHPCKH4ATMY32JVN) [25] PCWorld Backup Merger Unites Barracuda. html [11] http:/ / www. html?fsrc=rss-virusworms) [7] Ars Technica Barracuda defends open-source antivirus from patent attack (http:/ / arstechnica.com Barracuda offers a new alternative to Spamhaus (http:/ / www. com/ archive/ ?module=comments& func=display& cid=1204572 [12] http:/ / steve. echannelline. barracudanetworks. community-newspapers. html) [8] Ars Technica Barracuda bites back at Trend Micro in ClamAV patent lawsuit (http:/ / arstechnica. isp-planet. com/ article/ 158462/ backup_merger_unites_barracuda_yosemite. triumf. html) [20] ISP Planet Barracuda's Message Archiver (http:/ / www. spiceworks. channelinsider. html. com/ blog/ main/ archives/ 2008/ 11/ barracuda_swims. com/ c/ a/ Security/ Barracuda-Networks-Breaks-Into-SSL-VPN-Space-for-Small-Business/ ) [32] PC World Backup Merger Unites Barracuda.

com) • Barracuda Networks company Products page (http://www.com/ns/products/) • CudaTel .barracudanetworks.com) .barracudanetworks.Barracuda Networks 13 External links • Barracuda Networks corporate website (http://www.Barracuda Networks PBX/Phone System (http://www.cudatel.

Texas area. Intrusion prevention systems. Sweden (Former Protect Data development centre) and in Belarus. Chairman & CEO Marius Nacht. Founded in 1993 in Ramat-Gan.200 (2010) ZoneAlarm. as well as in Canada in the Ottawa. in Redwood City. by the company’s current Chairman & CEO Gil Shwed. Today the company develops. The company also has offices in the United States. Founder FireWall-1. Check Point today counts approximately 2. Endpoint. California (ZoneAlarm). security. markets and supports a wide range of software and combined hardware and software products that cover all the aspects of IT security. (NASDAQ: CHKP [1]) is a global provider of IT security solutions. where he serves as President and CEO). Founder. The company's development centers are located in Israel. Check Point first pioneered the industry with FireWall-1 and its patented stateful inspection technology. including network security.Check Point 14 Check Point Check Point Software Technologies Ltd. which became the foundation for the company’s first product (simply called FireWall-1). together with two of his friends. Israel (before May 2007: Ramat Gan) Key people Gil Shwed. Web Application Security Revenue Net income Employees Subsidiaries Website US$ $1.300 employees worldwide.097. Marius Nacht (currently serving as Vice Chairman) and Shlomo Kramer (who left Check Point in 2003 to set up a new company – Imperva. Gil had the initial idea for the company’s core technology known as stateful inspection. at the age of 25. soon afterwards they also developed one of the world’s first . Check Point Integrity. UTM-1.9 million (2010) US$ $452. Israel. Type Public NASDAQ-100 component NASDAQ: CHKP IT security Computer software Computer hardware [1] Traded as Industry Founded 1993 Headquarters Tel Aviv.8 million (2010) [2] 2. data security and security management. VPN-1. History Check Point was established in 1993. endpoint security. Ontario area.com [3] Products Check Point Software Technologies Ltd. California and in the Dallas. Best known for its firewall and VPN products. Security appliances. SofaWare www.checkpoint.

which are sold to small and medium businesses (SMBs). • Security Management . secures virtual machines and applications via either hypervisor integration using the VMSafe API. and also contains encrypted storage for confidential data. [5] [6] Initial funding of $600. By February 1996. and tablet PCs.[8] The same year. UTM-1. Check Point raised $67 million from its initial public offering on NASDAQ. the company was named worldwide firewall market leader by IDC with a market share of 40 percent.[4] Shwed developed the idea while serving in the Israel Defense Forces. 2008 was elected as mayor of Jerusalem). full disk encryption. Solutions are based on the Software Blade architecture.[10] In 1998. antivirus. and telecommunications carriers: • Network Security . or as a VMware network appliance. access controls.[11] by 2000 the company became the world’s leading provider of VPN solutions (in terms of market share). the U.deployed as a single security agent that combines firewall. removable media encryption. mobile phones. Check Point established a successful partnership with Nokia. managed service providers. either from technology partners like Crossbeam and Hewlett-Packard.[9] In June 1996. head office was established in Redwood City. anti-spyware. • Data Security . URL filtering. a venture capital fund established by brothers Eli and Nir Barkat (who on November 11. and device provisioning. Data Loss Prevention and Application Control. allowing remote access of the corporate network via a VPN connection. enterprises. correlation.[4] followed by a distribution agreement with HP in 1995. IPsec VPN.g. Intrusion Prevention. USB). • Endpoint Security .the Check Point Mobile Access software product provides secure access to corporate resources via a SSL VPN portal for devices such as laptops. culminating in the acquisition of Nokia’s network security business unit in 2009. Antivirus.[12] 15 Products Check Point offers the following primary solutions and product lines.The Security Gateway VE product for virtual environments. multi-domain security management. Check Point started acquiring other IT security companies.000 was provided by BRM Group. • Virtualization Security . Media Encryption and Port Control secure data-at-rest on endpoints. and a VPN client. or on Check Point’s own line of appliances which includes Safe@Office. with a portfolio of 11 management software blades including event analysis.Check Point's core business has historically focused on network security components including Firewall. Power-1. VPNs. and the DLP security gateway product secure data-in-motion and data-in-use. where he worked on securing classified networks. Check Point Document Security focuses on protecting data-in-use. . • Mobile Security .S. just over 10 years after first establishing the partnership with Nokia. which runs on VMware ESX and ESXi. The security policies for networked endpoints can be centrally managed from a single location via the Endpoint Policy Management Software Blade product. Full Disk Encryption. The Check Point Abra USB device provides a secure virtual desktop for Microsoft Windows machines. Anti-spam. Mobile Access.[7] The company’s first commercial breakthrough came in 1994 when Check Point signed an OEM agreement with Sun Microsystems. set policy and apply protections across the entire security infrastructure from a single interface. A separate product called VPN Power-1 VSX can host multiple virtual security gateways on a single machine.[4] During the 2000s.Check Point VPN products (VPN-1). which bundled Check Point’s Software with Nokia’s computer Network Security Appliances. California. IP Appliances. UTM-1 Edge. network access control.Allows administrators to manage events.Data security solutions focus on securing data throughout the stages of the data lifecycle. I/O port protection (e. These products are deployed as software on x86 based servers or appliances. and Integrated Appliance Solutions platforms.

"[21] In 2001. One of the key aspects of this effort has been the creation of a management system designed to enable service providers or value added resellers to lift the burden of security management from the end users while at the same time delivering additional services such as automatic security and software updates. with a 38% revenue market share.[15] Prior to their acquisition by Check Point. content filtering. in a cash deal valued at $586m in late 2006.[13] In 2011. and withheld monies due for use of SofaWare technology and products[24] Check Point appealed the ruling.[26] . claiming Check Point was not transferring funds to SofaWare as required for its use of SofaWare's products and technology.[24] Bogner claimed that Check Point.[13] His derivative suit was ultimately approved and Check Point was ordered to pay SofaWare NIS 13 million for breach of contract. As part of the settlement it acquired the SofaWare shares held by Bogner and Ruppin. the Israeli Supreme Court ruled that a group of founders of SofaWare.[25] In 2009. following its failed plan to acquire the larger IPS vendor Sourcefire.[17] • Nokia Security Appliances division. Etay Bogner.[13] In 2006.[13] In 2004.[13] The court ruled that the three founders could not individually exercise their veto power. for $205 million in cash and shares. makers of the ZoneAlarm personal firewall software. Bogner sought court approval to file a shareholder derivative suit.[20] SofaWare Legal Battle SofaWare Technologies was founded in 1999. an intrusion prevention system developer.1 million in alleged damage to SofaWare. Check Point tried to acquire intrusion prevention system developers Sourcefire for $225 million. but later lost the appeal. Check Point settled all litigation relating to SofaWare.[19] but later withdrew its offer after it became clear US authorities would try to block the acquisition. the holding company for PointSec Mobile Technologies. anti-virus and more. According to SofaWare's co-founder Adi Ruppin. sales of SofaWare's Safe@Office firewall/VPN appliances skyrocketed. "The Company's vision is to take this enterprise-strength technology and make it as simple to use and as affordable as possible without detracting from its quality.Check Point 16 Acquisitions • SofaWare Technologies. was acquired in April 2009. Protect Data acquired Reflex Software. under the Check Point brand. and began a process of acquiring the remaining shares.[18] In 2005. Adi Ruppin and Etay Bogner. has veto power to prevent SofaWare from taking any decision of which he disapproves. co-founder of SofaWare scored a legal victory over Check Point. resulting in SofaWare becoming a wholly owned subsidiary. a data security startup company based in Boston.[21] By the fourth quarter of 2002. the Tel Aviv District Court Judge ruled that Bogner SofaWare could sue Check Point by proxy for $5. in January 2002 (partial acquisition). SofaWare began selling firewall appliances under the SofaWare S-Box brand. in 2003. but only as a group and by majority rule. with the purpose of extending Check Point's success in the enterprise market.[23] Relations between Check Point and the SofaWare founders went sour after the company acquisition in 2002. which includes Bogner. to the small business. was acquired in June 2010.[22] In 2002.[12] • Privately held Liquid Machines. has behaved belligerently. as a cooperation between Check Point and SofaWare's founders. which owns 60% of Sofaware. for $20 million in late 2006. the company started selling the Safe@Office / Safe@Home line of security appliances.[16] • NFR security. consumer and branch office market.[14] • Protect Data. and SofaWare held the #1 revenue position in the worldwide firewall/VPN sub-$490 appliance market.[13] • Zone Labs.

com/ science?_ob=ArticleURL& _udi=B6V77-4PTN8PN-1& _user=10& _rdoc=1& _fmt=& _orig=search& _sort=d& _docanchor=& view=c& _searchStrId=1085105296& _rerunOrigin=google& _acct=C000050221& _version=1& _urlVersion=0& _userid=10& md5=3cf69059540492454dd362317b553b2f). html). com/ news/ channel-programs/ 18836954/ gil-shwed-chairman-ceo-check-point-software-tech. com/ press/ 2009/ check-point-completes-nokia-acquisition-041309.September 25. html). 2002 [7] Wallace. . com/ press/ pointsec/ 2006/ 11-02. encyclopedia. com/ press/ 2006/ pointsec112006. CIO Magazine October 1. html). 2002. 3385). com/ [4] Mayor. Retrieved 2009-04-13.December 1. Chairman & CEO. "CIO 20/20 Honorees--Innovator's Profile: Gil Schwed of Check Point Software Technologies Ltd" (http:/ / www. Business Wire . ). com/ books?id=MA0AAAAAMBAJ& lpg=PA76& dq=Gil Shwed& pg=PA76#v=onepage& q=Gil Shwed& f=false). [10] Breznitz.com.Check Point Certified Managed Security Expert CCMA . [5] Savage. "MOVERS & SHAKERS: Eli Barkat: Making Push More Polite -. htm) [19] "Check Point and Sourcefire to Explore Alternative Business Relationship" (http:/ / www. html). market-leading FireWall-1 solution now available through HP and its reseller channel. 1999. 1995. 2006-03-23. "CheckPoint Software Named Firewall Market Share Leader by IDC.Check Point Certified Security Administrator CCSE . com/ asp/ SummaryQuote. CIO (http:/ / books. Retrieved 2008-10-12.Check Point Certified Master Architect References [1] http:/ / quotes. by Berislav Kucan .Check Point Certified Specialist CCSA . [12] "Check Point Completes Acquisition of Nokia Security Appliance Business" (http:/ / www." (http:/ / www. Marcia. Dan. com/ print-edition/ business/ etay-bogner-bests-check-point-in-court-once-again-1. CRN. google. p. Gil Shwed. html). 2001. checkpoint. sciencedirect. checkpoint. com/ press-release/ Check-Point-Acquires-Data-Security-Startup-Liquid-Machines-NASDAQ-CHKP-1273411. . 1996. [9] Press Release. [13] Roth. com/ press/ 2003/ zonelabs121503. com/ doc/ 1G1-17461605. Retrieved 2009-07-01.Check Point Certified Security Expert CCSE+ . html). Business Week . David. [17] "Check Point to Acquire NFR Security. 21 January 2003. "Check Point Software & Nokia Expand Partnership" (http:/ / www. Retrieved 2008-10-12. crn. Business Wire . checkpoint.February 5. 2006-11-20. sciencedirect. 1999. [15] "Check Point Announces a Cash Tender Offer to Acquire Protect Data" (http:/ / www. securityfocus. [11] Press Release . htm). checkpoint. Haaretz. "CheckPoint Software and HP sign distribution agreement. 2009-04-13.Tuesday. Check Point Software Tech (http:/ / www. [21] Interview with Adi Ruppin. . html). php?id=361) [22] Check Point bolsters new firewall appliance. . retrieved 2009-11-09 [8] Company Press Release.. Nov. checkpoint. com/ news/ 11382). com/ ebiz/ 9912/ em1201. [18] Check Point Acquires Data Security Startup Liquid Machines (http:/ / www. Worldwide Market Share of 40 Percent Represents Significant Lead in Providing Enterprise Network Security Solutions. html). [14] "Check Point Software Technologies to Acquire Zone Labs" (http:/ / www. cio.Check Point 17 Certification Check Point has a long-running history of training and certification on their products. nasdaq. checkpoint. Retrieved 2008-10-12. checkpoint. 2006-12-19. encyclopedia. "Etay Bogner bests Check Point in court once again" (http:/ / www. Research Policy 36 (9): Research Policy. checkpoint. [3] http:/ / www. . ." (http:/ / www. . 07. . com/ doc/ 1G1-17461605. com/ article/ 31405/ CIO_20_20_Honorees_Innovator_s_Profile_Gil_Schwed_of_Check_Point_Software_Technologies_Ltd. Founder and Managing Director of SofaWare. com/ corporate/ facts. net-security. Retrieved 2008-10-13. (http:/ / www. haaretz.and Ready for Prime Time" (http:/ / www. "Industrial R&D as a national policy: Horizontal technology policies and industry-state co-evolution in the growth of the Israeli software industry" (http:/ / www. html). including the following: • • • • • • CPCS . Tracy. com/ press/ 2006/ nfrsecurity121906. Business Wire . marketwire.Check Point Certified Security Expert Plus CCMSE . org/ article. .October 19. Nurit (26-11-09). com/ press/ 2006/ sourcefire032306. asp?symbol=CHKP& selected=CHKP [2] "Check Point Software Facts @ A Glance" (http:/ / www. htm). Expands Intrusion Prevention Capabilities to Fortify Enterprise Networks" (http:/ / www. [20] "Check Point calls off Sourcefire buy" (http:/ / www. 15. 2001. 2006-11-02. Network World Dec 17. 2003-12-15. businessweek. [16] "Protect Data acquires Reflex Software Limited to extend product portfolio" (http:/ / www. 18 . Retrieved 2008-10-12. 2006-03-24. [6] Gil Shwed. Retrieved 2008-10-12. com/ science?_ob=ArticleURL& _udi=B6V77-4PTN8PN-1& _user=10& _rdoc=1& _fmt=& _orig=search& _sort=d& _docanchor=& view=c& _searchStrId=1085105296& _rerunOrigin=google& _acct=C000050221& _version=1& _urlVersion=0& _userid=10& md5=3cf69059540492454dd362317b553b2f). Oct 1.

Oded (April 25. Retrieved 14 June 2010. "Sofaware founder cleared to sue Check Point for $5. com/ economy-finance/ sofaware-founder-cleared-to-sue-check-point-for-5-1-million-1. 2006). ח' מלצר.checkpoint. 2011 18 External links • Corporate website (http://www.1 million" (http:/ / english. .Check Point [23] Check Point Software Stakes Claim in Small Business Internet Security Space Company Duplicates Market-leading Enterprise Success in Sub-$490 Appliance Segment (http:/ / www. א' רובינשטיין.com/) . 2850/08 ‫ עא‬CHECK POINT SOFTWARE TECHNOLOGIES LTD ‫'נ' איתי בוגנר )עליון. checkpoint. themarker. Ha'aretz. html) [24] Arbel. com/ press/ 2003/ infonetics031203. נ‬ ‫)הנדל‬ [26] Check Point 20-F SEC filing. 186085). [25] Israeli Supreme Court.

67 billion (2011) [4] US$ 6. California. Inc. (NASDAQ: CSCO [1].com] Headquarters Area served Key people Products Cisco Systems.49 billion (2011) [4] US$ 87.700 (2011) List of acquisitions [www.com www. Telepresence.cisco. California. Security Datacenter List of Cisco Products Revenue Operating income Net income Total assets Total equity Employees Subsidiaries Website [4] US$ 43. United States Worldwide John T. Inc. California (1984) Len Bosack Sandy Lerner Richard Troiano [2] [3] San Jose. networking. that designs and sells consumer electronics.cisco. SEHK: 4333 [6]) is a multinational corporation headquartered in San Jose.25 billion (2011) [5] 70.21 billion (2011) [4] US$ 7. voice. Type Traded as Public NASDAQ: CSCO [1] Dow Jones Industrial Average Component S&P 500 Component Industry Founded Founder(s) Computer networking San Francisco.Cisco Systems 19 Cisco Systems Cisco Systems. Chambers (Chairman & CEO) Networking Device Network Management Cisco IOS and NX-OS Software Interface and Module Optical networking Storage area networks Wireless. VOIP.09 billion (2011) [4] US$ 47. and communications technology and .

[21] [22] a U. 1990.000 employees with an early-retirement program who accepted buyout and 7. and succeeded in 1995 by John Chambers. presidential honor to recognize companies "for the exemplary quality of their relationships with employees and communities". Lerner moved on to direct computer services at Schlumberger. upon hearing the news. who held the position from 1987 to 1988. For Cisco's first product.Cisco Systems services.[17] However.000 employees and annual revenue of US$ 40.[12] [13] In July 2009. The company cut around 3. the company went public (with a market capitalization of $224 million) and was listed on the Nasdaq stock exchange.[10] As the Internet Protocol (IP) became widely adopted. a married couple who worked as computer operations staff members at Stanford University. On February 16. later joined by Richard Troiano. Cisco was the most valuable company in the world.[16] As part of the company's overseas strategy. San Francisco.S. moving full time to Cisco in 1987. due to lower than expected profit. The company's first CEO was Bill Graves. On August 28. Cisco's largest routers are primarily used to deliver IP packets. at the height of the dot-com boom. Lerner was fired. with a market capitalization of more than US$500 billion. and is also included in the S&P 500 Index. 1990.[9] it was one of the first to sell commercially successful routers supporting multiple network protocols.0 billion as of 2010. 2009. 2006. The name "Cisco" was derived from the city name.000 jobs means around 14 percent of the 73. NASDAQ 100 Index and the Russell 1000 Growth Stock Index. Cisco was a 2002-03 recipient of the Ron Brown Award. Cutting as many as 10. her husband Bosack resigned in protest. Cisco introduced a new logo that was created in collaboration with Joe “Phenom” Finocchiaro and Jerry “The King” Kuyper. Cisco System Inc. it has built its Globalization Centre East in Bangalore for $1 billion and 20% of Cisco's leaders will be based there.000 jobs that would be eliminated by the end of August 2011.400 total employees before curtailment.[14] it is still one of the most valuable companies. The stock was added to the Dow Jones Industrial Average on June 8.[15] On September 7. another Stanford employee who later joined Sun Microsystems.[8] In 1988. Cisco has more than 70. Bosack adapted multiple-protocol router software originally written some years before by William Yeager. Cisco commonly stays on top of Fortune "100 Best Companies to work for". 70% of which was committed to their own charity. the Russell 1000 Index. which is why the company's engineers insisted on using the lower case "cisco" in the early days.[18] [19] Media and Awards Cisco products. John Morgridge was appointed CEO. with a market cap of about US$108. Today. with position #20 in 2011 [23] . the importance of multi-protocol routing declined.03 billion. cut annual expenses by $1 billion in July 2011.[11] In late March 2000.[7] 20 Corporate history Len Bosack and Sandy Lerner. most notably IP phones and Telepresence are frequently sighted in movies and TV series [20] The company itself and its history was featured in the documentary film Something Ventured which premiered in 2011. The couple walked away from Cisco with $170 million. founded Cisco Systems in 1984. One of the many buildings on the Cisco Systems campus in San Jose While Cisco was not the first company to develop and sell a router.

for about US$7 billion. It was the most expensive acquisition made by Cisco to date. Unified Communications. wireless systems.Cisco Systems 21 Acquisitions Cisco acquired a variety of companies to bring in products and talent into the company.[32] Voice and conferencing solutions: VOIP phones and gateway-systems. and home networking. and only the acquisition of Scientific Atlanta has been larger. switches. Several acquired companies have grown into $1Bn+ business units for Cisco. • Corporate market: Enterprise networking and Service Providers • Borderless networks: for their range of routers. HealthPresence. Cisco announced they were discontinuing all Flip camera production. Cisco acquired Linksys in 2003. switches etc. • Broadband: cable modems • Cisco ūmi . Call Center systems.[26] Products and services Cisco's current portfolio of products and services is focused upon three market segments – Enterprise and Service Provider.[30] • Small businesses[31] • • • • • Routers and switches Security and surveillance: IP cameras. Storage Networking and Cloud services. security systems. Enterprise Voice over Internet Protocol (VOIP). Unified Fabric. data and network security solutions etc.video conferencing Cisco also attempted to enter consumer market with a line of video recording devices dubbed "Flip". 2011. video conferencing Wireless: WiFi Access points Network storage systems • Home user[33] • Linksys product line of access points.[24] Several acquisitions. energy and building management systems and media aware networks. This move did not go well and on April 12. California. Enterprise social networks and Mobile applications[28] • Datacenter and Virtualization: Unified Computing. It will no longer carry the making of Flip cameras. including LAN switching. Cisco Group. broadcast video contribution/distribution.[27] • Collaboration: IP video and phones. TelePresence. became a key stakeholder in e-Skills Week.[34] [35] . were the biggest deals in the industry when they occurred. Cisco bought Starent Networks (a mobile technology company) and Moto Development [25] Also in 2010. Small Business and the Home. a start-up company located in Petaluma. Data Centre Switching. The solutions for each market are segmented into Architectures. a product design consulting firm that helped develop Cisco's Flip video camera. which form the basis for how Cisco approaches each market. the company acquired Cerent Corporation. In 1995-1996 the company completed 11 acquisitions. WebEx. such as Stratacom.[29] • IP NGN (Next Generation Networks): High-end routing and switching for fixed and mobile service provider networks. In March 2011. Cisco completed the acquisition of privately held network configuration and change management solutions company Pari Networks. During the Internet boom in 1999. entitlement and content delivery systems. WAN acceleration. In the recent merger deals.

7600. Cisco Catalyst 3000 Series.[36] These are: • • • • • • Borderless Networks Collaboration Data Center and Virtualization IP NGN (Next Generation Networks) Small Business Consumer Under these architectures. 9900 series. Cisco Manufacturing Mobile Video Collaboration with Librestream.Cisco Systems 22 Architectures In an effort to allow their sales team to have more business-focused conversations with customers. and introduce new products and features in order to provide a complete set of capabilities in each area. 2000. 5000. 8900 series. Hardware • Datacenter products: Nexus Switches (1000v. Cisco announced a new focus around six ‘Architectures’ in 2009.Cable/IP . 7000). • Unified Computing: Cisco Unified Computing System (UCS) virtual server platform: with VMWare [38] virtualization system run servers on Cisco hardware • Catalyst switches: Cisco Catalyst 2900 Series. ASR Series and CRS-1 and CRS-3 • Cisco Security Manager • Security appliances: ASA 5500. MDS. Cisco Catalyst 6500 Series • Collaboration systems such as Cisco TelePresence. 7965. Cisco acquired Tandberg. 7942. 1000 Series. PIX 500 series A Cisco ASM/2-32EM router deployed at CERN in 1987. 6900 series) • Cisco Application Control Engine (ACE): Application Delivery Controller • Routers. Unified Computing System (UCS) • Flip pocket camera (Discontinued in April 2011[37] ) • Cisco SPA500 Series IP Phones • Linksys SPA900 Series IP Phones • Cisco Unified IP Phones (7945. 12000. as opposed to focussing on discussions around products. Cisco intends to gradually knit together its various products. including: 837. 2500 Series. 4000. Catalyst 4500. the world leader in Telepresence systems[39] • VOIP: Wireless IP Phone 7920 • CLEO: Low Earth Orbit router • Cisco Wireless LAN • Cisco Cius: a new Android-based collaboration tablet • Cisco Wide Area Application Services (WAAS) • Set Top Boxes (High Definition PVRs). 3600 Series.

Linksys has partnered with companies such as Skype and Yahoo to integrate consumer VoIP services with wireless and cordless phones. and others.Cisco Systems 23 Software • • • • • • • • • • • • • • • • • • Internetwork Operating System NX-OS Cisco Active Network Abstraction Cisco Fabric Manager Cisco AnyConnect Secure Mobility Client Cisco Systems VPN Client CiscoView Data Center Management and Automation . Cablevision. and Katrina. UPC. voice over IP.[41] Network Emergency Response The company maintains several Network Emergency Response Vehicles (NERV)s which are staffed by Cisco employees during natural disasters and other public crises. Cisco Unified Mobility. The vehicles are self contained and provide wired and wireless services including voice and radio interoperability. deployed to incidents such as the October 2007 California wildfires. and is now moving into the home user market through its acquisitions of Scientific Atlanta and Linksys. Hosted Collaboration Solution Cisco partners can now offer cloud-based services based on Cisco's virtualized Unified Computing System (UCS). Ike. Cisco received the Innovation Preparedness award from the American Red Cross. North Carolina for strategic deployment in North America and are capable of being [42] [43] The NERV has been fully operational within 15 minutes of arrival.8-meter satellite antenna. didactic network simulator Cisco Network Magic Pro Cisco Unified Communications Manager Cisco IP Communicator Cisco Quad Cisco Security Manager WebEx Collaboration Tools VoIP services Cisco became a major provider of Voice over IP to enterprises. NERVs are normally stored at Cisco facilities in San Jose. Scientific Atlanta provides VoIP equipment to cable service providers such as Time Warner. Cisco Unity Connection (unified messaging). and Cisco Webex Meeting Center. network based video surveillance and secured high definition video conferencing for leaders and first responders in crisis areas with up to 5 Mbps of bandwidth via a 1. A part of the Cisco Unified Services Delivery Solution. running for 72 hours continuously. California and Research Triangle Park. [44] In 2011.[45] . Cisco NAC Appliance Cisco Eos Packet Tracer. and tornado outbreaks in North Carolina and Alabama in 2011.Cisco Intelligent Automation [40] CiscoWorks Network Management software Clean Access Agent. hurricanes Gustav. the 2010 San Bruno gas pipeline explosion. it will include hosted versions of Cisco Unified Communications Manager (UCM). Silicon Valley Chapter for it's development and use of these vehicles in disasters. Cisco Unified Presence. Rogers Communications. Cisco Unified Contact Center.

" He also condemned the US . 2008. with hacking and pressured the US government to extradite him from Canada where he was giving evidence against Cisco in an anti-trust hearing. There are five levels of certification: Entry.[51] Wired News had uncovered a leaked. Service Provider.[53] [54] Antitrust lawsuit On December 1. the Brazilian Federal Police and Brazilian Receita Federal (equivalent to the American IRS) under the "Persona Operation" uncovered an alleged tax fraud scheme employed by Cisco Systems since 2002 that exempted the company from paying over R$1.[48] On May 20. and recently Architect. Cisco and other telecommunications equipment providers supplied the Chinese government with surveillance and Internet infrastructure equipment that is used to block Internet websites and track Chinese on-line activities. Cisco's liability insurers. and officers paid the plaintiffs US$91. Canadian Judge Ronald McKinnon. Network Security. Cisco settled this lawsuit by complying with FSF licensing terms and making a monetary contribution to the [49] FSF. its directors. journalist Sarah Stirland accuses Cisco of marketing its technology "specifically as a tool of repression. Expert. the Free Software Foundation filed suit against Cisco regarding Cisco's failure to comply with the GPL and LGPL license models and make the applicable source code publicly available. Criticisms and controversy Shareholder Relations A class action lawsuit filed on April 20. 2008. Routing & Switching." Tax fraud investigation On October 16. as well as eight different paths. in an effort to open up the network maintenance services marketplace for Cisco equipment. 2009. promote competition and ensure consumer choice and value. on August 18. Associate. 2001 accused Cisco of making misleading statements that "were relied on by purchasers of Cisco stock" and of insider trading. and Wireless. British born Peter Alfred-Adekeye.[50] According to author Ethan Gutmann.[46] While Cisco denied all allegations in the suit. who oversaw the extradition hearing. confidential Cisco powerpoint presentation that details the commercial opportunities of the Golden Shield Project of Internet control. stated the real reason for the extradition proceedings was because Alfred-Adekeye "dared to take on a multinational giant. Voice. Cisco says that it does not customize or develop specialized or unique filtering capabilities to enable governments to block access to information and that it sells the same equipment in China as it sells worldwide.5 billion (US$824 million) in taxes. 2006.75 million to settle the suit. Professional. Multiven's complaint alleges that Cisco harmed Multiven and consumers by bundling and tying bug fixes/patches and updates for its operating system software to its maintenance services (SMARTnet) and through a series of other illegal exclusionary and anticompetitive acts designed to maintain Cisco's alleged monopoly in the network maintenance services market for Cisco networking equipment. Multiven filed an antitrust lawsuit[55] [56] [57] [58] [59] [60] against Cisco Systems.[47] Intellectual property disputes On December 11.Cisco Systems 24 Cisco Career Certifications Cisco Systems also sponsors a line of IT Professional certifications for Cisco products. 2007. Inc. Censorship in China Cisco has been criticized for its involvement in censorship in the People's Republic of China. Storage Networking. Design. the newly introduced Service Provider Operations. Cisco responded by accusing the person who filed the anti-trust suit.[52] In her article.

2000-03-25. cisco. asp?symbol=CSCO& selected=CSCO [2] "Cisco Reports Fourth Quarter and Fiscal Year 2011 Earnings" (http:/ / newsroom. aspx?guid={FA6BADEF-05F2-4169-ADDA-12E9D17C4433}). com/ ie/ daily/ 20000326/ ibu26043. com/ en/ US/ netsol/ ns1015/ products. Cisco Systems.us. . Case Studies In Business Strategy (ICMR) IV: 2. htm). html). 1997-08-25. . [10] Cisco claim of first multi-protocol router. html#~24 [21] Highbeam Research website Presidential Award For Corporate Leadership Presented to Cisco Systems (http:/ / www. Wall Street Journal (Dow Jones & Company. highbeam. Retrieved 2011-08-10. [17] "The other elephant" (http:/ / www. economist. com/ press-release-content?type=webcontent& articleId=456320). .000 Jobs to Buoy Profit . [4] "Cisco Reports 2011 Earnings" (http:/ / newsroom. [6] http:/ / www. The Economist. html). Retrieved 2009-06-02. Retrieved 2010-10-15. . Retrieved 2007-01-25. [13] "Cisco replaces Microsoft as world's most valuable company" (http:/ / www. DTL). [16] "Cisco Logo: Design and History" (http:/ / www. .S. yahoo. html).[62] [63] Notes [1] http:/ / quotes. " Cisco Buys Moto – no. Pbs. com/ node/ 17414206). Transcript | PBS" (http:/ / www. html). "The History of Cisco" (http:/ / www. [3] "A special report on innovation in emerging markets: The world turned upside down" (http:/ / www. visited 10 Apr 2011 [23] http:/ / money. cisco. com/ opinion/ displaystory. marketwatch. pbs. 2011. html). Retrieved 2011-09-03. Cringely. com/ q?s=csco& d=t) [15] Fost. . com/ doc/ 1G1-108316480. us/ cisco-logo). Retrieved on 2009-01-04. hkex. brighthub. 2004. [26] "Cisco Completes Acquisition Of Pari Networks (Started By Former Cisco Execs)" (http:/ / www. cfm?story_id=15879369). TechCrunch. bloomberg. . Interview. [25] By Jim Duffy. hk/ eng/ invest/ company/ quote_page_e. cisco. FamousLogos. for stating that Alfred-Adekeye had left the USA in a time period when he had not and a formal request for extradition was not filed against Alfred-Adekeye when he was taken into custody. cnn. aspx). com/ news/ story/ cisco-pushes-past-microsoft-market/ story.Cisco Systems prosecutor for hiding the fact that Alfred-Adekeye was in legal proceedings against Cisco Systems. techcrunchit. com/ computing/ enterprise-security/ articles/ 65663. com/ dlls/ corpinfo/ corporate_overview. Retrieved 2010-08-14. com. Retrieved Jan 28. cisco. sfgate. 2010. com/ s/ ap/ 20110511/ ap_on_hi_te/ us_earns_cisco) [19] Cisco Said to Plan Cutting Up to 10. com/ cisco/ web/ UK/ about/ tvmovies. 2000-03-25. January 2004. com/ article/ SB124386244318072033. .Bloomberg (http:/ / www. NetworkWorld. Retrieved 2008-11-13. BSTR083. com/ news/ 2011-07-11/ cisco-may-cut-about-5-000-jobs-in-august-gleacher-analyst-says.[61] 25 Intimidation Cisco has been reported as using intimidation tactics in several news reports. com/ 2011/ 03/ 02/ cisco-completes-acquisition-of-pari-networks-started-by-former-cisco-execs/ ). The Evolution of Access Routing (http:/ / newsroom. html) [20] http:/ / www. GM in Dow" (http:/ / online. yahoo. Reuters. com/ news/ 2010/ 051810-cisco-acquires-moto. [27] Cisco website Borderless network products (http:/ / www. 2010-04-15. cisco. html). [18] Cisco to cut costs and jobs as profit stalls (http:/ / news. [11] "Does Pink Make You Puke?" (http:/ / www. The Indian Express. org/ cringely/ nerdtv/ transcripts/ 013. 2011. . . [9] "I. March 1. (2009-06-01). [12] "Cisco pushes past Microsoft in market value" (http:/ / www.org. "Chron 200 Market capitalization" (http:/ / www." May 18. . . nasdaq. 2011-08-10. . html [24] Garza. Inc). visited 10 Apr 2011 [22] Cisco News website Cisco Systems Receives Presidential Award for Corporate Leadership (http:/ / newsroom. visited 27 Feb 2011 . 2011). Retrieved June 28. expressindia. half-truths and falsehoods" adding "This speaks volumes for Cisco's duplicity" and accused them of "unmitigated gall" in using such a heavy-handed move as an unsupportable arrest and jailing to pressure Alfred-Adekeye to drop or settle his civil antitrust complaint. "Travelers. . [5] "News@Cisco -> Corporate Overview" (http:/ / newsroom. networkworld. com/ cgi-bin/ article. cisco. html). cgi?f=/ c/ a/ 2006/ 05/ 05/ BUC200MARKETCAP. Forbes. [8] "Cisco's Acquisition Strategy" (http:/ / www. [14] Cisco Systems Summary (http:/ / finance. not that Moto (http:/ / www. . com/ asp/ SummaryQuote. 2011-08-10. html). Retrieved 2007-01-25. wsj. CBS Marketwatch. html?hpg1=bn). San Francisco Chronicle. Judge McKinnon described the information provided by Cisco and the US prosecutor as "full of innuendo. com/ dlls/ corp_093003. The Economist. Dan (2006-05-05). forbes. com/ forbes/ 1997/ 0825/ 6004058a_2. George (Jan 9. Retrieved 21 December 2009. html). economist. com/ press-release-content?type=webcontent& articleId=456320). com/ dlls/ 2004/ hd_061404. Retrieved 2007-01-25. Retrieved 2011-08-19. cisco. June 14. 2010-11-04. NerdTV. Cisco Systems. 2011. com/ magazines/ fortune/ bestcompanies/ 2011/ snapshots/ 20. icmrindia. famouslogos. org/ casestudies/ catalogue/ Business Strategy2/ BSTR083. asp?WidCoID=4333& WidCoAbbName=& Month=& langcode=e [7] Browning. Cisco Replace Citi. E.

techrepublic. Retrieved 2008-12-01. visited 27 Feb 2011 [29] Cisco website on Datacenter products (http:/ / www. . pbs. John (2006-02-15). com/ news/ article/ 0. cisco.org. . [51] Earnhardt. com/ networking/ 212201523). com/ dlls/ 2006/ corp_081806.com. com/ en/ US/ netsol/ ns1007/ products. com/ cisco/ web/ solutions/ small_business/ products/ security/ index. com/ news-analysis/ cisco-launches-hosted-collaboration-solution. 2008-12-02. html). Retrieved 2007-01-25. Retrieved 2008-12-04. fsf. Retrieved 2008-12-02. NetworkWorld. Retrieved 2009-06-27. Inc. cisco. Retrieved 2009-01-04. iht. March 13. cisco. Retrieved 2008-12-02. com/ sanjose/ stories/ 2006/ 08/ 14/ daily75. Inc. (2008-12-01). [58] Multiven. cnet. Press release.00. ucstrategies. com/ 8301-30686_3-20053075-266. html). SearchITChannel. WRAL. visited 6 April 2011 [37] "Cisco gives Flip video biz the boot" (http:/ / news. . Press release. com/ watch?v=V1L7pgotdEo) [46] Cisco Systems. [40] http:/ / www. html) on 2006-12-06. 2011. com/ threatlevel/ 2008/ 05/ leaked-cisco-do/ ). Cisco Can Deliver Its Own 911" (http:/ / www. networkworld. com/ en/ US/ netsol/ ns1007/ products. Retrieved 2009-05-20. . . aspx). . 2007-10-16. . visited 06 Apr 2011 [31] Products for small businesses (http:/ / www. Tandberg. CNET. youtube. html?track=sy540). com/ document. com/ gov/ 2006/ 02/ cisco_testimony_before_house_i. [54] "Brazilian tax authorities raid. 2011. Cisco Systems. 2011. html?page=1). com/ watch?v=SVhxp4F_qD8). . [50] "FRONTLINE: the tank man: the struggle to control information | PBS" (http:/ / www. archive. Retrieved 2007-10-16. com/ en/ US/ products/ ps6505/ Products_Sub_Category_Home. visited 26 Feb 2011 [30] Cisco website on IP Next-Generation Networks (http:/ / www. Sarah (2008-05-20). 2008-12-01. Press release. org/ news/ 2009-05-cisco-settlement. com/ blog/ networking/ cisco-nerv-the-ultimate-first-responder-vehicle/ 581) [45] ‪2011 Innovative Preparedness . . php). Press release. [44] Cisco NERV: The ultimate first responder vehicle | TechRepublic (http:/ / www. org/ technology/ story. Press release." (http:/ / multiven. Jon Paula. [35] ""World According to Jon" video about discontinuation" (http:/ / www. html). com/ news?article_id=12). [55] "Multiven Sues Cisco" (http:/ / www. youtube. [52] Stirland. Retrieved 2011-08-21. com/ en-us/ home) on company website. .. techtarget. wired. com/ news/ 2007/ 101607-cisco-brazil-arrests. [56] "Net maintenance provider sues Cisco over allegedly monopolistic SMARTnet" (http:/ / www. html). [53] "Cisco offices raided. [36] Post on IT Knowledge Exchange Cisco internal memo: changes to sales strategy and channel org (http:/ / itknowledgeexchange. 2008). wral. lightreading. 2010-07-02. CatholicOnline. UCStrategies. (2006-08-18). . "Free Software Foundation Files Suit Against Cisco For GPL Violations" (http:/ / www.‏‬YouTube (http:/ / www. cisco.com. "Cisco Testimony Before House International Relations Subcommittee" (http:/ / web. . "Cisco Leak: ‘Great Firewall’ of China Was a Chance to Sell More Routers" (http:/ / www.sid96_gci1341067. org/ web/ 20061206095153/ http:/ / blogs.visited 27 Feb 2011 [34] "Catholic Online Statement about Flip Camera" (http:/ / www. php?id=41037). cisco. html [41] "Cisco Launches Hosted Collaboration Solution" (http:/ / www. [48] Free Software Foundation (December 11. Cisco Systems is now ready to help communities in need of disaster assistance with emergency communications capability. 2006-08-18. Retrieved 2007-01-25. "FSF Settles Suit Against Cisco" (http:/ / www. . asp?doc_id=168775). html). providing phone and video communications according to the National Incident Management System. April 12. cisco. visited 27 Feb 2011 [33] Cisco Home products (http:/ / home. NetworkWorld. 2007-10-17. [42] "In a Disaster. [49] Free Software Foundation (May 20. "Cisco Shareholder Class Action Lawsuit Resolved" (http:/ / newsroom. close Cisco System's offices in São Paulo. 2009)." [43] [providing phone and video communications according to the National Incident Management System "Cisco Network Emergency Response Vehicle at a glance"]. html). cisco. . [38] Cisco website Products and Services on Unified Computing (http:/ / www. Retrieved 2007-01-25. cisco. html). bizjournals. org/ wgbh/ pages/ frontline/ tankman/ internet/ ). techtarget. html) on company website. Retrieved 2007-10-17. Archived from the original (http:/ / blogs. "Multiven Files Antitrust Lawsuit Against Cisco Systems.Cisco Tactical Operations‬‫ . com/ en/ US/ products/ ps10265/ index. [59] "Cisco Systems hit with antitrust lawsuit" (http:/ / searchitchannel.. March 12. com/ cisco/ web/ solutions/ small_business/ products/ index. org/ news/ 2008-12-cisco-suit). 2008-12-01. catholic. Rio de Janeiro" (http:/ / www. fsf. visited 25 Feb 2011 [32] SME Products and services (http:/ / www. crn. [57] "Cisco Accused Of Monopoly In Antitrust Lawsuit" (http:/ / www. 2008-12-04. Cisco. com/ en/ US/ partner/ netsol/ ns537/ networking_solutions_solution_category. networkworld. Inc. . . cisco. cisco. lightreading. . . html). executives arrested in Brazil: reports" (http:/ / www. Inc.Cisco Systems [28] Cisco website Collaboration products and services (http:/ / www. Retrieved 2008-11-13. com/ gov/ 2006/ 02/ cisco_testimony_before_house_i. "Like a good neighbor. com/ business/ legacy_local_tech_wire/ news/ video/ 2285408/ #/ vid2285408). ChannelWeb.289142. com/ networkhub/ cisco-internal-memo-changes-to-sales-strategy-and-channel-org/ ). Retrieved 2008-12-02. html). Pbs. cisco. com/ community/ node/ 35852). . com/ articles/ ap/ 2007/ 10/ 17/ business/ LA-FIN-Brazil-Cisco. html). visited 27 Feb 2011 [39] "Tandberg product inquiry page". 26 . [47] "Cisco resolves class action lawsuit" (http:/ / sanjose. Silicon Valley/San Jose Business Journal.

Inside Cisco: The Real Story of Sustained M&A Growth. D. • Paulson.com/ 2007/12/john-morgridge.brand.blogspot. . Retrieved 5 June 2011.com/money/compnies/ 2007-03-18-cisco-advice-usat_N.com) ( Mobile (http://www. J. Network World. ISBN 0-471-41425-5.cisco. 27 [63] "Cisco Rivals Woo Users With Price Cuts. & Brate. . [62] Duffy. R. (2003).com/videos/cisco-systems/) (Videos) Business data • • • • • • Cisco Systems (http://finance.html) • Cisco Systems vs. • Slater. Juniper Networks (http://www. Further reading • Bunnell.com//--ID__13494--/free-co-factsheet. • Stauffer. [61] "Cisco charged with duplicity" (http:/ / www.google. Wiley.hoovers. Retrieved 2008-12-03. (2001). • Young. 2008-12-03. Retrieved 5 June 2011.reuters. (2001). networkworld. ISBN 0-471-00833-8. Nothing but Net Business the Cisco Way.html)) • Cisco Networking Academy . ISBN 1-84112-087-1. fiercetelecom.networkworld. Cisco Unauthorized: Inside the High-Stakes Race to Own the Future.edgar-online. S. K. The Eye of the Storm: How John Chambers Steered Cisco Through the Technology Collapse. html).com/finance?q=CSCO) at Google Finance Cisco Systems (http://finance. the contest which was the main reason to build the AKS-team and start generating ideas (http://power-idea. Making the Cisco Connection: The Story Behind the Real Internet Superpower. • Waters. Less ‘Intimidation’" (http:/ / seattletimes. (2000). ISBN 0-471-35711-1. Die Cisco Story (in German). (2002).cisco. E. com/ community/ blog/ cisco-resorting-intimidation-tactics). com/ story/ lawsuit-cisco-blocks-outsider-gear-maintenance/ 2008-12-03). Wiley. co. Wiley. 2 June 2011. D.usatoday.com/news/2010/ 060710-tech-argument-cisco-juniper. uk/ 2011/ 06/ 03/ cisco_charged_with_duplicity/ ).com/?sym=CSCO) SEC filings at EDGAR Online Cisco Systems (http://www. D.com/web/mobile/index. Moderne Industrie. by Stanford students of iinnovate (http://iinnovate. nwsource.Cisco Systems [60] "Lawsuit: Cisco blocks outsider gear maintenance" (http:/ / www.sec. ISBN 0-06-018887-1. (2001). Prima Lifestyles. HarperCollins. Jim (2 June 2011). External links • Official website (http://www. com/ html/ businesstechnology/ 2015242310_btcisco06.yahoo.gov/cgi-bin/browse-edgar?action=getcompany&CIK=858877) SEC filings at the Securities and Exchange Commission . .com/finance/stocks/overview?symbol=CSCO) at Reuters Cisco Systems (http://google.xhtml) at Hoover's Cisco Systems (http://www. Bloomberg. fiercetelecom. (2001).com/q?s=CSCO) at Yahoo! Finance Cisco Systems (http://www. Wiley. A.Armenia (http://netacad. ISBN 0-7615-2775-3. "Cisco resorting to intimidation tactics" (http:/ / www.html) • AKS-Innovations team ~ Find out more about Cisco I−Prize. ISBN 3-478-35995-3.allvoipnews.am/) • USA Today Q&A with CEO John Chambers (http://www. channelregister.com) • VoIP for business Cisco (http://www. • Bunnell. . John Morgridge.htm) -Broken • Interview with former CEO. John Chambers and the Cisco Way: Navigating Through Volatility. J.

. . Derek Maxson. frontporch.frontporch. PR Newswire. 2010-06-14. but is also found in the more traditional "wired" broadband ISPs[2] . or pop-under advertising or service messages while the browser transitions to or between web pages. The European free-hotspot. php/ 3587581).. Internet Service Providers use products by Front Porch to present its own interstitial. .com (http://www. Applications Massillon Cable TV. [3] "JOHN WAYNE AIRPORT INTRODUCES FREE WI-FI SERVICE" (http:/ / www. com/ html/ ff012808. California [3] and Denver International Airport[4] .com [1] Front Porch.com/) . Front Porch also creates the software to manage advertising campaigns or billing messages. Founder and Chief Technology Officer. References [1] http:/ / www. frontporch. html). Chief Operating Officer. Type Founded Founder(s) Privately held Company 1998 Zach Britton. Asia and Emerging Markets = Online advertising www.Front Porch 28 Front Porch Front Porch. a provider in Massillon. Inc. Multichannel News. com/ article/ CA6517230. such as customer service notices[2] or online advertising. Raul Vaughn. Linda (2008-01-07). com/ [2] Haugsted. ocair. sidebar. Adam (2006-02-24). aspx). Wi-Fi Planet. uses the technology to notify customers about complaints from Copyright holders[2] . multichannel.frontporch. . pop-up. California. FreeFi Networks' provides ad-supported Internet access throughout John Wayne Airport in Orange County. com/ NewsRoom/ News/ 2010/ NR-2010-06-14. wi-fiplanet.com network uses Front Porch technology[5] to present a terms-of-service and portal page to users with local advertising and content. "A Seat on the Front Porch" (http:/ / www. 2008-01-28. Inc. provides services to Internet Service Providers. "Fair Warning for Copyright Holders" (http:/ / www. html). com/ columns/ article. Front Porch technology enables an Internet Service Provider (ISP) to insert its own messages to be presented to users as they use their web browsers. USA Key people Website Jim Owen. [5] Stone. This technology is often used in the delivery of advertiser-supported wireless Internet access.frontporch. Headquarters Sonora. [4] "Denver International Airport Offers FreeFi Networks' Free Wi-Fi Service to Passengers" (http:/ / www. Vice President. Ohio. Founder and Chief Executive Officer. External links • www.

Antivirus/Antispam Gateway. Logging and Detailed Reporting modules. Firewalls. Antispam.html) . Oğuz Yılmaz Unified threat management (UTM).Labris Teknoloji 29 Labris Teknoloji Labris Teknoloji Informatic Solutions Industry Founded Network security & Internet security 2001 Headquarters Ankara. Webfilter. L Series. Turkey Key people Products Website Founder and CEO: Seçkin Gürler. It is headquartered in ODTÜ Technopolis in Ankara.labris. Wireless Authentication (WAUTH). Server Load Balancer.eu/) • Labris in Azerbaijan (http://www.action?load=detay& link=168835) 6 March 2009 • Labris Teknoloji (http://www2. Antispyware. Intrusion-prevention system.ssm. labristeknoloji. VPN/SSL VPN. Web filtering www. It is deemed to deserve to be the third most successful private sector project by TÜBİTAK. eu/ References • Corporate Website (http://www.labristeknoloji.gov.com/newsDetail_getNewsById. Lawful Interception. VPN.tr/katalog2007/data\4313\firmaeng. Zero Time. Intrusion Prevention (IPS).todayszaman. Labris is one of the 12 Common Criteria EAL4+ certified gateway brand in the world and the first and only gateway in Turkey.eu [1] Labris Teknoloji Informatic Solutions is a Turkish R&D company. [1] http:/ / www. LBRLOG Series) have Firewall. The products which Labris manufactures (LBRUTM Series. It manufactures high-technology business network security appliances and software. Antivirus.

who had been in charge of technology development for VDONet. Mayfield. a supercomputer system which is allegedly used by the NSA and other bodies to perform mass surveillance and monitoring of citizens' and corporations' Internet communications in real-time. Intel. Prior to 9/11 Narus worked on building carrier-grade tools to analyze IP network traffic for billing purposes. Hepting v. AT&T. In 2004. Ori Cohen Monitoring/surveillance systems Boeing www.narus.com [1] Narus is a company. Crowell has served on the Defense Advanced Research Projects Agency (DARPA) Task Force on Terrorism and Deterrence. Several of the partners are funded by In-Q-Tel. United States Key people Products Parent Website Founder. William Crowell as a director. and whose installation in AT&T's San Francisco Internet backbone gave rise to a 2006 class action lawsuit by the Electronic Frontier Foundation against AT&T." Narus has venture funding from companies including JP Morgan Partners. the National Research Council Committee on Science and Technology for Countering Terrorism and the Markle Foundation Task Force on National Security in the Information Age. Walden International.Narus (company) 30 Narus (company) Narus Type Industry Founded Subsidiary of Boeing Telecommunication 1997 Headquarters Sunnyvale. Since 9/11. now owned by Boeing which produces mass surveillance systems. Narus engaged the former Deputy Director of the National Security Agency.[2] It is notable for being the creator of NarusInsight. . to prevent what they term "revenue leakage". Post-9/11 they have continued down that path while adding more semantic monitoring abilities for surveillance purposes. Narus has several business partners who provide various technologies similar to the features of NarusInsight. Cohen is no longer the Chairman of the Board. From the Press Release announcing this:[5] "Crowell is an independent security consultant and holds several board positions with a variety of technology and technology-based security companies. NeoCarta. It was founded in 1997 by Ori Cohen. an early media streaming pioneer. NTT Software and Sumisho Electronics.[3] Management and investors According to Narus's own website listing of the Board of Directors [4]. California. Presidio Venture Partners. Dr.

000 DSL lines or 195. MSN Hotmail. [7] . But. structure and significance of traffic in real time. The exact use of this data is not fully documented. since individual internet connections are not continually filled to capacity. compiling lists of people who visit a certain type of web site or use certain words or phrases in their emails). the latest version of NarusInsight Intercept Suite (NIS) is "the industry's only network traffic intelligence system that supports real-time precision targeting. protocol. • Certified by Telecommunication Engineering Center (TEC) in India for lawful intercept and monitoring systems for ISPs.Narus (company) 31 NarusInsight System specification and capabilities Some features of NarusInsight include:[6] • Scalability to support surveillance of large. . • NarusInsight's functionality can be configured to feed a particular activity or IP service such as security. and Gawab Mail (English and Arabic [8] versions). offer the ability to quickly analyze information collected by the Directed Analysis or Lawful Intercept modules. such as Pen-Link. monitor which applications they are using (e. The intercepted data flows into NarusInsight Intercept Suite forensic analysis purposes. Narus partner products. Correlation.g. which web sites they have visited. Yahoo! Mail. complex IP networks (such as the Internet) • High-speed Packet processing performance. According to a company press release. email) and what they are doing with those applications (e. meaning. element. A single NarusInsight machine can monitor traffic equal to the maximum capacity (10 Gbit/s) of around 39.g. That is it can track individual users.. in other words analyze the content. Aggregation and Analysis provide a model of user.000 telephone modems. VoIP). in practical terms. application and network behaviors. what they have written in their emails/IM conversations). capturing and reconstruction of webmail traffic.. web browsers. as the public is not authorized to see what types of activities and ideas are being monitored.e. in real-time. • High reliability from data collection to data processing and analysis. which enables it to sift through the vast quantities of information that travel over the Internet. rendering of web pages. including Google Gmail. • Compliance with CALEA and ETSI. lawful intercept or even Skype detection and blocking. This data is stored and analyzed for surveillance and Other capabilities include playback of streaming media (i.g." It can also perform semantic analysis of the same traffic as it is happening. instant messaging applications. examination of e-mail and the ability to analyze the payload/attachments of e-mail or file transfer protocols. the 10 Gbit/s capacity of one NarusInsight installation enables it to monitor the combined traffic of several million broadband users. and see how users' activities are connected to each other (e. • Normalization.

org/ web/ 20050206184639/ narus. 2007-12-10.html) (AT&T whistleblower Mark Klein discusses Narus STA 6400) • Documents.html) • Wired News article (http://www. shtml).com/news/technology/0. org/ cases/ att) [4] http:/ / narus. CA] • DailyKos.com: Source story for implications of the company's product (http://dailykos. Reuters.S. html) [6] Key Features list of NarusInsight (http:/ / narus." [3] EFF vs AT&T (http:/ / www. com/ press/ 2004/ 0929. ironically also founded in Israel and largely controlled by and developed by people in Israel called Verint. php/ about/ board [5] Narus Appoints Former Deputy Director of the National Security Agency To Its Board of Directors (http:/ / web.archive.com/) • Wired News article (http://www. . com/ [2] "James Bamford: "The Shadow Factory: The Ultra-Secret NSA from 9/11 to the Eavesdropping on America"" (http:/ / www. Retrieved 2011-01-30.com/27BStroke6/att_klein_wired.org/wgbh/pages/frontline/homefront/ view/)` TV documentary originally aired on PBS 15 May 2007 with a section entitled "The NSA's Eavesdropping at AT&T" with the story of Mark Klein exposing NSA wiretapping with a secure room and Narus STA 6400 at an AT&T facility in San Francisco. • Frontline Flash Video "Spying on the Home Front" (http://www. and equipment lists and installation dates. com/ article/ pressRelease/ idUS140435+ 10-Dec-2007+ BW20071210?sp=true).narus. archive. Retrieved 2008-10-30. reuters. com/ index. org/ 2008/ 10/ 14/ james_bamford_the_shadow_factory_the). from Mark Klein (http://web. Retrieved 2008-02-13.wired. php/ solutions/ intercept [8] "Narus Expands Traffic Intelligence Solution to Webmail Targeting" (http:/ / www. [9] "One U.pbs. com/ artman/ publish/ Article_62125.com/news/technology/0. com/ index.wired. 2007). which was founded in Israel and has large Israel connections. narus.70914-0. And Verizon chose another company. .Narus (company) 32 Mass surveillance Narus provides technology to governments such as the United States and Egypt to facilitate the mass surveillance of their citizens.org/20071201184647/http://blog.pdf) at the Wayback Machine (archived December 1. democracynow. 2011-01-29. wiring diagrams. html) [7] http:/ / www.[9] References [1] http:/ / www.70908-0. including pictures. "This company. narus. External links • Official website (http://www. eff. com/ products/ index. does the—basically the tapping of the communications on AT&T. . Corporation's Role in Egypt's Brutal Crackdown" (http:/ / axisoflogic. Narus.com/storyonly/2006/4/ 8/14724/28476) . Huffington Post.wired.

www. NebuAd UK Ltd was dissolved in February 2010[8] . and relationships with advertising networks willing to present NebuAd's targeted advertising[9] . that information may be subject to access requests by governments. courts or law enforcement.[10] Users can "opt-out" of NebuAd’s information collection and targeted ads[11] . It was one of several companies developing behavioral targeting advertising systems. The System works by installing a hardware device inside an ISP network. seeking deals with ISPs to enable them to [4] analyse customer's websurfing habits in order to provide them with more relevant. NebuAd's privacy policy says that they will "specifically not store or use any information relating to confidential medical information. Inc Former type Industry Founded Defunct Privately held Company Online advertising 2006 2009 Headquarters California.[5] its agreements with providers covering 10 percent of the broadband users in America[6] . Chairman." At least two customers of a Middle America ISP known as WOW! noticed that when they used Google.adjuggler. Because ISPs route all of their customers' traffic. but when they contacted WOW's support department. founder. USA Key people Website [1] Robert Dykes.[15] One customer spent hours trying to disinfect his machine as he wrongly believed that it had been infected with spyware after noticing problems with Google loading slowly and the creation of these non-Google cookies. Due to fallout following public and Congressional concern.NebuAd 33 NebuAd NebuAd. California. WOW initially denied that it was responsible for this activity. NebuAd says it gains more information about customers' particular interests than less intrusive methods can provide[14] . it is a perfect vantage point from which to monitor all the traffic to and from a consumer using Deep packet inspection (DPI)."[11] It also advises. Adzilla and Project Rialto also appear to be developing similar systems. As a result. religious beliefs.NebuAd. micro-targeted advertising. Overview of the service NebuAd's solution has three main parts: Hardware hosted within the ISP that is capable of inserting content into pages.com [2] NebuAd was an American online advertising company based in Redwood City. NebuAd had signed up more than 30 customers. or sexuality which are tied to personally identifiable information ('sensitive personal information'). mostly Internet access providers. NebuAd's largest ISP customers have all pulled out. Kira Makagon Chief Executive Officer and co-founder. "The information we collect is stored and processed on NebuAd's servers in the United States. .000 users. By analyzing this traffic. an off-site server complex to analyze and categorize the contents of users' Internet communications. Each device can monitor up to 50. At one point. followed by the US in May 2009 [7] . racial or ethnic origins. Phorm is a similar company operating out of Europe. but there is no way for users to prevent ISPs from sending the data to NebuAd in the first place[12] [13] . eventually resorted to reinstalling his .com were being read and written. . with offices in New York and London and was funded by the investment companies Sierra Ventures and Menlo Ventures[3] . unexpected cookies for sites such as nebuad. NebuAd closed for business in the UK in August 2008.

Customers were not explicitly notified about NebuAd until later.50 per month for each [16] user.[19] 34 Controversies Generally. the lack of oversight over what any third-party company does with the contents of Internet communications[22] . email traffic may tie an email address to an ip address). website owners are offered an improved click-through rate (CTR). the roll out was completed in the first week of March 2008. and the company's refusal to name its partner ISPs. Charter Communications announced that it planned to monitor websites visited by its customers via a partnership with NebuAd. page views. only to discover the problem had not gone away. zip code. but may be able to discover this through traffic monitoring (for example. In response to an inquiry from members of the United States House of Representatives Telecommunications Subcommittee about its pilot test of NebuAd's services. page and ad clicks.[23] and in some cases informed customers that the terms had been updated. Critics believe that the raw content of their internet communications are entrusted to the ISP for handling without being inspected or modified. NebuAd CEO claims "We have 800 [consumer interest segments] today and we're expanding that to multiple thousands". less than 1% of users opt-out.[29] .[27] [28] But after customers voiced their concerns.[17] NebuAd argues that behavioral targeting enriches the Internet on several fronts.NebuAd machine from scratch. Tennessee reports that she also was not notified that she was being monitored. One ISP expects to earn at least $2. NebuAd provided an additional income stream to network operators.[15] On July 9. Nebuad uses data such as Web search terms. Bob Dykes. ISPs were paid for allowing NebuAd access to their network on a per-user per-active profile basis. Firstly. WOW! (formerly Wide Open West) started rolling out Nebuad in February 2008. Nebuad buy impressions from ad networks including Valueclick. Consumer Notification A large American cable operator.[26] In May 2008. a weak opt-out method[13] . Owners of previously thought ad-unfriendly websites are offered a chance to make money not on the subject matter of their website but on the interests of their visitors. which could increase profits or reduce the amount of page-space dedicated to advertising. its conflicts with United States wiretap laws[13] [16] . hence reducing the "scattergun approach" (publish as many ads as possible in the hope of catching a client) and users are offered more relevant adverts: Just because one visits the financial pages of a newspaper does not mean all they are interested in is financial product and books on investing. which may maintain or lower consumers' Internet access bills.[20] Privacy advocates criticize the lack of disclosure[21] that some ISPs provided prior to using NebuAd. Advertisers are offered better targeted adverts. time spent on specific sites. not for sale. Charter changed its mind in June. identification information from the ISP. WOW updated its terms and conditions to include a mention of Nebuad. Better targeted advertising also leads to a more relevant and personalized online experience.[24] Embarq said that it notified consumers by revising its privacy policy two weeks prior to sending its users' data streams to NebuAd. 2008 WOW! suspended the use of Nebuad services to its subscribers.[25] A Knology user in Knoxville. According to Nebuad's sales. sometime after the third week of March 2008[15] . [18] Nebuad does not have access to user browser info and connection speed to categorise its user's interests.

have argued that such services must be opt-in only to comply with the provisions laid down by Section 631 of the US Communications Act. Even if a user has opted out of the service. Opt-In Members of US Congress. the Gator Corporation). Use of Packet Forgery and Browser Exploits A report by Robert M. chairman of the House Subcommittee on Telecommunications and the Internet. which will be added to the end of the web page when it is rendered by the end-user's browser.NebuAd 35 Friction between ISP Staff and Management Plans to implement NebuAd had not gone down well with some ISP's employees. Both Claria and NebuAd are located in Redwood City.[30] A writer for Wired News has questioned whether Charter users can really opt-out of being monitored. Ed Markey. The ads featured a window with the "Fair Eagle" title bar. contains HTML Script tags which cause the browser to request Javascript from http://a. a Texas based ISP was using a NebuAd technology to inject Redmoon's own advertising into pages visited by its users.[32] Superimposing or Adding Advertising to Web Pages Critics are concerned that NebuAd superimposes its own advertising over the ads of other advertisers.com. or places additional advertising to page. or if they will only be able to opt-out of receiving targeted ads. California[35] . it does not prevent the ISP from sending the data to NebuAd. a ranking member of the House Committee on Energy and Commerce.[34] Relationship with Claria Corporation Some senior staff members of NebuAd used to work at ad company Claria Corporation (formerly. The substance to these concerns can likely be traced to the company's "Fair Eagle" operation. Topolski. NebuAd has repeatedly denied any corporate connection to Claria. famous for ad software known as Gator[35] .[16] Opt-Out vs. shows that NebuAd's devices create cookies on end-users machines by injecting a specious packet into the end of the data stream returned in response to some web page requests submitted to major search engines Google and Yahoo.[35] .faireagle. patent application data that mention such inventions. In 2007 it was reported that Redmoon. These are not correct. and a loose relationship to Claria Corporation whose products and history suggest such tactics. inserted additional advertising alongside the content of web pages. chief technology consultant of the Free Press and Public Knowledge. The injected ads stopped appearing toward the end of June. describing its hiring of Claria employees as a result of that company shedding employees in a tight market for experienced advertising sales staff in the Valley.[13] An engineer who has examined the system confirms there is no way to Opt-Out of the monitoring. and Joe Barton.com coincides with timing of Claria's decision to shutdown[37] the Gator service.[31] All of the inbound and outbound information is intercepted and sent to NebuAd's offsite server to be processed. The content of this specious packet. provided by NebuAd. The June 2006 creation[36] of nebuad.[33] The "Fair Eagle" advertisement hardware. and one employee was planning to re-route his traffic to avoid NebuAd's Deep Packet Inspection hardware. 2007.[13] The same writer has asked if it would breach anti-wiretapping laws. and have written to Charter requesting they suspend the test "We respectfully request that you do not move forward on Charter Communications' proposed venture with NebuAd until we have an opportunity to discuss with you issues raised by this proposed venture".

NebuAd 36 Current and Former Officers and Employees in Common to NebuAd and Claria Name Scott Tavenner Chuck Gilbert Mike Miller Amy Auranicky Jeanne Houwelingis Deepak Nair [38] [39] [40] of Relationship to NebuAd Vice President of Business Development Senior Product Manager Vice President of Ad Sales Director of Advertising Sales Vice President of Advertising Services Business Intelligence Marketing Consultant Attorney for NebuAd before the Federal Trade Commission Relationship to Claria Vice President of Business Development Senior Product Manager Director of Sales Integration Manager Senior Director of Business Development Database Developer & Data Architect Associate Marketing Manager Chief Privacy Officer and Regulatory Affairs [41] Counsel Melissa Horwath D. • An Embarq[49] spokesperson told the Associated Press that it ended its trial with NebuAd."[59] • WOW![15] [49] (formerly Wide Open West) completed suspension of NebuAd services on July 9. WOW! . Following a question to users on a public forum. The software was never implemented at any time as there were concerns on several levels regarding privacy issues. of Missoula. one of the earliest known ISPs to test NebuAd[5] . In a response to customer inquiries. WOW! indicated. • Charter Communications suspended its plans[49] to test NebuAd following scrutiny from lawmakers and privacy groups[50] . [46] High Speed Networks -E50 (HSNe50) . [45] Eastern Oregon Net. Canada.[56] . • • • • [44] OnlyInternet. notified users via its Privacy Policy page that it was using NebuAd as of April 23. (EONI) . Blackfoot's Mary Worden later explained. Following the announcements by Charter. and has not decided whether to move forward[51] with Behavioral Targeting advertising "either through NebuAd or with any other vendor"[52] . 2008[58] . "Nexicom was investigating using the NebuAd service.net) All ISPs have ended or suspended their relationship with NebuAd. [48] 20/20 Communications (2020comm. but had similar concerns to those raised by consumer groups and elected not to launch the service."[57] • Nexicom.Net) . • Web cache evidence indicated that Blackfoot Telecommunications Group. • Bresnan Communications used the NebuAd technology[55] .Net . [44] Progressive Internet Services (Jayco. only to pull out of the deal alongside of Charter a month later[54] . notified customers in late May 2008 that it was deploying the hardware[53] . [17] Metro Provider . [47] RTC on Line (Rochester Telephone Company. and CenturyTel that they would no longer use NebuAd on their networks. [44] Decaturnet Internet Services . Indiana). Inc. Inc. Embarq. Reed Freeman Kelley Drye & Warren LLC NebuAd's ISP Partners ISPs which trialled or deployed or prepared to deploy Nebuad included: • • • • • [42] [43] Broadstripe (formerly and formally Millennium Digital Media). References to NebuAd in Nexicom's Privacy Policy has been removed. with employees only and not with its customers. "With Congress in active review of online behavioral advertising. serving Central Ontario and the Kawarthas. Montana appeared to have tried NebuAd between March and May 2008[57] . Bresnan told a blogger that their NebuAd trial had ended and they would comply with whatever regulatory model emerges from the current debate. in March 2008. Nexicom's Paul Stewart replied. "Blackfoot tested NebuAd on its internal corporate network. • CenturyTel.

. . Saul (2008-04-07). co. clickz."[60] • Knology[42] [61] reported to the United States House Committee on Energy and Commerce that it discontinued a trial of NebuAd in all markets as of July 14. html). wired.000 customers in Alabama for six months beginning in November 2007. blogs. [8] " (http:/ / wck2. com/ NebuAD. 2008-01-03. [20] "CDT Urges Stronger Guidelines for Behavioral Advertising" (http:/ / www. co. html?page=3628004). uk/ 2008/ 04/ 10/ american_isps_embrace_behavioral_ad_targeting/ ). org/ web/ 20080713030851/ http:/ / www. 2008-01-03. Retrieved 2008-05-14. [4] "American ISPs already sharing data with outside ad firms" (http:/ / www. [11] "NebuAd / Privacy" (http:/ / www. [17] "Questions for Bob Dykes. The Wall Street Journal. . [13] Single. . 2008-09-03. NebuAd CEO" (http:/ / www. org/ jcblog/ ?p=586). html?page=3628009). Ryan (2008-05-16). php). "Can Charter Broadband Customers Really Opt-Out of Spying? Maybe Not" (http:/ / blog. com/ 27bstroke6/ 2008/ 05/ congressmen-ask.[63] As of August 2008. . ." (http:/ / www. 2008-06-12. clickz. uk/ 2008/ 09/ 03/ bob_dykes_nebuad_quits/ ). Retrieved 2008-05-14. 2008. "Infighting At ISPs Over Using NebuAD" (http:/ / www. [14] "Robert Dykes (CEO) presenting NebuAd at OnMediaNYC-01/28/2008" (http:/ / vator. . Retrieved 2008-04-23. . wired. dslreports. nebuad. 2009-06-18. Retrieved 2008-06-19. Digital Destiny. Retrieved 2008-04-26. com/ article/ SB119690164549315192. co. . vator. archive. com/ shownews/ Infighting-At-ISPs-Over-Using-NebuAD-94835). . References [1] "NebuAd CEO quits" (http:/ / www. com/ 2008/ 04/ 07/ nebuad-observes-useful-but-innocuous-web-browsing/ ). "Congressmen Ask Charter to Freeze Web Profiling Plan" (http:/ / blog. including VeriFone. Bobby (2007-12-06). 2008-05-14. [7] "Case Closed: NebuAd Shuts Down" (http:/ / www. "Watching What You See on the Web" (http:/ / online. Retrieved 2008-06-28. uk/ 2008/ 04/ 22/ wide_open_west_users_with_nebuad/ ). html). tv/ pitch/ show/ transforming-online-ad-industry?play=false). Retrieved 2008-04-18. com/ [3] "Management & Investors" (http:/ / www. [15] "Data pimping catches ISP on the hop" (http:/ / www. theregister. html?mod=todays_us_nonsub_marketplace). "NebuAd Observes ‘Useful. showArticle& art_aid=106277). nebuad. juniperamspmarketing. . Retrieved 2008-05-14. com/ NebuAD. uk/ c3aac31df2e47117900ab23b5d4530e6/ companysearch?disp=1& frfsh=1281110903#result)"UK Companies House website [9] "Juniper Networks partners with NebuAd to enable ISPs to participate in online advertising revenues on the web" (http:/ / web. 2008-04-22. Zscaler. . 2008-03-11. Ex-employees moved to work within a variety of other online advertising and technology companies. The New York Times. [12] Singel. Peter (2008-04-04). com/ showPage. Cable One conducted NebuAd tests on 14. The Register. com/ wp-dyn/ content/ article/ 2008/ 04/ 03/ AR2008040304052. Retrieved 2008-05-21. com/ 27bstroke6/ 2008/ 05/ theres-no-optin. and we welcome the opportunity for that discussion to take place. Karl (2008-05-28). Cable One had decided against using the technology "commercially" on its systems[64] but in September said it was waiting for "clear rules and boundaries".com.NebuAd Internet. Retrieved 2008-05-17.. juniperamspmarketing. . htm). Red Aril. ClickZ.. Retrieved 2008-05-14. PubMatic. com/ showPage. Retrieved 2008-04-18. wsj.com. . democraticmedia. Crescendo Networks and TeleNav. . Threat Level from Wired. MediaPost. com/ company/ management. [5] White. AdChemy. gov. Archived from the original (http:/ / www. but Innocuous’ Web Browsing" (http:/ / bits. washingtonpost. clickz. Plaxo. [18] "Charter Cable to Spy on its Broadband Users to Serve Targeted Ads via NebuAd" (http:/ / www. org/ headlines/ 1126). . Retrieved 2008-09-04. html). Ryan (2008-05-16).Phone is suspending its deployment of NebuAd services to our subscribers at this time. htm) on 2008-07-13. nebuad. php). Retrieved 2008-06-28. [6] Whoriskey. 2008-04-10. [16] Bode. [19] "ISPs Collect User Data for Behavioral Ad Targeting" (http:/ / www. com/ shownews/ Wide-Open-West-Using-NebuAD-92520). cdt. com/ publications/ ?fa=Articles. .Cable. theregister. nytimes. companieshouse. juniperamspmarketing.tv. Retrieved 2008-07-03.[62] • Unbenownst to its users. "Every Click You Make" (http:/ / www. The Register. The Register. We believe that all parties are best served by a thoughtful and thorough review of this emerging advertising model. mediapost. . . [2] http:/ / www. 2008-02-18. Wired. theregister. [21] "Wide Open West Using NebuAD Users don't get much of a heads up. . washingtonpost. com/ privacy/ servicesPrivacy. Broadband Reports.[65] 37 The End of NebuAd NebuAd was closed down in the UK in August 2008 and in the US in May 2009[7] . [10] Hansell. dslreports.

Retrieved 2008-07-02. Robert (2008-06-18). 2007-06-22.. Retrieved 2008-06-26. linkedin." [38] "LinkedIn Profile of Deepak Nair" (http:/ / www. Jr. . html?pr=pr040420).Right Idea. domaintools. linkedin. Retrieved 2008-06-25. 38 . [23] "WOW Terms and Conditions" (http:/ / www1.com. Retrieved 2008-05-17. 2008-06-20. dslreports.com. co. Nate (2008-07-23). ftc. "Charter Won’t Track Customers’ Web Use" (http:/ / www. Retrieved 2008-06-19." [32] Topolski. "When we asked them about an opt-out method for our customers. On The Commission Staff's Proposed Self-Regulatory Principles For Online Behavioral Advertising" (http:/ / www. nytimes. com/ 2008/ 06/ 25/ technology/ 25charter. . html?ref=technology). claria. broadstripe. Retrieved 2008-06-26. 2008). ars technica. Wrong Targets" (http:/ / www. .net-Fair Eagle taking over the world? ISPs being compromised or just cheap?" (http:/ / www. Retrieved 2008-06-24. The Register. Retrieved 2008-04-30. Robb (2008-07-21). ars/ post/ 20080723-embarq-dont-all-users-read-our-5000-word-privacy-policy. 2004-04-20. pdf) (PDF). dslreports. Joins growing list of NebuAD customers" (http:/ / www. [33] "Real Evil: ISP Inserted Advertising" (http:/ / www. "Claria will exit out of the adware business by the end of the second quarter of 2006. [28] http:/ / www. [45] "One More ISP to add to the list of ISPs" (http:/ / www. dslreports. [47] "RTC on Line aka Rochester Telephone Company sells to NebuAd" (http:/ / www. BroadbandReports. co. they didn't have one.. Nate (2008-07-15). The New York Times. nytimes. . 2008-06-26. "Claria Abandons Adware" (http:/ / www. "Charter Will Monitor Customers' Web Surfing to Target Ads" (http:/ / bits.com. [26] Topolski. uk/ 2008/ 05/ 16/ congress_questions_nebuad/ ). com/ news. com/ press-release-article. . com/ nebuad. com/ 2007/ 06/ 23/ real-evil-isp-inserted-advertising/ ). . "Congress goes after NebuAd. Inc.. techcrunch. com [37] Keizer. com/ forum/ r20704276-OnlyInternetNet-uses-NebuAd-for-Behavioral-Targeting). dslreports. [27] Hansell. "He points out that the system is essentially a massive bridge running Fedora. com/ 2008/ 05/ 14/ charter-will-monitor-customers-web-surfing-to-target-ads/ index. "NebuAd and Partner ISPs: Wiretapping. dslreports. com/ forum/ r20703209-One-More-ISP-to-add-to-the-list-of-ISPs). Gregg. . and that NebuAd advises ISPs to install it inline in their networks in such a way that all web traffic passes through it. freepress. htm) on 2008-02-24. Retrieved 2010-05-20. Archived from the original (http:/ / www. . htm). [39] "LinkedIn Profile of Melissa Horwath" (http:/ / www. [41] "Claria Names D. BroadbandReports. As Chief Privacy Officer And Vice President Of Regulatory And Legislative Affairs" (http:/ / www. com/ in/ deepaknair73).com. BroadbandReports. Says Embarq" (http:/ / www. .000 word privacy policy?" (http:/ / arstechnica. Public Knowledge Policy Blog. theregister. 2008-06-26. . [44] "OnlyInternet. Retrieved 2008-05-14. [34] "benanderson. ars/ post/ 20080715-congress-goes-after-nebuad-again. ars technica. Forgery and Browser Hijacking" (http:/ / www. com/ shownews/ Broadstripe-Now-Selling-User-Browsing-History-94378). gov/ os/ comments/ behavioraladprinciples/ 080411nebuad. dslreports. Retrieved 2008-07-23. [46] "And Even One More ISP to add to NebuAds Harem" (http:/ / www. benanderson. net/ blog/ weblog. . com/ forum/ r20600537-ISP-Data-Collection-Congress-Investigation-Urged-NebuAd). org/ node/ 1664). 2008-06-06. [42] "Broadstripe Now Selling User Browsing History.. archive. pdf) (PDF). again" (http:/ / arstechnica. 2008-06-26. "US Congress questions legality of Phorm and the Phormettes" (http:/ / www. uk/ 2008/ 06/ 20/ nebuad_claria/ ). . html). "Ready — Fire — Aim: NebuAd and Charter Shellacked -. publicknowledge. Retrieved 2008-06-29. MarketingVOX: The Voice of Online Marketing." So while the data actually created and stored by NebuAd or Embarq may end up being totally anonymous and innocuous. com/ forum/ r20703445-And-Even-One-More-ISP-to-add-to-NebuAds-Harem). . net/ files/ NebuAd_Report. . [24] Anderson. Retrieved 2008-06-20. 2007-06-23. TechWeb Technology News. Retrieved 2008-06-19. Cade (2008-05-16). As the engineer explains. Retrieved 2008-04-26. BroadbandReports. . com/ in/ melissahorwath).NebuAd [22] "ISP Data Collection — Congress Investigation Urged (NebuAd-CDT Press Release)" (http:/ / www. org/ web/ 20080224042248/ http:/ / www. How would you build a device like this without profiling your users in the first place to determine who had opted out? It's not like there is an opt-out bit you can flip in the header of an Ethernet frame. . net/ gb/ inquirer/ news/ 2008/ 05/ 14/ charter-track-users-replace [29] The Associated Press (June 25. Saul (2008-05-14). com/ wow/ wow. [40] "Comments Of Nebuad. marketingvox. "Embarq: Don't all users read our 5. theinquirer. com/ wire/ security/ 183701933). they won't ever have one. Retrieved 2008-06-24. [30] Metz. Free Press. aspx?ConIdent=28& RCView=False& TermID=11#TPA). The Register. html).. everyone's data is still pumped into a third-party box. com/ terms/ privacypolicy. . . Retrieved 2008-06-26.opted out or not. Retrieved 2008-06-26. . blogs. [35] "NebuAd looks to 'spyware' firm for recruits" (http:/ / www. . Techcrunch. Their system is a bridge. . html). broadstripe. techweb. [43] "Broadstripe High Speed Internet Online Privacy Policy" (http:/ / web. And unless they alter the architecture of their system drastically. Retrieved 2008-06-20. 2008-06-26. theregister. [36] http:/ / whois. [31] Anderson.Net uses NebuAd for Behavioral Targeting" (http:/ / www. .com. com/ embarq-pleads-the-fifth-on-disclosing-nebuad-test-to-customers-040002/ ). BroadbandReports. 2008-05-14. com/ forum/ r20705904-RTC-on-Line-aka-Rochester-Telephone-Company-sells-to-NebuAd). com/ terms/ privacypolicy. . Reed Freeman. com/ news. [25] "Customers Shoulda Read the Privacy Policy. wowway. . via The New York Times Company. so you would need some sort of magical layer-two switching device upstream that switched frames from users that have opted out around the NebuAd appliance. php?id=D20070622).

39 . html). 2008-07-01. . or any other personally identifiable information. "6 Internet providers disclose Web tracking for ads" (http:/ / ap. [64] Ji. net/ privacy. nebuad.'Enhanced user experience' apparently not so enhanced. "Ad targeting based on ISP tracking now in doubt" (http:/ / ap. . Rodger. Retrieved 2008-06-18.. Committee on Energy and Commerce. [63] Jesdanun. google. BroadbandReports.. nytimes. BroadbandReports. 2008). click here. com/ forum/ r20704629-2020-Communications-and-NebuAd). com/ shownews/ Charter-User-Monitoring-Plans-Suspended-95551). Inc. com/ privacy/ optout. telephone number. dslreports. . Salon. . "ISPs still considering tracking Web use" (http:/ / www. Knology. The New York Times. If you would like to opt out. CEO and Chairman of the Board. "WOW! Suspension of Nebuad Services" (http:/ / www. [54] "CenturyTel Drops NebuAd" (http:/ / www. Retrieved 2008-06-27.W. "Beginning April 23rd. DSLReports. . . [49] Hansell. . [55] "Bresnan actively intercepting ALL packets" (http:/ / www. John Linko (Blog). com/ 2008/ 07/ bresnan-internet-privacy-update. com/ forum/ r20737958-Nexicom-is-using-NebuAd). Philip P. 2008-06-27. house. Peter (2008-06-25). 2008). Retrieved 2008-06-25. [65] Jesdanun. . or any other personally identifiable information. Inc. dslreports. 2008-07-03.O. House of Representatives. 2008-06-26. [58] "Nexicom Privacy Policy" (http:/ / www. [52] Svensson. Karl (2008-06-24). Third Party Advertisers.. . Committee on Energy and Commerce — US House of Representatives. [61] "Knology Customer Service Agreement" (http:/ / support. Retrieved 2008-06-25. dslreports. Retrieved 2008-09-01. we will partner with a third party to deliver or facilitate delivery of advertisements to our users while they are surfing on the web. com/ 2008-09/ isp-behavioral-targeting/ )." (http:/ / www. . google. salon. (2008-08-08). "RE: Internet Advertising Inquiry" (http:/ / energycommerce. telephone number. These advertisements will be based on those users' anonymous surfing behavior while they are online. dslreports. By opting out you will continue to receive advertisements as normal. Missoula MT Nebuad" (http:/ / www. blogspot. Retrieved 2008-05-14.. com/ forum/ r20736487-WOW-Suspension-of-Nebuad-Services). nexicom. . . com/ forum/ r20258823-Bresnan-actively-intercepting-ALL-packets). BroadbandReports. Associated Press via Google. email address. dslreports. This anonymous information will not include those users' name. blogs. By opting out. dslreports. [60] prack (2008-07-03). Retrieved 2008-06-26. (links to http:/ / www. com/ privacy/ optout. Retrieved 2008-06-27. .com Forums — US Cable Support — W. Retrieved 2008-09-01. pdf) (PDF). This anonymous information will not include those users' name. php" [62] Johnson. . 080108responseCABLE001. php page)" [59] "Nexicom is using Nebuad" (http:/ / www. gov/ Press_110/ Responses to 080108 TI Letter/ 110-ltr. dslreports. These advertisements will be based on those users' anonymous surfing behavior while they are online. gov/ Press_110/ Responses to 080108 TI Letter/ 110-ltr.com. knology. [50] Bode. 2008 Letters to Network Operators Regarding Data Collection Practices" (http:/ / energycommerce.com. Retrieved 2008-08-11. com/ 2008/ 05/ 14/ charter-will-monitor-customers-web-surfing-to-target-ads/ index. You will continue to receive advertisements as normal. com/ forum/ r20554465-Centurytel-and-NebuAd). [51] "ISP Behavioral Targeting Versus You" (http:/ / www. house.com. If You would like to opt out. html?ref=business). 080108responseKnology. [53] "CenturyTel and NebuAd" (http:/ / www. Associated Press via Google. 2008-05-28. U. com/ article/ ALeqM5hojy5UugX8vlpZa1urv5KYVDHDjAD92TSRNG0). Saul (2008-05-14). com/ forum/ r20706000-Blackfoot-Telecommunications-Group-Inc-Missoula-MT-Nebuad).com. . Retrieved 2008-09-01. "9. from Responses to August 1. Retrieved 2008-07-01.com. pdf) (PDF via Google HTML). Anick (September 1. except these advertisements will be less relevant and less useful to you. email address.. Canadian Broadband Forum on BroadbandReports. seoserpent. Knology will partner with a third party to deliver or facilitate delivery of advertisements to our users while they are surfing the web. net/ content/ custService_agree_121207. 2008-09-26. com/ article/ ALeqM5i0jj6e-BuV4qnseoMIL1fJFB7uhAD92TEAE80). . pdf) (PDF). except these advertisements will be less relevant and less useful to you. "Charter Will Monitor Customers’ Web Surfing to Target Ads" (http:/ / bits. [56] "Bresnan — Internet Privacy Update" (http:/ / johnlinko. Anick (August 31. "Letter. com/ forum/ r20711216-Centurytel-drops-NebuAd).com.com. go to: http:/ / nebuad. .NebuAd [48] "20/20 Communications and NebuAd" (http:/ / www. BroadbandReports. 2008-06-26. [57] "Blackfoot Telecommunications Group. BroadbandReports. . Retrieved 2008-07-21. Retrieved 2008-07-02. "Charter User Monitoring Plans Suspended . html). Retrieved 2008-06-30. php). com/ wires/ ap/ scitech/ 2008/ 06/ 25/ D91HAQHO1_tec_web_tracking/ index.S. dslreports.

lawful interception and cyber security. applications. instant messaging. Webmail. in real time. It examines.. laptops and mobile devices. security functions and data mining for new products and services needed since the emergence of Web 2. when. It enables vendors to create an information layer with metadata from IP traffic to feed multiple applications for more detailed and expansive visibility into network-based activity. NI provides the means to quickly identify. revenue assurance. NI’s value-add to solutions traditionally based on DPI has attracted the attention of industry [10] now includes NI companies on its analysts who specialize in DPI market research. VoIP. blogs. . methods of access. Heavy Reading Deep Packet Inspection Semi-Annual Market Tracker. NI extends network controls. Packet Capture and Business Intelligence (BI).. online chat. business capabilities. NI technology goes beyond traditional DPI. DPI focuses on recognizing different types of IP traffic as part of a CSP’s infrastructure. enabling better cyber security and IP services. With ongoing changes in communications networks and how information can be exchanged.Sometimes referred to as Network Acceleration. types of activity and volume of content generated..[1] [2] [3] [4] Background [7] The evolution and growth of Internet and wireless technologies offer possibilities for new types of products and services. Network optimization and security solutions therefore need to address the exponential increases in IP traffic.[4] Business Intelligence for data networks In much the same way that BI technology synthesizes business application data from a variety of sources for business visibility and better decision-making. NI is used as a middleware to capture and feed information to network operator applications for bandwidth management. performance optimization and Quality of Service (QoS). The technology enables a global understanding of network traffic for applications that need to correlate information such as who contacts whom. social networks – and from different access points via desktops.[4] [5] as well as opportunities for hackers and criminals to exploit weaknesses and perpetrate cyber crime[6] . since it not only recognizes protocols but also extracts a wide range of valuable metadata. governments and large enterprises.Network intelligence 40 Network intelligence Network Intelligence (NI) is a technology that builds on the concepts and capabilities of Deep Packet Inspection (DPI). policy management. traffic shaping. NI creates a powerful nexus of subscriber and network data. For example. or who accesses what database. when. NI provides more granular analysis. market research mega panel analytics. The same person can communicate in multiple ways – FTP. service assurance. charging and billing (including usage-based and content billing).[8] [9] Traditional DPI tools from established vendors like Sandvine and Allot have historically addressed specific network infrastructure applications such as bandwidth management.0 and wireless 3G and 4G technologies. It is currently being incorporated into a wide range of applications by vendors who provide technology solutions to Communications Service Providers (CSPs). and the information viewed. NI technology correlates network traffic data from a variety of data communication vehicles for network visibility. and protocols whether or not the protocols are tunneled or follow the OSI model. people are no longer linked exclusively to physical subscriber lines. When combined with traditional BI tools that examine service quality and customer care. where and how. examine and correlate interactions involving Internet users. IP data packets that cross communications networks by identifying the protocols used and extracting packet content and metadata for rapid analysis of data relationships and communications patterns.

The cost savings and revenue opportunities driving smart pipe strategies also apply to Network Equipment Providers. it provides the required visibility and analysis of user demand to create and deliver differentiating services. Because NI captures detailed information from the hundreds of IP applications that cross mobile networks. Use in cloud computing The economics and deployment speed of cloud computing is fueling rapid adoption by companies and government agencies.Network intelligence 41 Use in telecommunications Telcos. and critical transparency to allay fears of potential customers. Platform as a Service (PaaS) and Software as a Service (SaaS) vendors with real-time situational awareness of network activity. NI classifies protocols and applications from layers 2 through 7. generates metadata for communication sessions. and correlates activity between all layers. Customer Segmentation. e-discovery. User Behavior Analysis. Quality of Experience (QoE). VoIP Fraud Monitoring and Regulatory Compliance. applicable for Bandwidth & Resource Optimization. as well as manage usage once deployed. regulatory compliance and auditing[14] [15] [16] . A vendor can demonstrate hardened network security to prevent Data Leakage or Data Theft and an irrefutable audit trail of all network transaction – communication and content – related to a customer’s account. are risks of information security. Requirement Purpose • • • • Network Metrics • • services events Identify / deliver / manage services • • • • • Example Applications Audience measurement User behavior analysis Customer segmentation Personalized services Bandwidth / resources optimization Content / application-aware billing Quality of Experience (QoE) analysis VoIP fraud monitoring Regulatory compliance Customer Metrics Understand customer demand NI as enabling technology for smart pipe applications Customer metrics are especially important for telecom companies to understand consumer behaviors and create personalized IP services.[11] [12] [13] Among concerns. however. . Content-Based Billing. Internet Service Providers (ISPs) and Mobile Network Operators (MNOs) are under increasing competitive pressures to move to smart pipe business models. NI mitigates the risks by providing Infrastructure as a Service (IaaS). NI enables faster and more sophisticated Audience Measurement. and Personalized Services. Software Vendors and Systems Integrators that serve the industry. Real-time network metrics are equally important for companies to deliver and manage services. Quality of Service (QoS).

lightreading. Retrieved 2009-07-27. Retrieved 2009-07-27. GigaOM. Retrieved 2010-06-15. [12] "IDC Finds Cloud Computing Entering Period of Accelerating Adoption and Poised to Capture IT Spending Growth Over the Next Five Years" (http:/ / idc. [5] Aditya Kishore (2008-07-21). The network visibility afforded by NI can also be used to build enhancements and next-generation solutions for Network Performance Management. govinfosecurity. "Light Reading report: Network Acceleration . fiercetelecom. [14] Henry Sienkiewicz (2008-04-30). [6] Shireen Dee (2009-02-03). html). Database Auditing and Network Protection.Managing Data Growth" (http:/ / www. it enhances the effectiveness of applications for Database Security. PC World. Retrieved 2009-07-27. 2008-10-20. Yankee Group Anchor Report. . networkworld. IDC. com/ d/ cloud-computing/ dangers-cloud-computing-839). Retrieved 2009-07-27. "A Brave New World: 700M New Net Users Seen By 2013" (http:/ / gigaom. "The dangers of cloud computing" (http:/ / www. htm). extraction and analysis allow security specialists to take preventive measures and protect network assets in real time as a complement post-mortem analysis after an attack. jsp?containerId=prUS21480708). "The Everyday Relationship Between You and ‘Your’ Information: What’s Out There on the Internet" (http:/ / ipcommunications. pdf). TMCnet. do?id=53513). . . com [11] Stacey Higginbotham (2009-07-21). [8] "2008 Internet Security Trends" (http:/ / www. [16] Jon Brodkin (2008-07-02). Light Reading. "Network Intelligence is Key to Profiting from Anywhere Demand" (http:/ / www. Info World. providing situational awareness for Lawful Interception and Cyber Security. php?podcastID=229). "Gartner: Seven cloud-computing security risks" (http:/ / www. . com/ document. Use in business Because NI combines real-time network monitoring with IP metadata extraction. . "Deep Packet Inspection Semi-Annual Market Tracker" (http:/ / www. Retrieved 2010-06-15. infoworld. Retrieved 2009-07-28. com/ topics/ caas-saas/ articles/ 49997-qosmos-network-intelligence-helps-development-smart-pipe-solutions. Real-time data capture. Retrieved 2009-07-28. 2008. [2] Brian Partridge (2010-05-17). . Customer Experience Management. com/ topics/ ip-communications/ articles/ 52992-everyday-relationship-between-and-information-whats-out-there. com/ 2009/ 07/ 21/ a-brave-new-world-700m-new-net-users-seen-by-2013/ #more-59899). [4] Simon Sherrington (2010-06). . yankeegroup. tmcnet. com). [3] Thibaut Bechetoille (2009-03-25). com/ getdoc. "Qosmos Network Intelligence Helps Development of Smart Pipe Solutions" (http:/ / caas. Retrieved 2009-07-28. heavyreading. . com/ news/ 2008/ 070208-cloud. [9] Jordan Golson (2009-07-21). "Market Research: New Opportunity for Service Providers?" (http:/ / www. MessageLabs. Retrieved 2009-07-28. Government Information Security Podcasts. References [1] Jessica Schieve (2011-02-23). heavyreading. Content Filtering. com/ podcasts. Retrieved 2010-06-15. [15] Ephraim Schwartz (2008-07-07). [10] http:/ / www. Light Reading. Info World. html). . . "DISA’s Cloud Computing Initiatives" (http:/ / www. . "More Cash for Cloud Computing in 2009" (http:/ / www. GigaOM. asp?doc_id=159415). com/ 2009/ 07/ 21/ will-p2p-soon-be-the-scourge-of-mobile-networks/ #more-59491). Retrieved 2011-03-15. 2009. tmcnet. . Retrieved 2009-07-27. Retrieved 2009-07-28. com/ businesscenter/ article/ 162157/ more_cash_for_cloud_computing_in_2009. "Will P2P Soon Be the Scourge of Mobile Networks?" (http:/ / gigaom. TMCnet. WAN Optimization. Retrieved 2009-07-27. . [13] Tom Sullivan (2008-03-29). com/ mlireport/ MLIReport_Annual_2008_FINAL. [7] "MessageLabs Intelligence: 2008 Annual Security Report" (http:/ / www. com/ offer/ windriver_intel?source=ebook_tab). and internal billing of networked applications. pcworld. . htm). IronPort. messagelabs. when where and how. com/ ResearchDocument. com/ securitytrends/ ). . Heavy Reading. ironport.Network intelligence 42 Use in government NI extracts and correlates information such as who contacts whom. .

Roy Zisapel is the current President. application & WAN optimization. The disposal by Nortel was part of a move to reduce its debt and recover from Chapter 11. Africa and Asia Pacific. Sales markets The company markets and sells its products worldwide through an indirect sales channel that includes distributors and resellers located in the Americas. e-Commerce. Israel. insurance. CEO and Director. Radware offers networking solutions for data center virtualization. . transportation.com [2] Radware (NASDAQ:RDWR). Middle East. Israel and is a member of the Rad Group of companies. education. cloud computing. now President of Payoneer. manufacturing. is a provider of integrated Application Delivery and Network Security solutions based in Tel Aviv.[3] History Radware was co-founded by Yehuda Zisapel and Zohar Zisapel in 1997. and security.[5] Radware former VP of business development is businessman Yuval Tal. mobile communications. For the enterprise. Its customers cover all major industry segments including financial services. Europe. In February 2009 Radware acquired Nortel’s Application Delivery business (Alteon) and now offers them under a merged brand.1 million USD (2010) 700+ Radware Alteon www. healthcare. services and carriers. government. Israel Key people Products Revenue Employees Subsidiaries Website CEO: Roy Zisapel CFO: Meir Moshe COO: Ilan Kinreich Application Delivery and Network Security $144. retail. In 1999 the company had an initial public offering and was listed on the NASDAQ stock exchange. Radware Alteon.radware.Radware 43 Radware Radware Type Industry Founded Public (NASDAQ: RDWR Technology 1997 [1] ) Headquarters Tel Aviv.[4] The company is headquartered in Tel Aviv.

Blue Coat. . (http:/ / www. RSA and BEA. January 21.aspx?id=8361) CTO Edge. bnet.radware.aspx?id=8417) Processor.radware. asp?symbol=RDWR& selected=RDWR [2] http:/ / www.radware. Computer Business Online. Forum. retrieved 2009-10-16 [4] Net Management Firm. 2011 • Carl Herberger VP of security solutions. com/ news/ net_management_firm_radware_files_for_43m_ipo). com/ asp/ SummaryQuote. Radware USA: Facebook hacked: a reminder for on-line businesses (http://www.com/newsevents/mediacoveragedetail.aspx?id=8365) Global Security Mag. 2011 • Radware Makes ADCs Virtual (http://www. . retrieved 2009-10-16 [5] Radware acquires Nortel division for USD18m (http:/ / www. SAP AG. retrieved 2009-10-16 [6] Radware partners (http:/ / www. Juniper Networks. aspx). Oracle Corporation. com/ resource/ networking/ loadbalancing/ Mediaproducts-gartner.Radware 44 Core technology The core technologies that make up Radware’s offering include: • • • • • • • • • • • • Application Delivery Virtualization Global Load Balancing VoIP Load Balancing SIP Load Balancing Application Acceleration SSL Acceleration XML Acceleration/Security MultiWAN Switching Quality of Service (QoS) Web Application Firewalling Network Intrusion Prevention DPI/DFI Partners Radware partners with leading industry application and technology providers such as: AT&T.aspx?id=8419) Fox News.radware. retrieved 2009-10-16 External links • To Probe 'Dark Spots' Where Cybercrooks Lurk. Microsoft.aspx?id=8363) TechNewsWorld. Finjan.com/newsevents/mediacoveragedetail. February 11. HP. radware. com/ 2448-14061_23-272392.radware. Blackboard.com/newsevents/mediacoveragedetail. BNET. com/ Company/ TechnologyAlliances/ default. aspx?id=8295) Investor’s Business Daily.com/newsevents/ mediacoveragedetail. InfoSys. . 2011 . com/ [3] Magic Quadrant for Application Delivery Controllers. 2011 • Inside Data Center Preparedness (http://www. Security (http://www. Riverbed. ByteMobile. securitytechnet. IBM. 2011 • Facebook Once Again Hangs Up on Phone Rumors (http://www. cbronline. radware. 2011 • Web Traffic Requires Traffic Cop.com.aspx?id=8315) Infosecurity Magazine.com/newsevents/mediacoveragedetail.com/newsevents/ mediacoveragedetail.com/newsevents/ mediacoveragedetail. January 27. BEA. January 19. February 1. . html). February 24. January 26. 2011 • Smartphones and Social Media Can Be a Risky Combination (http://www.radware. Gartner. nasdaq. FBI Wants New Tools (http://www. Files for $43m IPO (http:/ / www.[6] References [1] http:/ / quotes. pdf).radware. VMWare. Radware.

com/free/co/factsheet.xhtml?ID=61374&cm_ven=PAID& cm_cat=OVR&cm_pla=CO4&cm_ite=radware) .yahoo. 2010 • Radware Factsheet (http://www.com/q/pr?s=RDWR) 45 .com/newsevents/ mediacoveragedetail. January 13.aspx?id=8211) Investor’s Business Daily.com • Radware on Yahoo Finance (http://finance.hoovers. 2011 • WikiLeaks Hacktivists Explain “Operation Payback” (http://www.com/ newsevents/mediacoveragedetail.Radware • Virtualized infrastructure key to enticing enterprise to carrier cloud services (http://www.aspx?id=8239) ConnectedPlanet. December 10.radware.by Hoovers.radware.

In March 2006 Sandvine completed an initial public offering on the London AIM exchange under the ticker 'SAND'. and substitute it for the one selected by the P2P . A subsequent round of financing of $19M (Cdn) was completed in May 2005. Ontario (2001) Industry Founded Headquarters Waterloo.com [3] Sandvine Incorporated (TSX: SVC [1]. usage-based billing. COO and VP Engineering Don Bowman.[7] Sandvine targets its products at consumer Tier 1 and Tier 2 networks including cable. Ontario. An initial round of VC funding launched the company with $20M (Cdn). AIM: SAND [2]). and security. In October 2006 Sandvine completed an initial public offering on the Toronto stock exchange under the ticker 'SVC'. Many operators have shifted focus to revenue generating services and reducing operational expenditure. Ontario Key people Dave Caputo. is a networking equipment company based [4] in Waterloo. using multiple source (EHLO) domains and large address books. Co-Founder. DSL. Initial product sales focused at congestion management as operators struggled with the high growth of broadband. and uses a path cost algorithm to reduce congestion while still delivering the same content. President and CEO Scott Hamilton. Co-Founder. and P2P path optimisation. by a team of approximately 30 people from a recently closed Cisco acquisition. PixStream. CTO Website www.[5] billing. spam control is based on identifying sources of spam from behaviors such as using multiple SMTP servers. including the control of spam.sandvine.[11] [12] The P2P path optimizer [13] focuses on Gnutella. ranging from service creation. Co-Founder. Canada. VoIP and gaming.[8] Company history Sandvine was formed in August 2001 in Waterloo. Sandvine network policy control products are designed to implement broad network policies. Rather than identifying individual messages. EVP Marketing & Sales Brad Siim.[6] congestion management. Canada. including the hash requested. Co-Founder. The device can then determine the optimal peer to use. Ontario. CFO Tom Donnely. Stateful Policy Management [14] uses stateful deep-packet inspection and packet spoofing to allow the networking device to determine the details of the p2p conversation.Sandvine 46 Sandvine Sandvine Incorporated Type Public [1] TSX: SVC [2] AIM: SAND Networking Hardware and Software Waterloo. quality of service. Technology Sandvine's technology focuses on policy management. and mobile.[9] [10] Quality of service control is provided for a range of media applications including video conferencing.

sandvine. May 2000 article "Nonintrusive TCP Connection Admission Control for Bandwidth Management of an Internet Access Link". ietf. com/ en-gb/ pricesnews/ prices/ Trigger/ genericsearch. int/ pctdb/ en/ wo. by "[sitting] in the middle. ca/ en/ releases/ archive/ October2006/ 10/ c6288. jsp?wo=2005109816) [11] Sandvine Incorporated: Service Delivery Engine (http:/ / www.StarHub Selects Sandvine to Deploy End-to-End PacketCable MultiMedia Solution (http:/ / www. sandvine. sandvine. which effectively caused a certain limited number of outbound connections to immediately terminate. gov/ prod/ ecfs/ retrieve. asp) [12] CNW Group | VECIMA NETWORKS INC. int/ pctdb/ en/ wo.[21] [22] A product whitepaper published by Sandvine confirms that its products are configurable to use "Session Management" capability to prevent customers using BitTorrent from providing uploads to peers who are not close to them on the network.[20] Comcast injected reset packets into peer-to-peer connections. londonstockexchange. References [1] [2] [3] [4] [5] http:/ / tmx. jsp?wo=2003094465) [14] "Meeting the Challenge of Today's Evasive P2P Traffic" (http:/ / www. com/ 2011/ 05/ cantech-letter-interviews-dave-caputo-of-sandvine-tsxsvc/ Sandvine Incorporated: Press Release . ars/ post/ 20071021-comcast-traffic-blocking-even-more-apps-groupware-clients-affected.[19] According to independent testing. | CableMatrix and VCom Showcase First QoS Enhanced Video Conferencing over WiMAX Solution (http:/ / www. as well as all fixed access. com/ news/ pr_detail. wipo. This is the default behaviour for Sandvine’s session management policy and limits external leechers from [23] connecting to internal seeds. sandvine. quotemedia. do?lang=EN& docClass=7& issuerNo=00024246& fileName=/ csfsprod/ data106/ filings/ 01560378/ 00000001/ s:\svcMDA. sandvine. Fairshare. com/ products/ service_delivery_engine. html) [13] (WO/2003/094465) PATH OPTIMIZER FOR PEER TO PEER NETWORKS (http:/ / www. . cantechletter. pdf) [9] A SYSTEM AND METHOD FOR DETECTING SOURCES OF ABNORMAL COMPUTER NETWORK MESSAGES . php?qm_symbol=SVC http:/ / www. imitating both ends of the connection. sandvine. cgi?native_or_pdf=pdf& id_document=6520169715) [19] Comcast's Protocol-Agnostic Congestion Management System (http:/ / tools. newswire. org/ deeplinks/ 2007/ 10/ comcast-also-jamming-gnutella-and-lotus-notes) .[17] 47 Comcast Controversy Sandvine products are used by Comcast in the United States to manage Internet traffic generated by peer-to-peer file sharing software.Major Wireless Carrier Selects Sandvine’s 10-Gigabit Ethernet Solution to Give Subscribers More Control over their Mobile Internet Experience (http:/ / www. com/ GetFile. com/ EP1743466.Free Online Library (http:/ / www. the subscriber may be session managed without negative impact. asp?FILEID=16) [15] Comcast traffic blocking: even more apps. com/ Adelphia+ Selects+ Sandvine+ to+ Protect+ Subscribers+ from+ Worms+ and+ Spam. and sending reset packets to both client and server. -a0139417017) [8] Sandvine Management's Discussion and Analysis (http:/ / sedar." [15] The usage-based-billing includes[16] pre-paid and post-paid 3G and 4G mobile access. fcc.[18] Sandvine's current congestion management product. In cases where a subscriber is a “seeder” and uploads content to an off net “leecher”. com/ news/ pr_detail. com/ news. com/ general/ getfile.org article on Comcast jamming Gnutella and Lotus (http:/ / www. com/ news/ pr_detail. is described in detail in an RFC. com/ http:/ / www. wipo. html) [16] Sandvine Supports Cricket Broadband Internet (http:/ / www. org/ html/ rfc6057) [20] eff.and post-paid service plans across converged networks (http:/ / www. session management is an effective strategy. asp?ID=283) [18] Comcast's compliance report to FCC on its previous network management techniques (http:/ / gullfoss2.Sandvine algorithm. asp?ID=243) [17] Sandvine supports pre. html) [10] (WO/2005/109816) A SYSTEM AND METHOD FOR DETECTING SOURCES OF ABNORMAL COMPUTER NETWORK MESSAGES (http:/ / www. htm?bsg=true& ns=SAND http:/ / www.. freepatentsonline. This affects all uses of BitTorrent (such as open-source project distribution. com/ news/ pr_detail. asp?ID=148) [7] Adelphia Selects Sandvine to Protect Subscribers from Worms and Spam. This method of network management was described in the IEEE Communications. sandvine.Patent EP1743466 (http:/ / www. groupware clients affected (http:/ / arstechnica.. asp?ID=100) [6] Sandvine Incorporated: Press Release . com/ quote. eff. patch distribution and illegal downloads). thefreelibrary.

org/article.comsoc. sandvine. asp?FILEID=21 48 External links • Sandvine (http://www.org/ci/private/2000/may/Kumar. html) [23] Session Management: BitTorrent Protocol .comsoc. comsoc. html) [22] Nonintrusive TCP Connection Admission Control for Bandwidth Management of an Internet Access Link (http:/ / www.html (http://www. org/ ci/ public/ 2000/ may/ index.dslreports.org/ci/private/2000/ may/Kumar. comsoc.html) .com) • Slashdot: Comcast filtering network packets (http://slashdot.sandvine.com/forum/ r18323368-Comcast-is-using-Sandvine-to-manage-P2P-Connections) • http://www. com/ general/ getfile.Managing the Impact on Subscriber Experience http:/ / www.Sandvine [21] IEEE Communications Interactive (http:/ / www.pl?sid=07/10/19/1417238) • Dslreports: Comcast is using Sandvine to manage P2P Connections (http://www. org/ ci/ private/ 2000/ may/ Kumar.

[3] [5] In the late 1990s they released a security product later branded "SonicWALL" which was a dedicated hardware appliance with firewall and VPN software intended for the small-business market. Teachers' Private Capital.com [2] [1] SonicWALL is a private company headquartered in San Jose.[8] On July 23. UTMs (Unified Threat Management). CA.[4] History The company was founded in 1991 under the name "Sonic Systems" by brothers Sreekanth and Sudhakar Ravi to develop Ethernet and Fast Ethernet cards.[6] Matthew T. Sudhakar Ravi Products Revenue Employees Website Security Appliance filtering Spam. These include devices providing services for network firewalls. (Matt) Medeiros CFO: Robert D. (Matt) Medeiros (formerly of Philips Components) became CEO in March 2003. hubs and bridges. LLC. 2010 SonicWALL announced that it has completed its merger with affiliates of an investor group led by Thoma Bravo. which includes the Ontario Teachers' Pension Plan through its private investor department. The company also markets information subscription services related to their products.[3] The company solutions also serve to solve issues surrounding HIPPA and PCI compliance issues. Viruses and other Malware USD 219 million (2008) 700 (January 2008) www. backup and recovery. . It sells a range of internet appliances primarily directed at content control and network security. After the merger SonicWall was delisted from NASDAQ.SonicWALL 49 SonicWALL SonicWALL Type Industry Founded Private Backup and Recovery. California Key people CEO: Matthew T. Spyware. VPNs (Virtual Private Network). In November 1999 they went public (SNWL). Internet security 1991 Headquarters San Jose. and anti-spam for email. Selvi Founders: Sreekanth Ravi. Security appliances. Backup and Recovery. expanding its product line in the process.sonicwall.[7] The company has acquired a number of companies through the years.

org/ web/ 19990504153444/ http:/ / www. com/ q/ pr?s=SNWL). Google. archive. Retrieved 2010-03-05. . SonicWALL. redzonetech." (http:/ / finance. co.) (http:/ / www.gov (http:/ / www. aisec. 2010. [4] "Sonicwall PCI Compliance Case Study" (http:/ / www. Inc. O). ecommercetimes. yahoo. [5] "Corporate Information" (http:/ / web. co. com [3] "SNWL: Profile for SonicWALL. SonicWALL. gov/ Archives/ edgar/ data/ 1093885/ 000109388509000007/ f10k. reuters. html). 1999. 1999.SonicWALL 50 Resellers • • • • New England[9] UK & Ireland[10] UK & Ireland[11] United States[12] References [1] sec. pdf). com/ Corporate_Info/ index. [8] "News Archive Search of "SonicWall acquisition" including frequency chart" (http:/ / news. net/ wp-content/ uploads/ 2011/ 06/ Davco_Restaurants_SW. . htm) [2] http:/ / www. . Retrieved 2011-06-06. NSIserv. uk/ ) [11] SonicWALL Online (UK Gold Partner) (http:/ / www. uk/ ) [12] RedZone Technologies (http:/ / www. sec. com/ Corporate_Info/ index. Reuters. 2010. Ecommerce Times. sonicsys. google. Retrieved 2010-03-05. sonicsys. . . sonicwallonline. html?wlc=1267835772). com/ ) [10] AIS (Access Information Security) (http:/ / www. html) on 1999-05-04. 2011. 2010. sonicwall. . Retrieved 2010-03-05. com/ archivesearch?um=1& cf=all& ned=us& hl=en& q=SonicWall+ acquisition& cf=all). Retrieved 2010-03-05. [9] NSI (New England Systems Inc. redzonetech. net/ ) . com/ finance/ stocks/ companyOfficers?symbol=SNWL. Archived from the original (http:/ / www. com/ story/ 1715. Yahoo!. Retrieved 2010-03-05.Reuters" (http:/ / www. [6] "SonicWall IPO Should Make Noise" (http:/ / www. [7] "SonicWall Company Officers .

and SSL VPN systems.Stonesoft Corporation 51 Stonesoft Corporation Stonesoft Corporation Secure Information Flow Type Public [1] NASDAQ OMX: SFT1V Network Security Helsinki. IPS (intrusion detection and prevention systems). and China. and VMware-certified virtual appliances. and sales offices throughout Europe. Finland Area served Key people Worldwide Ilkka Hiidenheimo (Chairman & CEO) Juha Kivikoski (COO) Mikael Nyberg [2] (CFO) Products Network security Firewall IPS VPN Security appliances Virtual appliances Employees Website [3] 174 (Dec 2009) stonesoft. originally developed for Check Point FireWall-1. . the Middle East. Stonesoft does business globally. Its product portfolio includes firewall/VPN devices. as well as third-party devices. Finland-based vendor of network security solutions.[5] each available as hardware appliances. software.[7] The product portfolio differentiates through unique clustering and load balancing technologies based on the company's older StoneBeat technology. United States. with a regional headquarters in Atlanta. can be managed from the StoneGate Management Center.com [4] Stonesoft Corporation is a publicly owned Helsinki. Finland (1990) Ilkka Hiidenheimo Hannu Turunen Industry Founded Founder(s) Headquarters Helsinki. Georgia.[6] Each of the components.

[14] References [1] http:/ / www. becoming a direct competitor to Check Point.621& RS=PN/ 6. com/ cgi-bin/ stories. com/ solutions/ partners/ stonesoft_fc.621 [9] http:/ / www.[13] The District Court of Helsinki had originally dismissed the claims in a decision on November 15. nasdaqomxnordic. stonesoft. for IBM mainframes. html [8] http:/ / patft. vmware. 2001. stonesoft.[9] In 2001. icsalabs.[11] Gartner notes that Stonesoft "serves a set of placements well – usually. com/ export/ download/ financial_files/ stonesoft_annual_report_2009_en.[11] The StoneGate firewall/VPN is regarded for its "robust performance and feature set relative to company resources. The court "held that two members of the company's board of directors and a former CEO through gross negligence had failed to give a profit warning in due time". stonesoft.[11] The StoneGate IPS has also placed in Gartner's Magic Quadrant for Network Intrusion Prevention.856.621. com/ us/ products/ index. com/ appliances/ directory/ cat/ 522?k=Stonesoft& c=522 [7] http:/ / www. com/ en/ investor_relations/ corporate_governance/ management/ [3] http:/ / www. pdf [12] https:/ / www. html& r=1& f=G& l=50& co1=AND& d=PTXT& s1=6. & OS=PN/ 6. The reports indicated the company was sound and profitable. html [10] http:/ / www2.[8] launching StoneBeat FullCluster. and is currently placed in the niche quadrant.856. html [6] http:/ / www. In January 2003. 2006. the company introduced the first virtual firewall/VPN solution. com/ products?tid[]=4222 . and it has a loyal customer base". com/ us/ products/ smc/ index. In 1999.Stonesoft Corporation 52 History Stonesoft started as a systems integrator in the Nordic regions of Europe. yet "a profit warning should in fact have been issued". It was one of the first technologies certified in Check Point's OPSEC program. pl?ACCT=104& STORY=/ www/ story/ 01-22-2003/ 0001876476& EDATE= [11] http:/ / www. It is also certified by ICSA Labs Network Intrusion Prevention and Detection category. uspto. stonesoft. prnewswire.[12] Controversy In 2008. PN. high availability is key or when the leaders are otherwise not welcome". gov/ netacgi/ nph-Parser?Sect1=PTO2& Sect2=HITOFF& p=1& u=%2Fnetahtml%2FPTO%2Fsearch-bool. the Helsinki Court of Appeal issued a decision in a case brought against Stonesoft and several members of its management team. Stonesoft expanded its product set into the firewall/VPN space. com [5] http:/ / www. vadition. The StoneGate Firewall/VPN was launched on March 19. com/ aktier/ shareinformation?Instrument=HEX24350 [2] http:/ / www.[10] Products Stonesoft's current product portfolio can be divided into four major categories[5] : • • • • StoneGate Firewall/VPN StoneGate IDS/IPS StoneGate SSL VPN StoneGate Management Center (SMC) The StoneGate Firewall/VPN has placed in Gartner's Magic Quadrant for Enterprise Network Firewalls for several years.856.[13] The issue at hand was discrepancies between the profitability forecasted in the company's year 2000 interim reports and the actual state of the company at that time. pdf [4] http:/ / www. a technology for creating a high availability pair of firewalls in an active-passive configuration. the company extended StoneBeat with a patented load balancing clustering technology. stonesoft. In 1994 it introduced StoneBeat. opsec. and is one of only four vendors in the consortium to achieve that certification. com/ pdf/ Gartner_Magic_Quadrant_Firewalls_2010.

fi/ whats_new/ newsletters/ D& I%20Q4%202008. dittmar. co. uk/ news/ story. aspx?id=10020587 53 External links • Official website (http://www.com) • Semi-official community Web site (http://stoneblog.com) . euroinvestor.stonesoft.Stonesoft Corporation [13] http:/ / www. PDF [14] http:/ / www.stonesoft.

com/ news/ view/ 119 [13] http:/ / www. com/ resources/ deep_session_inspection. United States Steve Zhu (CEO) DPI Software [2] Theta Networks is a New Jersey based Telecommunication solutions company that was founded in 2005. DNS. Theta's solutions reassembles and finds relationships between subscriber application sessions at Open Systems Interconnection layer 7 using Deep Packet Inspection. html [5] http:/ / www. thetanetworks. nokiasiemensnetworks. php?press_id=1162 [7] http:/ / www. a DPI-based network security product. businessweek. thetanetworks. Theta Networks company works in France through a partner[11] . HTTP. rl. html [9] http:/ / www. com/ [3] http:/ / www. and Russia. thetanetworks. and China.[1] The company develops Deep Packet Inspection-based software that can be used for monitoring. Inc. and Streaming Technology. com/ research/ stocks/ private/ snapshot. html [10] http:/ / searchsecurity. com/ telecom-oss/ theta-networks-and-syrus-systems-form-partnership-in-russia/ . and assisted China Mobile during the Olympic Networks. Orange and China Mobile [4] [5] Games Recently. and Cross Session Inspection. Cross Packet Inspection. Theta Networks has also been working with China Mobile on monitoring and support for their new TD-SCDMA networks[6] . Theta Networks has been a major supplier to Nokia Siemens [1] [3] . com/ news_events/ china_mobile_thanks_theta_networks_for_its_unique_support_during_the_olympics. techtarget. South America.[7] [8] [9] This technology can be applied to mobile use of WAP. MMS. co. com/ global/ Press/ Press+ releases/ news-archive/ Nokia+ Siemens+ Networks+ to+ expand+ its+ customer+ base+ in+ service+ management+ through+ channel+ partners. Ericsson. SMS. asp?privcapId=28831084) BusinessWeek. thetanetworks.com [2] http:/ / www. ossnewsreview. htm [4] http:/ / www. Theta Networks also offers VirusGuardMax.[13] References [1] Theta Networks. thetanetworks. com/ extras/ ict_telecom_press_release_article. genetel. optimization. html [6] http:/ / www. co. uk [11] http:/ / www. html& src=searchsecurity. html [8] http:/ / www. and also recently established partnerships in Australia[12] . vanillaplus. connect-world. fr/ Press-Announcements/ Press-AnnouncementTheta-Networks. uk/ detail/ PROD/ 1110792023_599. Motorola. techtarget. com/ resources/ cross_packet_inspection.[10] The company has office in New Jersey.Theta Networks 54 Theta Networks Theta Networks Type Industry Founded Founder(s) Headquarters Key people Products Website Private Telecommunication [1] 2005 Steve Zhu New Jersey. html [12] http:/ / www. com/ news_events/ theta_networks_manage_data_services_for_beijing_2008_olympic_games. com/ resources/ cross_session_inspection. thetanetworks. rl. subscriber management and security on mobile networks. (http:/ / investing.

com [1] Viaedge Software Technologies. . Corporate history Viaedge Software Technologies was founded in 2002. VLD directed traffic away from that server to other servers that could handle the load. Crescendo Networks. 75% of the Viaedge business was with ET 500 companies. KEMP Technologies. Add-on modules to VLD family of products offer email filtering and intelligent compression to allow for lower bandwidth and faster downloads in addition to load balancing and local traffic management capabilities. Armorlogic. .. India Key people Products Website MD: Phani Bhushan Networking www. Ltd. Maharashtra and has development and marketing offices PAN India.com) Viaedge Viaedge Software Technologies (I) Pvt.viaedge. was originally a network load balancer but today also offers other functionality such as access control and application security. Coyote Point Systems. the V-Load Director. which runs on top of Linux. It originally manufactured and sold load balancing products. Gartner cite the most significant competitors (in terms of market share) as Cisco Systems and Citrix Systems. It is headquartered in Mumbai.ThetaNetworks. Brocade. Products V-Load Director (VLD) Viaedge's VLD product is based on a network appliance (either virtual or physical). If a server went down or became overloaded. Barracuda Networks. In 2010. Viaedge offers products in various segments of the Application Delivery Controller market. Viaedge' flagship product. is a networking appliances company. which provide the VLD functionality. Type Industry Founded Private Limited company Technology 2002 Headquarters Mumbai.Theta Networks 55 External links • Company Site (http://www. Corporate focus is on networking gears. Array Networks. Other competitors include A10 Networks. This appliance can then run one or more product modules (depending on the appliance selected). Radware and Zeus Technology. Viaedge's first product was a Server load balancer called VLD.

which provide the VLD functionality.Viaedge 56 V-NetLink (VLLB) Viaedge's V-Netlink product is based on a network appliance (either virtual or physical). The previous platforms had two internal boards .[2] with approximate best-case throughput indicated: Model VLD 100 Advertised throughput 1 Gbit/s VLD Pro 4101 1 Gbit/s VLD Pro 4102 2 Gbit/s VLD Pro 4202 2 Gbit/s VLD Pro 4204 4 Gbit/s VLD Pro 4206 6 Gbit/s VLD Ent 5404 4 Gbit/s VLD Ent 5408 8 Gbit/s VLD Ent 5812 12 Gbit/s VLD Ent 5816 16 Gbit/s Model Throughput WAN Ports 2 2 3 4 6 8 10 12 Restricted Maximum Bandwidth 2 Mbps 4 Mbps 6 Mbps 10 Mbps 20 Mbps 45 Mbps 100 Mbps 500 Mbps LLB S-002 200 Mbps LLB S-004 200 Mbps LLB P-006 300 Mbps LLB P-010 2 Gbps LLB E-020 3 Gbps LLB E-045 4 Gbps LLB T-100 5 Gbps LLB T-500 6 Gbps . and hardware compression assistance. The full model line-up is as follows. This appliance can then run one or more product modules (depending on the appliance selected). and the hardware models internally use a single custom-fabricated system board. Hardware models include a front LCD panel for configuration and monitoring and a separate service processor for out-of-band management.a PC/server-type motherboard . Viaedge Appliances The current line of VLD & V-NetLink appliance was released between 2009 and 2010. The current hardware line-up uses Intel CPUs. Some models include hardware SSL acceleration for key exchanges and bulk encryption/decryption . which runs on top of Linux. but some previous models have included AMD Opteron CPUs.

A network design can achieve two major results by using packets: error detection and multiple host addressing. characters. External links • viaedge. is that some networks can break a larger packet into smaller packets when necessary (note that these smaller data elements are still formatted as packets). control information is found in packet headers and trailers.Viaedge Viaedge Product Modules • • • • V-Load Director : Local load balancing based on a full-proxy architecture. like Ethernet. NetLink: Inbound and outbound ISP load balancing. the packet is formatted in 8-bit bytes.com (http://www. WAN OptimiZation Module: A data centre symmetric WAN optimization solution. or bits alone. Typically.viaedge. and the data area is whatever the person puts inside the envelope. Other protocols. When data is formatted into packets. Retrieved 2010-08-17. such as traditional point-to-point telecommunications links. The control information provides data the network needs to deliver the user data. a packet is a formatted unit of data carried by a packet mode computer network. for example: source and destination addresses. . viaedge. com/ [2] "Viaedge Hardware Data Sheet" (http:/ / viaedge. Packet framing A packet consists of two kinds of data: control information and user data (also known as payload). error detection codes like checksums. the bitrate of the communication medium can be better shared among users than if the network were circuit switched.com/) Network packet In computer networking. and sequencing information. . 57 References [1] http:/ / www. establish the start of the header and data elements by their location relative to the start of the packet. By using packet switched networking it is also harder to guarantee a lowest possible bitrate. simply transmit data as a series of bytes. V-Application Delivery Controller: Global Server Load Balancing using DNS. and special characters are used to delimit the different elements. Different communications protocols use different conventions for distinguishing between the elements and for formatting the data. In Binary Synchronous Transmission. A good analogy is to consider a packet to be like a letter: the header is like the envelope. however. with user data in between. A difference. Computer communications links that do not support packets. Some protocols format the information at a bit level instead of a byte level. com/ solutions/ data-centre-solutions/ application-load-balancer).

For example. the developers of CYCLADES and of ALOHAnet demonstrated that it was possible to build an effective computer network without providing reliable packet transmission. inserted the address of the destination host computer. Packets vs. and this pushed responsibility for error detection onto the sending host in any case. This technology is called packet switching. 16 bits that contain an identification tag to help reconstruct the packet from several fragments. 2. whereas UDP and IP provide an unreliable one.g. a field to identify position of fragment within original packet . 5. that specifies if it's an IPv4 or IPv6 packet. This led to the development of the end-to-end principle. datagrams In general. and sent the message across the interface to its connected Interface Message Processor. while the term datagram is generally reserved for packets of an "unreliable" service. A host computer simply arranged the data in the correct packet format. Example: IP packets IP packets are composed of a header and payload. and a flag to state whether more fragments of a packet follow (MF: More Fragments) 7. like the ARPANET and the modern Internet. it provided a reliable packet delivery procedure to its connected hosts via its 1822 interface. 5 means 20 bytes). IP provides an unreliable service. If a network does not guarantee packet delivery. a series of packets sent from one host computer to another may follow different routes to reach the same destination. 16 bits that contain the length of the packet in bytes. which describes what priority the packet should have. 4.[1] A "reliable" service is one that notifies the user if delivery fails. which is one of the Internet's fundamental design assumptions. This lesson was later embraced by the designers of Ethernet.[1] When the ARPANET pioneered packet switching. 4 bits that contain the Internet Header Length which is the length of the header in multiples of 4 bytes (e. The IPv4 packet header consists of: 1. Host addressing Modern networks usually connect three or more host computers together. 13 bits that contain the fragment offset. it would send an error message back to the sending host. Meanwhile. Subsequent experience on the ARPANET indicated that the network itself could not reliably detect all packet delivery failures. then it becomes the host's responsibility to provide reliability by detecting and retransmitting lost packets. also referred to as Quality of Service (QoS). In complex networks constructed of multiple routing and switching nodes. 6. while an "unreliable" one does not notify the user if delivery fails. but UDP packets are generally called datagrams. in such cases the packet header generally contains addressing information so that the packet is received by the correct host computer. an acknowledgement was delivered to the sending host. the term packet applies to any message formatted as a packet.Network packet 58 Error detection It is more efficient and reliable to calculate a checksum or cyclic redundancy check over the contents of a packet than to check errors using character-by-character parity bit checking. The packet trailer often contains error checking data to detect errors that occur during transmission. 3 bits that contain a zero. 8 bits that contain the Type of Service. If the network could not deliver the message. TCP and IP provide a reliable service. Once the message was delivered to the destination host. Together. a flag that says whether the packet is allowed to be fragmented or not (DF: Don't fragment). 3. All these protocols use packets. 4 bits that contain the version.

There generally would be little to gain from attempting to use compressed data from a frame marked as undecodable.Network packet 8. 8 bits that contain the protocol (TCP. packet boundaries usually do not coincide with frame boundaries. an image or other data sent from a spacecraft instrument is transmitted using one or more packets. packet number. nonduplication of packets. • Even when the channel errors exceed the correction capability of the error-correcting code. which has its own header and trailer. can range up to 2048 bytes. total number of packets. of the seven layered OSI model. 9. it is possible to layer a transport protocol on top of the packet service that can provide such protection. 32 bits that contain the destination address. ranging from 7 to 65. which can change based on the protocol used. UDP.) 10. 59 Delivery not guaranteed Many networks do not provide guarantees of delivery. CCSDS packet definition A packet is a block of data with length that can vary between successive packets. • Packetized data is transmitted via frames. then the data that packet carries is added. Handling data loss Deleted undecodable whole frames are the principal type of data loss that affects compressed data sets. an IP packet is often carried as the payload inside an Ethernet frame. a number used in error detection. 8 bits that contain the Time to live (TTL) which is the number of hops (router.542 bytes. However. • Frames for which uncorrectable errors are detected are marked as undecodable and typically are deleted. However. TCP and UDP are the best examples of layer 4. the presence of errors nearly always is detected by the error-correcting code or by a separate error-detecting code.. the Transport Layer. 11. • Packet sizes are fixed during the development phase.g. and the sender's and receiver's IP addresses. The size of a frame. After those 160 bits. 16 bits that contain the Header Checksum. Under this standard. 12. the UDP protocol of the Internet. including frame header and control information. The header of a packet specifies the data type. Example: the NASA Deep Space Network The Consultative Committee for Space Data Systems (CCSDS) packet telemetry standard defines the protocol used for the transmission of spacecraft instrument data over the deep-space channel. ICMP. a packet with a TTL of 16 will be allowed to go across 16 routers to get to its destination before it is discarded). Telecom processing notes Data in a frame is typically protected from channel errors by error-correcting codes. computer or device along a network) the packet is allowed to pass before it dies (for example. . An IP packet has no trailer. The term frame is sometimes used to refer to a packet exactly as transmitted over the wire or radio. including the packet header. optional flags can be added of varied length. Because packet lengths are variable but frame lengths are fixed. e. etc. 32 bits that contain the source IP address. or in-order delivery of packets. which are fixed-length data blocks.

• Furthermore. a single bit error is often just as disruptive as many bit errors. which are the types of codes most likely to yield substantial fractions of bit errors throughout those frames that are undecodable. Video streams (0xE0-0xEF) Note: The above 4 bytes is called the 32 bit start code. but not misleading. Can be zero as in not specified for video streams in MPEG transport streams [2] [3] [4] [5] Size 3 bytes 0x000001 Description . long-blocklength error-correcting codes. The elementary stream is packetized by encapsulating sequential data bytes from the elementary stream inside PES packet headers.Network packet • When errors are present in a frame. the decompressor can base its reconstruction on incomplete. whereas in the case of detected erroneous frames.000 erroneous frames can escape detection. A typical method of transmitting elementary stream data from a video or audio encoder is to first create PES packets from the elementary stream data and then to encapsulate these PES packets inside an MPEG transport stream (TS) packets or an MPEG program stream (PS). • If an erroneous frame escapes detection. the bits of the subband pixels are already decoded before the first bit error will remain intact. frames with detected errors would be essentially unusable even if they were not deleted by the frame processor. The TS packets can then be multiplexed and transmitted using broadcasting techniques. Thus. • For frames coded by the CCSDS Reed–Solomon code. • Fortunately. fewer than 1 in 40. compressed data usually are protected by powerful. the decompressor will blindly use the frame data as if they were reliable. PES packet header Name Packet start code prefix Stream id 1 byte Examples: Audio streams (0xC0-0xDF).000. it is extremely rare for an erroneous frame to go undetected. data. In the case of private streams the first byte of the payload is the sub-stream number. • All frames not employing the Reed–Solomon code use a cyclic redundancy check (CRC) error-detecting code. 60 Example: Radio & TV Broadcasting MPEG packetized stream Packetized Elementary Stream (PES) is a specification defined by the MPEG communication protocol (see the MPEG-2 standard) that allows an elementary stream to be divided into packets. This data loss can be compensated for with the following mechanisms. but all subsequent decoded bits in the segment usually will be completely corrupted. PES Packet length Optional PES header Stuffing bytes Data 2 bytes variable length variable length See elementary stream. which has an undetected frame-error rate of less than 1 in 32. such as those used in an ATSC and DVB.

This means that the FM or AM regular mono sound carrier is left alone for reception by monaural receivers. The mode is auto-selected by the inclusion of a 3-bit type field in the data-stream • • • • One digital stereo sound channel. 10 = only PTS 10 binary or 0x2 hex 00 implies not scrambled Description 61 Marker bits Scrambling control Priority Data alignment indicator 1 Copyright Original or Copy PTS DTS indicator ESCR flag ES rate flag DSM trick mode flag Additional copy info flag CRC flag extension flag PES header length Optional fields Stuffing Bytes 1 1 2 1 1 1 1 1 1 8 variable length variable length gives the length of the remainder of the PES header presence is determined by flag bits above 0xff NICAM In order to provide mono "compatibility". The four other options could be implemented at a later date. the user can select which soundtrack to listen to when watching the content by operating a "sound-select" control on the receiver. Only the first two of the ones listed are known to be in general use however. the NICAM signal is transmitted on a subcarrier alongside the sound carrier. One digital mono sound channel and a 352 kbit/s data channel. or can transmit two or three entirely different sound streams. In this mode. NICAM packet transmission The NICAM packet (except for the header) is scrambled with a nine-bit pseudo-random bit-generator before transmission. • The topology of this pseudo-random generator yields a bitstream with a repetition period of 511 bits.Network packet Optional PES header Name Number of Bits 2 2 1 1 indicates that the PES packet header is immediately followed by the video start code or audio syncword 1 implies copyrighted 1 implies original 11 = both present. NICAM offers the following possibilities. Two completely different digital mono sound channels. This latter mode could be used to transmit audio in different languages. in a similar manner to that used for in-flight movies on international flights. . A NICAM-based stereo-TV infrastructure can transmit a stereo TV programme as well as the mono "compatibility" sound at the same time. One 704 kbit/s data channel.

that hold packets scheduled to go out on that interface. Recent Publications in Active Queue Management (AQM) schemes [1] Benefits of AQM Drop-tail queues have a tendency to penalise bursty flows. 1. Boston. PI) are self-tuning.[2] By providing endpoints with congestion indication before the queue is full. Active queue disciplines drop or mark packets before the queue is full. Active queue management In Internet routers. epo. and can be run with their default parameters in most or all circumstances. html?iAction=3& cc=EP& pn=1827030& ki=A2) [5] https:/ / publications. Queue management An Internet router typically maintains a set of queues. which reduces network latency ("ping time").Network packet • The pseudo-random generator's polynomial is: x^9 + x^4 + 1. dvb. such queues use a drop-tail discipline: a packet is put onto the queue if the queue is shorter than its maximum size (measured in packets or in bytes). 8. & Ross. org/ technology/ standards/ a001r7. Network+ Guide to Networks. Blue. they operate by maintaining one or more drop/mark probabilities. com/ EP1827030. jsp?PN=EP1827030%20EP%201827030& iDocId=6296342& iFormat=0 • Dean.Patent EP1827030 (http:/ / www. one per interface. european-patent-office. tm1214r30. html) [4] European publication server (http:/ / www. Making the NICAM bitstream look more like white noise is important because this reduces signal patterning on adjacent TV channels. Massachusetts: Thomson Course Technology. • The pseudo-random generator is initialized with: 111111111. and probabilistically dropping or marking packets even when the queue is short. Typically. active queue management (AQM) is a technique that consists in dropping or ECN-marking packets before a router's queue is full. Modern AQM disciplines (ARED. the result seems counter-intuitive to many network engineers: "Why should I drop perfectly good packets when I still have free buffer space?" . AQM disciplines are able to maintain a shorter queue length than drop-tail queues. 62 References [1] Kurose. freepatentsonline. This is necessary so as to aid in locking on to the NICAM data stream and resynchronisation of the data stream at the receiver. "Computer Networking: A Top-Down Approach" ISBN 0-321-49770-8 [2] http:/ / www. org/ patents/ patent-information/ european-patent-documents/ publication-server. v1. dTS101154. For AQM systems that drop packets (rather than using ECN marking). Keith W. AQM disciplines typically avoid both of these issues. and to cause global synchronisation between flows. (2007). org/ PublicationServer/ document. James F. pdf [3] Method and apparatus for changing codec to reproduce video and/or audio data streams encoded by different codecs within a channel . • The NICAM header is not subject to scrambling. Historically. Tamara (2006). Drawbacks of AQM Early AQM disciplines (notably RED and SRED) require careful tuning of their parameters in order to provide good performance. and dropped otherwise. By dropping packets probabilistically. • At the start of each NICAM packet the pseudo-random bit generator's shift-register is reset to all-ones.

It automatically calculate and record the average throughput of normal TCP flows before and after DoS attacks to facilitate the analysis of the impact of DoS attacks on normal TCP flows and AQM algorithms. 2010. pdf?attredirects=0). jsp?arnumber=5456075) [6] http:/ / sites. PI controller. Random early detection (RED). google. google. Random Exponential Marking (REM). etc. com/ site/ cwzhangres/ home/ files/ RREDRobustREDAlgorithmtoCounterLow-rateDenial-of-ServiceAttacks. pdf?attredirects=0 [5] Changwang Zhang. etc. Jianping Yin. 2009. vol. "Random Early Detection (RED) gateways for Congestion Avoidance" (http:/ / www. IEEE/ACM Transactions on Networking 1 (4): 397–413. Low-rate DoS. The AQM&DoS Simulation Platform [3] can simulate a variety of DoS attacks (Distributed DoS. Jianping Yin. 1790341) . pdf?attredirects=0). and Zhiping Cai. com/ site/ cwzhangres/ home/ files/ RSFBaResilientStochasticFairBluealgorithmagainstspoofingDDoSattacks. CHOKe. cfm?id=1789954.) and Active Queue Management (AQM) algorithms (RED. google. icir. Ref (http:/ / ieeexplore. and Weifeng Chen. Ref (http:/ / portal. pdf?attredirects=0 [7] Changwang Zhang.251892. . acm. IEEE Communications Letters. ieee. Jacobson. pp. Spoofing DoS. google. com/ site/ cwzhangres/ home/ files/ RSFBaResilientStochasticFairBluealgorithmagainstspoofingDDoSattacks. org/ floyd/ papers/ red/ red. doi:10. com/ site/ cwzhangres/ home/ files/ RREDRobustREDAlgorithmtoCounterLow-rateDenial-of-ServiceAttacks. com/ site/ cwzhangres/ home/ posts/ aqmdossimulationplatform [4] http:/ / sites. 489-491. Retrieved 2008-03-16. org/ citation. org/ xpl/ freeabs_all. Van (August 1993). com/ site/ cwzhangres/ home/ posts/ recentpublicationsinactivequeuemanagementaqmschemes [2] Floyd.).Active queue management 63 The Simulation and Analysis Platform for AQM algorithms An Active Queue Management and Denial-of-Service (AQM&DoS) Simulation Platform is established based on the NS-2 simulation code of the RRED algorithm. Zhiping Cai. google. RRED: Robust RED Algorithm to Counter Low-rate Denial-of-Service Attacks (http:/ / sites.More Details [3] AQM algorithms • • • • • • • Adaptive Virtual Queue (AVQ). SFB. RRED. [3] http:/ / sites. 14. google. html). Blue and Stochastic Fair Blue (SFB). RSFB: a Resilient Stochastic Fair Blue algorithm against spoofing DDoS attacks (http:/ / sites. Robust random early detection (RRED) [4][5] • RSFB [6]: a Resilient Stochastic Fair Blue algorithm against spoofing DDoS attacks [7] References [1] http:/ / sites. Sally. in International Symposium on Communication and Information Technology (ISCIT).1109/90.

Paul Baran


Paul Baran
Paul Baran


April 29, 1926 Grodno, Poland March 26, 2011 (aged 84) Palo Alto, California United States (Polish born) RAND Corporation UCLA, Drexel Institute of Technology, Philadelphia Packet Switching


Citizenship Institutions Alma mater Known for

Notable awards IEEE Alexander Graham Bell Medal, National Medal of Technology and Innovation, National Inventors Hall of Fame Spouse Evelyn Murphy Baran, PhD

Paul Baran (1926–2011) was a Polish American engineer who was a pioneer in the development of computer networks. He invented packet switching techniques, and went on to start several companies and develop other technologies that are an essential part of the Internet and other modern digital communication.

Early life
Paul Baran was born in Grodno, Poland (which is now in Belarus) on April 29, 1926.[1] [2] He was the youngest of three children in a Jewish family,[3] with the Yiddish given name "Pesach". His family moved to the United States on May 11, 1928,[4] settling in Boston and later in Philadelphia, where his father, Morris "Moshe" Baran (1884–1979), opened a grocery store. He graduated from Drexel University in 1949 (then called Drexel Institute of Technology), with a degree in electrical engineering. He then joined the Eckert-Mauchly Computer Company, where he did technical work on UNIVAC models, the first brand of commercial computers in the USA.[5] In 1955 he married Evelyn Murphy, moved to Los Angeles, and worked for Hughes Aircraft on radar systems. He obtained his Masters degree in engineering from UCLA in 1959, with advisor Gerald Estrin while taking night classes. His thesis was on character recognition.[1]

Packet switched network design
After joining the RAND Corporation that same year, Baran took on the task of designing a "survivable" communications system that could maintain communication between end points in the face of damage from nuclear weapons.[6] At the time of the Cold War, most American military communications used High Frequency connections which could be put out of action for many hours by a nuclear attack. Baran decided to automate RAND director Franklin R. Collbohm's previous work with emergency communication over conventional AM radio networks and

Paul Baran showed that a distributed relay node architecture could be survivable. The Rome Air Development Center soon showed that the idea was practicable.[7] Using the mini-computer technology of the day, Baran and his team developed a simulation suite to test basic connectivity of an array of nodes with varying degrees of linking. That is, a network of n-ary degree of connectivity would have n links per node. The simulation randomly 'killed' nodes and subsequently tested the percentage of nodes who remained connected. The result of the simulation revealed that networks where n ≥ 3 had a significant increase in resilience against even as much as 50% node loss. Baran's insight gained from the simulation was that redundancy was the key.[8] His first work was published a RAND report in 1960,[9] with more papers generalizing the techniques in the next two years.[10] After proving survivability Baran and his team needed to show proof of concept for this design such that it could be built. This involved high level schematics detailing the operation, construction and cost of all the components required to construct a network that leveraged this new insight of redundant links. The result of this was one of the first store-and-forward data layer switching protocols, a link-state/distance vector routing protocol, and an unproved connection-oriented transport protocol. Explicit detail of these designs can be found in the complete series of reports "On Distributed Communications", published by RAND in 1964.[11] The design flew in the face of telephony design of the time, placing inexpensive and unreliable nodes at the center of the network, and more intelligent terminating 'multiplexer' devices at the endpoints. In Baran's words, unlike the telephone company's equipment, his design didn't require expensive "gold plated" components to be reliable.


Selling the idea
After the publication of "On Distributed Communications'", Paul Baran presented the findings of his team to a number of audiences, including AT&T engineers (not to be confused with Bell labs engineers, who at the time provided Paul Baran with the specifications for the first generation of T1 circuit which he used as the links in his network design proposal). In subsequent interviews Baran mentions how his idea of non-dedicated physical circuits for voice communications were scoffed at by the AT&T engineers who at times claimed that Baran simply did not understand how voice telecommunication worked.[12] Leonard Kleinrock developed a theoretical basis for the operation of packet networks in his Ph.D. thesis in 1961. Baran used the term "message blocks" for his units of communication. Donald Davies at the National Physical Laboratory in the United Kingdom was the first to use the term "packet switching" in 1965, and apply the concept to a general-purpose computer network. Davies' key observation was that computer network traffic was inherently "bursty" with periods of silence, compared with relatively constant telephone traffic.[1] [13] In 1969 when the US Defense Advanced Research Projects Agency (ARPA) was developing the idea of an inter-networked set of terminals to share computing resources, among the number of reference materials considered was Baran and the RAND Corporation's "On Distributed Communications" volumes.[1] The resiliency of a packet switched network that uses link-state routing protocols used on the Internet stems in some part from the research to develop a network that could survive a nuclear attack.[1] [14]

Later work
In 1968 Baran was a founder of the Institute for the Future, and then involved in other networking technologies developed in Silicon Valley. He was involved in the origin of the packet voice technology developed by StrataCom at its predecessor, Packet Technologies. This technology led to the first commercial pre-standard Asynchronous Transfer Mode product. He was also involved with the discrete multitone modem technology developed by Telebit, which was one of the roots of Orthogonal frequency-division multiplexing which is used in DSL modems. In 1985, Paul Baran founded Metricom, the first wireless Internet company, which deployed Ricochet,[2] the first public wireless mesh networking system. He also founded Com21, an early cable modem company.[5] Following Com21, Baran founded and was president of GoBackTV, which specializes in personal TV and cable IPTV infrastructure

Paul Baran equipment for television operators.[15] Most recently he founded Plaster Networks, providing an advanced solution for connecting networked devices in the home or small office through existing wiring.[16] Baran extended his work in packet switching to wireless-spectrum theory, developing what he called "kindergarten rules" for the use of wireless spectrum.[17] In addition to his innovation in networking products, he is also credited with inventing the first metal detector, a doorway gun detector.[5] [18] He received an honorary doctorate when he gave the commencement speech at Drexel in 1997.[19]


Baran died in Palo Alto, California at the age of 84 on March 26, 2011,[1] [20] due to complications from lung cancer.[14] Upon his death James Thomson, the president of RAND stated that "Our world is a better place for the technologies Paul Baran invented and developed, and also because of his consistent concern with appropriate public policies for their use."[20] One of the fathers of the internet, Vinton Cerf, stated that "Paul wasn't afraid to go in directions counter to what everyone else thought was the right or only thing to do."[14] According to Paul Saffo, Baran also believed that innovation was a "team process" and he didn't seek credit for himself.[18] On hearing news of his death, Robert Kahn, co-inventor of the Internet, said: "Paul was one of the finest gentlemen I ever met and creative to the very end."

Awards and honors
• • • • • • • • IEEE Alexander Graham Bell Medal (1990)[21] Marconi Prize (1991) Nippon Electronics Corporation C&C Prize (1996) Bower Award and Prize for Achievement in Science (2001)[5] Fellow of the American Academy of Arts and Sciences (2003)[22] National Inventors Hall of Fame (2007) National Medal of Technology and Innovation (2007)[23] UCLA Engineering Alumnus of the Year (2009)[24]

[1] Katie Hafner (March 27, 2011). "Paul Baran, Internet Pioneer, Dies at 84" (http:/ / www. nytimes. com/ 2011/ 03/ 28/ technology/ 28baran. html). The New York Times. . [2] Nathan Brewer; et al (March 28, 2011). "Paul Baran" (http:/ / www. ieeeghn. org/ wiki/ index. php/ Paul_Baran). IEEE Global History Network. New York: IEEE. . Retrieved March 28, 2011. [3] Georgi Dalakov. "Paul Baran" (http:/ / history-computer. com/ Internet/ Birth/ Baran. html). History of Computers web site. . Retrieved March 31, 2011. [4] David Ira Snyder (August 4, 2009). "Morris "Moshe" Baran (1884 - 1979)" (http:/ / www. geni. com/ people/ Morris-Moshe-Baran/ 6000000005033975818). Genealogy of the Baran family. Geni.com web site. . Retrieved March 29, 2011. [5] "Paul Baran - Franklin Laureate Database" (http:/ / www. fi. edu/ winners/ 2001/ baran_paul. faw?winner_id=2272). The Franklin Institute Awards - Laureate Database. Philadelphia, PA: The Franklin Institute. . Retrieved March 29, 2011. [6] "Internet pioneer Paul Baran passes away" (http:/ / www. bbc. co. uk/ news/ technology-12879908). BBC News. March 28, 2011. . Retrieved March 28, 2011. [7] Brand, Stewart (March 2001). "Founding Father" (http:/ / www. wired. com/ wired/ archive/ 9. 03/ baran. html). Wired (New York: Condé Nast Digital) 9 (3). ISSN 1059-1028. OCLC 433726773. . Retrieved March 27, 2011. "Paul Baran conceived the Internet's architecture at the height of the Cold War. Forty years later, he says the Net's biggest threat wasn't the USSR—it was the phone company". Stewart Brand's interviews Paul Baran about his work at RAND on survivable networks. [8] "Paul Baran and the Origins of the Internet" (http:/ / www. rand. org/ about/ history/ baran. list. html). RAND corporation. . Retrieved March 29, 2011. [9] Paul Baran (1960). "Reliable Digital Communications Systems Using Unreliable Network Repeater Nodes" (http:/ / www. rand. org/ pubs/ papers/ P1995. html). RAND Corporation papers, document P-1995. . Retrieved March 29, 2011.

jsp). edu/ newsroom/ featured-news/ archive/ 2011/ in-memoriam-paul-baran-ms-201959). www. 1994). [22] "Book of Members. Retrieved March 28.ssrn. . Present.livinginternet. CO: University of Colorado. . . Retrieved March 29. html) on June 15. com/ Internet/ Birth/ Davis. 2011. . • O'Neill. rand. 2011. zdnet. "Opportunity Lies In Ideas. rand. "On Distributed Communications" (http:/ / replay. EFF "GII . php). latimes. 2011. January 7.pgs/leadstory. 2010. [12] "Internet Architect Paul Baran Dies at 84" (http:/ / www.cbi. Paul (November 9. CBI'S COLLECTIONS > Oral history database (http://www. "Keynote Talk Transcript. 2005). [14] "Internet pioneer Paul Baran passes away" (http:/ / www. plasternetworks. [20] "Packet switching inventor Paul Baran dies aged 84" (http:/ / www. ISSN 1543-8899. com/ 1997-06-15/ news/ 25524943_1_constantine-papadakis-paul-baran-graduation-ceremony). Retrieved March 29. History of Computers web site. . org/ publications/ BookofMembers/ ChapterB. 2011.livinginternet. [18] Jessica Guynn (March 29. CA: Electronic Frontier Foundation. MN: Charles Babbage Institute. 2011. [16] "About Plaster Networks" (http:/ / www. American Academy of Arts and Sciences. Retrieved March 29. org/ 20060615000308/ http:/ / www. 1780-2010: Chapter B" (http:/ / www. 2011. . 2011. waybackmachine. [11] Paul Baran et al. p. • Ryan. com/ about. Retrieved March 31. and the writing and distribution of his eleven-volume work. 2011. gov/ about/ nmti/ recipients/ 2007. Retrieved March 31. . com/sol3/Delivery. . [24] "In Memoriam: Paul Baran MS ’59" (http:/ / www. 1997). He Received An Honorary Doctorate" (http:/ / articles.com (http://www. rand. 2011. com/ company-management.NII . 2011. William Stewart. March 29. org/ pubs/ papers/ P2626. document P-2626. 2011. 2011). The Inquirer (Philadelphia). 2006. Retrieved March 31.phtml?id=110). . "On Distributed Communications Networks" (http:/ / www.umn. [23] "The National Medal of Technology and Innovation 2007 Laureates" (http:/ / www.cbi. [17] Barran. 2011.pdf?abstractid=732483&mirid=5) (PDF).edu/oh/ display.cfm/SSRN_ID732483_code355448. • "Convergence: Past. UCLA Engineering web site. Boulder. Archived from the original (http:/ / www. [13] Georgi Dalakov. org/ Infrastructure/ Wireless_cellular_radio/ false_scarcity_baran_cngn94. This describes Paul Baran's development of packet switching and its application to wireless computing. Wired. com/ news/ obituaries/ la-me-paul-baran-20110329. . . Baran discusses his interaction with the group at ARPA who were responsible for the later development of the ARPANET. (1964). pdf). html). engineer. his initial interest in survivable communications. CO: Cable Television Laboratories. 8th Annual Conference on Next Generation Networks Washington. eff. Engineer Tells Drexel Grads Paul Baran. Retrieved March 31. org/ about/ history/ baran-list. 2011.umn. 2. A 44-page transcript in which Baran describes his working environment at RAND. [15] "Management Team" (http:/ / www. ucla.com/).com/news/newsletter/SPECS/JanFeb_SPECSTECH/tech.0. Retrieved March 29. Silicon Flatirons Telecommunications Program (http://www. [19] Nita Lelyveld (June 15.html) Louisville. org/ documents/ bell_rl. ZDNet UK. Retrieved March 29. "Paul Baran dies at 84.Paul Baran [10] Paul Baran (1962). Rand. 2011. Retrieved May 17.Wireless/Cellular/Radio" Archive (http:/ / w2. gobacktv. html). uk/ news/ technology-12879908). Retrieved March 31. html). cablelabs. Judy E. "Donald Davies" (http:/ / history-computer. Retrieved March 29. "the Grandfather Of The Internet" Spoke At His Alma Mater. IEEE. Retrieved March 29. The United States Patent and Trademark Office. Minneapolis.php)) 3 (2): 239–274. uspto.com/i/ii_rand. inventor helped lay foundation for Internet" (http:/ / www. 2011. Plaster Networks web site. 2011. eff. org/ about/ history/ baran-list. Inc February 1999. transcript). . 2011. OCLC 66137086. On Distributed Communications. Retrieved March 31. bbc. "SSRN-Wireless Communications and Computing at a Crossroads: New Paradigms and Their Impact on Theories Governing the Public's Right to Spectrum Access" (http://papers. Los Angeles Times. [21] "IEEE Alexander Graham Bell Medal Recipients" (http:/ / www.edu/oh/index. story). org/ Infrastructure/ Wireless_cellular_radio/ ). . March 28. 2011. Journal on Telecommunications & High Technology Law (Boulder. BBC. School of Law. 2011 A transcript of Baran's keynote . the evolution of his plan for distributed networks. Retrieved March 29.silicon-flatirons. (March 5. January 17. 1990). RAND Corporation papers. phtml). and Future: Paul Baran Addresses CableLabs® Winter Conference" (http://www. 67 External links • "Paul Baran Invents Packet Switching" (http://www. pdf). com/ epicenter/ 2011/ 03/ internet-architect-paul-baran-dies-at-84/ ). March 28. philly. co. 2011. Retrieved March 29.livinginternet. 2011.htm). DC" (http:/ / w2.org/index. amacad. . the objections he received. . 2011. html). Retrieved March 29. "Oral history interview with Paul Baran" (http://www. goBackTV web site. wired. ieee. San Francisco. uk/ news/ business-of-it/ 2011/ 03/ 29/ packet-switching-inventor-paul-baran-dies-aged-84-40092315/ ). Patrick S.4562265. (June 1. co.

org/pioneers/baran. George (June 2. including FreeBSD and WinPcap. Archived from the original (http://www. 2005. Framingham. BPF is sometimes used to refer just to the filtering mechanism. 1997). they did not explain or acknowledge the mistake. 2011. "Paul Baran. and compare the results against constants or against data in the packet or test bits in the results. SCO Group publicly claimed to own Unix code which they alleged the Linux kernel infringed. November 6. Retrieved April 8. so that. In August 2003. Inc. including those that will be filtered out. perform arithmetic operations on data from the packet.org/).com/news/2011/032811-paul-baran-packet-switching-obit.html) on April 10.org/ pioneers/) at ibiblio. with some wrapping them in macros such as BPF_MTAP() and BPF_TAP(). so that all packets on the network. a raw interface to data link layers.html). it supports "filtering" packets. "Inventing the Internet Again" (http://www.com/Switching/gilder. BPF's filtering capabilities are implemented as an interpreter for a machine language for the BPF virtual machine. packets can be filtered in user mode. A user-mode interpreter for it is provided with the libpcap/WinPcap implementation of the pcap application programming interface (API). all packets. permitting raw link-layer packets to be sent and received. Internet and packet switching pioneer. it allows the interface to be put into that mode. on systems where the filtering is done in user mode. • Gilder. OCLC 173437996. Bob (March 27.ibiblio. • Brown.Paul Baran address at the Countdown to Technology 2000 Winter Conference that includes a photo. That interpreter can also be used when reading a file containing packets captured using pcap.gilder. Chapel Hill.edu/) and the School of Journalism and Mass Communication at the University of North Carolina at Chapel Hill. . on some Unix-like systems. ISSN 1078-9901.ibiblio. which are called by network interface drivers (and pseudo-drivers) to deliver incoming and outgoing packets to the BPF mechanism. html).com/public/telecosm_series/inventing. Retrieved April 2. Forbes ASAP (New York: Forbes) 159 (11): 106–120.unc. "Baran credited with inventing packet switching in 1960s against military backdrop" • "Paul Baran" (http://www. when capturing packets on systems without kernel-mode support for that filtering mechanism. can be received. rather than to the entire interface. reducing the CPU requirement to capture packets and the buffer space required to avoid dropping packets. so that only "interesting" packets can be supplied to the software using BPF. In addition.org (http://www. just-in-time compilation is used to convert virtual machine instructions into native code in order to further avoid overhead. MA: Network World. although legal action is ongoing that may eventually force an answer. if the driver for the network interface supports promiscuous mode. although. Retrieved April 2. While clear that SCO did not own the BPF code. 2006. 68 Berkeley Packet Filter The Berkeley Packet Filter or BPF provides. 2011. Programmers quickly discovered the code in question was the Berkeley Packet Filter. programs in that language can fetch data from the packet. networkworld.privateline. accepting or rejecting the packet based on the results of those tests. On some platforms. and for socket filters in Linux and in the WinPcap packet capture mechanism. code using the pcap API will work on both types of systems. 2011. NC: School of Information and Library Science (http://sils. even those destined for other hosts.html). such as Tru64 Unix. BSD kernels implement routines such as bpf_mtap() and bpf_tap(). Kernel-mode interpreters for that same virtual machine language are used in raw data link layer mechanisms in other operating systems. In addition. is mourned" (http://www. Internet Pioneers (http://www. this can avoid copying "uninteresting" packets from the operating system kernel to software running in user mode. 2011). are copied from the kernel to user space.ibiblio.

org/ ~robert/ freebsd/ 2007asiabsdcon/ 20070309-devsummit-zerocopybpf. including description of zero-copy BPF buffers [3] bpfc. traffic destined for such addresses is often just dropped. this preserves the independence of different BPF device consumers. and can only be detected by monitoring the lost traffic. org/ Black hole (networking) In networking. hence the name. When examining the topology of the network. Even though TCP/IP provides means of communicating the delivery failure back to the sender via ICMP. Dead addresses The most common form of black hole is simply an IP address that specifies a host machine that is not running or an address to which no host has been assigned. watson. . tcpdump. allowing kernel packet capture in the device driver interrupt handler to write directly to user process memory in order to avoid the requirement for two copies for all packet data received via the BPF device. without informing the source that the data did not reach its intended recipient. resulting in small or large "black holes" in the network. pdf [3] http:/ / www.x BPF(4) man page. While one copy remains in the receipt path for user processes. often dynamically to respond quickly to distributed denial-of-service attacks. Robert Watson and Christian Peron added zero-copy buffer extensions to the BPF implementation in the FreeBSD operating system. as well as allowing the packing of headers into the BPF buffer rather than copying complete packet data. org/ papers/ bpf-usenix93. pdf [2] http:/ / www. FreeBSD. Firewalls and "stealth" ports Most firewalls can be configured to silently discard packets addressed to forbidden hosts or ports. cgi?query=bpf& apropos=0& sektion=0& manpath=FreeBSD+ 8-current& format=html [4] http:/ / netsniff-ng. Black hole filtering Black hole filtering refers specifically to dropping packets at the routing level. usually using a routing protocol to implement the filtering on several routers at once. black holes refer to places in the network where incoming traffic is silently discarded (or "dropped").Berkeley Packet Filter In 2007. 69 External links • • • • 1993 USENIX paper that describes BPF [1] (PDF) FreeBSD Developer Summit presentation describing Zero-copy BPF [2] (PDF) FreeBSD 8. org/ cgi/ man. the black holes themselves are invisible. a BPF compiler for Linux (part of netsniff-ng) [4] References [1] http:/ / www.

These addresses are often used as return addresses for automated e-mails. and drops/marks packets with probability p as they enter the queue. . a single aggressive flow can push out of the queue packets belonging to other.Black hole (networking) 70 PMTUD black holes Some firewalls incorrectly discard all ICMP packets. which it shares with most single-queue queueing disciplines. Stochastic Fair Blue (SFB)[2] is a stochastically fair variant of Blue which hashes flows and maintains a different mark/drop probability for each hash value. Therefore. Stochastic Fair Blue The main flaw of Blue. edu/ http:/ / safewireless. net/ http:/ / blog. and whenever the queue is empty. SFB is only stochastically fair. External links • • • • Remotely triggered black hole filtering (Cisco Systems) [1] University of Washington blackhole monitor/lookup system (link doesn't work) [2] Tools for detecting a blackhole attack in an ad hoc wireless network [3] Remote Triggered Black Hole Filtering [4] References [1] [2] [3] [4] http:/ / www. Black hole e-mail addresses A black hole e-mail address is an e-mail address which is valid (messages sent to it will not generate errors). and treats all flows as a single aggregate. p is increased by a small constant pd. such as SFQ. Assuming no hash collisions. better behaved. Assuming the mix of traffic on the interface doesn't change. which dramatically reduces its storage requirements when the number of flows is large. In the presence of hash collisions. cisco. is that it doesn't distinguish between flows. p will slowly converge to a value that keeps the queue within its bounds with full link utilisation. cs. washington. SFB is able to provide a fair share of buffer space for every flow. sourceforge. including the ones needed for Path MTU discovery to work correctly. flows. it requires little or no tuning on the part of the network administrator. Whenever the queue overflows. but to which all messages sent are automatically deleted. it operates by randomly dropping or ECN-marking packets in a router's queue before it overflows. Operation of Blue A Blue queue maintains a drop/mark probability p. Unlike other stochastically fair queuing disciplines. p is decreased by a constant pi<pd. Unlike RED. com/ warp/ public/ 732/ Tech/ security/ docs/ blackhole. and never stored or seen by humans. however. ipexpert. com/ 2010/ 11/ 24/ remote-triggered-black-hole-filtering/ Blue (queue management algorithm) Blue[1] is an Active Queue Management algorithm. This causes TCP connections from/to hosts with a lower MTU to hang. Like RED. SFB can be implemented using a Bloom filter rather than a hash table. pdf http:/ / hubble.

An implementation of SFB for Linux[4] has been included in Linux since version 2. Shin (April 1999). RSFB: a Resilient Stochastic Fair Blue algorithm against spoofing DDoS attacks (http:/ / sites. Michigan Computer Science Technical Report (CSE–TR–387–99). pdf?attredirects=0). • An implementation of SFB for the Linux kernel (http://www.thefengs. Dilip D. org/ citation. including the fairness-aimed ones. 2009. "BLUE: A New Class of Active Queue Management Algorithms" (http:/ / www. fr/ ~jch/ software/ sfb/ ) External links • Wu-chang Feng's page about Blue and SFB (http://www. in International Symposium on Communication and Information Technology (ISCIT). the alternative AQM framework for BSD Unix. Debanjan Saha. Jianping Yin. An implementation of SFB for the Linux kernel (http:/ / www.jussieu.2001. acm. pps. . INFOCOM 2001 3: 1520–1529. and Zhiping Cai. retrieved 2010-01-02 [3] Changwang Zhang. the flow has been shown to not react to congestion indications from the network. umich. Shin (April 2001). jussieu. are notably vulnerable to spoofing Distributed Denial-of-Service (DDoS) attacks. A Resilient Stochastic Fair Blue (RSFB) algorithm was proposed against spoofing DDoS attacks.Blue (queue management algorithm) When a flow's drop/mark probability reaches 1. Kang G.6. Dilip D. and rate-limited.fr/~jch/software/sfb/). Kandlur. References [1] Wu-chang Feng. doi:10. U. Kang G. edu/ techreports/ cse/ 99/ CSE-TR-387-99. retrieved 2010-12-22 [2] Wu-Chang Feng. Kandlur.com/wuchang/blue/).1109/INFCOM. com/ site/ cwzhangres/ home/ files/ RSFBaResilientStochasticFairBluealgorithmagainstspoofingDDoSattacks. . PDF).pps. Proc. . 71 Resilient Stochastic Fair Blue (RSFB [6]) The existing Active Queue Management (AQM) algorithms. The basic idea behind RSFB is to record the responsive normal TCP flows and rescue their dropped packets. Debanjan Saha. thefengs. eecs. pdf). google. com/ wuchang/ blue/ 41_2. Such an inelastic flow is put in a "penalty box". cfm?id=1789954. "Stochastic Fair Blue: an algorithm for enforcing fairness" (http:/ / www. Ref (http:/ / portal.39. [3] Implementations An implementation of Blue is part of ALTQ.916648. RSFB algorithm is effective in preserving the TCP throughput in the presence of spoofing DDoS attacks. 1790341) [4] Juliusz Chroboczek.

the scope of the broadcast is limited to a broadcast domain. for example broadcasting on Ethernet.Broadcasting (computing) 72 Broadcasting (computing) In telecommunication and information theory. broadcasting refers to a method of transferring a message to all recipients simultaneously. . or it may be a low level networking operation. In practice. for example broadcasting Message Passing Interface. Broadcasting can be performed as a high level operation in a program. broadcasting refers to transmitting a packet that will be received by every device on the network[1] . Overview Routing schemes anycast broadcast multicast unicast geocast In computer networking. Broadcast a message is in contrast to unicast addressing in which a host sends datagrams to another single host identified by a unique IP address.

IPv6 also does not implement the broadcast method to prevent disturbing all nodes in a network when only a few may be interested in a particular service.com/EBchecked/topic/80540/ broadcast-network) • Network Broadcasting and Multicast (http://www.britannica. Taking all customer interaction into account. 73 References [1] Andrew Tanenbaum (2003). 2) Balance management 3) Business rule engine or Business Control engine 4) Dynamic real-time execution and provisioning 5) On-line charging and rating. In the emerging fields of service over the Internet Protocol (IP). content) and all sources (telecommunications networks. p. 368. Broadcasting is largely confined to local area network (LAN) technologies. Both Ethernet and IPv4 use an all-ones broadcast address to indicate a broadcast packet. Broadcasting may be abused to perform a DoS-attack. where the performance impact of broadcasting is not as large as it would be in a wide area network. from all services (voice. However. data. External links • Encyclopedia Britannica entry broadcast network (http://www. customer-recognition. in order to improve operators' transaction revenue and at the same time. customer-premises equipment. Computer Networks. most notably Ethernet and token ring.org/independent/networking/guide/ netbroadcasting. The attacker sends fake ping request with the source IP-address of the victim computer. Network Business Control allows service providers to • Inject business sense into the network . neither X. at customer level. Instead it relies on multicast addressing a conceptually similar one-to-many routing methodology. nor is there any form of Internet-wide broadcast. multicasting limits the pool of receivers to those that join a specific multicast receiver group. and hierarchies to the OSS layer. customer experience. It allows providers to address customer service plans from a holistic business perspective bringing state-of-the-art capabilities like bundling. Token Ring uses a special value in the IEEE 802.comptechdoc.Each customer interaction should be analyzed and handled from a business standpoint rather than from just the simple network management or charging perspectives. IP Multimedia Subsystem (IMS). The victim computer is flooded by the replies from all computers in the domain.html) Business Control Layer Business Control Layer (BCL) is a software layer in the provider's infrastructure residing between the network/OSS and the BSS. etc.25 nor frame relay have broadcast capability.2 control field. ISBN 0130661023.) the business control layer is capable of dynamically adapting network or service behavior. Business control layer key functions include: 1) Ability to simultaneously collect events from any source. and Packet Cable Multi-Media (PCMM) the need for real-time network changes continues to grow. The successor to Internet Protocol Version 4 (IPv4).Broadcasting (computing) Not all network technologies support broadcast addressing. . for example.

Cisco Systems "Bridging the Infrastructure Gap: the Importance of Service Control in Broadband Networks" [4]. Allot Communications "Bandwidth Management enables IP Service Optimization" [3]. telenet. page http:/ / www. com/ . allot. fts-soft.Integrates with operator legacy billing system or as a full billing for the IP services replacing the existing. aradial.g. org/ xpls/ abs_all. • Deployments . Download a movie. • Example of applications: Boots an internet connection for a limited time. com/ html/ products_netenforcer. 2.g. NV is the first company to deploy such a solution in their network. References [1] [2] [3] [4] [5] http:/ / www. Reengineering Legacy Application to E-Business with a modified rational unified process [5] 4.Business Control Layer • Analyse and monitor of customer-consumed services . • Real-time control for IP sessions and events . Retrieved 2006-08-24. This solution is the underlying network intelligence behind their Broadband service and their TeleMeter [1] (in Dutch). Telenet. shtml http:/ / ieeexplore.IP services should be managed in real time. cisco. charge for P2P. Retrieved 2006-08-24. charge for VOIP traffic. allowing providers to interact with the network during active sessions. ieee. jsp?arnumber=1192421 [6] http:/ / www. with online responses (provisioning) based on customer or operator-defined business rules. The technology underlying these 74 services are built upon the Cisco SCE DPI device and the FTS Leap Business Control Engine BCE) [2] .Aradial Radius & Policy servers [6]. E. shtm http:/ / www. 3. Aradial Technologies . Sources 1. Charging for IP services .Providers should be able to analyze.FTS Software. record and charge for IP services. • Dynamically detecting and charging for IP services. placing value on every aspect of their service plan so that their services satisfy customers needs. com/ http:/ / www. Changing dynamically the bandwidth for a customer when reaching monetary values. be/ nl/ klantendienst/ klantendienst_thuis/ internet/ topvragen/ telemeter. com/ en/ US/ products/ ps6151/ products_white_paper0900aecd801d8a83.E.

when the Internet Protocol replaced earlier protocols on the ARPANET. Proceedings of EUROCOMP. edu/ in-notes/ ien/ ien48. Bronel University.[2] a pioneer in packet-switching technology and founder of the CYCLADES network. pp. V. Catenet was the concept of linking these networks into a network of networks with specifications for compatibility of addressing and routing. . July 1978 [2] A Proposal for Interconnecting Packet Switching Networks. L. DARPA Information Processing Techniques Office. at a time when network meant what is now called a local area network. internet (lower-case i).[1] The term was coined by Louis Pouzin. IEN 48. isi. Chernobyl packet A Chernobyl packet is a network packet that induces a broadcast storm or some other kind of "network meltdown". The typical scenario involves an IP Ethernet datagram that passes through a gateway with both source and destination Ether and IP address set as the respective broadcast addresses for the subnetworks being gated between. May 1974. The term was named after the April 1986 nuclear accident at Chernobyl. Pouzin. txt The Catenet Model for internetworking. The term catenet was gradually displaced by the short-form of the term internetwork. 1023-36. References [1] http:/ / www.Catenet 75 Catenet Catenet is an obsolete term for a system of packet-switched communication networks interconnected via gateways. Cerf.

FIN. nastygram or a lamp test segment. Some stateless firewalls only check against security policy those packets which have the SYN flag set (that is. they can pass through these simple systems and reach the target host. By observing how a host responds to an odd packet. Christmas tree packets are always suspicious and indicate a high probability of network reconnaissance activities. Versions of Microsoft Windows. Many operating systems implement their compliance with the Internet Protocol standard (RFC 791) in varying or incomplete ways. HP-UX. org/ nmap/ man/ man-port-scanning-techniques. html . Christmas tree packets can be easily detected by intrusion-detection systems or more advanced firewalls. External links • Nmap documentation [1] References [1] http:/ / insecure. A large number of Christmas tree packets can also be used to conduct a DoS attack by exploiting the fact that Christmas tree packets require much more processing by routers and end-hosts than the 'usual' packets do. Cisco IOS. the TCP header of a Christmas tree packets has the flags SYN. as in. Since Christmas tree scan packets do not have the SYN flag turned on. The term derives from a fanciful image of each little option bit in a header being represented by a different-colored light bulb. Christmas tree packets can be used as a method of divining the underlying nature of a TCP/IP stack by sending the packets and awaiting and analyzing the responses. packets that initiate connection according to the standards).Christmas tree packet 76 Christmas tree packet In information technology." It can also be known as a kamikaze packet. When used as part of scanning a system. From a network security point of view. assumptions can be made regarding the host's operating system. MVS. and IRIX display behaviors that differ from the RFC standard when queried with said packets. a Christmas tree packet is a packet with every single option set for whatever protocol is in use. "the packet was lit up like a Christmas tree. BSD/OS. URG and PSH set. such as a Christmas tree packet. all turned on.

CEF consists of two key components: The Forwarding Information Base (FIB) and adjacencies. • Drop adjacency: Packets pointing to this entry are dropped. but without layer 2 information. There are five types of adjacencies: • Null adjacency: Handles packets destined to a NULL interface. CEF currently supports Ethernet. ATM. • Punt adjacency: Deals with packets that require special handling or can not be switched by CEF. Function CEF is mainly used to increase packet switching speed by reducing the overhead and delays introduced by other routing techniques. This avoids the need for querying the main processor or routing table in order to get the next-hop information. tunnels. The FIB is similar to the routing table generated by multiple routing protocols. cisco. shtml . and Cisco HDLC. • Glean adjacency: Handles packets destined for currently attached hosts. Packets with FIB entries pointing to NULL adjacencies will normally be dropped. but the prefix will be checked. avoiding the need for an ARP request for each table lookup. cisco. where there is a FIB table on each of the line cards. like packets sent to the router itself. maintaining only the next-hop address for a particular IP-route. Frame Relay.Cisco Express Forwarding 77 Cisco Express Forwarding Cisco Express Forwarding (CEF) is an advanced layer 3 switching technology used mainly in large core networks or the Internet to enhance the overall network performance. FDDI. External links • CEF (Cisco Express Forwarding) site [1] • Choosing the best routing switching path [2] References [1] http:/ / www. In order to take full advantage of CEF. com/ en/ US/ tech/ tk827/ tk831/ technologies_white_paper09186a00800a62d9. it is recommended to use distributed CEF (dCEF). com/ en/ US/ docs/ ios/ 12_1/ switch/ configuration/ guide/ xcdcef. • Discard adjacency: FIB entries pointing to this type of adjacency will be discarded. PPP. Such packets are forwarded to the next switching layer (generally fast switching) where they can be forwarded correctly. fast switching will be performed on the line card itself. Instead. html [2] http:/ / www. The adjacency maintains layer 2 or switching information linked to a particular FIB entry.

Without CBAC. (In other words.Context-based access control 78 Context-based access control Context-based access control (CBAC) intelligently filters TCP and UDP packets based on application layer protocol session information and can be used for intranets. extranets and internets. CBAC does the deep packet inspection and hence it is termed to be a IOS Firewall. This allows support of protocols that involve multiple channels created as a result of negotiations in the FTP control channel. CBAC also provides the following benefits: • Denial-of-Service prevention and detection • Real-time alerts and audit trails . traffic filtering is limited to access list implementations that examine packets at the network layer. while this example discusses inspecting traffic for sessions that originate from the external network.) However. CBAC inspects traffic that travels through the firewall to discover and manage state information for TCP and UDP sessions. CBAC examines not only network layer and transport layer information but also examines the application-layer protocol information (such as FTP connection information) to learn about the state of the TCP or UDP session. the transport layer. CBAC can be configured to permit specified TCP and UDP traffic through a firewall only when the connection is initiated from within the network needing protection. This is the basic function of a stateful inspection firewall. RPC. CBAC can inspect traffic for sessions that originate from either side of the firewall. This state information is used to create temporary openings in the firewall's access lists to allow return traffic and additional data connections for permissible sessions (sessions that originated from within the protected internal network). Most of the multimedia protocols as well as some other protocols (such as FTP. and SQL*Net) involve multiple control channels. CBAC can inspect traffic for sessions that originate from the external network. or at most. However.

such as supercomputer clusters. Leading Ethernet Switching Company" (http:/ / www. the switch is not able to verify the integrity of an incoming packet before forwarding it. Cisco Systems. Fragment free will hold the frame until the first 64 bytes are read from the source to detect a collision before forwarding. cisco. This technique reduces latency through the switch. org/ 5qaWOQRdn). because the frame check sequence appears at the end of the frame. The technology was developed by Kalpana the company that introduced the first Ethernet switch.Cut-through switching 79 Cut-through switching In computer networking. wherein the switch starts forwarding a frame (or packet) before the whole frame has been received.[1] Fragment free is a variation on cut-through switching that partially addresses this problem by assuring that collision fragments are not forwarded. htm). webcitation. . References [1] "Cisco to Acquire Kalpana. this has become less of a problem since packet latency has become much smaller. cut-through switching is a method for packet switching systems.What Are Forwarding Modes and How Do They Work?" (http:/ / support. Inc. Retrieved 2011-08-13. Archived from the original (http:/ / newsroom. This is only useful if there is a chance of a collision on the source port. com/ support/ express/ switches/ sb/ cs-014410. intel. since these are often deployed in environments where latency is a prime concern. html) on 2010-06-18. A cut-through switch will forward corrupted packets where a store and forward switch will drop them.[2] Use in ATM Cut-through routing was one of the important features of IP networks using ATM networks since the edge routers of the ATM network were able to use cell switching through the core of the network with low latency at all points.. but decreases reliability. normally as soon as the destination address is processed. com/ dlls/ 1994/ corp_102494. The alternative to cut-through switching is store and forward. Pure cut-through switching is only possible when when the speed of the outgoing interface is equal to the incoming interface speed. [2] "Switches . Use in Ethernet When cut-through switching is used in Ethernet. Adaptive switching dynamically selects between cut-through and store and forward behaviors based on current network conditions. . With higher speed links. Use in InfiniBand Cut-through switching is very popular in InfiniBand networks. .

. previously transmitted symbols can affect the edge cross over time. Therefore. DDJ's PDF is always a series of pulses at the locations where a specific bit pattern experiences a cross over. Properties Depending on characteristics of the signal and transmission topology.com.cn/cstory/ftf/2009/download/net_f0279. The DPAA includes Cores.Data Path Acceleration Architecture (DPAA) 80 Data Path Acceleration Architecture (DPAA) The QorIQ™ DPAA is a comprehensive architecture which integrates all aspects of packet processing in the SoC. It is also a form of ISI. In particular. Network and packet I/O. which is usually recorded in a PDF.electropages. This creates a probability distribution for the timing of the signal edge.com/2010/08/ freescale-three-new-qoriq-processors-incorporate-data-path-acceleration/ Data-dependent jitter Data-dependent jitter (DDJ) is a specific class of timing jitter. in order to get an accurate measure of the DDJ in a particular system. The infrastructure required to facilitate the flow of packets between the above The DPAA also addresses various performance related requirements especially those created by the high speed network I/O found on multicore SoCs such as the P4080 References External links • http://freescalesemi. a large number of bit patterns must be analyzed (often just a PRBS) unless an analytical solution can be found. Hardware offload accelerators. it is a form of deterministic jitter which is correlated with the sequence of bits in the data stream. addressing issues and requirements resulting from the multicore nature of QorIQ™ SoCs.pdf • http://www.

Datagram 81 Datagram A datagram is a basic transfer unit associated with a packet-switched network in which the delivery arrival time and order are not guaranteed. IP itself provides an unreliable service and UDP over IP also provides an unreliable one. The term datagram is often considered synonymous to "packet". several operating systems (including UNIX) implemented UUCP for electronic mail and dkcu for remote login[6] . However. packets would have to be reordered before processing. However.[2] presumably to assert that its fragments are reliable. then its fragments may be referred as packets. An "unreliable" service does not notify the user if delivery fails. not packets. URP assumes that packets arrive in order. developed at Bell Labs[1] for both local-area and wide-area networks[2] . Most of Bell Laboratories was trunked together on Datakit. A datagram consists of header and data areas. if a datagram fragments.[1] Second. ISN is the version of Datakit that was supported by AT&T Information Systems. References [1] Kurose. For example. On top of DK transport service. and remote command execution. TCP refers to its fragments as TCP segments. it can operate over multiple media. Keith W.25. but not as datagrams. (2007). remote login. Datakit offers a packet-switched protocol called Universal Receiver Protocol (URP) that spreads PDU overhead across multiple packets and performs immediate packet processing. On a network with misordering. while the term datagram is generally reserved for packets of an "unreliable" service. but there are some nuances. First. the term packet applies to any message formatted as a packet. which means that for this situation immediate packet processing is no longer possible[7] . That is why UDP packets are generally called datagrams. remote printing. & Ross. The source and destination addresses as well as a type field are found in the header of a datagram. . where the header contains information sufficient for routing from the originating equipment to the destination without relying on prior exchanges between the equipment and the network. At the physical layer. It supports file transfers. "Computer Networking: A Top-Down Approach" ISBN 0-321-49770-8 [2] RFC 793 Datakit Datakit is a virtual circuit-switched network layer computer networking protocol similar to X. and in widespread deployment by the Regional Bell Operating Companies (RBOCs)[3] . Datakit Virtual Circuit Switch (VCS) nodes connect to the Datakit network with a Datakit interface (IOA)[5] . James F. from slow speed EIA-232 to 500Mbit fiber optic links (called FIBERKIT)[4] . TCP/IP is also run over Datakit links.

jsp?url=/ iel2/ 717/ 971/ 00025918. from the Free On-line Dictionary of Computing [2] http:/ / techreports. org/ Xplore/ login. html [3] Network Dictionary By Javvin [4] http:/ / ieeexplore. pdf?arnumber=25918 [5] http:/ / stratadoc. lib. freepatentsonline. com/ 5583859. 1/ r307-00/ wwhelp/ wwhimpl/ js/ html/ wwhelp. html . com/ issues. htm?context=r307-00& file=ch5r307-00d. stratus. com/ vos/ 15. html?issue=18& id=9#article [7] http:/ / www.Datakit 82 References [1] Datakit. 1. html [6] http:/ / www. phrack. edu/ accessPages/ CSD-88-474. ieee. berkeley.

Donald Davies 83 Donald Davies Donald Watts Davies Born 7 June 1924 Treorchy. they had a daughter and two sons. He became interested in data communications following a visit to the Massachusetts Institute of Technology. and his mother took Donald and his twin sister back to her home town of Portsmouth. he married Diane Burton. His father. died a few months later. and remained in operation until 1986. which evolved into the Internet.[4] He first presented his ideas on packet switching at a conference in Edinburgh on 5 August 1968. A commercial spin-off.[4] Davies took the project over and concentrated on delivering the less ambitious Pilot ACE computer. where he saw that a significant problem with the new time-sharing computer systems was the cost of keeping a phone connection open for each user. where he headed and transformed its computing activity. even if they were for a theoretical computer. The ACE project was overambitious and foundered. leading to Turing's departure. the universal Turing machine.[3] on the nuclear weapons Tube Alloys project at Birmingham University.[4] He then returned to Imperial taking a first class degree in mathematics (1947). where he went to school. influencing other research in the UK and Europe. he was also awarded the Lubbock memorial Prize as the outstanding mathematician of his year.[6] In 1970.[4] . In 1966 he returned to the NPL at Teddington just outside London. It is said that Davies spotted mistakes in Turing's seminal 1936 paper On Computable Numbers. CBE FRS[1] (7 June 1924 – 28 May 2000) was a Welsh computer scientist who was the inventor of packet switching (and originator of the term). much to Turing's annoyance.[5] From 1947. DEUCE was manufactured by English Electric Computers and became one of the best-selling machines of the 1950s.[7] Larry Roberts of the Advanced Research Projects Agency in the United States became aware of the idea. and built it into the ARPANET. he worked at the National Physical Laboratory (NPL) where Alan Turing was designing the Automatic Computing Engine (ACE) computer.[3] He received a BSc degree in physics (1943) at Imperial College London. Wales 28 May 2000 (aged 75) Welsh Computer science National Physical Laboratory Died Nationality Fields Institutions Alma mater Imperial College Known for Packet switching Donald Watts Davies. Davies helped build a packet switched network called the Mark I to serve the NPL in the UK. which first worked in May 1950.[4] Davies then worked for a while on applications such as traffic simulation and machine translation. These were perhaps some of the first "programming" errors in existence. and then joined the war effort working as an assistant to Klaus Fuchs. he worked on Government technology initiatives designed to stimulate the British computer industry. In the early 1960s. Wales. It was replaced with the Mark II in 1973. In 1955. a clerk at a coalmine.[2] Career history Davies was born in Treorchy in the Rhondda Valley.

0006.Donald Davies Davies relinquished his management responsibilities in 1979 to return to research. D. He became particularly interested in computer network security. 6 September 2008 [7] Packet Switching (http:/ / www. doi:10.K. uk/ DonaldWattsDavies.possibly the first commercially produced computer in Great Britain. 1972 about the ARPANET.htm) from the History of Computing Project (http://www. National Physical Laboratory. C.com/) • Computer Networks: The Heralds of Resource Sharing (http://video.google.com/ videoplay?docid=4989933629762859961). Autumn 2008. Solomonides: Computer Networks and Their Protocols. internet-guide. documentary ca. University of Minnesota. Wiley. 2 June 2000. Includes footage of Donald W.net/) • Famous names at NPL (http://www. Davies discusses a much larger. Wiley.B. livinginternet.1098/rsbm. 1979. Engineering & Technology.npl. 44.co.edu/oh/display. The Guardian.28 May 2000". Computer Resurrection.net/biographies/davies_donald. • Biography (http://www.Donald Davies Biography (http:/ / www. (2002). thocp. Charles Babbage Institute.uk/news/2000/jun/02/guardianobituaries2) from The Guardian • Obituary (http://www. Davies (at 19m20s). [6] Luke Collins. uk/ news/ 2000/ jun/ 02/ guardianobituaries2). . guardian. 1984. a CBE in 1983 and a Fellow of the Royal Society in 1987. and the decision to contract with English Electric Company to build the DEUCE -.cbi.umn.thocp. [3] The History of Computing Project . "Network pioneer remembered".[4] Davies was appointed a Distinguished Fellow of the British Computer Society in 1975. becoming a security consultant to the banking industry.uk/about/famous_names/) • Obituary (http://www. html). [2] "Donald Watts Davies" (http:/ / www. He retired from the NPL in 1984. Price: Security for Computer Networks. 7 June 1924 .livinginternet. C. htm) [4] Martin Cambell-Kelly. Davies (http://www.isoc.phtml?id=116). Internet Guide.org/internet/history/davies. Wiley. Pioneer Profiles: Donald Davies. Biographical Memoirs of Fellows of the Royal Society 48: 87. 84 Books • With D. Barber: Communication Networks for Computers. 2010.E. ISSN 0958-7403 [5] Obituary (http:/ / www. net/ biographies/ davies_donald. • With W. M. Davies describes computer projects at the U. co. second ACE. References [1] Needham.com/i/ii_npl. 1973.co.shtml) from the Internet Society (ISOC) • UK National Physical Laboratory (NPL) & Donald Davies (http://www. "Donald Watts Davies. Price. R.livinginternet. from the 1947 design work of Alan Turing to the development of the two ACE computers.htm) from Living Internet (http://www. htm) External links • Oral history interview with Donald W. . • With W. IET.thocp. Barber.2002.guardian. com/ i/ iw_packet. co.

and the bounds can easily be observed and predicted. DPT is not a PPP whereas POS is. The use of SRP in conjunction with DPT makes it possible for DPT to communicate with the physical layer. Dynamic Packet Transport Dynamic packet transport (DPT) is a Cisco transport protocol designed for use in optical fiber ring networks. and increased throughput in common situations. DPT as opposed to POS or normal SONET/SDH is able to use both rings at the same time whereas POS only uses one ring under normal circumstances but switches to the second upon failure of the first. With the introduction of DPT came the introduction of another Cisco developed MAC layer protocol. it is quite similar to POS and DTM. It is necessary for the nodes to be able to communicate control data between each other in case of a fiber cut or link failure so the nodes can forward traffic on the appropriate interfaces and maintain network connectivity. Characteristics Deterministic jitter is clock timing jitter or data signal jitter that is predictable and reproducible. data dependent jitter. It was one of the major influences on the Resilient Packet Ring/802. and duty-cycle dependent jitter. Spatial Reuse Protocol or SRP. but once a failure occurs. there are methods for communicating not only application data between the nodes of a DPT network.Deterministic jitter 85 Deterministic jitter Deterministic jitter (or DJ) is a type of jitter with a known non-Gaussian probability distribution. and data packets are transmitted on both rings in order to maintain connectivity and full bandwidth utilization in normal situations. this means that traffic between two nodes of a DPT ring does not affect intermediate nodes. The other major class of jitter is non-deterministic. The peak-to-peak value of this jitter is bounded. Cisco claims that DPT can run with double the bit-rate of POS due to this characteristic. This design provides for redundancy in case of a fiber cut or link failure. . or random jitter. This means the network is composed of two completely separate rings of fiber that are both able to transmit data concurrently. Both control packets. Protocol Design DPT is implemented as two counter-rotating rings.17 standard. Deterministic Jitter includes different categories such as periodic jitter. Types of Data in DPT Networks As with most other lower layer protocols. In overview. the control data will notify the applicable routers of the failure and all the routers will switch to using only their active interfaces for data and control packets.

a protocol type identifier (used for identifying the upper layer protocol contained in the payload).Dynamic Packet Transport 86 DPT Packet Structure The structure of a DPT Packet is quite similar to that of Ethernet. fast packet switching is a packet switching technique that increases the throughput by eliminating overhead. The method for switching between these two rings in the event of a failure is called Intelligent Protection Switching. gov/ fs-1037/ fs-1037c. bldrdoc. Overhead reduction is accomplished by allocating flow control and error correction functions to either the user applications or the network nodes that interface with the user. References •  This article incorporates public domain material from the General Services Administration document "Federal Standard 1037C" [1]. Cell relay and frame relay are two implementations of fast packet switching. Fast packet switching In telecommunications. This ensures that a fiber cut or link failure (layer 1 error) will be rectified and IP traffic will be resumed within 50 ms. References [1] http:/ / www. FPS does not refer to a switch that can directly support packet switching over an X.25 interfaace as faster speeds than eisting X. and an FCS used to validate the data. As aforementioned.25 switches. DPT also contains a "plug and play" feature which dynamically fetches the MAC addresses of neighboring devices which provides for very simple configuration with little to no setup prior to functional data transfer. DPT is composed of two rings for fault tolerance and increased throughput. It contains a source and destination MAC address (both 48-bits long). Gigabit Ethernet. or IPS. This means that the DPT protocol can operate above several physical mediums such as SONET/SDH. htm . its. and others. DPT Topologies Both DPT and SRP are independent of their physical layers.

Firewall (computing) 87 Firewall (computing) A firewall is a device or set of devices designed to permit or deny network transmissions based upon a set of rules and is frequently used to protect networks from unauthorized access while permitting legitimate communications to pass. firewall on each computer help to prevent the spread of virus in a network Many personal computer operating systems include software-based firewalls to protect against threats from the public Internet. • Firewall helps to prevent viruses and worms to enter into your computer. An illustration of where a firewall would be located in a network. such as the metal sheet separating the engine compartment of a vehicle or aircraft from the passenger compartment. and NASA Ames. an employee at the NASA Ames Research Center in California sent a memo by email to his colleagues [3] that read. UC San Diego. many firewalls can perform [1] basic routing functions. "We are currently under attack from an Internet VIRUS! It has hit Berkeley." . The predecessors to firewalls for network security were the routers used in [2] the late 1980s: An example of a user interface for a firewall on Ubuntu (Gufw) • Clifford Stoll's discovery of German spies tampering with his system[2] • Bill Cheswick's "Evening with Berferd" 1992 in which he set up a simple electronic to observe an attacker[2] • In 1988. • A Firewall is a security system that adds a level of protection between your computer and the internet. Firewall technology emerged in the late 1980s when the Internet was a fairly new technology in terms of its global use and connectivity. Later uses refer to similar structures. Lawrence Livermore. Stanford. conversely. Many routers that pass data between networks contain firewall components and. History The term firewall originally referred to a wall intended to confine a fire or potential fire within a building. • If one of the computers is infected.

and. calling them circuit level firewalls. the device checks for matches to any of the packet filtering rules that are configured in the firewall and drops or rejects the packet accordingly. If a packet matches the packet filter's set of rules.[8] When a packet originates from the sender and filters through a firewall. the state of a connection can itself be one of the criteria which trigger specific rules. Bill Cheswick and Steve Bellovin were continuing their research in packet filtering and developed a working model for their own company based on their original first generation architecture. with a little bit of peeking into the transport layer to figure out source and destination port numbers. [6] for TCP and UDP traffic. then the firewall will block the TCP protocol for port number 23. Though there is still a set of static rules in such a firewall. Dave Presetto. when engineers from Digital Equipment Corporation (DEC) developed filter systems known as packet filter firewalls. the online community was neither expecting an attack nor prepared to deal with one. Instead. work up to layer 4 (transport layer) of the OSI model. it filters each packet based only on information contained in the packet itself (most commonly using a combination of the packet's source and destination address. This fairly basic system was the first generation of what became a highly evolved and technical internet security feature. and Kshitij Nigam. remote printing. At AT&T Bell Labs.[4] 88 First generation: packet filters The first paper published on firewall technology was in 1988. which means most of the work is done between the network and physical layers. it filters the packet on a protocol/port number basis (GSS). email transmission. This technology is generally referred to as a stateful packet inspection as it maintains records of all connections passing through the firewall and is able to determine whether a packet is the start of a new connection. the Morris Worm was the first large scale attack on Internet security. This type of firewall can actually be exploited by certain Denial-of-service attacks which can fill the connection tables with illegitimate connections. Therefore they regard placement of each individual packet within the packet series.[7] Packet filtering firewalls work mainly on the first three layers of the OSI reference model. the packet filter will drop (silently discard) the packet. its protocol. if a rule in the firewall exists to block telnet access. unless the machines on each side of the packet filter are both using the same non-standard ports. or reject it (discard it. Although it was not malicious in intent. or is an invalid packet. Janardan Sharma. and thus control. developed the second generation of firewalls. in addition to what first-generation look for. . TCP and UDP protocols constitute most communication over the Internet. When the packet passes through the firewall. the port number).Firewall (computing) • The Morris Worm spread itself through multiple vulnerabilities in the machines of the time. [9] Second generation: "stateful" filters From 1989-1990 three colleagues from AT&T Bell Laboratories. it stores no information on connection "state"). Second-generation firewalls. and send "error responses" to the source). a "stateless" packet filter can distinguish between.e. a part of an existing connection. file transfer). and because TCP and UDP traffic by convention uses well known ports for particular types of traffic. those types of traffic (such as web browsing. This type of packet filtering pays no attention to whether a packet is part of an existing stream of traffic (i. For example.[5] Packet filters act by inspecting the "packets" which represent the basic unit of data transfer between computers on the Internet.

by requesting the user's signature for each connection. Telnet. The NuFW firewall provides real identity-based firewalling. Currently. DHCP. An application firewall can filter higher-layer protocols such as FTP. Many firewalls provide such features by binding user identities to IP or MAC addresses. DNS. Many of these applications can not only be blocked or allowed but manipulated by the more advanced firewall products to allow only certain functionality enabling network security administrations to give users functionality without enabling unnecessary vulnerabilities.Firewall (computing) 89 Third generation: application layer The key benefit of application layer filtering is that it can "understand" certain applications and protocols (such as File Transfer Protocol. HTTP. McAfee Firewall Enterprise & Palo Alto PS Series firewalls. The product known as "Visas" was the first system to have a visual integration interface with colors and icons. . UDP and TFTP (GSS). This is similar to a packet filter firewall but here we can also filter information on the basis of content. Subsequent developments In 1992. which is very approximate and can be easily turned around. and it can detect if an unwanted protocol is sneaking through on a non-standard port or if a protocol is being abused in any harmful way. DNS. In 1994 an Israeli company called Check Point Software Technologies built this into readily available software known as FireWall-1. It is expected that due to the nature of malicious communications this trend will have to continue to enable organizations to be truly secure. Good examples of application firewalls are MS-ISA (Internet Security and Acceleration) server. after authentication via SSH. or web browsing). Software-based firewalls (MS-ISA) are much slower than hardware based stateful firewalls but dedicated appliances (McAfee & Palo Alto) provide much higher performance levels for Application Inspection. Another axis of development is about integrating identity of users into Firewall rules. from the application down to the physical Layer. authpf on BSD systems loads firewall rules dynamically per user. An application firewall is much more secure and reliable compared to packet filter firewalls because it works on all seven layers of the OSI model. if an organization wants to block all the information related to "foo" then content filtering can be enabled on the firewall to block that particular word. Bob Braden and Annette DeSchon at the University of Southern California (USC) were refining the concept of a firewall. The existing deep packet inspection functionality of modern firewalls can be shared by Intrusion-prevention systems (IPS). As a consequence these advanced version of the "Third Generation" firewalls are being referred to as "Next Generation" and surpass the "Second Generation" firewall. which could be easily implemented and accessed on a computer operating system such as Microsoft's Windows or Apple's MacOS. For example. In 2009/2010 the focus of the most comprehensive firewall security vendors turned to expanding the list of applications such firewalls are aware of now covering hundreds and in some cases thousands of applications which can be identified automatically. the Middlebox Communication Working Group of the Internet Engineering Task Force (IETF) is working on standardizing protocols for managing firewalls and other middleboxes. TCP.

In principle. or all telnet or ftp traffic). including source and destination IP address. netblock of originator. application firewalls can prevent all unwanted outside traffic from reaching protected machines. ipfw (FreeBSD/Mac OS X). The firewall administrator may define the rules. However. and the current stage of the connection's lifetime (including session initiation. The term "packet filter" originated in the context of BSD operating systems. Stateful firewalls maintain context about active sessions. where the communication is intercepted and the state that is being traced. not allowing packets to pass through the firewall unless they match the established rule set. iptables/ipchains (Linux). also called packet filters. destination service like WWW or FTP.[11] Also. Modern firewalls can filter traffic based on many packet attributes like source IP address. and many other attributes. They may also be necessary for filtering stateless network protocols that have no concept of a session. Network layer firewalls generally fall into two sub-categories. stateful and stateless. and may intercept all packets traveling to or from an application. [10] Network layer and packet filters Network layer firewalls. It is rare to find application firewalls not combined or used in conjunction with a packet filter. Application firewalls function by determining whether a process should accept any given connection. data transfer. prompts are used to define rules for processes that have not yet received a connection. and all other BSDs). of the source. Given the variety of software that exists. TTL values. they cannot make more complex decisions based on what stage communications between hosts have reached. all browser traffic. destination IP address or port. and can be faster for simple filters that require less time to filter than to look up a session. application firewalls further filter connections by examining the process ID of data packets against a ruleset for the local process involved in the data transmission. Application firewalls accomplish their function by hooking into socket calls to filter the connections between the application layer and the lower layers of the OSI model. They can filter based on protocols. application firewalls only have more complex rulesets for the standard services. firewalls can restrict or prevent outright the spread of networked computer worms and trojans. They block other packets (usually dropping them without acknowledgment to the sender). Application firewalls work much like a packet filter but application filters apply filtering rules (allow/block) on a per process basis instead of filtering connections on a per port basis.e. Commonly used packet filters on various versions of Unix are ipf (various). The extent of the filtering that occurs is defined by the provided ruleset. it will be evaluated according to the ruleset for new connections. On inspecting all packets for improper content. UDP or TCP ports. handshaking. If a packet does not match an existing connection. pf (OpenBSD. These per process rulesets have limited efficacy in filtering every . Generally. operate at a relatively low level of the TCP/IP protocol stack. or default rules may apply. Any existing network connection can be described by several properties. Stateless firewalls require less memory. such as sharing services. The additional inspection criteria can add extra latency to the forwarding of packets to their destination. or completion connection). Application-layer Application-layer firewalls work on the application level of the TCP/IP stack (i. Application firewalls that hook into socket calls are also referred to as socket filters.Firewall (computing) 90 Types There are different types of firewalls depending on where the communication is taking place. it will be allowed to pass without further processing. source port.. and use that "state information" to speed packet processing. If a packet matches an existing connection based on comparison with the firewall's state table.

edu. Washington Post [10] Firewall http:/ / www. google.[12] 91 Proxies A proxy device (running either on dedicated hardware or as software on a general-purpose machine) may act as a firewall by responding to input packets (connection requests. Proxies make tampering with an internal system from the external network more difficult and misuse of one internal system would not necessarily cause a security breach exploitable from outside the firewall (as long as the application proxy remains intact and properly configured). " Google Books Link (http:/ / books. Steven M. com/ books?id=_ZqIh0IbcrgC& lpg=PA142& dq=Firewalls and Internet Security. Originally. & f=false)". & pg=PA176#v=onepage& q=Firewalls and Internet Security. google. com/ resources/ firewall/ ). checkpoint. tech-faq. to protect vulnerable services. unm.Firewall (computing) possible association that may occur with other processes. UDP By Erik Rodriguez [8] William R. pdf) Firewalls by Dr. Check PointResources [2] A History and Survey of Network Firewalls (http:/ / www. the NAT function was developed to address the limited number of IPv4 routable addresses that could be used or assigned to companies or individuals as well as reduce both the amount and therefore cost of obtaining enough public addresses for every computer in an organization. cs. by Cheswick et al. sa/ user062/ CSE55101/ firewall. 2003 Virus may elude computer defenses (http:/ / news. Network address translation Firewalls often have network address translation (NAT) functionality. While use of internal address spaces enhances security. Firewalls often have such functionality to hide the true address of protected hosts. Rubin (2003). org/ html/ rfc1135) [5] http:/ / www. org/ article/ internet-firewall-basics/ the-history-of-firewalls. edu/ ~treport/ tr/ 02-12/ firewall. org/ resources/ firewall/ network-layer-firewall Network Layer Firewall [7] http:/ / www. intruders may hijack a publicly-reachable system and use it as a proxy for their own purposes. the proxy then masquerades as that system to other internal machines. php TCP vs. for example) in the manner of an application. com/ newspapers?id=neIqAAAAIBAJ& sjid=Vo4EAAAAIBAJ& pg=4057. Cheswick. kfupm. net/ tcpudp. application firewalls are beginning to be supplanted by a new generation of application firewalls that rely on mandatory access control (MAC). while blocking other packets. internetfirewall. An example of a next generation application firewall is AppArmor included in some Linux distributions. Hiding the addresses of protected devices has become an increasingly important defense against network reconnaissance. pdf) Kenneth Ingham and Stephanie Forrest [3] (http:/ / ocw.Talal Alkharobi [4] RFC 1135 The Helminthiasis of the Internet (http:/ / tools. html [11] http:/ / www. skullbox. crackers may still employ methods such as IP spoofing to attempt to pass packets to a target network. Conversely. these per process ruleset cannot defend against modification of the process via exploitation. wanredundancy. Bellovin. as defined in RFC 1918. References [1] Definition of Firewall (http:/ / www. by Cheswick et al. also referred to as sandboxing. html The History of Firewalls [6] http:/ / www.6607496& dq=firewall& hl=en) by Charles Duhigg. com/ connect/ articles/ software-firewalls-made-straw-part-1-2 [12] http:/ / www. Firewalls and Internet security: repelling the wily hacker [9] Aug 29. symantec. and the hosts protected behind a firewall commonly have addresses in the "private address range". ietf. Because of these limitations. Also. com/ connect/ articles/ software-firewalls-made-straw-part-1-2 . com/ firewall. such as memory corruption exploits. Aviel D. symantec.

a frame is typically an entity at the physical layer.org/faqs/firewalls-faq/).edu/~treport/tr/02-12/firewall.com/catalog/9781565928718) Second Edition. a frame is a data packet on the Layer 2 of the OSI model.unm. If a receiver is connected to the system in the middle of a frame transmission.a technical view on software firewall design and potential weaknesses • Building Internet Firewalls (http://oreilly. where the mobile terminal may transmit during some timeslots and receive during others.com/univercd/cc/td/doc/product/iaabu/centri4/user/ scf4ch3. • Evolution of the Firewall Industry (http://www. com/ free/ t_DataLinkLayerLayer2. PPP frames and V.com/infocus/1840) . and provides a timeline of the evolution. a frame is a cyclically repeated data block that consists of a fixed number of time slots. • A History and Survey of Network Firewalls (http://www.securityfocus. In this consist. 2005-09-20. p. October 1989.faqs. how packets are processed.Discusses different architectures and their differences. a sequence of bits or symbols making it possible for the receiver to detect the beginning and end of the packet in the stream of symbols or bits. Marcus Ranum and Paul Robertson.pdf) provides an overview of firewalls at the various ISO levels. TDM application examples are SONET/SDH and the ISDN circuit switched B-channel.cs. htm). In computer networking. In telecommunications. TDMA examples are the 2G and 3G circuit switched cellular voice services. tcpipguide.[1] A frame is "the unit of transmission in a link layer protocol. compiled by Matt Curtin.com/infocus/1839) and Software Firewalls: Made of Straw? Part 2 (http://www.42 modem frames. RFC 1122. IETF. References [1] "Data Link Layer (Layer 2)" (http:/ / www. . specifically time-division multiplex (TDM) and time-division multiple access (TDMA). . 18. The TCP/IP Guide. one for each logical TDM channel or TDMA transmitter. Retrieved 2010-06-07.htm) .cisco. O’Reilly . it ignores the data until it detects a new frame synchronization sequence.e. • Software Firewalls: Made of Straw? Part 1 (http://www.a thorough reference and tutorial Frame (networking) In computer networking and telecommunication. with references to the original papers where first firewall work was reported. and consists of a link-layer header followed by a packet. Retrieved 2010-01-31. i.page-18). ."[2] Examples are Ethernet frames (maximum 1500 byte plus overhead).securityfocus. The frame is also an entity for time-division duplex. org/ html/ rfc1122& #035. [2] "RFC 1122: Requirements for Internet Hosts — Communication Layers" (http:/ / tools.Firewall (computing) 92 External links • Internet Firewalls: Frequently Asked Questions (http://www. a frame is a digital data transmission unit or data packet that includes frame synchronization. ietf.

com/ en/ US/ tech/ tk713/ tk237/ technologies_tech_note09186a00801e32e7. including the trailing FCS. and fields contained within them. the frame is discarded. X. This way it can detect whether any data was lost or altered in transit. An Ethernet frame. or user application data. The FCS field contains a number that is calculated by the source node based on the data in the frame.Cisco Systems"]. and expect to see a fixed result (such as zero) when it is correct. 100615 cisco. are susceptible to errors from a variety of sources. Extra bytes may be added so frames have a minimum length for timing purposes. When the destination node receives the frame the FCS number is recalculated and compared with the FCS number included in the frame. and compares it to the received FCS. and adds control information to help deliver the packet to the destination node. and other data link layer protocols. The data package includes the message to be sent. shtml) . It may then discard the data. The receiving host computes the checksum on the frame using the same algorithm. Frames are used to send upper-layer data and ultimately the user application data from a source to a destination. If the two numbers are different. Layer 2 communicates with the upper layers through LLC. including the FCS terminating the frame. and request retransmission of the faulty frame. Such an FCS generally appears immediately before the frame-ending delimiter.com . HDLC 16 or 32 bits. which is an IP packet. The sending host computes a checksum on the entire frame and appends this as a trailer to the data. The FCS is often transmitted in such a way that the receiver can compute a running sum over the entire frame.25 16 or 32 bits. cisco.[1] Point-to-Point Protocol (PPP) 16 or 32 bits. By far the most popular FCS algorithm is a cyclic redundancy check (CRC). bytes. used in the Ethernet with 32 bits. This number is added to the end of a frame that is sent.Frame check sequence 93 Frame check sequence A frame check sequence (FCS) refers to the extra checksum characters added to a frame in a communication protocol for error detection and correction. . LLC bytes are also included with the Data field in the IEEE standard frames. The LLC sublayer takes the network protocol data. an error is assumed. References [1] "Frame Relay Glossary [Frame Relay (http:/ / www. (OSI model) All frames and the bits. Frame Relay 16 bits.

The goal is provide a Primary Reference Clock (PRC) traceable clock for the TDM applications. 8261-200804-I/ en Gigapackets Gigapackets are billions (109) of packets or datagrams.8261 94 G.pactiming) "Timing and Synchronization Aspects in Packet Networks" specifies the upper limits of allowable network jitter and wander. Usage Packet networks have been inherently asynchronous. However. .8261 ITU-T Recommendation G. and the minimum requirements for the synchronization function of network equipment. as the communications industry moves toward an all IP core and edge network.8261/Y. int/ rec/ T-REC-G. itu. These rates are seen in network speeds of gigabit Ethernet or 10 Gigabit Ethernet and SONET Optical Carrier rates of OC-48 at 2.8261 recommendation publication [1] References [1] http:/ / www. External links • ITU-T G.5 Gbit/s and OC-192 at 10 Gbit/s. there is a need to provide synchronization functionality to traditional TDM-based applications. Data transfer rates in gigapackets per second are associated with high speed networks. especially fiber optic networks. This is essential for the interworking with PSTN. the minimum requirements that network equipment at the TDM interfaces at the boundary of these packet networks can tolerate. The bit rates that are used to create gigapackets are in the range of gigabits per second.1361 (formerly G. The packet is the fundamental unit of information in computer networks.G.

Retrieved 16 May 2011. The resulting structure is here referred to as the (Secured) Command Packet. [1] [2] [3] Overview The Sending Application prepares an Application Message and forwards it to the Sending Entity. application specific data supplied by the Receiving Application. The interface between the Sending Application and Sending Entity and the interface between the Receiving Entity and Receiving Application are proprietary. . . Application messages are commands or data exchanged between an application resident in or behind the GSM PLMN and on the SIM. Retrieved 16 May 2011.48 Version 890" (http:/ / www. 48/ 0348-890. The Response Packet consists of a Security Header (the Response Header) and optionally. 3gpp. References [1] "GSM 03. with an indication of the security to be applied to the message. googlecode. The Sending Entity prepends a Security Header (the Command Header) to the Application Message. It then applies the requested security to part of the Command Header and all of the Application Message. Retrieved 16 May 2011. com). org/ ftp/ Specs/ html-info/ 0348. the Receiving Entity shall create a (Secured) Response Packet. [2] "GSM 03. [3] "3GPP Standard Page" (http:/ / www.48 95 GSM 03. including any padding octets.48 Java API and Realization Library" (https:/ / gsm0348. The Response Packet will be returned to the Sending Entity.g. htm). (e. Under normal circumstances the Receiving Entity receives the Command Packet and unpacks it according to the security parameters indicated in the Command Header. If so indicated in the Command Header. zip). org/ ftp/ Specs/ archive/ 03_series/ 03. The Receiving Entity subsequently forwards the Application Message to the Receiving Application indicating to the Receiving Application the security that was applied. Both the Response Header and the application specific data are secured using the security mechanisms indicated in the received Command Packet. 3gpp.48 have been applied. . timing).48 Scope It is used to the exchange of secured packets between an entity in a GSM PLMN and an entity in the SIM. Secured Packets contain application messages to which certain mechanisms according to GSM 03. .GSM 03. subject to constraints in the transport layer.

such as IPv4 when using 6to4 or Teredo transition technologies. IPv6 packets are typically transmitted over a Link Layer protocol.[4] priority values subdivide into ranges: traffic where the source provides congestion control and non-congestion control traffic. as they do for IPv4.g. [1] Routers do not fragment IPv6 packets. Fixed header The fixed header of an IPv6 packet consists of its first 40 octets (320 bits). The payload of an IPv6 packet is typically a datagram or segment of the higher-level Transport Layer protocol. Traffic Class (8 bits) The bits of this field hold two values.[2] [3] The remaining two bits are used for ECN.[1] Flow Label specifications and minimum requirements are described.. Flow Label (20 bits) Originally created for giving real-time applications special service. and a payload consisting of user data.[7] Payload Length (16 bits) .g. such as Ethernet which encapsulates each packet in a frame.IPv6 packet 96 IPv6 packet An IPv6 packet is the smallest message entity exchanged via the Internet Protocol across an Internet Protocol version 6 (IPv6) network.[5] [6] and first uses of this field are emerging. ICMPv6) or Link Layer (e. which is used to classify packets. but may be data for an Internet Layer (e. Packets consist of control information for addressing and routing. Hosts may use fragmentation to send packets larger than the observed path MTU. The 6 most-significant bits are used for DSCP.[1] It has the following format: Fixed header format Offsets Octet Octet 0 4 8 12 16 20 24 28 32 36 Bit   0  32  64  96 128 160 192 224 256 288 Destination Address 0 1 2 3  0  1  2  3  4  5  6  7  8  9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 Version Traffic Class Payload Length Source Address Flow Label Next Header Hop Limit Version (4 bits) The constant 6 (bit sequence 0110). but this may also be a higher layer tunneling protocol. Hosts are "strongly recommended" to implement path MTU discovery to take advantage of MTUs greater than the smallest MTU of 1280 octets. OSPF) instead.. The control information in IPv6 packets is subdivided into a mandatory fixed header and optional extension headers.

If a node does not recognize a specific extension header. using the Next Header fields. In order to increase performance. it should discard the packet and send an Parameter Problem message (ICMPv6 type 4. When extension headers are present in the packet this field indicates which extension header follows. except for the Destination Options header. Hop Limit (8 bits) Replaces the time to live field of IPv4. some extension headers require internal padding to meet this requirement. Source Address (128 bits) The IPv6 address of the sending node.[1] When a Next Header value 0 appears in a header other than the fixed header a node should do the same. Destination Address (128 bits) The IPv6 address of the destination node(s). except for Hop-by-Hop Options. The values are shared with those used for the IPv4 protocol field. and new extension headers may be defined in the future.[1] 97 Extension headers Extension headers carry optional Internet Layer information. This value is decremented by one at each intermediate node the packet visits. which may appear twice. the header has no checksum to protect it. code 1). . All extension headers are a multiple of 8 octets in size. which need to be processed at every intermediate node on the packet's path. and are placed between the fixed header and the upper-layer protocol header. The defined extension headers below are listed in the preferred order.[1] The headers form a chain. Extension headers are to be examined and processed at the packet's destination only. This field usually specifies the transport layer protocol used by a packet's payload. The length is set to zero when a Hop-by-Hop extension header carries a Jumbo Payload option. as both fields have the same function (see List of IP protocol numbers). and since current link layer technology is assumed to provide sufficient error detection[9] . [1] There are several extension headers defined. should there be more than one extension header following the fixed header. The Next Header field in the fixed header indicates the type of the first extension header.[8] Next Header (8 bits) Specifies the type of the next header. including sending and receiving node. including any extension headers. When the counter reaches 0 the packet is discarded.IPv6 packet The size of the payload in octets. Note that all extension headers are optional and should only appear at most once. the Next Header field of the last extension header indicates the type of the upper-layer protocol header in the payload of the packet.

The Destination Options extension header need to be examined by the destination node(s) only. Options that need to be examined only by the destination of the packet. Bit   0  32  64 . blocks of 8 octets are added to the header repeatedly—containing options and padding—until all options are represented. but passed unaltered by routers.. still be data in the payload if the payload length in the first header of the packet is greater than the length of all extension headers in the packet.. Hop-by-hop options and destination options The Hop-by-Hop Options extension header needs to be examined by all nodes on the packet's path. from the header's point of view. Options (variable) Contains one or more options. Carries encrypted data for secure communication. not including the first 8 octets.. Methods to specify the route for a datagram (used with Mobile IPv6). however. if more options are present than will fit in that space. It means that.[1] There could.. Options that need to be examined only by the destination of the packet. Contains information used to verify the authenticity of most parts of the packet. Hop-by-Hop Options and Destination Options extension header format Offsets Octet Octet 0 4 8 . Options and Padding Next Header (8 bits) Specifies the type of the next header. including sending and receiving nodes. the IPv6 packet ends right after it: the payload should be empty. This data should be ignored by hosts. not even a header of an upper-layer protocol. Hdr Ext Len (8 bits) Length of this header in 8-octet units. Destination Options (before upper-layer header) 60 Value 59 (No Next Header) in the Next Header field indicates that there is no next header whatsoever following this one.IPv6 packet 98 Extension Header Hop-by-Hop Options Destination Options (before routing header) Routing Fragment Authentication Header (AH) Encapsulating Security Payload (ESP) Type 0 60 43 44 51 50 Description Options that need to be examined by all devices on the path. 0 1 2 3  0  1  2  3  4  5  6  7  8  9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 Next Header Hdr Ext Len Options and Padding Optional: more Options and Padding . Options are TLV-coded. Contains parameters for fragmentation of datagrams. .. and optional padding fields to align options and to make the total header length a multiple of 8 octets. The extension headers are both at least 8 octets in size..

until all Type-specific Data is placed. The header is at least 8 octets in size. this header is deprecated[11] and host and routers are required to ignore these headers. Segments Left (8 bits) Number of nodes this packet still has to visit before reaching its final destination. Routing Header type 1 is used for the Nimrod[12] project funded by DARPA.. Routing types Due to the fact that with Routing Header type 0 a simple but effective[10] denial-of-service attack could be launched.IPv6 packet 99 Routing The Routing extension header is used to direct a packet to one or more intermediate nodes before being sent to its destination. Next Header (8 bits) Indicates the type of the next header.. Routing Header type 2 is a limited version of type 0 and is used for Mobile IPv6. Bit   0  32  64 . Type-specific Data (variable) Data that belongs to this type of routing header. not including the first 8 octets.[1] Routing extension header format Offsets Octet Octet 0 4 8 . Routing Type (8 bits) 0. where it can hold the Home Address of the Mobile Node. blocks of 8 octets are added to the header repeatedly. in multiples of 8 octets.. 1. 0 1 2 3  0  1  2  3  4  5  6  7  8  9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 Next Header Hdr Ext Len Type-specific Data Routing Type Segments Left Optional: more Type-specific Data . The Fragment extension header carries the information necessary to reassemble the original (unfragmented) packet. Hdr Ext Len (8 bits) The length of this header. or 2. if more Type-specific Data is needed than will fit in 4 octets...[1] . Fragment In order to send a packet that is larger than the path MTU. the sending node splits the packet into fragments..

the jumbo payload option in a Hop-By-Hop Options extension header[8] . plus 8 octets for the Hop-by-Hop extension header). relative to the start of the fragmentable part of the original packet. the data provided by the transport layer. for example a TCP segment or a UDP datagram. . by making use of a 32-bit length field. in 8-octet units. allows the exchange of packets with payloads of up to one byte less than 4 GB (232 − 1 = 4294967295 bytes). Standard payload length The payload length field of IPv6 (and IPv4) has a size of 16 bits. urgent data pointer). Reserved (8 bits) Initialized to all zeroes. Most Link Layer protocols cannot process packets larger than 65535 octets. Rsvd.IPv6 packet 100 Fragment extension header format Offsets Octet Octet 0 4 Bit   0  32 0 1 2 3  0  1  2  3  4  5  6  7  8  9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 Next Header Reserved Identification Fragment Offset Rsvd. M Flag (1 bit) 1 means more fragments follow. Authentication Header (AH) and Encapsulating Security Payload (ESP) The Authentication Header and the Encapsulating Security Payload are part of IPsec and are used identically in IPv6 and in IPv4. capable of specifying a maximum size of 65535 octets for the payload. support for IPv6 jumbograms requires modifications to the Transport Layer protocol implementation. plus 40 octets for the fixed header. Jumbogram An optional feature of IPv6. M Next Header (8 bits) Identifies the type of the next header. generated by the source node. initialized to zeroes.[8] Jumbograms are only relevant for links that have a MTU larger than 65583 octets (more than 65535 octets for the payload. 0 means last fragment. (2 bits) Reserved. Packets with such payloads are called jumbograms. The Next Header field of the last IPv6 header indicates what type of payload is contained in this packet. Needed for reassembly of the original packet.[13] [14] Payload The fixed and optional IPv6 headers are followed with the upper-layer payload. Since both TCP and UDP include fields limited to 16 bits (length. Identification (32 bits) Packet identification value. Fragment Offset (13 bits) Offset.

Hosts are permitted to make an attempt to reassemble fragmented datagrams larger than 1500 bytes. Packets exceeding the size of the maximum transmission unit of the destination link are dropped and this condition is signaled by a Packet too Big ICMPv6 type 2 message to the originating node. contain up to 1500 bytes. they will be rearranged by the receiving node. After that the rest of the payload follows. similarly to the IPv4 method when the Don't Fragment bit set. Each Fragment extension header has its M flag set to 1 (indicating more fragments follow). a Time Exceeded message (ICMPv6 type 3. The Next Header value of the last (extension) header of the unfragmentable part is set to 44 to indicate that a Fragment extension header follows. Fragmenting A packet containing a fragment of an original (larger) packet consists of two parts: the unfragmentable part of the original packet (which is the same for all fragments). Therefore. code 1) is returned to the node originating the fragmented packet. but they are also permitted to silently discard any datagram after it becomes apparent that the reassembled packet would be larger than 1500 bytes. if the packet was discarded for this reason. identified by a fragment offset.[1] End nodes in IPv6 are expected to perform path MTU discovery to determine the maximum size of packets to send. except the last fragment. Reassembly The original packet is reassembled by the receiving node by collecting all fragments and placing each fragment at the right offset and discarding the Fragment extension headers of the packets that carried them. except the last. whose flag is set to 0. the unfragmentable part is just the fixed header. or else the Hop-by-Hop extension header. and the upper-layer protocol is expected to limit the payload size. IPv6 routers never fragment IPv6 packets. If neither extension headers are present. After the Fragment extension header a fragment of the rest of the original packet follows. the sending host may use the Fragment extension header in order to perform end-to-end fragmentation of IPv6 packets. Each fragment is a multiple of 8 octets in length. The first fragment(s) hold the rest of the extension headers (if present). if the upper-layer protocol is unable to do so.IPv6 packet 101 Fragmentation Unlike in IPv4. The unfragmentable part of a packet consists of the fixed header and some of the extension headers of the original packet (if present): all extension headers up to and including the Routing extension header. Any data link layer conveying IPv6 data must be capable of delivering an IP packet containing 1280 bytes without the need to invoke end-to-end fragmentation at the IP layer. Receiving hosts must make a best-effort attempt to reassemble fragmented IP datagrams that. However. . Packets containing fragments need not arrive in sequence. senders should avoid sending fragmented IP datagrams with a total reassembled size larger than 1500 bytes. If not all fragments are received within 60 seconds after receiving the first packet with a fragment. and a piece of the fragmentable part of the original packet. reassembly of the original packet is abandoned and all fragments are discarded. If the first fragment was received (which contains the fixed header). after reassembly. unless they have previous assurance that the receiver is capable of reassembling such large datagrams.

Hinden. RFC 3168. G. "Type 0: the evil mechanism. RFC 4203.. (April 2002) New Terminology and Clarifications for DiffServ (http:/ / tools. org/ html/ rfc3595). [6] Rajahalme. ITU-T G. IETF. RFC 3595. The amount of tolerable jitter depends on the affected application. [2] Nickols. IETF. (September 2001) The Addition of Explicit Congestion Notification (ECN) to IP (http:/ / tools. org/ html/ rfc1992)'." [11] Abley. RFC 2460. and usually undesired. B. ietf. ietf.810 classifies jitter frequencies below 10 Hz as wander and frequencies at or above 10 Hz as jitter.. Jitter frequency.. S. [4] Ramakrishnan. [9] RFC 1726 section 6.. Black. IETF. RFC 4202. RMS. version 6 (IPv6) Specification (http:/ / tools. org/ html/ rfc3697). F. ietf. RFC 3697. org/ html/ rfc2460). Also like other time-varying signals. (December 2005) IP Encapsulating Security Payload (http:/ / tools. jitter can be expressed in terms of spectral density (frequency content). org/ conf/ IPv6_RH_security-csw07. ietf. Arnoud Ebalard (April 2007). Black. Jitter may be observed in characteristics such as the frequency of successive pulses. (August 1999). [5] Wijnen. (December 1998). . OC-48).g. html). Carpenter. IETF. org/ html/ rfc4303. Savola. S. ietf. [13] Kent. introduce clicks or other undesired effects in audio signals.. org/ html/ rfc2474. ietf.2 [10] Philippe Biondi. ... S. ietf. Hinden.. Baker. IETF. html). S. or phase of periodic signals.g. ietf.... IETF. Deprecation of Type 0 Routing Headers in IPv6 (http:/ / tools. B. M. org/ html/ rfc2675). RFC 2675. S. K. the signal amplitude. SATA. K. ietf. IPv6 Jumbograms (http:/ / tools. ietf.[1] Jitter can be quantified in the same terms as all time-varying signals. RFC 5095. Jitter is a significant. the more commonly quoted figure.. I. R. Conta. is its inverse. [3] Grossman. often in relation to a reference clock source. In clock recovery applications it is called timing jitter. html) IETF. (March 2004) IPv6 Flow Label Specification (http:/ / tools. D. IETF. Retrieved 3 December 2010. [7] draft-blake-ipv6-flow-label-nonce-02 (http:/ / tools. html). S. IETF. Internet Protocol. factor in the design of almost all communications links (e.. Deering.. ietf. PCI-e. (Augustus 1996) The Nimrod Routing Architecture (http:/ / tools. D. pdf) (pdf). RFC 2474. S. A. Jitter period is the interval between two times of maximum effect (or minimum effect) of a signal characteristic that varies regularly with time. USB.. D. org/ html/ rfc3168. org/ html/ rfc4302. (September 2003) Textual Conventions for IPv6 Flow Label (http:/ / tools. RFC 3260. Jitter can cause a display monitor to flicker. J. secdev. org/ html/ rfc3260.. Chiappa. R. affect the performance of processors in personal computers. Floyd. (December 2007). or peak-to-peak displacement. Jitter Jitter is the time variation of a periodic signal in electronics and telecommunications. IETF.. Blake. [14] Kent.. html) IETF.IPv6 packet 102 References [1] Deering. org/ html/ rfc5095). (December 2005) IP Authentication Header (http:/ / tools. "IPv6 Routing Header Security" (http:/ / www.. EADS. N. (December 1998) Definition of the Differentiated Service Field (DS Field) in the IPv4 and IPv6 Headers (http:/ / tools. and loss of transmitted data between network devices. Jitter may be caused by electromagnetic interference (EMI) and crosstalk with carriers of other signals. [12] Castineyra. D. ietf. Steenstrup. Deering. P. org/ html/ draft-blake-ipv6-flow-label-nonce-02) [8] Borman. J. RFC 1992. e. Neville-Neil.

the sampling frequency is normally assumed to be constant. A successful approach to correction in software involves performing overlapping reads and fitting the data to find overlaps at the edges. The standards-based term is packet delay variation (PDV). Most extraction programs perform seek jitter correction. and is used in manufacturing DVD and CD-ROM discs.Jitter 103 Sampling jitter In conversion between digital and analog signals. the term jitter is often used as a measure of the variability over time of the packet latency across a network. This is a consideration in high-frequency signal conversion. The problem occurs because the Red Book (audio CD standard) does not require block-accurate addressing during seeking. the term is imprecise. These glitches often sound like tiny repeating clicks during playback. Packet jitter in computer networks In the context of computer networks. the extraction process may restart a few samples early or late. Various effects can come about depending on the pattern of the jitter in In telecommunications circuit analysis an Eye diagram shows distortions caused by jitter. A jitter meter is a testing instrument for measuring clock jitter values. If there is jitter present on the clock signal to the analog-to-digital converter or a digital-to-analog converter then the instantaneous signal error introduced will be proportional to the slew rate of the desired signal and the absolute value of the clock error. for this use. . CD manufacturers avoid seek jitter by extracting the entire disc in one continuous read operation using special CD drive models at slower speeds so the drive does not re-seek. However. A network with constant latency has no variation (or jitter). less than a nanosecond of jitter can reduce the effective bit resolution of a converter with a Nyquist frequency of 22 kHz to 14 bits. relation to the signal. Samples should be converted at regular intervals. or where the clock signal is especially prone to interference. seek jitter causes extracted audio samples to be doubled-up or skipped entirely if the Compact Disc drive re-seeks. Compact disc seek jitter In the context of digital audio extraction from Compact Discs. resulting in doubled or omitted samples.[3] PDV is an important quality of service factor in assessment of network performance. Due to additional sector level addressing added in the Yellow Book (CD standard). As a result.[2] Packet jitter is expressed as an average of the deviation from the network mean latency. In some conditions. CD-ROM data discs are not subject to seek jitter.

Absolute units such as picoseconds are more common in microprocessor applications. Period jitter (aka cycle jitter) is the difference between any one clock period and the ideal clock period. jitter distribution is significantly non-Gaussian. and the performance of the circuitry is limited by the average clock period. peak-to-peak measurements are more useful. and different measurement methodology. Since they have different generation mechanisms. it can be thought of as the discrete-time derivative of period jitter. Note that typically. medium. in particular IP networks such as the Internet. there are three commonly used metrics: absolute jitter. Hence. Accordingly. it can be thought of as the discrete-time derivative of absolute jitter. it is usually quantified using the standard deviation of this distribution (aka. Period jitter tends to be important in synchronous circuitry like digital state machines where the error-free operation of the circuitry is limited by the shortest possible clock period. RMS). Units of degrees and radians are also used. If jitter has a Gaussian distribution. . period jitter. Often. synchronous circuitry benefits from minimizing period jitter. and dark blue) meaningful peaks (which is the case in account for about 99. It can be important for some types of clock generation circuitry used in microprocessors and RAM interfaces. different circuit effects.Jitter 104 Phase jitter metrics For clock jitter. In telecommunications. all real jitter). jitter can refer to the variation (statistical dispersion) in the delay of the packets. Absolute jitter is the absolute difference in the position of a clock's edge from where it would ideally be. the reference point for jitter is defined such that the mean jitter is 0. This unit is useful because it scales with clock frequency and thus allows relatively slow interconnects such as T1 to be compared to higher-speed internet backbone links such as OC-192. In networking. the unit used for the above types of jitter is usually the Unit Interval (abbreviated UI) which quantifies the jitter in terms of a fraction of the ideal period of a bit. so that the shortest clock period approaches the average clock period. Many efforts have been made to meaningfully quantify distributions In the normal distribution one standard deviation from the mean (dark blue) accounts for that are neither Gaussian nor have about 68% of the set. it is useful to quantify them separately. Cycle-to-cycle jitter is the difference in length of any two adjacent clock periods.7%. and cycle to cycle jitter. This can occur if the jitter is caused by external sources such as power supply noise. In these cases. while two standard deviations from the mean (medium and dark blue) account for about 95% and three standard deviations (light. All have shortcomings but most tend to be good enough for the purposes of engineering work. Accordingly.

and the bounds can easily be observed and predicted. which has a Gaussian distribution. The central limit theorem states that composite effect of many uncorrelated noise sources. Determistic jitter can either be correlated to the data stream (data-dependent jitter) or uncorrelated to the data stream (bounded uncorrelated jitter). Random jitter typically follows a Gaussian distribution or Normal distribution.6 10−14 Total jitter Total jitter (T) is the combination of random jitter (R) and deterministic jitter (D): in which the value of n is based on the bit error rate (BER) required of the link. For example. Deterministic jitter Deterministic jitter is a type of clock timing jitter or data signal jitter that is predictable and reproducible. according to industry accepted standards. which may have eye openings on the order of 1000 picoseconds. regardless of the distributions. Examples of data-dependent jitter are duty-cycle dependent jitter (also known as duty-cycle distortion) and intersymbol interference. This is extremely small compared to parallel bus architectures with equivalent performance. A common bit error rate used in communication standards such as Ethernet is 10−12. Higher clock frequencies have commensurately smaller eye openings.Jitter 105 Types Random jitter Random Jitter. Another reason for random jitter to have a distribution like this is due to the central limit theorem. T = Dpeak-to-peak + 2× n×Rrms. also called Gaussian jitter. and thus impose tighter tolerances on jitter. approaches a Gaussian distribution. One example of bounded uncorrelated jitter is Periodic jitter. Jitter is measured and evaluated in various ways depending on the type of circuitry under test.7 10−11 7 10−12 7. For example. is unpredictable electronic timing noise. Testing Testing for jitter and its measurement is of growing importance to electronics engineers because of increased clock frequencies in digital electronic circuitry to achieve higher device performance. One of the main differences between random and deterministic jitter is that deterministic jitter is bounded and random jitter is unbounded. The peak-to-peak value of this jitter is bounded.3 10−13 7. modern computer motherboards have serial bus architectures with eye openings of 160 picoseconds or less. Testing of device performance for jitter tolerance often involves the injection of jitter into electronic components with specialized test equipment. jitter in serial bus architectures is measured by means of eye diagrams. It is believed to follow this pattern because most noise or jitter in a electrical circuit is caused by thermal noise. n BER 6. A less .4 10−10 6.

the term packet delay variation is often preferred over jitter. Adaptive de-jittering is usually carried out for audio play-outs that feature a VAD/DTX encoded audio. The maximum jitter that can be countered by a de-jitter buffer is equal to the buffering delay introduced before starting the play-out of the mediastream. They are widely used in clock and data recovery circuits in digital communications. Chen entitled. . For more information. such as waiting-time jitter. as well as for data sampling systems such as the analog-to-digital converter and digital-to-analog converter. see the paper by S. Adaptive de-jittering involves introducing discontinuities in the media play-out. jitter transfer function and jitter generation. thus minimizing the perceptual impact of the adaptation. Examples of anti-jitter circuits include phase-locked loop and delay-locked loop. A dejitterizer is usually ineffective in dealing with low-frequency jitter. compliant systems are required to conform to these standards. that allows the lengths of the silence periods to be adjusted. Filtering A filter can be designed to minimize the effect of sampling jitter. In the context of packet-switched networks. Dejitterizer A dejitterizer is a device that reduces jitter in a digital signal. with the required values for these attributes varying among different applications. the goal of jitter measurement is to verify that the jitter will not disrupt normal operation of the circuitry. Some systems use sophisticated delay-optimal de-jitter buffers that are capable of adapting the buffering delay to changing network jitter characteristics. These are known as adaptive de-jitter buffers and the adaptation logic is based on the jitter estimates computed from the arrival characteristics of the media packets. Ahmed and T. 106 Mitigation Anti-jitter circuits Anti-jitter circuits (AJCs) are a class of electronic circuits designed to reduce the level of jitter in a regular pulse signal. Jitter buffers Jitter buffers or de-jitter buffers are used to counter jitter introduced by queuing in packet switched networks so that a continuous playout of audio (or video) transmitted over the network can be ensured. Minimizing the effects of sampling jitters in wireless sensors networks. Inside digital to analog converters jitter causes unwanted high-frequency distortions. AJCs operate by re-timing the output pulses so they align more closely to an idealised pulse signal. There are standards for jitter measurement in serial bus architectures. The standards cover jitter tolerance. which may appear offensive to the listener or viewer. A dejitterizer usually consists of an elastic buffer in which the signal is temporarily stored and then retransmitted at a rate based on the average rate of the incoming signal.[4] In all cases. Where applicable. In this case it can be suppressed with high fidelity clock signal usage.Jitter direct approach—in which analog waveforms are digitized and the resulting data stream analyzed—is employed when measuring pixel jitter in frame grabbers.

maxim-ic. 1991. IETF (2002) [4] Khvilivitzky. Patrick R.altera. google.phabrix. . Presented at Electronics Components and Technology Conference 2009.com/literature/cp/cp-01048-jitter-resonance.com/en/digital_clocking.com/literature/cp/cp-01055-impact-ssj. Dan H. Eve L.com/QoS/QoS_Jitter.altera. Computer Networks and Internets (http:/ / books.pdf) • An Introduction to Jitter in Communications Systems (http://www.com/literature/cp/cp-01049-jitter-si-verification. 1989.Jitter 107 References  This article incorporates public domain material from the General Services Administration document "Federal Standard 1037C" [1] (in support of MIL-STD-188).cfm/an_pk/377/CMP/WP-35) A Heuristic Discussion of Fibre Channel and Gigabit Ethernet Methods • Jitter in Packet Voice Networks (http://www.cfm/an_pk/1916/ CMP/WP-34) • Jitter Specifications Made Easy (http://www.com/en/US/tech/tk652/tk698/ technologies_tech_note09186a00800945df.ieee. and Their Impact on SSJ (http://www. 476.pdf).voipforo. ISBN 9780136061274. pages 211-237 • Trischitta. sensoray.ppt) (Causes.. Mike P. and Spectroscopic Mechanisms (http://www.00.211 [2] Comer.com) • Miki. php) • Jitter Buffer (http://searchenterprisevoice. com/ support/ pixjiter. Ohtani.pdf). A New Jitter Classification Method Based on Statistical. Physical. Phase-Locked Loop Circuit Design.com/appnotes.techtarget. Jitter in Digital Transmission Systems.com/literature/cp/cp-01052-jitter-classification.maxim-ic. Prentice Hall. IP Packet Delay Variation Metric for IP Performance Metrics (IPPM). • Li.cisco. • Phabrix SxE .pdf).html) .altera. Alexander (2008). • Li. Douglas E. and Varma. Prentice Hall. and Kowalski Jitter Requirements (https://mentor.unh. Hong Shi. Hui. co. Further reading • Wolaver.html) • Definition of Jitter in a QoS Testing Methodology (ftp://ftp.com/sDefinition/0.edu/pub/mplsServices/other/ QoS_Testing_Methodology. Presented at International Test Conference 2008. in/ books?id=tm-evHmOs3oC& pg=PA476).Causes. Iliya.pdf). • Liu. OPD. htm). pp. p.wikibooks.11/dcn/04/ 11-04-1458-00-000n-jitter-requirements. Xiaohong Jiang.antelopeaudio. [3] RFC 3393.shtml) • Clock and data recovery/Introduction/Definition of (phase) jitter (http://en.iol. Artech ISBN 089006248X External links • Jitter in VoIP . solutions and recommended values (http://www. (2008).org/wiki/ Clock_and_data_recovery/Introduction/Definition_of_(phase)_jitter) • Zamek. Jitter and Signal Integrity Verification for Synchronous and Asynchronous I/Os at Multiple to 10 GHz/Gbps (http://www. Pre-Driver PDN SSN. "Pixel Jitter in Frame Grabbers" (http:/ / www. Data Encoding. Mike P. SOC-System Jitter Resonance and Its Impact on Common Approach to the PDN Impedance (http:// www.sid66_gci906844. ISBN 0-13-662743-9.Hand-held Tool for eye and jitter measurement and analysis (http://www. 1991. and Zhe Li. solutions and recommended values for digital audio) • Igor Levin Terms and concepts involved with digital clocking related to Jitter issues in professional quality digital audio (http://www.altera.org/802.en. Presented at International Test Conference 2008. [1] Wolaver.com/appnotes. Retrieved 2008-02-15. . Presented at DesignCon 2009.

The use of 9000 bytes as preferred size for jumbo frames arose from discussions within the Joint Engineering Team of Internet2 and the U. In order to meet this mandatory purchasing criterion. .663 bits. Interrupt-combining Ethernet chipsets. manufacturers have in turn adopted 9000 bytes as the conventional jumbo frame size. and AARNet) support jumbo frames. and without requiring any changes to other stations on the network. interfaces using the standard frame size and interfaces using the jumbo frame size should not be in the same subnet. however. the same amount of data can be transferred with less effort. federal government networks. IETF solutions for adopting Jumbo Frames avoids the data integrity reductions through use of the Castagnoli CRC polynomial being implemented within the SCTP transport (RFC 4960). however.[1] Most national research and education networks (such as Internet2/NLR. Conventionally. jumbo frames can carry up to 9000 bytes of payload. but variations exist and some care must be taken when using the term. Many other vendors also adopted the size. Internet Protocol subnetworks require that all hosts in a subnet have an identical MTU.[2] Adoption The IEEE 802 standards committee does not recognize jumbo frames. when combined with interrupt combining. only 1500 bytes (plus 18 bytes for the frame header and other overhead) must be re-sent to correct the error. which is more than 9 times the length of an Ethernet MTU. can provide effectively all the gains of jumbo frames without the re-send costs.Jumbo frame 108 Jumbo frame In computer networking.S. although this does not reduce the receiver CPU load. The presence of Jumbo frames may have an adverse effect on network latency.3 Ethernet standard. This gives two additional bits of error detection ability at MTU-sized data words compared to the Ethernet CRC standard polynomial while not sacrificing HD=4 capability for data word sizes up to and beyond 72k bits. However. Selection of this polynomial was based upon work documented in the paper "32-Bit Cyclic Redundancy Codes for Internet Applications"[3] . a similar reduction in CPU utilization can be achieved by using TCP segmentation offloading. Thus. At the sender. Jumbo frames gained initial prominence when Alteon WebSystems introduced them in their ACEnic Gigabit Ethernet adapters. each frame requires that the network hardware and software process it. Inception The original 1500-byte payload size for Ethernet frames was used because of the high error rates and low speed of communications.360 bit data word length) and HD=4 to 114. Their recommendation has been adopted by all other national research and education networks.5 Token Ring and 802. jumbo frames are Ethernet frames with more than 1500 bytes of payload. network interface cards capable of jumbo frames require explicit configuration to use jumbo frames. Some Fast Ethernet switches and Fast Ethernet network interface cards support jumbo frames. especially on low bandwidth links. GÉANT. This reduces CPU utilization (mostly due to interrupt reduction) and increases throughput by allowing the system to concentrate on the data in the frames. Many Gigabit Ethernet switches and Gigabit Ethernet network interface cards support jumbo frames. ESnet. The Castagnoli polynomial 0x11EDC6F41 achieves the Hamming Distance HD=6 beyond one Ethernet MTU (to a 16. and work without special consideration and without requiring all stations to support jumbo frames. they did not become part of the official IEEE 802.11 Wireless LAN. and iSCSI (RFC 3720). Zero-copy NICs and device drivers. if one receives a corrupted packet. but most commercial Internet service providers do not. as doing so would remove interoperability with existing Ethernet equipment and other 802 protocols. To reduce interoperability issues. If the frame size is increased. including 802. instead of the frames around the data. As a result. do provide most of the same gain for the receiver.

doi. One of the major impediments toward the adoption of Jumbo Frames has been the inability to upgrade existing Ethernet infrastructure that would be needed to avoid a reduction in the ability to detect errors. [3] "32-Bit Cyclic Redundancy Codes for Internet Applications" (http:/ / www. As it has been a relatively difficult. both at end nodes and intermediate transit nodes. osn. cmu. References [1] "Jumbo/Giant Frame Support on Catalyst Switches Configuration Example" (http:/ / www. since these errors with simple summations tend to be self cancelling. cisco. may take some time. Carnegie Mellon University j. Testing that led to adoption of RFC 3309 compiled evidence based upon simulated error injection against real data that demonstrated as much as 2% of these errors were not being detected. and above. org/ 10. to accommodate the maximum transmission unit (MTU). The main factor involved with an increase in the maximum segment size (MSS) is an increase in the available memory buffer size in all of the intervening persistence mechanisms along the path. The relative scalability of network data throughput as a function of packet transfer rates is related in a complex manner [4] to payload size per packet. Generally. CRC calculations done in software have always resulted in slower performance than that achieved when using simple additive checksums. 1998). As the nodes in general use reciprocating logic to handle the packets. "Catalyst 3750/3560 Series switches support an MTU of 1998 bytes for all 10/100 interfaces" [2] Jeff Caruso (October 22. process to increase the path MTU of high performance national research and education networks from 1518 bytes to 9000 bytes or so. shtml). 2011. com/ news/ 1022alteon. errors generated internal to NICs can be detected as well. 10. ECE Department & ICES. 001) [4] 16 000–64 000 B pMTU experiments with simulation: The case for super jumbo frames at Supercomputing ’05 (http:/ / dx. The main benefit of this is the reduction of the packet rate. the number of machine cycles spent parsing packet headers decreases as the average MSS per packet increases. edu/ ~koopman/ networks/ dsn02/ dsn02_koopman. pdf) by Philip Koopman. and somewhat lengthy. . . html). a subsequent increase. Retrieved 2011-08-22. 1016/ . as found with TCP and UDP. To overcome the performance penalty.Jumbo frame By using a CRC checksum rather than simple additive checksums as contained within the UDP and TCP transports. both provide improved error detection rates despite the use of Jumbo Frames where increase of the Ethernet MTU would have otherwise resulted in a significant reduction in error detection. Both TCP and UDP have proven ineffective at detecting bus specific bit errors. as line bit rate increases. required. Support of Castagnoli CRC polynomial within a general purpose transport designed to handle data chunks. 2006. ece. possibly to 64000 bytes for example. and within a TCP transport designed to carry SCSI data. Intel now offers 1Gb NIC (82576) and 10Gb NIC (X520) that off-load SCTP checksum calculations and Core i7 processors support the CRC32c instruction as part of their new SSE4 vector math instruction set. com/ en/ US/ products/ hw/ switches/ ps700/ products_configuration_example09186a008010edab.[1] Super jumbo frames Super jumbo frames (SJFs) are generally considered to be Internet packets which have a payload in excess of the tacitly accepted jumbo frame size of 9000 bytes. 109 Baby giant frames Baby giants are frames that are only slightly larger than allowed by the IEEE Ethernet standards. networkworld. Cisco. This relationship becomes increasingly important as average network line bit rate increases to 10 gigabits per second. "Alteon still stumping for Jumbo Frames" (http:/ / www. the packet payload size should increase in direct proportion to maintain equivalent timing parameters. Network World. This however implies the covariant scaling of numerous intermediating logic circuits along the network path. Retrieved July 4.

In discussions of jumbograms for Link Layer technologies. (August 1999). by making use of a 32-bit length field.archlinux. however. R. such as the Transmission Control Protocol (TCP) and the User Datagram Protocol (UDP). . The jumbo payload option and the transport-layer modifications are described in RFC 2675. Thus.edu/~mathis/MTU) • IEEE 802. The payload length field of IPv4 and IPv6 has a size of 16 bits.com/content/view/30201/54/ ) • How to Jumbo Frames in Archlinux (http://wiki.Where to use it? (http://sd.php/Jumbo_Frames) Jumbogram In packet-switched computer networks. IETF.html) • Jumbo frames? Yes! (http://www. thus allowing data of up to 65535octets.rutherford-research.html). S. by Selina Lo. Deering. include data size parameters limited to only 16 bits (length.wareonearth.html) • 32-Bit Cyclic Redundancy Codes for Internet Applications (http://www.ca/rrx/hpc/sc05.295 bytes).294. they are often referred to as jumbo frames. in the context of IPv6 a jumbogram is understood as an IPv6 packet carrying a payload larger than 65535octets[1] IPv6 jumbograms An optional feature of IPv6.3as Frame Expansion Task Force (http://www. the designers of IPv6 have provided a protocol extension to permit packets of larger size. 2/23/1998 in NetworkWorld • SJF Supercomputing 2005 Demo (http://www. Alteon Networks.smallnetbuilder.. While IPv4 has no facilities to exceed its theoretical IP MTU limit.. RFC 2675.Jumbo frame 110 External links • Jumbo Frames . a jumbogram (portmanteau of jumbo and datagram) is a packet of any size exceeding the standard Maximum Transmission Unit (MTU) of the underlying network technology at either the Link Layer or the Internet Layer.com/forum/0223jumboyes.edu/~koopman/networks/ dsn02/dsn02_koopman.php) • Pushing up the Internet MTU (http://www. Transport Layer protocols. This theoretical limit for the Internet Protocol (IP) MTU. allows the exchange of packets with payloads of up to one byte less than 4 GiB (232 − 1 = 4.org/index. IPv6 Jumbograms (http:/ / tools.psc. References [1] Borman.pdf) • Need To Know: Jumbo Frames in Small Networks (http://www.ece. urgent data pointer).org/3/frame_study/index. D. Hinden.ieee802.NetworkWorld.com/~phil/jumbo. Historically.cmu. the jumbo payload option. The support for IPv6 jumbograms required a redesign in all Transport Layer protocols. org/ html/ rfc2675). is reached only on networks that have a suitable Link Layer infrastructure. ietf.967.

fast chess is a turn-based game that is fast action and may not tolerate high lag. World of Warcraft. But in general parlance.[6] In general parlance. and the display of the video on a display device) must be low enough that the user perception is that the game is running . server latency or overworked hardware.[5] This can be misleading because there can be other causes for the symptom. Final Fantasy XI. the game must compute the next frame of video and that video frame must be scanned out to a display device. It includes the time to encode the packet for transmission and transmit it. For instance. Adventure Quest Worlds. But. Call of Duty. Lag is also often used in reference to video games to describe to the delay (or latency) between an action by a player and the reaction of the game. allowing for fast local response most of the time.Lag 111 Lag Lag is a common word meaning to fail to keep up or to fall behind. the game execution on the game server. a strategy game or a turn-based game with a low pace may have a high threshold or even be mostly unaffected by high delays. the round-trip lag of all elements of the cloud gaming system (the thin client. some twitch games can be designed such that only events that impact the outcome of the game introduce lag. whereas a twitch gameplay game such as a first-person shooter with a considerably higher pace may require significantly lower delay to be able to provide satisfying gameplay. The term lag is often also used as a synonym for communication latency. the time for that data to traverse the network equipment between the nodes. A minimum bound on latency is determined by the distance between communicating devices and the speed at which the signal propagates in the circuits (typically 70–95% of the speed of light in vacuum).[2] [3] The most common use regards online gaming when the game doesn't respond in sync with the player's controls. Heroes of Newerth. lag is often caused by communication latency. the video and audio compression and decompression. For example. RuneScape. This is also known as "one-way latency".[4] In distributed applications (such as MMORPGs). League of Legends. The game server then renders the next frame of the game video which is compressed using low-lag video compression and is sent downstream and decompressed by the thin client. the round-trip network latency between a client game and the host server is referred to as the client's ping time. The tolerance for lag depends heavily on the type of game. and other traffic. which is the time taken for a sent packet of data to be received at the other end.[4] Lag in cloud gaming Cloud gaming is a type of online gaming where the entire game is hosted on a game server in a data center. video game lag refers to delays that are noticeable to a player. usually due to a slow internet connection. and the time to receive and decode the data. etc. since once an input from the player is received. For the cloud gaming experience to be acceptable. and user tolerance for lag depends highly upon the type of game. the term is used when the application fails to respond in a timely fashion to inputs. the Internet and/or LAN connection the game server. Lag in local video gaming All video games incur some lag. Actual latency is often much higher because of packet processing in networking equipment. incur online lag due to a combination of local and remote processing lag and communications latency. Lag in online multiplayer gaming All online video games such as Minecraft. [1] In real-time applications. similarly as it does for local gaming. and the user is only running a thin client locally that forwards game controller actions upstream to the game server. And. the specific characteristic of the game matter.

com/ browse/ lag) [2] "lag" at wiktionary (http:/ / en.htm) .com/guide/lag.stanford. . 290F/ papers/ claypool-10.[9] Cloud gaming is a very new technology. OnLive. Retrieved 2010-08-27.edu/~cheshire/rants/Latency. Stupid (http://rescomp.reference. External links • The Gamer's Guide from Blues News . net/ reference/ articles/ article712. edu/ ~almeroth/ classes/ W10. the only company thus far operating a cloud gaming service. Eurogamer Digital Foundry. ucsb. . pdf) [4] "Noob Glossary: Ping. 2010-09-06. com/ editorials/ item/ onlive_succeeds_consoles_by_constant_performance_upgrades/ ). eurogamer. pdf/ ). ." (http:/ / www. wiktionary. [8] "The Process of Invention: OnLive Video Game Service" (http:/ / tv. net/ articles/ digitalfoundry-lag-factor-article?page=3/ ). eurogamer. ndia-mich. cs. com/ 2010/ 01/ 21/ beta-testing-at-the-speed-of-light/ ). [12] "OnLive Does What Consoles Can’t: The promise of constant performance upgrades may pull it ahead of today’s consoles.[11] resulting in the assessment in July 2010 that "Out of controlled conditions."[12] 112 References [1] "lag" at dictionary. gamedev.Lag locally. In fact. Retrieved 2010-08-27. to the point where "the actions on screen were one-to-one with my input controls. . according to OnLive.about. org/ downloads/ GVSETS/ GVSETSPapers/ Robotic Systems/ Mitigating the Effects of Time Lags on Driving Performance. For example. but early tests have shown that in practice. Console. [10] "Console Gaming: The Lag Factor" (http:/ / www. . OnLive" (http:/ / www.net (http:/ / www.htm) • It's the Latency. Lag and Servers" (http:/ / www. Retrieved 2010-01-23. onlive. 2010-02-23. PC. net/ articles/ digitalfoundry-vs-onlive-article/ ). [5] What is Lag? at gamedev. [9] "Beta Testing at the Speed of Light" (http:/ / blog. gamezone. ACM. allthingsd. 2009-09-05. I forgot that it wasn't running natively on my PC. Retrieved 2010-08-19. [7] "D8 Video:OnLive demoed on iPad. com/ video-games/ pc/ articles/ 45925. 2010-07-09. reference. 2010-01-21. columbia.html) • Bandwidth and Latency (http://compnetworking. Retrieved 2010-08-27. reviewers reported a steady reductions in lag due to constant improvements in the technology. brighthub. Retrieved 2010-08-27. distance considerations of the speed of light through optical fiber come into play.bluesnews. currently limiting the distance between a user and a cloud gaming game server to approximately 1000 miles. 2010-08-09. .com (http:/ / dictionary. aspx/ ). edu/ videos/ 545/ 60/ 79). Retrieved 2010-08-27. Retrieved 2010-01-23. . . Unreal Tournament 3 incurs up to 133ms of lag on a console[10] and was tested in July 2010 as incurring 150ms in lag on OnLive.com/od/speedtweaks/l/aa021902a. iPhone" (http:/ / video. cloud gaming lag is only slightly higher than local console lag. 2009-12-13. [11] "Digital Foundry vs.[7] [8] Because of such tight lag requirements. Gamezone.[11] In September 2010. The FU Foundation School of Engineering & Applied Science (Columbia University). org/ wiki/ lag) [3] Mitigating the Effects of Time Lags on Driving Performance (robotics) (http:/ / www. Bright Hub!. Wall Street Journal.Lag Section (http://www. asp) [6] "Latency Can Kill: Precision and Deadline in Online Games" (http:/ / www. seas. Eurogamer Digital Foundry. Mac. com/ video/ d8-video-onlive-demo/ 9D57A2C6-24ED-4351-8266-F3F7BA0C4D18/ ). OnLive has managed to get within spitting distance of console response times".

but cannot use the routing database. OSPF's reliable update mechanism is implemented by Link State Update and Link State Acknowledgment packets. For each neighbor. Smart flooding. Link state packet can also be further defined as special datagrams that determine the names of and the cost or distance to any neighboring routers and associated networks. LSPs are queued for transmission. A major procedure called flooding which is used for distributing link state algorithms throughout the routing domain can be implemented with link state packets. ordinary flooding may result in problems. a router then builds a packet containing all the data. In order to make the flooding procedure reliable. followed by a sequence number and age. or changing its properties appreciatively. Multiple link state advertisements can be acknowledged in a single Link State Acknowledgment packet. However. Several link-state advertisement may be included in a single packet. the complex part is determining when to build them. Developing Link State Packets When Information needed for exchange is collected. To make the flooding of link state advertisements reliable. such as a line or neighbor going down or coming back up again. a Link State Acknowledgment packet is sent either to the multicast address AllSPFRouters. The packet starts with the identity of the sender. They must be acknowledged. Link state acknowledgment packet Link State Acknowledgment Packets are OSPF packet type 5. or when some significant event occurs. if a link failure occurs. the delay to that neighbor is given. Link State Update packets are multicast on those physical networks that support multicast/broadcast. on the other hand recognizes link state packets appropriately. Building a link state packet is usually easy. flooded advertisements are explicitly acknowledged. and can be distributed throughout the network. If retransmission of certain advertisements is necessary. One way to reduce this problem is to build them periodically. Depending on the state of the sending interface and the source of the advertisements being acknowledged. flooded advertisements are acknowledged in Link State Acknowledgment packets. or as a unicast. They are used to efficiently determine what the new neighbor is. and must time out at about the same time. This acknowledgment is accomplished through the sending and receiving of Link State Acknowledgment packets. at regular intervals. because it generates exponential behavior. These packets implement the flooding of link state advertisements. and a list of neighbors. that is. the retransmitted advertisements are always carried by unicast Link State Update packets. Link state update packet Link State Update packets are OSPF packet type 4. and the cost of changing a link if the need arises. Each Link State Update packet carries a collection of link state advertisements one hop further from its origin. Types of Link State packets Link state packets are usually implemented with Open Shortest Path First(OSPF) protocol. to the multicast address AllDRouters.Link state packet 113 Link state packet Overview Link State Packet (LSP) is a packet of information generated by a network router in a link state routing protocol that lists the router's neighbors. .

Link state packet 114 References • FireWire system architecture : IEEE 1394a / MindShare. Protocols such as UDP provide no recovery for lost packets. but also in terms of the probability of packet loss…a lost packet may be retransmitted on an end-to-end basis in order to ensure that all data are[sic] eventually transferred from source to destination. Packet loss Packet loss occurs when one or more packets of data travelling across a computer network fail to reach their destination. Acceptable packet loss “The fraction of lost packets increases as the traffic intensity increases. Don Anderson Anderson. packet drop because of channel congestion [1] [2] . performance at a node is often measured not only in terms of delay. voice over IP. NJ : Prentice Hall. Don. Packet loss is distinguished as one of the three main error types encountered in digital communications. faulty [3] networking hardware. Therefore. Effects When caused by network problems. Causes Packet loss can be caused by a number of factors including signal degradation over the network medium due to multi-path fading. the other two being bit error and spurious packets caused due to noise. : Addison-Wesley. Inc. Martha Steenstrup Englewood Cliffs. [5] Packet recovery Some network transport protocols such as TCP provide for reliable delivery of packets. In the event of packet loss. corrupted packets rejected in-transit. This retransmission causes the overall throughput of the connection to drop. lost or dropped packets can result in highly noticeable performance issues or jitter with streaming technologies. 1953Reading. retransmitting missing packets causes the throughput of the connection to decrease. if a transmitted packet is lost. Mass. for Voice over IP traffic. For example. . 1995 • Radia Perlman “Rbridges: Transparent Routing”. c1999 • Routing in communications networks / editor. faulty network drivers or normal routing routines (such as DSR in ad-hoc networks ). and therefore “[m]issing one . This drop in throughput is due to the sliding window protocols used for acknowledgment of received packets. [4] However. [6] Although TCP can recover from packet loss. Infocom 2004. online gaming and videoconferencing. Applications that use UDP are expected to define their own mechanisms for handling packet loss. it will be re-sent along with every packet that had been sent after it. the only effect seen due to the occasional dropped packet is jitter. In certain variants of TCP. In addition to this. packet loss probability is also affected by signal-to-noise ratio and distance between the transmitter and receiver. and will affect all other network applications to a degree. If the latency and the packet loss at the destination hop are acceptable then the hops prior to that one don't matter. it is important to note that packet loss does not always indicate a problem.” [7] The amount of packet loss that is acceptable depends on the type of data being sent. the receiver asks for retransmission or the sender automatically resends any segments that have not been acknowledged.

Kurose. P 30. W. J. P 30. Computer Networking: A Top-Down Approach. Computer Networking: A Top-Down Approach. J. K. P 147. visualland. Computer Networking: A Top-Down Approach. Most basic networking equipment will use FIFO queuing for packets waiting to go through the bottleneck and they will drop the packet if the queue is full at the time the packet is received. (2001). Computer Networking: A Top-Down Approach. nessoft. When given a situation where the amount of content due to be pushed through a connection is growing at a rate greater than it is possible to push through that connection. E. C. New York: Addison-Wesley. & Ross. 115 References [1] [2] [3] [4] [5] [6] [7] [8] Kurose. J. In some connections. which is where the aforementioned packet retransmission schemes are used. New York: Addison-Wesley. [10] Kurose. & Ross. L. Software. C. (2010). [9] Kurose. Kurose. New York: Addison-Wesley. and is related to the erlang unit of measure. K. & Ross. also known as a bottleneck. K. W. Losses between 5% and 10% of the total packet stream will affect the quality significantly. P 282-283 External links • Interactive animation of TCP fast retransmit simulation: packet loss detection and recovery. J. J. K. W. (2010). New York: Addison-Wesley. J. dropping packets when the queue is full is a poor solution for any connection that requires real-time throughput. W. (2010). F. packets may be intentionally dropped in order to slow down specific services for no other reason than to dissuade users from using those services. a single dropped packet could result in losing part of the file. J. K. For this reason. For these types of connections. & Ross. Retrieved 2007-02-25. Computer Networking: A Top-Down Approach. com/ kb/ 24) (HTTP). New York: Addison-Wesley. P 242. F. New York: Addison-Wesley. K. (2010). (2010). P 42-43. . (2010).[9] The TCP protocol is designed with a slow-start connection strategy so that excessive packet loss will cause the sender to throttle back and stop flooding the bottleneck point with data (using perceived packet loss as feedback to discover congestion). "Packet loss or latency at intermediate hops. Boston: Course Technology. Computer Networking: A Top-Down Approach. This type of packet dropping is called tail drop.net/tcp_histrory." (http:/ / www. quality of service and other methods are applied. & Ross. [10] The data packets will be transmitted over a longer duration. J. Computer Networking: A Top-Down Approach. when transmitting a text document or web page. K. Ad-Hoc Networking. Cengage Learning. W. (http://www. packet loss is not necessarily an indication of poor connection reliability or a bottleneck. F.php?simu=tcp_fast_retransmit&protocol=TCP&title=4. Boston: Addison-Wesley. Kurose. & Ross. P501. There are many methods used for determining which packets to drop. & Ross. Packet loss is closely associated with quality of service considerations.”[8] On the other hand. P 602. K. Perkins. then there is no other solution than to drop packets. and Security. Mansfield. Computer Networking from LANs to WANs: Hardware. Kurose.Fast transmit&ctype=1) . However. F. W. New York: Addison-Wesley.Packet loss or two packets every now and then will not affect the quality of the conversation. F. & Antonakos. W. F. (2010). P 30. F. (2010).

References [1] RFC 1812 .Special Use IPv4 Addresses [5] "IANA IPv4 Address Space Registry" (http:/ / www. com/ books?id=On_Hh23IXDUC& pg=PA300).[1] Martian packets commonly arise from IP address spoofing in denial-of-service attacks. org/ assignments/ ipv4-address-space/ ). [4] RFC 5735 . Retrieved 21 April 2011.0.0.0/16. or 192. . ISBN 9781602670006. catb. References [1] Javvin Www Networkdictionary Com (1 March 2007). which is reserved for internal broadcast. • An incoming or outgoing packet with a Bogon source or destination address in an as-yet-unallocated range. or in [5] the future-use range 240.0. Martian packet A Martian packet is an IP packet which specifies a source or destination address that is reserved for special-use by Internet Assigned Numbers Authority (IANA) and cannot actually originate as claimed or be delivered. google.Ingress Filtering for Multihomed Networks [3] "Jargon File: martian" (http:/ / www.255.Mangled packet 116 Mangled packet In computer networking.[2] but can also arise from network equipment malfunction or misconfiguration of a host.0/8. • An incoming packet with a destination address of 255. most invalid packets are easily filtered by modern stateful firewalls. 172. p. Their usage is associated with a type of network attack called a denial-of-service (DoS) attack. • An incoming or outgoing packet whose source or destination address is in the range 127.0. firewalls.255/32.[1] As of 2008.0/8. Network Dictionary (http:/ / books.[1] The name is derived from packet from Mars. Javvin Technologies Inc. which is reserved for loopback within the host. It aims to destabilize the network and sometimes to reveal its available services – when network operators need to restart the disabled ones. Mangled packets can be generated by dedicated software such as nmap or Nessus. .0/12.Requirements for IP Version 4 Routers [2] RFC 3704 .0/4. a place where packets clearly can not originate. or contains code aimed to confuse or disrupt computers. . org/ jargon/ html/ M/ martian. when not participating in a private network.0.0.255.[3] Examples of Martian packets are[4] : • A packet with a source or destination IPv4 address in the ranges 10. html).0. . iana..16.0. routers or any service present on the network. 300. a mangled or invalid packet is a packet—especially IP packet—which either lacks order or self-coherence.168.

A larger MTU also means processing of fewer packets for the same amount of data. the MSS option is established by operating system on the SYN packet during the TCP handshake. a 1500-byte packet. org/ html/ rfc879#section-3). Large packets are also problematic in the presence of communications errors. References [1] RFC 879 (http:/ / tools. ties up a 14. etc. It does not count the TCP header or the IP header. Retrieved 2007-11-28. . tcpipguide. Internetworking with TCP/IP (5E ed. Standards (Ethernet. remain fixed. Each direction of data flow can use a different MSS. per-packet-processing can be a critical performance limitation. "The MSS counts only data octets in the segment. htm Maximum transmission unit In computer networking.). Douglas E. NJ. Section 3. that a computer or communications device can receive in a single TCP segment. Upper Saddle River. (2005-09-20). and therefore in a single IP datagram. Therefore: MSS + Header ≤ MTU Every host is required to be able to handle an MSS of at least 536 bytes. (2006).4k modem for about one second. At a given bit error rate larger packets are more likely to be corrupted. For example. • Kozierok. the maximum transmission unit (MTU) of a communications protocol of a layer is the size (in bytes) of the largest protocol data unit that the layer can pass onwards. Large packets can occupy a slow link for some time. For most computer users.).[1] The IP datagram containing a TCP segment may be self-contained within a single packet. or systems (such as point-to-point serial links) may decide MTU at connect time. for example) can fix the size of an MTU. Corruption of a single bit in a packet requires that the entire packet be retransmitted. Further reading • Comer. the largest allowed by Ethernet at the network layer (and hence over most of the Internet). it does not count the TCP header or the IP header. or it may be reconstructed from several fragmented pieces. either way. MTU parameters usually appear in association with a communications interface (NIC. the MSS limit applies to the total amount of data contained within the final reconstructed TCP segment. USA: Prentice Hall. the resulting higher efficiency means a slight improvement in bulk protocol throughput." [2] http:/ / www. Charles M. such as headers or underlying per-packet delays. page 2. Retransmissions of larger packets take longer.). A larger MTU brings greater efficiency because each packet carries more user data while protocol overheads. ietf. com/ free/ t_TCPMaximumSegmentSizeMSSandRelationshiptoIPDatagra-2. The TCP/IP Guide [2] (3E ed. specified in bytes. serial port. causing greater delays to following packets and increasing lag and minimum latency. In some systems.Maximum segment size 117 Maximum segment size The maximum segment size (MSS) is a parameter of the TCP protocol that specifies the largest amount of data.

For example. using the MTU parameter configured for that interface. Another potential problem is that higher-level protocols may create packets larger than a particular link supports. which has a value of 576 for IPv4[1] and of 1280 for IPv6.5) FDDI At least 1280 [4] [4] [6] 1500 1492 1500-9000 The limit varies by vendor. To get around this issue. various tunneling situations cross the MTU by very little as they add just a header's worth of data. • When the size of most or all packets exceed the MTU of a particular link that has to carry those packets. but each packet now has to be sent in two fragments. This fragmentation process takes place at the IP layer (OSI layer 3) and marks packets it fragments as such. IP allows fragmentation: dividing the datagram into pieces. the whole Ethernet network must have the same MTU. so that the IP layer of the destination host knows it should reassemble the packets into the original datagram. For correct interoperation. While a host will know the MTU of its own interface and possibly that of its peers (from initial handshakes).3) Ethernet Jumbo Frames WLAN (802. 2272 4464 [8] 4352 [4] IP (Internet protocol) DARPA designed the Internet protocol suite to work over many networking technologies. which is 576. Systems must use Path MTU Discovery to find the actual path MTU. but every intermediate router has to do double the work in terms of header parsing and routing decisions. each small enough to pass over the single link that is being fragmented for. it will not initially know the lowest MTU in a chain of links to any other peers. If the network drops any fragment.11) Token Ring (802. the second of which carries very little payload. IPv4 links must be able to forward packets of size up to 68 [4] bytes. each of which may have different sized packets. Jumbo frames are usually only seen in special purpose networks. In certain cases the overhead this causes can be considered unreasonable or unnecessary. This should not be mistaken [5] with the packet size every host must be able to handle. The same amount of payload is being moved.[2] Media Maximum Transmission Unit (bytes) Internet IPv4 Path MTU At least 68 [3] Practical path MTUs are generally higher. Nearly all IP over Ethernet implementations use the Ethernet V2 frame format.including IP headers but excluding headers from lower levels in the protocol stack. This method implies a number of possible drawbacks: • All fragments of a packet must arrive for the packet to be considered received. the entire packet is lost. Notes Internet IPv6 Path MTU Ethernet v2 Ethernet (802. The MTU must not be confused with the minimum datagram size that all hosts must be prepared to accept. The addition is small.Maximum transmission unit 118 Table of MTUs of common media Note: the MTUs in this section are given as the maximum size of IP packet that can be transmitted without fragmentation . almost everything has to be fragmented. Systems may use Path MTU Discovery to find the actual path MTU. [7] Practical path MTUs are generally higher. .

intact. Unfortunately. 1500) and the Path MTU causes Path MTU Discovery to come into effect. to prevent denial-of-service attacks). For example.) . One often detects such blocking in the cases where a connection works for low-volume data but hangs as soon as a host sends a large block of data at a time. in response to various events (load-balancing. Put another way. which may introduce further packet drops before the host finds the new safe MTU. The difference between the MTU seen by end-nodes (e. the path MTU is the largest packet size that can traverse this path without suffering fragmentation. separate from IP's own fragmentation mechanism. to ensure that a 1280-byte IP datagram can be delivered. increasing numbers of networks drop ICMP traffic (e. however. Packetization Layer Path MTU Discovery. RFC 4821. Also. This information allows the source host to reduce its assumed path MTU appropriately. the path from the source address to the destination address often gets modified dynamically. with IRC a connecting client might see the initial messages up to and including the initial ping (sent by the server as an anti spoofing measure). but get no response after that. this does not preclude Data Link Layers with an MTU smaller than IP's minimum MTU from conveying IP data. allowing for an MTU up to 9000 bytes). describes a Path MTU Discovery technique which responds more robustly to ICMP filtering. depending on which part of the network one controls. 119 Path MTU Discovery The Internet Protocol defines the "Path MTU" of an Internet transmission path as the smallest MTU of any of the IP hops of the "path" between a source and destination. One can possibly work around this.g. RFC 1191 (IPv4) and RFC 1981 (IPv6) describe "Path MTU Discovery". in an IP network. with the possible result of making some sites behind badly-configured firewalls unreachable. The Internet Protocol requires that hosts must be able to process IP datagrams of at least 576 bytes (for IPv4) or 1280 bytes (for IPv6). This is because the large set of welcome messages are sent out in packets bigger than the real MTU. which prevents path MTU discovery from working. outages. The process repeats until the MTU becomes small enough to traverse the entire path without fragmentation.Maximum transmission unit • As it is normal to maximize the payload in every fragment. For example. according to IPv6's specification. congestion. for example one can change the MSS (maximum segment size) in the initial packet that sets up the TCP connection at one's firewall.this could result in the path MTU changing (sometimes repeatedly) during a transmission. to the IP layer. a technique for determining the path MTU between two IP hosts. then the link layer MUST provide its own fragmentation and reassembly mechanism. • There is no simple method to discover the MTU of links beyond a node's direct peers. in general as well as when fragmenting. . However. etc. Most Ethernet LANs use an MTU of 1500 bytes (modern LANs can use Jumbo frames.g. border protocols like PPPoE will reduce this. if a particular Data Link Layer physically cannot deliver an IP datagram of 1280 bytes in a single frame. Any device along the path whose MTU is smaller than the packet will drop such packets and send back an ICMP "Destination Unreachable (Datagram Too Big)" message containing its MTU. It works by setting the DF (Don't Fragment) option in the IP headers of outgoing packets. any further fragmentation that turns out to be necessary will increase the overhead even more.

Many network switches have a built-in capability to detect when a device is jabbering and block it until it resumes proper operation.for example: where an ATM (Asynchronous Transfer Mode) network carries IP traffic. or 31 full ATM cells. So in the worst case.Maximum transmission unit 120 ATM backbones. ATM operates at optimum efficiency when packet length is a multiple of 48 bytes. provides a high-speed (up to 1 Gigabit/s) local area network using existing home wiring (power lines. In the case where the user would normally send 1500 byte packets. This is because ATM is sent as a stream of fixed-length packets (known as 'cells'). So the total length of the transmitted data length is 53 * ncells bytes. This gives a total cost of 31*53=1643 bytes transmitted via ATM from a 1478 byte packet passed to PPPoA. an example of MTU tuning Sometimes the demands of efficiency encourage artificially declaring a reduced MTU in software below the true maximum possible length supported .[9] . each of which can carry a payload of 48 bytes of user data with 5 bytes of overhead for a total cost of 53 bytes per cell.hn Data Link Layer accepts data frames of up to 214 bytes (16384 bytes). RFC 2516 prescribes a maximum MTU for PPPoE/DSL connections of 1492: a PPPoE header of 6 bytes. the final cell costing an extra 53 transmitted bytes 47 of which are padding. we obtain a desired optimal reduced MTU figure of 1478 = 31*48-10 taking into account an overhead of 10 bytes consisting of a Point-to-Point Protocol overhead of 2 bytes. use ATM on their internal backbone network. again choosing to fill 31 ATM cells as before. The G. one additional cell is needed to transmit the one last byte of payload. sending between 1489 and 1536 bytes requires an additional fixed cost of 53 bytes transmitted. phone lines and coaxial cables). Taking this figure of 1488 and subtracting from it any overheads contributed by all relevant higher protocols we can obtain a suggested value for an artificially-reduced optimal MTU. In the case of IP sent over ADSL using PPPoA the figure of 1478 would be the total length of the IP packet including IP headers. For the example of IP over DSL connections using PPPoA/VC-MUX. particularly those with a telephony background. 31 completely filled ATM cells carry a payload of 31*48=1488 bytes. and an AAL5 overhead of 8 bytes. Some providers. For this reason. where the total length = (48*n+1) bytes.hn defines a procedure for segmentation that divides the data frame into smaller segments. leaving enough room for a 1488 byte payload. in the form of one extra ATM cell. artificially declaring a reduced MTU in software maximises protocol efficiency at the ATM layer by making the ATM AAL5 total payload length a multiple of 48 bytes whenever possible.hn standard. keeping to a self-imposed reduced MTU of 1478 as opposed to sending IP packets of total length 1500 saves 53 bytes per packet at the ATM layer at a cost of a 22 byte reduction of the length of IP packets. In order to avoid the problem of long data-frames taking up the medium for long periods of time. MTU in other standards The G. This is almost always caused by faulty devices. For example. G. where ncells = the number of required cells of = INT((payload_length+47)/48). Disruption The transmission of a packet on a physical network segment that is larger than the segment's MTU is known as jabber. developed by ITU-T. So in this example.

p." [4] RFC 1191 [5] RFC 791. 3com. p.co.html).expedient. 13 [2] RFC 2460.frozentux. html#TCPMSSTARGET) • Discovering of MTU value (http://help. 13 [3] RFC 791.znep.dslreports. html) [9] 3Com SuperStack Switch Management Guide (http:/ / support. External links • Tweaking your MTU / RWin for Orange Broadband Users (http://www.shtml) via ping and setting it in Microsoft Windows • DrTCP (http://www. "Every internet module must be able to forward a datagram of 68 octets without further fragmentation.com/projects/mturoute.php) – a console utility for debugging mtu problems • MSS Initiative (http://www.com/drtcp) – a utility for optimizing MTU under Microsoft Windows • mturoute (http://www.and.net/mss/) • MTU Path (http://www.Wlan.Wireless.iea-software. p. 1998). com/ infodeli/ tools/ switches/ ss3/ management/ ug/ cli_mg6a.elifulkerson. wireless-center.orangeproblems. htm) • Marc Slemko (January 18. 24. p.Configuration. "Path MTU Discovery and Filtering ICMP" (http://alive. net/ Wireless-Internet-Technologies-and-Applications/ 1925.phildev.Maximum transmission unit 121 References [1] RFC 791.cfm)   MTU discovery tool for IPv4 and IPv6 networks .Optimization Tips (http:/ / www.uk/kitz/) • How to set the TCP MSS value using iptables (http://www.com/~marcs/ mtu/index. "Every internet destination must be able to receive a datagram of 576 octets either in one piece or in fragments to be reassembled. Retrieved 2007-09-02.com/products/mtupath.net/iptables-tutorial/iptables-tutorial." [6] RFC 2460 [7] RFC 6145 [8] Structure of the IEEE 802.11 MAC Frames .net/broadband/mtu_ping_test. 24.wifi.

Congestion collapse generally occurs at choke points in the network. • Because P2P scales very well. packet loss or the blocking of new connections. and fair queueing in devices such as routers. Modern networks use congestion control and network congestion avoidance techniques to try to avoid congestion collapse. • Even on fast computer networks (e. Another method to avoid the negative effects of network congestion is implementing priority schemes. network congestion occurs when a link or node is carrying so much data that its quality of service deteriorates. Network capacity The fundamental problem is that all network resources are limited. particularly when nearby peers are preferred over distant peers. file transmissions by P2P have no problem filling and will fill an uplink or some other network bottleneck.11's CSMA/CA and the original Ethernet. • Denial of service attacks by botnets are capable of filling even the largest Internet backbone network links (40 Gbit/s as of 2007). . phone lines and coaxial cables). or to an actual reduction in network throughput. which provides high-speed (up to 1 Gbit/s) Local area networking over existing home wires (power lines. so that some packets are transmitted with higher priority than others. when little or no useful communication is happening due to congestion.Network congestion 122 Network congestion In data networking and queueing theory. including router processing time and link throughput. but they help to alleviate the effects of congestion for some services. and there are high levels of packet delay and loss (caused by routers discarding packets because their output queues are too full) and general quality of service is extremely poor.g. However: • today's (2006) Wireless LAN effective bandwidth throughput (15-100Mbit/s) is easily filled by a single personal computer. When a network is in such a condition. where the total incoming bandwidth to a node exceeds the outgoing bandwidth. generating large-scale network congestion Congestive collapse Congestive collapse (or congestion collapse) is a condition which a packet switched computer network can reach. Network protocols which use aggressive retransmissions to compensate for packet loss tend to keep systems in a state of network congestion even after the initial load has been reduced to a level which would not normally have induced network congestion. window reduction in TCP. These include: exponential backoff in protocols such as 802. One example of this is the use of Contention-Free Transmission Opportunities (CFTXOPs) in the ITU-T G. with between 10 and 1000 Mbit/s of incoming bandwidth and at most 8 Mbit/s of outgoing bandwidth. An example of this is 802. the backbone can easily be congested by a few servers and client PCs. Typical effects include queueing delay. Connection points between a local area network and a wide area network are the most likely choke points. A third method to avoid network congestion is the explicit allocation of network resources to specific flows. RFC 2914 addresses the subject of congestion control in detail. Thus. A consequence of these latter two is that incremental increases in offered load lead either only to small increases in network throughput. Priority schemes do not solve network congestion by themselves.hn standard. 1 Gbit). it has settled (under overload) into a stable state where traffic demand is high but little useful throughput is available. networks using these protocols can exhibit two stable states under the same level of load.1p. The stable state with low throughput is known as congestive collapse. A DSL modem is the most common small network example.

It should not be confused with flow control. The mathematical expression for optimal rate allocation is as follows. so as to avoid congestive collapse by attempting to avoid oversubscription of any of the processing or link capabilities of the intermediate nodes and networks and taking resource reducing steps. early TCP implementations had very bad retransmission behavior. although many others are possible. called the utility. Cause When more packets were sent than could be handled by intermediate routers. However.Network congestion 123 History Congestion collapse was identified as a possible problem as far back as 1984 (RFC 896. exactly the opposite of what should be done during congestion. while sliding window flow control causes "burstiness" which causes different flows to observe different loss or delay at a given link. Congestion control then becomes a distributed optimisation algorithm for solving the above problem. Let . Theory of congestion control The modern theory of congestion control was pioneered by Frank Kelly. so that each flow sets its own rate. which measures how . Let be the rate of flow and . Each link capacity imposes a constraint. which gives rise to a Lagrange multiplier. when the NSFnet phase-I backbone dropped three orders of magnitude from its capacity of 32 kbit/s to 40 bit/s. the end points sent extra packets that repeated the information lost. The optimal rate allocation then satisfies much benefit a user obtains by transmitting at rate such that The Lagrange dual of this problem decouples. . which prevents the sender from overwhelming the receiver. The sum of these Lagrange multipliers. strictly convex function. Examples of "optimal" rate allocation are max-min fair allocation and Kelly's suggestion of proportional fair allocation. . doubling the data rate sent. such as reducing the rate of sending packets. based only on a "price" signalled by the network. the intermediate routers discarded many packets. Congestion control Congestion control concerns controlling traffic entry into a telecommunications network. be the be the corresponding be an increasing. and be 1 if flow uses link and 0 otherwise. and this continued to occur until end nodes started implementing Van Jacobson's congestion control between 1987 and 1988. This pushed the entire network into a 'congestion collapse' where most packets were lost and the resultant throughput was negligible. dated 6 January). Let capacity of link . who applied microeconomic theory and convex optimization theory to describe how individuals controlling their own rates can interact to achieve an "optimal" network-wide rate allocation. expecting the end points of the network to retransmit the information. When this packet loss occurred. It was first observed on the early Internet in October 1986. Many current congestion control algorithms can be modelled in this framework. with being either the loss probability or the queueing delay at link . vectors and matrix. is the price to which the flow responds. A major weakness of this model is that it assumes all flows observe the same price.

End-to-end flow control mechanisms designed into the end points which respond to congestion and behave appropriately. fairness. independent of congestion. "minimum potential delay" Avoidance The prevention of network congestion and collapse requires two major components: 1. variable-rate links • By the fairness criterion it uses: max-min.Network congestion 124 Classification of congestion control algorithms There are many ways to classify congestion control algorithms: • By the type and amount of feedback received from the network: Loss. proportional. Real-time streaming protocols. must be taken to keep packets from being dropped from streams. sender and receiver need modification. or RED. and random early detection. cheap fiber-optic lines have reduced costs in the Internet backbone. but it was not until Van Jacobson's inclusion of an open source solution in the Berkeley Standard Distribution UNIX ("BSD") in 1988 that good TCP implementations became widespread. The backbone can thus be provisioned with enough bandwidth to keep congestion at the periphery. where the mechanisms described above can handle it. can be troublesome. delay. Fortunately. sender. lossy links. the congestion lifts and good use of the network occurs. • By the aspect of performance it aims to improve: high bandwidth-delay product networks. special measures. single-bit or multi-bit explicit signals • By incremental deployability on the current Internet: Only sender needs modification. but progressively slow the rate that information is repeated. Protocols built atop UDP must handle congestion in their own way. The most common router mechanisms used to prevent congestive collapses are fair queueing and other scheduling algorithms. Congestion in the Internet backbone is very difficult to deal with. congestion in pure datagram networks must be kept out at the periphery of the network. 2. advantage to short flows. where packets are randomly dropped proactively triggering the end points to slow transmission before congestion collapse actually occurs. Some end-to-end protocols are better behaved under congested conditions than others. Fair queueing is most useful in routers at choke points with a small number of connections passing through them. have any congestion control mechanism. such as quality-of-service routing. A mechanism in routers to reorder or drop packets under overload. and the end points all get a fair share of the available bandwidth. have this property. The correct end point behaviour is usually still to repeat dropped information. Larger routers must rely on RED. Protocols atop UDP which transmit at a fixed rate. UDP does not. receiver and routers need modification. including many Voice over IP protocols. Provided all end points do this. In general. The first TCP implementations to handle congestion well were developed in 1984. in itself. . Other strategies such as slow-start ensure that new connections don't overwhelm the router before the congestion detection can kick in. only router needs modification. TCP is perhaps the best behaved. Thus.

Active Queue Management (AQM) Purpose "Recommendations on Queue Management and Congestion Avoidance in the Internet" (RFC 2309[7] ) states that: • • • • Fewer packets will be dropped with Active Queue Management (AQM). weighted random early detection (WRED) could be used if available. 50% (lower threshold) filled and deletes linearly more or (better according to paper) cubical more [10] up to e. Robust random early detection (RRED) Robust Random Early Detection (RRED) algorithm was proposed to improve the TCP throughput against Denial-of-Service (DoS) attacks. [1] TCP/IP congestion avoidance The TCP congestion avoidance algorithm is the primary basis for congestion control in the Internet. The link utilization will increase because less TCP global synchronization will occur. losses. even without flow-based RED or WRED. Recent Publications in low-rate Denial-of-Service (DoS) attacks [12] . time.g. or delays (see Quality of Service) in order to adjust the transmit speed.this is called TCP global synchronization. generally watch for packet errors. There are many different network congestion avoidance processes. The connection bandwidth will be more equally shared among connection oriented flows. [2] [3] [4] [5] [6] Problems occur when many concurrent TCP flows are experiencing port queue buffer tail-drops. when the average queue buffer lengths are more than e. Experiments have confirmed that the existing RED-like algorithms are notably vulnerable under Low-rate Denial-of-Service [4] (LDoS) attacks due to the oscillating TCP queue size caused by the attacks [11] . since there are a number of different trade-offs available. RED indirectly signals to sender and receiver by deleting some packets.g. The average queue buffer lengths are computed over 1 second at a packets. All flows that experience port queue buffer tail-drop will begin a TCP retrain at the same moment . e. particularly Low-rate Deinal-of-Service (LDoS) attacks. Random early detection [8] [9] On network One solution is to use random early detection (RED) on network equipments port queue buffer. By keeping the average queue size small. equipment ports with more than one queue buffer. 100% (higher threshold). such as the widely-used TCP protocol.g. Then TCP's automatic congestion avoidance is not enough. queue management will reduce the delays and jitter seen by flows.Network congestion 125 Practical network congestion avoidance Implementations of connection-oriented protocols. RRED algorithm can significantly improve the performance of TCP under Low-rate Denial-of-Service attacks [11] .

By using a device to reduce the window advertisement. e. this method. an ECN bit is used to signal that there is explicit congestion. graphic or web page. but it requires explicit support by both hosts to be effective. [15] [16] TCP Window Shaping Congestion avoidance can also efficiently be achieved by reducing the amount of traffic flowing into a network. Cisco AQM: Dynamic buffer limiting (DBL) Cisco has taken a step further in their Catalyst 4000 series with engine IV and V. It ensures that no flows fill the port queues for a long time. More information on the status of ECN including the version required for Cisco IOS. 3G or other networks with a radio layer to have poor throughput in some cases since wireless networks are susceptible to data loss due to interference. This technique can reduce congestion in a network by a factor of 40. rather than ignoring the bit. Engine IV and V has the possibility to classify all flows in "aggressive" (bad) and "adaptive" (good). the remote servers will send less data. The TCP connections running over a radio based physical layer see the data loss and tend to believe that congestion is occurring when it isn't and erroneously reduce the data rate sent. it usually advertises a "window" of between 32K and 64K.[8] one of the authors of ECN. The sender then ought to decrease its transmission bandwidth. A policy could divide the bandwidth among all flows by some criteria. This is better than the indirect packet delete congestion notification performed by the RED/WRED algorithms. this causes WiFi.Network congestion Flowbased-RED/WRED Some network equipment are equipped with ports that can follow and measure each flow (flowbased-RED/WRED) and are hereby able to signal to a too big bandwidth flow according to some QoS policy. With Another approach is to use IP ECN. 126 When a router receives a packet marked as ECN capable and anticipates (using RED) congestion.g. it will set an ECN-flag notifying the sender of congestion. This results in the server sending a full window of data (assuming the file is larger than the window). thus reducing the congestion and allowing traffic to flow more freely. [14] Some outdated or buggy network equipment drops packets with the ECN bit set. DBL can utilize IP ECN instead of packet-delete-signalling. by decreasing the tcp window size (sending rate) or by other means. This is true in nearly all cases. Side effects of congestive collapse avoidance Radio links The protocols that avoid congestive collapse are often based on the idea that data loss on the Internet is caused by congestion. errors during transmission are rare on today's fiber based Internet. IP ECN [13] ECN is only used when the two hosts signal that they want to use it. . by Sally Floyd. this data creates a congestion point at an upstream provider by flooding the queue much faster than it can be emptied. When an application requests a large file. When there are many applications simultaneously requesting downloads. However.

edu/ 484335. org/ xpl/ freeabs_all. edu/ bagal99comparative. pp.. psu. psu.1(4): pp. vol. Ref (http:/ / ieeexplore. Karels. html) (1993). 14. org/ floyd/ red. 1988 . html) [15] Active Queue Management (http:/ / www. 489-491. Compared to the original linear drop function applicability is extended by far. Random Early Detection Gateways for Congestion Avoidance (http:/ / citeseer. edu/ 462978. jsp?arnumber=5456075) [12] http:/ / sites. cisco. icir. 6 January 1984 • Introduction to Congestion Avoidance and Control (http://ee. ist.TCP Increasing TCP's Initial Window [6] TCP Congestion Avoidance Explained via a Sequence Diagram (http:/ / www. eventhelix. This paper originated many of the congestion avoidance algorithms used in TCP/IP. Stanford. ist-mobydick. and would open and close the connection for each file requested. Invented Random Early Detection (RED) gateways. [3] RFC 2001 . html) [9] Sally Floyd. and Fast Recovery Algorithms [4] RFC 2581 . com/ site/ cwzhangres/ home/ files/ RREDRobustREDAlgorithmtoCounterLow-rateDenial-of-ServiceAttacks. 1988. Karels. Jianping Yin. and Weifeng Chen. Congestion Avoidance. 2010. This kept most connections in the slow start mode. which resulted in poor response time. ist. psu. Van Jacobson.ietf.Our example with realistic system parameters gives an approximation function of the cubic of the queue size. com/ univercd/ cc/ td/ doc/ product/ lan/ cat4000/ 12_1_19/ config/ qos. edu/ lee00tcp.ietf." [11] Changwang Zhang. html) [2] Van Jacobson.. psu. com/ site/ cwzhangres/ home/ posts/ recentpublicationsinlow-ratedosattacks [13] RFC 3168 . pdf) [7] RFC 2309 . ECN and TCP Rate Control (1999) (http:/ / citeseer. Clarence Filsfils (Morgan Kaufmann.April 1998: Recommendations on Queue Management and Congestion Avoidance in the Internet [8] Sally Floyd: RED (Random Early Detection) Queue Management (http:/ / www.. August. Congestion Avoidance and Control (http:/ / citeseer. htm#1271743) [16] Enabling Dynamic Buffer Limiting (http:/ / www.pdf). htm#1271759) • "Deploying IP and MPLS QoS for Multiservice Networks: Theory and Practice" by John Evans. vol. ist. RRED: Robust RED Algorithm to Counter Low-rate Denial-of-Service Attacks (http:/ / sites. Van Jacobson and Michael J. However.org/html/rfc2914) . Sally Floyd. google..314–329. pdf) Quote: ".gov/papers/congavoid.org/html/rfc896) . modern browsers either open multiple connections simultaneously or reuse one connection for all files requested from a particular web server. html) (1988). Proceedings of the Sigcomm '88 Symposium. ISBN 0-12-370549-5) • RFC 2914 (http://tools. ist. Fast Retransmit. IEEE Communications Letters. To avoid this problem. no parameters are to be adjusted. 2007. ieee. John Nagle. com/ univercd/ cc/ td/ doc/ product/ lan/ cat4000/ 12_1_19/ config/ qos.The Addition of Explicit Congestion Notification (ECN) to IP [14] Comparative study of RED.lbl.TCP Congestion Control [5] RFC 3390 .Network congestion Short-lived connections The slow-start protocol performs badly for short-lived connections. and many connections never get out of the slow-start regime. [10] An Analytical RED Function Design Guaranteeing Stable System Behavior (http:/ / www."Congestion Control in IP/TCP". 2000 • RFC 896 (http://tools. vol. September.The advantage of this function lies not only in avoiding heavy oscillations but also in avoiding link under-utilization at low loads.18(4): pp. 127 References [1] TCP Tunnels: Avoiding Congestion Collapse (2000) (http:/ / citeseer. google. org/ publications/ aqm_iscc2003.. significantly increasing latency. cisco. Zhiping Cai. com/ RealtimeMantra/ Networking/ TCP_Congestion_Avoidance. Michael J. IEEE/ACM Transactions on Networking. Older web browsers would create many consecutive short-lived connections to the web server. CA. November.. the initial performance can be poor. The applicability of the derived function is independent of the load range.Congestion Control Principles.397–413.TCP Slow Start. pdf?attredirects=0).

Arjan Durresi.cse. On the Evolution of End-to-end Congestion Control in the Internet: An Idiosyncratic View (http:// www. washington. Raj Jain.html) • TCP congestion control simulation: Fast recovery (http://www. S.edu/Homepages/shivkuma/research/cong-papers.ccs.duth.org/tfrc/) • AIMD-FC Homepage (http://www.neu.visualland.Network congestion 128 Books • "Deploying IP and MPLS QoS for Multiservice Networks: Theory and Practice" by John Evans.icir.com/q/queuing. using fluid flow based TCP model" (http://www.edu/talks/workshops/10-22-24.html) • Explicit Congestion Notification Homepage (http://www. Hitay Ozbay.google. ISBN 0-12-370549-5) External links • Nagle.html) • Sally Floyd.aciri.org/floyd/red. August 1999) • Sally Floyd. Clarence Filsfils (Morgan Kaufmann. J.edu/home/ladrian/abstract/aimdfc.rpi.org/floyd/ecn.wustl.gr/~emamatas/jie2007. 2007.html) • TFRC Homepage (http://www.edu/homes/ratul/red-pd/) • A Generic Simple RED Simulator for educational purposes by Mehmet Suzen (http://code.umn.99/floyd/floyd.net/tcp_histrory.pdf) (IMA Workshop on Scaling Phenomena in Communication Networks. Ratul Mahajan.cs. RFC 2914: Congestion control principles (2000) • Floyd.html) (IEEE/ACM Transactions on Networking.Fast recovery&ctype=1) .html) • Random Early Detection Homepage (http://www. RFC 896: Congestion control in IP/TCP internetworks (1984) • Floyd.pdf) • Papers in Congestion Control (http://www.ecse.linktionary. org/floyd/end2end-paper. and K. Mukundan Sridharan.icir. S. Fall. php?simu=tcp_fast_recovery&protocol=TCP&title=5.ima.com/p/ guduz/) • Approaches to Congestion Control in Packet Networks (http://utopia.icir.edu/ ~jain/papers. David Wetherall: RED-PD: RED with Preferential Dropping (http://www. " Guidelines for optimizing Multi-Level ECN.html) • Pierre-Francois Quet. October 1999) (pdf format) • Linktionary term: Queuing (http://www. Promoting the Use of End-to-End Congestion Control in the Internet (http://www. Sriram Chellappan.

This proposal was published by Sandhu.S.. [2] References [1] Sandhu. gov/ groups/ SNS/ rbac/ documents/ ferraiolo-kuhn-sandhu-07. gov/ rbac/ sandhu-ferraiolo-kuhn-00. Ferraiolo.F. NIST made revisions and proposed a U.gov/groups/SNS/rbac/index. national standard for RBAC through the INCITS. and Kuhn [1] and presented at the ACM 5th Workshop on Role Based Access Control. [2] Ferraiolo.org) (INCITS web site) . pp.R.173. Following debate and comment within the RBAC and security communities. "The NIST Model for Role Based Access Control: Toward a Unified Standard" (http:/ / csrc. and Sandhu. IEEE Security & Privacy (IEEE Press) 5 (6): 51–53. It is managed by INCITS committee CS1. the standard received ballot approval and was adopted as INCITS 359-2004.. and Kuhn. Coyne. . NIST called for a unified standard for RBAC. Ferraiolo. and Kuhn later published an explanation of the design choices in the model.nist. the standard was adopted and is copyrighted and distributed as INCITS 359-2004 by the International Committee for Information Technology Standards (INCITS).1109/MSP. D. D. 47–63. External links • (http://csrc. pdf) (PDF). (July 2000). D. R.2007. Kuhn. . History In 2000. pdf) (PDF). Although originally developed by the National Institute of Standards and Technology.R. doi:10..F.html) (NIST RBAC web site) • (http://incits. and Youman (1996). (Nov/Dec 2007).NIST RBAC model 129 NIST RBAC model The NIST RBAC model is a standardized definition of role based access control. integrating the RBAC model published in 1992 by Ferraiolo and Kuhn with the RBAC framework introduced by Sandhu. nist. Feinstein. Sandhu. "RBAC Standard Rationale: comments on a Critique of the ANSI Standard on Role Based Access Control" (http:/ / csrc. 5th ACM Workshop Role-Based Access Control. Ferraiolo. nist. In 2004. R. D.

However. was converted into a plug-in and integrated into a new version of the product called EtherPeekNX. which added support for 802.[4] Extensibility OmniPeek has API's on the front-end for automation. It was later ported to Windows. History WildPackets. It is used for network troubleshooting and protocol analysis. and as a hardware network recorder appliance.[2] Acquisitions WildPackets acquired Net3 Group in November 2000. Decoders: The most notable of these are the protospecs and decoder files. It was a protocol analyzer for ethernet networks. without releasing new versions of the application. and add knowledge of completely new protocols. NetFlow. Inc. was founded in 1990 by Mahboud Zabetian and Tim McCreery. the OmniEngine Distributed Capture Engine was released as software. These plug-in wizards make it easy and . Cisco AP's.[6] Plugin Wizards: The Plugin Wizards for both the OmniPeek Console and the OmniEngine are Microsoft Visual Studio Project Templates that generate working plug-ins.com [1] OmniPeek is a packet analyzer software tool from WildPackets Inc. AiroPeek was released.[3] WildPackets acquired Optimized Engineering Corporation in 2001.. Aruba AP's. there are remote adapters to capture from RMON. In 2001. NetSense. These plug-ins range from simple logging extensions to full-blown applications that are hosted by OmniPeek.wildpackets. a dialog appears providing options for different types of functionality that sample code will be generated for. It supports a plugin API.OmniPeek 130 OmniPeek OmniPeek Developer(s) WildPackets Operating system Windows Type Website Packet analyzer www. the company survived the fire. SFlow. In 2003. which are interpreted text files that can be extended by the user to enhance the display and analysis of existing protocols. the WildPackets' building in Walnut Creek California completely burnt to the ground. When the wizard is run. 2002. API's on the back-end for analysis. as well as other mechanisms to extend and enhance the program. and called EtherPeek. which was released in 1997. and linux boxes. the user is left with a working plugin with entry points for adding application logic.. Remote Adapters: Adapters provide a means to capture packets and stats from various sources. Their product. The first product by WildPackets was written for the Mac. Currently. an expert system for network troubleshooting.[5] Plug-ins: There are over 40 different plug-in's available for the OmniPeek Platform. Adapters are also available to aggregate packets from multiple network segments and wireless channels at the same time. On the morning of July 15.11 wireless networks. Optimized network analysis training courses and instructors were added to WildPackets services. When the wizard is complete.

[5] "An Open API Sets WildPackets Apart" (http:/ / windowsitpro. bizjournals. html). com/ products/ distributed_network_analysis/ omnipeek_network_analyzer [2] "WildPackets Survives Fire" (http:/ / www. . 2001-01-31. cnet.Save and query packets from a database PeekPlayer Plugin . Retrieved 2009-07-23. adapters. MyPeek: The MyPeek Community Portal is a website dedicated to the extension of OmniPeek.4" (http:/ / download. and expertise for those interested in extending OmniPeek themselves. . . wildpackets. scripts.0. Retrieved 2009-07-23. .Decode packets WatchMe Plugin ." (http:/ / www. [7] "WildPackets Launches MyPeek Community Portal" (http:/ / www. . thefreelibrary.Display instant message screen names and chat WebStats Plugin .stream packets from Aruba Networks Air Monitors References [1] http:/ / www.stream packets from Cisco Access Points Aruba Remote Adapter Plugin . -a0179645388). internetnews. com/ WildPackets+ Launches+ MyPeek+ Community+ Portal. [8] "PlaceMap 1. html). 2000-11-20. . Retrieved 2009-07-23.stream packets from any machine with SSH and tcpdump Cisco Remote Adapter Plugin . php/ 1433881). [4] "WildPackets to Acquire Optimized Engineering Corporation. com/ wireless/ article. [6] "Throwin' Down The Decoder Gauntlet!" (http:/ / blog.Send packet an adapter or a capture window PowerBar Plugin . Retrieved 2009-07-23. . html). Retrieved 2009-07-23.Construct and display web pages from packets IM Plugin . and is uses the peek driver API to capture packets. It provides plug-in's. com/ eastbay/ stories/ 2000/ 11/ 20/ daily2. html).Map nodes to a Google Map[9] SQLFilter Plugin .Write scripts that process packets Decoder Plugin . and various levels of support for the different plug-ins posted there. [3] "WildPackets to buy Net3" (http:/ / eastbay. wildpackets. . tools. com/ 2008/ 05/ throwin-down-the-decoder-gauntlet.[8] 131 Example Plugins • • • • • • • • • • • • Google Map Plugin . Expands Protocol Analysis Training and Services. html). Business Wire. Retrieved 2009-07-23. com/ article/ articleid/ 95726/ an-open-api-sets-wildpackets-apart. Retrieved 2009-07-23.[7] PlaceMap: is a freely available standalone Google Maps Packet sniffer application for Windows that captures network traffic and maps nodes to the Google Map.0. redorbit. [9] "WildPackets Offers Free Google Map Plug-In" (http:/ / www.OmniPeek quick to develop extensions to OmniPeek. com/ news/ technology/ 575128/ wildpackets_offers_free_google_map_plugin/ index. Retrieved 2009-07-23. .Display web sites in real-time from URL's Browser Plugin . PlaceMap is a notable example of extensibility in that it uses exactly the same Google Map plugin that is also available for the OmniPeek. com/ coms2/ summary_0286-10587967_ITM).Collect and report web statistics Remote TCPDump Adapter Plugin . com/ PlaceMap/ 3000-2085_4-10588141. accessmylibrary.

Bare.networkworld.0 (http://www. T. Packet Reordering Metrics. April 23. External links • RFC 4737. J.1. Piratla. Perser. 19 Aug 2006. June 2008 • http://kb. S. Banka. A. out-of-order delivery is the delivery of data packets in a different order from which they were sent. 22. by Dave Bailey.com/reviews/2008/031008-voip-analysis-tools-test.geant.uk/networkitweek/software/2161896/packet-inspector-offers-simple) • Network World. G. Morton. N. Packet reordering is a common behavior in real-world networks.net/PERTKB/PacketReordering • http://www-iepm. Rand Dvorak (http://www. WildPackets' latest OmniPeek tool makes it easier to inspect traffic and troubleshoot networks. 2006: Review of WildPackets' OmniPeek. co.networkworld. One of the functions of TCP is to prevent the out-of-order delivery of data. Ramachandran.com/en/US/tech/tk722/tk809/technologies_tech_note09186a008063e5de. March 10. Robert Tarpley (http://www.html) • Network World . By Anthony Mosco.networkworld. 2008: Clear Choice Test VoIP analysis tools. 2006: LWAPP Decodes Enablement on WildPackets OmniPeek and EtherPeek 3. Tested: WildPackets OmniPeek Enterprise 4. A. Whitner. 18. L. Out-of-order delivery can be caused by packets following multiple paths through a network.edu/monitoring/reorder/ .com/reviews/2007/042307-wireless-lan-test-omnipeek. or via parallel processing paths within network equipment that are not designed to ensure that packet ordering is preserved. R. Robert Smithers.com/reviews/2006/091806-voip-test-analysis-wildpackets. Improved Packet Reordering Metrics. Sept. By Tom Henderson.html?nlhttest=ts_031108& nladname=031108producttestal) • Cisco Website. Jayasumana. 2007: WLAN analyzers: WildPackets' OmniPeek For Windows 4.cisco. Ciavattone. Shalunov.pert.OmniPeek 132 External links • Official website (http://www.stanford. html) • IT Week. Network IT Week.0 Software (http://www. shtml) Out-of-order delivery In computer networking.wildpackets. Mar. A. November 2006 • RFC 5236. By Rob Smithers of Miercom (http:// www.slac. either by reassembling packets into order or forcing retries of out-of-order packets.com) • Network World.itweek.

This allows historical forensic analysis of packets without the user having to recreate any fault. decodes the packet's raw data. protocol analyzer or sniffer. automatically detect errors. depending on the network structure (hub or switch). Some protocol analyzers can also generate traffic and thus act as the reference device. one can capture traffic on all or just parts of the network from a single machine within the network. others don't. Packet analyzer A packet analyzer (also known as a network analyzer. On wired broadcast and wireless LANs. To see those packets. The captured information is decoded from raw digital form into a human-readable format that permits users of the protocol analyzer to easily review the exchanged information.[2] On wireless LANs. Protocol Analyzers can also be hardware based. headers. whose purpose is to mirror all packets passing through all ports of the switch when systems (computers) are connected to a switch port. To use a network tap is an even more reliable solution than a monitoring port since taps are less likely to drop packets during high traffic loads. an Ethernet sniffer or wireless sniffer) is a computer program or a piece of computer hardware that can intercept and log traffic passing over a digital network or part of a network.Packet aggregation 133 Packet aggregation In a packet-based communications network. generate timing diagrams.[1] As data streams flow across the network. and may also have the ability to deliberately introduce errors to test for the DUT's ability to deal with error conditions. Capabilities On wired broadcast LANs. etc. however. For network monitoring purposes it may also be desirable to monitor all data packets in a LAN by using a network switch with a so-called monitoring port. or for particular types of networks. which provides a way to create a high-speed (up to 1 Gigabit/s) Local area network using existing home wiring (power lines. even if the adapter is in promiscuous mode. . some sniffers support this. cyclic redundancy check. phone lines and coaxial cables). On wireless LANs. packet aggregation is the process of joining multiple packets together into a single transmission unit.) or where the expected packet size is small compared to the maximum amount of information that can be transmitted. showing the values of various fields in the packet.g. these can act as protocol testers. These devices record packets (or a slice of the packet) to a disk array. packet aggregation may be responsible for joining multiple MSDUs into a single MPDU that can be delivered to the physical layer as a single unit for transmission. either in probe format. there are some methods to avoid traffic narrowing by switches to gain access to traffic from other systems on the network (e. In a communication system based on a layered OSI model. Packet aggregation is useful in situations where each transmission unit may have significant overhead (preambles. or as is increasingly more common combined with a disk array. in order to reduce the overhead associated with each transmission. is an example of a protocol that employs packet aggregation to increase efficiency. The ITU-T G. and broadcast traffic. the sniffer captures each packet and. to capture traffic other than unicast traffic sent to the machine running the sniffer software. determine the root causes of errors. Protocol analyzers vary in their abilities to display data in multiple views. and analyzes its content according to the appropriate RFC or other specifications. Such testers generate protocol-correct traffic for functional testing. the adapter must be in monitor mode. multicast traffic sent to a multicast group to which that machine is listening. etc. one can capture traffic on a particular channel.hn standard. the network adapter being used to capture the traffic must be put into promiscuous mode. if needed. packets not for the service set for which the adapter is configured will usually be ignored. ARP spoofing).

proxy) Notable packet analyzers For a more comprehensive list. see Comparison of packet analyzers. • • • • • • • • • • • • • • • • • • • • • Capsa Cain and Abel dSniff Justniffer ettercap Microsoft Network Monitor ngrep Network Grep snoop tcpdump Wireshark (formerly known as Ethereal) Carnivore (FBI) Clarified Analyzer Congruity Inspector Software Fluke Lanmeter NetScout nGenius Infinistream NetScout Sniffer Global Analyzer NetScout Sniffer Portable Professional Analyzer Network Instruments Observer Niksun NetDetector OPNET Technologies ACE Analyst SkyGrabber .Packet analyzer 134 Uses The versatility of packet sniffers means they can be used to: • • • • • • • • • • • • • • • • • • • Analyze network problems Detect network intrusion attempts Detect network misuse by internal and external users Documenting regulatory compliance through logging all perimeter and endpoint traffic Gain information for effecting a network intrusion Isolate exploited systems Monitor WAN bandwidth utilization Monitor network usage (including internal and external users and systems) Monitor data-in-motion Monitor WAN and endpoint security status Gather and report network statistics Filter suspect content from network traffic Serve as primary data source for day-to-day network monitoring and management Spy on other network users and collect sensitive information such as passwords (depending on any content encryption methods which may be in use) Reverse engineer proprietary protocols used over the network Debug client/server communications Debug network protocol implementations Verify adds. access control. Spam filter. moves and changes Verify internal control system effectiveness (firewalls. Web filter.

colasoft. Law of Internet Security and Privacy. php?page=Multi-Tap_Network_Packet_Capturing) • How to Deploy a Packet Analyzer under Different Network Environment (http://www.org/Computers/Software/Networking/Network_Performance/ Protocol_Analyzers//) at the Open Directory Project • How-to Packet Sniff (http://www.28.29. EtherPeek) 135 References [1] Kevin J. NETRESEC Network Security Blog.Packet analyzer • WildPackets OmniPeek (old name AiroPeek. ITU-T (Triple-X PAD) The structure of a PAD is defined by the ITU-T in recommendations X. External links • Protocol Analyzers (http://www.com/pages/current/ ProfessionalCPA.robertgraham.25 (packet-switching) network or host computer.com/support/ installation. pp. ISBN 978-0735542730. The X.html) by Robert Graham • Video Tutorials on Sniffer Programming using Raw Sockets (http://security-freak.29 defines the DTE-P (packet mode) interface to a PAD.3.3 parameters are similar in function to present day Telnet options.irongeek. this is referred to as a Triple-X PAD. X. character echo. Connections are established using X. a bit like (but not at all compatible with) Hayes modem commands.aesclever. including the commands for making and clearing down connections. i. com/ ?page=Blog& month=2011-03& post=Sniffing-Tutorial-part-1---Intercepting-Network-Traffic).Intercepting Network Traffic" (http:/ / www. 131. Sometimes. X.25 packets (assembly).pdf) • The Making of a Professional cTrace Packet Analyzer (http://www. for a connection to an X. [2] "Sniffing Tutorial part 1 .28 defines the DTE-C (asynchronous character mode) interface to a PAD.e.networksecuritytoolkit. A PAD also does the reverse.Use Packet Sniffers. et al. Retrieved 2011-03-13. .html) • A Quick Intro to Sniffers (http://www.25 packets. and X. Many commercial PAD products provided completely different enhanced user interfaces.121 14-digit X. X. netresec. Connolly (2003).3 parameters. Aspen Publishers.php?page=security/AQuickIntrotoSniffers) • Multi-Tap Network Packet Capture (http://www.pdf) • Packet Sniffing FAQ (http://web.net/raw-sockets/ raw-sockets. it takes data packets from packet-switching network or host computer and returns them into a character stream that can be sent to the terminals (disassembly).org/web/20050221103207/http://www. . A FRAD (Frame Relay Assembler/Disassembler) is a similar device for accessing Frame Relay networks.3 specifies the parameters for terminal-handling functions such as line speed. 2011-03-11.com/publications/howto_EN/HowTo . and manipulating the X.25 host. X.archive.dmoz. abbreviated PAD is a communications device which provides multiple asynchronous terminal connectivity to an X.org/nst/tools/wiki-redirect. flow control.evilfingers.com/i. due to the three X series recommendations which define it.25 addresses. how the PAD encapsulates characters and control information in X. It collects data from a group of terminals and places the data into X. The commands were very crude.com/pubs/ sniffing-faq.php) Packet Assembler/Disassembler A packet assembler/disassembler.

ITP predated Triple-X. ITP ITP (Interactive Terminal Protocol) was an early PAD protocol for use over X.Packet Assembler/Disassembler 136 Green Book PAD One of the UK Coloured Book protocols. org. de/ produkte/ ta/ taomega [2] http:/ / www. also defines two PAD protocols. tdt. Products • Das Multiprotokoll-Talent mit zwei ISDN und vier Benutzerschnittstellen [1] External links • ITP: Protocols in the SERC/NERC Network" [2] References [1] http:/ / www. Green Book is sufficiently similar to X. Although not identical to Triple-X. Green Book also specifies TS29. which is another of the Coloured Book protocols. uk/ ca/ technology/ networking/ p001. a very similar protocol which ran over the Yellow Book Transport Service. chilton-computing.3 and X. although it eventually gave way to Triple-X.25 developed in the 1970s for use with UK GPO's EPSS (Experimental Packet Switching System. and is a completely different protocol. the predecessor of PSS). Green Book. htm . Science and Engineering Research Council (SERC) also used ITP on SERCnet and continued developing ITP after EPSS. Green Book was developed by (UK) Post Office Telecommunications in the 1970s.29 that generally the two will interwork.

Many deep packet inspection tools rely on real-time inspection of data as it crosses the network. or stored. complete network packets (header and payload) crossing a network with a high traffic rate. Filtered capture Packet capture devices may have the ability to limit capture of packets by protocol. DPI tools make real-time decisions on what to do with packet data. and avoid legal problems. etc. software tools can perform Deep packet inspection (DPI) to review network packet data. Historical capture and analysis stores all captured packets for further analysis. Historical capture and analysis Once data is captured. diverted. With the application of filters. protocol or other distinguishing bits of data in the packet. As DPI and analysis tools deliver alerts.Packet capture 137 Packet capture Packet capture is the act of capturing data packets crossing a computer network. If packets are not stored after capture. identify security threats. This includes headers and payload. unfiltered. and analyze all network traffic in real-time at wire speeds while keeping a historical archive of all network traffic for further analysis. Complete capture Packet capture has the ability to capture packet data from the data link layer on up (layers 2-7) of the OSI model. after the data has already crossed the network. only complete packets that meet the criteria of the filter (header and payload) are captured. Once captured and stored. using known criteria for analysis. perform forensics analysis to uncover the root cause of network problems. This can reduce storage requirements. the alert?” . Filtering Packet capture can either capture the entire data stream or capture a filtered portion of stream. regardless of source. Some DPCs can be coupled with DPI and can as a result manage. perform designated analysis and act on the results. IP address. the historical record can be analyzed to apply context to the alert. Complete capture is the unrestricted. Headers include information about what is contained in the packet and could be synonymous to an address or other printed information on the outside of an envelope. but yet have enough data to reveal the essential information required for problem diagnosis. Deep packet capture (DPC) is the act of capturing.[1] Partial packet capture can record headers without recording the total content of datagrams. MAC address. it can be analyzed right away or stored and analyzed later. Short-term capture and analysis tools can typically detect threats only when the triggers are known in advance but can act in real-time. at full network speed. raw capture of all network packets. either in short-term memory or long-term storage. they may be flushed away and actual packet contents are no longer available. and after. Complete capture encompasses every packet that crosses a network segment. and ensure data communications and network usage complies with outlined policy. The payload includes the actual content of the packet and therefore synonymous to the contents of the envelope. [2] answering the question “what happened leading up to. inspect.

[5] [6] Analysis of DPC data can also reveal what files that have been sent out from the network. its cause or source can be more reliably determined if the administrator has access to complete historical data.) to be stolen. telecommunications carriers can provide the legally required secure and separate access to targeted network traffic and are able to use the same device for internal security purposes. DPC can capture all packets on important network links continuously.Packet capture 138 Use Identifying security breaches Analysis of historical data captured with DPC assists in pinpointing the source of the intrusion. Detecting data loss In the event that an intrusion allowed information (credit card numbers. take corrective action.[9] However DPC appliances may be unable to provide chain of evidence audit logs. and ensure that the problem will not reoccur. .[8] This helps reduce the Mean Time To Repair. a network administrator can then assess the exact circumstances surrounding a performance event. Internet service providers and VoIP providers in the United States of America must comply with CALEA (Communications Assistance for Law Enforcement Act) regulations.[3] Using packet capture and storage. social security numbers. or satisfactory security for use in this application. Deep Packet Capture provides a record of all network activities.[7] Network Troubleshooting If an adverse event is detected on a network. Identifying data leakage Analyzing historical data flows captured with DPC assists in content monitoring and identifying data leaks and pinpointing their source. medical records. etc.[3] DPC can capture network traffic accessing certain servers and other systems to verify that the traffic flows belong to authorized employees. This could be very helpful in the event of litigation or in the case of a credit card company receiving possibly fraudulent claims of unauthorized purchases on cards whose numbers were not compromised. an administrator could verify exactly which information was stolen and which information was safe. a system administrator may replay that attack against systems which have been patched to prevent the attack. DPC probes can provide lossless capture of target traffic without compromising network performance. When an event happens. Verifying security fixes If an exploit or intrusion was monitored via DPC. This will help the administrator know whether or not their fix worked. Lawful intercept Packet capture can be used to fulfill a warrant from a law enforcement agency (LEA) to produce all network traffic generated by an individual. Collection of data from a carrier system without a warrant is illegal due to laws about interception.[4] However this technique cannot function as an intrusion prevention system.

[2] (Business Wire) (2007-12-06). "Passive Network Security Analysis with NetworkMiner" (http:/ / www. Retrieved 2008-03-15. historical data may allow a system administrator to determine. archive. conclusively. Inc. [3] Linda Musthaler (2007-07-16). "Getting started with content monitoring" (http:/ / www. com/ what-we-do/ application-overview). net/ news_releases/ 102407-solera. htm). Retrieved 2007-03-13. php). worm or other problem has been detected on a network. the device can send e-mail notifications and SNMP traps. informationweek. . com/ newsletters/ techexec/ 2007/ 0716techexec1. Once a particular attack or signature has been identified. . "Startup Of The Week: NetWitness Is Like TiVo For IT" (http:/ / www. "NetDetector captures intrusions" (http:/ / www. jhtml?articleID=204802907). . Endace.Dumping Network Traffic to Disk". endace. Infoworld. . networkworld.. Network World. com/ solutions/ iti_packet_analysis. Net Scout Systems. Retrieved 2009-08-28. 2008. [5] Tom Bowers (2007-02-05). Retrieved 2008-03-13. Retrieved 2008-03-15. com/ news/ showArticle. When an event triggers. virus. such as FreeBSD and dumpcap. Retrieved 2008-04-01.[10] Packet capturing for forensic investigations can also be performed reliably with free open source tools and systems. com/ ?page=Blog& month=2011-03& post=Sniffing-Tutorial-part-2---Dumping-Network-Traffic-to-Disk) . reuters. Retrieved 2008-03-15. 2007. com/ article/ pressRelease/ idUS169612+ 06-Dec-2007+ BW20071206). . exactly how many systems were affected. Network World. [9] "Application overview" (http:/ / web. com/ article/ 03/ 07/ 11/ 27TCniksun_1. 2007-10-07. 2011 (http:/ / www. com/ what-we-do/ application-overview) on 2008-03-04. Retrieved 2008-03-15. both in raw packet form or accurately rendered in its original format. every packet included in that event is available. Information Week. html). bivio. Solera Networks. . html). Retrieved 2008-04-01. NETRESEC Network Security Blog. soleranetworks. netresec. [8] "Network Troubleshooting" (http:/ / www.Solera Networks and Bivio Networks announce product interoperability" (http:/ / web. asp). com/ solutions/ top-ten. Archived from the original (http:/ / www.[3] All traffic or a selected segment on any given interface can be captured with a DPC appliance. the historical data allows an administrator to view a specific window of time and determine the cause of the performance issues. endace. "Rewind and replay what happens on your network" (http:/ / www. [10] Paul Venezia (2003-07-11). org/ web/ 20080304025423/ http:/ / www. [11] "Sniffing Tutorial part 2 . infoworld.[11] Benchmarking performance If performance suddenly takes a hit. com/ passive-network-security-analysis-networkminer). com/ columnists/ 2007/ 020507insider. . networkworld. forensicfocus. net/ news_releases/ 102407-solera. bivio.[3] References [1] "Press Release . htm) on 2008-05-01. Forensic Focus. [6] Andrew Conry-Murray (2008-12-15). netscout. [7] Erik Hjelmvik (2008). html). Retrieved 2008-03-15.Packet capture 139 Forensics Once an intrusion. Triggers can be set up to capture certain events or breaches. Reuters. . . "Solera Networks Announces Advanced Deep Packet Inspection and Capture Solution for Full 10Gbps Speeds" (http:/ / www. archive. 2008. org/ web/ 20080501222529/ http:/ / www. . Archived from the original (http:/ / www. Bivio Networks. [4] "Capture Appliances" (http:/ / www.

Mohammad. by dropping packets for a particular network destination. By doing this. all traffic will be directed to the host that has been compromised. pdf). a host can broadcast that it has the shortest path towards a destination.g. Weichao. [3] References [1] Zhang. ieee-icnp. "Defending against Collaborative Packet Drop Attacks on MANETs" (http:/ / www. (2000). the packet drop attack is very hard to detect and prevent.[1] Because packets are routinely dropped from a lossy network. buffalo. when other routers notice that the compromised router is dropping all traffic. Also. . and the host is able to drop packets at will. al. Xiaobing. cse. One cause mentioned in research is through a denial-of-service attack on the router using a known DDoS tool. However. If the malicious router attempts to drop all packets that come in. [3] Wang. "Malicious packet dropping: how it might impact the TCP performance and how we can detect it" (http:/ / www. edu/ srds2009/ dncms2009_submission_Wang. et. Because wireless networks have a much different architecture than that of a typical wired network. The malicious router can also accomplish this attack selectively. aau. it is often harder to detect because some traffic still flows across the network. Packet drop attack In computer networking. [2] Al-Shurman. . a packet every n packets or every t seconds. Retrieved 5/5/2011. dk/ kurser/ ETC/ Wms2/ Papers/ Ad-hocSec/ Sub/ al-shurman. if the malicious router begins dropping packets on a specific time period or over every n packets. the attack can actually be discovered fairly quickly through common networking tools such as traceroute. or a randomly selected portion of the packets. . This usually occurs from a router becoming compromised from a number of different causes. Retrieved 5/5/2011. icmp: 263. a packet drop attack or blackhole attack is a type of denial-of-service attack in which a router supposed to relay packets discards them instead.[1] The packet drop attack can be frequently deployed to attack Wireless Ad-Hoc Networks. "Black Hole Attack in Mobile Ad Hoc Networks" (http:/ / engsci. at a certain time of the day. This is rather called a gray hole attack. they will generally begin to remove that router from their forwarding tables and eventually no traffic will flow to the attack. pdf). pdf). org/ 2000/ papers/ 2000-24. [2] Also over a Mobile Ad-Hoc Network. hosts are specifically vulnerable to collaborative attacks where multiple hosts will become compromised and deceive the other hosts on the network.Packet concatenation 140 Packet concatenation Packet concatenation is a computer networking optimization that coalesces multiple packets under a single header. e. .

com/ packet_builder/ [6] http:/ / www. colasoft. Unix Windows CLI GUI CLI GUI CLI CLI CLI ? Nemesis Ostinato Pktgen [9] [10] packETH pierf [11] [12] [13] Scapy targa3 Winsock Packet [14] Editor UMPA [15] [4] Adriano Monteiro Marques Daniel Borkmann cxxxap Author Cross-platform (Python) Linux Windows OS ? CLI GUI Interface GPLv2 GPLv2 trafgen xcap Title netsniff-ng xcap [16] License Link [1] http:/ / anettest. net/ [3] http:/ / packetbuilder. colasoft. org/ en/ Net:Pktgen . linuxfoundation. Windows Windows(Cygwin)/Linux Linux/Unix/Windows Linux. Packet generators utilize raw sockets. Unix Windows/Linux/BSD Windows CLI CLI GUI AnetTest Bit-Twist GPL GPLv2 Packet Builder License [4] Cat Karat packet [3] builder Colasoft Packet [7] [8] [5] Windows GUI Packet Builder License: [6] Freeware BSD GPLv3 GPLv2 GPLv2 free BSD GPLv2 ? ? Jeff Nathan pstavirs Linux Foundation Miha Jemec aka jemcek Pieter Blommaert Philippe BIONDI Mixter ? Windows. net/ [8] http:/ / ostinato. sourceforge. php [7] http:/ / nemesis. sourceforge. net/ [4] Custom: free for personal use [5] http:/ / www. This is useful for testing implementations of IP stacks for bugs and security vulnerabilities. Unix Windows/Linux/BSD/MacOSX Linux Linux. org/ [9] http:/ / www.Packet generator 141 Packet generator A packet generator or packet builder is a type of software that generates random packets or allows the user to construct detailed custom packets. net/ [2] http:/ / bittwist. sourceforge. Comparison General Information Title Author OS Interface Link [1] [2] License AnetTest Bit-Twist Cat Karat packet builder Colasoft Packet Builder Nemesis Ostinato Pktgen packETH pierf Scapy targa3 Winsock Packet Editor UMPA Anton aka kronos256 ayeowch aka det_re Valery Diomin. Yakov Tetruashvili Colasoft Windows. com/ download/ products/ download_packet_builder.

html 142 External links • • • • • • • • • • • • • • • • AnetTest (http://anettest.sourceforge. net/ [11] http:/ / pierf. org/ DoS/ targa3.packet generator & sender (http://xcap. sourceforge.sourceforge.net/) Bit-Twist (http://bittwist.org) Winsock Packet Editor (http://wpepro.net/) trafgen. c [14] http:/ / wpepro.net/) Scapy (http://www.com/packet_builder/) Video: Generate Packets to Test Firewall (http://www. com/ index.org/) Ostinato (http://ostinato.org/en/Net:Pktgen) packETH (http://packeth.com/watch?v=O_pk5Wr2_8I) Nemesis (http://nemesis. part of the netsniff-ng suite (http://www. secdev. org/ [16] http:/ / xcap. umitproject.com/) Pktgen (http://www. net/ [15] http:/ / umpa.net/) Colasoft Packet Builder (http://www.secdev.html) . weebly.net) xcap .org/DoS/targa3.colasoft. net/ [12] http:/ / www.sourceforge.c) UMPA (http://umpa.com/index.net/) Cat Karat packet builder (http://packetbuilder. org/ projects/ scapy/ [13] http:/ / packetstormsecurity.Packet generator [10] http:/ / packeth. sourceforge.org/projects/scapy/) targa3 (http://packetstormsecurity.net/) pierf (http://pierf.linuxfoundation.sourceforge.netsniff-ng.sourceforge.youtube.weebly.googlecode.umitproject.

aircrack-ng. com http:/ / wirelessdefence. and libradiate.Packet injection 143 Packet injection Packet injection is a computer networking term which refers to sending a packet on a network into an already established connection. html http:/ / www. org/ Contents/ Void11Main. org/ doku. org . which is part of the aircrack-ng suite. php?id=aireplay-ng& DokuWiki=a96e889dd81ae5677cf2eaa686569563 http:/ / www. Other packet-injectors are Nemesis. Software A popular packet injection application for wireless networks is aireplay-ng[1]. packeteditor. aircrack-ng. pcap. Void11. htm http:/ / wpepro. net/ packet-injection/ packet-injection. This is accomplished by crafting a packet using raw sockets. CommView for WiFi Packet Generator. External links • PacketEditor [2] • Void11 [3] • Winsock Packet Editor [4] • • • • Nemesis Ostinato [8] Packet Injection using raw sockets [5] aircrack-ng [6] [7] References [1] [2] [3] [4] [5] [6] http:/ / www. usually by a party not otherwise participating in the said connection. AirJack. net http:/ / www. file2air. Winsock. Sometimes IP address spoofing is used. Ostinato [8]. security-freak.

In a communication system based on a layered OSI model. for cost reasons. PSS was one of the first telecommunications networks in the UK to be fully liberalized in that customers could connect their own equipment to the network. via published phone numbers.3/X. The current day analogy of ISP's offering broadband always on and dial up services to the internet applies here. Of particular note was the use of PSS for the first networked Clearing House Automated Payment System (CHAPS). After a period of pre-operational testing with customers (mainly UK Universities and computer manufacturers at this early phase) the service was launched as a commercial service on 20 August 1981. Some customers connected to the PSS network via the X. Companies and individual users could also connect in to the PSS network using a basic non-error correcting RS232/V.25 service and bought their own PADs. PSS could be used to connect to a variety of online databases and mainframe systems. chose to dial up via an analog modem over the then UK analog telephony network to their nearest public PAD. packet segmentation is the process of dividing a data packet into smaller units for transmission over the network.24 asynchronous character based interface via an X.hn standard. Packet Switch Stream In the United Kingdom. phone lines and coaxial cables).29 PAD (Packet Assembler/Disassembler) service oriented to the then prevalent dumb terminal market place. The PAD service could be connected to via a dedicated four-wire telephone circuit using a PSS analog modem and later on via a Kilostream digital access circuit. which provides a way to create a high-speed (up to 1 Gigabit/s) local area network using existing home wiring (power lines. provided by the British Post Office Telecommunications and then British Telecom starting in 1980. Segmentation may be required in many scenarios: • When the data packet is larger than the maximum size supported by the network. when problems of 10-100ms transmission failures with the PCM Voice based transmission equipment used by the early Kilostream service were resolved. This process may include automatic repeat-request (ARQ) mechanisms to detect missing segments and to request the source to re-transmit specific segments. packet segmentation may be responsible for splitting one MPDU into multiple physical layer service data units so that reliable transmission (and potential re-transmission via ARQ) of each one can be performed individually.25-based packet-switched network. via a Kilostream digital access circuit (actually a baseband modem). Packet Switch Stream (PSS) was an X. This was a network system .Packet segmentation 144 Packet segmentation In a data communications networks. Companies and individual users could connect in to the PSS network using the full X. • When the network is unreliable and it's desirable to divide the information into smaller segments to maximize the probability that each one of them can be delivered correctly to the destination. The ITU-T G.28/X. In this early 1980s era installation lead times for suitable 4-wire analog lines could be more than 6 months in the UK. Protocols that perform packet segmentation at the source usually include a mechanism at the destination to reverse the process and reassemble the original packet from individual segments. via a dedicated four-wire telephone circuit using a PSS analog modem and later on. using an ID/password provided as a subscription service. The experimental predecessor network (EPSS) formally closed down on 31 July 1981 after all the existing connections had been moved to PSS. However most customers. is an example of a protocol that employs packet segmentation to increase reliability over noisy media. This was before privatization and the creation of British Telecommunications plc (BT) in 1984.25 interface.

The network was initially based upon a dedicated modular packet switch using DCC's TP 4000 communication processor hardware.Packet Switch Stream used to transfer all payments over £10. 1200/75. It replaced a paper based system that operated in the City of London using electrical vehicles similar to milk floats. although 110 and 300 Baud modems were not uncommon. on a pay as you go basis.200 or 2. the US market leader in electronic data interchange. Its activities included TYMNET. the OnTyme electronic mail service. The last PSS (node) in the UK was finally switched off Wednesday. It is believed BT subsequently exchanged major US elements of the Tymnet business with MCI for other assets when the proposed merger of their two businesses was thwarted by MCI's purchase by WorldCom. by using a 110. Dorset who also sold Telex and Traffic light systems. and subsequently by Concert as part of Concert Global Network Services after the Concert joint venture company was launched on 15 June 1994. 9600 bit/s and 48 kbit/s were offered. In the words of BT's own history: British Telecom purchased the Tymnet network systems business and its associated applications activities from the McDonnell Douglas Corporation on 19 November (1989) for $355 million. There was a choice of different speeds of PSS lines. and EDI*Net. plus its associates private and hybrid (mixed public and private) network activities. the public network business. 2006. Euronet.25 network service launched by the international division of BT to which PSS was linked to other packet switched networks around the world. On analog links 2400 bit/s.400 Baud modems were quite rare. Logica (now LogicaCMG) designed the CHAPS system and incorporated an encryption system able to cope with HDLC bit stuffing on X. This started in about 1978 before PSS went into operation due to the high demand for affordable access to US based database and other network services. At the time of PSS's launch this was in advance of both Telenet's own network and most others that used general purpose mini-computers as packet switches. and a related project Diane to encourage more database and network services to develop in Europe. Individual users could link into PSS. 4800 bit/s. Later on the InterStream gateway between the Telex network and PSS was introduced based on a low speed PAD interface. 1. For a brief time the EEC operated a packet switched network. The operating system and the packet switching software was developed by Telenet (later on GTE Telenet). These network management systems were based in London 145 . A PAD service was provided by IPSS to this market in advance of PSS launch. These connections moved over to PSS and other European networks as commercial X. 1. BT Tymnet anticipated developing an end to end managed network service for multi-national customers. 2M (Mega) Baud and 256K (kilo) Baud respectively. The International Packet Switch Stream (IPSS) is an international X. Note: in those days 2. Later on BT used Telematics packet switches for the Vascom network to support the Prestel service and also bought the Tymnet network from McDonneld Douglas.200 Baud was the usual speed in the 1980s. BT bought Telenet's system via Plessey Controls of Poole. and a portfolio of products designed for a global market place. 300.400 Baud PSTN modem to connect a Data Terminal Equipment terminal into a local PSS exchange. The highest and lowest speed lines were provided by the Megastream and Kilostream services. the Card Service processing business. and developing dedicated or hybrid networks that embraced major trading areas.000 UKP (in early 1980s monetary value) between the major UK banks and other major financial institutions based in the UK. Customers would be able to enjoy one-stop-shopping for global data networks.25 services launched. Network management had been run on a system of 24 Prime 63xx and 48xx computers running a modified versions of Revisions 20 and 22 of the Primos operating system. These services were subsequently offered by BT Global Network Services.25 links. the faster the line the more expensive it cost to rent it. June 28.

25 host traffic. Nor were they adequate for X. power. for managed SNA services in the UK. BT's North American operations and the Concert Global Services with ATT. BT did not capitalise as much as other packet switch operators by subsequent mistakes concerning the internet. However significant on-going expenditure had been committed already to manufacture packet switch hardware and by using the very expensive Tandem computers in existing VANS. added significant costs and headcount while contributed virtually no revenue a change in PSS's management eventually resulted. Even in its recent history BT's senior management stated that the Internet was "not fit for purpose". This in turn dented PSS's low credibility with BT's management still further. as one concern of regulators was this joint venture might damage work on Open Systems Interconnection. The lesson of Tymnet's similar transaction phone that just used a dial up link to a standard PAD based service was not followed. The DNICs used by IPSS and PSS were 2341 and 2342 respectively.25 networks and was overwhelmed by the internet and more significantly the internet's superior application suite and cost model.28 was proven obsolete by the advent windows based clients on PCs. Sometimes not enough and sometimes too much but mostly for the wrong reasons. than X. It was believed that putting a packet switch in every local telephone exchange would allow this and other low bandwidth applications to drive revenue. One of the few successful value added applications was the transaction phone used to check credit cards by retailer to validate transactions and prevent fraud. Eventually the UK government decided the SNA joint venture was anti-competitive and vetoed it. Operating profit was still not achieved and a further change in management with McKinsey consultant being called in was the result. In the midst of this IBM (the then market leader in computing) and BT attempted to launch a joint venture. McKinsey's startling insight that increasing revenue while cutting costs was required to turn around the business was duly followed by the new management and an operating profit achieved in about 1988. PSS suffered from inconsistent investment during its early years. PSS being the major part.Packet Switch Stream and Manchester. PSS was then merged with other failing business like Prestel as it became part of a larger Managed Network Services division that was used to fix or close BT's problem businesses. While a decision was eventually made to put some of the basic network services people in senior positions and try to launch what had been developed this proved to be a major mistake. called Epad. named PSS Plus collectively. Packet switches were installed at major trunk exchanges in most major conurbations in the UK. An exodus of people who were developing the value added network services helped reduce some costs. without any significant value added revenue benefit resulting. etc. Despite healthy demand for basic X.25 packet switching as a core offering BT's then senior management regarded packet switching as a passing phase until the telecommunications nirvana of ISDN's 64 kbit/s for everyone arrived. This rested on running PSS efficiently and cutting the VANS as much as possible. Investments in value added network services (VANS) and BT's own access level packet switching hardware delayed operating profit. Compared to France's Transpac that had a separate commercial company with dedicated management and saw X. While PSS eventually went the way of all X. 146 . This only made cost control worse and achieving operating profit delayed further. Each low end packet switch installed added costs for floor space. called Jove. And for a time significant extra expenditure was allowed for BT's data services. Tymnet. Ideas like providing a more user friendly menu based interface. BT's attitude to packet switching was ambivalent at best. As the added value services.25 services and the obvious trend for more demanding bandwidth intensive applications that required investment in more powerful switches a decision to develop BT's own hardware and network applications was made instead. But not before PSS management was allowed to commit to large investments that caused serious problems later.

The packets include a connection identifier rather than address information. sometimes resulting in different paths and out-of-order delivery. An emergency rights issue also helped resolve the debt from acquiring second or third ranked old telcos style companies around the world. and (2) connection-oriented packet switching. first-out buffering. also known as datagram switching. and are delivered in order. based on packet switching. Statistical multiplexing. even when no data is transferred. In case of traffic fees. Packet switching contrasts with another principal networking paradigm. network resources are managed by statistical multiplexing or dynamic bandwidth allocation in which a communication channel is effectively divided into an arbitrary number of logical variable-bit-rate channels or data streams. type. . routers and other network nodes. called packets. Demon and Energis based virtual ISPs in the same sector has only been recovered from recently. such as weighted fair queuing or leaky bucket. packets are buffered and queued. Packet switching features delivery of variable-bit-rate data streams (sequences of packets) over a shared network. Each logical stream consists of a sequence of packets.Packet Switch Stream BT's failure to become the major ISP in its own home market unlike every other former PTT and the success of Dixon's Freeserve. which normally are forwarded by the multiplexers and intermediate network nodes asynchronously using first-in. for example in cellular communication services. as CSC and Reuters sell up their networks to BT. while packet switching is characterized by a fee per unit of information. (1) connectionless packet switching. In case of a shared physical medium. the packets may be delivered according to some packet-mode multiple access scheme. resulting in variable delay and throughput depending on the traffic load in the network. a method which sets up a limited number of dedicated connections of constant bit rate and constant delay between nodes for exclusive use during the communication session. circuit switching is characterized by a fee per time unit of connection time. com/ coms/ history/ pss/ index. packet switching and other store-and-forward buffering introduces varying latency and throughput in the transmission. or structure – into suitably sized blocks. euclideanspace. the packets may be forwarded according to some scheduling discipline for fair queuing. htm Packet switching Packet switching is a digital networking communications method that groups all transmitted data – regardless of content. Two major packet switching modes exist. In the first case each packet includes complete addressing or routing information. The packets are routed individually. switches. Now BT appears to be inheriting a dominating position in the Global Network Services market. See below. When traversing network adapters. As the commodity price of IP services based in their core 21st century MPLS network to carry voice and data finally gives them the real cost efficiencies that packet switching always promised. Alternatively. also known as virtual circuit switching. Packet mode communication may be utilized with or without intermediate forwarding nodes (packet switches or routers). Only after BT changed its most senior management who were fixated on circuit switching/ISDN based on System X/Y telephone exchanges and embracing broadband/internet lock stock and barrel has this changed. 147 External links • Pictures of the BT PSS equipment [1] References [1] http:/ / www. traffic shaping or for differentiated or guaranteed quality of service. In the second case a connection is defined and preallocated in each involved node during a connection phase before any packet is transferred. circuit switching. In all packet mode communication.

dividing complete user messages into what he called message blocks (later called packets). and it helped influence Lawrence Roberts to adopt the technology when Taylor put him in charge of development of the ARPANET. timestamp. Baran's study made its way to Robert Taylor and J. He gave a talk on the proposal in 1966. Davies had chosen some of the same parameters for his original network design as Baran. both wide-area network evangelists.C. each packet is labeled with a connection ID rather than an address. the ARPANET. Independently. as it just requires the node to look up the ID in the table. and second. In 1965. Multiprotocol Label Switching (MPLS). an internetworking protocol for sharing resources using packet-switching among the nodes. Frame relay.[6] In 1973 Vint Cerf and Bob Kahn wrote the specifications for Transmission Control Protocol (TCP). and UDP. survivable communications network. or sequence number) which is different for different . The packet header can be small. Donald Davies at the National Physical Laboratory (NPL) in the UK had developed the same ideas (Abbate. bringing the two groups together. he also later played a leading role in building and management of the world's first packet switched network. distributed. first presented to the Air Force in the summer of 1961 as [1] [2] in 1962 and then including and expanding somewhat briefing B-265 then published as RAND Paper P-2626 within a series of eleven papers titled On Distributed Communications [3] in 1964. Licklider at the Information Processing Technology Office. Asynchronous Transfer Mode (ATM). Baran developed the concept of message block switching during his research at the RAND Corporation for the US Air Force into survivable communications networks. after which a person from the Ministry of Defence (MoD) told him about Baran's work. and TCP.R. and published a book in the related field of digital message switching (without the packets) in 1961. 2000). Interestingly. The first computer network and packet switching network deployed for computer resource sharing was the Octopus Network at the Lawrence Livermore National Laboratory that began connecting four Control Data 6600 computers to several shared storage devices (including an IBM 2321 Data Cell[4] in 1968 and an IBM Photostore[5] in 1970) and to several hundred Teletype Model 33 ASR terminals for time sharing use starting in 1968. Connectionless and connection-oriented packet switching The service actually provided to the user by networks using packet switching nodes can be either connectionless (based on datagram messages). Routing a packet is very simple. Davies developed the concept of packet-switched networks and proposed development of a UK wide network. and acceptable values for service parameters to be negotiated. The paper focuses on three key ideas: first. IP. then third. when the route to the destination is discovered and an entry is added to the switching table in each network node through which the connection passes. or virtual circuit switching (also known as connection oriented). Some connectionless protocols are Ethernet.25. Baran's P-2626 paper described a general architecture for a large-scale. Leonard Kleinrock conducted early research in queueing theory which would be important in packet switching. UK. connection oriented packet-switching protocols include X. Address information is only transferred to each node during a connection set-up phase.Packet switching 148 History The concept of switching small blocks of data was first explored by Paul Baran in the early 1960s. is available. The NPL Data Communications Network entered service in 1970. use of a decentralized network with multiple paths between any two points. Roberts and the ARPANET team took the name "packet switching" itself from Davies's work. The signalling protocols used allow the application to specify its requirements and the network to specify what capacity etc. In 1966 Davies proposed that a network should be built at the laboratory to serve the needs of NPL and prove the feasibility of packet switching. as it only needs to contain the ID and any information (such as length. In connection oriented networks. such as a packet size of 1024 bits. Baran's work was similar to the research performed independently by Donald Davies at the National Physical Laboratory. A member of Davies' team met Lawrence Roberts at the 1967 ACM Symposium on Operating System Principles. delivery of these messages by store and forward switching.

for example as an alternative to circuit mode terminal switching. The most well-known use of packet switching is the Internet and most local area networks. the system has to do as much work for every packet as the connection-oriented system has to do in connection set-up. Frame Relay packet switching Both X. Virtual circuits are especially useful in building robust failover mechanisms and allocating bandwidth for delay-sensitive applications.. At the destination. Technologies such as Multiprotocol Label Switching (MPLS) and the resource reservation protocol (RSVP) create virtual circuits on top of datagram networks. while X.25 and Frame Relay provide connection-oriented packet switching. The X. A major difference between X.Packet switching packets.25 connections also can be established for each communication session. and is part of the X. Datagram packet switching is also called connectionless networking because no connections are established.25 packet switching. MPLS. The Internet is implemented by the Internet Protocol Suite using a variety of Link Layer technologies. mainly in the 1990s by large companies that had a requirement to handle heavy telecommunications [8] :250 Despite the benefits of frame relay packet switching.25 and Frame Relay packet switching are that X. In connectionless networks. also known as a virtual circuit or byte stream is provided to the end-user by a transport layer protocol. also known as the OSI protocol suite. For example. I-mode) also use packet switching. Ethernet and Frame Relay are common. MPLS and its predecessors. and does not provide logical addresses and routing. It is only used for "semi-permanent" connections. based on the packet sequence number. Asynchronous Transfer Mode (ATM) also is a virtual circuit technology. each packet is labeled with a destination address. Modern routers. also known as virtual circuit switching. many international traffic across wide area networks. and this information needs to be looked up in power-hungry content-addressable memory.25 protocol is a network layer protocol. which uses fixed-length cell relay connection oriented packet switching. maximum packet length is 1000 bytes. potentially. Frame relay is a further development of X. but means that much more information is needed in the packet header. based on node-to-node automatic repeat request. the original message/data is reassembled in the correct order. while Frame Relay is a non-reliable protocol. but with less information as to the application's requirements. do not require these technologies to be able to forward variable-length packets at multigigabit speeds across the network. X. Frame relay is a data link layer protocol. the International Packet Switched Service (IPSS).25 protocol suite. and to increase robustness of communication. Each packet is dispatched and may go via different routes.g.25 vs. and port numbers. X.25 is a notable use of packet switching in that. which is therefore larger. however. and for automated teller machines. X. it may also be labeled with the sequence number of the packet. to minimize the transmission latency (the time it takes for data to pass across the network). In 1978.25 is a reliable protocol. Newer mobile phone technologies (e. This precludes the need for a dedicated path to help the packet find its way to its destination. it provided virtual circuits to the user. It was widely used in switching networks during the 1980s and early 1990s. Thus a virtual connection. indeed. 149 Packet switching in networks Packet switching is used to optimize the use of the channel capacity available in digital telecommunication networks such as computer networks. has been [7] called "ATM without cells". Any retransmissions must be carried out by higher layer protocols. Frame Relay was used to interconnect LANs or LAN segments.25 provided the first international and commercial packet switching network. GPRS. despite being based on packet switching methods. as well as ATM. . source address. The simplicity of Frame Relay made it considerably faster and more cost effective than X. have been called "fast packet" technologies. although intermediate network nodes only provides a connectionless network layer service.25. These virtual circuits carry variable-length packets.

html).25 was the only technology available. T. (Document ID: 10946641). Computerworld. Retrieved 2008-05-08. info/ Page4. The design of a message switching Centre for a digital communication network (IFIP 1968) Larry Roberts and Tom Merrill. A.25 on slower networks. Davies.25 users remaining loyal despite frame-relay hype. Scantlebury. html). computer-history.25 packet switching was used heavily in government and financial networks that use mainframe applications. Wilkinson. M.cs.packet. P. X. In certain parts of the world. Living Internet. A.). html [4] The IBM 2321 Data Cell Drive (http:/ / www. On Distributed Communications Networks (http://ieeexplore. . Information Flow in Large Communication Nets (http://www.25 standard. Bartlett. Samuel (1970-11-30). Pildush [8] O’Brien. [9] Girard.lk. August 1964) Paul Baran. org/ pubs/ research_memoranda/ RM3420/ index.ieee. J. dir/ index. com/ i/ ii_rand. Columbia University Computing History [5] The IBM 1360 Photostore (http:/ / www. Cambridge. cc/files/toward-coop-net. January). Communication Nets: Stochastic Message Flow and Delay (McGraw-Hill. October 1966) Lawrence Roberts. A. html). 1961) Proposal for a Ph. columbia. (2009). August. X. Scantlebury. 1964) • Paul Baran et al. (MIT.rand.html). Wilkinson. Bartlett. rand. com/ cisco/ newsletter/ SL/ interview_08-12-03. rogerdmoore. from ABI/INFORM Global database. New York: McGraw-Hill/Irwin. New York. On Distributed Communications: I Introduction to Distributed Communications Network (http:// www. and P. ca/ PS/ OCTOA/ OCTO. 1964) • Paul Baran. X. html). K. "Octopus: The Lawrence Radiation Laboratory Network" (http:/ / www.Packet switching companies are staying with the X.ucla. R. G. certificationzone. W. A. On Distributed Communications. jsp?arnumber=1088883).org/publications/RM/RM3420/) (RAND Memorandum RM-3420-PR. November. Volumes I-XI (http://www.org/about/history/ baran-list.cc/files/ev-packet-sw. T. G. dir/ pages/ Photostore. Many companies did not intend to cross over to Frame Relay packet switching because it is more cost effective to use X. A digital communications network for computers giving rapid response at remote terminals (ACM Symposium on Operating Systems Principles. A.D.html) (Fall AFIPS Conference. July 1961) • Leonard Kleinrock. "Paul Baran Invents Packet Switching" (http:/ / www.org/search/wrapper. March 1964) D. edu/ acis/ history/ datacell. May 31. and K. & Marakas. Bibliography • Leonard Kleinrock.. K. 16. [7] Interview with the author (of an MPLS-based VPN article) (http:/ / www. Toward a Cooperative Network of Time-Shared Computers (http://www. [2] http:/ / www. . Lawrence Livermore Laboratory Computing History [6] Mendicino. October 1967) R. rand. org/ pubs/ papers/ P2626/ [3] http:/ / www. Management Information Systems (9th ed. The Evolution of Packet Switching (http://www. 31(4). htm). (IEEE Transactions on Communications Systems.rand.html) (Proceedings of the IEEE. 2009.html) (RAND Corporation Research Documents.edu/ bibliography-public_reports. livinginternet. Retrieved March 6. Thesis • Leonard Kleinrock. 1978) • • • • • .[9] 150 References [1] Stewart. (1997. Bill (2000-01-07).packet. Information Flow in Large Communication Nets (RLE Quarterly Progress Report. particularly in Asia-Pacific and South America regions. Retrieved 2009-05-06. In the United States.

Judy E. Baran describes his working environment at RAND. Where Wizards Stay Up Late (Simon and Schuster. 1996) pp 52–67 • Janet Abbate.Packet switching 151 Further reading • Katie Hafner. Transforming Computer Technology: Information Processing for the Pentagon. . The goal of packet switched fabric in both LAN and WAN. It consists of telephony and data tightly coupled on packet-based switched multimedia networks.org/about/history/baran.cbi." Baran discusses his interaction with the group at ARPA who were responsible for the later development of the ARPANET. However technology matures and new application proliferate packet technology will appear in broader market. There is a major distinction between Intranet telephony and VoIP. and Kleinrock • Paul Baran and the Origins of the Internet (http://www. "On Distributed Communications. The packet and based fabric is capable of supporting future applications such as video streaming and video conferencing. 1962-1982 (Johns Hopkins University. Inventing the Internet (MIT Press. site reviewed by Baran. writing and distribution of his eleven-volume work.edu/oh/display.isoc. Minneapolis. O'Neill. the vision in to drive voice and data over a single multimedia (packet based N/W) allowing waves to engage in a media rich communication in a natural and straightforward manner. Packet telephony Packet telephony is the use of personal computers and a packet data network to produce a voice conversation.htm). which is licensed under the GFDL.com/i/iw_packet. as well as his initial interest in survivable communications. The transaction to a new paradigm will take years to complete.rand. 1996) External links • Oral history interview with Paul Baran (http://www. and the evolution. Charles Babbage Institute University of Minnesota. 2000) ISBN 0-262-51115-0 • Arthur Norberg.phtml?id=110). • Packet Switching History and Design (http://www. Roberts.livinginternet.shtml) This article was originally based on material from the Free On-line Dictionary of Computing.org/internet/history/brief.html) • A Brief History of the Internet (http://www.umn.

25 is the best .25 era when many postal. This results in a simpler host interface with less functionality than in the datagram model. The principal goals of packet switching are to optimize utilization of available link capacity. called packets. switches and other network nodes.Packet transfer delay 152 Packet transfer delay Packet transfer delay is a concept in packet switching technology. When traversing network adapters. Propagation delay = d/s Packet-switched network A packet-switched network is a digital communications network that groups all transmitted data.25 in 1973 [1] . d = Length of physical link 2. Packet transfer delay is influenced by the level of network congestion and the number of routers along the way of transmission. or structure into suitably sized blocks. R=Link bandwidth (bit/s) 2. The network over which packets are transmitted is a shared network which routes each packet independently from all others and allocates transmission resources as needed. Transmission Control Protocol /Internet Protocol (TCP/IP) is the best known example of a host to datagram protocol. s = Propagation speed in medium 3. The history of such networks can be divided into three eras: early networks before the introduction of X. irrespective of content. telephone and telegraph (PTT) companies introduced networks with X. minimize response times and increase the robustness of communication. The sum of store-and-forward delay that a packet experiences in each router gives the transfer or queuing delay of that packet across the network. resulting in variable delay and throughput. and the Internet era when restrictions on connection to the Internet were removed.25 and the OSI model. Queuing: 1. Determine output link 2. Early networks ARPANET and SITA HLN became operational in 1969. Time to send bits into link = L/R 4. Depends on congestion level of router 3. Transmission delay: 1. X. about twenty different network technologies were developed. Before the introduction of X. the X.25 interfaces. depending on the traffic load in the network. There was a debate about the merits of two drastically different views as to proper division of labor between the hosts and the network. In the datagram system the host must detect loss or duplication of packets. Time waiting at output link for transmission 2. Check bit errors 2. the network guarantees sequenced delivery of data to the host. L=Packet length (bits) 3. Propagation delay: 1. Nodal processing: 1. packets are buffered and queued. There are four sources of packet transfer delay: 1. In the virtual call system. type.

offering batch processing services. [3] [4] GEIS As General Electric Information Services (GEIS). Warner was right. Chicago. was chosen for use in NSFNET which eventually became the Internet. It initially had only one host but was designed to support many hosts. [2] CYCLADES CYCLADES was an experimental French network. Very little has been published about the internal details of their network. which was an important component of ARPANET2. They lost money from the beginning. Inexpensive minicomputers were an important component in the early networks.) After going international some years later. EIN nee COST II European Informatics Network was a project to link several national networks. He decided that a time-sharing system. was given the job of turning the business around. a data network based on this voice-phone network was designed to connect GE's four computer sales and service centers (Schenectady. the centers were computer service bureaus.Packet-switched network known virtual call protocol. GEIS created a network data center near Cleveland. Phoenix. a high-level marketing manager. BNRNET BNRNET was a network which Bell Northern Research developed for internal use. and Sinback. based on Kemney's work at Dartmouth—which used a computer on loan from GE—could be profitable. and Phoenix) to facilitate a computer time-sharing service. Some ideas from this network were later incorporated into ARPANET. It was succeeded by DDX-2. Ferranti supplied the hardware and software. DDX-1 This was an experimental network from Nippon PTT.25 project. The company originally designed a telephone network to serve as its internal (albeit continent-wide) voice telephone network. TCP/IP. In 1965. [5] [6] . General Electric was a major international provider of information services. apparently the world's first commercial online service. (Though it has been stated by some that Tymshare copied the GEIS system to create their network. (In addition to selling GE computers. In some cases custom I/O devices were added to allow inexpensive or exotic attachments to communication lines. It mixed circuit switching and packet switching. It became operational in 1976. The handling of link control messages (acknowledgements and flow control) was differed from that of most another networks and is not fully explained in the published literature. 153 ARPANET This is the principal survivor from the early era. at the instigation of Warner Sinback. Ohio. EPSS EPSS (Experimental Packet Switching System) was an experiment of the UK Post Office. BNR later made major contributions to the CCITT X. Tymnet.) The design was hierarchal with redundant communication links. Louis Pouzin was the principal designer.

[7] OCTOPUS Octopus was a local network at Lawrence Livermore National Laboratory. It connected sundry hosts at the lab to interactive terminals and various computer peripherals including a bulk storage system. NPL built a single node network to connect sundry hosts at NPL. Libraries were also among first ones in universities to accommodate microcomputers for public use in early 80's. RCP RCP was an experimental network created by the French PTT." [18] . UK made many important contributions to the theory of packet switching. as well as higher level functions such as a reliable byte stream.25 [12] [13] [14] RETD Red Especial de Transmisión de Datos was a network developed by Compañía Telefónica Nacional de España. NPL Donald Davies of the National Physical Laboratory. and it included first Nordic electronic journal Extemplo. It became operational in May 1976. Further developments led to Xerox Network Systems (XNS). TRANSPAC was introduced as an X. Surrey developed a packet switching network for internal use. it was created by researchers at Xerox PARC in the mid-1970s. Sharp Associates to serve their time-sharing customers. along with numerous applications. The entire suite provided routing and packet delivery. RCP emphasised terminal to host and terminal to terminal connection. It was a datagram network with a single switching node. [11] PUP The PARC Universal Packet (PUP or Pup) was one of the two earliest internetwork protocol suites. [15] [16] [17] SCANNET "The experimental packet-switched Nordic telecommunication network SCANNET was implemented in Nordic technical libraries in 70's.25 network.Packet-switched network 154 IPSANET IPSANET was a semi-private network constructed by I. P. It became operational in 1972 and thus was the first public network. It was used to gain experience with packet switching technology before the specification of Transpac was frozen. RCP was a virtual-circuit network in contrast to CYCLADES which was based on datagrams. CYCLADES was concerned with host-to-host communication. [8] [9] [10] Philips Research Philips Research Laboratories in Redhill. RCP influenced the specification of X.

Beranack and Newman (BBN) provided the financing. BSC and ASCII interfaces to connect host computers (servers)at thousands of large companies. He had tried to interest AT&T in buying the technology. It went public in 1979 and was then sold to GTE. [19] SNA Systems Network Architecture (SNA) is IBM's proprietary networking architecture created in 1974. as well as higher level functions such as a reliable stream. It carried interactive traffic and message-switching traffic.25/X. Tymnet Tymnet was an international data communications network headquartered in San Jose. Tyme. Some older networks such as TELENET and TYMNET were modified to provide a X. An IBM customer could acquire hardware and software from IBM and lease private lines from a common carrier.25 and the terminal interface to X. A user or host could call a host on a foreign network by including the DNIC of the remote network as part of the destination address.25 host interface in addition to older host connection schemes. and remote procedure calls. DATAPAC was developed by Bell Northern Research which was a joint venture of Bell Canada (a common carrier) and Northern Telecom (a telecommunications equipment supplier). Telenet designed these protocols and helped standardize them in the CCITT.25 era There were two kinds of X. . (Interesting note: Tymnet was not named after Mr. Northern Telecom sold several DATAPAC clones to foreign PTTs including the Deutsche Bundespost.29. which provided routing and packet delivery. and government agencies.25 networks.25. educational institutions. but the monopoly's reaction was that this was incompatible with their future. and internationally via X. X.75 and X. Another employee suggested the name. It was founded by former ARPA IPTO director Larry Roberts as a means of making ARPANET technology public. Telenet was incorporated in 1973 and started operations in 1975.S. X.75 gateways.Packet-switched network 155 SITA HLN SITA is a consortium of airlines. [20] Telenet Telenet was the first FCC-licensed public data network in the United States. Tymnet was also connected to dozens of other public networks in the U. SNA/SDLC. It initially used ARPANET technology but changed the host interface to X.25 networks. CA that utilized virtual call packet switched technology and used X.121 allowed the interconnection of national X. Their High Level Network became operational in 1969 at about the same time as ARPANET. It was developed from PARC Universal Packet (PUP). Bolt. The business consisted of a large public network that supported dial-up users and a private network business that allowed government agencies and large companies (mostly banks and airlines) to build their own dedicated networks. As with many non-academic networks very little has been published about it. Some such as DATAPAC and TRANSPAC were initially implemented with an X. Users typically connected via dial-up connections or dedicated async connections. The private networks were often connected via gateways to the public network to reach locations not on the private network. This allowed construction of a private network.25 external interface.) [21] [22] XNS Xerox Network Systems (XNS) was a protocol suite promulgated by Xerox.

25 node to the network. but through the use of "logical ports" an originating terminal could have a menu of pre-defined destination terminals.25 and X. by linking a permanent X. replacing Euronet. HIPA-NET Hitachi designed a private network system for sale as a turnkey package to multi-national organizations.25 network operated by Telstra. The technology was acquired from Northern Telecom. Although this use of the name was incorrect all these services were managed by the same [23] people within one department of KPN contributed to the confusion. the name also referred to the public PAD service Telepad (using the DNIC 2049). In addition to providing X. AUSTPAC was Australia's first public packet-switched data network.28. And because the main Videotex service used the network and modified PAD devices as infrastructure the name Datanet 1 was used for these services as well. Datanet 1 Datanet 1 was the public switched data network operated by the Dutch PTT Telecom (now known as KPN). Eirpac is run by Eircom. ConnNet ConnNet was a packet switched data network operated by the Southern New England Telephone Company serving the state of Connecticut. Strictly speaking Datanet 1 only referred to the network and the connected users via leased lines (using the X. providing X. or. message switching software was also included. Eirpac Eirpac is the Irish public switched data network supporting X. It was launched in 1984. financial applications — the Australian Tax Office made use of AUSTPAC — and remote terminal access to academic institutions. Datex-P Deutsche Bundespost operated this national network in Germany.121 DNIC 2041).25 services. Started by Telecom Australia in the early 1980s. Datapac DATAPAC was the first operational X. Switched virtual calls were not supported. .25 network (1976). Messages were buffered at the nodes adjacent to the sending and receiving terminals. It covered major Canadian cities and was eventually extended to smaller centres.25 packet switching. who maintained their connections to AUSTPAC up until the mid-late 1990s in some cases. [24] Iberpac Iberpac is the Spanish public packet switched network. supporting applications such as on-line betting.Packet-switched network 156 AUSTPAC AUSTPAC was an Australian public X. Iberpac is run by Telefonica. Access can be via a dial-up terminal to a PAD.

It is a research consortium which has created the Abilene Network. [6] Schwartz. . Wilkin. Some older technologies such as circuit switching have resurfaced with new names such as fast packet switching. M. . the distinctions between national networks blurred. Boorstyn. Michael A. 199–213. Sussex. 223–228. [2] Martel. ca/ PS/ Kirs1973/ Ki. (November 1972). References [1] Taylor. "EXPERIMENTAL PACKET SWITCHING PROJECT OF THE UK POST OFFICE" (http:/ / rogerdmoore. United Kingdom: Noordhoff International Publishing. (1973). html). Roy D. D (1974). [5] Kirstein. and various InterStream gateways to other services such as Telex. "A SURVEY OF PRESENT AND PLANNED GENERAL PURPOSE EUROPEAN DATA AND COMPUTER NETWORKS" (http:/ / rogerdmoore. Grushcow. "The National Physical Laboratory Data Communications Network" (http:/ / www. 435–44. pp. Wilkinson. Peter T. rogerdmoore. The X. . Cunningham and M.25 links at up to 8 Mbit/s in its final phase before being converted to an IP based network. 10–14. . . PSS also included public dial-up PAD access. J. ca/ PS/ EPSSFer/ EF. C. National LambdaRail National LambdaRail is a high-speed national computer network in the United States that runs over fiber-optic lines. (1974). C. A.. The JANET network grew out of the 1970s SRCnet (later called SERCnet) network. Transpac Transpac was the national X. Researchers have created some experimental networks to complement the existing Internet. IFIP Congress 1974. publicly funded research laboratories. networkworld. ca/ PS/ BNR/ BNRnet.25 network with a DNIC of 2342. D J.. and is the first transcontinental Ethernet network working to establish a direct line of communications between international parties. United Kingdom: Noordhoff International Publishing. [4] Pearson. PSS PSS was the UK Post Office (later to become British Telecom) national X. . British Telecom renamed PSS under its GNS (Global Network Service) name. It was developed locally at about the same time as DataPac in Canada. Proceedings of the 2nd ICCC 74. html#GEISCO). pp. P. html).T. Internet2 Internet2 is not an actual network. Proceedings of the IEEE 60 (11): 1408–23. Smith. Rober R. and Pickholtz. and run X. Mischa. "Terminal-Oriented Computer-Communication Networks" (http:/ / rogerdmoore. Proceedings of the 2nd ICCC 74. Sussex. ca/ PS/ EPSSB. com/ newsletters/ frame/ 2008/ 0128wan1. ca/ PS/ NPLPh/ NPL1974A. but the PSS name has remained better known. It began operation in 1978[25] . R. Proceedings of the NATO Advanced Study Institute on Computer Communication Networks. html). [7] Scantlebury. "Some Design Aspects of a public packet switching network" (http:/ / rogerdmoore. linking all universities.25 network was based mainly on GEC 4000 series switches. "THE BNR NETWORK: A CANADIAN EXPERIENCE WITH PACKET SWITCHING TECHNOLOGY" (http:/ / rogerdmoore. Proceedings of the NATO Advanced Study Institute on Computer Communication Networks. ca/ PS/ TONET/ TON.Packet-switched network 157 JANET JANET was the UK academic and research network. The development was done by the French PTT and influenced by the experimental RCP network. . Internet era When Internet connectivity was made available to anyone who could pay for an ISP subscription. (1973). . pp. Steve. S. Raymond L. The user no longer saw network identifiers such as the DNIC. html). Jim Metzler (2008). html#GEISCO). "Vint Cerf on why TCP/IP was so long in coming" (http:/ / www. higher education establishments. html). pp.25 network in France. [3] Bright..

ITS APPLICATIONS" (http:/ / rogerdmoore. .T.M. Proceedings of the SJCC 1971.com/coms/history/epss/index. (1970). . Connections. Proceedings of the NATO Advanced Study Institute on Computer Communication Networks.org/issues. 16 May.25 Virtual Circuits . pp. computer-history. pp. .Packet-switched network [8] Mendicino. .1–39. Chapter 3: page 20 and further. W. David L. html). . "Principles of Design in the Octopus Computer network" (http:/ / portal. tue. html). 171–85. ca/ PS/ RCPDEP/ RD. Matras. A.'s PACKET SWITCHING NETWORK. pp.ca/PS) • "An Introduction to Packet Switched Networks".1". Sethi. Y. "The SITA Network" (http:/ / rogerdmoore. [19] Chretien. "1970 OCTOPUS: THE LAWRENCE RADIATION LABORATORY NETWORK" (http:/ / rogerdmoore.4.euclideanspace.4. Arja-Riitta. (1976).3.phrack.I. [14] Bache. html). ca/ PS/ SITAB. Sussex. Proceedings of ICCC '80. Kato and S. (1974).: Prentice-Hall Inc. (APRIL 1981). html). Guillou. [9] Pehrson. ca/ PS/ SNA6Y/ SNA6. ca/ PS/ OCTOA/ OCTO.5.Transpac in France . J.J. rogerdmoore. Konig. ca/ PS/ RCPHCC/ RH. 578–585. 211–16. Proceedings of ICCC 76. pp. ca/ PS/ TYMNET/ TY. "Packet Switching at Philips Research Laboratories" (http:/ / rogerdmoore. G. . "ARCHITECTURE. Control" (http:/ / rogerdmoore. . and Rech. despres. B. A.J. Schultz (1980). LA ROY W.): 95–100.TUE. S. info/ Page4. "Fundamental Choices in the Development of RCP. IEEE. org/ citation. . 311–16. hu-berlin. html). D. Proceedings of ICCC 76. html). free. Proceedings of 2nd ICCC 74. "AN ENGINEERING VIEW OF THE LRL OCTOPUS COMPUTER NETWORK" (http:/ / www. html).. (1974). ca/ PS/ NPLPh/ PhilipsA. "A PUBLIC PACKET SWITCHING DATA COMMUNICATIONS NETWORK: EIGHT YEARS OF OPERATING EXPERIENCE" (http:/ / rogerdmoore. .N.25 data services in GSM network (http:/ / alexandria. pp. H. pp. [10] Fletcher.zakon. ca/ PS/ CTNEC1.rogerdmoore. .. fr/ Publications/ X25-TPC. Liquid Jesus (http://textfiles. [20] Sundstrom. N.. Yamaguchi (1980). LA ROY W. "C. ca/ PS/ RCPBAC/ RB. H. ca/ PS/ RETDB. html). the Experimental Packet-Switched Data Transmission Service of the French PTT: History.org/robert/ internet/timeline/) • 20+ articles on packet switching in the 70s (http://www. "RCP. ca/ PS/ CTNEA/ CTA.3. pdf) Electrical Engineering . Samuel F. [12] Després. cfm?id=810357). Conference Record of ICC 80. .htm) Pictures of the EPSS exchanges in London..E. T.txt) • "Hobbes' Internet Timeline v8. the Experimental Packet-Switching Data Transmission Service of the French PTT" (http:/ / rogerdmoore. html). Proceedings of ICCC 74. 1991.. (1975). R. 517–22. [17] Lavandera.Pre-Internet Data Networking" (http:/ / remi. G. Conference Record of ICC 80. pp. [13] Bache. Layec. L. html).. 373–396. [22] TYMES. "RCP. Matras (1976). Steneker: Graduation Report on X. dir/ pages/ Octopus. R. Phrack. 28. html).J. html?issue=18&id=3#article) • EPSS (http://www. html). . [11] Burnett.. pp. [21] TYMES. IEEE TRANSACTIONS ON COMMUNICATIONS COM-29 (4): 392–98. . PROTOCOLS AND PERFORMANCE OF RETD" (http:/ / rogerdmoore. Herrera. [23] H. (1972). Zakon Group LLC (http://www.lt/hacking/icebook2. nl/ extra1/ afstversl/ E/ 354398. .H. [18] Haarala. THE EXPERIMENTAL PACKET-SWITCHED DATA TRANSMISSION SERVICE OF THE FRENCH PTT" (http:/ / rogerdmoore. ca/ PS/ TYMFlow/ TF. Robert H'obbes' Zakon. .J.1–28. "A Private Packet Network and Its Application in A Worldwide Integrated Communication Network" (http:/ / rogerdmoore. 39.D. [15] Alarcia. html). html). ca/ PS/ HIPA/ HIA. 158 External links • "The Guide to Hacking & Phreaking. Luis (1980). de/ conferences/ eunis2001/ e/ Haarala/ HTML/ haarala-ch2. (1973). "Libraries as key players at the local level" (http:/ / edoc. Issue #2". K.5. ""1980 SNA'S First Six Years: 1974-1980"" (http:/ / rogerdmoore. . . 05/3/88 (http://www.R.J. html). acm. (1980). dir/ index. Computer Networks (North-Holland Publishing Company) 1: 341–348. [16] Cuenca.group. John G. pp. [25] "X. G. COMPUTER NETWORKS (Englewood Cliffs. L.. "Routing and Flow Control in TYMNET" (http:/ / www. 38. Proceedings of 5th ICCC 80. 163–170. .. IEEE. Long and Y. United Kingdom: Noordhoff International Publishing. Retrieved 15 June 2011 [24] Tomaru. "TYMNET — A terminal oriented communication network" (http:/ / rogerdmoore. html). Manchester and Glasgow.

although the original documents usually use Pup) was one of the two earliest internetwork protocol suites. but others are quite different. as many as six 56 kbit/s interswitch trunk (IST) lines to other packet-switching nodes. The network number had a particular special value which meant 'this network'. it was created by researchers at Xerox PARC in the mid-1970s. some of the protocols in the XNS suite (such as the Internetwork Datagram Protocol) were lightly modified versions of the ones in the PUP suite. In the 1980s Xerox used PUP as the base for the Xerox Network Systems (XNS) protocol suite. a packet-switching node is usually configured to support up to thirty-two X. This was a smaller packet size than IP. Unlike TCP/IP. individual PUP host pairs on a particular network might use larger packets. A protocol named the Gateway Information Protocol (a remote ancestor of RIP) was used as both the routing protocol.25 56 kbit/s host connections. formatting.  This article incorporates public domain material from the General Services Administration document "Federal Standard 1037C" [1] (in support of MIL-STD-188). but no PUP router was required to handle them. along with numerous applications. which roughly corresponds to the Internet Protocol (IP) layer in TCP/IP. (Technically. routing. transmitting. socket fields were part of the full network address in the PUP header. The fundamental design of the PUP suite was substantially complete by 1974. reflecting the experience gained with PUP and IP. Basic internetwork protocol The main internetwork layer protocol was PUP. as well as higher level functions such as a reliable byte stream. an 8-bit host number. . PUP also supplied packet types (again.) The entire suite provided routing and packet delivery. Larger packets could be fragmented. and the creation of the Ethernet local area network at PARC. and for hosts to discover routers.Packet-switching node 159 Packet-switching node Packet-switching node: In a packet-switching network. and the checksum. Also. a node that contains data switches and equipment for controlling. and a 16-bit socket number. so that upper-layer protocols did not need to implement their own demultiplexing. and receiving data packets. the name "PUP" only refers to the internetwork-level protocol. but operating at a lower level. but it is also applied to the whole protocol suite. unlike IP). PUP packets were up to 554 bytes long (including the 20 byte PUP header). for use by hosts which did not (yet) know their network number. the development of PUP split off because Xerox PARC wished to move ahead with implementation. Note: In the Defense Data Network (DDN). an optional 2-byte checksum covered the entire packet. and at least one Terminal Access Controller (TAC). if the hosts support them). which requires all hosts to support at least 576 (but supports packets of up to 65K bytes. However. History The origins of the PUP suite lie in two developments. A full PUP network address consisted of an 8-bit network number. PARC Universal Packet The PARC Universal Packet (commonly abbreviated to PUP. in the same events in the early 1970s as the very earliest stage of the development of TCP/IP (see History of the Internet). PUP also included a simple echo protocol at the internetwork layer. similar to IP's ping. for in-house use.

Palo Alto. July. including protocols for printer spooling. State Machine for Rendezvous/Termination Protocol (Xerox Parc. • Michael A. References • Edward A. as well as manage and terminate the connection. Metcalfe. 1978 and October. It is still in use as an interior routing protocol. which was used to initiate communication between two entities. 1975) • Jon A. Once RTP had started the connection. Metcalfe (April.PARC Universal Packet 160 Transport layer protocols To establish a transport connection. pp. The second was the primary transport layer protocol. Palo Alto. 1978 and October. Taft. before the arrival of the more modern OSPF and IS-IS. 1975) • Edward A. RIP. Palo Alto. New York. Pup Network Constants (Xerox Parc. this was discarded in favour of packets for the equivalent protocol in XNS. 1979) Further reading • David R. One version of RIP served as one of the initial so-called interior gateway protocols for the growing Internet. 1980). were basically the same protocols as used on the ARPANET (much as occurred with the TCP/IP suite). that demonstration would not have been anything like as powerful as it was without all the capabilities that a working internetwork provided. Hiltzik. PUP was very influential. page-level remote access to file servers. The Gateway Information Protocol's descendant. The first. copying disk packs. Others were novel. Impact In showing that internetworking ideas were feasible. Dealers of Lightning: Xerox PARC and the Dawn of the Computer Age (HarperBusiness. such as Telnet and File Transfer Protocol. Byte Stream Protocol (BSP). Edward A. Hupp. 291-293 . July. which was analogous to TCP. Taft. Sequenced Packet Protocol. Boggs. Robert M. Robert M. and as the foundation for the later XNS protocols. BSP's semantics and operation were in terms of bytes. June. Pup Specifications (Xerox Parc. Like TCP. July. Some of them. Taft. etc (although some of these capabilities had been seen before.g. Palo Alto. e. the ARPANET already made heavy use of remote management for controlling the Interface Message Processors which made it up). Taft. Palo Alto. (somewhat modified to match the syntax of addresses of other protocol suites). remains in wide use today in other protocol suites. 1999). doi:10. in small sites with simple requirements. its biggest impact was probably as a key component of the office of the future model first demonstrated at Xerox PARC. in being influential in the early work on TCP/IP. 1975) • Edward A. Pup Error Protocol (Xerox Parc. 1978 and October. BSP took over and managed the data transfer.1980. Taft. name lookup. Naming and Addressing Conventions for Pup (Xerox Parc. the Rendezvous and Termination Protocol (RTP). 1978 and October.1109/TCOM. July. John F. 1975) • Edward A. Application protocols PUP supported a large number of applications. However. IEEE Transactions on Communications 28 (4): 612–624. "Pup: An Internetwork Architecture". Shoch. two protocols came into play. remote management.1094684.

and thus more elusive to target. a high ping causes lag. which is often more costly than the time it takes an electrical signal to traverse a typical span of cable. peer).Ping (video gaming) 161 Ping (video gaming) In multiplayer online video games. who does not crash. However. game programmers often instead build their own latency detection into existing game packets (usually based on the UDP protocol). The latter usage is common among players of first-person shooter and real-time strategy games. Having a low ping is always desirable because lower latency provides smoother gameplay by allowing faster updates of game data. Many game servers are not big enough to handle Denial of Service Attacks. it may make players' ping considerably higher. In these games. Ping is often conflated with lag.e. Internet connection speed. client software will often mandate disconnection if the ping is too high. the player aided by the higher ping skips around. so having a high latency will usually be to the user's peril. and autokicking players more. Ping is also affected by geographical location. the distance between the two is greater than it would be for players located within the US. For this reason. if someone is in India. playing on a server located in the United States. rather. making the player's gaming experience. . making it hard to judge where the character is exactly.with thresholds as low as 130 milliseconds. One may "lag out" due to unacceptably high ping. or qualitatively as low ping or high ping. This could be reported quantitatively as an average time in milliseconds. users with a high ping unintentionally gain an unfair advantage. very miserable. Similarly. as in some implementations of the Quake III Arena network protocol and game engine. A high ping is not the result of lag. Servers will often disconnect a client if the ping is too high and it poses a detriment to others' gameplay. Some factors that might affect ping include: network protocol engineering. the server keeps track of where the user's avatar is. For instance. wireless network interface cards must modulate digital signals into radio signals. many servers automatically remove players with higher than average ping . In more modern multiplayer online video games implementations. ping refers to the network latency between a player's computer (client). and therefore it takes longer for data to be transmitted. Hacking If a hacker applies a Denial-of-Service Attack on a game server. For instance. making the server liable to crash. Cheating In some games. the amount of packet-switching and network hardware in between the two computers is often more significant. and either the game server or another client (i. the quality of a user's Internet service provider and the configuration of firewalls. Rather than using the traditional ICMP echo request and reply packets to determine ping times.

g. passing data chunks over multiple connected networks is done by the network layer and delivery of the data to the right software application at the destination is done by the transport layer. or data. 2. sending ones and zeros across a wire. constitutes the protocol data unit at this layer. Unless we have already arrived at the lowest (physical) layer. For example. it treats it as payload.Protocol data unit 162 Protocol data unit In telecommunications. Information that is delivered as a unit among peer entities of a network and that may contain control information. The Layer 1 (Physical Layer) PDU is the bit The Layer 2 (Data Link Layer) PDU is the frame The Layer 3 (Network Layer) PDU is the packet The Layer 4 (Transport Layer) PDU is the segment (e.) Given a context pertaining to a specific layer. organizing the ones and zeros into chunks of data and getting them safely to the right place on the wire is done by the data link layer. a network address to help with routing. a protocol data unit (PDU) is best understood in relation to a service data unit (SDU). PDU is sometimes used as a synonym for its representation at that layer. In order to do this. The application or higher layer understands the structure of the data in the SDU. In a layered system. etc. For example. The features or services of the network are implemented in distinct "layers". The addition of addressing and control information (which is called encapsulation) to an SDU to form a PDU and the passing of that PDU to the next lower layer as an SDU repeats until the lowest layer is reached and the data passes over some medium as a physical signal. the term protocol data unit (PDU) has the following meanings: 1. All this additional information. The significance of this is that the PDU is the structured information that is passed to a matching protocol layer further along on the data's journey that allows the layer to deliver its intended function or service. 2. a code to identify the type of data in the packet and error-checking information. but the lower layer at the interface does not. is done by the physical layer. it becomes a service data unit to that layer. the layers pass service data units across the interfaces. Between the layers (and between the application and the top-most layer). When the PDU passes over the interface from the layer that constructed it to the layer that merely delivers it (and therefore does not understand its internal structure). For example: Bridge PDU or iSCSI PDU[1] PDUs are relevant in relation to each of the first 4 layers of the OSI model as follows: 1. plus the original service data unit from the higher layer. 4. it might add a port number to identify the application. decide if it is error-free and where to send it next. or "peer". address information. the protocol layer will add to the SDU certain data it needs to perform its function. decodes the data to extract the original service data unit. The matching layer. fiber. . undertaking to get it to the same interface at the destination. 3. etc. Packet-switched data networks In the context of packet-switched data networks. a unit of data which is specified in a protocol of a given layer and which consists of protocol-control information and possibly user data of that layer. the PDU is passed to the peer using services of the next lower layer in the protocol "stack". TCP segment) (Layer 5 and above are referred to as data.

and the crate is labelled with the region to which all the bags are to be sent. The sending post office might look only at the post code and place the letter in a mail bag so that the address on the envelope can no longer MAC layer PDU becomes physical layer SDU be seen.Protocol data unit The above process can be likened to the mail system in which a letter (SDU) is placed in an envelope on which is written an address (addressing and control information) making it a PDU. The letters themselves are SDUs when the bags are opened but become PDUs when the address is read for final delivery. When the addressee finally opens the envelope.de/faq/archiv/osi-protocols/msg00000. until it is combined with other bags in a crate. When the crate reaches the destination matching its label. The mail bag is labelled with the destination post code and so becomes a PDU. making it now an SDU. it is opened and the bags (SDUs) removed only to become PDUs when someone reads the code of the destination post office. htm). bldrdoc. the top-level SDU. the letter itself. when it is now an SDU.uni-giessen.html) (search for "PDU") . emerges. gov/ fs-1037/ fs-1037c.protocols. 163 References [1] This article incorporates public domain material from the General Services Administration document "Federal Standard 1037C" (http:/ / www. External links • comp.iso FAQ (http://www. making the crate a PDU. its.

which is empirically choose to be 10ms in a default RRED algorithm. RRED-ENQUE(pkt) 01 f←RRED-FLOWHASH(pkt) 02 Tmax←MAX(Flow[f]. usually utilized for access to a packet-switched broadband IP network.g. the sender will delay sending new packets if loss is detected (e. but also to Internet Protocol (IP).. an X. ISDN utilizes the PSTN circuit-switched network. Whilst there are several technologies that are superficially similar to the PSDN. Within a benign TCP flow. mostly used to provide leased-line connections between local area networks and the Internet using permanent virtual circuits (PVCs). The basic idea behind the RRED is to detect and filter out attack packets before a normal RED algorithm is applied to incoming flows. T2 is the arrival time of the last packet from any flow that is dropped by the Random Early Detection block. How to distinguish an attacking packet from normal TCP packets is critical in the RRED design. T2) 03 if pkt. especially the Low-rate Denial-of-Service [4] (LDoS) attacks. a packet is dropped). Robust random early detection The existing Random Early Detection (RED) algorithm and its variants are found vulnerable to emerging attacks. they are not examples of it.[1] The Design of Robust RED (RRED) A detection and filter block is added in front of a regular RED block on a router. Tmax = max(f. Experiments have confirmed that the existing RED-like algorithms are notably vulnerable under LDoS attacks due to the oscillating TCP queue size caused by the attacks. Consequently. such as Integrated Services Digital Network (ISDN) and the Digital Subscriber Line (DSL) technologies.T1. and DSL uses point-to-point circuit switching communications overlaid on the PSTN local loop (copper wires).T1.T1 is the arrival time of the last packet from flow f that is dropped by the detection and filter block. distinct from the PSTN.Public switched data network 164 Public switched data network A public switched data network (PSDN) is a publicly-available packet-switched network. a packet is suspected to be an attacking packet if it is sent within a short-range after a packet is dropped. T2). More Details [4] The Algorithm of the Robust RED (RRED) f.25-based packet-switched network. RRED algorithm can significantly improve the performance of TCP under Low-rate Denial of Service attacks. T* is a short time period.arrivaltime is within [Tmax. This is the basic idea of the detection algorithm of Robust RED (RRED). the term may refer not only to Frame Relay and Asynchronous Transfer Mode (ATM). Originally this term referred only to Packet Switch Stream (PSS). GPRS. Today. The basic idea behind the RRED is to detect and filter out LDoS attack packets from incoming flows before they feed to the RED algorithm. and other packet-switching techniques.[1] A Robust RED (RRED) algorithm was proposed to improve the TCP throughput against LDoS attacks. Tmax+T*] then 04 reduce local indicator by 1 for each bin corresponding to f 05 else . both providing PVCs.

org/ xpl/ freeabs_all. etc. Zhiping Cai. SFB. ieee.I >=0 then RED-ENQUE(pkt) //pass pkt to the RED block if RED drops pkt then T2←pkt. google. Low-rate DoS. jsp?arnumber=5456075) [2] http:/ / sites. 14. etc. pdf?attredirects=0). 2010.). and Weifeng Chen. RRED: Robust RED Algorithm to Counter Low-rate Denial-of-Service Attacks (http:/ / sites.More Details [3] Related Publications Recent Publications in Low-rate Denial-of-Service (LDoS) attacks [12] Recent Publications in Random Early Detection (RED) schemes [2] Recent Publications in Active Queue Management (AQM) schemes [1] References [1] Changwang Zhang. Ref (http:/ / ieeexplore.arrivaltime drop(pkt) return 165 More Details [4] The Simulation code of the Robust RED (RRED) The simulation code of the RRED algorithm is published as an Active Queue Management and Denial-of-Service (AQM&DoS) Simulation Platform. Jianping Yin. com/ site/ cwzhangres/ home/ files/ RREDRobustREDAlgorithmtoCounterLow-rateDenial-of-ServiceAttacks. 489-491. RRED.arrivaltime else Flow[f].) and Active Queue Management (AQM) algorithms (RED. vol.T1←pkt. google. pp. The AQM&DoS Simulation Platform [3] is able to simulate a variety of DoS attacks (Distributed DoS.I←maximum of local indicators from bins of f if Flow[f]. com/ site/ cwzhangres/ home/ posts/ recentpublicationsinrandomearlydetectionredschemes . Spoofing DoS. IEEE Communications Letters.Robust random early detection 06 07 08 09 10 11 12 13 14 15 increase local indicator by 1 for each bin of f Flow[f]. It automatically calculate and record the average throughput of normal TCP flows before and after DoS attacks to facilitate the analysis of the impact of DoS attacks on normal TCP flows and AQM algorithms.

Most socket application programming interfaces (APIs).al.lg.net/raw-sockets/raw-sockets.ic. support raw sockets.org/~skolychev/Net-RawIP-0. (http://search. module for Perl applications. especially those based on Berkeley sockets.Raw socket 166 Raw socket In computer networking. Three years after the Windows XP release. the automatic addition of a header may be a configurable option of the socket.aspx) an indication of what's actually allowed on Windows. Microsoft silently limited Winsock's raw socket support in a non-removable hotfix and offered no further support or workarounds for applications that used them.Michael Howard's Web Log (http://blogs.ua/~ksv/). Windows XP When Microsoft released Windows XP in 2001 with raw socket support implemented in the Winsock interface. Usually raw sockets receive packets inclusive of the header. bypassing all encapsulation in the networking software of the operating system.msdn. • Network Programming for Microsoft Windows (ISBN 0-7356-1579-9) • A little more info on raw sockets and Windows XP SP2 . org/ nmap-hackers/ 2005/ 4) External links • Video Tutorials on Programming with Raw Sockets (http://security-freak.pm) Created by Sergey Kolychev (http://www.html) • Net::RawIP.org/papers/ sock_raw) .com/ michael_howard/archive/2004/08/12/213611.cpan. a raw socket is a socket that allows direct sending and receiving of network packets by applications.[1] References [1] Microsoft Tightens the Noose on Raw Sockets (http:/ / seclists.1/RawIP. the media criticized Microsoft asserting that raw sockets are only of use to hackers to perform TCP reset attacks. as opposed to standard sockets which receive just the packet payload without headers. • SOCK_RAW Demystified: article describing inner workings of Raw Sockets (http://sock-raw. When transmitting packets.

References [1] https:/ / mypeek. This cuts out many of the steps usually involved in this process and dramatically shortens time to knowledge. wildpackets. The matching packets are loaded directly into OmniPeek and analyzed. The preamble of an Ethernet frame consists of a 56-bit (7-byte) pattern of alternating 1 and 0 bits. wildpackets. and time to fix. php?id=33 [2] http:/ / blog. which allows devices on the network to easily detect a new incoming frame. com/ 2009/ 01/ network-forensics. html Start Frame Delimiter The Start Frame Delimiter (SFD) is the 8-bit (1-byte) value marking the end of the preamble of an Ethernet frame. Not only does the SQLFilter allow users to search for packets across thousands of trace files. The packet database can also be used to build multi-tier data mining and network forensics systems. For a more indepth discussion of the SQLFilter read Packet Data Mining and Network Forensics [2] . this revolutionizes the job of finding packets. It has the value 10101011. The SFD is designed to break this pattern. it also loads the resulting packets directly into OmniPeek or EtherPeek.SQLFilter 167 SQLFilter SQLFilter [1] is a plugin for OmniPeek that indexes packets and trace files into an SQLite database. For network trouble shooters. . As more companies save large quantities of network traffic to disk. The packets can then be searched using SQL queries. com/ view_submission. and signal the start of the actual frame. The SFD is immediately followed by the destination MAC address. tools like the WildPackets SQLFilter make it possible to search through packet data more efficiently.

The channel number is denoted Program ID (PID). When performed correctly. each data stream is assigned time slots (of fixed length) or data frames (of variable lengths) that often appear to be scheduled in a randomized order. Each stream is divided into packets that normally are delivered asynchronously in a first-come first-serve fashion. where data streams from several application processes are multiplexed together. Static TDM and other circuit switching is carried out at the physical layer in the OSI model and TCP/IP model. except that. In statistical multiplexing. Alternatively. each packet or frame contains a channel/data stream identification number. Statistical multiplexing is used to allow several video. the packets may be delivered according to some scheduling discipline for fair queuing or differentiated and/or guaranteed quality of service. This is an alternative to creating a fixed sharing of a link. Statistical multiplexing allows the bandwidth to be divided arbitrarily among a variable number of channels (while the number of channels and the channel data rate are fixed in TDM). Usage Examples of statistical multiplexing are: • The MPEG transport stream for digital TV transmission. The transmission capacity of the link will be shared by only those users who have packets. for example a wireless channel. audio and data streams of different data rates to be transmitted over a bandwidth-limited channel (see #Statistical multiplexer). Statistical multiplexing is facilitated through packet mode or packet oriented communication. Statistical multiplexing of an analog channel.Statistical time division multiplexing 168 Statistical time division multiplexing Statistical multiplexing is a type of communication link sharing. Statistical multiplexing ensures that slots will not be wasted (whereas TDM can waste slots). is also facilitated through the following schemes: • Random frequency-hopping orthogonal frequency division multiple access (RFH-OFDMA) • Code-division multiple access (CDMA). The packets may have varying lengths. rather than assigning a data stream to the same recurrent time slot in every TDM frame. Statistical multiplexing normally implies "on-demand" service rather than one that preallocates resources for each data stream. or (in the case of datagram communication) complete destination address information. Comparison with static TDM Time domain statistical multiplexing (packet mode communication) is similar to time-division multiplexing (TDM). while statistical multiplexing is carried out at the data link layer and above. where different amount of spreading codes or spreading factors can be assigned to different users. very similar to dynamic bandwidth allocation (DBA). The packets have constant lengths. statistical multiplexing can provide a link utilization improvement. which amongst others is utilized in packet switched computer networks. and experience varying delay (while the delay is fixed in TDM). Channel identification In statistical multiplexing. a communication channel is divided into an arbitrary number of variable bit-rate digital channels or data streams. • The UDP and TCP protocols. The link sharing is adapted to the instantaneous traffic demands of the data streams that are transferred over each channel. The port numbers constitute channel identification numbers (and also . called the statistical multiplexing gain. such as in general time division multiplexing (TDM) and frequency division multiplexing (FDM). Statistical multiplexing schemes do not control user data transmissions.

Alternatives In some communication systems. then other special characters to synchronize to the beginning of a frame of characters. External links • Example of Statistical Multiplexing [1] (Chart from a real DVB-T multiplex) References [1] http:/ / igorfuna. • The X. The multiplexer allocates to each service the bandwidth required for its real-time needs so that services with complex scenes receive more bandwidth than services with less complex ones.25 and Frame relay packet-switching protocols. where the packets have varying lengths. and the channel number is denoted Virtual Connection Identifier (VCI). sync character or preamble is used to synchronize a transmission by indicating the end of header information and the start of data.25 protocol suite was colloquially known as "the Packet switched network" in the 1980s and into the beginning of the 1990s. For example. An example of a syncword is 0x0B77 for an AC-3 encoded stream. For example. The bisync protocol of the 1960s used a minimum of two ASCII "SYN" characters (0x16…0x16) to achieve character synchronization in an undifferentiated bit stream. For example. CRC-based framing achieves character and start-of-header synchronization. This bandwidth sharing technique produces the best video quality at the lowest possible aggregate bandwidth. • The Asynchronous Transfer Mode packet-switched protocol. where the packets have fixed length.[1] [2] Various techniques are used to "disguise" bytes of data at the data link layer that might otherwise be (incorrectly) recognized as the sync word.25 providers. a receiver can achieve character synchronization from an undifferentiated bit stream. the FSK441 protocol achieves character synchronization by synchronizing on any "space" characters in the message -. without the overhead of an explicit syncword. The international collection of X.in effect. while other systems use ASCII armor.Statistical time division multiplexing address information). every "space" character in the message does double duty as a syncword. Examples For example an audio receiver is receiving a bit stream of data. The channel identification number consists of a Virtual Connection Identifier (VCI) and a Virtual Path Identifier (VPI). 169 Statistical multiplexer In for example digital audio and video broadcasting. . a statistical multiplexer is a content aggregating device that allows broadcasters to provide the greatest number of audio or video services for a given bandwidth by sharing a pool of fixed bandwidth among multiple services or streams of varying bitrates. or start-of-header synchronization from a byte stream. a syncword. com/ dvb-t/ slovenia/ multiplex-a-usage-chart Syncword In computer networks. using the X. HDLC uses bit stuffing or "octet stuffing".

. Using a TCP connection gives the computers an easy way to exchange data items too big for a single packet. ISBN 9781857283792. TCP (as opposed to other protocols such as UDP) is used with IP when a virtual connection is required between two computers. TCP resets The stream of packets in a TCP connection each contains a TCP header. Connectivity Knowledge Platform. such as copper and fiber optics cables. com/ books?id=ye4DwILZhq0C& pg=PA12) (2nd ed. or packets of data. 170 Preamble In digital communication. com/ bisync. other times. The basic protocol used on the Internet is the IP protocol.Syncword In a self-synchronizing code. When computer A reboots. in effect. Each protocol has a block of information. etc. email attachments. every character is. p. called "protocols". made-it. It is used for both frame synchronization such as for Ethernet frames. Each of these headers contains a bit known as the "reset" (RST) flag.computer B. These terms refer to a method of tampering with Internet communications. 2011. A TCP reset basically kills a TCP connection instantly. Headers contain information about which computer sent the packet. preamble is a sequence of known bits are sent in each frame. or music files. google. as well as channel estimation.). also known as "forged TCP resets". and a formalized system for formatting the messages. such as video clips. however if this bit is set to 1 it indicates to the receiving computer that the computer should immediately stop using the TCP connection . the packet size. One common application is the scenario where a computer (we'll call it computer A) crashes while a TCP connection is in progress. it is beneficial. Taylor & Francis. it will then receive packets from the old pre-crash connection. Computer communications and networks (http:/ / books. Technical Background The Internet is. TCP software on the two machines which will communicate (for example a workstation with a browser and a web server) by exchanging a stream of packets. a system for individual computers to exchange electronic messages. This system includes hardware to carry the messages.It should not send any more packets using the connections identifying numbers (called ports). so it might send a TCP reset to the sender of the packets . Made IT. Although some web pages are small enough for a single packet.. a syncword. When used as designed this can be a useful tool. Freer (1996). TCP/IP is the protocol set used for email and web browsing. References [1] "BiSync. Computer A has no context for these packets and no way of knowing what to do with them. in essence. The computer on the other end (computer B) will continue to send TCP packets since it does not know computer A has crashed. and discard any further packets it receives with headers indicating they belong to that connection. they are sent over TCP connections for convenience. called a header. the tampering is malicious. This reset lets . html). which is usually coupled with additional protocols such as TCP (Transmission Control Protocol[1] ) or UDP (User Datagram Protocol). [2] John R. 12. TCP reset attack TCP reset attack. Sometimes. included near the front of each packet. "spoofed TCP reset packets" or "TCP reset attacks". . BSC" (http:/ / ckp. In most packets this bit is set to 0 and has no effect. and can be used to achieve character synchronization in an undifferentiated bit stream. Retrieved July 5. which computer should receive it.

falsely. html) . This started a controversy. They have also argued that these resets are a legitimate way to reduce network traffic.TCP reset attack computer B know that the connection is no longer working. 171 Forging TCP resets In the scenario above the TCP reset bit was sent by a computer which was one of the connection endpoints. interesting-people. and the open source Snort used TCP resets to disrupt suspicious connections as early as 2003. The term "forged" Some representatives of ISPs dislike the use of the term "forged" when referring to these TCP resets.From Dave Faber's IP list . network security systems using forged TCP resets have been designed as well. txt) [2] May 2000 Linux discussion archives (http:/ / lists. msn. nnsquad. com/ id/ 21376597/ ) [6] NNSquad home page (http:/ / www. html) [4] Section of Wikipedia Comcast article [5] Associated Press. This information includes the endpoint IP addresses and port numbers. netfilter. which was followed by the creation of the Network Neutrality Squad (NNSquad) by Lauren Weinstein. It's possible for a 3rd computer to monitor the TCP packets on the connection. which could detect Comcast's forged TCP resets and distinguish them from real endpoint-generated resets. that it came from an endpoint.[6] In 2008 the NNSquad released the NNSquad Network Measurement Agent. David Farber. and on August 21.[3] Comcast Controversy By late 2007 Comcast began using forged TCP resets to cripple peer-to-peer and certain groupware applications on their customers computers [4] [5] . org/ pipermail/ netfilter/ 2000-May/ 003971. msnbc. Properly formatted forged TCP resets can be a very effective way to disrupt any TCP connection the forger can monitor. not the forger. ietf. org/ archive-1-1429. Comcast Blocks Some Internet Traffic (http:/ / www. snort. html) [3] SNORT discussion archive re: TCP resets (http:/ / www. org/ rfc/ rfc0793. 2008 it ordered Comcast to terminate the practice. Vint Cerf. The user on computer B can now try another connection or take other action. Linux volunteers proposed doing something similar with Linux firewalls in 2000 [2] . and then send a "forged" packet containing a TCP reset to one or both endpoints. The headers in the forged packet must indicate. However. Ironically the technology to detect the resets was developed from the earlier Open-source "Buster" software which used forged resets to block malware and ads in web pages. Every field in the IP and TCP headers must be set to a convincing forged value for the fake reset to trick the endpoint into closing the TCP connection. a Windows software program written by John Bartas.more on this below. Are forgeries good or bad? One obvious application of forged TCP reset is to maliciously disrupt TCP connections without the consent of the two parties which own the endpoints . org/ archives/ interesting-people/ 200805/ msg00163. Craig Newmark and other well-known founders of and champions of openness on the Internet. org/ ) [7] Article on validity of resets as management tool (http:/ / www. A prototype "Buster" software package was demonstrated in 1995 that would send forged resets to any TCP connection which used port numbers in a short list. In January 2008 the FCC announced it would investigate Comcast's use of forged resets.[7] References [1] TCP specification (http:/ / www.

snort.eff. ac.org/wp/packet-forgery-isps-report-comcast-affair) Virtual packet In computer networking. These "virtual packets" allow heterogeneous networks to talk to each other using a common protocol. part of a course on computer networking hosted by the University of London . uk/ academic/ networks/ network-layer/ ip/ index.[1] References [1] Internet Protocol (IP) (http:/ / penguin. bbk. dcs. the OSI model) above the most basic packets or frames used in a network. php). to simulate real-world network conditions such as packet storms • Packets at any layer or sublayer (as those terms are used in.TCP reset attack 172 External links • SNORT Official website (http://www.org/) • EFF report on Comcast use of resets (http://www. for example. virtual packet may refer to: • Packets created by a packet generator.

Mentifisto. Shinson. Zidane2k1. XKL. Yngvarr. Thogan. Harryzilber. Pristino.org/w/index. Aecis. Romney yw. Frap. Esrever. Ilyasali khan. Sjc07. Center4499. Irishguy. Jrdioko. R'n'B. Vegaswikian. Fang Aili. KnowledgeOfSelf. Zr2d2. DDerby. Pmsyyz. Mukis. Brainyiscool. Rupertb. Jamcib. Kigali1. Minesweeper. Solarisworld.Article Sources and Contributors 173 Article Sources and Contributors Deep packet inspection  Source: http://en. Adambro. MrChrome. DaRaeMan. Theaveng. Lamro. Dman727. Uniwares. Edgar Waingortin. Belazu.php?oldid=447837259  Contributors: Aaron Rotenberg. Zvar. Curps. Whisky drinker. King Lopez. Robina Fox. Mlluis. Shashibg. LemonairePaides. Anthony71. Elenabrown. SmartGuy. Polly. Mezzaluna. Anetode. Chenxiaoqino. DMG413. Rocastelo. Colonies Chris. Thumperward. Cisco (With Greg). Daveswagon. Lloyd Wood. Ironholds. Cradel. Ohconfucius. Edgarde. Dchapes. Washburnmav. Treekids. Eagleal.php?oldid=444219406  Contributors: Agurwitz. Pooua. Gwernol. Acdx. Mikepelley. Papa9090. Bumm13. Marokwitz. Epbr123. Jni. KelleyCook.moyal. Sherryp22. RockMFR. Teraknor. JonHarder. Crusio. Ckt2packet. Lyonspotter. OlEnglish. Sonar610. Jwojdylo. Ohnoitsjamie. Iztoku. Brian2wood. Kim Rubin. Sdaronsky. SDC. Ark25. KnowledgeOfSelf. Tycoon24. Kamath. Courtarro. Mentallo 477. CarolGray. 1exec1. Maytran999. Mrmodine. John K. ZimZalaBim. DaBler.php?oldid=446742035  Contributors: A. S51438. Dawnseeker2000. Rsb7. Woodshed. Rick Sidwell. Squirrelist. Trangana. True Pagan Warrior. Cmdrjameson. E Wing. CraigB. Filterbob. Apple17cm. Mitchdeweber. Bentogoa. Ehudshapira. Sdaman.bar. Frickeg. Downwards. Martin451. Edcolins. Paperclip777. Mariguzm. Ksensenig. DerHexer. Kwiki. Boothy443.org/w/index. Mrmclean. Mehudson1. Seevinayin. EmbeddedBSL. Hardikp12.wikipedia. Kparisot. Thepangelinanpost. TerrierHockey. Noq. Nehle. Chrisdab. Bobo192. Red Thrush. Scieberking. Eiscosogin. Tachitsuteto. Joseanda1006. Zodon. Veinor. Ptwopdude. JeffJonez. Joy. Berford. Mehudson1. GraemeL. Airplaneman.php?oldid=440883331  Contributors: Alansohn. AntiVanMan.org/w/index. Vsync. Gilabrand. Tom harrison. ChrisRuvolo. Spearhead. Alsee. Tomich. Powell1605. Cdowninge. OlEnglish. Mineralè. Ethyr. Agrechin. UU. Biot. Jadams76. Krypticmind. ArtiePesh. Frap. Casablanca2000in. Mar Garina. Jamcib. Bsdguru. RadioFan2 (usurped). Axiome2. Dstivers. Ivan Velikii (2006-2008). Kitch.lala. Bomazi. EagleOne. Aesalon. Fastilysock. Mjlodge. Y. Perspeculum. Robguru. Travelbird. Senzhang. Astor14. Prodoom. Jevansen. Piano non troppo. Pabouk. Towel401. Moe Epsilon. Wikipodium. Ronpeled. Zuras 538. Umers90. Mezigue. Spoonboy42. Astor14. Jalal0. Rjwilmsi. Erik. Vespristiano. Pip2andahalf. Muhgcee. Yonatan. Moheed. Mr. Rob1974. MementoVivere. GayCommunist. Labarnah. Monkeyman. Bunnyhop11. Gilabrand. Woohookitty. Jay. Amilator. Rjwilmsi. Instantnood. Bewert. John Hyams. Nealmcb. Homestarmy. SaxicolousOne. Ailanto. Ckatz. Coolian. Blowfish. ProjectmanagerCHKP. Rjwilmsi. Kizor. Dana boomer. Mcingue1. Typhoon. Kuru. BD2412. Jdfirth. BioPupil. Luna Santin. PaulHanson. Postoak. Klapouchy. Gwernol. Xnatedawgx. KelleyCook. Danroa. Kwsn. Andareed. RJHall. Humphrey Churchill. Santuccie. Kai-Hendrik. Michael Hardy. Agentbla. Numberonegenius. JamesBWatson. Phatom87. Jvcdude. Nybubba. Jpbowen. Christopher Kraus. Rio de serionata. Hu12. DocWatson42. Meldodd. N328KF. NeilN. Fredrik. Trevc63. Derickmoore. OrgasGirl. Doretel. Viewfinder. Jcharr. Voidvector. Pearle. Quadra630. Kubigula.php?oldid=448514851  Contributors: 007007wiki. Piano non troppo. Steven312. JHunterJ. Ebizdaniel. FT2. Shoone. EdJohnston. Kurauchi. Vijaypadiyar. Shawnc. MrHat1065. Shuki. Hblackhawks. Dr unix. Scnash. SomniOne. Notquiteleet. Surfingslovak. Flashcube. Chris the speller. TimQuinn. Kgrr. Ranumao. Rhopkins8. Rutruth. Alansohn. Uncle G. Ziyadbasheer. Guy Harris. Djaydem66. Charlemagne11. Nzd. Capricorn42. Firefighter Dog. The Thing That Should Not Be. This user has left wikipedia. Alansohn.wikipedia. JYOuyang. Shymian. Ha us 70. Soumyasch. Davidstrauss. Merope. Metadigm. Mtruch. Cjsmed. Ahunt. Venus 9274. Mpeylo. Spikehall1234. Uncle Dick. Onoes. Rednblu. Astor14. Ryan Roos. Raanoo. Iridescent.wikipedia. Saffrony. Leafyplant. Lostforwords. 999mal. Rjwilmsi.php?oldid=445444053  Contributors: Aspects. CanisRufus. Beebux. Betacommand. Oroso. RexNL. BalkanFever. Epolk. PAStheLoD. Hollaback22. Gordon Ecker. Trbdavies. Van helsing. Aluvus. OCTANE95. John Hyams. Caliper. Coolcaesar. Harryboyles. Beto. Tombomp. Phil Urich. Alepik. Tregoweth. Evrik. B Pete. Aaronproot. Eugman. UrSuS. Kateshortforbob. Rich Farmbrough. Avaneendra. NPatrick6. Mgurunathan. Chulk90. WikiDan61. Drmies. Zmiller923. KD5TVI. Billhunt. Hu12. Routergod. YoavD. Mjpresson. Jcraft50. Winton. Brholden. Robocoder. Edward. MER-C. Nathan. Davidstrauss. Rrburke. JLaTondre. JonJuan. Liquidsnakejr. 1001001. MARQUIS111. Bleakcomb. Phaldo. Harumphy. THEN WHO WAS PHONE?. Emersoni. GavLewis. Edgar181. Factcheckrz. Vitor Mazuco. GNMC. Colonies Chris. Tri400. Caltas. Wikidemon. Xrgtn. Superjordo.sg. SimonMackay. Verified360. Plasticup. Pathgrant.wikipedia. SamJohnston. Christopher Kraus. Mosquitohawk. Phatom87. Ipsla. Nubiatech. Dan100.php?oldid=441907094  Contributors: A Doon. Thingg. B Pete. Bookbrad. Ta bu shi da yu. Frap. DutchTreat. SasiSasi. Ftpaddict. AlexeyV. GreenJoe. PacketDude. 117 anonymous edits Allot Communications  Source: http://en. BendersGame. Mellery. Sreifa. Barri. Noir. Informationh0b0. Rjwilmsi. Nikai. Mitensampat. Jbyers. Pandich.org/w/index. Ronambiar. MikeLynch. Kandsten. Mtmatt. Versus22. Jbromhead. Bill. Anna Lincoln. JonHarder. Hasek is the best. Tonkie67. WhisperToMe. Amandeep 11. Nthep. Truthdowser. Boism. Jeff G. Brackets. Tide rolls. Rcawsey. Chaitanya. Hax0rw4ng. Au k. Nina1995. Jerrycho13. Swliv. Bearcat. CliffC. Randirocks37. TexasAndroid. YUL89YYZ. Sayden. Cdc. RedWolf. Trutkowski. Ynhockey. CliffC. WilliamCaban. Rossumcapek. Brentyoung. Kittoo. UncleDouggie. Vanished User 1004. Lightmouse. Larry V. Squids and Chips. Shirt58. Cheung1303. Muzilino. Teles. Madchester. NapoliRoma. Mosquitohawk.wikipedia. CaptainMorgan. Bluedisk. Jpp42. Catapult. Gogo Dodo. Sprinter76. HamburgerRadio. Naugahyde. Mattyinwisconsin. The wub. Eros. Wadamja. Nonomy. G33k-3d1t. Cotisocetinoiu. Hansivers. Howardtheroarke. Jessica Schieve. Kirill Lokshin. Biker Biker. Sbowers3. Smallfixer. Kelly Martin. Alduhayman. Kyleflaherty. Ahbond. SaratogaH.org/w/index. Winston earl smith. Corvus cornix. EXTremY. PaulHanson. Ryker. Mitchoyoshitaka. For Loop. Rjwilmsi. Rabhyanker. Guy Harris. HD999. Aymatth2. Eric Klein. Psantora. Blaxthos. Dinu.moyal. Favonian. Mild Bill Hiccup. Swellesley. Switzpaw. Bobblewik. CecilWard. DaveB549. Xyzzy288. Ash1932.org/w/index. Qxz. Amanfbd2002. Sig0. Lpmusix. NiZhiDao. Bluemoose. KansasCity. Mmernex. Ground Zero. Ned Scott. Apankrat. Stevebrigden. Dragonnas. Aavindraa. Znx. Shortride. Quigley. BaRiMzI.nakul. Astralblue. Moskovich. Ferdiaob. Melcombe. Jiddisch. TheNewPhobia. Marathi mulgaa. Rhsimard. Yasakak. West London Dweller. WJetChao. R'n'B. Qwertythecat. Meehawl. Vlad. Cooldeep. Macpl. Alpha Quadrant. UnitedStatesian. Pmitrevs. Kozuch. Junkware. Sephiroth storm. Specious. Jacklyne Hamilton. YUL89YYZ. Greenshed. Keesiewonder. Mwanner. Alex91dml. Niggurath. Nzd. Chrisn4255. Jimmy 21mar. Akula4211. Dawnseeker2000. Juliancolton. Netwrecked. Vikipedi. Apankrat. Jeffcrews. Moulding. Ed Poor. Tjpayne. RadioFan. Gavint0. 33 anonymous edits Network intelligence  Source: http://en. Avernet. Qviri. Pylori. HamburgerRadio. Frecklefoot. Rsecker. Kgrr.wikipedia. Rettetast. Petri Krohn. Bovineone. Darklilac. Plausible to deny. Eastofethan. Jasper Deng. Guy Harris. Andy Marchbanks. Secretlondon. Alvestrand.wikipedia. Jeffhane100. Rubyyasmin. Jopetersen. Knff. Chris the speller. John.henderson. Rcawsey. 128 anonymous edits . Jim. Slashme. The Anome. Neelix.php?oldid=396395157  Contributors: Bsimonis. LesPoiEs. Arletty75. Mcingue. Simslover. Sophus Bie. Gail. Hydraton31. Lbelkind. Idaltu. Felixcatuk. Aldie. Anon515. Wprlh. Lightmouse. Mr. Tqbf. Common Man. BradReeseCom. Dav92178. Kelvingeorge. Mattsday. Dispenser. Unknown W. J04n. Andreas Kaufmann. FranzMeister. Fatla00. Codwiki. Scott McNay. MartinHagberg. Dflasker. Bevo. Terrybader. Mr. Johnpseudo. Businessmonkey. Y. Callidior. John. Gmaxwell. Guyanakoolaid. Sbfw. AndrewHowse. Ixfd64. Erkan Yilmaz. Urbanrenewal. ManosFate. Beland. Ninja247. Nei1. Deineka. JonHarder. Hairy Dude. Davis. Phillip Tyre.org/w/index. Madhero88. DrachenFyre. Mean as custard. Abhinvanand. Mr. Storkk. Evildeathmath. Cybercobra. Bongwarrior. SteveSims. Tompsci. A Man In Black. Qwerty8991. Alecv. Hu12. Sietse Snel. Mailer diablo. Rcragun. The Rambling Man. Akadruid. Olivier. Tkaizan. WadeSimMiser. Jesse Viviano. BTWheeler. Djeikyb.org/w/index. Truthcommission. Liquid Chrome1. Kirklander. Aspenjazz. FlashSheridan. Bender235. Imperi. David. Lightmouse. Mbell.wikipedia. R. TaborL. Mandarax. Aymatth2. Gsarwa. SNIyer12. Petrinarobins. Malepheasant.‫טרול רפאים‬ anonymous edits Cisco Systems  Source: http://en. Aeons. Doctaweeks. Kimchi. Tnash7d. DaveBurstein. Chris the speller. Pursey.golovko. Haywire.wikipedia. Emadido. SusanLesch. RamapoJohn. 143 . Woohookitty. Iridescent. Giraffedata. Yaronf. Gaius Cornelius. Elphion. Isonomia. 972 anonymous edits Front Porch  Source: http://en. Ptwopdude. AliveFreeHappy. Red Thrush. Huiguo01. Jrtayloriv. M2petite. Mdecampo8999. Shervinafshar. Bpringlemeir. Pde. Mozart20d. Gutenbergj. Katana0182. Sandspur1966. Lemento. Dragomiloff. Ugilad. Tasmanian56. Oli Filth. Austinmurphy. Tomlzz1. PigFlu Oink. N5iln. Tedder. Danhm. DJOMaul. DannyDin. Goochelaar. Sherool. Barrylb. Admanonline. Sophie.larsson. JosephBarillari. Manoj-jaiswar.wikipedia. GoingBatty. Jim62sch. Amcl. WurmWoode. Scooby3. Annirak. Nishith Nand. Geofones. Fry140.org/w/index. Shoeofdeath. 1 anonymous edits Labris Teknoloji  Source: http://en. GregorB. 31 anonymous edits NebuAd  Source: http://en. Chrisc8266. KevinJones. Stepheng3. Jnc. Riick. Takerman. Storytellershrink. Vhann. Agencius. Tintenfischlein. Koavf. Tiredmain. Cmr08. Adrian.moyal. Fuhrmanator. Cheemais. QEDquid. Dgtsyb. Cisco crisco. Brianhe. Opelio. Stardust8212. Eustress. Agasta. SMC. O1001010. Goltz20707. Exobyte. 6 anonymous edits Radware  Source: http://en.php?oldid=425301933  Contributors: Azumanga1. Jerryseinfeld. SimonLyall. Chkptone. Mt7. Rwcgroup. Peipei. Garywill. Paradoxicalengineer. Winchelsea. Machismo500. Qwyrxian. Nikolas Karalis. Papajohnin. Richard Arthur Norton (1958. Black206. Visiting1. Calltech. 42 anonymous edits Sandvine  Source: http://en.wikipedia. JLaTondre. Tomdo08. RandallJones. Gobonobo. Bunni25. 82 anonymous edits Check Point  Source: http://en. Alison9. Srijith2007q. Tinton5.. Sravisha. Cybercobra. EagleFan. Darth Panda. CastAStone. Naddy. Oo64eva. Frosted14. DavidBlackwell. KiloByte. Surv1v4l1st. Michal Nebyla. Hmains. Brianhe. Behildeb. Tagishsimon. Namekatak. Muhandes. Shadowjams. SirGrant. Telecart. JohnnyBGood. Hmains. CrypticBacon. Csabo. Smmgeek. Alvarossjunior. Hobartimus. Funchords. Ttonyb1. Zedla.php?oldid=419184275  Contributors: Alexanderrock. Baeksu. Malepheasant.org/w/index. DMCer. AlfredWalsh. Cwolfsheep. Molly. Parrot. Uosdwis. Dot-per-inch.srinivaas. Presidentman. Yaronf. Bongomatic. Kbdank71. ArnoldReinhold. Amitnme. D6. Jesant13. Aristanet. One. Jenrzzz. JetBlast. Ejay. Kaplanmyrth. Weyes. Hellion 468. Kkm010. Philip Trueman. Raul654. Ryan0.org/w/index. Wizardman. 16@r. @pple. Phil Holmes. Langloisgroup. Kate. Zeroday. Zabby1982. RHaworth. Falcorian. Mole2386. XSTRIKEx6864. Psychlohexane. Sam Hocevar. Nihiltres. Selene 372. Singularity. Piarres. Altenmann. Gaius Cornelius. Jlemos35. Reactor12. Algotr. Deepak175. Pdelong. HybRiDx24. Pedant17. Kll.). Hmbr. Winheinhtut. Shanes. Iridescent. 0x6D667061. Funchords. Astor14. Elenap221. Kinawi. Ceyockey. Katous1978. Theothertomjones. Krystalin 8159. RJFJR. Catapult. Kinu. Marcus Brute. Levineps. Lctech. Looxix. Apohran. 2technical. ExplicitImplicity. Dcoetzee. Zidoc. Giraffedata. Tinucherian. Minimavus. Woohookitty. Sceptre. 24 anonymous edits Barracuda Networks  Source: http://en. Chowbok.wikipedia. Mikeblas. 3 anonymous edits Narus (company)  Source: http://en. InShaneee. JamesAM. Brooke6969. Tinton5. Mahewa. Nuance13x. Prolog. Rossami. Music Sorter.org/w/index. Stavrinov. Kgrr. Thorprime. Scarpy. CesarB. Plasticup. Drughwan. TonyW.Smith.php?oldid=434934453  Contributors: AmySi41. WeisheitSuchen. Xcentaur. Togaaltos1. Ashishkapahi. Sigma 7. TachyonJack. Lboulton. Tascha96. Mmernex. Zigforjustice.matthews. Matilda.php?oldid=442297051  Contributors: Admanonline. Janegca. Therealcolletepierre. Ernestvoice. TheDJ. Merzbow. Everyking. Cipher 107. StuffOfInterest. Alerante. Everyking. The wub.

P. Studerby.wikipedia. Yuriybrisk.wikipedia.henderson. AAriel42. Hooperbloob. Retran.org/w/index. Fang Aili.wikipedia. Peaceray. Johnuniq. Henk. Quatloo. Phatom87. John254. Mange01. Erkan Yilmaz. Anna Lincoln. Dcoetzee. Caerwine. Mirv. Heron.harris1. Shaw. Linuxbeak. Alvestrand. Sgeo. Rettetast. RazorICE. BananaFiend. Deb. Stefano85. Acrosser. Xmm0. Ahoerstemeier. Timrem. Tohd8BohaithuGh1. Intgr. Can't sleep. 23 anonymous edits Business Control Layer  Source: http://en.php?oldid=440433412  Contributors: Bearcat. Elfguy.php?oldid=409262059  Contributors: Alansohn. TNLNYC.henderson. EdH. Freeingmind. IronGargoyle. Hectorthebat. Michael Devore. Hmains. Torla42. CrescentCaren. Copsewood.php?oldid=332546963  Contributors: Babbage. Cheatochris13. R6144. JonHarder. Лев Дубовой. Brownh2o.wikipedia. M4gnum0n. Deineka. PaulWay. Greenshed. Calabraxthis. Vulturell. Phatom87. Jpbowen. Mleoking. B Pete. Wildwild. The Thing That Should Not Be.wikipedia. Svick. Crakkpot. Trevor. Bobo The Ninja. YUL89YYZ. KConWiki. Barakw.of. 134 anonymous edits Stonesoft Corporation  Source: http://en.wikipedia. Kbdank71. Maradine. Celarnor. 1 anonymous edits Fast packet switching  Source: http://en. Tikiwont. All Hallow's Wraith. Jeh. Olivier Debre. Oicumayberight. Hadrianheugh. Dixonjohnpaul. Wine Guy. Lethe. Crystallina. Learjeff. Emersoni. ZeroOne.org/w/index.wikipedia. W Nowicki. JECompton.wikipedia. Cmdrjameson. BrainyBroad. Bobo192. Jeff Paine. Jrcla2. 9 anonymous edits Firewall (computing)  Source: http://en. GcSwRhIc. Owen. Roofbird. 9 anonymous edits Cisco Express Forwarding  Source: http://en. Rich Farmbrough. Eyrian. Kgrr. JonHarder. JMiall. Gonzopancho. Capi. Ans-mo. Wilhelmina Will Data-dependent jitter  Source: http://en. Bencejoful. Tillman.wikipedia.pitre. Chzz. Robert K S. Elonka. Triwbe. LeaveSleaves. 9 anonymous edits Context-based access control  Source: http://en. Michael Hardy. Bband11th.php?oldid=332547061  Contributors: 1exec1. Jrcla2. Ketiltrout. Thumperward. Yang. Graham87. Timneu22. Cander0000. Cffrost. Martarius. DSatz. Jec. 4twenty42o. Glamourtree.wikipedia. MPerel. Teles.wikipedia. Msirivia. ConradPino. Andrei Stroe.. Anabus.php?oldid=444739845  Contributors: 16@r. D6. Trasz. ImGz. Simple Bob. SymlynX. Boleyn. Thepulse2007. Remarks999. 151 anonymous edits Active queue management  Source: http://en. Dream of Goats. Pyrop.php?oldid=332546973  Contributors: Alerante. Suruena. CanisRufus. W Nowicki. Rick Sidwell.php?oldid=437684258  Contributors: Adoniscik.org/w/index. JonHarder. Android Mouse. The Anome. 123Hedgehog456. CliffC. SimonP. Vivio Testarossa. P1h3r1e3d13. Djg2006.php?oldid=442321342  Contributors: Alai.wikipedia. Iridescent. Rror. Gascreed. Joel7687. Daniel farrell. Neutrality. Cantons-de-l'Est. Manoj2009patel20dec. =Josh. Gronky. Eastlaw. Red Director.php?oldid=447766851  Contributors: Bearcat. Discospinster. EdH. 4 anonymous edits Christmas tree packet  Source: http://en. JMiall. Crystallina. Cutter. Vipinhari. JonHarder.org/w/index. Jcy1978. Lewisoaten. Porturology. Blahu77.henderson. Ameliorate!. CanadianLinuxUser. RunBAMrunfaster. The wub. Moonraker12. Bryan Derksen. Nbirkel. Ahunt.henderson. Caydel.org/w/index. Arastcp. SCΛRECROW.wikipedia. Anclation. JeffBurdges. Biot.php?oldid=445291190  Contributors: AdjustShift. Rjgodoy. Intgr. Scott5114. 18 anonymous edits Viaedge  Source: http://en. Eric Shalov. Icey. Remuel. Phatmonkey. Jaimie Henry. Interbay. Cit helper. Retired username. Backpackadam. Shaddack. Toon05.org/w/index. Useight. CesarB. Bayerischermann. Srimech. Haichen12. Can't sleep. Splash. Hadal.org/w/index. Ucla90024. Hairy Dude. Sreeji. SueHay.php?oldid=425344853  Contributors: CactusWriter. Anthony Appleyard.php?oldid=444144130  Contributors: Alan Liefting. Hetar. Mhkay. Andem. Alex Middleton. Haseo9999. Incnis Mrsi. Yuriz. Torla42.org/w/index.wikipedia. Soldier. Cybercobra. West. Masterknighted. 11 anonymous edits Datakit  Source: http://en. Bkonrad. EagleOne.wikipedia. Eraserhead1. Albedo. SDC. Jim. clown will eat me. Ibarrere. Rajah.org/w/index. Uncle Dick. Chowbok. Steven. Mboverload. Foobaz. Whywhenwhohow. Mro. Genetikayos. Karstbj. Blueronin. Darth Panda. Bangowiki. Icairns. Taemyr. Kbdank71. Chriswaterguy. Cander0000. Judgesurreal777. Pearle. Reliablesources. TheKoG. Jim.php?oldid=434903517  Contributors: Alinja.telnet. Jscroggin. Storkk. Jim. The Anome. Ews23. DrDry55. Storkk. Kyonmelg. Derbeth. Chuck369. Ian Yorston. Boscobiscotti. Kyonmelg. Takamaxa. Jim. Jeffq.Article Sources and Contributors SonicWALL  Source: http://en. Jec. 5 anonymous edits Cut-through switching  Source: http://en. Bender235. Eric Klein. Schusch. Pnm. Jamesd.org/w/index. 9Nak. CarlHewitt. QTCaptain.org/w/index. Jcmcclurg.henderson. Jeck. Maniamin. Oe2k. SocratesJedi. Richie SWFC. Frap. Borgx.itian. JonHarder. Mboltz7664. Dimadick.wikipedia. Gary King. Blanchardb. Marasmusine. AlistairMcMillan. Wrs1864. Roy464. Jpbowen.org/w/index.wikipedia. Arakunem. Etacar11.dai.org/w/index. Nurcanyilmaz. Stepheng3. Woohookitty Theta Networks  Source: http://en. Leif. Bswilson. Ixfd64.php?oldid=439892905  Contributors: Ankur19852007. Harmil. J0lt C0la. B.php?oldid=438289667  Contributors: Alan Liefting. Golddragon24. Mongolmax. Apy886.php?oldid=435868393  Contributors: Addshore. TTZnju. Sgeo. D6. Jnc.org/w/index. Bkil. Jesse Viviano.benko. Noorg. Captain-tucker. Janziff.org/w/index. Karl Dickman. Biot. TheMoog. CoolingGibbon. Antandrus. 19 anonymous edits Blue (queue management algorithm)  Source: http://en. Avicennasis. LachlanA. Phani96. AmiDaniel. Unaizu.php?oldid=445083184  Contributors: Alvestrand. South Philly. Dcoetzee. EncMstr. Maximus Rex. 7 anonymous edits Catenet  Source: http://en. Flatterworld. GoingBatty. Wireless friend. Alansohn. Joyous!. Mysidia. Cryptic C62. Brianga. Donreed. C. Chris55. Graphitesmoothie. Shyamjithgift. Edward. Mr. Discospinster. Amirpak 86. Nikola Smolenski. Frehley. Javacat. 1 anonymous edits Datagram  Source: http://en. Alphachimp.muller. W163. Beezhive. La goutte de pluie. Fantasy. Francs2000. Brholden.doom. Daicaregos. Edaelon. Kazfernandes. TheParanoidOne. Ayla. Jim. Latitudinarian. Kvng. Rich Farmbrough. Hadal. Twobells. Flewis. Zondor. Baccala@freesoft. Alan216. Michael Snow. Nbilogorskiy. Frap. InfoElfiq. Ryan Roos. Daichinger. Aviv007. Capricorn42. Marcika. Zginder. Edward. Foaly19. Dogaroon. Kbh3rd. Dawynn.wikipedia. Pboyd04.php?oldid=442910119  Contributors: 2doorsdown. Slakr. D o z y. Devil0150.Fred.wikipedia. Asqueella. Bluebusy. Rich Farmbrough. G7huiben. Hqb. Lotje. Michael Hardy. Beetstra.wikipedia. PaulHanson. Goldenrowley. Closedmouth. Widefox. OverlordQ. Warrickball. Peter Ellis.org/w/index.Harris. Helix84. Fernvale. M3tainfo. Corpx. Cellspark. Mintleaf. JordoCo. Giftlite. Ebraminio. CesarB. Storkk. Bevo. Demophon. Connormah. Zacharyjos. Nurasko. Aitias. 7 anonymous edits Paul Baran  Source: http://en. 5 anonymous edits Donald Davies  Source: http://en. Chun-hian. KennethJ. Paintman. Networkengine. HupHollandHup. Paul Weaver. Gordon Ecker. Wik.andrew. Toffile. CesarB.org/w/index. Lerdsuwa. Wihwang.org/w/index. Mozzerati. Barticus88. PaulHanson. Glenn. Kbrose. Black Kite. Unforgettableid. Jim. Mleoking. Black Kite. Bugkarma. ChibaRagi.org/w/index. Timotheus Canens. Kbrose. Collin. Jim. Bearcat. GoingBatty. Kbrose. Scarian.henderson. Ched Davis. Rsduhamel. Coconuts. Dawynn. YellowMonkey. Bryon575. Muhgcee.php?oldid=431099959  Contributors: Chowbok. Nickaubert. Chrisdab. Ocram. 28 anonymous edits Deterministic jitter  Source: http://en.wikipedia. clown will eat me. Chetvorno. Alexius08.org. Edward Z. Beno1000. Eyreland.NaZ. Park3r. Angr. The Nut.org/w/index. Dondegroovily. Jni. 174 . Thomascjackson. Motyka. Intgr. FruitMonkey. 85 anonymous edits Berkeley Packet Filter  Source: http://en. Easyas12c. DataWraith. JonHarder.org/w/index.wikipedia. Nbarbettini. Carltonh. AlephGamma. DaveBurstein.org/w/index. Duncan. Chrisdab. Booster4324. Joy. Jm34harvey. Cryptosmith. Rdmoore6. Jnc. Jnc. Sinisterjim. Guy Harris. JLaTondre. JLM. Obvious. Katharineamy. Osu-mike.php?oldid=354091201  Contributors: Adoniscik. Bigbluefish. Nagy. Joris. Addihockey10. Philip Trueman. Alfrodull. 2 anonymous edits Network packet  Source: http://en. Milan Keršláger. Johnshepler.org/w/index. Pb30. Ale jrb. Timan123.sarcasm.wikipedia.php?oldid=433421226  Contributors: A. Craiglew1508. Adoniscik. RickK. Mindmatrix.wikipedia. Jpbowen. Hqb. Losthighway. Tombrend. CecilWard. Aeon1006. Adrian. 26 anonymous edits Data Path Acceleration Architecture (DPAA)  Source: http://en. Leafyplant. Bazsi. S. Edcolins. 8 anonymous edits Black hole (networking)  Source: http://en. Nmacu. Stevenmyan Dynamic Packet Transport  Source: http://en. Remuel. Guy Harris.g. Bucketsofg. R. Black Falcon. Pig de Wig. Abaddon314159. Casey Abell.org/w/index. Jengelh. Tassedethe. Jcrifasi. Greswik. The Anome Chernobyl packet  Source: http://en.Hull. Perry Bebbington. Kvng. The Anome.henderson. W163. Martin451. Vaquerito. Boomshadow. Valentinejoesmith. Timrollpickering. RichardVeryard. Ryan Postlethwaite. Suruena. Koavf. Manuel Anastácio. Dawynn. Frap. CarlHewitt. Kbrose.wikipedia. Nasa-verve. Slightsmile. HereToHelp. Rameshbabu. Kubanczyk. Jkl.php?oldid=375135832  Contributors: Dpr. Lawrennd. Bissinger.wikipedia. Kvng. Apparition11.php?oldid=398953190  Contributors: Dthomsen8. Crystallina. Kenny sh. Sadads. Dante Alighieri. Badgernet. RoyBoy. Sdedeo.org/w/index.php?oldid=408009017  Contributors: Cedars.org/w/index. Berford. Cxxl. C'est moi. Avono. Cburnett. R Calvete.wikipedia. Robert K S. Middayexpress. Jnc. Kwi. Jiraffe. Mike Rosoft. VirulentIdeas. Borgx. C:Amie. Benjaminmin. Zack. Mr Sheep Measham. 6 anonymous edits Broadcasting (computing)  Source: http://en. CharlotteWebb. Mlewis000. Woohookitty.php?oldid=447898830  Contributors: Aaronthepro. Ash. Dtcdthingy. Lemeza Kosugi. Smohideen2000. The wub. TravisTX. Caerwine.php?oldid=448568520  Contributors: !Darkfire!6'28'14. Capricorn42. Sarath02. Glenn. Altzinn. Incnis Mrsi. Petr Kopač. Unyoyega. Lockley. Bryan Derksen.org/w/index. N5iln. Pgautier-neuze. Aejr120. R'n'B.php?oldid=441679490  Contributors: Auric. Rick Burns. Robofish. Huon. Mithaca. Random user 39849958.

wikipedia. Suruena. JonHarder. Shawniverson. Mcicogni. Mysterytrey. Arkrishna. MJ94. Msebast. Kbrose. Nasa-verve. FisherQueen. TheYmode. Vlhsrp. Mernen. Electron. HarisM. Kbrose. Cubbyhouse. Nachoman-au. Heywüd. Topspinslams. JonHarder. Kglavin. Pabouk. Intchanter. Killiondude. Jay. Julesd. L'Aquatique. Dysprosia. Draglon. KCinDC. Mange01. Mark Chung. Willisja. Hairy Dude.delanoy. Lilac Soul. BazookaJoe. Cillie. Red856. Nachico. Randilyn. Davidoff. Convenient ByStander. Batmanand. Creed1928. Da Vynci.php?oldid=444465818  Contributors: Alq131. Jennavecia. Neurolysis. Tellyaddict. Charles Matthews. Πrate.org/w/index. Cheetoian. Intgr. Kermesbeere. Gogo Dodo. Seb26. Scientus. Doctorfluffy. Nneonneo. CraigB.org/w/index. La Pianista.wikipedia. Pb30. Eliteops1. Watson Ladd. Jec. Richard. Adrignola. Cougar w. Isilanes. TexasAndroid. Lakshmin. Snigbrook. Hairy Dude. Tbird1965. Roseurey. Tim874536. Jaraics. MrBenCai. Iokerapid. Crissov. Milan Kerslager. Dandorid. Jeh. Emmzyy. SJP. Griffenboy. DJ Clayworth. Cwolfsheep. Qxz. Alksub. Mysdaao. MercuryFree.org/w/index. Everyking. KangKnight. OlEnglish. Smallgene. Verfee. Jeffrey Mall. Danhm. K001. Rocketgoat. W Nowicki. Suruena.C. Mitaphane. Jdeere man. SGGH. Katharineamy. Iamxsj. Hadal. Dman727. DerHexer. Mortein. Noctibus. Grand Edgemaster. Wavelength. Noctibus. Stonehead. LilHelpa. Rev3rend. Tom k&e. Rivanvx. Hamzanaqvi. Spearhead. The Garden Gnome. Ciaran H. EQ5afN2M. Eponymosity. Gdt.php?oldid=445711028  Contributors: 1ForTheMoney. Gogo Dodo. Fightingirishfan. Transcend. Dandorid. Harland1. Eldraco. Grammarmonger. Osky283. Robbie Cook. Halmstad. Lucy1981. Voidxor. Deewiant. Elcasc. Ross Fraser. L337p4wn. Burfdl. SarahKitty. Mendaliv. SkyWalker. Gonzonoir. Nick Number. Tcncv.piegorsch. Lincolnite. Chris the speller. LOL.org/w/index. Suicidalhamster. Tinucherian.delanoy. Cyndler. BlueEarth. 8 anonymous edits Packet loss  Source: http://en. Dark Lord of the Sith. Mashby. WikipedianMarlith.org/w/index. Eyreland. Liveste. JZelos. Deville. AB. Huyi. Terronis. Raanoo. Zabanio. Javert. Robertvan1. Firefly322. The Anome. Unschool. JForget. Grapht. Jim. John Siau. R'n'B. Ground Zero. OlavN. 5tych5. Barcex. Lambtron. L33th4x0rguy. Sephiroth storm. Chrumps. Mc6809e. Tcosta. Patrick. Tide rolls. Kamathvasudev. Egil. Kvng. Otisjimmy1. DSatz. Radagast83. Regancy42. Soap. JzG. Vinucube. Kizor. Tlesher. Bagatelle. Just James. Shiro jdn. Deville. Rchandra. Someguy1221. New Age Retro Hippie. Codinghorror. Megaboz. Pabouk. Bvavasseur. Jeff G. Insanity Incarnate. Bookandcoffee. Rs2. Sparky132. Jusdafax. JonHarder. Thearcher4. Meandtheshell. Ouzo. Cybercobra.wikipedia. Peter. Twinkie Assassin. SecPHD. Ancheta Wis. Indefatigable. TheRa'ike. JonHarder. N328KF. Kvng. Frecklefoot. Anonymous Dissident. Missionary. Hans Persson. Kubanczyk. Skyezx. Cmathio. Learjeff. The Anome. Janitor5. Ptk. Gxojo. Fulizer. Schlyne. Mwanner. Biot. Mandramas. Hax0rw4ng. Petzi1969.org/w/index. Kvng. Widefox. Sepersann. GTBacchus. Scetoaux.wikipedia. Wiki Wikardo. Jalara. Hungery. Sferrier. Amire80. Poccil. Frap. The undertow. Fudoreaper. TutterMouse. Purpleslog. MrOllie. Mattgibson. Nimiew. Mange01. MickWest. Lee Carre. Spazure. Moldylemonmedia. Dcoetzee. Harkathmaker. Rjwilmsi. Dismas. Tevildo. Ixfd64. Persian Poet Gal. Piet Delport. Sanfranman59. Intgr. Enric Naval. Cmdrjameson. JYOuyang. Woohookitty. Dreadstar. Can't sleep. Coolhandscot. Fynali. Kyleflaherty. Akassix. Ch'marr. Ulrichlang. Sleske. Henry W. Materialscientist. Pabouk. Michael Hardy.fachkha. Simetrical.wikipedia. Sgeo. Khym Chanur. Kubanczyk.wikipedia. Philip Trueman. Hadal. Jclemens. FreplySpang. Rami R. Matt Britt. TripleF. Djdancy. Pielover87. Ascánder. Crazysane. Gilliam. AlistairMcMillan. Rurigok. Rchandra. Jpgordon. Kinema.org/w/index. Frap. Iune. El C. Zeroshell. 28 anonymous edits G. Japanese Searobin. Split Infinity. DeathByROFL. Richard001. Mac. CyberSkull. Josemi.php?oldid=446204325  Contributors: A5b. Rsrikanth05. NewEnglandYankee. Dawynn. Sporkmonger. ADobkin. Mouchoir le Souris. EddieNiedzwiecki.php?oldid=441693061  Contributors: Dub13. Fastily. LeoNomis. Phatmonkey. Wheely Guy. Henriquevicente. Yk Yk Yk. Theda. Damadm00. Ohnoitsjamie. Wyatt915. Wmahan. Tobias Bergemann.php?oldid=407829618  Contributors: Alan Liefting. Brianjd. Deville. PuzzletChung. Spartanhelmet. Manop. Gatta. Equendil. Mix Bouda-Lycaon. OpenToppedBus. 1263 anonymous edits Frame (networking)  Source: http://en. Rwessel. Malo. Ntolkin. DonDiego. MartinHarper. Mro. Ryan Roos. DStoykov. Dse. Djg2006. KnowledgeOfSelf. CronoDAS. Dbrooksgta. 11 anonymous edits Jitter  Source: http://en. Imroy. VernoWhitney. 3 anonymous edits Maximum segment size  Source: http://en. Ramu50. Davipo. Jpbowen. Ary29. Jec. CanisRufus. Thatguyflint.wikipedia. Satori Son. XandroZ. Storkk. Wsmarz. Petzi1969. Debackerl. Wordwizz. Rjwilmsi.wikipedia. Mrlumpycole. Oxymoron83. DevastatorIIC. WikiLaurent. JohnCD. Fahadsadah. Sg313d. Sysy909. Ggiust. Bobbis. Rwxrwxrwx. Hoods11. RayneZXZX. Maheshkumaryadav. Arise Sir Loin of Beef. Jimyoo. E Wing. Tranzent. Guoguo12. JonHarder. VasilievVV. Trevor1. Haseo9999. WPANI. Rbarreira. RoMo37. Hetar. RadioActive. Furrykef. KnowledgeOfSelf. Femto. MichaelGoldshteyn. Wmasterj. Cybjit. JTN. Kozuch. Epbr123. Eequor. Njmanson. KnowledgeOfSelf. Nancy. Mikm. FatalError. Jlavepoze. Oddbodz. EliasAlucard. Newone. DerHexer.org/w/index. OlEnglish. CesarB.batters. Tommysander. Wahooker. Tim.0. LeonTang. Rtouret. GoodwinC. Erencexor. Ham Pastrami. V8rik. Jfilcik. Goodyhusband.wikipedia. Jobeard. Jec. OwenX. Aleksey Gerasimov. Fresheneesz.Dunstan.php?oldid=422163972  Contributors: AndreasWittenstein. Interiot. OisinisiO. Guitardemon666. JonHarder. Emailtonaved. Jóna Þórunn. Maxamegalon2000. Paul. Dysepsion. Acegik. Ryan Roos. Ricky81682. Mattloaf1. Wimt. Ifeme. Dougher. Pinethicket.kandy. Brewcrewer. Emperorbma. Jchandlerhall. Pissant. Fresheneesz. Seb az86556. Mygerardromance. Hiebert. Kandarp. Wk muriithi. Chair Blaster. Bobo192. Cenarium. Gascreed. ElKevbo. Lubos. Gurch. Wk muriithi. Gardar Rurak. December21st2012Freak. Dcoetzee. BigFatBuddha. Pmattos. Seddon. Weylin. Kjwu.henderson. 138 anonymous edits Jumbo frame  Source: http://en. Woohookitty. Feureau. Deelkar. Rpspeck. Lolsalad. Greg Grahame. Lee Carre. Pharos. Katalaveno. Mrwojo. Nuttycoconut. CosineKitty. Knacker ITA. Graham87. Simeon H. DemonThing. Stevenmyan. JonHarder. Marcuswittig. Closedmouth. Why Not A Duck. Josh Parris. Monkeyman. Desirsar. Peyre. Wtmitchell. UncleBubba. Mad9cat. Jtir. Blahbleh. Mirv.org/w/index. DMahalko. Vakanuvis789. Casito. Smalljim. Nakon.wikipedia. JonHarder. Σ. Purplepumpkins. PrestonH. Hibernian. Storkk. Rick Sidwell. Hpa. Stratadrake. Waelder. Prari. Nageh. Michael Hardy. Schmitt. Rich Farmbrough. Ws227. Woohookitty. Vonvon. Robofish. Wrs1864. Postrach. Lauk. Secret. ENeville. Imcdnzl. Dcampbell30. Sensiblekid. Elieb001. Possum. Splintercellguy. Husond. Tdcrone.org/w/index. Visor. Hu12. Rbmcnutt. Willy on Wheels over Ethernet. Disorganized 676. Forenti. Slakr. Phatom87. Phirenzic. Wrs1864. Fish and karate. Cwolfsheep. Rigworm. Demonkoryu. Danski14. Sam Hocevar. Woohookitty. Cometstyles. Attilios. T Houdijk. Sephiroth storm. Charles Matthews. Loren. Martarius. Kbdank71. Jrmwng. Heron.org/w/index. Jalal0. Nealmcb. ILRainyday. BeaverWithChainsaw. Lir. Kenyon. Mindmatrix. NawlinWiki. Muhandes. Mrzaius. 52 anonymous edits Mangled packet  Source: http://en. TenOfAllTrades. Discospinster. Talyian. KnightLago. LegitimateAndEvenCompelling. Requestion. DARTH SIDIOUS 2. Lee Carre. Venom8599. JonnyJinx. Nihiltres. Heywüd. Waskage. Nuno Tavares. Wai Wai. Muheer. Inov8er. Rl. 8 anonymous edits Martian packet  Source: http://en. Alansohn. Tombomp. Nposs. OGoncho. Ju66l3r. JasonTWL.wikipedia. Niteowlneils. Fragglet. Linkoman. Brown. Kbrose. Debresser. Gurch. JSpung. Jaho. Ricky. FleetCommand. Leszek Jańczuk. CesarB. Meaghan. Quercusrobur. ZimZalaBim. Edcolins. EdwinGroothuis.wilton. Hazawazawaza.wikipedia. Frap. Sheridp. Blakewestwood. Frap. Radiant!. Drmies. Occamsrazorwit. Quentin X. Lee Carre.php?oldid=443908554  Contributors: Adoniscik. Apshore. DVdm. Elagatis. Fabioj. Suruena. Bubbachuck. Luna Santin. Bevo. Phatom87. The Kinslayer. Drbreznjev. WikiDao. J. DESiegel. Casablanca2000in. Isheden. Gc9580. TombraideerIIdeadmanschest. LeaveSleaves. Siroxo. Statkit1. Jurgen Hissen. Legotech. Dandorid. Nunquam Dormio.php?oldid=436864929  Contributors: 16@r. Kgentryjr. 4 anonymous edits Gigapackets  Source: http://en. J Milburn. Dzordzm. Hugger and kisser. Ttwaring. Joyous!. JonHarder. MMuzammils. CYD. DragonHawk. Ciphergoth. MichaelMan64. Jusdafax. Stephenman882. LeinaD natipaC. Info lover. Wtfnoob. MarkRose.amdphreak. David. Mange01. Dmccreary. Cryptosmith. Mariagor. Ruzihm. Shawnj99. 18 anonymous edits 175 . Omegatron. Silver seren. Stuartyeates. Kablammo. Phoenix314. Prasan21. TheMandarin. CanisRufus. Badmonkey0001. Jan1nad. NeonMerlin. Kyonmelg. ST47.. Danutz. Cavebear42. CohenTheBavarian. HappyCamper. Chscholz. Rninneman. Kealper. Nuno Tavares. Auric. Tjbk tjb. Matticus78. M347758. Od Mishehu. DoogieConverted. EBorisch. Dan6hell66. FunkyBike1. Matthäus Wander. Hps@hps. Keegscee. Mwalsh34. Nneonneo. Da monster under your bed. Turnstep. LachlanA. Piet Delport. FreplySpang. RoyBoy. Mctmike. SoCalSuperEagle. Benlisquare.org/w/index. Storkk. Graphitesmoothie. Tushard mwti. Kvng. Canis Lupus. Xaosflux. G7yunghi. Rafiwiki. Ghaly. Nasa-verve. DeadEyeArrow. Leizer.php?oldid=440686361  Contributors: AdmJamrep-NJITWILL. Markrpw. Jhi247. SlipperyHippo. Jramsey. Allen3. Firsfron. ShyShocker. Jebba. NawlinWiki. Khirbat. Tide rolls. Rumping. Vrenator. NortyNort. Skrewz. Harryboyles.48  Source: http://en. RainbowCrane. Electron9. Booch.mtview. Timotab. NightFalcon90909. AndrewMollison.php?oldid=441847423  Contributors: Achilles2. ToobMug. Gstroot. Tinton5.php?oldid=438815409  Contributors: Bearcat. Equazcion. Tbhotch. Akendall. 297 anonymous edits Link state packet  Source: http://en. Lukevenegas. Ophel. Wubrgamer. Thecheesykid. Teenboi001.pande. Geffmax. Mike. Dols. Escape Orbit. Kf4yfd.bar. Jmprtice. Boardtc. Mspraveen. Zetawoof. S0me l0ser. Danshelb. Greenrd. Nnp. Trevor MacInnis. Mailer diablo. DagErlingSmørgrav. Tapuwiki IPv6 packet  Source: http://en. Tsunanet. CASE. Rich Farmbrough.org/w/index. Eagleamn. J. Gerbrant. Eraserhead1. Stephenb. Nwk. Accdude92. Rebel. Chenzw. Theymos. Johnaduley. Gaiterin. Wikialoft. Intgr. Tad Lincoln. Lee Carre. Qrsdogg. Zntrip. Miremare. Mr. Stephen G.org/w/index. RJFJR. Expertour. Marek69. JDavis680. Jigesh. Boscobiscotti. Random name. Yik Lin Khoo. JohnCub. DGJM. Rror.wikipedia. Johnshepler. Red Thrush. Jibjibjib. Kevin Saff. Mild Bill Hiccup. TheGreatFoo. The Thing That Should Not Be. Seano1.org/w/index. Racerboy. Netalarm. Colin Marquardt. Rod57. Xaje. Robofish. Ilpostinouno.php?oldid=423816246  Contributors: ArtsCountyFair. Prashanthns. 38 anonymous edits Frame check sequence  Source: http://en. RedWolf.wikipedia. Flewis. Fang Aili. Kvng. HatlessAtlas. Kvladiko. Lets Enjoy Life. Dean14. GDallimore. Object01. Kbdank71. Materialscientist. Sceptre. 4 anonymous edits GSM 03. Indefatigable. Tobias Bergemann. JonHarder. Nmadhubala. Haqpunk. MER-C.. Haakon. Bryan Derksen. Douggie1085. YUL89YYZ. 9 anonymous edits Lag  Source: http://en. Skacel8. TheCommunist1994. The Anome. Tigermonkey.php?oldid=446854804  Contributors: Abdull. JonHarder. NellieBly. Doug. LachlanA. Jeff G. Jackrockstar. Claude. Frap. Yorick8080. Oli Filth. Thoobik. Florescent. Lockeownzj00. Stevietheman. Weylinp. Joseaperez. Twinxor. Prunesqualer. Lordjamex. Anderson.wikipedia. Hokiehead. Daichinger. clown will eat me.Article Sources and Contributors Corvus cornix. Justin20.8261  Source: http://en. Rj. Thingg.php?oldid=436367126  Contributors: Bobblewik. Minnaert. Storkk. Seba5618. Geoff B. Njaard. Gracefool. Viriditas. Rp751786. Aarktica. Dfranke. WilliamSun. Giftlite. Qwyrxian. Taxman. Piano non troppo. Reguiieee. Kralizec!. 54 anonymous edits Jumbogram  Source: http://en. Luna Santin. Moreati. Paul D. Karnesky. NetRolller 3D. Muhandes. Kenyon. Vilerage. Aulis Eskola. Ordo. Phatom87. Pnm. Netsnipe. Wknight94. JanCeuleers. Toffile. CecilWard. Diberri. Debresser. Rich Farmbrough. David Haslam. Joy. Sitearm. Hussam92. Manuel Anastácio. Woohookitty. Imcdnzl. Yama. Zack.php?oldid=448310043  Contributors: Closedmouth. Vendettax. DavidChipman.

Harryzilber.php?oldid=369677408  Contributors: Adamantios. AxelBoldt. PabloCastellano. Kungfuadam. Biasoli.php?oldid=408353584  Contributors: Adamantios. Teancum. 217. SarahStierch.xxx. Johnbojaen. Dcoetzee. BenFrantzDale.wikipedia. Gundark.wikipedia.org/w/index. 28 anonymous edits Packet injection  Source: http://en. Sephiroth storm Packet Switch Stream  Source: http://en. Ishi Gustaedr. Whitepaw. SpacePacket. Giftlite. NapoliRoma. Paulfeakins. CesarB.wikipedia. Babbage. Casey Abell. Jaizovic. Jeffmcfarland. Mikeblas. Rhobite. Malcolma.delanoy. Maximaximax. GoingBatty.org/w/index. Ron shelf. SpacePacket. Gaius Cornelius. Thingg. Paul1337. PBP. Woohookitty. Zackman90. Aldie.henderson.wikipedia. Kaare. Wrs1864. Jpbowen. Brewhahaitsme. Hgmichna. Woohookitty. Kenyon. Margin1522.wikipedia. Faithtear. Joy. Wipe. ManuelGR. UU. Ahoerstemeier. Tinucherian. Nicenevil. Haseo9999. Shilpi2809. Retodon8. Closedmouth. QmunkE. Nurg. Omegium. Palmer1973. Mantipula. Schmloof. Rogue Editor. Avalon. Mbarbier.uk.php?oldid=421573374  Contributors: 4twenty42o. Evil saltine. Fresheneesz. Piet Delport. BertK. 14 anonymous edits Robust random early detection  Source: http://en. Phatom87. The Anome Packet aggregation  Source: http://en.php?oldid=442837325  Contributors: Bbx. Someone42. Groundeyes. Xchbla423. 4 anonymous edits Packet transfer delay  Source: http://en. Moondyne. Kvng. Thumperward. Hamster2.php?oldid=332547189  Contributors: Phatom87. JonHarder. 16 anonymous edits Packet concatenation  Source: http://en. Ppike. Ospalh. Rholton. ZoFreX. Zondor.wikipedia. Btyner.wikipedia.php?oldid=444049931  Contributors: A. Graeme Bartlett. LawrenceGRoberts. DonDaMon. Kundor. FromOrleans. Mjb4567. Djsuess. DeadEyeArrow. Jm34harvey. Bsadowski1. Torla42. Gbelknap. Omegatron. Groyolo. Nuno Tavares. LouScheffer. Cgarciap86. GregorB. Blerg1. Xofc. Pgr94.org/w/index.wikipedia. Nitiniit. Bogsat. Fishyghost. Anaxial. M4gnum0n. Barberio.wasylewski. Synchrodyne. William Avery. Voyagerfan5761. Jim.org/w/index. Dkleeman. Devourer09. Leblondleblond. Trevor d. Kalathalan.php?oldid=447899712  Contributors: Amorymeltzer. Merope. Nick Number.org/w/index.H. Abune. Winterst.php?oldid=440067247  Contributors: Akshaygs. clown will eat me.org/w/index. Nmatpt. 3 anonymous edits Packet analyzer  Source: http://en. Wheet. Mini-Geek. Kai. Isnow. That Guy. Epbr123. Alantekore. Watson1966. Binksternet. Frencheigh. Jpbowen. CesarB's unpriviledged account. Manop. Mange01. JosephBarillari. Tonkie67. The Anome. Rspanton. Waskage. Haza-w. JonHarder. Itusg15q4user. Netmoninc. Tmaufer. 39 anonymous edits Protocol data unit  Source: http://en. Mange01. Hairy Dude. Itusg15q4user. Mojodaddy. Mange01. Nightstallion. Getcrunk. Bobblehead. Thegn. Storkk. NetRolller 3D. Onthegogo. Mancini. 3 anonymous edits OmniPeek  Source: http://en. Katharineamy. JoanneB. Plugwash.org/w/index. Borgx. Gerald. Corpx. Kgrr. Crossmr. Jim. NI Team.253. Bp2010. Pedant17. Jpatokal. Dirtydan667. JeLuF.henderson. Airplaneman. W163. Kk2mkk. Badseed. Sowsnek. Glenn. Mange01. Thparkth. Piet Delport. Lucanos. My007ms. Frap. Malcolma. Julesd. Chameleons84. MOM4Evr. Let4time. Mandarax. Meredyth. Richard W. 7 anonymous edits Out-of-order delivery  Source: http://en.org/w/index. Kgrr. Ioeth. Jaffar.php?oldid=435085280  Contributors: Bearcat. Bumm13. PierreAbbat. The Singing Badger. YUL89YYZ. Imcdnzl. Brooks. MER-C. Kbrose.filmond. Xezbeth. Radiojon. Jopsen. No1Jenny. Тиверополник. Kabdcn. Useight. Jdm64. Betbest1. Ilario. Bobier. Smsarmad. John 34345. Diberri. Darth Panda. DylanW. MER-C. PaulHanson. Eastmain. Josh Parris. Hcberkowitz.hprastiawan. John Vandenberg. Nimiew. Chris the speller. Jason Stormchild. Ali Esfandiari. Marasmusine. Mild Bill Hiccup. 1 anonymous edits Ping (video gaming)  Source: http://en. Tsange. GoingBatty. Roger Davies. Woohookitty. Andponomarev. Logictheo. Prondou. GPHemsley.org/w/index.php?oldid=425345090  Contributors: Pnm. Martyvis.org/w/index. Stwalkerster. Nurg.php?oldid=447756520  Contributors: AManWithNoPlan. Capricorn42. CosineKitty. MarkmacVSS. Dead3y3. ThreePD. Calmcz. ExDPN100Engineer.dai. Jnc. Midnightcomm. Nekohakase. Intgr. Tom94022. Kvng. Wmasterj. Cwolfsheep. Chancemill. JTN. CarlHewitt. Edward. Waveguy. Colasoft capsa. Pcap. Tagishsimon. CIreland. Conversion script. Jonnyct.combs. Wirbelwind. MrOllie. Jim. Dnas. Psmith811. Mendaliv. Yuanli. Bearcat. Gfoley4. Teemu Maki. MS3FGX. 6 anonymous edits Packet switching  Source: http://en. 175 anonymous edits Network congestion  Source: http://en.wikipedia. Graeme Bartlett. Dky89.php?oldid=418128155  Contributors: KelleyCook Packet drop attack  Source: http://en. R'n'B. Guy Harris.Ferguson.wikipedia. BradBeattie. The Thing That Should Not Be. JNW. Brookshawn. Wa3frp. Diodime. Riffle. Freedomfighter21.henderson. MCBastos. RJHall.wikipedia.php?oldid=389942039  Contributors: Guy Harris. KVDP.org/w/index. Crispmuncher. LachlanA. JTN. Toreau. Kablammo. CyberSkull. X!. JonHarder. Ciphers. Charles Matthews. Niclas Wiberg.wikipedia. JTN. Fleminra. Rdmoore6. Lexikorn. Michael Devore. Knuckles.wikipedia. RedWolf. Roy2009. 325 anonymous edits Packet Assembler/Disassembler  Source: http://en. Securitywiki. Philip Trueman. Nubiatech. Yuanli. Dawnseeker2000.39. Itusg15q4user. Thomas d stewart. SCΛRECROW.org/w/index. CecilWard. Voidxor. Sonic Mew. Mild Bill Hiccup.Article Sources and Contributors Maximum transmission unit  Source: http://en. BayTech. Jy. R'n'B. JohnOwens. Loadmaster. Jedi Master Brownlow.php?oldid=441122659  Contributors: Frap. Lightmouse. Lostchicken. SunCreator. Gbelknap. Dgtsyb. AlistairMcMillan. Wpifer.wikipedia. Paquitotrek. Guy Harris. Networked. Ged Davies.org/w/index. Yuanli.php?oldid=421972347  Contributors: AlistairMcMillan. Gardar Rurak. Idril. Mboverload. Kbrose. Jpbowen. Gurch. Stw. 48 anonymous edits Packet-switching node  Source: http://en. Wpifer. Steven. Wheet.wikipedia. Negrulio. Alxeedo.php?oldid=427695232  Contributors: DR (usurped). Zaf. Jerrysmith222. NawlinWiki. TubularWorld. Frap. Rjwilmsi. Steven Zhang. Unixguy. JMiall. Tempshill. Dhammala. Tmaufer. Jerrysmith222. J. Chris the speller.125. Neurolysis. Vidiii. EagleOne. DragonflySixtyseven. Ashwin18. B4hand. Terra Xin. Jmaes123. Bloodshedder.wikipedia. Jtk. Polyakov. Guy Harris. FJPB. Fredeccles.0. Discospinster. Wafulz. CanadianLinuxUser. RedWolf. JIP. 223 anonymous edits Packet telephony  Source: http://en. Alex6273. WereSpielChequers.wikipedia. EAderhold. Selfev. Timtim101. Niteowlneils. Jamescfield.delanoy. Yinwulanyu. Storkk. Timwi. MarkFrancisMullins. PerryTachett. Mange01.xxx. WaffleMonster. The Anome. Foelectric. W Nowicki. Zhou Yu. Enduser32. JTN. The Evil IP address. Jnc. A. J.org/w/index. Rogger. Nmacu. JohnGrantNineTiles. AlphaEta. Qwghlm. Packetman. Justin Piper. L Kensington. Jpbowen. Hu12. W Nowicki. Kthnxrick. MetalGearLiquid. Stephen. Boscobiscotti. Kvng. Helix84. Timsk. Mudalagi. Andrewpmk. Rhodekyll. Huntscorpio. Phatom87.wikipedia. Scoutersig.org/w/index. Seifried. Pearle. Shaddack.wikipedia. M4gnum0n. Hooperbloob. Giftlite. Welsh. Karada. Jones. Marksza. Mjb4567. Hjf. Excirial. N3ddy. Abdull. Gentleman wiki. Ricojonah. Miracle Pen. Richard cocks.smith. Tgwaltz. Edward Z. Rich Farmbrough.org/w/index. Storkk. Jim.a. Ninjakttty. Watson Ladd. Jonnyct. Gogo Dodo. 4 anonymous edits Packet-switched network  Source: http://en. Тиверополник. Ec2049. NoExec. Rvalles. PeterEasthope. Phatom87. Rich Farmbrough. 4 anonymous edits PARC Universal Packet  Source: http://en. EvanCarroll. 40 anonymous edits Public switched data network  Source: http://en. Zhou Yu. Deineka.Petrenko. J. Smithwillscott. Bradyok. Tatrgel. Fumblebruschi. Yamaguchi先 生 . R'n'B.org/w/index. Dgtsyb. Psrdotcom. Hm2k. Rdmoore6. Kvng. Mleoking. Rick Sidwell. Foobaz. Jeremy Swinarton. Jimj wpg. EGSchwartz.org/w/index. Jnc. Suplamer. Guitarist6987876. Incompetence.php?oldid=442089761  Contributors: Billc. 8 anonymous edits Packet generator  Source: http://en. Itusg15q4user. The Anome. Logicat.org/w/index. GPHemsley. Widefox. Gazpacho. Pyrotec. NBuccalo. Lee Carre. Aldaron. Jnc.H. Reliablesources. JonHarder. Coolgamer.php?oldid=332547289  Contributors: Big Bob the Finder. MacStep. Ee02b022. Noctibus. ZeroOne.org/w/index. Mebden. K12u.wikipedia. Francs2000. Manaskb. Glenn. Ali@gwc. Neilc.126. Mild Bill Hiccup. Jokes Free4Me. Kbrose. Ground Zero. CarolGray. I2so4. From That Show!. Newman9997. Kbrose. Dgrahame. DylanW. Itai. Xcentaur. Mleoking. Usangel1066. Yang. Jedonnelley. JonHarder. Philbarker. Netcrash87.M. WereSpielChequers.php?oldid=422939538  Contributors: Barberio. Jamsignal. Karol Langner.php?oldid=448224650  Contributors: 213. Gaius Cornelius. Cxxxap. R2jitu. Ewlyahoocom. Ynhockey. Vrenator. Cburnett. PrimroseGuy. Deema AlShamaa. Donreed. Vary. Adambiswanger1. Rich Farmbrough. Dhar. Hetar. Christophernoland. Mitch Ames.php?oldid=390003240  Contributors: Guy Harris.wikipedia. Itusg15q4user. Ewlyahoocom. Storkk. 11 anonymous edits Packet segmentation  Source: http://en. Wizard191. Malcolm. Excirial. Michael Devore. Jim. Jasrocks. Milan Keršláger.php?oldid=377480337  Contributors: ApolloCreed. Maurreen. YUL89YYZ. Wireless friend. Imcdnzl. Sricciar. Lightmouse. Edcolins.org/w/index. Peruvianllama. Skyschulz. PeteShanosky. Rememberway. Guy Harris. 802geek. Liotier. Tammyzhou1983. Rjwilmsi. Joshurtree. Lambiam. Gardar Rurak.php?oldid=444871256  Contributors: Althena. Bezzm. Rich Farmbrough. BarretBonden. RedWolf. Pegship.org/w/index. Rwhalb.wikipedia. Dave Cohoe.wikipedia. Oli Filth. Can't sleep. Luk. Giftlite. GrahamDavies. The Original Wildbear. Discospinster. Jkl. Rabarberski.H. Frap. Woohookitty. Bevo. Bjelleklang. Ryan Roos. Bobier. Loftenter. PaulELong. Omegatron.henderson. Kate. Thumperward. 2 anonymous edits 176 .wikipedia. Skier Dude.org/w/index. Jrtayloriv. David-Sarah Hopwood.php?oldid=441691777  Contributors: Alynna Kasmira.org/w/index. Mormegil. LeviathinXII. Cgdallen. Skapur. Tobias Bergemann.org/w/index. El Cubano. Selket. Fromageestciel. Benhoyt. Btilm.henderson. Nv8200p.cn. Xaje. Wingsandsword. 12 anonymous edits Packet capture  Source: http://en. Gerfaut. Bryanarnold.php?oldid=406216024  Contributors: Baggie. Bobblewik. Guy Harris. David-Sarah Hopwood.org. Veinor. AlphaPyro. Maurreen. Peyre. Dawnseeker2000. Xxsquishyxx.wikipedia. GoingBatty. Lee Carre. Eastlaw. Bearcat. 17 anonymous edits NIST RBAC model  Source: http://en.

Frap. Suruena.php?oldid=418660128  Contributors: DanielPharos. JMay. Riggler.org/w/index.php?oldid=432452324  Contributors: Adrignola. Fred Condo.wikipedia. Martin Hinks.org/w/index. Zgadot. Legotech. Pentap101. Jleedev.wikipedia. Nealcardwell. 1 anonymous edits Start Frame Delimiter  Source: http://en.wikipedia.php?oldid=437942335  Contributors: Daniel. Jbartas.wikipedia. Kvng. Ximensions. Cmdrjameson. NortyNort. Choalbaton.Article Sources and Contributors Raw socket  Source: http://en. Btyner.org/w/index. Mange01. Wdscxsj. Kubanczyk.Cardenas. Sam Hocevar. Ryan Roos. ILF. 6 anonymous edits TCP reset attack  Source: http://en. Discospinster.php?oldid=332547365  Contributors: Commnerd.php?oldid=447807544  Contributors: Are you ready for IPv6?. Jgm7. Makibaohm. OliverTwisted. Tassedethe. 8 anonymous edits Virtual packet  Source: http://en. Mdupont. JonHarder. SpacePacket. Mascurader.wikipedia. Clamum. Modify. Radagast83. Fschoenm. Robofish. LilHelpa.org/w/index. 49 anonymous edits SQLFilter  Source: http://en. UnicornTapestry.wikipedia. Mikm. The Anome. Jeaux Bleaux. IMSoP. Flydpnkrtn. JonHarder. Edward. Tbhotch. 2 anonymous edits Statistical time division multiplexing  Source: http://en. Pseudomonas. Vobrcz.org/w/index. Storkk. Edward. Reisio. Jonverve. W Nowicki. Melcombe. Bonadea. 28 anonymous edits Syncword  Source: http://en. Guy Harris. Kbrose. Mmernex. Storkk.wikipedia. Noted trip3. Fredgoat. Phatom87.php?oldid=332547334  Contributors: Biot. JonHarder.org/w/index. Jaeger5432. Pparazorback. Thomasyen. Algocu. Frap. Enduser. The Anome. Erik9.php?oldid=421971650  Contributors: Invitatious. Rholton. Greenrd 177 . Sietse Snel. Mboverload.org/w/index. R'n'B.

svg  License: Public Domain  Contributors: Mik81 Image:ethernet frame.wikipedia.php?title=File:Cisco_logo.png  Source: http://en.php?title=File:Unicast.org/w/index.svg  Source: http://en.wikipedia.php?title=File:Pdu_and_sdu.svg  Source: http://en. 1 anonymous edits image:multicast.wikipedia.jpg  License: Fair Use  Contributors: Dchapes. PhilKnight.org/w/index.php?title=File:Flag_of_the_United_States.org/w/index.wikipedia.wikipedia.Image Sources.png  License: Fair Use  Contributors: User:Bjelleklang.php?title=File:Labris_Teknoloji_logo-orta.org/w/index.png  Source: http://en.php?title=File:Viaedge_Logo.jpg  License: GNU Free Documentation License  Contributors: Coolcaesar File:Labris Teknoloji logo-orta. which was based on Image:Red copyright.org/w/index.jpg  Source: http://en.png  License: Fair Use  Contributors: User:Mongolmax Image:Stonesoft Logo.svg  Source: http://en.jpg  Source: http://en.org/w/index.php?title=File:Standard_deviation_diagram.org/w/index. Image:Viaedge Logo.jpg  License: GNU Free Documentation License  Contributors: Original uploader was Coolcaesar at en. Sfan00 IMG Image:Sonicwalllogo.wikipedia.org/w/index.wikipedia.png  Source: http://en.0  Contributors: Bruno Pedrozo Image:Gufw 9.org/w/index.org/w/index. Presidentman.org/w/index.wikipedia Image:Ciscosystemsrouteratcern.wikipedia.wikipedia. Lupo.svg  Source: http://en. User:Iztoku Image:Sandvine logo.svg  License: Public Domain  Contributors: Easyas12c.svg  License: Public Domain  Contributors: Easyas12c.org/w/index.svg  License: Public Domain  Contributors: Easyas12c image:anycast.wikipedia.5. H Padleckas.org/w/index. 1 anonymous edits Image:standard deviation diagram.org/w/index.php?title=File:Sonicwalllogo.php?title=File:Check_point_logo.2.org/w/index.php?title=File:Ciscosystemsrouteratcern.wikipedia.png by Rfl.wikipedia.svg  License: Fair Use  Contributors: Jeff G.svg  Source: http://en.php?title=File:Geocast.png  License: Fair Use  Contributors: User:BetacommandBot.php?title=File:Decrease2.org/w/index.svg  Source: http://en.wikipedia.php?title=File:Multicast.png  Source: http://en.jpg  License: Fair Use  Contributors: Lamro Image:Check point logo.php?title=File:Ethernet_frame.svg  Source: http://en.wikipedia.org/w/index.svg  License: Public Domain  Contributors: Easyas12c. User:Cydebot.org/w/index.php?title=File:Sandvine_logo.png  License: Fair Use  Contributors: Impakti File:Flag of the United States. Jacobolus.0. See log.PNG  License: Creative Commons Attribution-Sharealike 3.svg  License: Public Domain  Contributors: Easyas12c image:cast.php?title=File:Firewall.svg  License: unknown  Contributors: Sarang Image:Barracuda-networks-logo.org/w/index.wikipedia.wikipedia.php?title=File:Ciscosystemsheadquarters.php?title=File:Ethernet_frame.PNG  License: unknown  Contributors: Daichinger.svg  Source: http://en. User:Cydebot.svg  License: Public Domain  Contributors: Various. UrSuS.php?title=File:Anycast.png  Source: http://en.php?title=File:Stressed_Eye. Technion.wikipedia. Indolences.wikipedia.svg  Source: http://en.svg  Source: http://en.org/w/index.png  License: GNU Free Documentation License  Contributors: Phani Bhushan File:Paul Baran.svg  License: Public Domain  Contributors: Dbenbenn.php?title=File:Cast.php?title=File:Barracuda-networks-logo.5  Contributors: Mwtoews Image:Pdu and sdu. User:Pabouk Image:Cisco logo.jpg  Source: http://en.svg  License: Public Domain  Contributors: Self-made .org/w/index.png  License: Fair Use  Contributors: User:Ilyasali khan.) File:Firewall.wikipedia.jpg  License: Free Art License  Contributors: Yasakak Image:Radware.jpg  Source: http://en.1.wikipedia.org/w/index.wikipedia.svg  License: Public Domain  Contributors: Self-made Image:Stressed Eye..svg  Source: http://en. 1 anonymous edits image:unicast.php?title=File:Gufw_9.jpg  Source: http://en.0.svg  Source: http://en.php?title=File:Stonesoft_Logo.PNG  Source: http://en.org/w/index.04.wikipedia.jpg  License: unknown  Contributors: Eraserhead1 image:broadcast. Jarekt.wikipedia.svg  License: Creative Commons Zero  Contributors: Revolus Image:PD-icon.svg  Source: http://en.wikipedia.svg  Source: http://en.php?title=File:PD-icon.org/w/index. (Original SVG was based on File:PD-icon. User:MBisanz.wikipedia. Rockfang.wikipedia.php?title=File:Increase2. User:STBotI File:Increase2.png  Source: http://en.wikipedia.PNG  Source: http://en.0  Contributors: Gaiterin Image:Ethernet frame.org/w/index.svg  License: Creative Commons Attribution 2.php?title=File:Allot_logo.svg  Source: http://en.svg  License: Public Domain  Contributors: Sarang Image:Ciscosystemsheadquarters.org/w/index. Zscout370. Perhelion image:geocast.png  Source: http://en.wikipedia.png  License: Creative Commons Attribution-Sharealike 3.wikipedia.org/w/index.jpg  Source: http://en.04.php?title=File:Radware.2. Licenses and Contributors Image:Allot logo. 1 anonymous edits File:Decrease2. Licenses and Contributors 178 Image Sources. User:Ehudshapira.org/w/index.php?title=File:Broadcast. User:Polbot.org/w/index.png by Duesentrieb.php?title=File:Paul_Baran.wikipedia.org/w/index.

org/ licenses/ by-sa/ 3.0 Unported http:/ / creativecommons. 0/ .License 179 License Creative Commons Attribution-Share Alike 3.

A quick look inside: Deep packet inspection. Donald Davies. Cut-through switching. Stand Out and Pay Off. NebuAd. Dynamic Packet Transport. Black hole (networking). Jumbo frame. Lag.and Much. learn EVERYTHING you need to know about Deep Packet Inspection (DPI). In 2 Days Or Less. Viaedge. and ace any discussion. viruses. searching for protocol non-compliance. This book is your ultimate resource for Deep Packet Inspection (DPI). Data Path Acceleration Architecture (DPAA). G. IPv6 packet. Get the edge. The #1 ALL ENCOMPASSING Guide to Deep Packet Inspection (DPI). Data-dependent jitter. user service. service providers and governments in a wide range of applications. It reduces the risk of your technology. Here you will find the most up-to-date information.. background and everything you need to know. Check Point. Theta Networks. DPI is currently being used by the enterprise. Although DPI technology has been used for Internet management for many years. intrusions or predefined criteria to decide if the packet can pass or if it needs to be routed to a different destination.. Jumbogram. Blue (queue management algorithm).Grab your copy now. Catenet. Berkeley Packet Filter. Sandvine. analysis. Labris Teknoloji. Narus (company). Radware.IX -) is a form of computer network packet filtering that examines the data part (and possibly also the header) of a packet as it passes an inspection point. An Important Message for ANYONE who wants to learn about Deep Packet Inspection (DPI) Quickly and Easily. Deterministic jitter. Front Porch. Jitter. In easy to read chapters. “Here’s Your Chance To Skip The Struggle and Master Deep Packet Inspection (DPI). Deep Packet Inspection (and filtering) enables advanced network management. proposal and implementation with the ultimate book – guaranteed to give you the education that you need. Stonesoft Corporation. Frame check sequence. Chernobyl packet. Martian packet.” Deep Packet Inspection (DPI) (also called complete packet inspection and Information eXtraction . GSM 03. while you still can. UDP etc. Allot Communications. Fast packet switching. Gigapackets.. Business Control Layer. Network intelligence. Paul Baran. Are you looking to learn more about Deep Packet Inspection (DPI)? You’re about to discover the most spectacular gold mine of Deep Packet Inspection (DPI) materials ever created. eavesdropping. time and resources investment decisions by enabling you to compare your understanding of Deep Packet Inspection (DPI) with the objectivity of experienced professionals . Datakit.) is normally considered to be shallow packet inspection (usually called Stateful Packet Inspection) despite this definition.. Link state packet. Firewall (computing).. this book is a unique collection to help you become a master of Deep Packet Inspection (DPI). and censorship. Barracuda Networks. Much More! This book explains in-depth the real drivers and workings of Deep Packet Inspection (DPI). Broadcasting (computing). Packet loss. with extensive references and links to get you to know all there is to know about Deep Packet Inspection (DPI) right away. but use of the second header (TCP.8261. Datagram. Mangled packet. Active queue management. network equipment only needs to use the first of these (the IP header) for normal operation. some advocates of net neutrality fear that the technology can be used anticompetitively or to reduce the openness of the Internet. There are multiple headers for IP packets.48. faster than you ever dreamed possible! The information in this book can show you how to be an expert in the field of Deep Packet Inspection (DPI). and security functions as well as internet data mining. Cisco Express Forwarding. . Context-based access control. Network packet.. With the Least Amount of Effort. or for the purpose of collecting statistical information. Frame (networking). spam. SonicWALL.The Knowledge Solution. Cisco Systems. Christmas tree packet. Stop Searching.

You're Reading a Free Preview