P. 1
Deep Packet Inspection (DPI): High-impact Strategies - What You Need to Know: Definitions, Adoptions, Impact, Benefits, Maturity, Vendors

Deep Packet Inspection (DPI): High-impact Strategies - What You Need to Know: Definitions, Adoptions, Impact, Benefits, Maturity, Vendors

|Views: 1,224|Likes:
Published by Emereo Publishing
The Knowledge Solution. Stop Searching, Stand Out and Pay Off. The #1 ALL ENCOMPASSING Guide to Deep Packet Inspection (DPI).

An Important Message for ANYONE who wants to learn about Deep Packet Inspection (DPI) Quickly and Easily...

"Here's Your Chance To Skip The Struggle and Master Deep Packet Inspection (DPI), With the Least Amount of Effort, In 2 Days Or Less..."

Deep Packet Inspection (DPI) (also called complete packet inspection and Information eXtraction - IX -) is a form of computer network packet filtering that examines the data part (and possibly also the header) of a packet as it passes an inspection point, searching for protocol non-compliance, viruses, spam, intrusions or predefined criteria to decide if the packet can pass or if it needs to be routed to a different destination, or for the purpose of collecting statistical information. There are multiple headers for IP packets, network equipment only needs to use the first of these (the IP header) for normal operation, but use of the second header (TCP, UDP etc.) is normally considered to be shallow packet inspection (usually called Stateful Packet Inspection) despite this definition.

Deep Packet Inspection (and filtering) enables advanced network management, user service, and security functions as well as internet data mining, eavesdropping, and censorship. Although DPI technology has been used for Internet management for many years, some advocates of net neutrality fear that the technology can be used anticompetitively or to reduce the openness of the Internet.
DPI is currently being used by the enterprise, service providers and governments in a wide range of applications.

Get the edge, learn EVERYTHING you need to know about Deep Packet Inspection (DPI), and ace any discussion, proposal and implementation with the ultimate book – guaranteed to give you the education that you need, faster than you ever dreamed possible!

The information in this book can show you how to be an expert in the field of Deep Packet Inspection (DPI).

Are you looking to learn more about Deep Packet Inspection (DPI)? You're about to discover the most spectacular gold mine of Deep Packet Inspection (DPI) materials ever created, this book is a unique collection to help you become a master of Deep Packet Inspection (DPI).

This book is your ultimate resource for Deep Packet Inspection (DPI). Here you will find the most up-to-date information, analysis, background and everything you need to know.

In easy to read chapters, with extensive references and links to get you to know all there is to know about Deep Packet Inspection (DPI) right away. A quick look inside: Deep packet inspection, Allot Communications, Barracuda Networks, Check Point, Cisco Systems, Front Porch, Labris Teknoloji, Narus (company), NebuAd, Network intelligence, Radware, Sandvine, SonicWALL, Stonesoft Corporation, Theta Networks, Viaedge, Network packet, Active queue management, Paul Baran, Berkeley Packet Filter, Black hole (networking), Blue (queue management algorithm), Broadcasting (computing), Business Control Layer, Catenet, Chernobyl packet, Christmas tree packet, Cisco Express Forwarding, Context-based access control, Cut-through switching, Data Path Acceleration Architecture (DPAA), Data-dependent jitter, Datagram, Datakit, Donald Davies, Deterministic jitter, Dynamic Packet Transport, Fast packet switching, Firewall (computing), Frame (networking), Frame check sequence, G.8261, Gigapackets, GSM 03.48, IPv6 packet, Jitter, Jumbo frame, Jumbogram, Lag, Link state packet, Packet loss, Mangled packet, Martian packet...and Much, Much More!

This book explains in-depth the real drivers and workings of Deep Packet Inspection (DPI). It reduces the risk of your technology, time and resources investment decisions by enabling you to compare your understanding of Deep Packet Inspection (DPI) with the objectivity of experienced professionals - Grab your copy now, while you still can.
The Knowledge Solution. Stop Searching, Stand Out and Pay Off. The #1 ALL ENCOMPASSING Guide to Deep Packet Inspection (DPI).

An Important Message for ANYONE who wants to learn about Deep Packet Inspection (DPI) Quickly and Easily...

"Here's Your Chance To Skip The Struggle and Master Deep Packet Inspection (DPI), With the Least Amount of Effort, In 2 Days Or Less..."

Deep Packet Inspection (DPI) (also called complete packet inspection and Information eXtraction - IX -) is a form of computer network packet filtering that examines the data part (and possibly also the header) of a packet as it passes an inspection point, searching for protocol non-compliance, viruses, spam, intrusions or predefined criteria to decide if the packet can pass or if it needs to be routed to a different destination, or for the purpose of collecting statistical information. There are multiple headers for IP packets, network equipment only needs to use the first of these (the IP header) for normal operation, but use of the second header (TCP, UDP etc.) is normally considered to be shallow packet inspection (usually called Stateful Packet Inspection) despite this definition.

Deep Packet Inspection (and filtering) enables advanced network management, user service, and security functions as well as internet data mining, eavesdropping, and censorship. Although DPI technology has been used for Internet management for many years, some advocates of net neutrality fear that the technology can be used anticompetitively or to reduce the openness of the Internet.
DPI is currently being used by the enterprise, service providers and governments in a wide range of applications.

Get the edge, learn EVERYTHING you need to know about Deep Packet Inspection (DPI), and ace any discussion, proposal and implementation with the ultimate book – guaranteed to give you the education that you need, faster than you ever dreamed possible!

The information in this book can show you how to be an expert in the field of Deep Packet Inspection (DPI).

Are you looking to learn more about Deep Packet Inspection (DPI)? You're about to discover the most spectacular gold mine of Deep Packet Inspection (DPI) materials ever created, this book is a unique collection to help you become a master of Deep Packet Inspection (DPI).

This book is your ultimate resource for Deep Packet Inspection (DPI). Here you will find the most up-to-date information, analysis, background and everything you need to know.

In easy to read chapters, with extensive references and links to get you to know all there is to know about Deep Packet Inspection (DPI) right away. A quick look inside: Deep packet inspection, Allot Communications, Barracuda Networks, Check Point, Cisco Systems, Front Porch, Labris Teknoloji, Narus (company), NebuAd, Network intelligence, Radware, Sandvine, SonicWALL, Stonesoft Corporation, Theta Networks, Viaedge, Network packet, Active queue management, Paul Baran, Berkeley Packet Filter, Black hole (networking), Blue (queue management algorithm), Broadcasting (computing), Business Control Layer, Catenet, Chernobyl packet, Christmas tree packet, Cisco Express Forwarding, Context-based access control, Cut-through switching, Data Path Acceleration Architecture (DPAA), Data-dependent jitter, Datagram, Datakit, Donald Davies, Deterministic jitter, Dynamic Packet Transport, Fast packet switching, Firewall (computing), Frame (networking), Frame check sequence, G.8261, Gigapackets, GSM 03.48, IPv6 packet, Jitter, Jumbo frame, Jumbogram, Lag, Link state packet, Packet loss, Mangled packet, Martian packet...and Much, Much More!

This book explains in-depth the real drivers and workings of Deep Packet Inspection (DPI). It reduces the risk of your technology, time and resources investment decisions by enabling you to compare your understanding of Deep Packet Inspection (DPI) with the objectivity of experienced professionals - Grab your copy now, while you still can.

More info:

Published by: Emereo Publishing on Sep 15, 2011
Copyright:Traditional Copyright: All rights reserved
List Price: $39.95

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
This book can be read on up to 6 mobile devices.
Full version available to members
See more
See less

10/31/2014

Sections

  • Deep packet inspection
  • Allot Communications
  • Barracuda Networks
  • Check Point
  • Cisco Systems
  • Front Porch
  • Labris Teknoloji
  • Narus (company)
  • NebuAd
  • Network intelligence
  • Radware
  • Sandvine
  • SonicWALL
  • Stonesoft Corporation
  • Theta Networks
  • Viaedge
  • Network packet
  • Active queue management
  • Paul Baran
  • Berkeley Packet Filter
  • Black hole (networking)
  • Blue (queue management algorithm)
  • Broadcasting (computing)
  • Business Control Layer
  • Catenet
  • Chernobyl packet
  • Christmas tree packet
  • Cisco Express Forwarding
  • Context-based access control
  • Cut-through switching
  • Data Path Acceleration Architecture (DPAA)
  • Data-dependent jitter
  • Datagram
  • Datakit
  • Donald Davies
  • Deterministic jitter
  • Dynamic Packet Transport
  • Fast packet switching
  • Firewall (computing)
  • Frame (networking)
  • Frame check sequence
  • G.8261
  • Gigapackets
  • GSM 03.48
  • IPv6 packet
  • Jitter
  • Jumbo frame
  • Jumbogram
  • Link state packet
  • Packet loss
  • Mangled packet
  • Martian packet
  • Maximum segment size
  • Maximum transmission unit
  • Network congestion
  • NIST RBAC model
  • OmniPeek
  • Out-of-order delivery
  • Packet aggregation
  • Packet analyzer
  • Packet Assembler/Disassembler
  • Packet capture
  • Packet concatenation
  • Packet drop attack
  • Packet generator
  • Packet injection
  • Packet segmentation
  • Packet Switch Stream
  • Packet switching
  • Packet telephony
  • Packet transfer delay
  • Packet-switched network
  • Packet-switching node
  • PARC Universal Packet
  • Ping (video gaming)
  • Protocol data unit
  • Public switched data network
  • Robust random early detection
  • Raw socket
  • SQLFilter
  • Start Frame Delimiter
  • Statistical time division multiplexing
  • Syncword
  • TCP reset attack
  • Virtual packet
  • Article Sources and Contributors
  • Image Sources, Licenses and Contributors
  • License

Deep Packet Inspection (DPI

)
IN-DEPTH: THE REAL DRIVERS AND
WORKINGS

Kevin Roebuck

REDUCES THE RISK OF YOUR TECHNOLOGY, TIME AND RESOURCES
INVESTMENT DECISIONS

ENABLING YOU TO COMPARE YOUR
UNDERSTANDING WITH THE OBJECTIVITY OF EXPERIENCED PROFESSIONALS

High-impact Strategies - What You Need to Know: Definitions, Adoptions, Impact, Benefits, Maturity, Vendors

Topic relevant selected content from the highest rated entries, typeset, printed and shipped. Combine the advantages of up-to-date and in-depth knowledge with the convenience of printed books. A portion of the proceeds of each book will be donated to the Wikimedia Foundation to support their mission: to empower and engage people around the world to collect and develop educational content under a free license or in the public domain, and to disseminate it effectively and globally. The content within this book was generated collaboratively by volunteers. Please be advised that nothing found here has necessarily been reviewed by people with the expertise required to provide you with complete, accurate or reliable information. Some information in this book maybe misleading or simply wrong. The publisher does not guarantee the validity of the information found here. If you need specific advice (for example, medical, legal, financial, or risk management) please seek a professional who is licensed or knowledgeable in that area. Sources, licenses and contributors of the articles and images are listed in the section entitled “References”. Parts of the books may be licensed under the GNU Free Documentation License. A copy of this license is included in the section entitled “GNU Free Documentation License” All used third-party trademarks belong to their respective owners.

Contents
Articles
Deep packet inspection Allot Communications Barracuda Networks Check Point Cisco Systems Front Porch Labris Teknoloji Narus (company) NebuAd Network intelligence Radware Sandvine SonicWALL Stonesoft Corporation Theta Networks Viaedge Network packet Active queue management Paul Baran Berkeley Packet Filter Black hole (networking) Blue (queue management algorithm) Broadcasting (computing) Business Control Layer Catenet Chernobyl packet Christmas tree packet Cisco Express Forwarding Context-based access control Cut-through switching Data Path Acceleration Architecture (DPAA) Data-dependent jitter Datagram Datakit 1 8 10 14 19 28 29 30 33 40 43 46 49 51 54 55 57 62 64 68 69 70 72 73 75 75 76 77 78 79 80 80 81 81

Donald Davies Deterministic jitter Dynamic Packet Transport Fast packet switching Firewall (computing) Frame (networking) Frame check sequence G.8261 Gigapackets GSM 03.48 IPv6 packet Jitter Jumbo frame Jumbogram Lag Link state packet Packet loss Mangled packet Martian packet Maximum segment size Maximum transmission unit Network congestion NIST RBAC model OmniPeek Out-of-order delivery Packet aggregation Packet analyzer Packet Assembler/Disassembler Packet capture Packet concatenation Packet drop attack Packet generator Packet injection Packet segmentation Packet Switch Stream Packet switching Packet telephony Packet transfer delay

83 85 85 86 87 92 93 94 94 95 96 102 108 110 111 113 114 116 116 117 117 122 129 130 132 133 133 135 137 140 140 141 143 144 144 147 151 152

Packet-switched network Packet-switching node PARC Universal Packet Ping (video gaming) Protocol data unit Public switched data network Robust random early detection Raw socket SQLFilter Start Frame Delimiter Statistical time division multiplexing Syncword TCP reset attack Virtual packet

152 159 159 161 162 164 164 166 167 167 168 169 170 172

References
Article Sources and Contributors Image Sources, Licenses and Contributors 173 178

Article Licenses
License 179

Deep packet inspection

1

Deep packet inspection
Deep Packet Inspection (DPI) (also called complete packet inspection and Information eXtraction - IX -) is a form of computer network packet filtering that examines the data part (and possibly also the header) of a packet as it passes an inspection point, searching for protocol non-compliance, viruses, spam, intrusions or predefined criteria to decide if the packet can pass or if it needs to be routed to a different destination, or for the purpose of collecting statistical information. There are multiple headers for IP packets, network equipment only needs to use the first of these (the IP header) for normal operation, but use of the second header (TCP, UDP etc.) is normally considered to be shallow packet inspection (usually called Stateful Packet Inspection) despite this definition.[1] Deep Packet Inspection (and filtering) enables advanced network management, user service, and security functions as well as internet data mining, eavesdropping, and censorship. Although DPI technology has been used for Internet management for many years, some advocates of net neutrality fear that the technology can be used anticompetitively or to reduce the openness of the Internet.[2] DPI is currently being used by the enterprise, service providers and governments in a wide range of applications.[3]

Background
DPI combines the functionality of an Intrusion Detection System (IDS) and an Intrusion Prevention System (IPS) with a traditional stateful firewall.[4] This combination makes it possible to detect certain attacks that neither the IDS/IPS nor the stateful firewall can catch on their own. Stateful firewalls, while able to see the beginning and end of a packet flow, cannot on their own catch events that would be out of bounds for a particular application. While IDSs are able to detect intrusions, they have very little capability in blocking such an attack. DPIs are used to prevent attacks from viruses and worms at wire speeds. More specifically, DPI can be effective against buffer overflow attacks, Denial of Service (DoS) attacks, sophisticated intrusions, and a small percentage of worms that fit within a single packet. DPI-enabled devices have the ability to look at Layer 2 and beyond Layer 3 of the OSI model, in cases DPI can be evoked to look through Layer 2-7 of the OSI model. This includes headers and data protocol structures as well as the actual payload of the message. DPI functionality is evoked when a device looks or takes other action based on information beyond Layer 3 of the OSI model. DPI can identify and classify traffic based on a signature database that includes information extracted from the data part of a packet, allowing finer control than classification based only on header information. End points can utilize encryption and obfuscation techniques to evade DPI actions in many cases. A classified packet can be redirected, marked/tagged (see quality of service), blocked, rate limited, and of course reported to a reporting agent in the network. In this way, HTTP errors of different classifications may be identified and forwarded for analysis. Many DPI devices can identify packet flows (rather than packet-by-packet analysis), allowing control actions based on accumulated flow information.

DPI at the enterprise
Until recently, security at the enterprise was just a perimeter discipline, with a dominant philosophy of keeping unauthorized users out, and shielding authorized users from the outside world. The most frequently used tool for accomplishing this has been a stateful firewall. It can permit fine-grained control of access from the outside world to pre-defined destinations on the internal network, as well as permitting access back to other hosts only if a request to the outside world has been made previously.[5] However, vulnerabilities exist at network layers that are not visible to a stateful firewall. Also, an increase in the use of laptops in the enterprise makes it more difficult to prevent threats such as viruses, worms and spyware from penetrating the corporate network, as many users will connect the laptop to less-secure networks such as home

This is not possible in contemporary digital networks. Service providers say a minority of users generate large quantities of P2P traffic and degrade performance for the majority of broadband subscribers using applications such as email or Web browsing which use less bandwidth. . requiring additional network capacity. P2P traffic is typically used by applications that do file sharing. and copyright enforcement. Technology providers include NebuAd. they are able to monitor web-browsing habits in a very detailed way allowing them to gain information about their customers' interests. Due to the frequently large size of media files being transferred. DPI allows service providers to "readily know the packets of information you are receiving online—from e-mail. Internet service providers also apply this technology on the public networks provided to customers. to sharing of music. to websites. music and videos. which can be used by companies specializing in targeted advertising. This can be documents. Targeted advertising Because ISPs route all of their customers' traffic. illegal materials. Deep Packet Inspection is able to detect a few kinds of buffer overflow attacks.[9] and Wide Open West. In some countries the ISPs are required to perform filtering depending on the country's laws. When an e-mail user tries to send a protected file he may be given information on how to get the proper clearance to send the file. DPI can be used by the enterprise for Data Leak Prevention (DLP). P2P drives increasing traffic loads. and as many of 10% of US customers have been tracked in this way. offering tiered services. the UK ISP British Telecom has admitted testing technology from Phorm without their customers' knowledge or consent. US ISPs monitoring their customers include Knology. and at the same time enforce an acceptable use policy. At least 100. and unfair use of bandwidth. policy definition and enforcement. Common uses of DPI by ISPs are lawful intercept. DPI enables IT administrators and security officials to set policies and enforce them at all layers. targeted advertising. this was met by creating a traffic access point (TAP) using an intercepting proxy server that connects to the government's surveillance equipment.[8] Policies can be defined that allow or disallow connection to or from an IP address. video and software downloads". may make use of DPI to implement certain policies that cover copyright infringements. Front Porch and Phorm.000 US customers are tracked this way.[7] Policy definition and enforcement Service providers obligated by the service level agreement with their customers to provide a certain level of service. quality of service.[6] 2 DPI at network/Internet service providers In addition to using DPI to secure their internal networks. The acquisition component of this functionality can be provided in many ways.when directed by a court order . Lawful interception Service providers are required by almost all governments worldwide to enable lawful intercept capabilities. In addition. Decades ago in a legacy telephone environment. certain protocols. or even heuristics that identify a certain application or behavior. Firewalls also do not distinguish between permitted and forbidden uses of legitimately-accessed applications. and probably also Embarq.[11] Poor network performance increases customer dissatisfaction and leads to a decline in service revenues. including the application and user layer to help combat those threats. including DPI. DPI enabled products that are "LI or CALEA-compliant" can be used .to access a user's datastream.Deep packet inspection broadband connections or wireless networks in public locations.[10] Quality of service Applications such as peer-to-peer (P2P) traffic present increasing problems for broadband service providers.

a launching point for BitTorrent. Europe and Asia use DPI for various purposes such as surveillance and censorship. Other Vendors claim that DPI is ineffective against P2P and that other methods of Bandwidth Management are more effective. or "all-you-can-eat" rather than a "one-size-fits-all" package. many of these programs are classified. on the other hand has taken the position with the Federal Communications Commission (FCC) that network neutrality could hurt anti-piracy technology such as Deep Packet Inspection and other forms of filtering.[17] Statistics DPI allows ISPs to gather statistical information about usage patterns by user group. be capable of supporting the execution of a court order to provide real-time communication forensics of specified users. A policy is created per user or user group. In 2006. and in line with the policies of most countries worldwide. The Motion Picture Association of America (MPAA) which enforces movie copyrights. governments in North America. 3 Tiered services Mobile and broadband service providers use DPI as a means to implement tiered service plans.S. The FCC. the FCC adopted new Title 47. Access to trend data also help network planning. pursuant to its mandate from the US Congress. one of Denmark's largest ISPs.[18] United States FCC adopts Internet CALEA requirements.[12] This is the approach that service providers use to dynamically allocate bandwidth according to traffic that is passing through their networks. allowing the user access to different services and applications. despite European directive 2000/31/EC clearly stating that ISPs may not be put under a general obligation to monitor the information they transmit and directive 2002/58/EC granting European citizens a right to privacy of communications.Deep packet inspection DPI allows the operators to oversell their available bandwidth while ensuring equitable bandwidth distribution to all users by preventing network congestion. Additionally. Deep Packet Inspection by governments In addition to using DPI for the security of their own networks. rules requiring Internet Access Providers meet these requirements. For instance. including Internet services. “all-you-can-eat" and "one-size-fits-all” data services. Sony BMG. Tele2.[15] the International Federation of the Phonographic Industry (IFPI) and the big four record labels EMI. DPI was one of the platforms essential to meeting this requirement and has been deployed for this purpose throughout the U. a higher priority can be allocated to a VoIP or video conferencing call which requires low latency versus web browsing which does not. and the DPI system in turn enforces that policy. was given a court injunction and told it must block its customers from accessing The Pirate Bay. it might be of interest whether users with a 2 Mbit connection use the network in a dissimilar manner to users with a 5 Mbit connection.[16] The IFPI wants ISPs to filter traffic to remove illicitly uploaded and downloaded copyrighted material from their network. per service. the operator can tailor his offering to the individual subscriber and increase their Average Revenue Per User (ARPU). per application. Copyright enforcement ISPs are sometimes requested by copyright owners or required by courts or official policy to help enforce copyrights. In 2006. . has required that all telecommunication providers. to differentiate "walled garden" services from "value added".[14] Instead of prosecuting file sharers one at a time.[13] By being able to charge for a "walled garden". Universal Music and Warner Music have begun suing ISPs like Eircom for not doing enough about protecting their copyrights. Subpart Z.

part of the Iranian government's telecom monopoly.[22] The Defense Information Systems Agency has developed a sensor platform that uses Deep Packet Inspection. political parties that oppose that of the ruling Communist party. Voice traffic in Skype is unaffected.' said Mr. with no notification provided to either participant in the conversation. dividing the signal so that 50 percent of the signal strength went to each output fiber. 2009.[19] Traffic associated with AT&T’s Common Backbone was "split" between two fibers. according to a report in the Wall Street Journal in June. the Finnish cellphone company. the connection will be cut.[24] Chinese network ISPs use DPI to see if there's any sensitive keyword going through their network. China also blocks visual media sites like YouTube.[23] 4 China The Chinese government uses Deep Packet Inspection to monitor and censor network traffic and content that it claims harmful to Chinese citizens or state interests. such as curse-words. as well as alter it for disinformation purposes. The secure room contained Narus traffic analyzers and logic servers.[21] President George W." The system was purchased by the Telecommunication Infrastructure Co. If so. in 2008 from Nokia Siemens Networks (NSN). although text messages are subject to DPI. child pornography. a Munich-based investment firm. He said the company determined it was no longer part of its core business. using DPI technology. the Tiananmen Square protests and massacre of 1989. and Nokia Corp. information on religion. quoting NSN spokesperson Ben Roome. with cooperation from AT&T has used Deep Packet Inspection technology to make internet traffic surveillance. of AT&T’s peering traffic in the San Francisco Bay area. According to Marcus’s affidavit. the system "enables authorities to not only block communication but to monitor it to gather information about individuals.' at the end of March.. a joint venture Siemens AG.. This material includes pornography. and messages containing sensitive material. a capability that most if not all telecom companies have. Bush and Attorney General Alberto R."[20] Narus's Semantic Traffic Analyzer software which runs on IBM or Dell Linux servers. sorting and forwarding more intelligent.' The joint venture exited the business that included the monitoring equipment. to exclude data sources comprised primarily of domestic data. or substantially all... and political dissent. Roome said. "the designers of the . According to the Journal. configuration made no attempt." . the diverted traffic "represented all.com. drug trafficking and other criminal activities carried out online. reportedly for deep packet inspection. by selling it to Perusa [27] Partners Fund 1 LP. sorts through IP traffic at 10Gbit/s to pick out specific messages based on a targeted e-mail address. The DPI is used to find which packets are carrying e-mail or a Voice over Internet Protocol (VoIP) phone call. One of the output fibers was diverted to a secure room. he said. IP address or.[26] Iran The Iranian government purchased a system.Deep packet inspection The National Security Agency (NSA). and various photography and blogging sites. phone number. Mr. in terms of location or position of the fiber split. in the case of VoIP. Gonzales have asserted that they believe the president has the authority to order secret intercepts of telephone and e-mail exchanges between people inside the United States and their contacts abroad without obtaining a FISA warrant. are simply not delivered. Falun Gong.. NSN "provided equipment to Iran last year under the internationally recognized concept of 'lawful intercept.. China also blocks VoIP traffic in and out of their country. the other carried communications on to AT&T’s switching equipment. or a variety of anti-Communist movements[25] as those materials were signed as DPI sensitive keywords already. That relates to intercepting data for the purposes of combating terrorism. According to unnamed experts cited in the article. The monitoring center that Nokia Siemens Networks sold to Iran was described in a company brochure as allowing 'the monitoring and interception of all types of voice and data communication on all networks." and thus.. the German conglomerate. People within China often find themselves blocked while accessing Web sites containing content related to Taiwanese and Tibetan independence. Narus states that such devices are capable of real-time data collection (recording data for consideration) and capture at 10 gigabits per second. Certain traffic was selected and sent over a dedicated line to a "central location" for analysis. the Dalai Lama. what it called 'intelligence solutions. Roome.

[31] 5 DPI and net neutrality People and organizations concerned about privacy or network neutrality find inspection of the content layers of the Internet protocol to be offensive. [13] "Allot Deploys DPI Solution at Two Tier 1 Mobile Operators to Deliver Value.-based analyst and Cato Institute Adjunct Scholar. . [5] Elan Amir (2007-10-29).Added and Tiered Service Packages" (http:/ / news. call them "a solution in search of a problem" and say that net neutrality rules would reduce incentives to upgrade networks and launch next-generation network services. . a comprehensive list is maintained by the dPacket. [9] "Charter Communications: Enhanced Online Experience" (http:/ / connect. CALEA" (http:/ / arstechnica. "Ball State uses Deep Packet Inspection to ensure videoconferencing performance" (http:/ / www. com/ infocus/ 1716). 2008-02-05. thenation. "Every Click You Make: Internet Providers Quietly Test Expanded Tracking of Web Use to Target Advertising" (http:/ / www. com/ articles/ culture/ Deep-packet-inspection-meets-net-neutrality. [12] Matt Hamblen (2007-09-17). Paper presented at the International Studies Annual Convention. D. com/ action/ article. lightreading. earlier in the decade. Isenberg. pdf). "The Case for Deep Packet Inspection" (http:/ / www. . techtarget.[28] Questions have been raised about the reporting reliability of the Journal report by David Isenberg. "The Perils of Deep Packet Inspection" (http:/ / www. [6] Michael Morisy (2008-10-23). Ken Ledeen. Retrieved 2010-02-01. de/ ~bendrath/ Paper_Ralf-Bendrath_DPI_v1-5.Deep Packet Inspection" (http:/ / www. IT Business Edge. com/ wp-dyn/ content/ article/ 2008/ 04/ 03/ AR2008040304052. html). securityfocus. Thomas Porter (2005-01-11). html). [3] Ralf Bendrath (2009-03-16). com/ doc/ 20060213/ chester). Chris Lewis (2009). Retrieved 2006-02-06. msn. Security Focus. . do?command=viewArticleBasic& taxonomyId=16& articleId=9036959& intsrc=hm_topic). . com/ item/ ?ci=35275). aspx?Feed=PR& Date=20080205& ID=8139811& Symbol=ALLT).sid7_gci1335767. [11] "Deep Packet Inspection: Taming the P2P Traffic Beast" (http:/ / www. New York City. . com/ ticker/ article. computerworld.org community [36] References [1] Dr. Money Central. [4] Ido Dubrawsky (2003-07-29). itbusinessedge. priv. asp?sku_id=1221& skuitem_itemid=957). 15–18 February 2009" (http:/ / userpage. Retrieved 2008-03-03. charter. Security Focus. com/ infocus/ 1817). "Data leak prevention starts with trusting your users" (http:/ / searchnetworking.[29] NSN has issued the following denial: NSN "has not provided any deep packet inspection. .Deep packet inspection The NSN system followed on purchases by Iran from Secure Computing Corp. com/ news/ article/ 0. "Global technology trends and national regulation: Explaining Variation in the Governance of Deep Packet Inspection. "Firewall Evolution . Office of the Privacy Commissioner of Canada."[30] A concurrent article in The New York Times said the NSN sale had been covered in a "spate of news reports in April [2009]. com/ landing/ op1. "the 'Net was built on open access and non-discrimination of packets!"[32] Critics of network neutrality rules. php/ essays/ just-deliver-the-packets/ ). Retrieved 2008-04-08. meanwhile.[35] The open source community offers a wide array of options for performing deep packet inspection functions. [2] Hal Abelson. The Nation. . "Just Deliver the Packets.00. ca/ index. had similar complaints with one of the same Journal reporters himself in an earlier story. "Deep Packet Inspection meets 'Net neutrality. Retrieved 2008-05-14. [8] Jeff Chester (2006-02-01). web censorship or Internet filtering capability to Iran. specifically saying that Mr. PACE includes obfuscated/encrypted protocols like Skype or encrypted BitTorrent. Retrieved 2010-01-08. . Retrieved 2008-03-02. securityfocus.C. including The Washington Times. html). an independent Washington. com/ insider/ details. ." and reviewed censorship of the Internet and other media in the country. Computer World. [7] Nate Anderson (2007-07-25). . in: "Essays on Deep Packet Inspection". Roome is denying the quotes attributed to him and that he. washingtonpost. but did not mention DPI. fu-berlin. gc. Light Reading. . International Studies Association. Retrieved 2010-01-08. moneycentral. ars). "The End of the Internet?" (http:/ / www. Retrieved 2008-03-02. The Washington Post. SearchNetworking.289142. Retrieved 2008-03-02.com. Retrieved 2008-03-03. . . ars technica. Retrieved 2006-02-06. [10] Peter Whoriskey (2008-04-04).[7] saying for example.[33] Software Opendpi[34] is the open source version for non obfuscated protocols. Ottawa" (http:/ / dpi.

php [28] "Iran's Web Spying Aided By Western Technology" (http:/ / online. Open Net Initiative. com/ blog/ 2009/ 06/ questions-about-wsj-story-on-net. enn. net/ studies/ china/ ). . html) by David S. Retrieved 2008-03-13. com/ article/ id. html). Retrieved 2008-03-12. "Network Neutrality: Historic Neutrality" (http:/ / www. 2007-10-18. Retrieved 6/22/09. com/ technology/ content/ jan2006/ tc20060112_434051. [20] Bellovin. ENN. Cybertelecom.breakingpointsystems. com/ science/ discoveries/ news/ 2006/ 05/ 70914). com/ wp-dyn/ content/ article/ 2006/ 01/ 06/ AR2006010601772. "Network Neutrality: Insufficient Harm" (http:/ / www. net/ jerry/ politics/ Warrantless/ WarrantlessFACTS. . Ph. 2009. com/ global/ Press/ Press+ releases/ news-archive/ Provision+ of+ Lawful+ Intercept+ capability+ in+ Iran. Peter G. Restores Flickr and Blogspot" (http:/ / www. opennetinitiative. htm). Retrieved 2008-03-12. Isenberg. ""Year of filters" turning into year of lawsuits against ISPs" (http:/ / arstechnica. dpacket. nytimes. . Cybertelecom. [32] Genny Pershing.Domestic Action's Legality Challenged" (http:/ / www. [24] Ben Elgin and Bruce Einhorn (2006-01-12). com/ newsletters/ isp/ 2007/ 0625isp1. and Jennifer Rexford (January/February 2008). 2009. news.17. "Deep Security: DISA Beefs Up Security with Deep Packet Inpection of IP Transmissions" (https:/ / www. "OEM provider Bivio targets government market" (http:/ / www. cybertelecom. (2006-09-26). The Wall Street Journal. html). "Risking Communications Security: Potential Hazards of the Protect America Act" (http:/ / www. cybertelecom. . com/ 2009/ 06/ 23/ world/ middleeast/ 23censor. Retrieved 2008-03-13. [23] Cheryl Gerber (2008-09-18). htm) Company press release. html).com/security/computer_security/editorials/deepinspect/) • A collection of essays from industry experts (http://dpi. The Washington Post. wired.Deep packet inspection Retrieved 2008-03-03. com/ news. org/ articles/ deep-security-disa-beefs-security-deep-packet-inpection-ip-transmissions). CNET News. [19] J. [15] Matthew Clark (2005-07-05). Susan Landau. Leonnig (2007-01-07). Network World. June 23. [33] Genny Pershing. I. Retrieved 6/23/09. [31] "Web Pries Lid of Iranian Censorship" (http:/ / www.138599-c. . 2009. "The Great Firewall of China" (http:/ / www.1109/MSP. [25] "Internet Filtering in China in 2004-2005: A Country Study" (http:/ / www. html) by Christopher Rhoads in New York and Loretta Chao in Beijing. html).sites/ article.priv. [17] Anne Broach (2007-07-19).com/resources/ resiliency-methodologies/dpi-resiliency-methodology) • Subverting Deep Packet Inspection the Right Way (http://www. pcworld. . ars/ post/ 20080311-year-of-filters-turning-into-year-of-lawsuits-against-isps. networkworld. PC World. "The Ultimate Net Monitoring Tool" (http:/ / www. Retrieved 2008-03-12. Retrieved 2008-03-12. [18] Carolyn Duffy Marsan (2007-06-27). The New York Times. org/ ) [35] Deep packet inspection engine goes open source (http:/ / arstechnica. [27] http:/ / www. "Eircom and BT won't oppose music firms" (http:/ / www.2008. com/ open-source/ news/ 2009/ 09/ deep-packet-inspection-engine-goes-open-source.ca/) • What Is Deep Packet Inspection and Why the Controversy (http://netequalizernews. . ie/ frontpage/ news-9617239. Retrieved 2008-06-26. "Report Rebuts Bush on Spying . ars technica. Retrieved 6/22/09. Retrieved 2008-03-03. [34] Opendpi (http:/ / www. html). . "MPAA: Net neutrality could hurt antipiracy tech" (http:/ / www. Matt Blaze. [16] Eric Bangeman (2008-03-11). org/ ci/ neutral. com/ article/ SB124562668777335653. Retrieved 2008-03-03.registration required (http://www. . . isen. IDG News Service. . Steven M. [14] Jeremy Kirk (2008-02-13). htm#ins). infoworld. Retrieved 6/22/09. [29] "Questions about WSJ story on Net Management in Iran" (http:/ / www.gc. doi:10. wsj.com/2011/02/08/ what-is-deep-packet-inspection-and-why-the-controversy/) • White Paper "Deep Packet Inspection – Technology. "How the NSA warrantless wiretap system works" (http:/ / www. Retrieved 2008-03-13.blog. de/ english/ who_we_are. org/ group-posts/ open-source-software-general-discussion/ open-source-software-related-deep-packet-inspect) 6 External links • Test Methodology .ranum. nokiasiemensnetworks.com/ resources/white-papers/) . com/ 8301-10784_3-9746938-7. Business Week. isen. html). Applications & Net Neutrality" (http://www. June 22. Retrieved 2008-10-30. washingtonpost. Nelson.D. Retrieved 2008-06-26. . Retrieved 2008-03-03. businessweek. html). IEEE Security and Privacy (IEEE Computer Society) 6 (1): 24–33. com/ article/ 08/ 02/ 13/ Danish-ISP-prepares-to-fight-Pirate-Bay-injunction_1. Whitfield Diffie. ars) [36] (https:/ / www. dpacket. org/ ci/ neutral. "Danish ISP prepares to fight Pirate Bay injunction" (http:/ / www. June 22. pdf). html). crypto. Wired..io/?p=9) • What is "Deep Inspection"? (http://www. html?_r=1& hp) by Brian Stelter and Brad Stone. . 2009. [21] Robert Poe (2006-05-17). [26] "China Blocks YouTube. htm#his). . . com/ papers/ paa-ieee.inputoutput. [22] Carol D. Retrieved 2008-03-03. nerdylorrin. opendpi.ipoque. [30] "Provision of Lawful Intercept capability in Iran" (http:/ / www. perusa-partners. June 22. Neumann. Retrieved 2008-03-03.

com/products/mu-test-suite/ scale-testing.com/ deep-stamp-an-evolving-internet/) • Validate DPI policy using real applications (http://www.DPI technology used by Egyptian government in recent internet crackdown • http://www.Deep packet inspection • Egypt's cyber-crackdown aided by US Company (http://therealnews.com/ • Deep Packet Inspection puts its stamp on an evolving Internet (http://advancedtca-systems.savetheinternet.mudynamics.html) 7 .com/t2/latest-news/ best-of-web?task=videodirectlink&id=9042) .

[5] By 2004 Allot raised $38 million. JAFCO Investment.97 million (2010) US$ 5.[6] In November 2003. Gemini. application control and subscriber management.[5] Jacoby previously founded Armon Networking. including: Genesis Partners. BancBoston Capital. CTO: Jay Klein VP Operations: Pini Gvili Products Revenue Net income Networking. Bandwidth optimization US$ 56.76 million (2010) Employees 400 Website www. TASE: ALLT [3]) is a provider of IP service optimization solutions for service providers.Allot Communications 8 Allot Communications Allot Communications Type Industry Founded Public (NASDAQ: ALLT [1] ) Technology. in several rounds of funding. who served as chief executive and chairman until 2006. which was sold to Bay Networks for $33m in 1996. a manufacturer of RMON-based network management solutions. carriers and enterprises.[7] . Allot solutions use deep packet inspection (DPI) technology to change broadband pipes into smart networks offering complete network visibility. QoS Solutions. by Michael Shurman and Yigal Jacoby.[4] Corporate history Allot Communications was founded in 1996. Walden Israel. Communication systems 1996 Key people CEO: Rami Hadar. Deloitte & Touche named Allot the fourth fastest growing company on its Israel Technology Fast 50 list.com [2] Allot Communications (NASDAQ: ALLT [1].[5] In 2006.allot. and Tamar Technology Ventures. from several venture capital funds. This ranking represented revenue growth of nearly 1900% in a year's time. following an IPO which raised $78m. Rami Hadar appointed President and Chief Executive Officer. Jerusalem Venture Partners. and the company began trading publicly on the Nasdaq Global Market under the ticker symbol ALLT.

highbeam. TMCnet. Combines Teams and Technologies to Form Solid Base for Continued Growth. [7] Krawitz. Richard (March 17. "Allot Communications wraps up $8 million financing round" (http:/ / www. highbeam. The Jerusalem Post. "Allot Communications' Sigma Service Gateway" (http:/ / www. 2008.Allot Communications 9 Acquisitions • In September 2002 Allot acquired NetReality. a New Zealand based developer of network protection solutions for carriers and internet service providers. [9] "Allot Acquires Esphion" (http:/ / www. and enterprises. com/ doc/ 1P1-131347725.com) . The Marker. html). html). 2002. [5] Dar. com/ doc/ 1G1-92808325. January 3. asp?doc_id=142343). Allot's portfolio of hardware platforms and software applications employs Deep Packet Inspection (DPI) technology to turn broadband pipes into smart networks.[8] • In January 2008 Allot Acquired Esphion. Zuri (25-08-2004). tase. so that value-added Internet services can be rapidly deployed. Business Wire. html). Israel Business Today. VoIP and Video applications. com/ asp/ SummaryQuote.com. Avi (November 17. Light Reading. com/ [3] http:/ / www. in Nasdaq listing" (http:/ / www. Allot solutions are also used to support the need of service providers to charge more from heavy users of peer-to-peer. nasdaq. encyclopedia.[4] References [1] http:/ / quotes. com/ channels/ bandwidth-management/ articles/ 52408-allot-communications-sigma-service-gateway.[9] Products Allot provides intelligent IP service optimization solutions for DSL. asp?articleID=2128). com/ ivcWeeklyItem. tmcnet. in order to enhance its quality of service (QoS) and bandwidth management solutions. [6] "Bay Networks acquires Armon Networking" (http:/ / www. il/ TASEEng/ Management/ GeneralPages/ SimpleSearchResult. asp?symbol=ALLT& selected=ALLT [2] http:/ / www. September 24. "Allot raises $78m. March 24. lightreading. External links • Allot Communications (http://allot. a provider of network application priority switches (NAPS). allot. ivc-online. 2006)." (http:/ / www. [8] "Allot Communications Acquires NetReality. wireless broadband carriers. 2009). co. service providers. 1996. com/ doc/ 1G1-18165625. com/ document. htm). htm?objectId=& objectType=& securityType=& searchTerm=ALLT [4] Grigonis.

Barracuda Networks 10 Barracuda Networks Barracuda Networks Type Industry Founded Private Telecommunication 2003 Headquarters Campbell. The company's networking and storage solutions include web filtering. message archiving. Sequoia Capital had previously provided financing to Cisco Systems. application delivery controllers. web hackers and instant messaging threats such as spam. which Trend Micro claimed to be in violation of their patent on 'anti-virus detection on an SMTP or FTP gateway'.[9] Soon after opening BRBL many IP addresses got blacklisted without apparent reason and without any technical explanation. it closed its first outside investment of $40 million from Sequoia Capital and Francisco Partners.[14] .[3] In 2007 the company moved its headquarters to Campbell. Backup solutions. Michigan. spyware. NG firewalls.000 customers. web surfing. its proprietary and dynamic list of known spam servers. in July 2008 Barracuda launched a countersuit against Trend Micro claiming Trend Micro violated several antivirus patents Barracuda Networks had acquired from IBM. 2008. for free and public use in blocking spam at the gateway.[8] In December 2008. the company launched the BRBL (Barracuda Reputation Block List).com [1] Barracuda Networks. Google. Web Site Firewalls. and viruses. is a privately held company providing security. California. and Yahoo!.[2] Barracuda Networks was established in 2003 and introduced the Barracuda Spam and Virus Firewall.barracudanetworks.[4] and opened an office in Ann Arbor. Barracuda had over 85. load balancing. Load balancers.[6] On January 29.[10] [11] [12] [13] As of October 2009. Inc. Web filters. trojans. The company’s security products include solutions for protection against email. CudaTel PBX Employees Website 500-1000 www.[7] In addition to providing samples of prior art in an effort to render Trend Micro's patent invalid. Email Archivers. IM firewalls. United States Key people Dean Drako (CEO) Michael Perone (CMO) Zach Levow (CTO) Products Spam Firewalls. California. networking and storage solutions based on appliances and cloud services. NG Firewalls.[5] In January 2006. backup services and data protection. SSL VPNs. Netscreen. Barracuda Networks was sued by Trend Micro over their use of the open source anti-virus software Clam AntiVirus.

Launched in September 2005 to protect and archive instant messaging content.[32] September 2009. Barracuda Networks expanded into cloud-based backup services by acquiring BitLeap. Barracuda added message-level backup for Microsoft Exchange and Novell GroupWise. and to control web surfing. and Windows system states. the company introduced its web filtering appliance to prevent spyware and viruses from gathering and transmitting user data. Barracuda Networks acquired Yosemite Technologies to add software agents for incremental backups of applications such as Microsoft Exchange Server and SQL Server. an Austria-based public company delivering enterprise-class firewalls.[28] Acquisitions In September 2007.In November 2008.[17] • IM Firewall .In October 2009. remote access.In November. Barracuda Networks acquired 3SP. and to meet legal and regulatory compliance. a software as a service (SaaS) company offering cloud based web filtering and security. formerly Tapeware.Announced in September 2008.[27] • CudaTel Communication Server (PBX) . integrating Barracuda Backup Service with Yosemite Backup. 2008.In October 2003. allowing the company to introduce Secure Sockets Layer (SSL) Virtual Private Network (VPN) products to perform malware scans on files uploaded during a VPN session to network file shares or internal Web sites.[33] In October 2009. layer 7 application profiling. and network access control into one platform that is centrally managed across multiple distributed enterprise network locations.[21] • Web Application Firewall .[34] .[18] • Load balancer . and safe web surfing. including [24] In January 2009. Barracuda announced its NG Firewalls to protect enterprise network infrastructures. to optimize and aggregate internet connections from different providers.[22] • Link Balancer .[26] • NG Firewall . in conjunction with its acquisition of Purewire.[16] • Web filter .[20] • SSL VPN .in August 2010. Barracuda Networks acquired NetContinuum. the company introduced message archiving to index and preserve emails.[29] In November 2008. Barracuda announced the release of CudaTel.[25] • Purewire Web Security Service .In April 2005. clientless.Announced in February 2008.[31] In January 2009. CudaTel features FreeSWITCH.In July 2007. NG Firewalls are available both as hardware or as a virtual appliance and include wide area network traffic optimization. on-site backup with data deduplication and off-site data replication for disaster recovery. intrusion prevention. Barracuda announced its spam and virus firewall plug-in appliance. The firewalls integrate web and email filtering. a open-source project sponsored by Barracuda Networks. the company launched its secure sockets layer virtual private network product to provide secure. Barracuda Networks acquired Purewire Inc.[15] In June 2008. the company announced a service to back up data in the cloud. a VOIP Private branch exchange designed for IT administrators. Barracuda Networks launched the Purewire Web Security Service which is a software as a service offering for Web filtering. the company introduced a load balancing appliance for high availability distribution of network traffic across multiple servers.[23] • Backup services .Barracuda Networks 11 Products • Spam and virus firewall .In February 2010.[30] In November 2008. content security. Barracuda Networks acquired controlling interest in phion AG. Barracuda launched a spam and virus firewall for large enterprises and ISPs.In November 2006. for securing Web applications for large enterprises and to address regulation compliance such as PCI DSS. a company providing application controllers to secure and manage enterprise web applications.[19] • Message archiver .

com/ c/ a/ Security/ Barracuda-Networks-Breaks-Into-SSL-VPN-Space-for-Small-Business/ ) [32] PC World Backup Merger Unites Barracuda. com/ usa/ brief. html?ana=from_rss) . bizjournals. com/ [2] Company Product Page. jhtml?articleID=160902103) [18] ComputerWorld Security Security Log (http:/ / www. shtml) [5] Crain's Detroit Business Silicon Valley firm picks Ann Arbor for office (http:/ / www. barracudanetworks. linux. com/ usa/ story. computerworld. html) [9] Linux.jsessionid=XDFD2WAXZBEB3QE1GHPCKH4ATMY32JVN) [25] PCWorld Backup Merger Unites Barracuda. com/ 2009/ 10/ 13/ barracuda-swallows-purewire-as-it-becomes-a-bigger-fish-in-web-based-security-services/ ) [4] The Campbell Reporter Barracuda Networks sinks its teeth into site on Winchester Boulevard (http:/ / www. com/ sanjose/ stories/ 2009/ 10/ 12/ daily19. html. html) [24] Information Week Barracuda Swims Into The Cloud (http:/ / www. com/ blog/ main/ archives/ 2008/ 11/ barracuda_swims. com/ equipment/ 2007/ barracuda_message_archiver. com/ news.Barracuda Networks 12 References [1] http:/ / www. cfm?item=15073) [23] ISP Planet Barracuda Networks' Link Balancer (http:/ / www. html) [21] Comms Express New SSL VPN Announced (http:/ / www. comms-express. it-observer. informationweek. com/ article/ 158462/ backup_merger_unites_barracuda_yosemite. ars/ post/ 20080129-barracuda-defends-open-source-antivirus-from-patent-attack. triumf. com/ equipment/ 2008/ barracuda+ link+ balancer. ca/ barracuda-problems. infosecurity-magazine. com/ ns/ products/ ) Barracuda Networks. com/ archive/ articles/ 155880) [10] http:/ / andrew. eweek. pcworld. com/ blog/ main/ archives/ 2008/ 11/ barracuda_swims. (http:/ / www.com Barracuda offers a new alternative to Spamhaus (http:/ / www. Yosemite (http:/ / www. bizjournals.jsessionid=OVGGXQ5J5OOQHQE1GHPCKH4ATMY32JVN) [31] Eweek Barracuda Networks Breaks into SSL VPN Space (http:/ / www. spiceworks. com/ topic/ 32502 [14] San Jose Business Journal Barracuda Networks buys Purewire (http:/ / sanjose. com/ barracuda-networks-buys-netcontinuum/ article/ 35669/ ) [30] InformationWeek Barracuda Swims Into The Cloud (http:/ / www. Yosemite (http:/ / www. pcworld. html) [15] ComputerWorld Barracuda Networks launches antispam appliance line (http:/ / www. (http:/ / www. com/ ns/ news_and_events/ index. html?fsrc=rss-virusworms) [7] Ars Technica Barracuda defends open-source antivirus from patent attack (http:/ / arstechnica. com/ news. com/ news/ 2006/ 011106-barracuda. html. bizjournals. com/ sanjose/ stories/ 2009/ 09/ 28/ daily9. com/ archives/ campbellreporter/ 20070323/ business2. barracudanetworks. informationweek. channelinsider. html) [26] Channel Insider Barracuda Acquires Cloud Security Vendor Purewire (http:/ / www. ars/ post/ 20080702-barracuda-bites-back-at-trend-micro-in-clamav-patent-lawsuit. community-newspapers. heyvan. html [11] http:/ / www. computerworld. html) [34] Atlanta Business Chronicle Barracuda buys Purewire Inc. echannelline. networkworld. com/ s/ article/ 104909/ Security_Log?taxonomyId=017) [19] IT & Security Portal Barracuda Networks Launches Barracuda Load Balancer (http:/ / www. isp-planet. echannelline. com/ article/ 158462/ backup_merger_unites_barracuda_yosemite. com/ c/ a/ Security/ Barracuda-Acquires-Cloud-Security-Vendor-Purewire-559167/ ) [27] InfoSecurity Barracuda moves into distributed firewall technology (http:/ / www. Retrieved 2010-02-10. com/ 2008/ 11/ 06/ barracudacentral-another-blacklist-black-hole/ [13] http:/ / community. scmagazineus. php?nid=368) [29] SCMagazine Barracuda Networks buys NetContinuum (http:/ / www. com/ news/ security/ vulnerabilities/ showArticle. com/ view/ 7138/ barracuda-moves-into-distributed-firewall-technology/ ) [28] Barracuda Networks Launches CudaTel – New VoIP PBX Based on the Open Source FreeSWITCH Project (http:/ / www. html) [20] ISP Planet Barracuda's Message Archiver (http:/ / www. com/ barracuda-networks-launches-barracuda-load-balancer. linux. com/ archives/ campbellreporter/ 20070323/ business2. [3] VentureBeat Barracuda swallows Purewire as it becomes a bigger fish in web-based security services (http:/ / venturebeat. com/ atlanta/ stories/ 2009/ 10/ 19/ story7. html) [33] Silicon Valley Business Journal Barracuda Networks takes controlling interest in phion (http:/ / sanjose. com/ archive/ ?module=comments& func=display& cid=1204572 [12] http:/ / steve. cfm?item=23340) [17] InformationWeek Barracuda Rolls Out Spyware-Blocking Appliance (http:/ / www. com/ news/ networking-equipment/ floor-boxes/ new-ssl-vpn-announced-18881252/ ) [22] eChannelline Barracuda puts bite on SMB Web application controller (http:/ / www. shtml) [6] NetworkWorld Barracuda attracts $40 million in venture investment (http:/ / www. com/ s/ article/ 86007/ Barracuda_Networks_launches_antispam_appliance_line?taxonomyId=086) [16] eChannelline Barracuda launches Spam Firewall for large enterprises (http:/ / www. barracudanetworks. html) [8] Ars Technica Barracuda bites back at Trend Micro in ClamAV patent lawsuit (http:/ / arstechnica. community-newspapers. isp-planet. informationweek.

barracudanetworks.barracudanetworks.Barracuda Networks 13 External links • Barracuda Networks corporate website (http://www.com/ns/products/) • CudaTel .com) • Barracuda Networks company Products page (http://www.Barracuda Networks PBX/Phone System (http://www.cudatel.com) .

Check Point first pioneered the industry with FireWall-1 and its patented stateful inspection technology. Gil had the initial idea for the company’s core technology known as stateful inspection. markets and supports a wide range of software and combined hardware and software products that cover all the aspects of IT security. California (ZoneAlarm).com [3] Products Check Point Software Technologies Ltd. The company's development centers are located in Israel. Check Point Integrity.8 million (2010) [2] 2. at the age of 25. together with two of his friends. security. Founder. The company also has offices in the United States. soon afterwards they also developed one of the world’s first . Check Point today counts approximately 2.200 (2010) ZoneAlarm. Founded in 1993 in Ramat-Gan.9 million (2010) US$ $452. by the company’s current Chairman & CEO Gil Shwed. Texas area. History Check Point was established in 1993. which became the foundation for the company’s first product (simply called FireWall-1). Today the company develops. SofaWare www. VPN-1. Israel.300 employees worldwide. Type Public NASDAQ-100 component NASDAQ: CHKP IT security Computer software Computer hardware [1] Traded as Industry Founded 1993 Headquarters Tel Aviv. Security appliances. Marius Nacht (currently serving as Vice Chairman) and Shlomo Kramer (who left Check Point in 2003 to set up a new company – Imperva. (NASDAQ: CHKP [1]) is a global provider of IT security solutions. including network security. in Redwood City. data security and security management.097. Israel (before May 2007: Ramat Gan) Key people Gil Shwed. Ontario area. Best known for its firewall and VPN products. endpoint security. as well as in Canada in the Ottawa. Web Application Security Revenue Net income Employees Subsidiaries Website US$ $1.Check Point 14 Check Point Check Point Software Technologies Ltd.checkpoint. Sweden (Former Protect Data development centre) and in Belarus. Endpoint. Intrusion prevention systems. California and in the Dallas. UTM-1. where he serves as President and CEO). Chairman & CEO Marius Nacht. Founder FireWall-1.

• Data Security . Data Loss Prevention and Application Control. and tablet PCs.[10] In 1998.S. access controls. full disk encryption.Allows administrators to manage events.[4] followed by a distribution agreement with HP in 1995. the company was named worldwide firewall market leader by IDC with a market share of 40 percent. These products are deployed as software on x86 based servers or appliances.Check Point's core business has historically focused on network security components including Firewall. Intrusion Prevention. Check Point Document Security focuses on protecting data-in-use. Anti-spam.Data security solutions focus on securing data throughout the stages of the data lifecycle.The Security Gateway VE product for virtual environments.the Check Point Mobile Access software product provides secure access to corporate resources via a SSL VPN portal for devices such as laptops. mobile phones. multi-domain security management.Check Point VPN products (VPN-1).deployed as a single security agent that combines firewall. or as a VMware network appliance. Solutions are based on the Software Blade architecture. culminating in the acquisition of Nokia’s network security business unit in 2009.[4] During the 2000s. secures virtual machines and applications via either hypervisor integration using the VMSafe API. [5] [6] Initial funding of $600. either from technology partners like Crossbeam and Hewlett-Packard. and telecommunications carriers: • Network Security .g. UTM-1 Edge.[4] Shwed developed the idea while serving in the Israel Defense Forces. head office was established in Redwood City. A separate product called VPN Power-1 VSX can host multiple virtual security gateways on a single machine. with a portfolio of 11 management software blades including event analysis. a venture capital fund established by brothers Eli and Nir Barkat (who on November 11.[11] by 2000 the company became the world’s leading provider of VPN solutions (in terms of market share).[12] 15 Products Check Point offers the following primary solutions and product lines. IP Appliances. Check Point established a successful partnership with Nokia. antivirus. set policy and apply protections across the entire security infrastructure from a single interface. removable media encryption. • Mobile Security . Antivirus.[8] The same year. which are sold to small and medium businesses (SMBs). • Endpoint Security . The security policies for networked endpoints can be centrally managed from a single location via the Endpoint Policy Management Software Blade product. which runs on VMware ESX and ESXi. 2008 was elected as mayor of Jerusalem). just over 10 years after first establishing the partnership with Nokia. VPNs. correlation. California. UTM-1.[9] In June 1996. where he worked on securing classified networks. and the DLP security gateway product secure data-in-motion and data-in-use. URL filtering. allowing remote access of the corporate network via a VPN connection. Full Disk Encryption. the U. Check Point started acquiring other IT security companies. and device provisioning. Media Encryption and Port Control secure data-at-rest on endpoints. managed service providers. which bundled Check Point’s Software with Nokia’s computer Network Security Appliances. and a VPN client. Mobile Access. Check Point raised $67 million from its initial public offering on NASDAQ. and Integrated Appliance Solutions platforms. anti-spyware.000 was provided by BRM Group.[7] The company’s first commercial breakthrough came in 1994 when Check Point signed an OEM agreement with Sun Microsystems. network access control. By February 1996. and also contains encrypted storage for confidential data. • Virtualization Security . IPsec VPN. enterprises. • Security Management . USB). I/O port protection (e. Power-1. . The Check Point Abra USB device provides a secure virtual desktop for Microsoft Windows machines. or on Check Point’s own line of appliances which includes Safe@Office.

[25] In 2009.[24] Bogner claimed that Check Point.[26] . makers of the ZoneAlarm personal firewall software. as a cooperation between Check Point and SofaWare's founders.[16] • NFR security.[13] The court ruled that the three founders could not individually exercise their veto power. which owns 60% of Sofaware. Protect Data acquired Reflex Software. Etay Bogner. Check Point tried to acquire intrusion prevention system developers Sourcefire for $225 million. with a 38% revenue market share.[13] His derivative suit was ultimately approved and Check Point was ordered to pay SofaWare NIS 13 million for breach of contract. Adi Ruppin and Etay Bogner. with the purpose of extending Check Point's success in the enterprise market.[22] In 2002. the Tel Aviv District Court Judge ruled that Bogner SofaWare could sue Check Point by proxy for $5. and withheld monies due for use of SofaWare technology and products[24] Check Point appealed the ruling.[13] In 2011. content filtering. anti-virus and more. According to SofaWare's co-founder Adi Ruppin. a data security startup company based in Boston. consumer and branch office market. claiming Check Point was not transferring funds to SofaWare as required for its use of SofaWare's products and technology. sales of SofaWare's Safe@Office firewall/VPN appliances skyrocketed. One of the key aspects of this effort has been the creation of a management system designed to enable service providers or value added resellers to lift the burden of security management from the end users while at the same time delivering additional services such as automatic security and software updates. was acquired in April 2009. Bogner sought court approval to file a shareholder derivative suit.[13] • Zone Labs. for $205 million in cash and shares. in January 2002 (partial acquisition). resulting in SofaWare becoming a wholly owned subsidiary. and SofaWare held the #1 revenue position in the worldwide firewall/VPN sub-$490 appliance market. an intrusion prevention system developer. in a cash deal valued at $586m in late 2006. has behaved belligerently.[12] • Privately held Liquid Machines. but later lost the appeal. co-founder of SofaWare scored a legal victory over Check Point. which includes Bogner. the company started selling the Safe@Office / Safe@Home line of security appliances.1 million in alleged damage to SofaWare.Check Point 16 Acquisitions • SofaWare Technologies. Check Point settled all litigation relating to SofaWare.[13] In 2006. and began a process of acquiring the remaining shares. the Israeli Supreme Court ruled that a group of founders of SofaWare. for $20 million in late 2006.[17] • Nokia Security Appliances division. in 2003.[15] Prior to their acquisition by Check Point.[18] In 2005. "The Company's vision is to take this enterprise-strength technology and make it as simple to use and as affordable as possible without detracting from its quality. under the Check Point brand.[21] By the fourth quarter of 2002. the holding company for PointSec Mobile Technologies.[19] but later withdrew its offer after it became clear US authorities would try to block the acquisition.[23] Relations between Check Point and the SofaWare founders went sour after the company acquisition in 2002.[13] In 2004. to the small business. was acquired in June 2010. SofaWare began selling firewall appliances under the SofaWare S-Box brand. but only as a group and by majority rule. "[21] In 2001. As part of the settlement it acquired the SofaWare shares held by Bogner and Ruppin.[20] SofaWare Legal Battle SofaWare Technologies was founded in 1999. following its failed plan to acquire the larger IPS vendor Sourcefire.[14] • Protect Data. has veto power to prevent SofaWare from taking any decision of which he disapproves.

com/ press/ 2006/ nfrsecurity121906. Gil Shwed.Check Point 17 Certification Check Point has a long-running history of training and certification on their products. checkpoint. [21] Interview with Adi Ruppin. com/ corporate/ facts. including the following: • • • • • • CPCS . sciencedirect.. com/ press/ 2006/ pointsec112006. com/ article/ 31405/ CIO_20_20_Honorees_Innovator_s_Profile_Gil_Schwed_of_Check_Point_Software_Technologies_Ltd. com/ news/ channel-programs/ 18836954/ gil-shwed-chairman-ceo-check-point-software-tech. 07. 3385). checkpoint. [15] "Check Point Announces a Cash Tender Offer to Acquire Protect Data" (http:/ / www. html). Network World Dec 17. market-leading FireWall-1 solution now available through HP and its reseller channel.October 19. org/ article. 2006-03-24. html). checkpoint.Check Point Certified Managed Security Expert CCMA . net-security. [16] "Protect Data acquires Reflex Software Limited to extend product portfolio" (http:/ / www. htm). Retrieved 2008-10-12. com/ science?_ob=ArticleURL& _udi=B6V77-4PTN8PN-1& _user=10& _rdoc=1& _fmt=& _orig=search& _sort=d& _docanchor=& view=c& _searchStrId=1085105296& _rerunOrigin=google& _acct=C000050221& _version=1& _urlVersion=0& _userid=10& md5=3cf69059540492454dd362317b553b2f). Retrieved 2009-04-13. retrieved 2009-11-09 [8] Company Press Release. 2006-11-20. Worldwide Market Share of 40 Percent Represents Significant Lead in Providing Enterprise Network Security Solutions. Business Week . CIO Magazine October 1.com. sciencedirect. checkpoint. Retrieved 2008-10-12. 15. com/ asp/ SummaryQuote. p. com/ press/ 2009/ check-point-completes-nokia-acquisition-041309. ). by Berislav Kucan .Check Point Certified Master Architect References [1] http:/ / quotes. . [11] Press Release . com/ press-release/ Check-Point-Acquires-Data-Security-Startup-Liquid-Machines-NASDAQ-CHKP-1273411. "Industrial R&D as a national policy: Horizontal technology policies and industry-state co-evolution in the growth of the Israeli software industry" (http:/ / www. 18 . html). "CIO 20/20 Honorees--Innovator's Profile: Gil Schwed of Check Point Software Technologies Ltd" (http:/ / www. 1999. html). 2002. 21 January 2003." (http:/ / www. "CheckPoint Software and HP sign distribution agreement.Check Point Certified Security Administrator CCSE .Check Point Certified Security Expert Plus CCMSE . [10] Breznitz. checkpoint. Business Wire . Business Wire .February 5. com/ [4] Mayor. com/ press/ pointsec/ 2006/ 11-02. marketwire. "Etay Bogner bests Check Point in court once again" (http:/ / www. checkpoint. . html). Nurit (26-11-09). "CheckPoint Software Named Firewall Market Share Leader by IDC. Check Point Software Tech (http:/ / www.Tuesday. Retrieved 2008-10-12. 1999. . html). CRN. asp?symbol=CHKP& selected=CHKP [2] "Check Point Software Facts @ A Glance" (http:/ / www. html).December 1. cio.and Ready for Prime Time" (http:/ / www. 2009-04-13. Dan. Tracy. . [14] "Check Point Software Technologies to Acquire Zone Labs" (http:/ / www. [6] Gil Shwed. 2006-12-19. 2001. [12] "Check Point Completes Acquisition of Nokia Security Appliance Business" (http:/ / www. Nov. com/ doc/ 1G1-17461605. . com/ ebiz/ 9912/ em1201. securityfocus. com/ print-edition/ business/ etay-bogner-bests-check-point-in-court-once-again-1. [9] Press Release. Retrieved 2009-07-01. [18] Check Point Acquires Data Security Startup Liquid Machines (http:/ / www. . . Chairman & CEO. html).Check Point Certified Security Expert CCSE+ .September 25. com/ books?id=MA0AAAAAMBAJ& lpg=PA76& dq=Gil Shwed& pg=PA76#v=onepage& q=Gil Shwed& f=false). com/ doc/ 1G1-17461605. nasdaq. htm). com/ news/ 11382). [3] http:/ / www. . [13] Roth. 2001. Research Policy 36 (9): Research Policy. CIO (http:/ / books. 1995. checkpoint. . encyclopedia. "MOVERS & SHAKERS: Eli Barkat: Making Push More Polite -. Retrieved 2008-10-12. Founder and Managing Director of SofaWare. Retrieved 2008-10-12. htm) [19] "Check Point and Sourcefire to Explore Alternative Business Relationship" (http:/ / www. Business Wire . businessweek." (http:/ / www. [20] "Check Point calls off Sourcefire buy" (http:/ / www. html). Marcia. google. [17] "Check Point to Acquire NFR Security. 2002 [7] Wallace. com/ press/ 2006/ sourcefire032306. Retrieved 2008-10-13. php?id=361) [22] Check Point bolsters new firewall appliance. encyclopedia. 2006-11-02. Haaretz. 1996. com/ press/ 2003/ zonelabs121503. Oct 1. (http:/ / www. haaretz. [5] Savage. 2003-12-15. checkpoint. Expands Intrusion Prevention Capabilities to Fortify Enterprise Networks" (http:/ / www. "Check Point Software & Nokia Expand Partnership" (http:/ / www. David. com/ science?_ob=ArticleURL& _udi=B6V77-4PTN8PN-1& _user=10& _rdoc=1& _fmt=& _orig=search& _sort=d& _docanchor=& view=c& _searchStrId=1085105296& _rerunOrigin=google& _acct=C000050221& _version=1& _urlVersion=0& _userid=10& md5=3cf69059540492454dd362317b553b2f). 2006-03-23. crn.Check Point Certified Specialist CCSA .

Oded (April 25.1 million" (http:/ / english. [25] Israeli Supreme Court. 186085). 2011 18 External links • Corporate website (http://www. 2850/08 ‫ עא‬CHECK POINT SOFTWARE TECHNOLOGIES LTD ‫'נ' איתי בוגנר )עליון.com/) . 2006).checkpoint. checkpoint. . ח' מלצר. Retrieved 14 June 2010. נ‬ ‫)הנדל‬ [26] Check Point 20-F SEC filing. com/ press/ 2003/ infonetics031203. com/ economy-finance/ sofaware-founder-cleared-to-sue-check-point-for-5-1-million-1. html) [24] Arbel.Check Point [23] Check Point Software Stakes Claim in Small Business Internet Security Space Company Duplicates Market-leading Enterprise Success in Sub-$490 Appliance Segment (http:/ / www. "Sofaware founder cleared to sue Check Point for $5. themarker. א' רובינשטיין. Ha'aretz.

(NASDAQ: CSCO [1]. that designs and sells consumer electronics.cisco.cisco. VOIP. networking. voice. California. SEHK: 4333 [6]) is a multinational corporation headquartered in San Jose. California.Cisco Systems 19 Cisco Systems Cisco Systems. Chambers (Chairman & CEO) Networking Device Network Management Cisco IOS and NX-OS Software Interface and Module Optical networking Storage area networks Wireless. Telepresence. Inc.com www.com] Headquarters Area served Key people Products Cisco Systems.700 (2011) List of acquisitions [www.49 billion (2011) [4] US$ 87. Type Traded as Public NASDAQ: CSCO [1] Dow Jones Industrial Average Component S&P 500 Component Industry Founded Founder(s) Computer networking San Francisco.67 billion (2011) [4] US$ 6. Inc.25 billion (2011) [5] 70. and communications technology and .09 billion (2011) [4] US$ 47. United States Worldwide John T. Security Datacenter List of Cisco Products Revenue Operating income Net income Total assets Total equity Employees Subsidiaries Website [4] US$ 43. California (1984) Len Bosack Sandy Lerner Richard Troiano [2] [3] San Jose.21 billion (2011) [4] US$ 7.

[7] 20 Corporate history Len Bosack and Sandy Lerner. NASDAQ 100 Index and the Russell 1000 Growth Stock Index. moving full time to Cisco in 1987.[21] [22] a U. which is why the company's engineers insisted on using the lower case "cisco" in the early days. Cisco introduced a new logo that was created in collaboration with Joe “Phenom” Finocchiaro and Jerry “The King” Kuyper.[8] In 1988.[16] As part of the company's overseas strategy.[10] As the Internet Protocol (IP) became widely adopted. One of the many buildings on the Cisco Systems campus in San Jose While Cisco was not the first company to develop and sell a router. Lerner was fired. the company went public (with a market capitalization of $224 million) and was listed on the Nasdaq stock exchange. On February 16.[11] In late March 2000.000 jobs means around 14 percent of the 73. a married couple who worked as computer operations staff members at Stanford University. another Stanford employee who later joined Sun Microsystems. due to lower than expected profit.[9] it was one of the first to sell commercially successful routers supporting multiple network protocols. most notably IP phones and Telepresence are frequently sighted in movies and TV series [20] The company itself and its history was featured in the documentary film Something Ventured which premiered in 2011.400 total employees before curtailment. it has built its Globalization Centre East in Bangalore for $1 billion and 20% of Cisco's leaders will be based there. Cutting as many as 10. and is also included in the S&P 500 Index.000 employees with an early-retirement program who accepted buyout and 7.03 billion. John Morgridge was appointed CEO. The name "Cisco" was derived from the city name. Bosack adapted multiple-protocol router software originally written some years before by William Yeager.[17] However. with a market capitalization of more than US$500 billion. upon hearing the news. Cisco System Inc. Cisco was the most valuable company in the world. Cisco was a 2002-03 recipient of the Ron Brown Award.Cisco Systems services.[18] [19] Media and Awards Cisco products. the importance of multi-protocol routing declined.[15] On September 7. The stock was added to the Dow Jones Industrial Average on June 8.000 employees and annual revenue of US$ 40. later joined by Richard Troiano. 2009. 1990.S.[12] [13] In July 2009. founded Cisco Systems in 1984. and succeeded in 1995 by John Chambers. at the height of the dot-com boom. Cisco commonly stays on top of Fortune "100 Best Companies to work for".0 billion as of 2010. with position #20 in 2011 [23] . 70% of which was committed to their own charity. Cisco's largest routers are primarily used to deliver IP packets. 1990. with a market cap of about US$108. The couple walked away from Cisco with $170 million. presidential honor to recognize companies "for the exemplary quality of their relationships with employees and communities". the Russell 1000 Index. For Cisco's first product. Today.[14] it is still one of the most valuable companies. cut annual expenses by $1 billion in July 2011.000 jobs that would be eliminated by the end of August 2011. The company cut around 3. The company's first CEO was Bill Graves. San Francisco. who held the position from 1987 to 1988. Lerner moved on to direct computer services at Schlumberger. her husband Bosack resigned in protest. Cisco has more than 70. 2006. On August 28.

data and network security solutions etc. for about US$7 billion. WebEx. Unified Communications.[32] Voice and conferencing solutions: VOIP phones and gateway-systems. It will no longer carry the making of Flip cameras. such as Stratacom. In March 2011. Cisco Group. In the recent merger deals. The solutions for each market are segmented into Architectures.[30] • Small businesses[31] • • • • • Routers and switches Security and surveillance: IP cameras. broadcast video contribution/distribution. Storage Networking and Cloud services. It was the most expensive acquisition made by Cisco to date.video conferencing Cisco also attempted to enter consumer market with a line of video recording devices dubbed "Flip". wireless systems. video conferencing Wireless: WiFi Access points Network storage systems • Home user[33] • Linksys product line of access points.Cisco Systems 21 Acquisitions Cisco acquired a variety of companies to bring in products and talent into the company.[27] • Collaboration: IP video and phones.[29] • IP NGN (Next Generation Networks): High-end routing and switching for fixed and mobile service provider networks. This move did not go well and on April 12. 2011. Cisco announced they were discontinuing all Flip camera production. energy and building management systems and media aware networks. Unified Fabric.[24] Several acquisitions. Data Centre Switching. TelePresence. During the Internet boom in 1999. a product design consulting firm that helped develop Cisco's Flip video camera. California. a start-up company located in Petaluma. and only the acquisition of Scientific Atlanta has been larger. and home networking. WAN acceleration. HealthPresence. Enterprise Voice over Internet Protocol (VOIP).[34] [35] . Cisco completed the acquisition of privately held network configuration and change management solutions company Pari Networks. Several acquired companies have grown into $1Bn+ business units for Cisco. Cisco bought Starent Networks (a mobile technology company) and Moto Development [25] Also in 2010.[26] Products and services Cisco's current portfolio of products and services is focused upon three market segments – Enterprise and Service Provider. • Broadband: cable modems • Cisco ūmi . Call Center systems. became a key stakeholder in e-Skills Week. In 1995-1996 the company completed 11 acquisitions. switches. Cisco acquired Linksys in 2003. entitlement and content delivery systems. • Corporate market: Enterprise networking and Service Providers • Borderless networks: for their range of routers. the company acquired Cerent Corporation. Enterprise social networks and Mobile applications[28] • Datacenter and Virtualization: Unified Computing. which form the basis for how Cisco approaches each market. including LAN switching. security systems. were the biggest deals in the industry when they occurred. switches etc. Small Business and the Home.

Catalyst 4500. Hardware • Datacenter products: Nexus Switches (1000v. PIX 500 series A Cisco ASM/2-32EM router deployed at CERN in 1987. 7000). 3600 Series. 7965. 1000 Series. 9900 series. 7942. 2000. ASR Series and CRS-1 and CRS-3 • Cisco Security Manager • Security appliances: ASA 5500. 7600. Cisco Manufacturing Mobile Video Collaboration with Librestream. including: 837. and introduce new products and features in order to provide a complete set of capabilities in each area.Cisco Systems 22 Architectures In an effort to allow their sales team to have more business-focused conversations with customers. 6900 series) • Cisco Application Control Engine (ACE): Application Delivery Controller • Routers. Cisco intends to gradually knit together its various products. 2500 Series. the world leader in Telepresence systems[39] • VOIP: Wireless IP Phone 7920 • CLEO: Low Earth Orbit router • Cisco Wireless LAN • Cisco Cius: a new Android-based collaboration tablet • Cisco Wide Area Application Services (WAAS) • Set Top Boxes (High Definition PVRs).[36] These are: • • • • • • Borderless Networks Collaboration Data Center and Virtualization IP NGN (Next Generation Networks) Small Business Consumer Under these architectures. MDS. 4000. 8900 series. • Unified Computing: Cisco Unified Computing System (UCS) virtual server platform: with VMWare [38] virtualization system run servers on Cisco hardware • Catalyst switches: Cisco Catalyst 2900 Series. Unified Computing System (UCS) • Flip pocket camera (Discontinued in April 2011[37] ) • Cisco SPA500 Series IP Phones • Linksys SPA900 Series IP Phones • Cisco Unified IP Phones (7945. Cisco Catalyst 3000 Series. Cisco Catalyst 6500 Series • Collaboration systems such as Cisco TelePresence. 12000. 5000. Cisco announced a new focus around six ‘Architectures’ in 2009.Cable/IP . Cisco acquired Tandberg. as opposed to focussing on discussions around products.

[45] . and tornado outbreaks in North Carolina and Alabama in 2011. and is now moving into the home user market through its acquisitions of Scientific Atlanta and Linksys. Hosted Collaboration Solution Cisco partners can now offer cloud-based services based on Cisco's virtualized Unified Computing System (UCS). Silicon Valley Chapter for it's development and use of these vehicles in disasters. North Carolina for strategic deployment in North America and are capable of being [42] [43] The NERV has been fully operational within 15 minutes of arrival. deployed to incidents such as the October 2007 California wildfires. network based video surveillance and secured high definition video conferencing for leaders and first responders in crisis areas with up to 5 Mbps of bandwidth via a 1. A part of the Cisco Unified Services Delivery Solution. Cisco received the Innovation Preparedness award from the American Red Cross. and Cisco Webex Meeting Center. Scientific Atlanta provides VoIP equipment to cable service providers such as Time Warner. [44] In 2011.8-meter satellite antenna. Ike. it will include hosted versions of Cisco Unified Communications Manager (UCM). Cisco Unity Connection (unified messaging). Cisco Unified Contact Center. California and Research Triangle Park. voice over IP. Linksys has partnered with companies such as Skype and Yahoo to integrate consumer VoIP services with wireless and cordless phones. Cisco Unified Mobility. NERVs are normally stored at Cisco facilities in San Jose. hurricanes Gustav.Cisco Systems 23 Software • • • • • • • • • • • • • • • • • • Internetwork Operating System NX-OS Cisco Active Network Abstraction Cisco Fabric Manager Cisco AnyConnect Secure Mobility Client Cisco Systems VPN Client CiscoView Data Center Management and Automation . didactic network simulator Cisco Network Magic Pro Cisco Unified Communications Manager Cisco IP Communicator Cisco Quad Cisco Security Manager WebEx Collaboration Tools VoIP services Cisco became a major provider of Voice over IP to enterprises. Rogers Communications. The vehicles are self contained and provide wired and wireless services including voice and radio interoperability. and Katrina. running for 72 hours continuously. Cisco NAC Appliance Cisco Eos Packet Tracer.[41] Network Emergency Response The company maintains several Network Emergency Response Vehicles (NERV)s which are staffed by Cisco employees during natural disasters and other public crises. and others. UPC. the 2010 San Bruno gas pipeline explosion.Cisco Intelligent Automation [40] CiscoWorks Network Management software Clean Access Agent. Cisco Unified Presence. Cablevision.

stated the real reason for the extradition proceedings was because Alfred-Adekeye "dared to take on a multinational giant. Cisco settled this lawsuit by complying with FSF licensing terms and making a monetary contribution to the [49] FSF. Professional. its directors. Canadian Judge Ronald McKinnon.[52] In her article.Cisco Systems 24 Cisco Career Certifications Cisco Systems also sponsors a line of IT Professional certifications for Cisco products. the Free Software Foundation filed suit against Cisco regarding Cisco's failure to comply with the GPL and LGPL license models and make the applicable source code publicly available. Design. with hacking and pressured the US government to extradite him from Canada where he was giving evidence against Cisco in an anti-trust hearing. as well as eight different paths.5 billion (US$824 million) in taxes. promote competition and ensure consumer choice and value. Cisco and other telecommunications equipment providers supplied the Chinese government with surveillance and Internet infrastructure equipment that is used to block Internet websites and track Chinese on-line activities. Cisco says that it does not customize or develop specialized or unique filtering capabilities to enable governments to block access to information and that it sells the same equipment in China as it sells worldwide.[50] According to author Ethan Gutmann. Multiven filed an antitrust lawsuit[55] [56] [57] [58] [59] [60] against Cisco Systems. Network Security. Associate. 2008. on August 18. who oversaw the extradition hearing. British born Peter Alfred-Adekeye. 2001 accused Cisco of making misleading statements that "were relied on by purchasers of Cisco stock" and of insider trading.[48] On May 20." He also condemned the US . Service Provider. 2009. Multiven's complaint alleges that Cisco harmed Multiven and consumers by bundling and tying bug fixes/patches and updates for its operating system software to its maintenance services (SMARTnet) and through a series of other illegal exclusionary and anticompetitive acts designed to maintain Cisco's alleged monopoly in the network maintenance services market for Cisco networking equipment. the newly introduced Service Provider Operations. Criticisms and controversy Shareholder Relations A class action lawsuit filed on April 20. in an effort to open up the network maintenance services marketplace for Cisco equipment. confidential Cisco powerpoint presentation that details the commercial opportunities of the Golden Shield Project of Internet control. Storage Networking. Censorship in China Cisco has been criticized for its involvement in censorship in the People's Republic of China. Cisco's liability insurers. and Wireless. Expert. 2006.[46] While Cisco denied all allegations in the suit. 2008.[47] Intellectual property disputes On December 11. Cisco responded by accusing the person who filed the anti-trust suit.75 million to settle the suit. and officers paid the plaintiffs US$91. the Brazilian Federal Police and Brazilian Receita Federal (equivalent to the American IRS) under the "Persona Operation" uncovered an alleged tax fraud scheme employed by Cisco Systems since 2002 that exempted the company from paying over R$1. Voice.[53] [54] Antitrust lawsuit On December 1. There are five levels of certification: Entry. 2007. Routing & Switching. journalist Sarah Stirland accuses Cisco of marketing its technology "specifically as a tool of repression." Tax fraud investigation On October 16. and recently Architect.[51] Wired News had uncovered a leaked. Inc.

. com/ cisco/ web/ UK/ about/ tvmovies. 2011. economist. 2011). 2010-04-15. 2000-03-25. . visited 10 Apr 2011 [22] Cisco News website Cisco Systems Receives Presidential Award for Corporate Leadership (http:/ / newsroom. com/ press-release-content?type=webcontent& articleId=456320). yahoo. DTL). com/ doc/ 1G1-108316480. BSTR083. 2000-03-25. [3] "A special report on innovation in emerging markets: The world turned upside down" (http:/ / www. com/ node/ 17414206). com/ ie/ daily/ 20000326/ ibu26043. html). visited 10 Apr 2011 [23] http:/ / money. [17] "The other elephant" (http:/ / www. expressindia. FamousLogos. [9] "I. . com/ asp/ SummaryQuote. . asp?WidCoID=4333& WidCoAbbName=& Month=& langcode=e [7] Browning. html). org/ cringely/ nerdtv/ transcripts/ 013. Cisco Systems. aspx?guid={FA6BADEF-05F2-4169-ADDA-12E9D17C4433}). Retrieved 2011-09-03. Retrieved 2010-10-15. com. [8] "Cisco's Acquisition Strategy" (http:/ / www. Retrieved 2010-08-14. NerdTV. html). Retrieved 2007-01-25. Retrieved Jan 28. marketwatch. [10] Cisco claim of first multi-protocol router. html). nasdaq.org. Interview. techcrunchit. [5] "News@Cisco -> Corporate Overview" (http:/ / newsroom. asp?symbol=CSCO& selected=CSCO [2] "Cisco Reports Fourth Quarter and Fiscal Year 2011 Earnings" (http:/ / newsroom. cisco. cisco. com/ cgi-bin/ article. 1997-08-25." May 18. cisco. Retrieved 2009-06-02. . html). [25] By Jim Duffy. . cisco. Dan (2006-05-05). [11] "Does Pink Make You Puke?" (http:/ / www. Retrieved 21 December 2009. cfm?story_id=15879369). highbeam. com/ 2011/ 03/ 02/ cisco-completes-acquisition-of-pari-networks-started-by-former-cisco-execs/ ). Retrieved 2008-11-13. [12] "Cisco pushes past Microsoft in market value" (http:/ / www. [14] Cisco Systems Summary (http:/ / finance. sfgate. . GM in Dow" (http:/ / online. com/ press-release-content?type=webcontent& articleId=456320). com/ dlls/ corp_093003. Forbes. cisco. TechCrunch. Retrieved on 2009-01-04. January 2004. . [13] "Cisco replaces Microsoft as world's most valuable company" (http:/ / www. com/ en/ US/ netsol/ ns1015/ products. cisco. . The Indian Express. "The History of Cisco" (http:/ / www. " Cisco Buys Moto – no.[62] [63] Notes [1] http:/ / quotes. yahoo. [26] "Cisco Completes Acquisition Of Pari Networks (Started By Former Cisco Execs)" (http:/ / www. .us. The Economist. not that Moto (http:/ / www. 2011. The Economist. 2004. com/ forbes/ 1997/ 0825/ 6004058a_2. . com/ magazines/ fortune/ bestcompanies/ 2011/ snapshots/ 20. html#~24 [21] Highbeam Research website Presidential Award For Corporate Leadership Presented to Cisco Systems (http:/ / www. . icmrindia. Cisco Replace Citi. economist. June 14. [16] "Cisco Logo: Design and History" (http:/ / www. famouslogos.Cisco Systems prosecutor for hiding the fact that Alfred-Adekeye was in legal proceedings against Cisco Systems. E. html?hpg1=bn). San Francisco Chronicle. wsj. htm). hkex. Retrieved 2007-01-25. com/ article/ SB124386244318072033. Reuters. 2011-08-10. bloomberg. Transcript | PBS" (http:/ / www. 2011.000 Jobs to Buoy Profit . Case Studies In Business Strategy (ICMR) IV: 2. The Evolution of Access Routing (http:/ / newsroom. "Travelers. html [24] Garza. networkworld. pbs. 2011-08-10. com/ dlls/ corpinfo/ corporate_overview. Retrieved 2011-08-19. aspx). com/ opinion/ displaystory. Cringely. Inc). cisco. [6] http:/ / www. . [4] "Cisco Reports 2011 Earnings" (http:/ / newsroom. org/ casestudies/ catalogue/ Business Strategy2/ BSTR083. "Chron 200 Market capitalization" (http:/ / www. Pbs. George (Jan 9. for stating that Alfred-Adekeye had left the USA in a time period when he had not and a formal request for extradition was not filed against Alfred-Adekeye when he was taken into custody. com/ news/ 2010/ 051810-cisco-acquires-moto. html). html). html). com/ s/ ap/ 20110511/ ap_on_hi_te/ us_earns_cisco) [19] Cisco Said to Plan Cutting Up to 10. NetworkWorld. com/ q?s=csco& d=t) [15] Fost. half-truths and falsehoods" adding "This speaks volumes for Cisco's duplicity" and accused them of "unmitigated gall" in using such a heavy-handed move as an unsupportable arrest and jailing to pressure Alfred-Adekeye to drop or settle his civil antitrust complaint. com/ dlls/ 2004/ hd_061404. Wall Street Journal (Dow Jones & Company.Bloomberg (http:/ / www. cnn.S. brighthub. Retrieved June 28. html) [20] http:/ / www. Retrieved 2007-01-25. . 2010. visited 27 Feb 2011 . (2009-06-01). Cisco Systems. com/ news/ 2011-07-11/ cisco-may-cut-about-5-000-jobs-in-august-gleacher-analyst-says. com/ computing/ enterprise-security/ articles/ 65663. [27] Cisco website Borderless network products (http:/ / www. CBS Marketwatch. . 2010-11-04. us/ cisco-logo). [18] Cisco to cut costs and jobs as profit stalls (http:/ / news. forbes. com/ news/ story/ cisco-pushes-past-microsoft-market/ story.[61] 25 Intimidation Cisco has been reported as using intimidation tactics in several news reports. March 1. Judge McKinnon described the information provided by Cisco and the US prosecutor as "full of innuendo. Retrieved 2011-08-10. cgi?f=/ c/ a/ 2006/ 05/ 05/ BUC200MARKETCAP. hk/ eng/ invest/ company/ quote_page_e. html).

. Jon Paula. . (2008-12-01). ucstrategies. . . com/ en/ US/ products/ ps6505/ Products_Sub_Category_Home. iht. close Cisco System's offices in São Paulo. org/ news/ 2009-05-cisco-settlement. Retrieved 2009-01-04. 2008-12-01. networkworld. CatholicOnline. [56] "Net maintenance provider sues Cisco over allegedly monopolistic SMARTnet" (http:/ / www. com/ news/ article/ 0. Press release. com/ document. Retrieved 2007-10-16. php). providing phone and video communications according to the National Incident Management System. youtube. com/ dlls/ 2006/ corp_081806. html). com/ news?article_id=12). [49] Free Software Foundation (May 20. cisco. com/ watch?v=SVhxp4F_qD8). Inc. [48] Free Software Foundation (December 11. techtarget. March 12. com/ blog/ networking/ cisco-nerv-the-ultimate-first-responder-vehicle/ 581) [45] ‪2011 Innovative Preparedness . html)." (http:/ / multiven. bizjournals.com. [52] Stirland. 2010-07-02. Inc. 2007-10-16. html) on company website. CNET. html). . Retrieved 2007-01-25. "Multiven Files Antitrust Lawsuit Against Cisco Systems.com. visited 27 Feb 2011 [29] Cisco website on Datacenter products (http:/ / www. Press release. techrepublic. [54] "Brazilian tax authorities raid.Cisco Tactical Operations‬‫ . . org/ technology/ story. lightreading. cisco. WRAL. com/ cisco/ web/ solutions/ small_business/ products/ index. Cisco Can Deliver Its Own 911" (http:/ / www. Retrieved 2011-08-21. org/ news/ 2008-12-cisco-suit). Retrieved 2008-12-02. UCStrategies. visited 06 Apr 2011 [31] Products for small businesses (http:/ / www. com/ news-analysis/ cisco-launches-hosted-collaboration-solution. . com/ business/ legacy_local_tech_wire/ news/ video/ 2285408/ #/ vid2285408). "Cisco Testimony Before House International Relations Subcommittee" (http:/ / web. com/ sanjose/ stories/ 2006/ 08/ 14/ daily75. Cisco. Press release. html). 2011. cisco. 2008-12-04. cisco. . [50] "FRONTLINE: the tank man: the struggle to control information | PBS" (http:/ / www. archive.. com/ threatlevel/ 2008/ 05/ leaked-cisco-do/ ). . lightreading. . html). com/ news/ 2007/ 101607-cisco-brazil-arrests. com/ cisco/ web/ solutions/ small_business/ products/ security/ index. techtarget. SearchITChannel. [35] ""World According to Jon" video about discontinuation" (http:/ / www. cisco. fsf. Retrieved 2008-12-01. Press release. . aspx). html [41] "Cisco Launches Hosted Collaboration Solution" (http:/ / www. 2006-08-18.sid96_gci1341067. wral. com/ en/ US/ netsol/ ns1007/ products. [58] Multiven. "FSF Settles Suit Against Cisco" (http:/ / www. html). com/ en/ US/ products/ ps10265/ index. [57] "Cisco Accused Of Monopoly In Antitrust Lawsuit" (http:/ / www. [55] "Multiven Sues Cisco" (http:/ / www. com/ articles/ ap/ 2007/ 10/ 17/ business/ LA-FIN-Brazil-Cisco. Retrieved 2007-10-17. John (2006-02-15). networkworld. Tandberg. Press release. asp?doc_id=168775). Inc.. "Cisco Leak: ‘Great Firewall’ of China Was a Chance to Sell More Routers" (http:/ / www. Inc. 2011. catholic. cnet. crn. [36] Post on IT Knowledge Exchange Cisco internal memo: changes to sales strategy and channel org (http:/ / itknowledgeexchange. . cisco. org/ web/ 20061206095153/ http:/ / blogs. [40] http:/ / www. . visited 26 Feb 2011 [30] Cisco website on IP Next-Generation Networks (http:/ / www. visited 6 April 2011 [37] "Cisco gives Flip video biz the boot" (http:/ / news. NetworkWorld. cisco. html?page=1). cisco. html) on 2006-12-06. com/ gov/ 2006/ 02/ cisco_testimony_before_house_i.00. com/ watch?v=V1L7pgotdEo) [46] Cisco Systems. fsf. . visited 27 Feb 2011 [39] "Tandberg product inquiry page". . html). Silicon Valley/San Jose Business Journal. Rio de Janeiro" (http:/ / www. Sarah (2008-05-20). "Cisco Shareholder Class Action Lawsuit Resolved" (http:/ / newsroom. 26 . [53] "Cisco offices raided. com/ en/ US/ netsol/ ns1007/ products. pbs. html). March 13. com/ 8301-30686_3-20053075-266. Retrieved 2008-12-04. [38] Cisco website Products and Services on Unified Computing (http:/ / www. com/ en-us/ home) on company website. [44] Cisco NERV: The ultimate first responder vehicle | TechRepublic (http:/ / www. April 12. cisco." [43] [providing phone and video communications according to the National Incident Management System "Cisco Network Emergency Response Vehicle at a glance"]. Pbs. 2009). [42] "In a Disaster. html). 2008-12-02. com/ community/ node/ 35852). executives arrested in Brazil: reports" (http:/ / www. . com/ en/ US/ partner/ netsol/ ns537/ networking_solutions_solution_category. ChannelWeb. "Like a good neighbor.Cisco Systems [28] Cisco website Collaboration products and services (http:/ / www. . Retrieved 2009-05-20. visited 25 Feb 2011 [32] SME Products and services (http:/ / www. [59] "Cisco Systems hit with antitrust lawsuit" (http:/ / searchitchannel. Retrieved 2007-01-25.org. Retrieved 2008-11-13. html?track=sy540). html). [51] Earnhardt. 2008-12-01. "Free Software Foundation Files Suit Against Cisco For GPL Violations" (http:/ / www. 2007-10-17. com/ networking/ 212201523). Retrieved 2007-01-25. com/ networkhub/ cisco-internal-memo-changes-to-sales-strategy-and-channel-org/ ). youtube. Retrieved 2009-06-27. (2006-08-18).visited 27 Feb 2011 [34] "Catholic Online Statement about Flip Camera" (http:/ / www. wired.289142. cisco. NetworkWorld. org/ wgbh/ pages/ frontline/ tankman/ internet/ ). . 2008). Cisco Systems. 2011. Archived from the original (http:/ / blogs. [47] "Cisco resolves class action lawsuit" (http:/ / sanjose. Retrieved 2008-12-02. . com/ gov/ 2006/ 02/ cisco_testimony_before_house_i. Cisco Systems is now ready to help communities in need of disaster assistance with emergency communications capability. cisco. php?id=41037). Retrieved 2008-12-02. visited 27 Feb 2011 [33] Cisco Home products (http:/ / home.‏‬YouTube (http:/ / www.

The Eye of the Storm: How John Chambers Steered Cisco Through the Technology Collapse. fiercetelecom. com/ html/ businesstechnology/ 2015242310_btcisco06. S. John Morgridge. ISBN 0-471-41425-5. [61] "Cisco charged with duplicity" (http:/ / www. Wiley.cisco.com/q?s=CSCO) at Yahoo! Finance Cisco Systems (http://www. 2 June 2011. Cisco Unauthorized: Inside the High-Stakes Race to Own the Future.cisco. (2001).com/money/compnies/ 2007-03-18-cisco-advice-usat_N. (2000). Retrieved 5 June 2011.html)) • Cisco Networking Academy . uk/ 2011/ 06/ 03/ cisco_charged_with_duplicity/ ). John Chambers and the Cisco Way: Navigating Through Volatility. J. K.com//--ID__13494--/free-co-factsheet.com/ 2007/12/john-morgridge. Further reading • Bunnell. . fiercetelecom. Prima Lifestyles. (2001). Inside Cisco: The Real Story of Sustained M&A Growth. Retrieved 5 June 2011.com) • VoIP for business Cisco (http://www. Wiley. Moderne Industrie.networkworld.com) ( Mobile (http://www. D. • Stauffer.htm) -Broken • Interview with former CEO. . D. Nothing but Net Business the Cisco Way.html) • Cisco Systems vs. .reuters. Less ‘Intimidation’" (http:/ / seattletimes. 2008-12-03.html) • AKS-Innovations team ~ Find out more about Cisco I−Prize.com/news/2010/ 060710-tech-argument-cisco-juniper. Bloomberg. nwsource.hoovers.com/finance/stocks/overview?symbol=CSCO) at Reuters Cisco Systems (http://google.com/finance?q=CSCO) at Google Finance Cisco Systems (http://finance. co.blogspot. by Stanford students of iinnovate (http://iinnovate. External links • Official website (http://www. D. 27 [63] "Cisco Rivals Woo Users With Price Cuts. ISBN 3-478-35995-3. R. HarperCollins. ISBN 0-471-35711-1. • Young. & Brate. E.usatoday.google. J. . Making the Cisco Connection: The Story Behind the Real Internet Superpower.yahoo. (2001).com/web/mobile/index. Network World. Retrieved 2008-12-03.com/?sym=CSCO) SEC filings at EDGAR Online Cisco Systems (http://www. ISBN 1-84112-087-1.edgar-online. Jim (2 June 2011).sec. ISBN 0-7615-2775-3. com/ story/ lawsuit-cisco-blocks-outsider-gear-maintenance/ 2008-12-03).gov/cgi-bin/browse-edgar?action=getcompany&CIK=858877) SEC filings at the Securities and Exchange Commission . (2002). (2003). ISBN 0-471-00833-8. html). com/ community/ blog/ cisco-resorting-intimidation-tactics). (2001).Armenia (http://netacad. • Waters. • Bunnell. "Cisco resorting to intimidation tactics" (http:/ / www. A. channelregister. • Paulson.brand. Die Cisco Story (in German). networkworld.allvoipnews. Juniper Networks (http://www.Cisco Systems [60] "Lawsuit: Cisco blocks outsider gear maintenance" (http:/ / www. • Slater. ISBN 0-06-018887-1.am/) • USA Today Q&A with CEO John Chambers (http://www. the contest which was the main reason to build the AKS-team and start generating ideas (http://power-idea. [62] Duffy.xhtml) at Hoover's Cisco Systems (http://www. Wiley.com/videos/cisco-systems/) (Videos) Business data • • • • • • Cisco Systems (http://finance. Wiley.

frontporch. html). pop-up. 2010-06-14. California. aspx). Founder and Chief Technology Officer. ocair. . California [3] and Denver International Airport[4] . References [1] http:/ / www. "Fair Warning for Copyright Holders" (http:/ / www.com (http://www. frontporch. multichannel. com/ columns/ article. FreeFi Networks' provides ad-supported Internet access throughout John Wayne Airport in Orange County. Inc. com/ article/ CA6517230. Linda (2008-01-07). html). Applications Massillon Cable TV. External links • www. Front Porch also creates the software to manage advertising campaigns or billing messages.. Inc. "A Seat on the Front Porch" (http:/ / www.com [1] Front Porch. a provider in Massillon.com/) . Adam (2006-02-24). php/ 3587581). wi-fiplanet. frontporch. This technology is often used in the delivery of advertiser-supported wireless Internet access.Front Porch 28 Front Porch Front Porch. or pop-under advertising or service messages while the browser transitions to or between web pages. 2008-01-28. com/ html/ ff012808. Headquarters Sonora. uses the technology to notify customers about complaints from Copyright holders[2] . but is also found in the more traditional "wired" broadband ISPs[2] . . Derek Maxson.com network uses Front Porch technology[5] to present a terms-of-service and portal page to users with local advertising and content. com/ [2] Haugsted. Raul Vaughn. . Ohio. Vice President. Internet Service Providers use products by Front Porch to present its own interstitial. com/ NewsRoom/ News/ 2010/ NR-2010-06-14. Asia and Emerging Markets = Online advertising www. Multichannel News. [3] "JOHN WAYNE AIRPORT INTRODUCES FREE WI-FI SERVICE" (http:/ / www. sidebar. [4] "Denver International Airport Offers FreeFi Networks' Free Wi-Fi Service to Passengers" (http:/ / www. PR Newswire. provides services to Internet Service Providers.frontporch. Founder and Chief Executive Officer.frontporch. Front Porch technology enables an Internet Service Provider (ISP) to insert its own messages to be presented to users as they use their web browsers. Chief Operating Officer. Type Founded Founder(s) Privately held Company 1998 Zach Britton. . Wi-Fi Planet. [5] Stone. USA Key people Website Jim Owen. The European free-hotspot. such as customer service notices[2] or online advertising.

eu/) • Labris in Azerbaijan (http://www. Web filtering www.eu [1] Labris Teknoloji Informatic Solutions is a Turkish R&D company. Antispam. It is headquartered in ODTÜ Technopolis in Ankara. VPN/SSL VPN.gov.Labris Teknoloji 29 Labris Teknoloji Labris Teknoloji Informatic Solutions Industry Founded Network security & Internet security 2001 Headquarters Ankara. Antivirus/Antispam Gateway. eu/ References • Corporate Website (http://www. Logging and Detailed Reporting modules. [1] http:/ / www.labris. Antivirus.tr/katalog2007/data\4313\firmaeng.ssm.com/newsDetail_getNewsById. Server Load Balancer.html) . Turkey Key people Products Website Founder and CEO: Seçkin Gürler. Wireless Authentication (WAUTH). L Series. Intrusion-prevention system. It manufactures high-technology business network security appliances and software. VPN. LBRLOG Series) have Firewall. Intrusion Prevention (IPS). It is deemed to deserve to be the third most successful private sector project by TÜBİTAK. Antispyware. The products which Labris manufactures (LBRUTM Series.action?load=detay& link=168835) 6 March 2009 • Labris Teknoloji (http://www2. labristeknoloji. Firewalls. Lawful Interception. Zero Time. Labris is one of the 12 Common Criteria EAL4+ certified gateway brand in the world and the first and only gateway in Turkey. Webfilter.todayszaman.labristeknoloji. Oğuz Yılmaz Unified threat management (UTM).

who had been in charge of technology development for VDONet. California. now owned by Boeing which produces mass surveillance systems. and whose installation in AT&T's San Francisco Internet backbone gave rise to a 2006 class action lawsuit by the Electronic Frontier Foundation against AT&T.[3] Management and investors According to Narus's own website listing of the Board of Directors [4]. a supercomputer system which is allegedly used by the NSA and other bodies to perform mass surveillance and monitoring of citizens' and corporations' Internet communications in real-time. the National Research Council Committee on Science and Technology for Countering Terrorism and the Markle Foundation Task Force on National Security in the Information Age. Mayfield. Prior to 9/11 Narus worked on building carrier-grade tools to analyze IP network traffic for billing purposes. Ori Cohen Monitoring/surveillance systems Boeing www. . Narus has several business partners who provide various technologies similar to the features of NarusInsight. NeoCarta. an early media streaming pioneer. William Crowell as a director. Post-9/11 they have continued down that path while adding more semantic monitoring abilities for surveillance purposes. Dr.narus.com [1] Narus is a company. Cohen is no longer the Chairman of the Board. to prevent what they term "revenue leakage". Narus engaged the former Deputy Director of the National Security Agency. It was founded in 1997 by Ori Cohen. In 2004.[2] It is notable for being the creator of NarusInsight. Several of the partners are funded by In-Q-Tel. Since 9/11. Hepting v. Walden International. Crowell has served on the Defense Advanced Research Projects Agency (DARPA) Task Force on Terrorism and Deterrence.Narus (company) 30 Narus (company) Narus Type Industry Founded Subsidiary of Boeing Telecommunication 1997 Headquarters Sunnyvale." Narus has venture funding from companies including JP Morgan Partners. From the Press Release announcing this:[5] "Crowell is an independent security consultant and holds several board positions with a variety of technology and technology-based security companies. AT&T. Intel. United States Key people Products Parent Website Founder. NTT Software and Sumisho Electronics. Presidio Venture Partners.

the latest version of NarusInsight Intercept Suite (NIS) is "the industry's only network traffic intelligence system that supports real-time precision targeting. compiling lists of people who visit a certain type of web site or use certain words or phrases in their emails). which enables it to sift through the vast quantities of information that travel over the Internet. in practical terms. application and network behaviors. the 10 Gbit/s capacity of one NarusInsight installation enables it to monitor the combined traffic of several million broadband users. MSN Hotmail. • Certified by Telecommunication Engineering Center (TEC) in India for lawful intercept and monitoring systems for ISPs." It can also perform semantic analysis of the same traffic as it is happening. But. including Google Gmail. in other words analyze the content. VoIP).000 telephone modems. what they have written in their emails/IM conversations). [7] . since individual internet connections are not continually filled to capacity. such as Pen-Link. rendering of web pages.Narus (company) 31 NarusInsight System specification and capabilities Some features of NarusInsight include:[6] • Scalability to support surveillance of large. which web sites they have visited. meaning. examination of e-mail and the ability to analyze the payload/attachments of e-mail or file transfer protocols. . complex IP networks (such as the Internet) • High-speed Packet processing performance. • NarusInsight's functionality can be configured to feed a particular activity or IP service such as security. offer the ability to quickly analyze information collected by the Directed Analysis or Lawful Intercept modules. web browsers. According to a company press release.g. That is it can track individual users. capturing and reconstruction of webmail traffic. • High reliability from data collection to data processing and analysis.g.g. as the public is not authorized to see what types of activities and ideas are being monitored. The exact use of this data is not fully documented. in real-time.. A single NarusInsight machine can monitor traffic equal to the maximum capacity (10 Gbit/s) of around 39. The intercepted data flows into NarusInsight Intercept Suite forensic analysis purposes. structure and significance of traffic in real time. Yahoo! Mail. • Normalization.. element. • Compliance with CALEA and ETSI. lawful intercept or even Skype detection and blocking. protocol.000 DSL lines or 195. This data is stored and analyzed for surveillance and Other capabilities include playback of streaming media (i. Correlation.e. and Gawab Mail (English and Arabic [8] versions). and see how users' activities are connected to each other (e. Aggregation and Analysis provide a model of user. instant messaging applications. monitor which applications they are using (e. email) and what they are doing with those applications (e. Narus partner products.

which was founded in Israel and has large Israel connections.archive. Reuters.pdf) at the Wayback Machine (archived December 1. html) [7] http:/ / www. reuters. Corporation's Role in Egypt's Brutal Crackdown" (http:/ / axisoflogic.org/wgbh/pages/frontline/homefront/ view/)` TV documentary originally aired on PBS 15 May 2007 with a section entitled "The NSA's Eavesdropping at AT&T" with the story of Mark Klein exposing NSA wiretapping with a secure room and Narus STA 6400 at an AT&T facility in San Francisco. com/ products/ index. php/ about/ board [5] Narus Appoints Former Deputy Director of the National Security Agency To Its Board of Directors (http:/ / web. democracynow.narus. CA] • DailyKos. com/ index. shtml). External links • Official website (http://www. com/ index.70914-0. html) [6] Key Features list of NarusInsight (http:/ / narus. "This company.pbs.com/27BStroke6/att_klein_wired.html) (AT&T whistleblower Mark Klein discusses Narus STA 6400) • Documents. ironically also founded in Israel and largely controlled by and developed by people in Israel called Verint. . archive. Retrieved 2008-10-30. narus. com/ press/ 2004/ 0929. wiring diagrams.wired.html) • Wired News article (http://www. com/ article/ pressRelease/ idUS140435+ 10-Dec-2007+ BW20071210?sp=true).wired. eff.70908-0. including pictures.com/news/technology/0. Huffington Post. narus. 2007). . 2011-01-29. 2007-12-10. And Verizon chose another company. from Mark Klein (http://web. • Frontline Flash Video "Spying on the Home Front" (http://www.com/storyonly/2006/4/ 8/14724/28476) . org/ cases/ att) [4] http:/ / narus. Narus. [9] "One U.wired.org/20071201184647/http://blog.[9] References [1] http:/ / www. does the—basically the tapping of the communications on AT&T.S.com: Source story for implications of the company's product (http://dailykos. org/ web/ 20050206184639/ narus. Retrieved 2011-01-30. and equipment lists and installation dates. com/ [2] "James Bamford: "The Shadow Factory: The Ultra-Secret NSA from 9/11 to the Eavesdropping on America"" (http:/ / www. com/ artman/ publish/ Article_62125. Retrieved 2008-02-13.com/) • Wired News article (http://www.com/news/technology/0. org/ 2008/ 10/ 14/ james_bamford_the_shadow_factory_the).Narus (company) 32 Mass surveillance Narus provides technology to governments such as the United States and Egypt to facilitate the mass surveillance of their citizens. . php/ solutions/ intercept [8] "Narus Expands Traffic Intelligence Solution to Webmail Targeting" (http:/ / www." [3] EFF vs AT&T (http:/ / www.

seeking deals with ISPs to enable them to [4] analyse customer's websurfing habits in order to provide them with more relevant. NebuAd's privacy policy says that they will "specifically not store or use any information relating to confidential medical information. and relationships with advertising networks willing to present NebuAd's targeted advertising[9] . As a result. Kira Makagon Chief Executive Officer and co-founder. www. but there is no way for users to prevent ISPs from sending the data to NebuAd in the first place[12] [13] . founder. racial or ethnic origins. Phorm is a similar company operating out of Europe. Because ISPs route all of their customers' traffic. Each device can monitor up to 50."[11] It also advises.com [2] NebuAd was an American online advertising company based in Redwood City. NebuAd closed for business in the UK in August 2008. it is a perfect vantage point from which to monitor all the traffic to and from a consumer using Deep packet inspection (DPI). NebuAd's largest ISP customers have all pulled out.adjuggler. Adzilla and Project Rialto also appear to be developing similar systems. or sexuality which are tied to personally identifiable information ('sensitive personal information').[15] One customer spent hours trying to disinfect his machine as he wrongly believed that it had been infected with spyware after noticing problems with Google loading slowly and the creation of these non-Google cookies. but when they contacted WOW's support department." At least two customers of a Middle America ISP known as WOW! noticed that when they used Google.000 users. religious beliefs.[5] its agreements with providers covering 10 percent of the broadband users in America[6] .com were being read and written. USA Key people Website [1] Robert Dykes. . Inc Former type Industry Founded Defunct Privately held Company Online advertising 2006 2009 Headquarters California. NebuAd UK Ltd was dissolved in February 2010[8] .NebuAd. . At one point. mostly Internet access providers. The System works by installing a hardware device inside an ISP network. NebuAd had signed up more than 30 customers. NebuAd says it gains more information about customers' particular interests than less intrusive methods can provide[14] . Overview of the service NebuAd's solution has three main parts: Hardware hosted within the ISP that is capable of inserting content into pages. "The information we collect is stored and processed on NebuAd's servers in the United States. Due to fallout following public and Congressional concern. eventually resorted to reinstalling his .NebuAd 33 NebuAd NebuAd. followed by the US in May 2009 [7] .[10] Users can "opt-out" of NebuAd’s information collection and targeted ads[11] . with offices in New York and London and was funded by the investment companies Sierra Ventures and Menlo Ventures[3] . an off-site server complex to analyze and categorize the contents of users' Internet communications. micro-targeted advertising. courts or law enforcement. California. that information may be subject to access requests by governments. It was one of several companies developing behavioral targeting advertising systems. By analyzing this traffic. WOW initially denied that it was responsible for this activity. Chairman. unexpected cookies for sites such as nebuad.

One ISP expects to earn at least $2. hence reducing the "scattergun approach" (publish as many ads as possible in the hope of catching a client) and users are offered more relevant adverts: Just because one visits the financial pages of a newspaper does not mean all they are interested in is financial product and books on investing. but may be able to discover this through traffic monitoring (for example.NebuAd machine from scratch.[23] and in some cases informed customers that the terms had been updated. NebuAd CEO claims "We have 800 [consumer interest segments] today and we're expanding that to multiple thousands". [18] Nebuad does not have access to user browser info and connection speed to categorise its user's interests. page and ad clicks. the roll out was completed in the first week of March 2008. Critics believe that the raw content of their internet communications are entrusted to the ISP for handling without being inspected or modified.[19] 34 Controversies Generally. 2008 WOW! suspended the use of Nebuad services to its subscribers. ISPs were paid for allowing NebuAd access to their network on a per-user per-active profile basis. identification information from the ISP.[27] [28] But after customers voiced their concerns.[29] . page views. the lack of oversight over what any third-party company does with the contents of Internet communications[22] .[25] A Knology user in Knoxville.[20] Privacy advocates criticize the lack of disclosure[21] that some ISPs provided prior to using NebuAd. According to Nebuad's sales. a weak opt-out method[13] . Nebuad uses data such as Web search terms. less than 1% of users opt-out. which may maintain or lower consumers' Internet access bills. WOW updated its terms and conditions to include a mention of Nebuad. Nebuad buy impressions from ad networks including Valueclick. and the company's refusal to name its partner ISPs. email traffic may tie an email address to an ip address).[17] NebuAd argues that behavioral targeting enriches the Internet on several fronts.[15] On July 9. Customers were not explicitly notified about NebuAd until later. its conflicts with United States wiretap laws[13] [16] . website owners are offered an improved click-through rate (CTR). Advertisers are offered better targeted adverts. Bob Dykes. which could increase profits or reduce the amount of page-space dedicated to advertising. sometime after the third week of March 2008[15] . Charter Communications announced that it planned to monitor websites visited by its customers via a partnership with NebuAd. Owners of previously thought ad-unfriendly websites are offered a chance to make money not on the subject matter of their website but on the interests of their visitors.[24] Embarq said that it notified consumers by revising its privacy policy two weeks prior to sending its users' data streams to NebuAd. NebuAd provided an additional income stream to network operators. not for sale. In response to an inquiry from members of the United States House of Representatives Telecommunications Subcommittee about its pilot test of NebuAd's services. Consumer Notification A large American cable operator. Charter changed its mind in June. Better targeted advertising also leads to a more relevant and personalized online experience. zip code. only to discover the problem had not gone away. Firstly. WOW! (formerly Wide Open West) started rolling out Nebuad in February 2008.[26] In May 2008.50 per month for each [16] user. time spent on specific sites. Tennessee reports that she also was not notified that she was being monitored.

patent application data that mention such inventions. and a loose relationship to Claria Corporation whose products and history suggest such tactics. Even if a user has opted out of the service. Topolski. Opt-In Members of US Congress.NebuAd 35 Friction between ISP Staff and Management Plans to implement NebuAd had not gone down well with some ISP's employees. or places additional advertising to page.[34] Relationship with Claria Corporation Some senior staff members of NebuAd used to work at ad company Claria Corporation (formerly.[33] The "Fair Eagle" advertisement hardware. provided by NebuAd.[32] Superimposing or Adding Advertising to Web Pages Critics are concerned that NebuAd superimposes its own advertising over the ads of other advertisers. contains HTML Script tags which cause the browser to request Javascript from http://a. inserted additional advertising alongside the content of web pages. These are not correct. California[35] .[13] An engineer who has examined the system confirms there is no way to Opt-Out of the monitoring. shows that NebuAd's devices create cookies on end-users machines by injecting a specious packet into the end of the data stream returned in response to some web page requests submitted to major search engines Google and Yahoo. and have written to Charter requesting they suspend the test "We respectfully request that you do not move forward on Charter Communications' proposed venture with NebuAd until we have an opportunity to discuss with you issues raised by this proposed venture". famous for ad software known as Gator[35] .com coincides with timing of Claria's decision to shutdown[37] the Gator service.[30] A writer for Wired News has questioned whether Charter users can really opt-out of being monitored. Use of Packet Forgery and Browser Exploits A report by Robert M.[13] The same writer has asked if it would breach anti-wiretapping laws. chairman of the House Subcommittee on Telecommunications and the Internet. In 2007 it was reported that Redmoon. a Texas based ISP was using a NebuAd technology to inject Redmoon's own advertising into pages visited by its users. the Gator Corporation). Ed Markey. The injected ads stopped appearing toward the end of June. Both Claria and NebuAd are located in Redwood City.faireagle. and Joe Barton.[35] . chief technology consultant of the Free Press and Public Knowledge. and one employee was planning to re-route his traffic to avoid NebuAd's Deep Packet Inspection hardware.[31] All of the inbound and outbound information is intercepted and sent to NebuAd's offsite server to be processed. a ranking member of the House Committee on Energy and Commerce.[16] Opt-Out vs.com. or if they will only be able to opt-out of receiving targeted ads. describing its hiring of Claria employees as a result of that company shedding employees in a tight market for experienced advertising sales staff in the Valley. The June 2006 creation[36] of nebuad. 2007. The content of this specious packet. it does not prevent the ISP from sending the data to NebuAd. The ads featured a window with the "Fair Eagle" title bar. The substance to these concerns can likely be traced to the company's "Fair Eagle" operation. have argued that such services must be opt-in only to comply with the provisions laid down by Section 631 of the US Communications Act. NebuAd has repeatedly denied any corporate connection to Claria. which will be added to the end of the web page when it is rendered by the end-user's browser.

and has not decided whether to move forward[51] with Behavioral Targeting advertising "either through NebuAd or with any other vendor"[52] . (EONI) . References to NebuAd in Nexicom's Privacy Policy has been removed. [44] Progressive Internet Services (Jayco. Blackfoot's Mary Worden later explained. Inc. "Nexicom was investigating using the NebuAd service. Reed Freeman Kelley Drye & Warren LLC NebuAd's ISP Partners ISPs which trialled or deployed or prepared to deploy Nebuad included: • • • • • [42] [43] Broadstripe (formerly and formally Millennium Digital Media). but had similar concerns to those raised by consumer groups and elected not to launch the service. • CenturyTel. WOW! . [48] 20/20 Communications (2020comm. one of the earliest known ISPs to test NebuAd[5] .Net) . Canada. Montana appeared to have tried NebuAd between March and May 2008[57] . Following the announcements by Charter.[56] . • • • • [44] OnlyInternet. In a response to customer inquiries. • Web cache evidence indicated that Blackfoot Telecommunications Group. of Missoula. Nexicom's Paul Stewart replied.Net . • An Embarq[49] spokesperson told the Associated Press that it ended its trial with NebuAd. The software was never implemented at any time as there were concerns on several levels regarding privacy issues.NebuAd 36 Current and Former Officers and Employees in Common to NebuAd and Claria Name Scott Tavenner Chuck Gilbert Mike Miller Amy Auranicky Jeanne Houwelingis Deepak Nair [38] [39] [40] of Relationship to NebuAd Vice President of Business Development Senior Product Manager Vice President of Ad Sales Director of Advertising Sales Vice President of Advertising Services Business Intelligence Marketing Consultant Attorney for NebuAd before the Federal Trade Commission Relationship to Claria Vice President of Business Development Senior Product Manager Director of Sales Integration Manager Senior Director of Business Development Database Developer & Data Architect Associate Marketing Manager Chief Privacy Officer and Regulatory Affairs [41] Counsel Melissa Horwath D. Inc."[57] • Nexicom. "With Congress in active review of online behavioral advertising. with employees only and not with its customers. serving Central Ontario and the Kawarthas. 2008[58] . [17] Metro Provider . [47] RTC on Line (Rochester Telephone Company. [46] High Speed Networks -E50 (HSNe50) . "Blackfoot tested NebuAd on its internal corporate network. [45] Eastern Oregon Net. • Bresnan Communications used the NebuAd technology[55] . only to pull out of the deal alongside of Charter a month later[54] .net) All ISPs have ended or suspended their relationship with NebuAd. Bresnan told a blogger that their NebuAd trial had ended and they would comply with whatever regulatory model emerges from the current debate. and CenturyTel that they would no longer use NebuAd on their networks. • Charter Communications suspended its plans[49] to test NebuAd following scrutiny from lawmakers and privacy groups[50] . Following a question to users on a public forum. in March 2008. [44] Decaturnet Internet Services . WOW! indicated. notified users via its Privacy Policy page that it was using NebuAd as of April 23. notified customers in late May 2008 that it was deploying the hardware[53] . Embarq."[59] • WOW![15] [49] (formerly Wide Open West) completed suspension of NebuAd services on July 9. Indiana).

. 2008-04-22. [21] "Wide Open West Using NebuAD Users don't get much of a heads up. 2008-06-12. . washingtonpost. uk/ 2008/ 04/ 22/ wide_open_west_users_with_nebuad/ ). [19] "ISPs Collect User Data for Behavioral Ad Targeting" (http:/ / www. com/ showPage. Broadband Reports. dslreports. uk/ 2008/ 04/ 10/ american_isps_embrace_behavioral_ad_targeting/ ). com/ shownews/ Wide-Open-West-Using-NebuAD-92520). htm) on 2008-07-13. [14] "Robert Dykes (CEO) presenting NebuAd at OnMediaNYC-01/28/2008" (http:/ / vator.[63] As of August 2008. The Register. Ex-employees moved to work within a variety of other online advertising and technology companies. co. nytimes. Karl (2008-05-28). Ryan (2008-05-16). com/ publications/ ?fa=Articles. . . "Congressmen Ask Charter to Freeze Web Profiling Plan" (http:/ / blog. Threat Level from Wired. . cdt. but Innocuous’ Web Browsing" (http:/ / bits. uk/ c3aac31df2e47117900ab23b5d4530e6/ companysearch?disp=1& frfsh=1281110903#result)"UK Companies House website [9] "Juniper Networks partners with NebuAd to enable ISPs to participate in online advertising revenues on the web" (http:/ / web. tv/ pitch/ show/ transforming-online-ad-industry?play=false).Cable. [17] "Questions for Bob Dykes. 2008-01-03. [20] "CDT Urges Stronger Guidelines for Behavioral Advertising" (http:/ / www. The Register. html). co. Retrieved 2008-06-28. Bobby (2007-12-06). gov. "Every Click You Make" (http:/ / www. Cable One had decided against using the technology "commercially" on its systems[64] but in September said it was waiting for "clear rules and boundaries". . . 2009-06-18. [12] Singel. "NebuAd Observes ‘Useful. [8] " (http:/ / wck2. nebuad. showArticle& art_aid=106277). com/ company/ management. htm). References [1] "NebuAd CEO quits" (http:/ / www. We believe that all parties are best served by a thoughtful and thorough review of this emerging advertising model. html). . Retrieved 2008-05-14. democraticmedia. Retrieved 2008-04-26. wired. . [16] Bode. NebuAd CEO" (http:/ / www. dslreports. blogs. com/ showPage. The Register. Retrieved 2008-05-14. . Archived from the original (http:/ / www. 2008-04-10. com/ NebuAD. Retrieved 2008-05-14. Retrieved 2008-09-04.com. [7] "Case Closed: NebuAd Shuts Down" (http:/ / www. [15] "Data pimping catches ISP on the hop" (http:/ / www. "Can Charter Broadband Customers Really Opt-Out of Spying? Maybe Not" (http:/ / blog. [5] White. Saul (2008-04-07). theregister. [11] "NebuAd / Privacy" (http:/ / www. . MediaPost. ClickZ. theregister. Peter (2008-04-04). com/ [3] "Management & Investors" (http:/ / www.[65] 37 The End of NebuAd NebuAd was closed down in the UK in August 2008 and in the US in May 2009[7] . Retrieved 2008-05-14. Ryan (2008-05-16). com/ shownews/ Infighting-At-ISPs-Over-Using-NebuAD-94835). 2008-02-18. co. The New York Times. com/ article/ SB119690164549315192. Retrieved 2008-07-03. org/ headlines/ 1126). mediapost. Crescendo Networks and TeleNav. juniperamspmarketing. Retrieved 2008-05-17. Red Aril. and we welcome the opportunity for that discussion to take place. clickz." (http:/ / www. Retrieved 2008-04-23. [18] "Charter Cable to Spy on its Broadband Users to Serve Targeted Ads via NebuAd" (http:/ / www. org/ web/ 20080713030851/ http:/ / www. php). [4] "American ISPs already sharing data with outside ad firms" (http:/ / www. The Wall Street Journal. theregister. com/ privacy/ servicesPrivacy. html?mod=todays_us_nonsub_marketplace). 2008-01-03. Retrieved 2008-06-28.000 customers in Alabama for six months beginning in November 2007. [13] Single. . Retrieved 2008-06-19. clickz.[62] • Unbenownst to its users. 2008. companieshouse. nebuad.com. juniperamspmarketing. clickz. . wsj. com/ 27bstroke6/ 2008/ 05/ congressmen-ask. php).Phone is suspending its deployment of NebuAd services to our subscribers at this time. 2008-05-14. juniperamspmarketing. 2008-09-03. . com/ 27bstroke6/ 2008/ 05/ theres-no-optin. uk/ 2008/ 09/ 03/ bob_dykes_nebuad_quits/ ).. washingtonpost. . com/ wp-dyn/ content/ article/ 2008/ 04/ 03/ AR2008040304052. AdChemy. wired. vator. . nebuad. com/ NebuAD.tv. com/ 2008/ 04/ 07/ nebuad-observes-useful-but-innocuous-web-browsing/ ). archive. html?page=3628004). Retrieved 2008-04-18. Zscaler. html). [6] Whoriskey. Retrieved 2008-04-18. [2] http:/ / www. Plaxo. org/ jcblog/ ?p=586). Digital Destiny. "Infighting At ISPs Over Using NebuAD" (http:/ / www. Wired. [10] Hansell.NebuAd Internet. . Cable One conducted NebuAd tests on 14. ."[60] • Knology[42] [61] reported to the United States House Committee on Energy and Commerce that it discontinued a trial of NebuAd in all markets as of July 14. including VeriFone. html?page=3628009). 2008-03-11. . . Retrieved 2008-05-21. "Watching What You See on the Web" (http:/ / online. PubMatic. .

com/ forum/ r20705904-RTC-on-Line-aka-Rochester-Telephone-Company-sells-to-NebuAd).com. aspx?ConIdent=28& RCView=False& TermID=11#TPA). org/ node/ 1664). "He points out that the system is essentially a massive bridge running Fedora. TechWeb Technology News. ars technica. 2008-06-06. 2008-05-14. Retrieved 2008-04-30. theregister. Retrieved 2008-06-26. . dslreports. [43] "Broadstripe High Speed Internet Online Privacy Policy" (http:/ / web. com/ wire/ security/ 183701933). again" (http:/ / arstechnica. html). "Claria Abandons Adware" (http:/ / www. . theregister. archive. publicknowledge.Net uses NebuAd for Behavioral Targeting" (http:/ / www. BroadbandReports. 2004-04-20. [42] "Broadstripe Now Selling User Browsing History. uk/ 2008/ 06/ 20/ nebuad_claria/ ). Forgery and Browser Hijacking" (http:/ / www. Retrieved 2008-07-02. dslreports. As Chief Privacy Officer And Vice President Of Regulatory And Legislative Affairs" (http:/ / www. freepress.com. [45] "One More ISP to add to the list of ISPs" (http:/ / www. com/ forum/ r20703209-One-More-ISP-to-add-to-the-list-of-ISPs). "Charter Will Monitor Customers' Web Surfing to Target Ads" (http:/ / bits. Retrieved 2008-05-14. com/ terms/ privacypolicy. com/ terms/ privacypolicy. BroadbandReports. Retrieved 2008-06-19. Their system is a bridge. "Embarq: Don't all users read our 5. [31] Anderson. html?pr=pr040420). Wrong Targets" (http:/ / www. The Register.com. [47] "RTC on Line aka Rochester Telephone Company sells to NebuAd" (http:/ / www. .000 word privacy policy?" (http:/ / arstechnica. . net/ blog/ weblog. com/ in/ deepaknair73). com/ forum/ r20704276-OnlyInternetNet-uses-NebuAd-for-Behavioral-Targeting). 2007-06-22. [41] "Claria Names D. "Claria will exit out of the adware business by the end of the second quarter of 2006. org/ web/ 20080224042248/ http:/ / www. Retrieved 2008-06-29. techweb. com/ 2007/ 06/ 23/ real-evil-isp-inserted-advertising/ ). [34] "benanderson. linkedin. Public Knowledge Policy Blog. com/ shownews/ Broadstripe-Now-Selling-User-Browsing-History-94378). php?id=D20070622). theinquirer. Saul (2008-05-14). domaintools. [27] Hansell. Says Embarq" (http:/ / www. BroadbandReports. Retrieved 2008-06-20. htm) on 2008-02-24. co. Retrieved 2008-06-26. Robb (2008-07-21). Jr. com/ 2008/ 06/ 25/ technology/ 25charter. Retrieved 2008-06-24. The New York Times. . And unless they alter the architecture of their system drastically. [40] "Comments Of Nebuad. "NebuAd and Partner ISPs: Wiretapping. . . com [37] Keizer. com/ news. [26] Topolski. com/ in/ melissahorwath). 2008-06-26. BroadbandReports. 2007-06-23. As the engineer explains. . pdf) (PDF). nytimes.. Retrieved 2008-06-26. [24] Anderson. 38 . [25] "Customers Shoulda Read the Privacy Policy.. ars/ post/ 20080723-embarq-dont-all-users-read-our-5000-word-privacy-policy. [33] "Real Evil: ISP Inserted Advertising" (http:/ / www. .opted out or not. . so you would need some sort of magical layer-two switching device upstream that switched frames from users that have opted out around the NebuAd appliance. Retrieved 2008-06-25.net-Fair Eagle taking over the world? ISPs being compromised or just cheap?" (http:/ / www.. "When we asked them about an opt-out method for our customers. Nate (2008-07-23). Retrieved 2008-06-26. Retrieved 2008-05-17. 2008-06-26. dslreports. they won't ever have one. On The Commission Staff's Proposed Self-Regulatory Principles For Online Behavioral Advertising" (http:/ / www. html?ref=technology). net/ gb/ inquirer/ news/ 2008/ 05/ 14/ charter-track-users-replace [29] The Associated Press (June 25. . com/ forum/ r20600537-ISP-Data-Collection-Congress-Investigation-Urged-NebuAd). . benanderson. ." [38] "LinkedIn Profile of Deepak Nair" (http:/ / www.Right Idea. 2008-06-26. [23] "WOW Terms and Conditions" (http:/ / www1. . htm). com/ 2008/ 05/ 14/ charter-will-monitor-customers-web-surfing-to-target-ads/ index. everyone's data is still pumped into a third-party box. Retrieved 2010-05-20. com/ news. . Joins growing list of NebuAD customers" (http:/ / www. Nate (2008-07-15). . [35] "NebuAd looks to 'spyware' firm for recruits" (http:/ / www. nytimes. they didn't have one. linkedin.com.. dslreports. . com/ press-release-article. . Retrieved 2008-06-24. . Gregg. com/ nebuad. [30] Metz. [28] http:/ / www. gov/ os/ comments/ behavioraladprinciples/ 080411nebuad. How would you build a device like this without profiling your users in the first place to determine who had opted out? It's not like there is an opt-out bit you can flip in the header of an Ethernet frame. Retrieved 2008-06-20. Inc. wowway." [32] Topolski. 2008). [44] "OnlyInternet. via The New York Times Company. ars technica. uk/ 2008/ 05/ 16/ congress_questions_nebuad/ ). "Congress goes after NebuAd. Free Press. [46] "And Even One More ISP to add to NebuAds Harem" (http:/ / www. . "US Congress questions legality of Phorm and the Phormettes" (http:/ / www.com. . [36] http:/ / whois. Retrieved 2008-07-23." So while the data actually created and stored by NebuAd or Embarq may end up being totally anonymous and innocuous. com/ wow/ wow. [39] "LinkedIn Profile of Melissa Horwath" (http:/ / www. 2008-06-26. dslreports. MarketingVOX: The Voice of Online Marketing. co. marketingvox. techcrunch. Retrieved 2008-04-26. ars/ post/ 20080715-congress-goes-after-nebuad-again. html). Techcrunch. .NebuAd [22] "ISP Data Collection — Congress Investigation Urged (NebuAd-CDT Press Release)" (http:/ / www. com/ embarq-pleads-the-fifth-on-disclosing-nebuad-test-to-customers-040002/ ).. . pdf) (PDF). Reed Freeman. html). Robert (2008-06-18). 2008-06-20. . dslreports. broadstripe. "Ready — Fire — Aim: NebuAd and Charter Shellacked -. net/ files/ NebuAd_Report. ftc. blogs. Cade (2008-05-16). BroadbandReports. claria. The Register. Retrieved 2008-06-19. broadstripe. "Charter Won’t Track Customers’ Web Use" (http:/ / www. Archived from the original (http:/ / www. com/ forum/ r20703445-And-Even-One-More-ISP-to-add-to-NebuAds-Harem). and that NebuAd advises ISPs to install it inline in their networks in such a way that all web traffic passes through it.

. com/ forum/ r20554465-Centurytel-and-NebuAd). If you would like to opt out. [64] Ji. click here. Retrieved 2008-07-21. Retrieved 2008-06-18. Third Party Advertisers. Retrieved 2008-09-01. BroadbandReports. from Responses to August 1. Anick (August 31. This anonymous information will not include those users' name. nebuad. You will continue to receive advertisements as normal. .. dslreports. [49] Hansell." (http:/ / www. com/ forum/ r20737958-Nexicom-is-using-NebuAd). Rodger.com. . Peter (2008-06-25). google. Associated Press via Google. . Saul (2008-05-14). (2008-08-08). .. Retrieved 2008-06-27. "Beginning April 23rd. Inc. except these advertisements will be less relevant and less useful to you. [54] "CenturyTel Drops NebuAd" (http:/ / www. pdf) (PDF). .. com/ article/ ALeqM5i0jj6e-BuV4qnseoMIL1fJFB7uhAD92TEAE80). html?ref=business). . Retrieved 2008-06-25. "Charter Will Monitor Customers’ Web Surfing to Target Ads" (http:/ / bits. com/ forum/ r20706000-Blackfoot-Telecommunications-Group-Inc-Missoula-MT-Nebuad). 2008-06-27. 2008-09-26. U. . we will partner with a third party to deliver or facilitate delivery of advertisements to our users while they are surfing on the web.com. [60] prack (2008-07-03). Knology will partner with a third party to deliver or facilitate delivery of advertisements to our users while they are surfing the web. Associated Press via Google. Retrieved 2008-07-02. BroadbandReports. com/ wires/ ap/ scitech/ 2008/ 06/ 25/ D91HAQHO1_tec_web_tracking/ index. except these advertisements will be less relevant and less useful to you. These advertisements will be based on those users' anonymous surfing behavior while they are online. 2008). com/ 2008/ 05/ 14/ charter-will-monitor-customers-web-surfing-to-target-ads/ index. dslreports. Missoula MT Nebuad" (http:/ / www. The New York Times. com/ forum/ r20711216-Centurytel-drops-NebuAd). net/ content/ custService_agree_121207. Retrieved 2008-06-30. com/ article/ ALeqM5hojy5UugX8vlpZa1urv5KYVDHDjAD92TSRNG0). [61] "Knology Customer Service Agreement" (http:/ / support. com/ 2008-09/ isp-behavioral-targeting/ ). 2008-06-26. or any other personally identifiable information. house. dslreports. go to: http:/ / nebuad. .com. Retrieved 2008-07-01. Committee on Energy and Commerce — US House of Representatives. If You would like to opt out. DSLReports.S. seoserpent. dslreports.. Retrieved 2008-06-25. [50] Bode. . dslreports. CEO and Chairman of the Board. [52] Svensson. php page)" [59] "Nexicom is using Nebuad" (http:/ / www. com/ privacy/ optout. "Letter. email address. Canadian Broadband Forum on BroadbandReports. email address. net/ privacy. "9. "6 Internet providers disclose Web tracking for ads" (http:/ / ap. com/ privacy/ optout. 2008). 2008-07-01. "WOW! Suspension of Nebuad Services" (http:/ / www. Retrieved 2008-09-01. 2008-05-28. [65] Jesdanun. . house. . . This anonymous information will not include those users' name.com Forums — US Cable Support — W. gov/ Press_110/ Responses to 080108 TI Letter/ 110-ltr. [63] Jesdanun. Retrieved 2008-06-27. "RE: Internet Advertising Inquiry" (http:/ / energycommerce. php). com/ 2008/ 07/ bresnan-internet-privacy-update.O. Karl (2008-06-24). nytimes. By opting out you will continue to receive advertisements as normal. gov/ Press_110/ Responses to 080108 TI Letter/ 110-ltr.NebuAd [48] "20/20 Communications and NebuAd" (http:/ / www. 2008-07-03. google. "Ad targeting based on ISP tracking now in doubt" (http:/ / ap. Committee on Energy and Commerce. Inc. BroadbandReports. By opting out. telephone number. Anick (September 1.com. 080108responseCABLE001. html). . "ISPs still considering tracking Web use" (http:/ / www. Retrieved 2008-09-01. dslreports. . Retrieved 2008-08-11. Philip P. . Retrieved 2008-06-26. com/ forum/ r20736487-WOW-Suspension-of-Nebuad-Services). "Charter User Monitoring Plans Suspended . These advertisements will be based on those users' anonymous surfing behavior while they are online. pdf) (PDF via Google HTML).W. com/ shownews/ Charter-User-Monitoring-Plans-Suspended-95551). dslreports.. 080108responseKnology. [56] "Bresnan — Internet Privacy Update" (http:/ / johnlinko. John Linko (Blog). com/ forum/ r20258823-Bresnan-actively-intercepting-ALL-packets).com. Salon.com. [51] "ISP Behavioral Targeting Versus You" (http:/ / www. 2008 Letters to Network Operators Regarding Data Collection Practices" (http:/ / energycommerce. [58] "Nexicom Privacy Policy" (http:/ / www. dslreports. BroadbandReports.com. [55] "Bresnan actively intercepting ALL packets" (http:/ / www. . salon. pdf) (PDF). telephone number. Knology. 2008-06-26. 39 . php" [62] Johnson. html). BroadbandReports. nexicom. Retrieved 2008-05-14.'Enhanced user experience' apparently not so enhanced. [53] "CenturyTel and NebuAd" (http:/ / www. blogs. or any other personally identifiable information. House of Representatives. [57] "Blackfoot Telecommunications Group. knology. . com/ forum/ r20704629-2020-Communications-and-NebuAd). (links to http:/ / www. blogspot.

market research mega panel analytics. when. charging and billing (including usage-based and content billing). The same person can communicate in multiple ways – FTP.. NI technology goes beyond traditional DPI. It examines. where and how. NI creates a powerful nexus of subscriber and network data. or who accesses what database.Network intelligence 40 Network intelligence Network Intelligence (NI) is a technology that builds on the concepts and capabilities of Deep Packet Inspection (DPI). NI provides more granular analysis.0 and wireless 3G and 4G technologies. types of activity and volume of content generated.[1] [2] [3] [4] Background [7] The evolution and growth of Internet and wireless technologies offer possibilities for new types of products and services. traffic shaping. enabling better cyber security and IP services. Network optimization and security solutions therefore need to address the exponential increases in IP traffic. blogs. NI technology correlates network traffic data from a variety of data communication vehicles for network visibility. applications. service assurance. methods of access. revenue assurance. and the information viewed. The technology enables a global understanding of network traffic for applications that need to correlate information such as who contacts whom. Webmail. policy management. NI’s value-add to solutions traditionally based on DPI has attracted the attention of industry [10] now includes NI companies on its analysts who specialize in DPI market research.[4] Business Intelligence for data networks In much the same way that BI technology synthesizes business application data from a variety of sources for business visibility and better decision-making. NI provides the means to quickly identify. With ongoing changes in communications networks and how information can be exchanged. lawful interception and cyber security. and protocols whether or not the protocols are tunneled or follow the OSI model.[4] [5] as well as opportunities for hackers and criminals to exploit weaknesses and perpetrate cyber crime[6] . NI is used as a middleware to capture and feed information to network operator applications for bandwidth management.. since it not only recognizes protocols but also extracts a wide range of valuable metadata. examine and correlate interactions involving Internet users. people are no longer linked exclusively to physical subscriber lines. when.[8] [9] Traditional DPI tools from established vendors like Sandvine and Allot have historically addressed specific network infrastructure applications such as bandwidth management. performance optimization and Quality of Service (QoS). governments and large enterprises. VoIP. security functions and data mining for new products and services needed since the emergence of Web 2. It is currently being incorporated into a wide range of applications by vendors who provide technology solutions to Communications Service Providers (CSPs). Heavy Reading Deep Packet Inspection Semi-Annual Market Tracker. Packet Capture and Business Intelligence (BI). instant messaging. social networks – and from different access points via desktops. IP data packets that cross communications networks by identifying the protocols used and extracting packet content and metadata for rapid analysis of data relationships and communications patterns.Sometimes referred to as Network Acceleration. . For example. online chat. It enables vendors to create an information layer with metadata from IP traffic to feed multiple applications for more detailed and expansive visibility into network-based activity. When combined with traditional BI tools that examine service quality and customer care. in real time.. NI extends network controls. laptops and mobile devices. DPI focuses on recognizing different types of IP traffic as part of a CSP’s infrastructure. business capabilities.

as well as manage usage once deployed. Platform as a Service (PaaS) and Software as a Service (SaaS) vendors with real-time situational awareness of network activity. Quality of Service (QoS). Use in cloud computing The economics and deployment speed of cloud computing is fueling rapid adoption by companies and government agencies. and critical transparency to allay fears of potential customers. however. regulatory compliance and auditing[14] [15] [16] . NI classifies protocols and applications from layers 2 through 7. NI enables faster and more sophisticated Audience Measurement. Internet Service Providers (ISPs) and Mobile Network Operators (MNOs) are under increasing competitive pressures to move to smart pipe business models. Content-Based Billing. and Personalized Services. . A vendor can demonstrate hardened network security to prevent Data Leakage or Data Theft and an irrefutable audit trail of all network transaction – communication and content – related to a customer’s account. VoIP Fraud Monitoring and Regulatory Compliance. Quality of Experience (QoE). applicable for Bandwidth & Resource Optimization. it provides the required visibility and analysis of user demand to create and deliver differentiating services. NI mitigates the risks by providing Infrastructure as a Service (IaaS). are risks of information security.Network intelligence 41 Use in telecommunications Telcos. Requirement Purpose • • • • Network Metrics • • services events Identify / deliver / manage services • • • • • Example Applications Audience measurement User behavior analysis Customer segmentation Personalized services Bandwidth / resources optimization Content / application-aware billing Quality of Experience (QoE) analysis VoIP fraud monitoring Regulatory compliance Customer Metrics Understand customer demand NI as enabling technology for smart pipe applications Customer metrics are especially important for telecom companies to understand consumer behaviors and create personalized IP services. Real-time network metrics are equally important for companies to deliver and manage services. Customer Segmentation. Software Vendors and Systems Integrators that serve the industry. generates metadata for communication sessions. Because NI captures detailed information from the hundreds of IP applications that cross mobile networks. and correlates activity between all layers. User Behavior Analysis. The cost savings and revenue opportunities driving smart pipe strategies also apply to Network Equipment Providers. e-discovery.[11] [12] [13] Among concerns.

com). GigaOM. 2008. tmcnet. Customer Experience Management. . com [11] Stacey Higginbotham (2009-07-21). messagelabs. "Deep Packet Inspection Semi-Annual Market Tracker" (http:/ / www. Retrieved 2011-03-15.Network intelligence 42 Use in government NI extracts and correlates information such as who contacts whom. [3] Thibaut Bechetoille (2009-03-25). MessageLabs. tmcnet. providing situational awareness for Lawful Interception and Cyber Security. . Retrieved 2010-06-15. com/ topics/ caas-saas/ articles/ 49997-qosmos-network-intelligence-helps-development-smart-pipe-solutions. . [8] "2008 Internet Security Trends" (http:/ / www. asp?doc_id=159415). . Retrieved 2009-07-28. IDC. Light Reading. Content Filtering.Managing Data Growth" (http:/ / www. "Will P2P Soon Be the Scourge of Mobile Networks?" (http:/ / gigaom. GigaOM. Retrieved 2009-07-28. [16] Jon Brodkin (2008-07-02). Retrieved 2010-06-15. Heavy Reading. "Gartner: Seven cloud-computing security risks" (http:/ / www. "Light Reading report: Network Acceleration . [7] "MessageLabs Intelligence: 2008 Annual Security Report" (http:/ / www. The network visibility afforded by NI can also be used to build enhancements and next-generation solutions for Network Performance Management. Retrieved 2009-07-27. "The dangers of cloud computing" (http:/ / www. TMCnet. . Info World. . Retrieved 2009-07-28. . "More Cash for Cloud Computing in 2009" (http:/ / www. "DISA’s Cloud Computing Initiatives" (http:/ / www. . Light Reading. ironport. heavyreading. com/ offer/ windriver_intel?source=ebook_tab). "The Everyday Relationship Between You and ‘Your’ Information: What’s Out There on the Internet" (http:/ / ipcommunications. com/ securitytrends/ ). Database Auditing and Network Protection. "Network Intelligence is Key to Profiting from Anywhere Demand" (http:/ / www. php?podcastID=229). com/ document. . "Market Research: New Opportunity for Service Providers?" (http:/ / www. html). [2] Brian Partridge (2010-05-17). com/ topics/ ip-communications/ articles/ 52992-everyday-relationship-between-and-information-whats-out-there. govinfosecurity. pdf). lightreading. when where and how. . References [1] Jessica Schieve (2011-02-23). com/ d/ cloud-computing/ dangers-cloud-computing-839). htm). 2009. infoworld. "A Brave New World: 700M New Net Users Seen By 2013" (http:/ / gigaom. com/ 2009/ 07/ 21/ a-brave-new-world-700m-new-net-users-seen-by-2013/ #more-59899). fiercetelecom. [10] http:/ / www. com/ podcasts. jsp?containerId=prUS21480708). [13] Tom Sullivan (2008-03-29). Retrieved 2009-07-28. . . Retrieved 2009-07-27. Real-time data capture. extraction and analysis allow security specialists to take preventive measures and protect network assets in real time as a complement post-mortem analysis after an attack. heavyreading. "Qosmos Network Intelligence Helps Development of Smart Pipe Solutions" (http:/ / caas. networkworld. com/ mlireport/ MLIReport_Annual_2008_FINAL. Government Information Security Podcasts. htm). com/ ResearchDocument. and internal billing of networked applications. 2008-10-20. Retrieved 2009-07-27. [4] Simon Sherrington (2010-06). yankeegroup. . TMCnet. Retrieved 2009-07-27. com/ businesscenter/ article/ 162157/ more_cash_for_cloud_computing_in_2009. do?id=53513). pcworld. [5] Aditya Kishore (2008-07-21). it enhances the effectiveness of applications for Database Security. com/ news/ 2008/ 070208-cloud. [12] "IDC Finds Cloud Computing Entering Period of Accelerating Adoption and Poised to Capture IT Spending Growth Over the Next Five Years" (http:/ / idc. IronPort. [14] Henry Sienkiewicz (2008-04-30). Retrieved 2009-07-27. html). [6] Shireen Dee (2009-02-03). com/ 2009/ 07/ 21/ will-p2p-soon-be-the-scourge-of-mobile-networks/ #more-59491). WAN Optimization. Retrieved 2010-06-15. [9] Jordan Golson (2009-07-21). Retrieved 2009-07-28. com/ getdoc. [15] Ephraim Schwartz (2008-07-07). Use in business Because NI combines real-time network monitoring with IP metadata extraction. PC World. Info World. . Retrieved 2009-07-27. Yankee Group Anchor Report. . .

[5] Radware former VP of business development is businessman Yuval Tal. Europe. CEO and Director. Africa and Asia Pacific. In 1999 the company had an initial public offering and was listed on the NASDAQ stock exchange. mobile communications. Radware offers networking solutions for data center virtualization. cloud computing. In February 2009 Radware acquired Nortel’s Application Delivery business (Alteon) and now offers them under a merged brand. The disposal by Nortel was part of a move to reduce its debt and recover from Chapter 11. and security. healthcare. is a provider of integrated Application Delivery and Network Security solutions based in Tel Aviv. now President of Payoneer. . application & WAN optimization. Radware Alteon. Roy Zisapel is the current President. Israel Key people Products Revenue Employees Subsidiaries Website CEO: Roy Zisapel CFO: Meir Moshe COO: Ilan Kinreich Application Delivery and Network Security $144. insurance. education. retail. Israel and is a member of the Rad Group of companies. manufacturing.1 million USD (2010) 700+ Radware Alteon www. transportation.radware.Radware 43 Radware Radware Type Industry Founded Public (NASDAQ: RDWR Technology 1997 [1] ) Headquarters Tel Aviv. For the enterprise. Sales markets The company markets and sells its products worldwide through an indirect sales channel that includes distributors and resellers located in the Americas. government. Its customers cover all major industry segments including financial services. Middle East. Israel.[3] History Radware was co-founded by Yehuda Zisapel and Zohar Zisapel in 1997. e-Commerce.[4] The company is headquartered in Tel Aviv.com [2] Radware (NASDAQ:RDWR). services and carriers.

bnet.radware.aspx?id=8315) Infosecurity Magazine. com/ 2448-14061_23-272392. retrieved 2009-10-16 [4] Net Management Firm. nasdaq.Radware 44 Core technology The core technologies that make up Radware’s offering include: • • • • • • • • • • • • Application Delivery Virtualization Global Load Balancing VoIP Load Balancing SIP Load Balancing Application Acceleration SSL Acceleration XML Acceleration/Security MultiWAN Switching Quality of Service (QoS) Web Application Firewalling Network Intrusion Prevention DPI/DFI Partners Radware partners with leading industry application and technology providers such as: AT&T. Radware USA: Facebook hacked: a reminder for on-line businesses (http://www.aspx?id=8419) Fox News. 2011 • Carl Herberger VP of security solutions. .aspx?id=8361) CTO Edge. 2011 • Smartphones and Social Media Can Be a Risky Combination (http://www. (http:/ / www. 2011 . January 19.aspx?id=8363) TechNewsWorld. FBI Wants New Tools (http://www.com/newsevents/ mediacoveragedetail.radware. Microsoft. 2011 • Radware Makes ADCs Virtual (http://www. Blue Coat. BNET. February 11.radware. com/ Company/ TechnologyAlliances/ default. RSA and BEA. radware. aspx). February 1.radware. cbronline. retrieved 2009-10-16 [6] Radware partners (http:/ / www.aspx?id=8417) Processor. com/ resource/ networking/ loadbalancing/ Mediaproducts-gartner. BEA. Oracle Corporation. Gartner. retrieved 2009-10-16 External links • To Probe 'Dark Spots' Where Cybercrooks Lurk.radware. Finjan. com/ news/ net_management_firm_radware_files_for_43m_ipo). 2011 • Facebook Once Again Hangs Up on Phone Rumors (http://www. January 26. Radware. . com/ [3] Magic Quadrant for Application Delivery Controllers. pdf). VMWare.com/newsevents/mediacoveragedetail. 2011 • Inside Data Center Preparedness (http://www.[6] References [1] http:/ / quotes.com/newsevents/ mediacoveragedetail. IBM. January 27. Riverbed.radware. .com/newsevents/mediacoveragedetail. Security (http://www. com/ asp/ SummaryQuote. Juniper Networks.com/newsevents/mediacoveragedetail. . February 24.com/newsevents/mediacoveragedetail. HP. securitytechnet. InfoSys. retrieved 2009-10-16 [5] Radware acquires Nortel division for USD18m (http:/ / www. 2011 • Web Traffic Requires Traffic Cop.aspx?id=8365) Global Security Mag.com/newsevents/ mediacoveragedetail.radware. Computer Business Online. SAP AG. html). radware. Forum. Blackboard. asp?symbol=RDWR& selected=RDWR [2] http:/ / www. aspx?id=8295) Investor’s Business Daily. Files for $43m IPO (http:/ / www. January 21.com. ByteMobile.

com/free/co/factsheet. January 13. 2011 • WikiLeaks Hacktivists Explain “Operation Payback” (http://www.com/q/pr?s=RDWR) 45 .Radware • Virtualized infrastructure key to enticing enterprise to carrier cloud services (http://www.radware.com/newsevents/ mediacoveragedetail. 2010 • Radware Factsheet (http://www.by Hoovers.hoovers.aspx?id=8211) Investor’s Business Daily.radware.xhtml?ID=61374&cm_ven=PAID& cm_cat=OVR&cm_pla=CO4&cm_ite=radware) .yahoo.com • Radware on Yahoo Finance (http://finance. December 10.com/ newsevents/mediacoveragedetail.aspx?id=8239) ConnectedPlanet.

[5] billing. Co-Founder.sandvine. Ontario Key people Dave Caputo.[6] congestion management. Co-Founder. and mobile.[9] [10] Quality of service control is provided for a range of media applications including video conferencing. by a team of approximately 30 people from a recently closed Cisco acquisition. Ontario (2001) Industry Founded Headquarters Waterloo. The device can then determine the optimal peer to use. ranging from service creation. is a networking equipment company based [4] in Waterloo.[11] [12] The P2P path optimizer [13] focuses on Gnutella. Ontario. Initial product sales focused at congestion management as operators struggled with the high growth of broadband. VoIP and gaming. and substitute it for the one selected by the P2P . DSL. Co-Founder. A subsequent round of financing of $19M (Cdn) was completed in May 2005.[7] Sandvine targets its products at consumer Tier 1 and Tier 2 networks including cable. and security. COO and VP Engineering Don Bowman. spam control is based on identifying sources of spam from behaviors such as using multiple SMTP servers. quality of service. CFO Tom Donnely. and uses a path cost algorithm to reduce congestion while still delivering the same content. Rather than identifying individual messages. President and CEO Scott Hamilton. Canada. Technology Sandvine's technology focuses on policy management.Sandvine 46 Sandvine Sandvine Incorporated Type Public [1] TSX: SVC [2] AIM: SAND Networking Hardware and Software Waterloo.[8] Company history Sandvine was formed in August 2001 in Waterloo. Sandvine network policy control products are designed to implement broad network policies. and P2P path optimisation. Many operators have shifted focus to revenue generating services and reducing operational expenditure. Canada. CTO Website www. including the control of spam. Stateful Policy Management [14] uses stateful deep-packet inspection and packet spoofing to allow the networking device to determine the details of the p2p conversation. AIM: SAND [2]). In October 2006 Sandvine completed an initial public offering on the Toronto stock exchange under the ticker 'SVC'.com [3] Sandvine Incorporated (TSX: SVC [1]. Co-Founder. In March 2006 Sandvine completed an initial public offering on the London AIM exchange under the ticker 'SAND'. An initial round of VC funding launched the company with $20M (Cdn). PixStream. Ontario. EVP Marketing & Sales Brad Siim. usage-based billing. including the hash requested. using multiple source (EHLO) domains and large address books.

sandvine." [15] The usage-based-billing includes[16] pre-paid and post-paid 3G and 4G mobile access. newswire. cantechletter. sandvine. jsp?wo=2005109816) [11] Sandvine Incorporated: Service Delivery Engine (http:/ / www. References [1] [2] [3] [4] [5] http:/ / tmx.[17] 47 Comcast Controversy Sandvine products are used by Comcast in the United States to manage Internet traffic generated by peer-to-peer file sharing software. eff. org/ html/ rfc6057) [20] eff. londonstockexchange. wipo. groupware clients affected (http:/ / arstechnica. com/ news. ca/ en/ releases/ archive/ October2006/ 10/ c6288. com/ quote.. do?lang=EN& docClass=7& issuerNo=00024246& fileName=/ csfsprod/ data106/ filings/ 01560378/ 00000001/ s:\svcMDA. com/ en-gb/ pricesnews/ prices/ Trigger/ genericsearch. pdf) [9] A SYSTEM AND METHOD FOR DETECTING SOURCES OF ABNORMAL COMPUTER NETWORK MESSAGES . asp?FILEID=16) [15] Comcast traffic blocking: even more apps.[21] [22] A product whitepaper published by Sandvine confirms that its products are configurable to use "Session Management" capability to prevent customers using BitTorrent from providing uploads to peers who are not close to them on the network. com/ EP1743466. fcc. sandvine.Major Wireless Carrier Selects Sandvine’s 10-Gigabit Ethernet Solution to Give Subscribers More Control over their Mobile Internet Experience (http:/ / www. com/ GetFile.[20] Comcast injected reset packets into peer-to-peer connections. com/ 2011/ 05/ cantech-letter-interviews-dave-caputo-of-sandvine-tsxsvc/ Sandvine Incorporated: Press Release . htm?bsg=true& ns=SAND http:/ / www. which effectively caused a certain limited number of outbound connections to immediately terminate. com/ news/ pr_detail. This affects all uses of BitTorrent (such as open-source project distribution. html) [13] (WO/2003/094465) PATH OPTIMIZER FOR PEER TO PEER NETWORKS (http:/ / www. imitating both ends of the connection. as well as all fixed access. -a0139417017) [8] Sandvine Management's Discussion and Analysis (http:/ / sedar. asp?ID=243) [17] Sandvine supports pre.org article on Comcast jamming Gnutella and Lotus (http:/ / www. by "[sitting] in the middle. session management is an effective strategy.Patent EP1743466 (http:/ / www. int/ pctdb/ en/ wo. com/ general/ getfile.. | CableMatrix and VCom Showcase First QoS Enhanced Video Conferencing over WiMAX Solution (http:/ / www. . com/ http:/ / www. This method of network management was described in the IEEE Communications.[19] According to independent testing. thefreelibrary. php?qm_symbol=SVC http:/ / www. Fairshare. and sending reset packets to both client and server. html) [16] Sandvine Supports Cricket Broadband Internet (http:/ / www. jsp?wo=2003094465) [14] "Meeting the Challenge of Today's Evasive P2P Traffic" (http:/ / www. sandvine. asp?ID=283) [18] Comcast's compliance report to FCC on its previous network management techniques (http:/ / gullfoss2. org/ deeplinks/ 2007/ 10/ comcast-also-jamming-gnutella-and-lotus-notes) .Free Online Library (http:/ / www. asp) [12] CNW Group | VECIMA NETWORKS INC. freepatentsonline. asp?ID=148) [7] Adelphia Selects Sandvine to Protect Subscribers from Worms and Spam. sandvine. patch distribution and illegal downloads). the subscriber may be session managed without negative impact. May 2000 article "Nonintrusive TCP Connection Admission Control for Bandwidth Management of an Internet Access Link".Sandvine algorithm. com/ news/ pr_detail. com/ Adelphia+ Selects+ Sandvine+ to+ Protect+ Subscribers+ from+ Worms+ and+ Spam. wipo. cgi?native_or_pdf=pdf& id_document=6520169715) [19] Comcast's Protocol-Agnostic Congestion Management System (http:/ / tools.StarHub Selects Sandvine to Deploy End-to-End PacketCable MultiMedia Solution (http:/ / www. html) [10] (WO/2005/109816) A SYSTEM AND METHOD FOR DETECTING SOURCES OF ABNORMAL COMPUTER NETWORK MESSAGES (http:/ / www. This is the default behaviour for Sandvine’s session management policy and limits external leechers from [23] connecting to internal seeds. sandvine. In cases where a subscriber is a “seeder” and uploads content to an off net “leecher”. is described in detail in an RFC. com/ news/ pr_detail. com/ products/ service_delivery_engine. quotemedia. com/ news/ pr_detail. gov/ prod/ ecfs/ retrieve. sandvine. int/ pctdb/ en/ wo. ars/ post/ 20071021-comcast-traffic-blocking-even-more-apps-groupware-clients-affected. ietf.and post-paid service plans across converged networks (http:/ / www. asp?ID=100) [6] Sandvine Incorporated: Press Release .[18] Sandvine's current congestion management product.

org/ ci/ private/ 2000/ may/ Kumar. comsoc. comsoc.org/article.dslreports.html) .pl?sid=07/10/19/1417238) • Dslreports: Comcast is using Sandvine to manage P2P Connections (http://www.comsoc.comsoc.org/ci/private/2000/ may/Kumar. html) [23] Session Management: BitTorrent Protocol .Sandvine [21] IEEE Communications Interactive (http:/ / www. com/ general/ getfile.sandvine.html (http://www. sandvine. asp?FILEID=21 48 External links • Sandvine (http://www.org/ci/private/2000/may/Kumar. html) [22] Nonintrusive TCP Connection Admission Control for Bandwidth Management of an Internet Access Link (http:/ / www.com/forum/ r18323368-Comcast-is-using-Sandvine-to-manage-P2P-Connections) • http://www.Managing the Impact on Subscriber Experience http:/ / www.com) • Slashdot: Comcast filtering network packets (http://slashdot. org/ ci/ public/ 2000/ may/ index.

Sudhakar Ravi Products Revenue Employees Website Security Appliance filtering Spam. (Matt) Medeiros CFO: Robert D. Internet security 1991 Headquarters San Jose. Spyware. Security appliances. Selvi Founders: Sreekanth Ravi. UTMs (Unified Threat Management). CA.[7] The company has acquired a number of companies through the years. In November 1999 they went public (SNWL).sonicwall. It sells a range of internet appliances primarily directed at content control and network security. .SonicWALL 49 SonicWALL SonicWALL Type Industry Founded Private Backup and Recovery.[6] Matthew T. 2010 SonicWALL announced that it has completed its merger with affiliates of an investor group led by Thoma Bravo. LLC.[3] [5] In the late 1990s they released a security product later branded "SonicWALL" which was a dedicated hardware appliance with firewall and VPN software intended for the small-business market.[8] On July 23.[4] History The company was founded in 1991 under the name "Sonic Systems" by brothers Sreekanth and Sudhakar Ravi to develop Ethernet and Fast Ethernet cards. (Matt) Medeiros (formerly of Philips Components) became CEO in March 2003. which includes the Ontario Teachers' Pension Plan through its private investor department. These include devices providing services for network firewalls. and anti-spam for email. expanding its product line in the process. hubs and bridges.com [2] [1] SonicWALL is a private company headquartered in San Jose. The company also markets information subscription services related to their products. VPNs (Virtual Private Network).[3] The company solutions also serve to solve issues surrounding HIPPA and PCI compliance issues. Teachers' Private Capital. backup and recovery. Backup and Recovery. California Key people CEO: Matthew T. Viruses and other Malware USD 219 million (2008) 700 (January 2008) www. After the merger SonicWall was delisted from NASDAQ.

Retrieved 2010-03-05. [8] "News Archive Search of "SonicWall acquisition" including frequency chart" (http:/ / news. Google. Retrieved 2010-03-05. [7] "SonicWall Company Officers .) (http:/ / www. Retrieved 2010-03-05. html?wlc=1267835772). [6] "SonicWall IPO Should Make Noise" (http:/ / www. redzonetech. com/ ) [10] AIS (Access Information Security) (http:/ / www. org/ web/ 19990504153444/ http:/ / www. uk/ ) [12] RedZone Technologies (http:/ / www. 2010. sonicwallonline. 2011. Ecommerce Times. sec. O). co. . sonicsys. . 1999.gov (http:/ / www. Archived from the original (http:/ / www. pdf).Reuters" (http:/ / www. com/ Corporate_Info/ index. co. archive. .SonicWALL 50 Resellers • • • • New England[9] UK & Ireland[10] UK & Ireland[11] United States[12] References [1] sec. sonicwall. com/ Corporate_Info/ index. SonicWALL. net/ ) . Retrieved 2010-03-05. yahoo. Reuters. html). reuters. net/ wp-content/ uploads/ 2011/ 06/ Davco_Restaurants_SW. Yahoo!. Inc. com/ story/ 1715. google. uk/ ) [11] SonicWALL Online (UK Gold Partner) (http:/ / www. [4] "Sonicwall PCI Compliance Case Study" (http:/ / www. ecommercetimes. Retrieved 2011-06-06. NSIserv. 2010. SonicWALL. Retrieved 2010-03-05. . sonicsys. ." (http:/ / finance. htm) [2] http:/ / www. redzonetech. 2010. [5] "Corporate Information" (http:/ / web. html) on 1999-05-04. . gov/ Archives/ edgar/ data/ 1093885/ 000109388509000007/ f10k. aisec. com/ finance/ stocks/ companyOfficers?symbol=SNWL. com [3] "SNWL: Profile for SonicWALL. 1999. com/ q/ pr?s=SNWL). com/ archivesearch?um=1& cf=all& ned=us& hl=en& q=SonicWall+ acquisition& cf=all). [9] NSI (New England Systems Inc.

can be managed from the StoneGate Management Center. and VMware-certified virtual appliances. the Middle East.Stonesoft Corporation 51 Stonesoft Corporation Stonesoft Corporation Secure Information Flow Type Public [1] NASDAQ OMX: SFT1V Network Security Helsinki. software. originally developed for Check Point FireWall-1. Stonesoft does business globally. and SSL VPN systems. . and China. Its product portfolio includes firewall/VPN devices. Finland (1990) Ilkka Hiidenheimo Hannu Turunen Industry Founded Founder(s) Headquarters Helsinki.[7] The product portfolio differentiates through unique clustering and load balancing technologies based on the company's older StoneBeat technology.com [4] Stonesoft Corporation is a publicly owned Helsinki. and sales offices throughout Europe. Georgia.[6] Each of the components.[5] each available as hardware appliances. Finland Area served Key people Worldwide Ilkka Hiidenheimo (Chairman & CEO) Juha Kivikoski (COO) Mikael Nyberg [2] (CFO) Products Network security Firewall IPS VPN Security appliances Virtual appliances Employees Website [3] 174 (Dec 2009) stonesoft. IPS (intrusion detection and prevention systems). United States. Finland-based vendor of network security solutions. with a regional headquarters in Atlanta. as well as third-party devices.

opsec. stonesoft. It is also certified by ICSA Labs Network Intrusion Prevention and Detection category.621 [9] http:/ / www. html [6] http:/ / www.856. In 1994 it introduced StoneBeat. becoming a direct competitor to Check Point. stonesoft. PN.[9] In 2001. and is one of only four vendors in the consortium to achieve that certification.[11] The StoneGate firewall/VPN is regarded for its "robust performance and feature set relative to company resources. 2001. pdf [12] https:/ / www.856.[11] The StoneGate IPS has also placed in Gartner's Magic Quadrant for Network Intrusion Prevention. vmware.621& RS=PN/ 6.[14] References [1] http:/ / www. com [5] http:/ / www.[13] The issue at hand was discrepancies between the profitability forecasted in the company's year 2000 interim reports and the actual state of the company at that time. a technology for creating a high availability pair of firewalls in an active-passive configuration. for IBM mainframes. com/ en/ investor_relations/ corporate_governance/ management/ [3] http:/ / www. com/ export/ download/ financial_files/ stonesoft_annual_report_2009_en. nasdaqomxnordic. pdf [4] http:/ / www. the company extended StoneBeat with a patented load balancing clustering technology. icsalabs. com/ solutions/ partners/ stonesoft_fc. html [8] http:/ / patft. com/ pdf/ Gartner_Magic_Quadrant_Firewalls_2010.[10] Products Stonesoft's current product portfolio can be divided into four major categories[5] : • • • • StoneGate Firewall/VPN StoneGate IDS/IPS StoneGate SSL VPN StoneGate Management Center (SMC) The StoneGate Firewall/VPN has placed in Gartner's Magic Quadrant for Enterprise Network Firewalls for several years. Stonesoft expanded its product set into the firewall/VPN space. html& r=1& f=G& l=50& co1=AND& d=PTXT& s1=6. com/ us/ products/ index. The court "held that two members of the company's board of directors and a former CEO through gross negligence had failed to give a profit warning in due time". the company introduced the first virtual firewall/VPN solution. & OS=PN/ 6. pl?ACCT=104& STORY=/ www/ story/ 01-22-2003/ 0001876476& EDATE= [11] http:/ / www. com/ products?tid[]=4222 . com/ aktier/ shareinformation?Instrument=HEX24350 [2] http:/ / www. 2006. html [10] http:/ / www2. In 1999. The StoneGate Firewall/VPN was launched on March 19. stonesoft. com/ us/ products/ smc/ index. In January 2003. com/ appliances/ directory/ cat/ 522?k=Stonesoft& c=522 [7] http:/ / www. gov/ netacgi/ nph-Parser?Sect1=PTO2& Sect2=HITOFF& p=1& u=%2Fnetahtml%2FPTO%2Fsearch-bool. vadition. stonesoft. and is currently placed in the niche quadrant.621.Stonesoft Corporation 52 History Stonesoft started as a systems integrator in the Nordic regions of Europe. The reports indicated the company was sound and profitable. and it has a loyal customer base". uspto.[12] Controversy In 2008.[11] Gartner notes that Stonesoft "serves a set of placements well – usually. com/ cgi-bin/ stories. It was one of the first technologies certified in Check Point's OPSEC program. stonesoft. high availability is key or when the leaders are otherwise not welcome". the Helsinki Court of Appeal issued a decision in a case brought against Stonesoft and several members of its management team.856. yet "a profit warning should in fact have been issued".[13] The District Court of Helsinki had originally dismissed the claims in a decision on November 15.[8] launching StoneBeat FullCluster. prnewswire.

stonesoft. PDF [14] http:/ / www. co. dittmar. fi/ whats_new/ newsletters/ D& I%20Q4%202008. aspx?id=10020587 53 External links • Official website (http://www. uk/ news/ story. euroinvestor.com) .com) • Semi-official community Web site (http://stoneblog.Stonesoft Corporation [13] http:/ / www.stonesoft.

uk/ detail/ PROD/ 1110792023_599. Theta's solutions reassembles and finds relationships between subscriber application sessions at Open Systems Interconnection layer 7 using Deep Packet Inspection. com/ news_events/ theta_networks_manage_data_services_for_beijing_2008_olympic_games. com/ news/ view/ 119 [13] http:/ / www. co. Inc. Cross Packet Inspection. com/ research/ stocks/ private/ snapshot.[1] The company develops Deep Packet Inspection-based software that can be used for monitoring. connect-world. techtarget.[10] The company has office in New Jersey. uk [11] http:/ / www. Ericsson. com/ [3] http:/ / www. com/ global/ Press/ Press+ releases/ news-archive/ Nokia+ Siemens+ Networks+ to+ expand+ its+ customer+ base+ in+ service+ management+ through+ channel+ partners. thetanetworks. fr/ Press-Announcements/ Press-AnnouncementTheta-Networks. com/ resources/ cross_packet_inspection.Theta Networks 54 Theta Networks Theta Networks Type Industry Founded Founder(s) Headquarters Key people Products Website Private Telecommunication [1] 2005 Steve Zhu New Jersey. and also recently established partnerships in Australia[12] . HTTP. subscriber management and security on mobile networks. Theta Networks has also been working with China Mobile on monitoring and support for their new TD-SCDMA networks[6] . com/ news_events/ china_mobile_thanks_theta_networks_for_its_unique_support_during_the_olympics. and China. co. html [5] http:/ / www. Motorola. South America. Theta Networks has been a major supplier to Nokia Siemens [1] [3] . and Russia. html [8] http:/ / www. com/ resources/ cross_session_inspection. nokiasiemensnetworks. com/ resources/ deep_session_inspection. and Streaming Technology.[7] [8] [9] This technology can be applied to mobile use of WAP. Theta Networks company works in France through a partner[11] . thetanetworks. vanillaplus. Orange and China Mobile [4] [5] Games Recently. thetanetworks. ossnewsreview. and assisted China Mobile during the Olympic Networks. thetanetworks. genetel. html [9] http:/ / www. MMS. DNS. asp?privcapId=28831084) BusinessWeek.com [2] http:/ / www. businessweek. thetanetworks. com/ extras/ ict_telecom_press_release_article. com/ telecom-oss/ theta-networks-and-syrus-systems-form-partnership-in-russia/ . php?press_id=1162 [7] http:/ / www. United States Steve Zhu (CEO) DPI Software [2] Theta Networks is a New Jersey based Telecommunication solutions company that was founded in 2005. Theta Networks also offers VirusGuardMax. (http:/ / investing. html [6] http:/ / www. and Cross Session Inspection. html [10] http:/ / searchsecurity. rl. html [12] http:/ / www. SMS. thetanetworks. htm [4] http:/ / www. html& src=searchsecurity. techtarget. optimization. rl. a DPI-based network security product.[13] References [1] Theta Networks.

In 2010. Maharashtra and has development and marketing offices PAN India. Corporate focus is on networking gears. VLD directed traffic away from that server to other servers that could handle the load. Coyote Point Systems.Theta Networks 55 External links • Company Site (http://www. is a networking appliances company.. This appliance can then run one or more product modules (depending on the appliance selected). It is headquartered in Mumbai. which runs on top of Linux. Radware and Zeus Technology. Gartner cite the most significant competitors (in terms of market share) as Cisco Systems and Citrix Systems. India Key people Products Website MD: Phani Bhushan Networking www. Brocade. Type Industry Founded Private Limited company Technology 2002 Headquarters Mumbai. If a server went down or became overloaded. Ltd. Other competitors include A10 Networks. was originally a network load balancer but today also offers other functionality such as access control and application security. Add-on modules to VLD family of products offer email filtering and intelligent compression to allow for lower bandwidth and faster downloads in addition to load balancing and local traffic management capabilities. Viaedge's first product was a Server load balancer called VLD. Viaedge' flagship product. Barracuda Networks. which provide the VLD functionality. Viaedge offers products in various segments of the Application Delivery Controller market.viaedge. .com) Viaedge Viaedge Software Technologies (I) Pvt. It originally manufactured and sold load balancing products. 75% of the Viaedge business was with ET 500 companies.com [1] Viaedge Software Technologies. Array Networks.ThetaNetworks. Corporate history Viaedge Software Technologies was founded in 2002. Armorlogic. Products V-Load Director (VLD) Viaedge's VLD product is based on a network appliance (either virtual or physical). the V-Load Director. . KEMP Technologies. Crescendo Networks.

which provide the VLD functionality. but some previous models have included AMD Opteron CPUs. Hardware models include a front LCD panel for configuration and monitoring and a separate service processor for out-of-band management. The current hardware line-up uses Intel CPUs. Viaedge Appliances The current line of VLD & V-NetLink appliance was released between 2009 and 2010.a PC/server-type motherboard .[2] with approximate best-case throughput indicated: Model VLD 100 Advertised throughput 1 Gbit/s VLD Pro 4101 1 Gbit/s VLD Pro 4102 2 Gbit/s VLD Pro 4202 2 Gbit/s VLD Pro 4204 4 Gbit/s VLD Pro 4206 6 Gbit/s VLD Ent 5404 4 Gbit/s VLD Ent 5408 8 Gbit/s VLD Ent 5812 12 Gbit/s VLD Ent 5816 16 Gbit/s Model Throughput WAN Ports 2 2 3 4 6 8 10 12 Restricted Maximum Bandwidth 2 Mbps 4 Mbps 6 Mbps 10 Mbps 20 Mbps 45 Mbps 100 Mbps 500 Mbps LLB S-002 200 Mbps LLB S-004 200 Mbps LLB P-006 300 Mbps LLB P-010 2 Gbps LLB E-020 3 Gbps LLB E-045 4 Gbps LLB T-100 5 Gbps LLB T-500 6 Gbps . The previous platforms had two internal boards . Some models include hardware SSL acceleration for key exchanges and bulk encryption/decryption . This appliance can then run one or more product modules (depending on the appliance selected). The full model line-up is as follows.Viaedge 56 V-NetLink (VLLB) Viaedge's V-Netlink product is based on a network appliance (either virtual or physical). and hardware compression assistance. which runs on top of Linux. and the hardware models internally use a single custom-fabricated system board.

Viaedge Viaedge Product Modules • • • • V-Load Director : Local load balancing based on a full-proxy architecture. simply transmit data as a series of bytes. Retrieved 2010-08-17. Other protocols. and sequencing information. or bits alone. 57 References [1] http:/ / www. like Ethernet. with user data in between. . viaedge. External links • viaedge. error detection codes like checksums. In Binary Synchronous Transmission.viaedge. NetLink: Inbound and outbound ISP load balancing. control information is found in packet headers and trailers. . and the data area is whatever the person puts inside the envelope. WAN OptimiZation Module: A data centre symmetric WAN optimization solution. Computer communications links that do not support packets. a packet is a formatted unit of data carried by a packet mode computer network. A good analogy is to consider a packet to be like a letter: the header is like the envelope. however. Packet framing A packet consists of two kinds of data: control information and user data (also known as payload). Different communications protocols use different conventions for distinguishing between the elements and for formatting the data.com (http://www. A network design can achieve two major results by using packets: error detection and multiple host addressing. By using packet switched networking it is also harder to guarantee a lowest possible bitrate. characters. and special characters are used to delimit the different elements. com/ solutions/ data-centre-solutions/ application-load-balancer). is that some networks can break a larger packet into smaller packets when necessary (note that these smaller data elements are still formatted as packets). such as traditional point-to-point telecommunications links.com/) Network packet In computer networking. The control information provides data the network needs to deliver the user data. the bitrate of the communication medium can be better shared among users than if the network were circuit switched. A difference. When data is formatted into packets. com/ [2] "Viaedge Hardware Data Sheet" (http:/ / viaedge. V-Application Delivery Controller: Global Server Load Balancing using DNS. Some protocols format the information at a bit level instead of a byte level. Typically. establish the start of the header and data elements by their location relative to the start of the packet. for example: source and destination addresses. the packet is formatted in 8-bit bytes.

3 bits that contain a zero. which describes what priority the packet should have. 4. and this pushed responsibility for error detection onto the sending host in any case. Subsequent experience on the ARPANET indicated that the network itself could not reliably detect all packet delivery failures. The IPv4 packet header consists of: 1. 4 bits that contain the version. 8 bits that contain the Type of Service. This technology is called packet switching. and a flag to state whether more fragments of a packet follow (MF: More Fragments) 7. Host addressing Modern networks usually connect three or more host computers together. which is one of the Internet's fundamental design assumptions. 6. like the ARPANET and the modern Internet. 4 bits that contain the Internet Header Length which is the length of the header in multiples of 4 bytes (e. it would send an error message back to the sending host. a field to identify position of fragment within original packet . an acknowledgement was delivered to the sending host. 3. In complex networks constructed of multiple routing and switching nodes.[1] When the ARPANET pioneered packet switching. 16 bits that contain the length of the packet in bytes. All these protocols use packets. 16 bits that contain an identification tag to help reconstruct the packet from several fragments. 2. Meanwhile. Example: IP packets IP packets are composed of a header and payload. a series of packets sent from one host computer to another may follow different routes to reach the same destination. whereas UDP and IP provide an unreliable one. that specifies if it's an IPv4 or IPv6 packet. it provided a reliable packet delivery procedure to its connected hosts via its 1822 interface. also referred to as Quality of Service (QoS). a flag that says whether the packet is allowed to be fragmented or not (DF: Don't fragment).g. then it becomes the host's responsibility to provide reliability by detecting and retransmitting lost packets.[1] A "reliable" service is one that notifies the user if delivery fails. The packet trailer often contains error checking data to detect errors that occur during transmission. IP provides an unreliable service. For example. 5 means 20 bytes). Together. the term packet applies to any message formatted as a packet. while an "unreliable" one does not notify the user if delivery fails. Once the message was delivered to the destination host. Packets vs. This led to the development of the end-to-end principle. but UDP packets are generally called datagrams. inserted the address of the destination host computer.Network packet 58 Error detection It is more efficient and reliable to calculate a checksum or cyclic redundancy check over the contents of a packet than to check errors using character-by-character parity bit checking. 13 bits that contain the fragment offset. in such cases the packet header generally contains addressing information so that the packet is received by the correct host computer. If a network does not guarantee packet delivery. 5. If the network could not deliver the message. This lesson was later embraced by the designers of Ethernet. and sent the message across the interface to its connected Interface Message Processor. datagrams In general. while the term datagram is generally reserved for packets of an "unreliable" service. A host computer simply arranged the data in the correct packet format. TCP and IP provide a reliable service. the developers of CYCLADES and of ALOHAnet demonstrated that it was possible to build an effective computer network without providing reliable packet transmission.

which has its own header and trailer. ICMP. There generally would be little to gain from attempting to use compressed data from a frame marked as undecodable. Because packet lengths are variable but frame lengths are fixed. of the seven layered OSI model. 11. After those 160 bits. and the sender's and receiver's IP addresses. • Even when the channel errors exceed the correction capability of the error-correcting code. including the packet header. 8 bits that contain the Time to live (TTL) which is the number of hops (router.542 bytes. including frame header and control information.g. which can change based on the protocol used. etc. 8 bits that contain the protocol (TCP. it is possible to layer a transport protocol on top of the packet service that can provide such protection. computer or device along a network) the packet is allowed to pass before it dies (for example. or in-order delivery of packets. e. packet boundaries usually do not coincide with frame boundaries. The term frame is sometimes used to refer to a packet exactly as transmitted over the wire or radio. 9. TCP and UDP are the best examples of layer 4. ranging from 7 to 65. • Packetized data is transmitted via frames. an IP packet is often carried as the payload inside an Ethernet frame. 16 bits that contain the Header Checksum. UDP. Telecom processing notes Data in a frame is typically protected from channel errors by error-correcting codes. can range up to 2048 bytes. Under this standard. an image or other data sent from a spacecraft instrument is transmitted using one or more packets.. 32 bits that contain the source IP address. optional flags can be added of varied length. The header of a packet specifies the data type. 32 bits that contain the destination address. Handling data loss Deleted undecodable whole frames are the principal type of data loss that affects compressed data sets. . • Frames for which uncorrectable errors are detected are marked as undecodable and typically are deleted. total number of packets. packet number. which are fixed-length data blocks. the presence of errors nearly always is detected by the error-correcting code or by a separate error-detecting code. the Transport Layer. Example: the NASA Deep Space Network The Consultative Committee for Space Data Systems (CCSDS) packet telemetry standard defines the protocol used for the transmission of spacecraft instrument data over the deep-space channel. the UDP protocol of the Internet.Network packet 8. 12. 59 Delivery not guaranteed Many networks do not provide guarantees of delivery. An IP packet has no trailer. nonduplication of packets. • Packet sizes are fixed during the development phase. However. CCSDS packet definition A packet is a block of data with length that can vary between successive packets. The size of a frame. However. a number used in error detection. a packet with a TTL of 16 will be allowed to go across 16 routers to get to its destination before it is discarded). then the data that packet carries is added.) 10.

the decompressor can base its reconstruction on incomplete. frames with detected errors would be essentially unusable even if they were not deleted by the frame processor. PES Packet length Optional PES header Stuffing bytes Data 2 bytes variable length variable length See elementary stream. The elementary stream is packetized by encapsulating sequential data bytes from the elementary stream inside PES packet headers. 60 Example: Radio & TV Broadcasting MPEG packetized stream Packetized Elementary Stream (PES) is a specification defined by the MPEG communication protocol (see the MPEG-2 standard) that allows an elementary stream to be divided into packets. long-blocklength error-correcting codes. In the case of private streams the first byte of the payload is the sub-stream number. • Fortunately. which are the types of codes most likely to yield substantial fractions of bit errors throughout those frames that are undecodable. Can be zero as in not specified for video streams in MPEG transport streams [2] [3] [4] [5] Size 3 bytes 0x000001 Description . The TS packets can then be multiplexed and transmitted using broadcasting techniques. the decompressor will blindly use the frame data as if they were reliable. PES packet header Name Packet start code prefix Stream id 1 byte Examples: Audio streams (0xC0-0xDF). compressed data usually are protected by powerful. • If an erroneous frame escapes detection. A typical method of transmitting elementary stream data from a video or audio encoder is to first create PES packets from the elementary stream data and then to encapsulate these PES packets inside an MPEG transport stream (TS) packets or an MPEG program stream (PS). the bits of the subband pixels are already decoded before the first bit error will remain intact. which has an undetected frame-error rate of less than 1 in 32. Thus. fewer than 1 in 40. whereas in the case of detected erroneous frames. such as those used in an ATSC and DVB.Network packet • When errors are present in a frame. Video streams (0xE0-0xEF) Note: The above 4 bytes is called the 32 bit start code. This data loss can be compensated for with the following mechanisms. • For frames coded by the CCSDS Reed–Solomon code. but not misleading.000 erroneous frames can escape detection.000. a single bit error is often just as disruptive as many bit errors. • Furthermore. data. but all subsequent decoded bits in the segment usually will be completely corrupted. it is extremely rare for an erroneous frame to go undetected. • All frames not employing the Reed–Solomon code use a cyclic redundancy check (CRC) error-detecting code.

In this mode. NICAM offers the following possibilities.Network packet Optional PES header Name Number of Bits 2 2 1 1 indicates that the PES packet header is immediately followed by the video start code or audio syncword 1 implies copyrighted 1 implies original 11 = both present. the NICAM signal is transmitted on a subcarrier alongside the sound carrier. . or can transmit two or three entirely different sound streams. One digital mono sound channel and a 352 kbit/s data channel. • The topology of this pseudo-random generator yields a bitstream with a repetition period of 511 bits. This means that the FM or AM regular mono sound carrier is left alone for reception by monaural receivers. This latter mode could be used to transmit audio in different languages. NICAM packet transmission The NICAM packet (except for the header) is scrambled with a nine-bit pseudo-random bit-generator before transmission. The four other options could be implemented at a later date. Only the first two of the ones listed are known to be in general use however. 10 = only PTS 10 binary or 0x2 hex 00 implies not scrambled Description 61 Marker bits Scrambling control Priority Data alignment indicator 1 Copyright Original or Copy PTS DTS indicator ESCR flag ES rate flag DSM trick mode flag Additional copy info flag CRC flag extension flag PES header length Optional fields Stuffing Bytes 1 1 2 1 1 1 1 1 1 8 variable length variable length gives the length of the remainder of the PES header presence is determined by flag bits above 0xff NICAM In order to provide mono "compatibility". in a similar manner to that used for in-flight movies on international flights. Two completely different digital mono sound channels. The mode is auto-selected by the inclusion of a 3-bit type field in the data-stream • • • • One digital stereo sound channel. the user can select which soundtrack to listen to when watching the content by operating a "sound-select" control on the receiver. One 704 kbit/s data channel. A NICAM-based stereo-TV infrastructure can transmit a stereo TV programme as well as the mono "compatibility" sound at the same time.

Queue management An Internet router typically maintains a set of queues. and to cause global synchronisation between flows. such queues use a drop-tail discipline: a packet is put onto the queue if the queue is shorter than its maximum size (measured in packets or in bytes). org/ patents/ patent-information/ european-patent-documents/ publication-server. tm1214r30. html?iAction=3& cc=EP& pn=1827030& ki=A2) [5] https:/ / publications. & Ross. com/ EP1827030. Tamara (2006). 8. Boston. 62 References [1] Kurose. Historically. v1. Drawbacks of AQM Early AQM disciplines (notably RED and SRED) require careful tuning of their parameters in order to provide good performance. 1. (2007). which reduces network latency ("ping time"). org/ technology/ standards/ a001r7. PI) are self-tuning. that hold packets scheduled to go out on that interface. active queue management (AQM) is a technique that consists in dropping or ECN-marking packets before a router's queue is full. Keith W. Making the NICAM bitstream look more like white noise is important because this reduces signal patterning on adjacent TV channels. Network+ Guide to Networks. freepatentsonline. dvb. and dropped otherwise. Modern AQM disciplines (ARED. and can be run with their default parameters in most or all circumstances. Massachusetts: Thomson Course Technology.[2] By providing endpoints with congestion indication before the queue is full. AQM disciplines are able to maintain a shorter queue length than drop-tail queues. Blue. pdf [3] Method and apparatus for changing codec to reproduce video and/or audio data streams encoded by different codecs within a channel . html) [4] European publication server (http:/ / www. Active queue management In Internet routers. Active queue disciplines drop or mark packets before the queue is full. Typically. • At the start of each NICAM packet the pseudo-random bit generator's shift-register is reset to all-ones. For AQM systems that drop packets (rather than using ECN marking). Recent Publications in Active Queue Management (AQM) schemes [1] Benefits of AQM Drop-tail queues have a tendency to penalise bursty flows. By dropping packets probabilistically. they operate by maintaining one or more drop/mark probabilities. one per interface. AQM disciplines typically avoid both of these issues. and probabilistically dropping or marking packets even when the queue is short. This is necessary so as to aid in locking on to the NICAM data stream and resynchronisation of the data stream at the receiver.Patent EP1827030 (http:/ / www. • The pseudo-random generator is initialized with: 111111111. org/ PublicationServer/ document.Network packet • The pseudo-random generator's polynomial is: x^9 + x^4 + 1. "Computer Networking: A Top-Down Approach" ISBN 0-321-49770-8 [2] http:/ / www. • The NICAM header is not subject to scrambling. european-patent-office. epo. dTS101154. jsp?PN=EP1827030%20EP%201827030& iDocId=6296342& iFormat=0 • Dean. the result seems counter-intuitive to many network engineers: "Why should I drop perfectly good packets when I still have free buffer space?" . James F.

pdf?attredirects=0). google. 2009. IEEE Communications Letters. etc. org/ citation. pdf?attredirects=0 [5] Changwang Zhang. Random early detection (RED). . "Random Early Detection (RED) gateways for Congestion Avoidance" (http:/ / www. pdf?attredirects=0). com/ site/ cwzhangres/ home/ files/ RREDRobustREDAlgorithmtoCounterLow-rateDenial-of-ServiceAttacks. html). IEEE/ACM Transactions on Networking 1 (4): 397–413. org/ xpl/ freeabs_all.251892. CHOKe. etc. Random Exponential Marking (REM). com/ site/ cwzhangres/ home/ posts/ aqmdossimulationplatform [4] http:/ / sites. in International Symposium on Communication and Information Technology (ISCIT). [3] http:/ / sites. 1790341) . google. PI controller. RRED: Robust RED Algorithm to Counter Low-rate Denial-of-Service Attacks (http:/ / sites. Zhiping Cai. com/ site/ cwzhangres/ home/ files/ RSFBaResilientStochasticFairBluealgorithmagainstspoofingDDoSattacks. Van (August 1993). It automatically calculate and record the average throughput of normal TCP flows before and after DoS attacks to facilitate the analysis of the impact of DoS attacks on normal TCP flows and AQM algorithms. Jacobson. and Zhiping Cai. and Weifeng Chen. cfm?id=1789954. google. Ref (http:/ / ieeexplore. vol. doi:10. 489-491. Ref (http:/ / portal. 2010. com/ site/ cwzhangres/ home/ posts/ recentpublicationsinactivequeuemanagementaqmschemes [2] Floyd. pdf?attredirects=0 [7] Changwang Zhang. Robust random early detection (RRED) [4][5] • RSFB [6]: a Resilient Stochastic Fair Blue algorithm against spoofing DDoS attacks [7] References [1] http:/ / sites.). Jianping Yin. Blue and Stochastic Fair Blue (SFB).More Details [3] AQM algorithms • • • • • • • Adaptive Virtual Queue (AVQ). com/ site/ cwzhangres/ home/ files/ RSFBaResilientStochasticFairBluealgorithmagainstspoofingDDoSattacks. icir.1109/90. RSFB: a Resilient Stochastic Fair Blue algorithm against spoofing DDoS attacks (http:/ / sites. pp. 14. org/ floyd/ papers/ red/ red. google. google. RRED. The AQM&DoS Simulation Platform [3] can simulate a variety of DoS attacks (Distributed DoS.Active queue management 63 The Simulation and Analysis Platform for AQM algorithms An Active Queue Management and Denial-of-Service (AQM&DoS) Simulation Platform is established based on the NS-2 simulation code of the RRED algorithm. Sally. Low-rate DoS. ieee. Retrieved 2008-03-16. com/ site/ cwzhangres/ home/ files/ RREDRobustREDAlgorithmtoCounterLow-rateDenial-of-ServiceAttacks. acm. SFB.) and Active Queue Management (AQM) algorithms (RED. google. Spoofing DoS. jsp?arnumber=5456075) [6] http:/ / sites. Jianping Yin.

Paul Baran

64

Paul Baran
Paul Baran

Born

April 29, 1926 Grodno, Poland March 26, 2011 (aged 84) Palo Alto, California United States (Polish born) RAND Corporation UCLA, Drexel Institute of Technology, Philadelphia Packet Switching

Died

Citizenship Institutions Alma mater Known for

Notable awards IEEE Alexander Graham Bell Medal, National Medal of Technology and Innovation, National Inventors Hall of Fame Spouse Evelyn Murphy Baran, PhD

Paul Baran (1926–2011) was a Polish American engineer who was a pioneer in the development of computer networks. He invented packet switching techniques, and went on to start several companies and develop other technologies that are an essential part of the Internet and other modern digital communication.

Early life
Paul Baran was born in Grodno, Poland (which is now in Belarus) on April 29, 1926.[1] [2] He was the youngest of three children in a Jewish family,[3] with the Yiddish given name "Pesach". His family moved to the United States on May 11, 1928,[4] settling in Boston and later in Philadelphia, where his father, Morris "Moshe" Baran (1884–1979), opened a grocery store. He graduated from Drexel University in 1949 (then called Drexel Institute of Technology), with a degree in electrical engineering. He then joined the Eckert-Mauchly Computer Company, where he did technical work on UNIVAC models, the first brand of commercial computers in the USA.[5] In 1955 he married Evelyn Murphy, moved to Los Angeles, and worked for Hughes Aircraft on radar systems. He obtained his Masters degree in engineering from UCLA in 1959, with advisor Gerald Estrin while taking night classes. His thesis was on character recognition.[1]

Packet switched network design
After joining the RAND Corporation that same year, Baran took on the task of designing a "survivable" communications system that could maintain communication between end points in the face of damage from nuclear weapons.[6] At the time of the Cold War, most American military communications used High Frequency connections which could be put out of action for many hours by a nuclear attack. Baran decided to automate RAND director Franklin R. Collbohm's previous work with emergency communication over conventional AM radio networks and

Paul Baran showed that a distributed relay node architecture could be survivable. The Rome Air Development Center soon showed that the idea was practicable.[7] Using the mini-computer technology of the day, Baran and his team developed a simulation suite to test basic connectivity of an array of nodes with varying degrees of linking. That is, a network of n-ary degree of connectivity would have n links per node. The simulation randomly 'killed' nodes and subsequently tested the percentage of nodes who remained connected. The result of the simulation revealed that networks where n ≥ 3 had a significant increase in resilience against even as much as 50% node loss. Baran's insight gained from the simulation was that redundancy was the key.[8] His first work was published a RAND report in 1960,[9] with more papers generalizing the techniques in the next two years.[10] After proving survivability Baran and his team needed to show proof of concept for this design such that it could be built. This involved high level schematics detailing the operation, construction and cost of all the components required to construct a network that leveraged this new insight of redundant links. The result of this was one of the first store-and-forward data layer switching protocols, a link-state/distance vector routing protocol, and an unproved connection-oriented transport protocol. Explicit detail of these designs can be found in the complete series of reports "On Distributed Communications", published by RAND in 1964.[11] The design flew in the face of telephony design of the time, placing inexpensive and unreliable nodes at the center of the network, and more intelligent terminating 'multiplexer' devices at the endpoints. In Baran's words, unlike the telephone company's equipment, his design didn't require expensive "gold plated" components to be reliable.

65

Selling the idea
After the publication of "On Distributed Communications'", Paul Baran presented the findings of his team to a number of audiences, including AT&T engineers (not to be confused with Bell labs engineers, who at the time provided Paul Baran with the specifications for the first generation of T1 circuit which he used as the links in his network design proposal). In subsequent interviews Baran mentions how his idea of non-dedicated physical circuits for voice communications were scoffed at by the AT&T engineers who at times claimed that Baran simply did not understand how voice telecommunication worked.[12] Leonard Kleinrock developed a theoretical basis for the operation of packet networks in his Ph.D. thesis in 1961. Baran used the term "message blocks" for his units of communication. Donald Davies at the National Physical Laboratory in the United Kingdom was the first to use the term "packet switching" in 1965, and apply the concept to a general-purpose computer network. Davies' key observation was that computer network traffic was inherently "bursty" with periods of silence, compared with relatively constant telephone traffic.[1] [13] In 1969 when the US Defense Advanced Research Projects Agency (ARPA) was developing the idea of an inter-networked set of terminals to share computing resources, among the number of reference materials considered was Baran and the RAND Corporation's "On Distributed Communications" volumes.[1] The resiliency of a packet switched network that uses link-state routing protocols used on the Internet stems in some part from the research to develop a network that could survive a nuclear attack.[1] [14]

Later work
In 1968 Baran was a founder of the Institute for the Future, and then involved in other networking technologies developed in Silicon Valley. He was involved in the origin of the packet voice technology developed by StrataCom at its predecessor, Packet Technologies. This technology led to the first commercial pre-standard Asynchronous Transfer Mode product. He was also involved with the discrete multitone modem technology developed by Telebit, which was one of the roots of Orthogonal frequency-division multiplexing which is used in DSL modems. In 1985, Paul Baran founded Metricom, the first wireless Internet company, which deployed Ricochet,[2] the first public wireless mesh networking system. He also founded Com21, an early cable modem company.[5] Following Com21, Baran founded and was president of GoBackTV, which specializes in personal TV and cable IPTV infrastructure

Paul Baran equipment for television operators.[15] Most recently he founded Plaster Networks, providing an advanced solution for connecting networked devices in the home or small office through existing wiring.[16] Baran extended his work in packet switching to wireless-spectrum theory, developing what he called "kindergarten rules" for the use of wireless spectrum.[17] In addition to his innovation in networking products, he is also credited with inventing the first metal detector, a doorway gun detector.[5] [18] He received an honorary doctorate when he gave the commencement speech at Drexel in 1997.[19]

66

Death
Baran died in Palo Alto, California at the age of 84 on March 26, 2011,[1] [20] due to complications from lung cancer.[14] Upon his death James Thomson, the president of RAND stated that "Our world is a better place for the technologies Paul Baran invented and developed, and also because of his consistent concern with appropriate public policies for their use."[20] One of the fathers of the internet, Vinton Cerf, stated that "Paul wasn't afraid to go in directions counter to what everyone else thought was the right or only thing to do."[14] According to Paul Saffo, Baran also believed that innovation was a "team process" and he didn't seek credit for himself.[18] On hearing news of his death, Robert Kahn, co-inventor of the Internet, said: "Paul was one of the finest gentlemen I ever met and creative to the very end."

Awards and honors
• • • • • • • • IEEE Alexander Graham Bell Medal (1990)[21] Marconi Prize (1991) Nippon Electronics Corporation C&C Prize (1996) Bower Award and Prize for Achievement in Science (2001)[5] Fellow of the American Academy of Arts and Sciences (2003)[22] National Inventors Hall of Fame (2007) National Medal of Technology and Innovation (2007)[23] UCLA Engineering Alumnus of the Year (2009)[24]

References
[1] Katie Hafner (March 27, 2011). "Paul Baran, Internet Pioneer, Dies at 84" (http:/ / www. nytimes. com/ 2011/ 03/ 28/ technology/ 28baran. html). The New York Times. . [2] Nathan Brewer; et al (March 28, 2011). "Paul Baran" (http:/ / www. ieeeghn. org/ wiki/ index. php/ Paul_Baran). IEEE Global History Network. New York: IEEE. . Retrieved March 28, 2011. [3] Georgi Dalakov. "Paul Baran" (http:/ / history-computer. com/ Internet/ Birth/ Baran. html). History of Computers web site. . Retrieved March 31, 2011. [4] David Ira Snyder (August 4, 2009). "Morris "Moshe" Baran (1884 - 1979)" (http:/ / www. geni. com/ people/ Morris-Moshe-Baran/ 6000000005033975818). Genealogy of the Baran family. Geni.com web site. . Retrieved March 29, 2011. [5] "Paul Baran - Franklin Laureate Database" (http:/ / www. fi. edu/ winners/ 2001/ baran_paul. faw?winner_id=2272). The Franklin Institute Awards - Laureate Database. Philadelphia, PA: The Franklin Institute. . Retrieved March 29, 2011. [6] "Internet pioneer Paul Baran passes away" (http:/ / www. bbc. co. uk/ news/ technology-12879908). BBC News. March 28, 2011. . Retrieved March 28, 2011. [7] Brand, Stewart (March 2001). "Founding Father" (http:/ / www. wired. com/ wired/ archive/ 9. 03/ baran. html). Wired (New York: Condé Nast Digital) 9 (3). ISSN 1059-1028. OCLC 433726773. . Retrieved March 27, 2011. "Paul Baran conceived the Internet's architecture at the height of the Cold War. Forty years later, he says the Net's biggest threat wasn't the USSR—it was the phone company". Stewart Brand's interviews Paul Baran about his work at RAND on survivable networks. [8] "Paul Baran and the Origins of the Internet" (http:/ / www. rand. org/ about/ history/ baran. list. html). RAND corporation. . Retrieved March 29, 2011. [9] Paul Baran (1960). "Reliable Digital Communications Systems Using Unreliable Network Repeater Nodes" (http:/ / www. rand. org/ pubs/ papers/ P1995. html). RAND Corporation papers, document P-1995. . Retrieved March 29, 2011.

March 28. the objections he received. 2011.ssrn. . ZDNet UK.org/index. "Keynote Talk Transcript. • Ryan. Present. com/ news/ obituaries/ la-me-paul-baran-20110329.com/news/newsletter/SPECS/JanFeb_SPECSTECH/tech. 1990). org/ documents/ bell_rl. [19] Nita Lelyveld (June 15. html) on June 15. Retrieved March 29. com/ about. "On Distributed Communications" (http:/ / replay. [12] "Internet Architect Paul Baran Dies at 84" (http:/ / www. html). . History of Computers web site. edu/ newsroom/ featured-news/ archive/ 2011/ in-memoriam-paul-baran-ms-201959). (March 5. . Retrieved March 31. OCLC 66137086. org/ about/ history/ baran-list. 1994). 2011. January 17. Engineer Tells Drexel Grads Paul Baran. CA: Electronic Frontier Foundation. EFF "GII . rand. Minneapolis. [16] "About Plaster Networks" (http:/ / www.umn. [13] Georgi Dalakov. cablelabs. org/ publications/ BookofMembers/ ChapterB. com/ 1997-06-15/ news/ 25524943_1_constantine-papadakis-paul-baran-graduation-ceremony).cbi. . jsp).Wireless/Cellular/Radio" Archive (http:/ / w2. pdf). 2011.livinginternet.4562265.com (http://www. html). [11] Paul Baran et al.NII . com/ Internet/ Birth/ Davis. (June 1. Retrieved March 29. 2005). Archived from the original (http:/ / www. January 7. Inc February 1999. Retrieved March 29.html) Louisville. Wired.0. 1780-2010: Chapter B" (http:/ / www. The United States Patent and Trademark Office.php)) 3 (2): 239–274. 2011. 2011. ucla. Retrieved March 29. rand.cfm/SSRN_ID732483_code355448. He Received An Honorary Doctorate" (http:/ / articles. 2011. . Retrieved March 29.pdf?abstractid=732483&mirid=5) (PDF). [20] "Packet switching inventor Paul Baran dies aged 84" (http:/ / www.Paul Baran [10] Paul Baran (1962). "Donald Davies" (http:/ / history-computer. www. [23] "The National Medal of Technology and Innovation 2007 Laureates" (http:/ / www. A 44-page transcript in which Baran describes his working environment at RAND.umn. latimes. . [14] "Internet pioneer Paul Baran passes away" (http:/ / www. com/sol3/Delivery. uk/ news/ business-of-it/ 2011/ 03/ 29/ packet-switching-inventor-paul-baran-dies-aged-84-40092315/ ). Plaster Networks web site. . p. The Inquirer (Philadelphia). zdnet. [15] "Management Team" (http:/ / www. 67 External links • "Paul Baran Invents Packet Switching" (http://www. Boulder. "On Distributed Communications Networks" (http:/ / www. 2011.edu/oh/ display. . . waybackmachine.com/). com/ epicenter/ 2011/ 03/ internet-architect-paul-baran-dies-at-84/ ).htm). Retrieved March 31. and the writing and distribution of his eleven-volume work. Silicon Flatirons Telecommunications Program (http://www. 2011. Paul (November 9. philly. Los Angeles Times. [18] Jessica Guynn (March 29. Patrick S. IEEE. org/ pubs/ papers/ P2626. co. 2011. 2011. 1997). the evolution of his plan for distributed networks. goBackTV web site. Retrieved March 29. html). 2006. eff. 2. . "Paul Baran dies at 84. "Oral history interview with Paul Baran" (http://www. .phtml?id=110). story). org/ Infrastructure/ Wireless_cellular_radio/ false_scarcity_baran_cngn94. CO: University of Colorado. engineer. wired. "the Grandfather Of The Internet" Spoke At His Alma Mater. CO: Cable Television Laboratories. American Academy of Arts and Sciences. pdf). amacad. BBC. . This describes Paul Baran's development of packet switching and its application to wireless computing. phtml).cbi. • O'Neill. [21] "IEEE Alexander Graham Bell Medal Recipients" (http:/ / www. Journal on Telecommunications & High Technology Law (Boulder. March 28. 8th Annual Conference on Next Generation Networks Washington. 2011. 2011. Baran discusses his interaction with the group at ARPA who were responsible for the later development of the ARPANET.edu/oh/index. Retrieved March 29. gobacktv. ieee. uk/ news/ technology-12879908). Retrieved March 28. inventor helped lay foundation for Internet" (http:/ / www. document P-2626. co. php). . "SSRN-Wireless Communications and Computing at a Crossroads: New Paradigms and Their Impact on Theories Governing the Public's Right to Spectrum Access" (http://papers. Retrieved March 29. [24] "In Memoriam: Paul Baran MS ’59" (http:/ / www. gov/ about/ nmti/ recipients/ 2007. Retrieved March 31. 2011). org/ Infrastructure/ Wireless_cellular_radio/ ). DC" (http:/ / w2. and Future: Paul Baran Addresses CableLabs® Winter Conference" (http://www. org/ 20060615000308/ http:/ / www. Retrieved March 31. [22] "Book of Members. • "Convergence: Past. CBI'S COLLECTIONS > Oral history database (http://www. Retrieved March 31. March 29. eff.silicon-flatirons. San Francisco. 2011. [17] Barran. 2011. 2011. 2011.com/i/ii_rand. Judy E. Retrieved March 31. 2010.pgs/leadstory. School of Law. "Opportunity Lies In Ideas. Retrieved March 29. 2011. MN: Charles Babbage Institute. 2011. uspto. Rand. On Distributed Communications. William Stewart. UCLA Engineering web site. com/ company-management. Retrieved March 29. 2011 A transcript of Baran's keynote . . his initial interest in survivable communications. 2011. 2011. html). rand. 2011. bbc. plasternetworks. .livinginternet. RAND Corporation papers. Retrieved May 17. ISSN 1543-8899. org/ about/ history/ baran-list. (1964).livinginternet. transcript).

Framingham. permitting raw link-layer packets to be sent and received. so that only "interesting" packets can be supplied to the software using BPF.org/pioneers/baran.org (http://www. • Gilder. including FreeBSD and WinPcap.Paul Baran address at the Countdown to Technology 2000 Winter Conference that includes a photo. Retrieved April 2. all packets. Forbes ASAP (New York: Forbes) 159 (11): 106–120. 2011. "Baran credited with inventing packet switching in 1960s against military backdrop" • "Paul Baran" (http://www.ibiblio. on systems where the filtering is done in user mode.gilder. it allows the interface to be put into that mode. Retrieved April 2.com/Switching/gilder. In addition.html). so that. although legal action is ongoing that may eventually force an answer.org/ pioneers/) at ibiblio. Internet and packet switching pioneer.com/news/2011/032811-paul-baran-packet-switching-obit. 2011). Bob (March 27. On some platforms. perform arithmetic operations on data from the packet.privateline. A user-mode interpreter for it is provided with the libpcap/WinPcap implementation of the pcap application programming interface (API). George (June 2. this can avoid copying "uninteresting" packets from the operating system kernel to software running in user mode.edu/) and the School of Journalism and Mass Communication at the University of North Carolina at Chapel Hill. it supports "filtering" packets. with some wrapping them in macros such as BPF_MTAP() and BPF_TAP(). can be received. Chapel Hill. ISSN 1078-9901. if the driver for the network interface supports promiscuous mode.ibiblio. networkworld. BPF is sometimes used to refer just to the filtering mechanism. rather than to the entire interface. 2006. Kernel-mode interpreters for that same virtual machine language are used in raw data link layer mechanisms in other operating systems. packets can be filtered in user mode. 2005. BPF's filtering capabilities are implemented as an interpreter for a machine language for the BPF virtual machine.com/public/telecosm_series/inventing. 68 Berkeley Packet Filter The Berkeley Packet Filter or BPF provides. even those destined for other hosts. . OCLC 173437996. MA: Network World. NC: School of Information and Library Science (http://sils. when capturing packets on systems without kernel-mode support for that filtering mechanism. accepting or rejecting the packet based on the results of those tests. November 6. which are called by network interface drivers (and pseudo-drivers) to deliver incoming and outgoing packets to the BPF mechanism. SCO Group publicly claimed to own Unix code which they alleged the Linux kernel infringed. html). and compare the results against constants or against data in the packet or test bits in the results. is mourned" (http://www. While clear that SCO did not own the BPF code. "Inventing the Internet Again" (http://www. In addition. although. That interpreter can also be used when reading a file containing packets captured using pcap. and for socket filters in Linux and in the WinPcap packet capture mechanism. on some Unix-like systems. Archived from the original (http://www. a raw interface to data link layers. 2011. including those that will be filtered out. Programmers quickly discovered the code in question was the Berkeley Packet Filter. they did not explain or acknowledge the mistake. 1997). code using the pcap API will work on both types of systems. Inc. "Paul Baran. • Brown.unc. reducing the CPU requirement to capture packets and the buffer space required to avoid dropping packets. Internet Pioneers (http://www. just-in-time compilation is used to convert virtual machine instructions into native code in order to further avoid overhead. 2011. In August 2003. Retrieved April 8. BSD kernels implement routines such as bpf_mtap() and bpf_tap(). so that all packets on the network. programs in that language can fetch data from the packet.ibiblio.html).html) on April 10.org/). such as Tru64 Unix. are copied from the kernel to user space.

usually using a routing protocol to implement the filtering on several routers at once. pdf [3] http:/ / www. without informing the source that the data did not reach its intended recipient. org/ papers/ bpf-usenix93.x BPF(4) man page. pdf [2] http:/ / www. . hence the name. org/ cgi/ man. resulting in small or large "black holes" in the network. traffic destined for such addresses is often just dropped. cgi?query=bpf& apropos=0& sektion=0& manpath=FreeBSD+ 8-current& format=html [4] http:/ / netsniff-ng. Dead addresses The most common form of black hole is simply an IP address that specifies a host machine that is not running or an address to which no host has been assigned. as well as allowing the packing of headers into the BPF buffer rather than copying complete packet data. While one copy remains in the receipt path for user processes. allowing kernel packet capture in the device driver interrupt handler to write directly to user process memory in order to avoid the requirement for two copies for all packet data received via the BPF device.Berkeley Packet Filter In 2007. often dynamically to respond quickly to distributed denial-of-service attacks. watson. including description of zero-copy BPF buffers [3] bpfc. When examining the topology of the network. org/ Black hole (networking) In networking. Black hole filtering Black hole filtering refers specifically to dropping packets at the routing level. Robert Watson and Christian Peron added zero-copy buffer extensions to the BPF implementation in the FreeBSD operating system. a BPF compiler for Linux (part of netsniff-ng) [4] References [1] http:/ / www. FreeBSD. the black holes themselves are invisible. this preserves the independence of different BPF device consumers. org/ ~robert/ freebsd/ 2007asiabsdcon/ 20070309-devsummit-zerocopybpf. Firewalls and "stealth" ports Most firewalls can be configured to silently discard packets addressed to forbidden hosts or ports. Even though TCP/IP provides means of communicating the delivery failure back to the sender via ICMP. 69 External links • • • • 1993 USENIX paper that describes BPF [1] (PDF) FreeBSD Developer Summit presentation describing Zero-copy BPF [2] (PDF) FreeBSD 8. and can only be detected by monitoring the lost traffic. tcpdump. black holes refer to places in the network where incoming traffic is silently discarded (or "dropped").

pdf http:/ / hubble. SFB can be implemented using a Bloom filter rather than a hash table. Unlike other stochastically fair queuing disciplines. and whenever the queue is empty. however. Stochastic Fair Blue (SFB)[2] is a stochastically fair variant of Blue which hashes flows and maintains a different mark/drop probability for each hash value. com/ warp/ public/ 732/ Tech/ security/ docs/ blackhole. and treats all flows as a single aggregate. ipexpert. Unlike RED. These addresses are often used as return addresses for automated e-mails.Black hole (networking) 70 PMTUD black holes Some firewalls incorrectly discard all ICMP packets. net/ http:/ / blog. In the presence of hash collisions. Assuming no hash collisions. p is increased by a small constant pd. com/ 2010/ 11/ 24/ remote-triggered-black-hole-filtering/ Blue (queue management algorithm) Blue[1] is an Active Queue Management algorithm. such as SFQ. p is decreased by a constant pi<pd. Black hole e-mail addresses A black hole e-mail address is an e-mail address which is valid (messages sent to it will not generate errors). but to which all messages sent are automatically deleted. and never stored or seen by humans. which dramatically reduces its storage requirements when the number of flows is large. SFB is only stochastically fair. flows. Assuming the mix of traffic on the interface doesn't change. and drops/marks packets with probability p as they enter the queue. SFB is able to provide a fair share of buffer space for every flow. it operates by randomly dropping or ECN-marking packets in a router's queue before it overflows. External links • • • • Remotely triggered black hole filtering (Cisco Systems) [1] University of Washington blackhole monitor/lookup system (link doesn't work) [2] Tools for detecting a blackhole attack in an ad hoc wireless network [3] Remote Triggered Black Hole Filtering [4] References [1] [2] [3] [4] http:/ / www. sourceforge. Like RED. including the ones needed for Path MTU discovery to work correctly. edu/ http:/ / safewireless. is that it doesn't distinguish between flows. . cisco. Stochastic Fair Blue The main flaw of Blue. washington. Operation of Blue A Blue queue maintains a drop/mark probability p. a single aggressive flow can push out of the queue packets belonging to other. which it shares with most single-queue queueing disciplines. p will slowly converge to a value that keeps the queue within its bounds with full link utilisation. This causes TCP connections from/to hosts with a lower MTU to hang. it requires little or no tuning on the part of the network administrator. better behaved. Therefore. cs. Whenever the queue overflows.

916648. 1790341) [4] Juliusz Chroboczek. Debanjan Saha. 71 Resilient Stochastic Fair Blue (RSFB [6]) The existing Active Queue Management (AQM) algorithms. acm. . 2009. Shin (April 1999). edu/ techreports/ cse/ 99/ CSE-TR-387-99. Michigan Computer Science Technical Report (CSE–TR–387–99). The basic idea behind RSFB is to record the responsive normal TCP flows and rescue their dropped packets. An implementation of SFB for Linux[4] has been included in Linux since version 2. A Resilient Stochastic Fair Blue (RSFB) algorithm was proposed against spoofing DDoS attacks.1109/INFCOM. pdf).jussieu. INFOCOM 2001 3: 1520–1529. are notably vulnerable to spoofing Distributed Denial-of-Service (DDoS) attacks. pdf?attredirects=0). . . [3] Implementations An implementation of Blue is part of ALTQ.39. "Stochastic Fair Blue: an algorithm for enforcing fairness" (http:/ / www.2001. An implementation of SFB for the Linux kernel (http:/ / www. retrieved 2010-12-22 [2] Wu-Chang Feng. doi:10. in International Symposium on Communication and Information Technology (ISCIT). Ref (http:/ / portal. and Zhiping Cai. the flow has been shown to not react to congestion indications from the network. pps. Shin (April 2001). Kang G. umich. PDF). thefengs. References [1] Wu-chang Feng. Jianping Yin.com/wuchang/blue/). and rate-limited.6. Proc. RSFB algorithm is effective in preserving the TCP throughput in the presence of spoofing DDoS attacks.pps.thefengs.fr/~jch/software/sfb/). RSFB: a Resilient Stochastic Fair Blue algorithm against spoofing DDoS attacks (http:/ / sites.Blue (queue management algorithm) When a flow's drop/mark probability reaches 1. Kandlur. Such an inelastic flow is put in a "penalty box". com/ site/ cwzhangres/ home/ files/ RSFBaResilientStochasticFairBluealgorithmagainstspoofingDDoSattacks. "BLUE: A New Class of Active Queue Management Algorithms" (http:/ / www. • An implementation of SFB for the Linux kernel (http://www. Dilip D. cfm?id=1789954. Dilip D. fr/ ~jch/ software/ sfb/ ) External links • Wu-chang Feng's page about Blue and SFB (http://www. org/ citation. the alternative AQM framework for BSD Unix. Kandlur. including the fairness-aimed ones. U. eecs. google. Debanjan Saha. jussieu. Kang G. retrieved 2010-01-02 [3] Changwang Zhang. com/ wuchang/ blue/ 41_2.

Broadcast a message is in contrast to unicast addressing in which a host sends datagrams to another single host identified by a unique IP address. for example broadcasting on Ethernet. or it may be a low level networking operation. In practice. Overview Routing schemes anycast broadcast multicast unicast geocast In computer networking. for example broadcasting Message Passing Interface. broadcasting refers to transmitting a packet that will be received by every device on the network[1] . Broadcasting can be performed as a high level operation in a program. . broadcasting refers to a method of transferring a message to all recipients simultaneously. the scope of the broadcast is limited to a broadcast domain.Broadcasting (computing) 72 Broadcasting (computing) In telecommunication and information theory.

In the emerging fields of service over the Internet Protocol (IP). Both Ethernet and IPv4 use an all-ones broadcast address to indicate a broadcast packet. 2) Balance management 3) Business rule engine or Business Control engine 4) Dynamic real-time execution and provisioning 5) On-line charging and rating. etc. multicasting limits the pool of receivers to those that join a specific multicast receiver group. customer-premises equipment. for example. IPv6 also does not implement the broadcast method to prevent disturbing all nodes in a network when only a few may be interested in a particular service. Token Ring uses a special value in the IEEE 802. content) and all sources (telecommunications networks. customer experience. from all services (voice. 368. External links • Encyclopedia Britannica entry broadcast network (http://www. Broadcasting is largely confined to local area network (LAN) technologies.org/independent/networking/guide/ netbroadcasting. in order to improve operators' transaction revenue and at the same time. . p. 73 References [1] Andrew Tanenbaum (2003). The victim computer is flooded by the replies from all computers in the domain. Taking all customer interaction into account. nor is there any form of Internet-wide broadcast. Network Business Control allows service providers to • Inject business sense into the network . neither X. most notably Ethernet and token ring.Broadcasting (computing) Not all network technologies support broadcast addressing. where the performance impact of broadcasting is not as large as it would be in a wide area network. However.) the business control layer is capable of dynamically adapting network or service behavior. ISBN 0130661023.2 control field.Each customer interaction should be analyzed and handled from a business standpoint rather than from just the simple network management or charging perspectives.25 nor frame relay have broadcast capability. Instead it relies on multicast addressing a conceptually similar one-to-many routing methodology. customer-recognition. IP Multimedia Subsystem (IMS). Broadcasting may be abused to perform a DoS-attack.html) Business Control Layer Business Control Layer (BCL) is a software layer in the provider's infrastructure residing between the network/OSS and the BSS. and Packet Cable Multi-Media (PCMM) the need for real-time network changes continues to grow. and hierarchies to the OSS layer. The attacker sends fake ping request with the source IP-address of the victim computer. Business control layer key functions include: 1) Ability to simultaneously collect events from any source.com/EBchecked/topic/80540/ broadcast-network) • Network Broadcasting and Multicast (http://www. It allows providers to address customer service plans from a holistic business perspective bringing state-of-the-art capabilities like bundling. The successor to Internet Protocol Version 4 (IPv4).britannica. at customer level.comptechdoc. data. Computer Networks.

Reengineering Legacy Application to E-Business with a modified rational unified process [5] 4. The technology underlying these 74 services are built upon the Cisco SCE DPI device and the FTS Leap Business Control Engine BCE) [2] . fts-soft. References [1] [2] [3] [4] [5] http:/ / www. Retrieved 2006-08-24.FTS Software. org/ xpls/ abs_all. Charging for IP services . com/ http:/ / www. allowing providers to interact with the network during active sessions.IP services should be managed in real time. with online responses (provisioning) based on customer or operator-defined business rules. charge for P2P. be/ nl/ klantendienst/ klantendienst_thuis/ internet/ topvragen/ telemeter. Retrieved 2006-08-24.E. Sources 1. This solution is the underlying network intelligence behind their Broadband service and their TeleMeter [1] (in Dutch). Download a movie. telenet. allot. Changing dynamically the bandwidth for a customer when reaching monetary values.g. cisco. shtm http:/ / www. • Example of applications: Boots an internet connection for a limited time. aradial. Allot Communications "Bandwidth Management enables IP Service Optimization" [3]. • Dynamically detecting and charging for IP services. E.Aradial Radius & Policy servers [6]. Aradial Technologies . jsp?arnumber=1192421 [6] http:/ / www. charge for VOIP traffic. com/ . com/ html/ products_netenforcer. shtml http:/ / ieeexplore.g. • Real-time control for IP sessions and events .Providers should be able to analyze. Telenet. NV is the first company to deploy such a solution in their network. placing value on every aspect of their service plan so that their services satisfy customers needs. Cisco Systems "Bridging the Infrastructure Gap: the Importance of Service Control in Broadband Networks" [4]. record and charge for IP services. ieee.Integrates with operator legacy billing system or as a full billing for the IP services replacing the existing. 3.Business Control Layer • Analyse and monitor of customer-consumed services . page http:/ / www. • Deployments . 2. com/ en/ US/ products/ ps6151/ products_white_paper0900aecd801d8a83.

Catenet 75 Catenet Catenet is an obsolete term for a system of packet-switched communication networks interconnected via gateways. The term catenet was gradually displaced by the short-form of the term internetwork. DARPA Information Processing Techniques Office. internet (lower-case i). Catenet was the concept of linking these networks into a network of networks with specifications for compatibility of addressing and routing. at a time when network meant what is now called a local area network. V. L. Chernobyl packet A Chernobyl packet is a network packet that induces a broadcast storm or some other kind of "network meltdown". Pouzin. July 1978 [2] A Proposal for Interconnecting Packet Switching Networks.[2] a pioneer in packet-switching technology and founder of the CYCLADES network. Proceedings of EUROCOMP. isi. IEN 48. . Bronel University.[1] The term was coined by Louis Pouzin. txt The Catenet Model for internetworking. when the Internet Protocol replaced earlier protocols on the ARPANET. The term was named after the April 1986 nuclear accident at Chernobyl. pp. Cerf. The typical scenario involves an IP Ethernet datagram that passes through a gateway with both source and destination Ether and IP address set as the respective broadcast addresses for the subnetworks being gated between. 1023-36. References [1] http:/ / www. May 1974. edu/ in-notes/ ien/ ien48.

packets that initiate connection according to the standards). BSD/OS. nastygram or a lamp test segment. "the packet was lit up like a Christmas tree. FIN. a Christmas tree packet is a packet with every single option set for whatever protocol is in use. Cisco IOS. Christmas tree packets can be easily detected by intrusion-detection systems or more advanced firewalls.Christmas tree packet 76 Christmas tree packet In information technology. and IRIX display behaviors that differ from the RFC standard when queried with said packets. such as a Christmas tree packet. Since Christmas tree scan packets do not have the SYN flag turned on. From a network security point of view. org/ nmap/ man/ man-port-scanning-techniques. URG and PSH set. as in. The term derives from a fanciful image of each little option bit in a header being represented by a different-colored light bulb. all turned on. they can pass through these simple systems and reach the target host. Christmas tree packets can be used as a method of divining the underlying nature of a TCP/IP stack by sending the packets and awaiting and analyzing the responses. the TCP header of a Christmas tree packets has the flags SYN. assumptions can be made regarding the host's operating system. HP-UX. Many operating systems implement their compliance with the Internet Protocol standard (RFC 791) in varying or incomplete ways. Some stateless firewalls only check against security policy those packets which have the SYN flag set (that is. html . Versions of Microsoft Windows. Christmas tree packets are always suspicious and indicate a high probability of network reconnaissance activities. A large number of Christmas tree packets can also be used to conduct a DoS attack by exploiting the fact that Christmas tree packets require much more processing by routers and end-hosts than the 'usual' packets do." It can also be known as a kamikaze packet. External links • Nmap documentation [1] References [1] http:/ / insecure. MVS. By observing how a host responds to an odd packet. When used as part of scanning a system.

but without layer 2 information. • Drop adjacency: Packets pointing to this entry are dropped. In order to take full advantage of CEF. and Cisco HDLC. cisco. Such packets are forwarded to the next switching layer (generally fast switching) where they can be forwarded correctly. com/ en/ US/ docs/ ios/ 12_1/ switch/ configuration/ guide/ xcdcef. There are five types of adjacencies: • Null adjacency: Handles packets destined to a NULL interface. External links • CEF (Cisco Express Forwarding) site [1] • Choosing the best routing switching path [2] References [1] http:/ / www. avoiding the need for an ARP request for each table lookup. • Discard adjacency: FIB entries pointing to this type of adjacency will be discarded. but the prefix will be checked. com/ en/ US/ tech/ tk827/ tk831/ technologies_white_paper09186a00800a62d9. shtml . tunnels. it is recommended to use distributed CEF (dCEF). CEF currently supports Ethernet. cisco. • Glean adjacency: Handles packets destined for currently attached hosts. CEF consists of two key components: The Forwarding Information Base (FIB) and adjacencies. Frame Relay. This avoids the need for querying the main processor or routing table in order to get the next-hop information. Instead. html [2] http:/ / www. maintaining only the next-hop address for a particular IP-route. ATM. • Punt adjacency: Deals with packets that require special handling or can not be switched by CEF. The adjacency maintains layer 2 or switching information linked to a particular FIB entry. Function CEF is mainly used to increase packet switching speed by reducing the overhead and delays introduced by other routing techniques. where there is a FIB table on each of the line cards. like packets sent to the router itself. Packets with FIB entries pointing to NULL adjacencies will normally be dropped. fast switching will be performed on the line card itself. FDDI.Cisco Express Forwarding 77 Cisco Express Forwarding Cisco Express Forwarding (CEF) is an advanced layer 3 switching technology used mainly in large core networks or the Internet to enhance the overall network performance. PPP. The FIB is similar to the routing table generated by multiple routing protocols.

Most of the multimedia protocols as well as some other protocols (such as FTP. traffic filtering is limited to access list implementations that examine packets at the network layer. Without CBAC. However. CBAC can inspect traffic for sessions that originate from either side of the firewall. or at most. extranets and internets. while this example discusses inspecting traffic for sessions that originate from the external network. CBAC can inspect traffic for sessions that originate from the external network. This is the basic function of a stateful inspection firewall. CBAC does the deep packet inspection and hence it is termed to be a IOS Firewall. CBAC inspects traffic that travels through the firewall to discover and manage state information for TCP and UDP sessions.) However. RPC. CBAC examines not only network layer and transport layer information but also examines the application-layer protocol information (such as FTP connection information) to learn about the state of the TCP or UDP session. This state information is used to create temporary openings in the firewall's access lists to allow return traffic and additional data connections for permissible sessions (sessions that originated from within the protected internal network). (In other words. CBAC can be configured to permit specified TCP and UDP traffic through a firewall only when the connection is initiated from within the network needing protection. and SQL*Net) involve multiple control channels. the transport layer. This allows support of protocols that involve multiple channels created as a result of negotiations in the FTP control channel. CBAC also provides the following benefits: • Denial-of-Service prevention and detection • Real-time alerts and audit trails .Context-based access control 78 Context-based access control Context-based access control (CBAC) intelligently filters TCP and UDP packets based on application layer protocol session information and can be used for intranets.

com/ dlls/ 1994/ corp_102494. but decreases reliability. Use in Ethernet When cut-through switching is used in Ethernet. This technique reduces latency through the switch. . Use in InfiniBand Cut-through switching is very popular in InfiniBand networks. Adaptive switching dynamically selects between cut-through and store and forward behaviors based on current network conditions. This is only useful if there is a chance of a collision on the source port. since these are often deployed in environments where latency is a prime concern.[1] Fragment free is a variation on cut-through switching that partially addresses this problem by assuring that collision fragments are not forwarded. intel. Pure cut-through switching is only possible when when the speed of the outgoing interface is equal to the incoming interface speed. Inc. normally as soon as the destination address is processed. Fragment free will hold the frame until the first 64 bytes are read from the source to detect a collision before forwarding. [2] "Switches . References [1] "Cisco to Acquire Kalpana. Cisco Systems. wherein the switch starts forwarding a frame (or packet) before the whole frame has been received. this has become less of a problem since packet latency has become much smaller. org/ 5qaWOQRdn). . the switch is not able to verify the integrity of an incoming packet before forwarding it. webcitation.Cut-through switching 79 Cut-through switching In computer networking.[2] Use in ATM Cut-through routing was one of the important features of IP networks using ATM networks since the edge routers of the ATM network were able to use cell switching through the core of the network with low latency at all points. With higher speed links. . Archived from the original (http:/ / newsroom. A cut-through switch will forward corrupted packets where a store and forward switch will drop them. Retrieved 2011-08-13. Leading Ethernet Switching Company" (http:/ / www. cut-through switching is a method for packet switching systems.. html) on 2010-06-18. The alternative to cut-through switching is store and forward. The technology was developed by Kalpana the company that introduced the first Ethernet switch. such as supercomputer clusters.What Are Forwarding Modes and How Do They Work?" (http:/ / support. because the frame check sequence appears at the end of the frame. com/ support/ express/ switches/ sb/ cs-014410. htm). cisco.

addressing issues and requirements resulting from the multicore nature of QorIQ™ SoCs. Network and packet I/O. in order to get an accurate measure of the DDJ in a particular system. a large number of bit patterns must be analyzed (often just a PRBS) unless an analytical solution can be found. DDJ's PDF is always a series of pulses at the locations where a specific bit pattern experiences a cross over. Therefore. This creates a probability distribution for the timing of the signal edge.com. which is usually recorded in a PDF. previously transmitted symbols can affect the edge cross over time. In particular. . The infrastructure required to facilitate the flow of packets between the above The DPAA also addresses various performance related requirements especially those created by the high speed network I/O found on multicore SoCs such as the P4080 References External links • http://freescalesemi. it is a form of deterministic jitter which is correlated with the sequence of bits in the data stream.pdf • http://www.cn/cstory/ftf/2009/download/net_f0279.electropages. The DPAA includes Cores. Hardware offload accelerators.Data Path Acceleration Architecture (DPAA) 80 Data Path Acceleration Architecture (DPAA) The QorIQ™ DPAA is a comprehensive architecture which integrates all aspects of packet processing in the SoC.com/2010/08/ freescale-three-new-qoriq-processors-incorporate-data-path-acceleration/ Data-dependent jitter Data-dependent jitter (DDJ) is a specific class of timing jitter. Properties Depending on characteristics of the signal and transmission topology. It is also a form of ISI.

URP assumes that packets arrive in order.[1] Second. References [1] Kurose. and in widespread deployment by the Regional Bell Operating Companies (RBOCs)[3] . Datakit offers a packet-switched protocol called Universal Receiver Protocol (URP) that spreads PDU overhead across multiple packets and performs immediate packet processing. That is why UDP packets are generally called datagrams. packets would have to be reordered before processing. then its fragments may be referred as packets. For example. which means that for this situation immediate packet processing is no longer possible[7] . & Ross.25. developed at Bell Labs[1] for both local-area and wide-area networks[2] . but there are some nuances. if a datagram fragments. On top of DK transport service. James F. Datakit Virtual Circuit Switch (VCS) nodes connect to the Datakit network with a Datakit interface (IOA)[5] . "Computer Networking: A Top-Down Approach" ISBN 0-321-49770-8 [2] RFC 793 Datakit Datakit is a virtual circuit-switched network layer computer networking protocol similar to X.Datagram 81 Datagram A datagram is a basic transfer unit associated with a packet-switched network in which the delivery arrival time and order are not guaranteed. A datagram consists of header and data areas. remote printing. Keith W. . TCP/IP is also run over Datakit links. remote login. from slow speed EIA-232 to 500Mbit fiber optic links (called FIBERKIT)[4] . However. (2007). ISN is the version of Datakit that was supported by AT&T Information Systems. The source and destination addresses as well as a type field are found in the header of a datagram. At the physical layer. while the term datagram is generally reserved for packets of an "unreliable" service. TCP refers to its fragments as TCP segments. However. the term packet applies to any message formatted as a packet. Most of Bell Laboratories was trunked together on Datakit. not packets. It supports file transfers. and remote command execution. where the header contains information sufficient for routing from the originating equipment to the destination without relying on prior exchanges between the equipment and the network. IP itself provides an unreliable service and UDP over IP also provides an unreliable one. First.[2] presumably to assert that its fragments are reliable. The term datagram is often considered synonymous to "packet". it can operate over multiple media. several operating systems (including UNIX) implemented UUCP for electronic mail and dkcu for remote login[6] . but not as datagrams. On a network with misordering. An "unreliable" service does not notify the user if delivery fails.

from the Free On-line Dictionary of Computing [2] http:/ / techreports. com/ issues. html?issue=18& id=9#article [7] http:/ / www. ieee. html [3] Network Dictionary By Javvin [4] http:/ / ieeexplore. jsp?url=/ iel2/ 717/ 971/ 00025918. org/ Xplore/ login. com/ 5583859. freepatentsonline. berkeley. 1. html [6] http:/ / www. phrack. lib. html .Datakit 82 References [1] Datakit. htm?context=r307-00& file=ch5r307-00d. com/ vos/ 15. pdf?arnumber=25918 [5] http:/ / stratadoc. edu/ accessPages/ CSD-88-474. stratus. 1/ r307-00/ wwhelp/ wwhimpl/ js/ html/ wwhelp.

where he headed and transformed its computing activity. The ACE project was overambitious and foundered. even if they were for a theoretical computer. In 1955. died a few months later.[4] Davies then worked for a while on applications such as traffic simulation and machine translation. leading to Turing's departure.[4] He first presented his ideas on packet switching at a conference in Edinburgh on 5 August 1968. It was replaced with the Mark II in 1973. he was also awarded the Lubbock memorial Prize as the outstanding mathematician of his year. Davies helped build a packet switched network called the Mark I to serve the NPL in the UK. In 1966 he returned to the NPL at Teddington just outside London.[4] Davies took the project over and concentrated on delivering the less ambitious Pilot ACE computer. and built it into the ARPANET. Wales.[5] From 1947. which first worked in May 1950. These were perhaps some of the first "programming" errors in existence. which evolved into the Internet.[7] Larry Roberts of the Advanced Research Projects Agency in the United States became aware of the idea. influencing other research in the UK and Europe. they had a daughter and two sons.[3] He received a BSc degree in physics (1943) at Imperial College London. where he saw that a significant problem with the new time-sharing computer systems was the cost of keeping a phone connection open for each user.[4] He then returned to Imperial taking a first class degree in mathematics (1947). he worked at the National Physical Laboratory (NPL) where Alan Turing was designing the Automatic Computing Engine (ACE) computer. In the early 1960s. Wales 28 May 2000 (aged 75) Welsh Computer science National Physical Laboratory Died Nationality Fields Institutions Alma mater Imperial College Known for Packet switching Donald Watts Davies. the universal Turing machine. DEUCE was manufactured by English Electric Computers and became one of the best-selling machines of the 1950s. He became interested in data communications following a visit to the Massachusetts Institute of Technology.[3] on the nuclear weapons Tube Alloys project at Birmingham University. he worked on Government technology initiatives designed to stimulate the British computer industry.[4] . CBE FRS[1] (7 June 1924 – 28 May 2000) was a Welsh computer scientist who was the inventor of packet switching (and originator of the term).[6] In 1970. where he went to school. and remained in operation until 1986. he married Diane Burton. His father. A commercial spin-off. and his mother took Donald and his twin sister back to her home town of Portsmouth. a clerk at a coalmine. and then joined the war effort working as an assistant to Klaus Fuchs.Donald Davies 83 Donald Davies Donald Watts Davies Born 7 June 1924 Treorchy. much to Turing's annoyance. It is said that Davies spotted mistakes in Turing's seminal 1936 paper On Computable Numbers.[2] Career history Davies was born in Treorchy in the Rhondda Valley.

R. html).1098/rsbm. (2002).co. M.isoc. Internet Guide. Includes footage of Donald W.net/) • Famous names at NPL (http://www. 2010.thocp. uk/ DonaldWattsDavies.uk/about/famous_names/) • Obituary (http://www. from the 1947 design work of Alan Turing to the development of the two ACE computers.0006. ISSN 0958-7403 [5] Obituary (http:/ / www.com/ videoplay?docid=4989933629762859961). Biographical Memoirs of Fellows of the Royal Society 48: 87.co. The Guardian.B.guardian. Price: Security for Computer Networks. htm) External links • Oral history interview with Donald W. htm) [4] Martin Cambell-Kelly. documentary ca.shtml) from the Internet Society (ISOC) • UK National Physical Laboratory (NPL) & Donald Davies (http://www. • With W. Engineering & Technology. University of Minnesota. a CBE in 1983 and a Fellow of the Royal Society in 1987. IET.edu/oh/display. second ACE. Charles Babbage Institute. [2] "Donald Watts Davies" (http:/ / www.uk/news/2000/jun/02/guardianobituaries2) from The Guardian • Obituary (http://www. co. C. 1972 about the ARPANET.thocp.28 May 2000".livinginternet. "Network pioneer remembered".livinginternet.cbi.net/biographies/davies_donald. [6] Luke Collins. Barber. guardian.K. . co. D. doi:10.umn. [3] The History of Computing Project .com/i/ii_npl. 44. and the decision to contract with English Electric Company to build the DEUCE -. He became particularly interested in computer network security. 84 Books • With D. uk/ news/ 2000/ jun/ 02/ guardianobituaries2). Solomonides: Computer Networks and Their Protocols. 2 June 2000. Wiley. 1979. net/ biographies/ davies_donald.google.org/internet/history/davies.npl.E. C. • Biography (http://www. He retired from the NPL in 1984. Davies (http://www. "Donald Watts Davies. 6 September 2008 [7] Packet Switching (http:/ / www. Wiley. Pioneer Profiles: Donald Davies. internet-guide.htm) from Living Internet (http://www. National Physical Laboratory.possibly the first commercially produced computer in Great Britain.phtml?id=116). becoming a security consultant to the banking industry.com/) • Computer Networks: The Heralds of Resource Sharing (http://video.[4] Davies was appointed a Distinguished Fellow of the British Computer Society in 1975. Barber: Communication Networks for Computers. com/ i/ iw_packet. 1973. References [1] Needham.2002. Davies (at 19m20s). thocp.htm) from the History of Computing Project (http://www.Donald Davies Biography (http:/ / www. 7 June 1924 . Davies describes computer projects at the U.Donald Davies Davies relinquished his management responsibilities in 1979 to return to research. Computer Resurrection. Autumn 2008. Davies discusses a much larger. Price. . • With W. 1984. livinginternet. Wiley.

. Protocol Design DPT is implemented as two counter-rotating rings. there are methods for communicating not only application data between the nodes of a DPT network.17 standard. it is quite similar to POS and DTM. and increased throughput in common situations. and the bounds can easily be observed and predicted. data dependent jitter. DPT is not a PPP whereas POS is. It is necessary for the nodes to be able to communicate control data between each other in case of a fiber cut or link failure so the nodes can forward traffic on the appropriate interfaces and maintain network connectivity. DPT as opposed to POS or normal SONET/SDH is able to use both rings at the same time whereas POS only uses one ring under normal circumstances but switches to the second upon failure of the first. and duty-cycle dependent jitter. The other major class of jitter is non-deterministic. Spatial Reuse Protocol or SRP. the control data will notify the applicable routers of the failure and all the routers will switch to using only their active interfaces for data and control packets. but once a failure occurs. Types of Data in DPT Networks As with most other lower layer protocols. Deterministic Jitter includes different categories such as periodic jitter. this means that traffic between two nodes of a DPT ring does not affect intermediate nodes. The peak-to-peak value of this jitter is bounded. This design provides for redundancy in case of a fiber cut or link failure. It was one of the major influences on the Resilient Packet Ring/802. The use of SRP in conjunction with DPT makes it possible for DPT to communicate with the physical layer. Both control packets. Dynamic Packet Transport Dynamic packet transport (DPT) is a Cisco transport protocol designed for use in optical fiber ring networks. Cisco claims that DPT can run with double the bit-rate of POS due to this characteristic. Characteristics Deterministic jitter is clock timing jitter or data signal jitter that is predictable and reproducible. This means the network is composed of two completely separate rings of fiber that are both able to transmit data concurrently. With the introduction of DPT came the introduction of another Cisco developed MAC layer protocol. In overview. or random jitter. and data packets are transmitted on both rings in order to maintain connectivity and full bandwidth utilization in normal situations.Deterministic jitter 85 Deterministic jitter Deterministic jitter (or DJ) is a type of jitter with a known non-Gaussian probability distribution.

and an FCS used to validate the data. Fast packet switching In telecommunications. Cell relay and frame relay are two implementations of fast packet switching. its. It contains a source and destination MAC address (both 48-bits long).Dynamic Packet Transport 86 DPT Packet Structure The structure of a DPT Packet is quite similar to that of Ethernet. DPT Topologies Both DPT and SRP are independent of their physical layers. References •  This article incorporates public domain material from the General Services Administration document "Federal Standard 1037C" [1]. fast packet switching is a packet switching technique that increases the throughput by eliminating overhead. a protocol type identifier (used for identifying the upper layer protocol contained in the payload). or IPS. htm . This means that the DPT protocol can operate above several physical mediums such as SONET/SDH.25 switches. As aforementioned. Gigabit Ethernet. bldrdoc. Overhead reduction is accomplished by allocating flow control and error correction functions to either the user applications or the network nodes that interface with the user. This ensures that a fiber cut or link failure (layer 1 error) will be rectified and IP traffic will be resumed within 50 ms. The method for switching between these two rings in the event of a failure is called Intelligent Protection Switching. References [1] http:/ / www. DPT also contains a "plug and play" feature which dynamically fetches the MAC addresses of neighboring devices which provides for very simple configuration with little to no setup prior to functional data transfer. and others.25 interfaace as faster speeds than eisting X. gov/ fs-1037/ fs-1037c. DPT is composed of two rings for fault tolerance and increased throughput. FPS does not refer to a switch that can directly support packet switching over an X.

• A Firewall is a security system that adds a level of protection between your computer and the internet.Firewall (computing) 87 Firewall (computing) A firewall is a device or set of devices designed to permit or deny network transmissions based upon a set of rules and is frequently used to protect networks from unauthorized access while permitting legitimate communications to pass. firewall on each computer help to prevent the spread of virus in a network Many personal computer operating systems include software-based firewalls to protect against threats from the public Internet. and NASA Ames. "We are currently under attack from an Internet VIRUS! It has hit Berkeley. • Firewall helps to prevent viruses and worms to enter into your computer. History The term firewall originally referred to a wall intended to confine a fire or potential fire within a building. Stanford." . An illustration of where a firewall would be located in a network. conversely. an employee at the NASA Ames Research Center in California sent a memo by email to his colleagues [3] that read. • If one of the computers is infected. Firewall technology emerged in the late 1980s when the Internet was a fairly new technology in terms of its global use and connectivity. many firewalls can perform [1] basic routing functions. Many routers that pass data between networks contain firewall components and. The predecessors to firewalls for network security were the routers used in [2] the late 1980s: An example of a user interface for a firewall on Ubuntu (Gufw) • Clifford Stoll's discovery of German spies tampering with his system[2] • Bill Cheswick's "Evening with Berferd" 1992 in which he set up a simple electronic to observe an attacker[2] • In 1988. UC San Diego. Later uses refer to similar structures. such as the metal sheet separating the engine compartment of a vehicle or aircraft from the passenger compartment. Lawrence Livermore.

and Kshitij Nigam. This type of packet filtering pays no attention to whether a packet is part of an existing stream of traffic (i. and. if a rule in the firewall exists to block telnet access. Though there is still a set of static rules in such a firewall. with a little bit of peeking into the transport layer to figure out source and destination port numbers.[5] Packet filters act by inspecting the "packets" which represent the basic unit of data transfer between computers on the Internet. the Morris Worm was the first large scale attack on Internet security. the port number). Bill Cheswick and Steve Bellovin were continuing their research in packet filtering and developed a working model for their own company based on their original first generation architecture. or is an invalid packet. those types of traffic (such as web browsing.[7] Packet filtering firewalls work mainly on the first three layers of the OSI reference model.e. the state of a connection can itself be one of the criteria which trigger specific rules. work up to layer 4 (transport layer) of the OSI model. This technology is generally referred to as a stateful packet inspection as it maintains records of all connections passing through the firewall and is able to determine whether a packet is the start of a new connection. file transfer). the packet filter will drop (silently discard) the packet. This type of firewall can actually be exploited by certain Denial-of-service attacks which can fill the connection tables with illegitimate connections. when engineers from Digital Equipment Corporation (DEC) developed filter systems known as packet filter firewalls. unless the machines on each side of the packet filter are both using the same non-standard ports. which means most of the work is done between the network and physical layers. the device checks for matches to any of the packet filtering rules that are configured in the firewall and drops or rejects the packet accordingly. and send "error responses" to the source).Firewall (computing) • The Morris Worm spread itself through multiple vulnerabilities in the machines of the time. Second-generation firewalls. Dave Presetto. Janardan Sharma. in addition to what first-generation look for. it filters each packet based only on information contained in the packet itself (most commonly using a combination of the packet's source and destination address. a part of an existing connection.[4] 88 First generation: packet filters The first paper published on firewall technology was in 1988. and thus control. . For example. and because TCP and UDP traffic by convention uses well known ports for particular types of traffic. developed the second generation of firewalls. its protocol. TCP and UDP protocols constitute most communication over the Internet. a "stateless" packet filter can distinguish between. [6] for TCP and UDP traffic. If a packet matches the packet filter's set of rules. Therefore they regard placement of each individual packet within the packet series. calling them circuit level firewalls. the online community was neither expecting an attack nor prepared to deal with one. Instead.[8] When a packet originates from the sender and filters through a firewall. This fairly basic system was the first generation of what became a highly evolved and technical internet security feature. At AT&T Bell Labs. remote printing. Although it was not malicious in intent. or reject it (discard it. it filters the packet on a protocol/port number basis (GSS). email transmission. it stores no information on connection "state"). then the firewall will block the TCP protocol for port number 23. [9] Second generation: "stateful" filters From 1989-1990 three colleagues from AT&T Bell Laboratories. When the packet passes through the firewall.

An application firewall can filter higher-layer protocols such as FTP. An application firewall is much more secure and reliable compared to packet filter firewalls because it works on all seven layers of the OSI model. As a consequence these advanced version of the "Third Generation" firewalls are being referred to as "Next Generation" and surpass the "Second Generation" firewall. Subsequent developments In 1992. authpf on BSD systems loads firewall rules dynamically per user. after authentication via SSH. For example. This is similar to a packet filter firewall but here we can also filter information on the basis of content. Many firewalls provide such features by binding user identities to IP or MAC addresses. McAfee Firewall Enterprise & Palo Alto PS Series firewalls.Firewall (computing) 89 Third generation: application layer The key benefit of application layer filtering is that it can "understand" certain applications and protocols (such as File Transfer Protocol. or web browsing). In 2009/2010 the focus of the most comprehensive firewall security vendors turned to expanding the list of applications such firewalls are aware of now covering hundreds and in some cases thousands of applications which can be identified automatically. . Bob Braden and Annette DeSchon at the University of Southern California (USC) were refining the concept of a firewall. HTTP. DHCP. In 1994 an Israeli company called Check Point Software Technologies built this into readily available software known as FireWall-1. DNS. if an organization wants to block all the information related to "foo" then content filtering can be enabled on the firewall to block that particular word. which is very approximate and can be easily turned around. Another axis of development is about integrating identity of users into Firewall rules. The product known as "Visas" was the first system to have a visual integration interface with colors and icons. Software-based firewalls (MS-ISA) are much slower than hardware based stateful firewalls but dedicated appliances (McAfee & Palo Alto) provide much higher performance levels for Application Inspection. The existing deep packet inspection functionality of modern firewalls can be shared by Intrusion-prevention systems (IPS). Many of these applications can not only be blocked or allowed but manipulated by the more advanced firewall products to allow only certain functionality enabling network security administrations to give users functionality without enabling unnecessary vulnerabilities. Telnet. and it can detect if an unwanted protocol is sneaking through on a non-standard port or if a protocol is being abused in any harmful way. Currently. The NuFW firewall provides real identity-based firewalling. TCP. which could be easily implemented and accessed on a computer operating system such as Microsoft's Windows or Apple's MacOS. from the application down to the physical Layer. Good examples of application firewalls are MS-ISA (Internet Security and Acceleration) server. It is expected that due to the nature of malicious communications this trend will have to continue to enable organizations to be truly secure. DNS. by requesting the user's signature for each connection. UDP and TFTP (GSS). the Middlebox Communication Working Group of the Internet Engineering Task Force (IETF) is working on standardizing protocols for managing firewalls and other middleboxes.

data transfer. not allowing packets to pass through the firewall unless they match the established rule set.e. Stateless firewalls require less memory. UDP or TCP ports. or completion connection). application firewalls further filter connections by examining the process ID of data packets against a ruleset for the local process involved in the data transmission. [10] Network layer and packet filters Network layer firewalls. Network layer firewalls generally fall into two sub-categories. destination service like WWW or FTP. In principle. The firewall administrator may define the rules. handshaking. and can be faster for simple filters that require less time to filter than to look up a session. Stateful firewalls maintain context about active sessions. Given the variety of software that exists. If a packet matches an existing connection based on comparison with the firewall's state table. These per process rulesets have limited efficacy in filtering every . and may intercept all packets traveling to or from an application. On inspecting all packets for improper content. it will be evaluated according to the ruleset for new connections. such as sharing services. operate at a relatively low level of the TCP/IP protocol stack.. or default rules may apply.Firewall (computing) 90 Types There are different types of firewalls depending on where the communication is taking place. Commonly used packet filters on various versions of Unix are ipf (various). ipfw (FreeBSD/Mac OS X). They block other packets (usually dropping them without acknowledgment to the sender). The term "packet filter" originated in the context of BSD operating systems. and all other BSDs). iptables/ipchains (Linux). Application firewalls function by determining whether a process should accept any given connection. Any existing network connection can be described by several properties. also called packet filters. They may also be necessary for filtering stateless network protocols that have no concept of a session. Application firewalls accomplish their function by hooking into socket calls to filter the connections between the application layer and the lower layers of the OSI model. However. prompts are used to define rules for processes that have not yet received a connection. or all telnet or ftp traffic). Modern firewalls can filter traffic based on many packet attributes like source IP address. and many other attributes. Application firewalls work much like a packet filter but application filters apply filtering rules (allow/block) on a per process basis instead of filtering connections on a per port basis. It is rare to find application firewalls not combined or used in conjunction with a packet filter. where the communication is intercepted and the state that is being traced. it will be allowed to pass without further processing. all browser traffic. TTL values. Application-layer Application-layer firewalls work on the application level of the TCP/IP stack (i. including source and destination IP address. firewalls can restrict or prevent outright the spread of networked computer worms and trojans. source port. The extent of the filtering that occurs is defined by the provided ruleset.[11] Also. application firewalls only have more complex rulesets for the standard services. netblock of originator. Application firewalls that hook into socket calls are also referred to as socket filters. application firewalls can prevent all unwanted outside traffic from reaching protected machines. and the current stage of the connection's lifetime (including session initiation. they cannot make more complex decisions based on what stage communications between hosts have reached. pf (OpenBSD. and use that "state information" to speed packet processing. Generally. stateful and stateless. The additional inspection criteria can add extra latency to the forwarding of packets to their destination. They can filter based on protocols. destination IP address or port. If a packet does not match an existing connection. of the source.

as defined in RFC 1918. these per process ruleset cannot defend against modification of the process via exploitation. the NAT function was developed to address the limited number of IPv4 routable addresses that could be used or assigned to companies or individuals as well as reduce both the amount and therefore cost of obtaining enough public addresses for every computer in an organization. html [11] http:/ / www. php TCP vs. checkpoint. google. com/ connect/ articles/ software-firewalls-made-straw-part-1-2 [12] http:/ / www. intruders may hijack a publicly-reachable system and use it as a proxy for their own purposes. wanredundancy. html The History of Firewalls [6] http:/ / www. internetfirewall. Proxies make tampering with an internal system from the external network more difficult and misuse of one internal system would not necessarily cause a security breach exploitable from outside the firewall (as long as the application proxy remains intact and properly configured). unm.6607496& dq=firewall& hl=en) by Charles Duhigg. edu/ ~treport/ tr/ 02-12/ firewall.Talal Alkharobi [4] RFC 1135 The Helminthiasis of the Internet (http:/ / tools. symantec. Because of these limitations. skullbox. by Cheswick et al. Firewalls and Internet security: repelling the wily hacker [9] Aug 29. Bellovin. net/ tcpudp. the proxy then masquerades as that system to other internal machines.Firewall (computing) possible association that may occur with other processes. com/ resources/ firewall/ ). sa/ user062/ CSE55101/ firewall. 2003 Virus may elude computer defenses (http:/ / news. edu. Conversely.[12] 91 Proxies A proxy device (running either on dedicated hardware or as software on a general-purpose machine) may act as a firewall by responding to input packets (connection requests. Rubin (2003). application firewalls are beginning to be supplanted by a new generation of application firewalls that rely on mandatory access control (MAC). google. pdf) Firewalls by Dr. and the hosts protected behind a firewall commonly have addresses in the "private address range". " Google Books Link (http:/ / books. cs. also referred to as sandboxing. References [1] Definition of Firewall (http:/ / www. UDP By Erik Rodriguez [8] William R. Network address translation Firewalls often have network address translation (NAT) functionality. Originally. tech-faq. Hiding the addresses of protected devices has become an increasingly important defense against network reconnaissance. by Cheswick et al. kfupm. ietf. com/ newspapers?id=neIqAAAAIBAJ& sjid=Vo4EAAAAIBAJ& pg=4057. com/ firewall. Check PointResources [2] A History and Survey of Network Firewalls (http:/ / www. com/ connect/ articles/ software-firewalls-made-straw-part-1-2 . such as memory corruption exploits. org/ article/ internet-firewall-basics/ the-history-of-firewalls. org/ resources/ firewall/ network-layer-firewall Network Layer Firewall [7] http:/ / www. pdf) Kenneth Ingham and Stephanie Forrest [3] (http:/ / ocw. com/ books?id=_ZqIh0IbcrgC& lpg=PA142& dq=Firewalls and Internet Security. Firewalls often have such functionality to hide the true address of protected hosts. Aviel D. An example of a next generation application firewall is AppArmor included in some Linux distributions. symantec. Also. While use of internal address spaces enhances security. org/ html/ rfc1135) [5] http:/ / www. Steven M. & pg=PA176#v=onepage& q=Firewalls and Internet Security. for example) in the manner of an application. while blocking other packets. Cheswick. Washington Post [10] Firewall http:/ / www. & f=false)". to protect vulnerable services. crackers may still employ methods such as IP spoofing to attempt to pass packets to a target network.

pdf) provides an overview of firewalls at the various ISO levels. The frame is also an entity for time-division duplex.securityfocus.e. a frame is typically an entity at the physical layer.a technical view on software firewall design and potential weaknesses • Building Internet Firewalls (http://oreilly. October 1989. Retrieved 2010-06-07.com/infocus/1840) . If a receiver is connected to the system in the middle of a frame transmission. • A History and Survey of Network Firewalls (http://www. and consists of a link-layer header followed by a packet.unm.cisco. References [1] "Data Link Layer (Layer 2)" (http:/ / www. org/ html/ rfc1122& #035. compiled by Matt Curtin.Discusses different architectures and their differences. PPP frames and V."[2] Examples are Ethernet frames (maximum 1500 byte plus overhead). In telecommunications. a frame is a digital data transmission unit or data packet that includes frame synchronization. • Evolution of the Firewall Industry (http://www.com/catalog/9781565928718) Second Edition. one for each logical TDM channel or TDMA transmitter. a sequence of bits or symbols making it possible for the receiver to detect the beginning and end of the packet in the stream of symbols or bits. Retrieved 2010-01-31. how packets are processed. with references to the original papers where first firewall work was reported. [2] "RFC 1122: Requirements for Internet Hosts — Communication Layers" (http:/ / tools. p. TDM application examples are SONET/SDH and the ISDN circuit switched B-channel.com/infocus/1839) and Software Firewalls: Made of Straw? Part 2 (http://www. In computer networking. Marcus Ranum and Paul Robertson. The TCP/IP Guide. RFC 1122.htm) .edu/~treport/tr/02-12/firewall.page-18). 2005-09-20.securityfocus. . 18.[1] A frame is "the unit of transmission in a link layer protocol. com/ free/ t_DataLinkLayerLayer2. In this consist.org/faqs/firewalls-faq/). ietf. O’Reilly .Firewall (computing) 92 External links • Internet Firewalls: Frequently Asked Questions (http://www. a frame is a cyclically repeated data block that consists of a fixed number of time slots.faqs. tcpipguide. • Software Firewalls: Made of Straw? Part 1 (http://www. i. specifically time-division multiplex (TDM) and time-division multiple access (TDMA). IETF.a thorough reference and tutorial Frame (networking) In computer networking and telecommunication.42 modem frames. . a frame is a data packet on the Layer 2 of the OSI model. . and provides a timeline of the evolution. htm). TDMA examples are the 2G and 3G circuit switched cellular voice services.cs.com/univercd/cc/td/doc/product/iaabu/centri4/user/ scf4ch3. where the mobile terminal may transmit during some timeslots and receive during others. it ignores the data until it detects a new frame synchronization sequence.

Frame Relay 16 bits. It may then discard the data. The receiving host computes the checksum on the frame using the same algorithm. HDLC 16 or 32 bits.Cisco Systems"]. This number is added to the end of a frame that is sent. which is an IP packet. and other data link layer protocols. By far the most popular FCS algorithm is a cyclic redundancy check (CRC). shtml) . LLC bytes are also included with the Data field in the IEEE standard frames. Frames are used to send upper-layer data and ultimately the user application data from a source to a destination. If the two numbers are different. the frame is discarded. Such an FCS generally appears immediately before the frame-ending delimiter. An Ethernet frame. bytes. and adds control information to help deliver the packet to the destination node. Extra bytes may be added so frames have a minimum length for timing purposes. The data package includes the message to be sent. cisco. X. . The FCS is often transmitted in such a way that the receiver can compute a running sum over the entire frame. including the trailing FCS.Frame check sequence 93 Frame check sequence A frame check sequence (FCS) refers to the extra checksum characters added to a frame in a communication protocol for error detection and correction. and expect to see a fixed result (such as zero) when it is correct. an error is assumed.com . 100615 cisco. The sending host computes a checksum on the entire frame and appends this as a trailer to the data. or user application data. and fields contained within them.25 16 or 32 bits. The FCS field contains a number that is calculated by the source node based on the data in the frame.[1] Point-to-Point Protocol (PPP) 16 or 32 bits. References [1] "Frame Relay Glossary [Frame Relay (http:/ / www. This way it can detect whether any data was lost or altered in transit. are susceptible to errors from a variety of sources. The LLC sublayer takes the network protocol data. and compares it to the received FCS. Layer 2 communicates with the upper layers through LLC. When the destination node receives the frame the FCS number is recalculated and compared with the FCS number included in the frame. com/ en/ US/ tech/ tk713/ tk237/ technologies_tech_note09186a00801e32e7. including the FCS terminating the frame. (OSI model) All frames and the bits. used in the Ethernet with 32 bits. and request retransmission of the faulty frame.

as the communications industry moves toward an all IP core and edge network.8261 recommendation publication [1] References [1] http:/ / www. there is a need to provide synchronization functionality to traditional TDM-based applications. Data transfer rates in gigapackets per second are associated with high speed networks. . Usage Packet networks have been inherently asynchronous.8261 ITU-T Recommendation G. This is essential for the interworking with PSTN. The goal is provide a Primary Reference Clock (PRC) traceable clock for the TDM applications.8261 94 G. itu. the minimum requirements that network equipment at the TDM interfaces at the boundary of these packet networks can tolerate. However. int/ rec/ T-REC-G.pactiming) "Timing and Synchronization Aspects in Packet Networks" specifies the upper limits of allowable network jitter and wander.5 Gbit/s and OC-192 at 10 Gbit/s. especially fiber optic networks. and the minimum requirements for the synchronization function of network equipment. 8261-200804-I/ en Gigapackets Gigapackets are billions (109) of packets or datagrams. These rates are seen in network speeds of gigabit Ethernet or 10 Gigabit Ethernet and SONET Optical Carrier rates of OC-48 at 2. The packet is the fundamental unit of information in computer networks.1361 (formerly G. External links • ITU-T G.G. The bit rates that are used to create gigapackets are in the range of gigabits per second.8261/Y.

The resulting structure is here referred to as the (Secured) Command Packet. 48/ 0348-890.g. com). zip).48 95 GSM 03. htm).48 Java API and Realization Library" (https:/ / gsm0348. org/ ftp/ Specs/ archive/ 03_series/ 03. If so indicated in the Command Header. [2] "GSM 03. Under normal circumstances the Receiving Entity receives the Command Packet and unpacks it according to the security parameters indicated in the Command Header. References [1] "GSM 03. subject to constraints in the transport layer.GSM 03. 3gpp. The Sending Entity prepends a Security Header (the Command Header) to the Application Message. with an indication of the security to be applied to the message. . Both the Response Header and the application specific data are secured using the security mechanisms indicated in the received Command Packet.48 Version 890" (http:/ / www.48 Scope It is used to the exchange of secured packets between an entity in a GSM PLMN and an entity in the SIM. The Response Packet consists of a Security Header (the Response Header) and optionally. 3gpp. The Response Packet will be returned to the Sending Entity.48 have been applied. Application messages are commands or data exchanged between an application resident in or behind the GSM PLMN and on the SIM. . Retrieved 16 May 2011. the Receiving Entity shall create a (Secured) Response Packet. timing). (e. application specific data supplied by the Receiving Application. Retrieved 16 May 2011. The Receiving Entity subsequently forwards the Application Message to the Receiving Application indicating to the Receiving Application the security that was applied. Retrieved 16 May 2011. including any padding octets. . org/ ftp/ Specs/ html-info/ 0348. Secured Packets contain application messages to which certain mechanisms according to GSM 03. [1] [2] [3] Overview The Sending Application prepares an Application Message and forwards it to the Sending Entity. googlecode. . [3] "3GPP Standard Page" (http:/ / www. It then applies the requested security to part of the Command Header and all of the Application Message. The interface between the Sending Application and Sending Entity and the interface between the Receiving Entity and Receiving Application are proprietary.

Hosts are "strongly recommended" to implement path MTU discovery to take advantage of MTUs greater than the smallest MTU of 1280 octets. but this may also be a higher layer tunneling protocol.g. The 6 most-significant bits are used for DSCP. but may be data for an Internet Layer (e.[1] It has the following format: Fixed header format Offsets Octet Octet 0 4 8 12 16 20 24 28 32 36 Bit   0  32  64  96 128 160 192 224 256 288 Destination Address 0 1 2 3  0  1  2  3  4  5  6  7  8  9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 Version Traffic Class Payload Length Source Address Flow Label Next Header Hop Limit Version (4 bits) The constant 6 (bit sequence 0110). as they do for IPv4. [1] Routers do not fragment IPv6 packets. such as IPv4 when using 6to4 or Teredo transition technologies. The control information in IPv6 packets is subdivided into a mandatory fixed header and optional extension headers. Packets consist of control information for addressing and routing.[2] [3] The remaining two bits are used for ECN. ICMPv6) or Link Layer (e. Flow Label (20 bits) Originally created for giving real-time applications special service. The payload of an IPv6 packet is typically a datagram or segment of the higher-level Transport Layer protocol.[5] [6] and first uses of this field are emerging. such as Ethernet which encapsulates each packet in a frame. IPv6 packets are typically transmitted over a Link Layer protocol.[7] Payload Length (16 bits) . Hosts may use fragmentation to send packets larger than the observed path MTU.IPv6 packet 96 IPv6 packet An IPv6 packet is the smallest message entity exchanged via the Internet Protocol across an Internet Protocol version 6 (IPv6) network. Fixed header The fixed header of an IPv6 packet consists of its first 40 octets (320 bits).. OSPF) instead.[1] Flow Label specifications and minimum requirements are described. and a payload consisting of user data.[4] priority values subdivide into ranges: traffic where the source provides congestion control and non-congestion control traffic. Traffic Class (8 bits) The bits of this field hold two values. which is used to classify packets..g.

The values are shared with those used for the IPv4 protocol field. code 1). including sending and receiving node.[1] The headers form a chain. some extension headers require internal padding to meet this requirement. In order to increase performance.[8] Next Header (8 bits) Specifies the type of the next header. Hop Limit (8 bits) Replaces the time to live field of IPv4. and since current link layer technology is assumed to provide sufficient error detection[9] . using the Next Header fields. The defined extension headers below are listed in the preferred order. . This value is decremented by one at each intermediate node the packet visits. Extension headers are to be examined and processed at the packet's destination only. as both fields have the same function (see List of IP protocol numbers). except for Hop-by-Hop Options. should there be more than one extension header following the fixed header. Source Address (128 bits) The IPv6 address of the sending node. When the counter reaches 0 the packet is discarded. This field usually specifies the transport layer protocol used by a packet's payload. except for the Destination Options header.[1] When a Next Header value 0 appears in a header other than the fixed header a node should do the same. Destination Address (128 bits) The IPv6 address of the destination node(s). and new extension headers may be defined in the future. All extension headers are a multiple of 8 octets in size. the Next Header field of the last extension header indicates the type of the upper-layer protocol header in the payload of the packet. the header has no checksum to protect it. it should discard the packet and send an Parameter Problem message (ICMPv6 type 4. The length is set to zero when a Hop-by-Hop extension header carries a Jumbo Payload option. [1] There are several extension headers defined. If a node does not recognize a specific extension header. and are placed between the fixed header and the upper-layer protocol header. When extension headers are present in the packet this field indicates which extension header follows. which need to be processed at every intermediate node on the packet's path.IPv6 packet The size of the payload in octets. which may appear twice. The Next Header field in the fixed header indicates the type of the first extension header. Note that all extension headers are optional and should only appear at most once. including any extension headers.[1] 97 Extension headers Extension headers carry optional Internet Layer information.

Options are TLV-coded. Carries encrypted data for secure communication. Options and Padding Next Header (8 bits) Specifies the type of the next header. Hop-by-Hop Options and Destination Options extension header format Offsets Octet Octet 0 4 8 . blocks of 8 octets are added to the header repeatedly—containing options and padding—until all options are represented.. . This data should be ignored by hosts. Options (variable) Contains one or more options. Methods to specify the route for a datagram (used with Mobile IPv6). the IPv6 packet ends right after it: the payload should be empty. Options that need to be examined only by the destination of the packet. not even a header of an upper-layer protocol. if more options are present than will fit in that space. Options that need to be examined only by the destination of the packet.. from the header's point of view. The Destination Options extension header need to be examined by the destination node(s) only. Bit   0  32  64 . still be data in the payload if the payload length in the first header of the packet is greater than the length of all extension headers in the packet. Contains parameters for fragmentation of datagrams. including sending and receiving nodes. but passed unaltered by routers.. The extension headers are both at least 8 octets in size. Contains information used to verify the authenticity of most parts of the packet. not including the first 8 octets. It means that.. Hop-by-hop options and destination options The Hop-by-Hop Options extension header needs to be examined by all nodes on the packet's path. however. Destination Options (before upper-layer header) 60 Value 59 (No Next Header) in the Next Header field indicates that there is no next header whatsoever following this one.IPv6 packet 98 Extension Header Hop-by-Hop Options Destination Options (before routing header) Routing Fragment Authentication Header (AH) Encapsulating Security Payload (ESP) Type 0 60 43 44 51 50 Description Options that need to be examined by all devices on the path. Hdr Ext Len (8 bits) Length of this header in 8-octet units..[1] There could.. 0 1 2 3  0  1  2  3  4  5  6  7  8  9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 Next Header Hdr Ext Len Options and Padding Optional: more Options and Padding . and optional padding fields to align options and to make the total header length a multiple of 8 octets.

The Fragment extension header carries the information necessary to reassemble the original (unfragmented) packet.[1] . Fragment In order to send a packet that is larger than the path MTU. the sending node splits the packet into fragments.IPv6 packet 99 Routing The Routing extension header is used to direct a packet to one or more intermediate nodes before being sent to its destination.. not including the first 8 octets.. this header is deprecated[11] and host and routers are required to ignore these headers.. Bit   0  32  64 . Hdr Ext Len (8 bits) The length of this header. Routing Header type 2 is a limited version of type 0 and is used for Mobile IPv6. in multiples of 8 octets. if more Type-specific Data is needed than will fit in 4 octets. Routing Type (8 bits) 0.. or 2. until all Type-specific Data is placed. where it can hold the Home Address of the Mobile Node. Segments Left (8 bits) Number of nodes this packet still has to visit before reaching its final destination. blocks of 8 octets are added to the header repeatedly.[1] Routing extension header format Offsets Octet Octet 0 4 8 . Next Header (8 bits) Indicates the type of the next header. Routing Header type 1 is used for the Nimrod[12] project funded by DARPA. Routing types Due to the fact that with Routing Header type 0 a simple but effective[10] denial-of-service attack could be launched... The header is at least 8 octets in size. 0 1 2 3  0  1  2  3  4  5  6  7  8  9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 Next Header Hdr Ext Len Type-specific Data Routing Type Segments Left Optional: more Type-specific Data . Type-specific Data (variable) Data that belongs to this type of routing header. 1.

by making use of a 32-bit length field. plus 8 octets for the Hop-by-Hop extension header). allows the exchange of packets with payloads of up to one byte less than 4 GB (232 − 1 = 4294967295 bytes). Reserved (8 bits) Initialized to all zeroes.IPv6 packet 100 Fragment extension header format Offsets Octet Octet 0 4 Bit   0  32 0 1 2 3  0  1  2  3  4  5  6  7  8  9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 Next Header Reserved Identification Fragment Offset Rsvd. Jumbogram An optional feature of IPv6. Packets with such payloads are called jumbograms. Since both TCP and UDP include fields limited to 16 bits (length. for example a TCP segment or a UDP datagram.[13] [14] Payload The fixed and optional IPv6 headers are followed with the upper-layer payload. The Next Header field of the last IPv6 header indicates what type of payload is contained in this packet. M Flag (1 bit) 1 means more fragments follow. the data provided by the transport layer. Needed for reassembly of the original packet. 0 means last fragment. the jumbo payload option in a Hop-By-Hop Options extension header[8] . support for IPv6 jumbograms requires modifications to the Transport Layer protocol implementation. relative to the start of the fragmentable part of the original packet. Most Link Layer protocols cannot process packets larger than 65535 octets. Fragment Offset (13 bits) Offset. generated by the source node. plus 40 octets for the fixed header. . in 8-octet units. M Next Header (8 bits) Identifies the type of the next header. Rsvd. initialized to zeroes.[8] Jumbograms are only relevant for links that have a MTU larger than 65583 octets (more than 65535 octets for the payload. urgent data pointer). Identification (32 bits) Packet identification value. Authentication Header (AH) and Encapsulating Security Payload (ESP) The Authentication Header and the Encapsulating Security Payload are part of IPsec and are used identically in IPv6 and in IPv4. Standard payload length The payload length field of IPv6 (and IPv4) has a size of 16 bits. capable of specifying a maximum size of 65535 octets for the payload. (2 bits) Reserved.

Hosts are permitted to make an attempt to reassemble fragmented datagrams larger than 1500 bytes. after reassembly. a Time Exceeded message (ICMPv6 type 3. . but they are also permitted to silently discard any datagram after it becomes apparent that the reassembled packet would be larger than 1500 bytes.[1] End nodes in IPv6 are expected to perform path MTU discovery to determine the maximum size of packets to send. whose flag is set to 0. unless they have previous assurance that the receiver is capable of reassembling such large datagrams. The first fragment(s) hold the rest of the extension headers (if present). except the last fragment. or else the Hop-by-Hop extension header. However. similarly to the IPv4 method when the Don't Fragment bit set. The unfragmentable part of a packet consists of the fixed header and some of the extension headers of the original packet (if present): all extension headers up to and including the Routing extension header. Packets exceeding the size of the maximum transmission unit of the destination link are dropped and this condition is signaled by a Packet too Big ICMPv6 type 2 message to the originating node. code 1) is returned to the node originating the fragmented packet. Each Fragment extension header has its M flag set to 1 (indicating more fragments follow).IPv6 packet 101 Fragmentation Unlike in IPv4. the sending host may use the Fragment extension header in order to perform end-to-end fragmentation of IPv6 packets. Therefore. contain up to 1500 bytes. Receiving hosts must make a best-effort attempt to reassemble fragmented IP datagrams that. reassembly of the original packet is abandoned and all fragments are discarded. the unfragmentable part is just the fixed header. they will be rearranged by the receiving node. Any data link layer conveying IPv6 data must be capable of delivering an IP packet containing 1280 bytes without the need to invoke end-to-end fragmentation at the IP layer. and a piece of the fragmentable part of the original packet. identified by a fragment offset. After the Fragment extension header a fragment of the rest of the original packet follows. if the packet was discarded for this reason. if the upper-layer protocol is unable to do so. except the last. Reassembly The original packet is reassembled by the receiving node by collecting all fragments and placing each fragment at the right offset and discarding the Fragment extension headers of the packets that carried them. If not all fragments are received within 60 seconds after receiving the first packet with a fragment. Each fragment is a multiple of 8 octets in length. senders should avoid sending fragmented IP datagrams with a total reassembled size larger than 1500 bytes. After that the rest of the payload follows. Fragmenting A packet containing a fragment of an original (larger) packet consists of two parts: the unfragmentable part of the original packet (which is the same for all fragments). If the first fragment was received (which contains the fixed header). and the upper-layer protocol is expected to limit the payload size. IPv6 routers never fragment IPv6 packets. The Next Header value of the last (extension) header of the unfragmentable part is set to 44 to indicate that a Fragment extension header follows. If neither extension headers are present. Packets containing fragments need not arrive in sequence.

(December 2005) IP Encapsulating Security Payload (http:/ / tools. html) IETF. ietf. . the more commonly quoted figure. (December 2007).. RFC 1992. S. [14] Kent. Retrieved 3 December 2010. Deering. R. [3] Grossman. "Type 0: the evil mechanism.2 [10] Philippe Biondi. R.. Chiappa. e.. is its inverse. [7] draft-blake-ipv6-flow-label-nonce-02 (http:/ / tools. IETF. org/ html/ rfc2474. J. Savola. Baker. factor in the design of almost all communications links (e. N. Jitter period is the interval between two times of maximum effect (or minimum effect) of a signal characteristic that varies regularly with time. S. Hinden.g.. and usually undesired. Floyd. D. (Augustus 1996) The Nimrod Routing Architecture (http:/ / tools. Blake. org/ html/ rfc3595).IPv6 packet 102 References [1] Deering. Black. Jitter Jitter is the time variation of a periodic signal in electronics and telecommunications. USB. SATA. Internet Protocol. ietf. jitter can be expressed in terms of spectral density (frequency content). The amount of tolerable jitter depends on the affected application. org/ html/ rfc1992)'. PCI-e. IETF. S. RFC 2675. ietf. (August 1999). RFC 4203. Arnoud Ebalard (April 2007). J. S. [9] RFC 1726 section 6. S. ietf. .. IETF. Jitter frequency. [2] Nickols. ietf.g. ietf. ietf. RFC 3260. org/ html/ rfc3168. org/ html/ rfc3697). RFC 5095. K. ietf. RMS. (December 1998) Definition of the Differentiated Service Field (DS Field) in the IPv4 and IPv6 Headers (http:/ / tools. org/ conf/ IPv6_RH_security-csw07. html). RFC 2460. [4] Ramakrishnan. org/ html/ rfc4303. org/ html/ rfc2675). (December 2005) IP Authentication Header (http:/ / tools.. RFC 3697.. K. org/ html/ rfc3260. (March 2004) IPv6 Flow Label Specification (http:/ / tools.. I. (April 2002) New Terminology and Clarifications for DiffServ (http:/ / tools. IETF. (December 1998)... P. html). Hinden. [5] Wijnen. Black. org/ html/ rfc2460). version 6 (IPv6) Specification (http:/ / tools. Neville-Neil.. ietf.. org/ html/ draft-blake-ipv6-flow-label-nonce-02) [8] Borman. ITU-T G. D. D. In clock recovery applications it is called timing jitter. B.. [13] Kent. or peak-to-peak displacement. secdev. IETF.. F. ietf.. [6] Rajahalme. RFC 2474.. ietf. S. S. B.[1] Jitter can be quantified in the same terms as all time-varying signals." [11] Abley. the signal amplitude. RFC 4202. html) IETF. (September 2003) Textual Conventions for IPv6 Flow Label (http:/ / tools.810 classifies jitter frequencies below 10 Hz as wander and frequencies at or above 10 Hz as jitter. org/ html/ rfc4302. D. Also like other time-varying signals. RFC 3168. OC-48). Jitter is a significant. Conta. (September 2001) The Addition of Explicit Congestion Notification (ECN) to IP (http:/ / tools. G. introduce clicks or other undesired effects in audio signals. Jitter can cause a display monitor to flicker. ietf.. Steenstrup. IETF. IETF. Jitter may be caused by electromagnetic interference (EMI) and crosstalk with carriers of other signals. IPv6 Jumbograms (http:/ / tools. IETF. RFC 3595. pdf) (pdf). M. affect the performance of processors in personal computers. and loss of transmitted data between network devices. Carpenter. or phase of periodic signals.. [12] Castineyra.. IETF. EADS. Jitter may be observed in characteristics such as the frequency of successive pulses. "IPv6 Routing Header Security" (http:/ / www. html). org/ html/ rfc5095). Deprecation of Type 0 Routing Headers in IPv6 (http:/ / tools. often in relation to a reference clock source. Deering. A.

for this use. the sampling frequency is normally assumed to be constant. However. Most extraction programs perform seek jitter correction. the term is imprecise. The problem occurs because the Red Book (audio CD standard) does not require block-accurate addressing during seeking. Compact disc seek jitter In the context of digital audio extraction from Compact Discs. This is a consideration in high-frequency signal conversion. Packet jitter in computer networks In the context of computer networks. A network with constant latency has no variation (or jitter). Samples should be converted at regular intervals. A jitter meter is a testing instrument for measuring clock jitter values. In some conditions.[3] PDV is an important quality of service factor in assessment of network performance. seek jitter causes extracted audio samples to be doubled-up or skipped entirely if the Compact Disc drive re-seeks. . If there is jitter present on the clock signal to the analog-to-digital converter or a digital-to-analog converter then the instantaneous signal error introduced will be proportional to the slew rate of the desired signal and the absolute value of the clock error. the term jitter is often used as a measure of the variability over time of the packet latency across a network.[2] Packet jitter is expressed as an average of the deviation from the network mean latency. CD-ROM data discs are not subject to seek jitter. less than a nanosecond of jitter can reduce the effective bit resolution of a converter with a Nyquist frequency of 22 kHz to 14 bits. and is used in manufacturing DVD and CD-ROM discs. These glitches often sound like tiny repeating clicks during playback.Jitter 103 Sampling jitter In conversion between digital and analog signals. As a result. resulting in doubled or omitted samples. the extraction process may restart a few samples early or late. The standards-based term is packet delay variation (PDV). Due to additional sector level addressing added in the Yellow Book (CD standard). or where the clock signal is especially prone to interference. A successful approach to correction in software involves performing overlapping reads and fitting the data to find overlaps at the edges. CD manufacturers avoid seek jitter by extracting the entire disc in one continuous read operation using special CD drive models at slower speeds so the drive does not re-seek. Various effects can come about depending on the pattern of the jitter in In telecommunications circuit analysis an Eye diagram shows distortions caused by jitter. relation to the signal.

in particular IP networks such as the Internet. Often. peak-to-peak measurements are more useful. and cycle to cycle jitter. It can be important for some types of clock generation circuitry used in microprocessors and RAM interfaces. Absolute jitter is the absolute difference in the position of a clock's edge from where it would ideally be. so that the shortest clock period approaches the average clock period. all real jitter). Cycle-to-cycle jitter is the difference in length of any two adjacent clock periods.Jitter 104 Phase jitter metrics For clock jitter. If jitter has a Gaussian distribution. In these cases. period jitter. the reference point for jitter is defined such that the mean jitter is 0. Note that typically. Accordingly. it can be thought of as the discrete-time derivative of period jitter. In networking. there are three commonly used metrics: absolute jitter. This unit is useful because it scales with clock frequency and thus allows relatively slow interconnects such as T1 to be compared to higher-speed internet backbone links such as OC-192. Since they have different generation mechanisms. it is useful to quantify them separately. Hence. This can occur if the jitter is caused by external sources such as power supply noise. . and dark blue) meaningful peaks (which is the case in account for about 99. Many efforts have been made to meaningfully quantify distributions In the normal distribution one standard deviation from the mean (dark blue) accounts for that are neither Gaussian nor have about 68% of the set. Accordingly. jitter can refer to the variation (statistical dispersion) in the delay of the packets. synchronous circuitry benefits from minimizing period jitter. medium. Absolute units such as picoseconds are more common in microprocessor applications. Period jitter (aka cycle jitter) is the difference between any one clock period and the ideal clock period. the unit used for the above types of jitter is usually the Unit Interval (abbreviated UI) which quantifies the jitter in terms of a fraction of the ideal period of a bit. Period jitter tends to be important in synchronous circuitry like digital state machines where the error-free operation of the circuitry is limited by the shortest possible clock period. it can be thought of as the discrete-time derivative of absolute jitter. different circuit effects. while two standard deviations from the mean (medium and dark blue) account for about 95% and three standard deviations (light. All have shortcomings but most tend to be good enough for the purposes of engineering work. Units of degrees and radians are also used. jitter distribution is significantly non-Gaussian. and the performance of the circuitry is limited by the average clock period. In telecommunications. RMS). and different measurement methodology.7%. it is usually quantified using the standard deviation of this distribution (aka.

Examples of data-dependent jitter are duty-cycle dependent jitter (also known as duty-cycle distortion) and intersymbol interference. Random jitter typically follows a Gaussian distribution or Normal distribution. A less . A common bit error rate used in communication standards such as Ethernet is 10−12. regardless of the distributions. The peak-to-peak value of this jitter is bounded. Another reason for random jitter to have a distribution like this is due to the central limit theorem. Deterministic jitter Deterministic jitter is a type of clock timing jitter or data signal jitter that is predictable and reproducible. It is believed to follow this pattern because most noise or jitter in a electrical circuit is caused by thermal noise.6 10−14 Total jitter Total jitter (T) is the combination of random jitter (R) and deterministic jitter (D): in which the value of n is based on the bit error rate (BER) required of the link. Jitter is measured and evaluated in various ways depending on the type of circuitry under test.7 10−11 7 10−12 7. and thus impose tighter tolerances on jitter. which may have eye openings on the order of 1000 picoseconds. modern computer motherboards have serial bus architectures with eye openings of 160 picoseconds or less. and the bounds can easily be observed and predicted. which has a Gaussian distribution. n BER 6. Testing Testing for jitter and its measurement is of growing importance to electronics engineers because of increased clock frequencies in digital electronic circuitry to achieve higher device performance. For example. jitter in serial bus architectures is measured by means of eye diagrams. One of the main differences between random and deterministic jitter is that deterministic jitter is bounded and random jitter is unbounded. also called Gaussian jitter. according to industry accepted standards. approaches a Gaussian distribution. For example. This is extremely small compared to parallel bus architectures with equivalent performance. is unpredictable electronic timing noise.3 10−13 7. Testing of device performance for jitter tolerance often involves the injection of jitter into electronic components with specialized test equipment. T = Dpeak-to-peak + 2× n×Rrms.4 10−10 6. The central limit theorem states that composite effect of many uncorrelated noise sources. Determistic jitter can either be correlated to the data stream (data-dependent jitter) or uncorrelated to the data stream (bounded uncorrelated jitter). Higher clock frequencies have commensurately smaller eye openings.Jitter 105 Types Random jitter Random Jitter. One example of bounded uncorrelated jitter is Periodic jitter.

Some systems use sophisticated delay-optimal de-jitter buffers that are capable of adapting the buffering delay to changing network jitter characteristics. Dejitterizer A dejitterizer is a device that reduces jitter in a digital signal. which may appear offensive to the listener or viewer. Jitter buffers Jitter buffers or de-jitter buffers are used to counter jitter introduced by queuing in packet switched networks so that a continuous playout of audio (or video) transmitted over the network can be ensured. Where applicable.[4] In all cases. Chen entitled. Filtering A filter can be designed to minimize the effect of sampling jitter. compliant systems are required to conform to these standards. Minimizing the effects of sampling jitters in wireless sensors networks. The maximum jitter that can be countered by a de-jitter buffer is equal to the buffering delay introduced before starting the play-out of the mediastream. Examples of anti-jitter circuits include phase-locked loop and delay-locked loop. There are standards for jitter measurement in serial bus architectures. For more information. jitter transfer function and jitter generation. Adaptive de-jittering involves introducing discontinuities in the media play-out. Inside digital to analog converters jitter causes unwanted high-frequency distortions. as well as for data sampling systems such as the analog-to-digital converter and digital-to-analog converter. 106 Mitigation Anti-jitter circuits Anti-jitter circuits (AJCs) are a class of electronic circuits designed to reduce the level of jitter in a regular pulse signal. Adaptive de-jittering is usually carried out for audio play-outs that feature a VAD/DTX encoded audio. see the paper by S. thus minimizing the perceptual impact of the adaptation. the goal of jitter measurement is to verify that the jitter will not disrupt normal operation of the circuitry. In this case it can be suppressed with high fidelity clock signal usage. These are known as adaptive de-jitter buffers and the adaptation logic is based on the jitter estimates computed from the arrival characteristics of the media packets. Ahmed and T. In the context of packet-switched networks.Jitter direct approach—in which analog waveforms are digitized and the resulting data stream analyzed—is employed when measuring pixel jitter in frame grabbers. with the required values for these attributes varying among different applications. such as waiting-time jitter. They are widely used in clock and data recovery circuits in digital communications. AJCs operate by re-timing the output pulses so they align more closely to an idealised pulse signal. The standards cover jitter tolerance. A dejitterizer usually consists of an elastic buffer in which the signal is temporarily stored and then retransmitted at a rate based on the average rate of the incoming signal. . that allows the lengths of the silence periods to be adjusted. A dejitterizer is usually ineffective in dealing with low-frequency jitter. the term packet delay variation is often preferred over jitter.

Retrieved 2008-02-15. Hong Shi. Ohtani. Pre-Driver PDN SSN. Jitter and Signal Integrity Verification for Synchronous and Asynchronous I/Os at Multiple to 10 GHz/Gbps (http://www. [3] RFC 3393.00. com/ support/ pixjiter. in/ books?id=tm-evHmOs3oC& pg=PA476). Prentice Hall. [1] Wolaver.html) . Computer Networks and Internets (http:/ / books. Jitter in Digital Transmission Systems. (2008). Presented at DesignCon 2009. sensoray. IETF (2002) [4] Khvilivitzky.com/QoS/QoS_Jitter. Prentice Hall. • Li.unh.phabrix. Xiaohong Jiang. Mike P.Jitter 107 References  This article incorporates public domain material from the General Services Administration document "Federal Standard 1037C" [1] (in support of MIL-STD-188). Artech ISBN 089006248X External links • Jitter in VoIP . 476. solutions and recommended values (http://www.pdf) • An Introduction to Jitter in Communications Systems (http://www. Further reading • Wolaver. Phase-Locked Loop Circuit Design.com/literature/cp/cp-01048-jitter-resonance.cfm/an_pk/377/CMP/WP-35) A Heuristic Discussion of Fibre Channel and Gigabit Ethernet Methods • Jitter in Packet Voice Networks (http://www. php) • Jitter Buffer (http://searchenterprisevoice. google.iol.altera.sid66_gci906844.maxim-ic.techtarget. ISBN 9780136061274.shtml) • Clock and data recovery/Introduction/Definition of (phase) jitter (http://en. pp. Eve L. Mike P.edu/pub/mplsServices/other/ QoS_Testing_Methodology.Hand-held Tool for eye and jitter measurement and analysis (http://www. 1991.com/en/digital_clocking..maxim-ic. co. Physical.com/literature/cp/cp-01049-jitter-si-verification. "Pixel Jitter in Frame Grabbers" (http:/ / www.pdf). SOC-System Jitter Resonance and Its Impact on Common Approach to the PDN Impedance (http:// www.com/appnotes.Causes.cfm/an_pk/1916/ CMP/WP-34) • Jitter Specifications Made Easy (http://www.ieee. htm).com/literature/cp/cp-01055-impact-ssj. p.html) • Definition of Jitter in a QoS Testing Methodology (ftp://ftp. pages 211-237 • Trischitta. Douglas E. . Presented at Electronics Components and Technology Conference 2009.en. • Li.com/en/US/tech/tk652/tk698/ technologies_tech_note09186a00800945df.pdf).com/sDefinition/0.wikibooks.211 [2] Comer.pdf). Iliya.org/wiki/ Clock_and_data_recovery/Introduction/Definition_of_(phase)_jitter) • Zamek. solutions and recommended values for digital audio) • Igor Levin Terms and concepts involved with digital clocking related to Jitter issues in professional quality digital audio (http://www. ISBN 0-13-662743-9. • Phabrix SxE .com/literature/cp/cp-01052-jitter-classification. Dan H. Hui.com) • Miki. A New Jitter Classification Method Based on Statistical.altera. Presented at International Test Conference 2008.com/appnotes. Presented at International Test Conference 2008. and Varma. OPD. 1989. 1991. IP Packet Delay Variation Metric for IP Performance Metrics (IPPM). Alexander (2008). and Their Impact on SSJ (http://www. and Zhe Li. .voipforo. Patrick R. • Liu.org/802. and Spectroscopic Mechanisms (http://www.antelopeaudio. Data Encoding.ppt) (Causes. and Kowalski Jitter Requirements (https://mentor.altera.cisco.pdf).altera.11/dcn/04/ 11-04-1458-00-000n-jitter-requirements.

interfaces using the standard frame size and interfaces using the jumbo frame size should not be in the same subnet. and work without special consideration and without requiring all stations to support jumbo frames. This reduces CPU utilization (mostly due to interrupt reduction) and increases throughput by allowing the system to concentrate on the data in the frames. jumbo frames are Ethernet frames with more than 1500 bytes of payload. . Conventionally. can provide effectively all the gains of jumbo frames without the re-send costs. and iSCSI (RFC 3720). Inception The original 1500-byte payload size for Ethernet frames was used because of the high error rates and low speed of communications. however. Zero-copy NICs and device drivers. As a result.[2] Adoption The IEEE 802 standards committee does not recognize jumbo frames.11 Wireless LAN. Many other vendors also adopted the size. do provide most of the same gain for the receiver. the same amount of data can be transferred with less effort. Selection of this polynomial was based upon work documented in the paper "32-Bit Cyclic Redundancy Codes for Internet Applications"[3] . However. ESnet. The use of 9000 bytes as preferred size for jumbo frames arose from discussions within the Joint Engineering Team of Internet2 and the U. GÉANT.S.3 Ethernet standard.Jumbo frame 108 Jumbo frame In computer networking. manufacturers have in turn adopted 9000 bytes as the conventional jumbo frame size. instead of the frames around the data. Internet Protocol subnetworks require that all hosts in a subnet have an identical MTU. which is more than 9 times the length of an Ethernet MTU. Jumbo frames gained initial prominence when Alteon WebSystems introduced them in their ACEnic Gigabit Ethernet adapters. but variations exist and some care must be taken when using the term. Many Gigabit Ethernet switches and Gigabit Ethernet network interface cards support jumbo frames.360 bit data word length) and HD=4 to 114. and without requiring any changes to other stations on the network. Thus. although this does not reduce the receiver CPU load. however. when combined with interrupt combining. as doing so would remove interoperability with existing Ethernet equipment and other 802 protocols. a similar reduction in CPU utilization can be achieved by using TCP segmentation offloading. if one receives a corrupted packet. To reduce interoperability issues. In order to meet this mandatory purchasing criterion. Some Fast Ethernet switches and Fast Ethernet network interface cards support jumbo frames. The Castagnoli polynomial 0x11EDC6F41 achieves the Hamming Distance HD=6 beyond one Ethernet MTU (to a 16. network interface cards capable of jumbo frames require explicit configuration to use jumbo frames. each frame requires that the network hardware and software process it. This gives two additional bits of error detection ability at MTU-sized data words compared to the Ethernet CRC standard polynomial while not sacrificing HD=4 capability for data word sizes up to and beyond 72k bits. The presence of Jumbo frames may have an adverse effect on network latency. If the frame size is increased. but most commercial Internet service providers do not. and AARNet) support jumbo frames. Their recommendation has been adopted by all other national research and education networks.[1] Most national research and education networks (such as Internet2/NLR. IETF solutions for adopting Jumbo Frames avoids the data integrity reductions through use of the Castagnoli CRC polynomial being implemented within the SCTP transport (RFC 4960). including 802. they did not become part of the official IEEE 802.663 bits. only 1500 bytes (plus 18 bytes for the frame header and other overhead) must be re-sent to correct the error. Interrupt-combining Ethernet chipsets.5 Token Ring and 802. federal government networks. especially on low bandwidth links. At the sender. jumbo frames can carry up to 9000 bytes of payload.

CRC calculations done in software have always resulted in slower performance than that achieved when using simple additive checksums.Jumbo frame By using a CRC checksum rather than simple additive checksums as contained within the UDP and TCP transports. 10. process to increase the path MTU of high performance national research and education networks from 1518 bytes to 9000 bytes or so. html). ECE Department & ICES. both at end nodes and intermediate transit nodes. as line bit rate increases. Cisco. 1016/ . 109 Baby giant frames Baby giants are frames that are only slightly larger than allowed by the IEEE Ethernet standards. This relationship becomes increasingly important as average network line bit rate increases to 10 gigabits per second. edu/ ~koopman/ networks/ dsn02/ dsn02_koopman. One of the major impediments toward the adoption of Jumbo Frames has been the inability to upgrade existing Ethernet infrastructure that would be needed to avoid a reduction in the ability to detect errors. cmu. As the nodes in general use reciprocating logic to handle the packets. Both TCP and UDP have proven ineffective at detecting bus specific bit errors. Retrieved 2011-08-22. both provide improved error detection rates despite the use of Jumbo Frames where increase of the Ethernet MTU would have otherwise resulted in a significant reduction in error detection. pdf) by Philip Koopman. since these errors with simple summations tend to be self cancelling. and somewhat lengthy. "Catalyst 3750/3560 Series switches support an MTU of 1998 bytes for all 10/100 interfaces" [2] Jeff Caruso (October 22.[1] Super jumbo frames Super jumbo frames (SJFs) are generally considered to be Internet packets which have a payload in excess of the tacitly accepted jumbo frame size of 9000 bytes. to accommodate the maximum transmission unit (MTU). required. [3] "32-Bit Cyclic Redundancy Codes for Internet Applications" (http:/ / www. com/ news/ 1022alteon. Retrieved July 4. References [1] "Jumbo/Giant Frame Support on Catalyst Switches Configuration Example" (http:/ / www. may take some time. Generally. errors generated internal to NICs can be detected as well. This however implies the covariant scaling of numerous intermediating logic circuits along the network path. 1998). and within a TCP transport designed to carry SCSI data. org/ 10. 001) [4] 16 000–64 000 B pMTU experiments with simulation: The case for super jumbo frames at Supercomputing ’05 (http:/ / dx. networkworld. as found with TCP and UDP. and above. Carnegie Mellon University j. To overcome the performance penalty. cisco. shtml). ece. As it has been a relatively difficult. osn. doi. com/ en/ US/ products/ hw/ switches/ ps700/ products_configuration_example09186a008010edab. The main benefit of this is the reduction of the packet rate. the number of machine cycles spent parsing packet headers decreases as the average MSS per packet increases. . the packet payload size should increase in direct proportion to maintain equivalent timing parameters. Network World. . The relative scalability of network data throughput as a function of packet transfer rates is related in a complex manner [4] to payload size per packet. possibly to 64000 bytes for example. a subsequent increase. Testing that led to adoption of RFC 3309 compiled evidence based upon simulated error injection against real data that demonstrated as much as 2% of these errors were not being detected. Support of Castagnoli CRC polynomial within a general purpose transport designed to handle data chunks. 2011. 2006. Intel now offers 1Gb NIC (82576) and 10Gb NIC (X520) that off-load SCTP checksum calculations and Core i7 processors support the CRC32c instruction as part of their new SSE4 vector math instruction set. The main factor involved with an increase in the maximum segment size (MSS) is an increase in the available memory buffer size in all of the intervening persistence mechanisms along the path. "Alteon still stumping for Jumbo Frames" (http:/ / www.

While IPv4 has no facilities to exceed its theoretical IP MTU limit.pdf) • Need To Know: Jumbo Frames in Small Networks (http://www.php) • Pushing up the Internet MTU (http://www.967.edu/~koopman/networks/ dsn02/dsn02_koopman.295 bytes). allows the exchange of packets with payloads of up to one byte less than 4 GiB (232 − 1 = 4. In discussions of jumbograms for Link Layer technologies. . however. Alteon Networks.org/index. RFC 2675. Thus. IPv6 Jumbograms (http:/ / tools. 2/23/1998 in NetworkWorld • SJF Supercomputing 2005 Demo (http://www.. by Selina Lo.NetworkWorld. Hinden.ece. they are often referred to as jumbo frames. S. (August 1999).html).org/3/frame_study/index. Historically.html) • Jumbo frames? Yes! (http://www. The support for IPv6 jumbograms required a redesign in all Transport Layer protocols. urgent data pointer). D. the jumbo payload option.ca/rrx/hpc/sc05. This theoretical limit for the Internet Protocol (IP) MTU. is reached only on networks that have a suitable Link Layer infrastructure.html) • 32-Bit Cyclic Redundancy Codes for Internet Applications (http://www. ietf. Deering.3as Frame Expansion Task Force (http://www.com/~phil/jumbo.. thus allowing data of up to 65535octets. References [1] Borman. the designers of IPv6 have provided a protocol extension to permit packets of larger size.294. IETF. org/ html/ rfc2675).smallnetbuilder.archlinux. such as the Transmission Control Protocol (TCP) and the User Datagram Protocol (UDP). a jumbogram (portmanteau of jumbo and datagram) is a packet of any size exceeding the standard Maximum Transmission Unit (MTU) of the underlying network technology at either the Link Layer or the Internet Layer. by making use of a 32-bit length field. include data size parameters limited to only 16 bits (length. R.rutherford-research.ieee802. The jumbo payload option and the transport-layer modifications are described in RFC 2675.com/forum/0223jumboyes.cmu. Transport Layer protocols. in the context of IPv6 a jumbogram is understood as an IPv6 packet carrying a payload larger than 65535octets[1] IPv6 jumbograms An optional feature of IPv6.com/content/view/30201/54/ ) • How to Jumbo Frames in Archlinux (http://wiki. The payload length field of IPv4 and IPv6 has a size of 16 bits.Where to use it? (http://sd.edu/~mathis/MTU) • IEEE 802.wareonearth.php/Jumbo_Frames) Jumbogram In packet-switched computer networks.Jumbo frame 110 External links • Jumbo Frames .psc.

the specific characteristic of the game matter. whereas a twitch gameplay game such as a first-person shooter with a considerably higher pace may require significantly lower delay to be able to provide satisfying gameplay. And. Lag is also often used in reference to video games to describe to the delay (or latency) between an action by a player and the reaction of the game. Final Fantasy XI. since once an input from the player is received. usually due to a slow internet connection. Lag in local video gaming All video games incur some lag. video game lag refers to delays that are noticeable to a player. The tolerance for lag depends heavily on the type of game. the video and audio compression and decompression. But. RuneScape. Lag in online multiplayer gaming All online video games such as Minecraft. the term is used when the application fails to respond in a timely fashion to inputs. It includes the time to encode the packet for transmission and transmit it. But in general parlance.[2] [3] The most common use regards online gaming when the game doesn't respond in sync with the player's controls. A minimum bound on latency is determined by the distance between communicating devices and the speed at which the signal propagates in the circuits (typically 70–95% of the speed of light in vacuum). The term lag is often also used as a synonym for communication latency. and other traffic. fast chess is a turn-based game that is fast action and may not tolerate high lag. the round-trip lag of all elements of the cloud gaming system (the thin client. Heroes of Newerth. which is the time taken for a sent packet of data to be received at the other end. and the display of the video on a display device) must be low enough that the user perception is that the game is running . and user tolerance for lag depends highly upon the type of game. World of Warcraft. etc. League of Legends. some twitch games can be designed such that only events that impact the outcome of the game introduce lag. and the time to receive and decode the data.Lag 111 Lag Lag is a common word meaning to fail to keep up or to fall behind.[4] Lag in cloud gaming Cloud gaming is a type of online gaming where the entire game is hosted on a game server in a data center. and the user is only running a thin client locally that forwards game controller actions upstream to the game server. For example. For instance. the time for that data to traverse the network equipment between the nodes. the game execution on the game server. a strategy game or a turn-based game with a low pace may have a high threshold or even be mostly unaffected by high delays. the game must compute the next frame of video and that video frame must be scanned out to a display device. This is also known as "one-way latency".[4] In distributed applications (such as MMORPGs). the Internet and/or LAN connection the game server. lag is often caused by communication latency.[5] This can be misleading because there can be other causes for the symptom. Adventure Quest Worlds. The game server then renders the next frame of the game video which is compressed using low-lag video compression and is sent downstream and decompressed by the thin client. similarly as it does for local gaming. the round-trip network latency between a client game and the host server is referred to as the client's ping time. For the cloud gaming experience to be acceptable. Actual latency is often much higher because of packet processing in networking equipment. [1] In real-time applications. Call of Duty. server latency or overworked hardware. incur online lag due to a combination of local and remote processing lag and communications latency. allowing for fast local response most of the time.[6] In general parlance.

gamedev. Retrieved 2010-08-27. aspx/ ). [11] "Digital Foundry vs. ." (http:/ / www. com/ video/ d8-video-onlive-demo/ 9D57A2C6-24ED-4351-8266-F3F7BA0C4D18/ ). Eurogamer Digital Foundry. the only company thus far operating a cloud gaming service.bluesnews."[12] 112 References [1] "lag" at dictionary.reference. gamezone. . . com/ browse/ lag) [2] "lag" at wiktionary (http:/ / en. [8] "The Process of Invention: OnLive Video Game Service" (http:/ / tv.[7] [8] Because of such tight lag requirements. iPhone" (http:/ / video. cs. 2010-01-21. 2010-09-06. Gamezone. to the point where "the actions on screen were one-to-one with my input controls. ACM.[9] Cloud gaming is a very new technology. currently limiting the distance between a user and a cloud gaming game server to approximately 1000 miles. . . cloud gaming lag is only slightly higher than local console lag. For example. net/ articles/ digitalfoundry-lag-factor-article?page=3/ ). distance considerations of the speed of light through optical fiber come into play.net (http:/ / www. PC. OnLive" (http:/ / www. pdf) [4] "Noob Glossary: Ping. Unreal Tournament 3 incurs up to 133ms of lag on a console[10] and was tested in July 2010 as incurring 150ms in lag on OnLive. OnLive. eurogamer. com/ 2010/ 01/ 21/ beta-testing-at-the-speed-of-light/ ). The FU Foundation School of Engineering & Applied Science (Columbia University).htm) • It's the Latency. [12] "OnLive Does What Consoles Can’t: The promise of constant performance upgrades may pull it ahead of today’s consoles.[11] In September 2010. External links • The Gamer's Guide from Blues News .stanford. wiktionary. asp) [6] "Latency Can Kill: Precision and Deadline in Online Games" (http:/ / www. Mac. Retrieved 2010-08-27. [10] "Console Gaming: The Lag Factor" (http:/ / www. [9] "Beta Testing at the Speed of Light" (http:/ / blog. Retrieved 2010-08-19.com/od/speedtweaks/l/aa021902a. Console. eurogamer. onlive. Retrieved 2010-08-27. 2010-02-23. In fact.com/guide/lag. OnLive has managed to get within spitting distance of console response times". Retrieved 2010-01-23.Lag locally. [7] "D8 Video:OnLive demoed on iPad. seas. Bright Hub!. reviewers reported a steady reductions in lag due to constant improvements in the technology. . reference. Retrieved 2010-08-27.about.edu/~cheshire/rants/Latency.[11] resulting in the assessment in July 2010 that "Out of controlled conditions. edu/ videos/ 545/ 60/ 79). columbia. edu/ ~almeroth/ classes/ W10. ucsb. net/ articles/ digitalfoundry-vs-onlive-article/ ).com (http:/ / dictionary. allthingsd. 2009-12-13. . 2010-08-09. pdf/ ). I forgot that it wasn't running natively on my PC. org/ downloads/ GVSETS/ GVSETSPapers/ Robotic Systems/ Mitigating the Effects of Time Lags on Driving Performance. [5] What is Lag? at gamedev. Wall Street Journal.htm) . com/ editorials/ item/ onlive_succeeds_consoles_by_constant_performance_upgrades/ ). Stupid (http://rescomp. Retrieved 2010-08-27.Lag Section (http://www. according to OnLive. 2009-09-05. brighthub. Lag and Servers" (http:/ / www. 290F/ papers/ claypool-10. org/ wiki/ lag) [3] Mitigating the Effects of Time Lags on Driving Performance (robotics) (http:/ / www. com/ video-games/ pc/ articles/ 45925. ndia-mich. net/ reference/ articles/ article712. but early tests have shown that in practice. . 2010-07-09.html) • Bandwidth and Latency (http://compnetworking. Eurogamer Digital Foundry. Retrieved 2010-01-23.

However. followed by a sequence number and age. at regular intervals. flooded advertisements are acknowledged in Link State Acknowledgment packets. and can be distributed throughout the network. and the cost of changing a link if the need arises. This acknowledgment is accomplished through the sending and receiving of Link State Acknowledgment packets. Depending on the state of the sending interface and the source of the advertisements being acknowledged. and a list of neighbors. They are used to efficiently determine what the new neighbor is. Each Link State Update packet carries a collection of link state advertisements one hop further from its origin. or as a unicast. the retransmitted advertisements are always carried by unicast Link State Update packets. These packets implement the flooding of link state advertisements. ordinary flooding may result in problems. LSPs are queued for transmission. if a link failure occurs. and must time out at about the same time. a router then builds a packet containing all the data. Several link-state advertisement may be included in a single packet. the complex part is determining when to build them. a Link State Acknowledgment packet is sent either to the multicast address AllSPFRouters. Link state packet can also be further defined as special datagrams that determine the names of and the cost or distance to any neighboring routers and associated networks. the delay to that neighbor is given. but cannot use the routing database. Types of Link State packets Link state packets are usually implemented with Open Shortest Path First(OSPF) protocol. If retransmission of certain advertisements is necessary. The packet starts with the identity of the sender. or when some significant event occurs. . flooded advertisements are explicitly acknowledged. Smart flooding. to the multicast address AllDRouters. A major procedure called flooding which is used for distributing link state algorithms throughout the routing domain can be implemented with link state packets.Link state packet 113 Link state packet Overview Link State Packet (LSP) is a packet of information generated by a network router in a link state routing protocol that lists the router's neighbors. OSPF's reliable update mechanism is implemented by Link State Update and Link State Acknowledgment packets. One way to reduce this problem is to build them periodically. that is. Link state acknowledgment packet Link State Acknowledgment Packets are OSPF packet type 5. To make the flooding of link state advertisements reliable. because it generates exponential behavior. For each neighbor. Multiple link state advertisements can be acknowledged in a single Link State Acknowledgment packet. In order to make the flooding procedure reliable. on the other hand recognizes link state packets appropriately. Developing Link State Packets When Information needed for exchange is collected. They must be acknowledged. Link state update packet Link State Update packets are OSPF packet type 4. or changing its properties appreciatively. Building a link state packet is usually easy. such as a line or neighbor going down or coming back up again. Link State Update packets are multicast on those physical networks that support multicast/broadcast.

the only effect seen due to the occasional dropped packet is jitter. For example. In the event of packet loss. performance at a node is often measured not only in terms of delay. Don Anderson Anderson. voice over IP. : Addison-Wesley. packet drop because of channel congestion [1] [2] .Link state packet 114 References • FireWire system architecture : IEEE 1394a / MindShare. Causes Packet loss can be caused by a number of factors including signal degradation over the network medium due to multi-path fading. This drop in throughput is due to the sliding window protocols used for acknowledgment of received packets. Packet loss is distinguished as one of the three main error types encountered in digital communications. In certain variants of TCP. NJ : Prentice Hall. retransmitting missing packets causes the throughput of the connection to decrease. for Voice over IP traffic. Acceptable packet loss “The fraction of lost packets increases as the traffic intensity increases.” [7] The amount of packet loss that is acceptable depends on the type of data being sent. and therefore “[m]issing one . it will be re-sent along with every packet that had been sent after it. the other two being bit error and spurious packets caused due to noise. it is important to note that packet loss does not always indicate a problem. c1999 • Routing in communications networks / editor. 1953Reading. Effects When caused by network problems. [6] Although TCP can recover from packet loss. faulty [3] networking hardware. packet loss probability is also affected by signal-to-noise ratio and distance between the transmitter and receiver. In addition to this. Mass. . Protocols such as UDP provide no recovery for lost packets. This retransmission causes the overall throughput of the connection to drop. Martha Steenstrup Englewood Cliffs. faulty network drivers or normal routing routines (such as DSR in ad-hoc networks ). 1995 • Radia Perlman “Rbridges: Transparent Routing”. Inc. [4] However. Infocom 2004. online gaming and videoconferencing. corrupted packets rejected in-transit. Therefore. if a transmitted packet is lost. but also in terms of the probability of packet loss…a lost packet may be retransmitted on an end-to-end basis in order to ensure that all data are[sic] eventually transferred from source to destination. [5] Packet recovery Some network transport protocols such as TCP provide for reliable delivery of packets. lost or dropped packets can result in highly noticeable performance issues or jitter with streaming technologies. the receiver asks for retransmission or the sender automatically resends any segments that have not been acknowledged. Packet loss Packet loss occurs when one or more packets of data travelling across a computer network fail to reach their destination. Don. If the latency and the packet loss at the destination hop are acceptable then the hops prior to that one don't matter. and will affect all other network applications to a degree. Applications that use UDP are expected to define their own mechanisms for handling packet loss.

& Antonakos. Boston: Course Technology.Fast transmit&ctype=1) . packet loss is not necessarily an indication of poor connection reliability or a bottleneck. Kurose. (2010). Losses between 5% and 10% of the total packet stream will affect the quality significantly. W. "Packet loss or latency at intermediate hops. P 282-283 External links • Interactive animation of TCP fast retransmit simulation: packet loss detection and recovery. Computer Networking: A Top-Down Approach. [10] Kurose. F. Cengage Learning.Packet loss or two packets every now and then will not affect the quality of the conversation. .php?simu=tcp_fast_retransmit&protocol=TCP&title=4. K. which is where the aforementioned packet retransmission schemes are used. Computer Networking: A Top-Down Approach. J. F. Boston: Addison-Wesley. New York: Addison-Wesley. W. P 30. then there is no other solution than to drop packets. New York: Addison-Wesley. K. [9] Kurose. (2010). (2010). F. For this reason. and Security. P 42-43. F. Computer Networking from LANs to WANs: Hardware. W. There are many methods used for determining which packets to drop. J. F. New York: Addison-Wesley. P 30. P 602. C. Computer Networking: A Top-Down Approach. (http://www. & Ross. E. visualland. Kurose. Mansfield. In some connections. J. 115 References [1] [2] [3] [4] [5] [6] [7] [8] Kurose. dropping packets when the queue is full is a poor solution for any connection that requires real-time throughput. However. Ad-Hoc Networking. [10] The data packets will be transmitted over a longer duration. also known as a bottleneck." (http:/ / www. New York: Addison-Wesley. P 30. K. C. Retrieved 2007-02-25. This type of packet dropping is called tail drop. nessoft. W. (2010). & Ross.[9] The TCP protocol is designed with a slow-start connection strategy so that excessive packet loss will cause the sender to throttle back and stop flooding the bottleneck point with data (using perceived packet loss as feedback to discover congestion). Kurose. & Ross. & Ross. Computer Networking: A Top-Down Approach. New York: Addison-Wesley. Software. J. Kurose. F. K. (2010). & Ross. New York: Addison-Wesley. J.”[8] On the other hand. K. W.net/tcp_histrory. & Ross. and is related to the erlang unit of measure. when transmitting a text document or web page. P 242. W. Perkins. F. packets may be intentionally dropped in order to slow down specific services for no other reason than to dissuade users from using those services. (2010). Computer Networking: A Top-Down Approach. P501. (2010). New York: Addison-Wesley. W. Computer Networking: A Top-Down Approach. When given a situation where the amount of content due to be pushed through a connection is growing at a rate greater than it is possible to push through that connection. quality of service and other methods are applied. K. L. Computer Networking: A Top-Down Approach. J. (2001). K. J. (2010). Most basic networking equipment will use FIFO queuing for packets waiting to go through the bottleneck and they will drop the packet if the queue is full at the time the packet is received. & Ross. Packet loss is closely associated with quality of service considerations. P 147. For these types of connections. com/ kb/ 24) (HTTP). a single dropped packet could result in losing part of the file. K. J.

most invalid packets are easily filtered by modern stateful firewalls.[3] Examples of Martian packets are[4] : • A packet with a source or destination IPv4 address in the ranges 10.[1] The name is derived from packet from Mars.0. 172. Retrieved 21 April 2011.0/4. org/ assignments/ ipv4-address-space/ ). ISBN 9781602670006. catb.0.0. • An incoming or outgoing packet with a Bogon source or destination address in an as-yet-unallocated range.0/12. . Javvin Technologies Inc. or in [5] the future-use range 240. References [1] Javvin Www Networkdictionary Com (1 March 2007). a place where packets clearly can not originate. google. • An incoming packet with a destination address of 255. org/ jargon/ html/ M/ martian. . Their usage is associated with a type of network attack called a denial-of-service (DoS) attack.0. routers or any service present on the network. p.168. Mangled packets can be generated by dedicated software such as nmap or Nessus.0. • An incoming or outgoing packet whose source or destination address is in the range 127.16.[1] As of 2008. html).0/8. It aims to destabilize the network and sometimes to reveal its available services – when network operators need to restart the disabled ones. a mangled or invalid packet is a packet—especially IP packet—which either lacks order or self-coherence.Ingress Filtering for Multihomed Networks [3] "Jargon File: martian" (http:/ / www.0/16. Network Dictionary (http:/ / books. 300. which is reserved for loopback within the host. or contains code aimed to confuse or disrupt computers. firewalls. which is reserved for internal broadcast. Martian packet A Martian packet is an IP packet which specifies a source or destination address that is reserved for special-use by Internet Assigned Numbers Authority (IANA) and cannot actually originate as claimed or be delivered.255. References [1] RFC 1812 . . when not participating in a private network.[2] but can also arise from network equipment malfunction or misconfiguration of a host.255/32.0.0/8.Mangled packet 116 Mangled packet In computer networking.0.[1] Martian packets commonly arise from IP address spoofing in denial-of-service attacks. [4] RFC 5735 .0. .Requirements for IP Version 4 Routers [2] RFC 3704 . or 192. iana. com/ books?id=On_Hh23IXDUC& pg=PA300).Special Use IPv4 Addresses [5] "IANA IPv4 Address Space Registry" (http:/ / www..255.

htm Maximum transmission unit In computer networking. (2006). and therefore in a single IP datagram. the largest allowed by Ethernet at the network layer (and hence over most of the Internet). the MSS option is established by operating system on the SYN packet during the TCP handshake. causing greater delays to following packets and increasing lag and minimum latency.[1] The IP datagram containing a TCP segment may be self-contained within a single packet. org/ html/ rfc879#section-3). Douglas E. A larger MTU brings greater efficiency because each packet carries more user data while protocol overheads. the MSS limit applies to the total amount of data contained within the final reconstructed TCP segment. page 2. References [1] RFC 879 (http:/ / tools.Maximum segment size 117 Maximum segment size The maximum segment size (MSS) is a parameter of the TCP protocol that specifies the largest amount of data. Internetworking with TCP/IP (5E ed. Each direction of data flow can use a different MSS. serial port. tcpipguide. A larger MTU also means processing of fewer packets for the same amount of data. It does not count the TCP header or the IP header. the resulting higher efficiency means a slight improvement in bulk protocol throughput. specified in bytes. ietf.4k modem for about one second.). Therefore: MSS + Header ≤ MTU Every host is required to be able to handle an MSS of at least 536 bytes. such as headers or underlying per-packet delays. that a computer or communications device can receive in a single TCP segment. remain fixed. In some systems. Further reading • Comer. • Kozierok. or it may be reconstructed from several fragmented pieces. The TCP/IP Guide [2] (3E ed. "The MSS counts only data octets in the segment. Section 3." [2] http:/ / www.). per-packet-processing can be a critical performance limitation. either way. etc. a 1500-byte packet. For example. Large packets can occupy a slow link for some time. Upper Saddle River. Retrieved 2007-11-28. it does not count the TCP header or the IP header. Charles M. or systems (such as point-to-point serial links) may decide MTU at connect time. ties up a 14. Retransmissions of larger packets take longer. At a given bit error rate larger packets are more likely to be corrupted. Large packets are also problematic in the presence of communications errors. For most computer users. MTU parameters usually appear in association with a communications interface (NIC. for example) can fix the size of an MTU. the maximum transmission unit (MTU) of a communications protocol of a layer is the size (in bytes) of the largest protocol data unit that the layer can pass onwards. NJ. Corruption of a single bit in a packet requires that the entire packet be retransmitted. com/ free/ t_TCPMaximumSegmentSizeMSSandRelationshiptoIPDatagra-2. (2005-09-20).). USA: Prentice Hall. Standards (Ethernet. .

This fragmentation process takes place at the IP layer (OSI layer 3) and marks packets it fragments as such. Systems may use Path MTU Discovery to find the actual path MTU. To get around this issue.3) Ethernet Jumbo Frames WLAN (802. each small enough to pass over the single link that is being fragmented for. but each packet now has to be sent in two fragments. the entire packet is lost. each of which may have different sized packets. which is 576. • When the size of most or all packets exceed the MTU of a particular link that has to carry those packets. Notes Internet IPv6 Path MTU Ethernet v2 Ethernet (802. which has a value of 576 for IPv4[1] and of 1280 for IPv6. various tunneling situations cross the MTU by very little as they add just a header's worth of data. For example. it will not initially know the lowest MTU in a chain of links to any other peers. so that the IP layer of the destination host knows it should reassemble the packets into the original datagram. IPv4 links must be able to forward packets of size up to 68 [4] bytes. This method implies a number of possible drawbacks: • All fragments of a packet must arrive for the packet to be considered received. If the network drops any fragment. almost everything has to be fragmented. . Another potential problem is that higher-level protocols may create packets larger than a particular link supports.5) FDDI At least 1280 [4] [4] [6] 1500 1492 1500-9000 The limit varies by vendor. In certain cases the overhead this causes can be considered unreasonable or unnecessary. The addition is small.[2] Media Maximum Transmission Unit (bytes) Internet IPv4 Path MTU At least 68 [3] Practical path MTUs are generally higher. The same amount of payload is being moved. Jumbo frames are usually only seen in special purpose networks. but every intermediate router has to do double the work in terms of header parsing and routing decisions. the whole Ethernet network must have the same MTU. For correct interoperation. the second of which carries very little payload. While a host will know the MTU of its own interface and possibly that of its peers (from initial handshakes). [7] Practical path MTUs are generally higher. Nearly all IP over Ethernet implementations use the Ethernet V2 frame format.11) Token Ring (802. 2272 4464 [8] 4352 [4] IP (Internet protocol) DARPA designed the Internet protocol suite to work over many networking technologies. The MTU must not be confused with the minimum datagram size that all hosts must be prepared to accept. using the MTU parameter configured for that interface.including IP headers but excluding headers from lower levels in the protocol stack. Systems must use Path MTU Discovery to find the actual path MTU. IP allows fragmentation: dividing the datagram into pieces. This should not be mistaken [5] with the packet size every host must be able to handle.Maximum transmission unit 118 Table of MTUs of common media Note: the MTUs in this section are given as the maximum size of IP packet that can be transmitted without fragmentation .

It works by setting the DF (Don't Fragment) option in the IP headers of outgoing packets. the path from the source address to the destination address often gets modified dynamically. However.) . which may introduce further packet drops before the host finds the new safe MTU. according to IPv6's specification. This is because the large set of welcome messages are sent out in packets bigger than the real MTU.Maximum transmission unit • As it is normal to maximize the payload in every fragment.this could result in the path MTU changing (sometimes repeatedly) during a transmission. RFC 1191 (IPv4) and RFC 1981 (IPv6) describe "Path MTU Discovery". Most Ethernet LANs use an MTU of 1500 bytes (modern LANs can use Jumbo frames. in response to various events (load-balancing. For example. Put another way. allowing for an MTU up to 9000 bytes). border protocols like PPPoE will reduce this. The process repeats until the MTU becomes small enough to traverse the entire path without fragmentation. but get no response after that. to prevent denial-of-service attacks). to the IP layer. congestion. Any device along the path whose MTU is smaller than the packet will drop such packets and send back an ICMP "Destination Unreachable (Datagram Too Big)" message containing its MTU. increasing numbers of networks drop ICMP traffic (e. Also. then the link layer MUST provide its own fragmentation and reassembly mechanism. the path MTU is the largest packet size that can traverse this path without suffering fragmentation. in an IP network.g. if a particular Data Link Layer physically cannot deliver an IP datagram of 1280 bytes in a single frame. • There is no simple method to discover the MTU of links beyond a node's direct peers. this does not preclude Data Link Layers with an MTU smaller than IP's minimum MTU from conveying IP data. any further fragmentation that turns out to be necessary will increase the overhead even more. For example. describes a Path MTU Discovery technique which responds more robustly to ICMP filtering. etc. in general as well as when fragmenting. separate from IP's own fragmentation mechanism. 1500) and the Path MTU causes Path MTU Discovery to come into effect. RFC 4821. for example one can change the MSS (maximum segment size) in the initial packet that sets up the TCP connection at one's firewall. One can possibly work around this. The difference between the MTU seen by end-nodes (e. This information allows the source host to reduce its assumed path MTU appropriately. a technique for determining the path MTU between two IP hosts. . outages. however. One often detects such blocking in the cases where a connection works for low-volume data but hangs as soon as a host sends a large block of data at a time. intact. which prevents path MTU discovery from working. Packetization Layer Path MTU Discovery. with IRC a connecting client might see the initial messages up to and including the initial ping (sent by the server as an anti spoofing measure). with the possible result of making some sites behind badly-configured firewalls unreachable. to ensure that a 1280-byte IP datagram can be delivered.g. The Internet Protocol requires that hosts must be able to process IP datagrams of at least 576 bytes (for IPv4) or 1280 bytes (for IPv6). 119 Path MTU Discovery The Internet Protocol defines the "Path MTU" of an Internet transmission path as the smallest MTU of any of the IP hops of the "path" between a source and destination. depending on which part of the network one controls. Unfortunately.

Taking this figure of 1488 and subtracting from it any overheads contributed by all relevant higher protocols we can obtain a suggested value for an artificially-reduced optimal MTU. Many network switches have a built-in capability to detect when a device is jabbering and block it until it resumes proper operation. For this reason. In the case where the user would normally send 1500 byte packets. In order to avoid the problem of long data-frames taking up the medium for long periods of time. RFC 2516 prescribes a maximum MTU for PPPoE/DSL connections of 1492: a PPPoE header of 6 bytes. So the total length of the transmitted data length is 53 * ncells bytes. sending between 1489 and 1536 bytes requires an additional fixed cost of 53 bytes transmitted. provides a high-speed (up to 1 Gigabit/s) local area network using existing home wiring (power lines. The G. an example of MTU tuning Sometimes the demands of efficiency encourage artificially declaring a reduced MTU in software below the true maximum possible length supported . ATM operates at optimum efficiency when packet length is a multiple of 48 bytes.hn standard. particularly those with a telephony background. where ncells = the number of required cells of = INT((payload_length+47)/48). This gives a total cost of 31*53=1643 bytes transmitted via ATM from a 1478 byte packet passed to PPPoA. phone lines and coaxial cables).hn Data Link Layer accepts data frames of up to 214 bytes (16384 bytes).[9] . in the form of one extra ATM cell. use ATM on their internal backbone network. Some providers. the final cell costing an extra 53 transmitted bytes 47 of which are padding. So in this example. we obtain a desired optimal reduced MTU figure of 1478 = 31*48-10 taking into account an overhead of 10 bytes consisting of a Point-to-Point Protocol overhead of 2 bytes. So in the worst case. G. This is because ATM is sent as a stream of fixed-length packets (known as 'cells'). keeping to a self-imposed reduced MTU of 1478 as opposed to sending IP packets of total length 1500 saves 53 bytes per packet at the ATM layer at a cost of a 22 byte reduction of the length of IP packets. artificially declaring a reduced MTU in software maximises protocol efficiency at the ATM layer by making the ATM AAL5 total payload length a multiple of 48 bytes whenever possible. For example. Disruption The transmission of a packet on a physical network segment that is larger than the segment's MTU is known as jabber.hn defines a procedure for segmentation that divides the data frame into smaller segments. leaving enough room for a 1488 byte payload. one additional cell is needed to transmit the one last byte of payload. or 31 full ATM cells. again choosing to fill 31 ATM cells as before. each of which can carry a payload of 48 bytes of user data with 5 bytes of overhead for a total cost of 53 bytes per cell. This is almost always caused by faulty devices. For the example of IP over DSL connections using PPPoA/VC-MUX. and an AAL5 overhead of 8 bytes.Maximum transmission unit 120 ATM backbones. In the case of IP sent over ADSL using PPPoA the figure of 1478 would be the total length of the IP packet including IP headers. 31 completely filled ATM cells carry a payload of 31*48=1488 bytes. where the total length = (48*n+1) bytes. MTU in other standards The G.for example: where an ATM (Asynchronous Transfer Mode) network carries IP traffic. developed by ITU-T.

net/mss/) • MTU Path (http://www. "Path MTU Discovery and Filtering ICMP" (http://alive. 1998).com/~marcs/ mtu/index. Retrieved 2007-09-02. 24.orangeproblems.php) – a console utility for debugging mtu problems • MSS Initiative (http://www.Optimization Tips (http:/ / www. p.net/broadband/mtu_ping_test. 13 [3] RFC 791. p." [6] RFC 2460 [7] RFC 6145 [8] Structure of the IEEE 802. htm) • Marc Slemko (January 18. 3com. External links • Tweaking your MTU / RWin for Orange Broadband Users (http://www.uk/kitz/) • How to set the TCP MSS value using iptables (http://www.elifulkerson. 13 [2] RFC 2460.com/products/mtupath.phildev. p.html).com/drtcp) – a utility for optimizing MTU under Microsoft Windows • mturoute (http://www.frozentux.com/projects/mturoute.shtml) via ping and setting it in Microsoft Windows • DrTCP (http://www.and.11 MAC Frames . net/ Wireless-Internet-Technologies-and-Applications/ 1925. "Every internet destination must be able to receive a datagram of 576 octets either in one piece or in fragments to be reassembled. "Every internet module must be able to forward a datagram of 68 octets without further fragmentation.iea-software." [4] RFC 1191 [5] RFC 791.Configuration.dslreports. com/ infodeli/ tools/ switches/ ss3/ management/ ug/ cli_mg6a. p.co. html#TCPMSSTARGET) • Discovering of MTU value (http://help.Maximum transmission unit 121 References [1] RFC 791.znep.Wireless.expedient. html) [9] 3Com SuperStack Switch Management Guide (http:/ / support.Wlan. 24.cfm)   MTU discovery tool for IPv4 and IPv6 networks . wireless-center.net/iptables-tutorial/iptables-tutorial.wifi.

Modern networks use congestion control and network congestion avoidance techniques to try to avoid congestion collapse. Network capacity The fundamental problem is that all network resources are limited. where the total incoming bandwidth to a node exceeds the outgoing bandwidth. with between 10 and 1000 Mbit/s of incoming bandwidth and at most 8 Mbit/s of outgoing bandwidth. which provides high-speed (up to 1 Gbit/s) Local area networking over existing home wires (power lines. Another method to avoid the negative effects of network congestion is implementing priority schemes. A third method to avoid network congestion is the explicit allocation of network resources to specific flows.Network congestion 122 Network congestion In data networking and queueing theory. Thus. When a network is in such a condition. • Even on fast computer networks (e. An example of this is 802. Network protocols which use aggressive retransmissions to compensate for packet loss tend to keep systems in a state of network congestion even after the initial load has been reduced to a level which would not normally have induced network congestion. network congestion occurs when a link or node is carrying so much data that its quality of service deteriorates. or to an actual reduction in network throughput. packet loss or the blocking of new connections. These include: exponential backoff in protocols such as 802. .hn standard. when little or no useful communication is happening due to congestion. generating large-scale network congestion Congestive collapse Congestive collapse (or congestion collapse) is a condition which a packet switched computer network can reach. • Because P2P scales very well. including router processing time and link throughput. so that some packets are transmitted with higher priority than others. RFC 2914 addresses the subject of congestion control in detail.g. • Denial of service attacks by botnets are capable of filling even the largest Internet backbone network links (40 Gbit/s as of 2007). A DSL modem is the most common small network example. but they help to alleviate the effects of congestion for some services. Connection points between a local area network and a wide area network are the most likely choke points. 1 Gbit). The stable state with low throughput is known as congestive collapse.11's CSMA/CA and the original Ethernet. A consequence of these latter two is that incremental increases in offered load lead either only to small increases in network throughput. Congestion collapse generally occurs at choke points in the network. it has settled (under overload) into a stable state where traffic demand is high but little useful throughput is available. networks using these protocols can exhibit two stable states under the same level of load. One example of this is the use of Contention-Free Transmission Opportunities (CFTXOPs) in the ITU-T G. phone lines and coaxial cables). However: • today's (2006) Wireless LAN effective bandwidth throughput (15-100Mbit/s) is easily filled by a single personal computer. particularly when nearby peers are preferred over distant peers. window reduction in TCP. Priority schemes do not solve network congestion by themselves. Typical effects include queueing delay. the backbone can easily be congested by a few servers and client PCs. and fair queueing in devices such as routers. and there are high levels of packet delay and loss (caused by routers discarding packets because their output queues are too full) and general quality of service is extremely poor.1p. file transmissions by P2P have no problem filling and will fill an uplink or some other network bottleneck.

Theory of congestion control The modern theory of congestion control was pioneered by Frank Kelly. Congestion control then becomes a distributed optimisation algorithm for solving the above problem. Let . . when the NSFnet phase-I backbone dropped three orders of magnitude from its capacity of 32 kbit/s to 40 bit/s. exactly the opposite of what should be done during congestion. strictly convex function. which prevents the sender from overwhelming the receiver. expecting the end points of the network to retransmit the information. Let be the rate of flow and . while sliding window flow control causes "burstiness" which causes different flows to observe different loss or delay at a given link. . although many others are possible. Many current congestion control algorithms can be modelled in this framework. so as to avoid congestive collapse by attempting to avoid oversubscription of any of the processing or link capabilities of the intermediate nodes and networks and taking resource reducing steps. Examples of "optimal" rate allocation are max-min fair allocation and Kelly's suggestion of proportional fair allocation. called the utility. Cause When more packets were sent than could be handled by intermediate routers. The sum of these Lagrange multipliers. the intermediate routers discarded many packets. The optimal rate allocation then satisfies much benefit a user obtains by transmitting at rate such that The Lagrange dual of this problem decouples. and be 1 if flow uses link and 0 otherwise. Congestion control Congestion control concerns controlling traffic entry into a telecommunications network. such as reducing the rate of sending packets. doubling the data rate sent. vectors and matrix. When this packet loss occurred. with being either the loss probability or the queueing delay at link . be the be the corresponding be an increasing. is the price to which the flow responds. Let capacity of link . the end points sent extra packets that repeated the information lost. which gives rise to a Lagrange multiplier. Each link capacity imposes a constraint. so that each flow sets its own rate. This pushed the entire network into a 'congestion collapse' where most packets were lost and the resultant throughput was negligible. which measures how . early TCP implementations had very bad retransmission behavior. A major weakness of this model is that it assumes all flows observe the same price. who applied microeconomic theory and convex optimization theory to describe how individuals controlling their own rates can interact to achieve an "optimal" network-wide rate allocation. It was first observed on the early Internet in October 1986. The mathematical expression for optimal rate allocation is as follows.Network congestion 123 History Congestion collapse was identified as a possible problem as far back as 1984 (RFC 896. It should not be confused with flow control. dated 6 January). and this continued to occur until end nodes started implementing Van Jacobson's congestion control between 1987 and 1988. However. based only on a "price" signalled by the network.

Fair queueing is most useful in routers at choke points with a small number of connections passing through them. fairness. • By the aspect of performance it aims to improve: high bandwidth-delay product networks. 2. "minimum potential delay" Avoidance The prevention of network congestion and collapse requires two major components: 1. and random early detection. the congestion lifts and good use of the network occurs. proportional.Network congestion 124 Classification of congestion control algorithms There are many ways to classify congestion control algorithms: • By the type and amount of feedback received from the network: Loss. but progressively slow the rate that information is repeated. congestion in pure datagram networks must be kept out at the periphery of the network. . receiver and routers need modification. such as quality-of-service routing. must be taken to keep packets from being dropped from streams. can be troublesome. Thus. Larger routers must rely on RED. cheap fiber-optic lines have reduced costs in the Internet backbone. In general. but it was not until Van Jacobson's inclusion of an open source solution in the Berkeley Standard Distribution UNIX ("BSD") in 1988 that good TCP implementations became widespread. The backbone can thus be provisioned with enough bandwidth to keep congestion at the periphery. sender. delay. The correct end point behaviour is usually still to repeat dropped information. lossy links. TCP is perhaps the best behaved. variable-rate links • By the fairness criterion it uses: max-min. have any congestion control mechanism. Other strategies such as slow-start ensure that new connections don't overwhelm the router before the congestion detection can kick in. Protocols atop UDP which transmit at a fixed rate. where the mechanisms described above can handle it. special measures. End-to-end flow control mechanisms designed into the end points which respond to congestion and behave appropriately. including many Voice over IP protocols. Some end-to-end protocols are better behaved under congested conditions than others. only router needs modification. Fortunately. sender and receiver need modification. Provided all end points do this. have this property. UDP does not. or RED. Real-time streaming protocols. advantage to short flows. Protocols built atop UDP must handle congestion in their own way. where packets are randomly dropped proactively triggering the end points to slow transmission before congestion collapse actually occurs. and the end points all get a fair share of the available bandwidth. A mechanism in routers to reorder or drop packets under overload. The most common router mechanisms used to prevent congestive collapses are fair queueing and other scheduling algorithms. single-bit or multi-bit explicit signals • By incremental deployability on the current Internet: Only sender needs modification. Congestion in the Internet backbone is very difficult to deal with. The first TCP implementations to handle congestion well were developed in 1984. in itself. independent of congestion.

There are many different network congestion avoidance processes. 50% (lower threshold) filled and deletes linearly more or (better according to paper) cubical more [10] up to e. weighted random early detection (WRED) could be used if available.this is called TCP global synchronization. queue management will reduce the delays and jitter seen by flows. when the average queue buffer lengths are more than e. [2] [3] [4] [5] [6] Problems occur when many concurrent TCP flows are experiencing port queue buffer tail-drops. since there are a number of different trade-offs available. or delays (see Quality of Service) in order to adjust the transmit speed. time. By keeping the average queue size small. equipment ports with more than one queue buffer. The connection bandwidth will be more equally shared among connection oriented flows. such as the widely-used TCP protocol.g. generally watch for packet errors.g. Robust random early detection (RRED) Robust Random Early Detection (RRED) algorithm was proposed to improve the TCP throughput against Denial-of-Service (DoS) attacks. The link utilization will increase because less TCP global synchronization will occur. Experiments have confirmed that the existing RED-like algorithms are notably vulnerable under Low-rate Denial-of-Service [4] (LDoS) attacks due to the oscillating TCP queue size caused by the attacks [11] . All flows that experience port queue buffer tail-drop will begin a TCP retrain at the same moment . particularly Low-rate Deinal-of-Service (LDoS) attacks. [1] TCP/IP congestion avoidance The TCP congestion avoidance algorithm is the primary basis for congestion control in the Internet. Active Queue Management (AQM) Purpose "Recommendations on Queue Management and Congestion Avoidance in the Internet" (RFC 2309[7] ) states that: • • • • Fewer packets will be dropped with Active Queue Management (AQM). e. RED indirectly signals to sender and receiver by deleting some packets. The average queue buffer lengths are computed over 1 second at a packets. losses. Then TCP's automatic congestion avoidance is not enough. 100% (higher threshold). even without flow-based RED or WRED. RRED algorithm can significantly improve the performance of TCP under Low-rate Denial-of-Service attacks [11] .Network congestion 125 Practical network congestion avoidance Implementations of connection-oriented protocols. Random early detection [8] [9] On network One solution is to use random early detection (RED) on network equipments port queue buffer. Recent Publications in low-rate Denial-of-Service (DoS) attacks [12] .g.

this data creates a congestion point at an upstream provider by flooding the queue much faster than it can be emptied. This is true in nearly all cases. it will set an ECN-flag notifying the sender of congestion. This technique can reduce congestion in a network by a factor of 40. by decreasing the tcp window size (sending rate) or by other means. but it requires explicit support by both hosts to be effective. an ECN bit is used to signal that there is explicit congestion. the remote servers will send less data.Network congestion Flowbased-RED/WRED Some network equipment are equipped with ports that can follow and measure each flow (flowbased-RED/WRED) and are hereby able to signal to a too big bandwidth flow according to some QoS policy. The sender then ought to decrease its transmission bandwidth. Side effects of congestive collapse avoidance Radio links The protocols that avoid congestive collapse are often based on the idea that data loss on the Internet is caused by congestion. The TCP connections running over a radio based physical layer see the data loss and tend to believe that congestion is occurring when it isn't and erroneously reduce the data rate sent. IP ECN [13] ECN is only used when the two hosts signal that they want to use it. This is better than the indirect packet delete congestion notification performed by the RED/WRED algorithms. graphic or web page. More information on the status of ECN including the version required for Cisco IOS. When there are many applications simultaneously requesting downloads. it usually advertises a "window" of between 32K and 64K. It ensures that no flows fill the port queues for a long time. With Another approach is to use IP ECN. this method. When an application requests a large file. this causes WiFi. A policy could divide the bandwidth among all flows by some criteria.g. By using a device to reduce the window advertisement. However. This results in the server sending a full window of data (assuming the file is larger than the window). Engine IV and V has the possibility to classify all flows in "aggressive" (bad) and "adaptive" (good). thus reducing the congestion and allowing traffic to flow more freely. e. DBL can utilize IP ECN instead of packet-delete-signalling. 3G or other networks with a radio layer to have poor throughput in some cases since wireless networks are susceptible to data loss due to interference. . Cisco AQM: Dynamic buffer limiting (DBL) Cisco has taken a step further in their Catalyst 4000 series with engine IV and V. by Sally Floyd. [15] [16] TCP Window Shaping Congestion avoidance can also efficiently be achieved by reducing the amount of traffic flowing into a network. [14] Some outdated or buggy network equipment drops packets with the ECN bit set. errors during transmission are rare on today's fiber based Internet. rather than ignoring the bit. 126 When a router receives a packet marked as ECN capable and anticipates (using RED) congestion.[8] one of the authors of ECN.

org/ publications/ aqm_iscc2003. Clarence Filsfils (Morgan Kaufmann. html) [15] Active Queue Management (http:/ / www. John Nagle. August. htm#1271759) • "Deploying IP and MPLS QoS for Multiservice Networks: Theory and Practice" by John Evans. Karels.1(4): pp.. Proceedings of the Sigcomm '88 Symposium. pdf) Quote: ". edu/ lee00tcp. 489-491. ist. html) (1988). 14. cisco.gov/papers/congavoid. pdf?attredirects=0). To avoid this problem. icir. edu/ bagal99comparative. psu. org/ xpl/ freeabs_all. modern browsers either open multiple connections simultaneously or reuse one connection for all files requested from a particular web server. IEEE Communications Letters. 127 References [1] TCP Tunnels: Avoiding Congestion Collapse (2000) (http:/ / citeseer.lbl. html) [9] Sally Floyd. Van Jacobson and Michael J.The Addition of Explicit Congestion Notification (ECN) to IP [14] Comparative study of RED. Congestion Avoidance. [10] An Analytical RED Function Design Guaranteeing Stable System Behavior (http:/ / www.397–413.. htm#1271743) [16] Enabling Dynamic Buffer Limiting (http:/ / www. pdf) [7] RFC 2309 . Ref (http:/ / ieeexplore.Network congestion Short-lived connections The slow-start protocol performs badly for short-lived connections. psu. com/ RealtimeMantra/ Networking/ TCP_Congestion_Avoidance. vol. 2010. and Weifeng Chen. com/ site/ cwzhangres/ home/ files/ RREDRobustREDAlgorithmtoCounterLow-rateDenial-of-ServiceAttacks. no parameters are to be adjusted.. Compared to the original linear drop function applicability is extended by far. Random Early Detection Gateways for Congestion Avoidance (http:/ / citeseer. org/ floyd/ red. November.org/html/rfc896) . which resulted in poor response time. psu. However. Karels.TCP Congestion Control [5] RFC 3390 . 6 January 1984 • Introduction to Congestion Avoidance and Control (http://ee. 1988. ISBN 0-12-370549-5) • RFC 2914 (http://tools.. RRED: Robust RED Algorithm to Counter Low-rate Denial-of-Service Attacks (http:/ / sites. IEEE/ACM Transactions on Networking.Congestion Control Principles. ist. com/ site/ cwzhangres/ home/ posts/ recentpublicationsinlow-ratedosattacks [13] RFC 3168 .April 1998: Recommendations on Queue Management and Congestion Avoidance in the Internet [8] Sally Floyd: RED (Random Early Detection) Queue Management (http:/ / www. and Fast Recovery Algorithms [4] RFC 2581 . google. html) [2] Van Jacobson.org/html/rfc2914) . the initial performance can be poor. vol. Fast Retransmit. This kept most connections in the slow start mode.ietf.The advantage of this function lies not only in avoiding heavy oscillations but also in avoiding link under-utilization at low loads.. Zhiping Cai. google. ECN and TCP Rate Control (1999) (http:/ / citeseer. eventhelix.ietf. The applicability of the derived function is independent of the load range. [3] RFC 2001 . ieee. Michael J. 2000 • RFC 896 (http://tools.18(4): pp.314–329. Van Jacobson. psu." [11] Changwang Zhang. edu/ 484335. cisco. This paper originated many of the congestion avoidance algorithms used in TCP/IP.Our example with realistic system parameters gives an approximation function of the cubic of the queue size. Congestion Avoidance and Control (http:/ / citeseer. Invented Random Early Detection (RED) gateways. Stanford."Congestion Control in IP/TCP". vol. and many connections never get out of the slow-start regime. Sally Floyd. September.pdf). CA. ist-mobydick. html) (1993). jsp?arnumber=5456075) [12] http:/ / sites. 2007. ist. Jianping Yin. com/ univercd/ cc/ td/ doc/ product/ lan/ cat4000/ 12_1_19/ config/ qos. ist.. pp. and would open and close the connection for each file requested. com/ univercd/ cc/ td/ doc/ product/ lan/ cat4000/ 12_1_19/ config/ qos. significantly increasing latency.TCP Increasing TCP's Initial Window [6] TCP Congestion Avoidance Explained via a Sequence Diagram (http:/ / www. edu/ 462978. 1988 . Older web browsers would create many consecutive short-lived connections to the web server.TCP Slow Start.

2007.ecse. Raj Jain.umn.icir.com/q/queuing. RFC 896: Congestion control in IP/TCP internetworks (1984) • Floyd. October 1999) (pdf format) • Linktionary term: Queuing (http://www. using fluid flow based TCP model" (http://www. J.google. Ratul Mahajan.org/floyd/ecn.html) • Random Early Detection Homepage (http://www. RFC 2914: Congestion control principles (2000) • Floyd.visualland.icir.duth. org/floyd/end2end-paper. Hitay Ozbay.99/floyd/floyd.html) • Explicit Congestion Notification Homepage (http://www. " Guidelines for optimizing Multi-Level ECN.Network congestion 128 Books • "Deploying IP and MPLS QoS for Multiservice Networks: Theory and Practice" by John Evans. Promoting the Use of End-to-End Congestion Control in the Internet (http://www. php?simu=tcp_fast_recovery&protocol=TCP&title=5.ima.cs.pdf) • Papers in Congestion Control (http://www. S. David Wetherall: RED-PD: RED with Preferential Dropping (http://www.ccs.edu/homes/ratul/red-pd/) • A Generic Simple RED Simulator for educational purposes by Mehmet Suzen (http://code. S.wustl. Clarence Filsfils (Morgan Kaufmann.org/floyd/red.pdf) (IMA Workshop on Scaling Phenomena in Communication Networks.neu.html) • Sally Floyd. Mukundan Sridharan.html) (IEEE/ACM Transactions on Networking. and K.cse.edu/home/ladrian/abstract/aimdfc.html) • TFRC Homepage (http://www.edu/ ~jain/papers. ISBN 0-12-370549-5) External links • Nagle.aciri.html) • TCP congestion control simulation: Fast recovery (http://www.edu/Homepages/shivkuma/research/cong-papers.org/tfrc/) • AIMD-FC Homepage (http://www.icir. August 1999) • Sally Floyd.edu/talks/workshops/10-22-24.net/tcp_histrory. Arjan Durresi.gr/~emamatas/jie2007. washington. On the Evolution of End-to-end Congestion Control in the Internet: An Idiosyncratic View (http:// www.com/p/ guduz/) • Approaches to Congestion Control in Packet Networks (http://utopia.linktionary. Sriram Chellappan.html) • Pierre-Francois Quet.Fast recovery&ctype=1) .rpi. Fall.

173.R. Sandhu. Following debate and comment within the RBAC and security communities. 47–63. pp.F. nist. [2] References [1] Sandhu. "RBAC Standard Rationale: comments on a Critique of the ANSI Standard on Role Based Access Control" (http:/ / csrc. gov/ groups/ SNS/ rbac/ documents/ ferraiolo-kuhn-sandhu-07. History In 2000. and Sandhu. External links • (http://csrc. (Nov/Dec 2007). R.. This proposal was published by Sandhu.. Coyne.F. It is managed by INCITS committee CS1. . and Kuhn. [2] Ferraiolo. D. D. gov/ rbac/ sandhu-ferraiolo-kuhn-00. R. Kuhn. . pdf) (PDF). Ferraiolo. and Youman (1996). nist. Although originally developed by the National Institute of Standards and Technology. integrating the RBAC model published in 1992 by Ferraiolo and Kuhn with the RBAC framework introduced by Sandhu. In 2004. and Kuhn later published an explanation of the design choices in the model. D. 5th ACM Workshop Role-Based Access Control.org) (INCITS web site) .gov/groups/SNS/rbac/index. "The NIST Model for Role Based Access Control: Toward a Unified Standard" (http:/ / csrc. NIST called for a unified standard for RBAC. Ferraiolo. the standard was adopted and is copyrighted and distributed as INCITS 359-2004 by the International Committee for Information Technology Standards (INCITS).NIST RBAC model 129 NIST RBAC model The NIST RBAC model is a standardized definition of role based access control. and Kuhn [1] and presented at the ACM 5th Workshop on Role Based Access Control. Ferraiolo.S. doi:10. national standard for RBAC through the INCITS.R. (July 2000).2007. D. IEEE Security & Privacy (IEEE Press) 5 (6): 51–53..1109/MSP. Feinstein. the standard received ballot approval and was adopted as INCITS 359-2004.html) (NIST RBAC web site) • (http://incits. pdf) (PDF). NIST made revisions and proposed a U.nist.

NetSense. as well as other mechanisms to extend and enhance the program. without releasing new versions of the application. and linux boxes. which are interpreted text files that can be extended by the user to enhance the display and analysis of existing protocols. History WildPackets. It supports a plugin API. the OmniEngine Distributed Capture Engine was released as software.. there are remote adapters to capture from RMON. 2002. These plug-ins range from simple logging extensions to full-blown applications that are hosted by OmniPeek. Optimized network analysis training courses and instructors were added to WildPackets services. However. Aruba AP's. The first product by WildPackets was written for the Mac. was founded in 1990 by Mahboud Zabetian and Tim McCreery. When the wizard is run. the WildPackets' building in Walnut Creek California completely burnt to the ground.. the company survived the fire. and add knowledge of completely new protocols.[6] Plugin Wizards: The Plugin Wizards for both the OmniPeek Console and the OmniEngine are Microsoft Visual Studio Project Templates that generate working plug-ins. the user is left with a working plugin with entry points for adding application logic. was converted into a plug-in and integrated into a new version of the product called EtherPeekNX. Currently. In 2001. Inc. On the morning of July 15.[4] Extensibility OmniPeek has API's on the front-end for automation. Their product.[5] Plug-ins: There are over 40 different plug-in's available for the OmniPeek Platform.com [1] OmniPeek is a packet analyzer software tool from WildPackets Inc. Remote Adapters: Adapters provide a means to capture packets and stats from various sources. Cisco AP's.OmniPeek 130 OmniPeek OmniPeek Developer(s) WildPackets Operating system Windows Type Website Packet analyzer www.wildpackets. which added support for 802. which was released in 1997. an expert system for network troubleshooting. SFlow. It was later ported to Windows. Decoders: The most notable of these are the protospecs and decoder files. These plug-in wizards make it easy and . and as a hardware network recorder appliance. Adapters are also available to aggregate packets from multiple network segments and wireless channels at the same time. When the wizard is complete. NetFlow. a dialog appears providing options for different types of functionality that sample code will be generated for. and called EtherPeek.[3] WildPackets acquired Optimized Engineering Corporation in 2001. It was a protocol analyzer for ethernet networks.11 wireless networks. AiroPeek was released. In 2003. It is used for network troubleshooting and protocol analysis.[2] Acquisitions WildPackets acquired Net3 Group in November 2000. API's on the back-end for analysis.

com/ products/ distributed_network_analysis/ omnipeek_network_analyzer [2] "WildPackets Survives Fire" (http:/ / www. Expands Protocol Analysis Training and Services. [8] "PlaceMap 1. wildpackets. bizjournals. . Retrieved 2009-07-23. adapters. html). com/ coms2/ summary_0286-10587967_ITM). html). com/ PlaceMap/ 3000-2085_4-10588141. com/ news/ technology/ 575128/ wildpackets_offers_free_google_map_plugin/ index. redorbit. PlaceMap is a notable example of extensibility in that it uses exactly the same Google Map plugin that is also available for the OmniPeek. [5] "An Open API Sets WildPackets Apart" (http:/ / windowsitpro. html).0.Save and query packets from a database PeekPlayer Plugin . . Retrieved 2009-07-23. . internetnews. Retrieved 2009-07-23. com/ WildPackets+ Launches+ MyPeek+ Community+ Portal.Collect and report web statistics Remote TCPDump Adapter Plugin .Display instant message screen names and chat WebStats Plugin . 2000-11-20. Retrieved 2009-07-23. .OmniPeek quick to develop extensions to OmniPeek. and is uses the peek driver API to capture packets. Retrieved 2009-07-23. scripts. . . [9] "WildPackets Offers Free Google Map Plug-In" (http:/ / www. -a0179645388). com/ eastbay/ stories/ 2000/ 11/ 20/ daily2. . It provides plug-in's. html).Map nodes to a Google Map[9] SQLFilter Plugin . Business Wire.Construct and display web pages from packets IM Plugin .stream packets from any machine with SSH and tcpdump Cisco Remote Adapter Plugin . ." (http:/ / www. com/ article/ articleid/ 95726/ an-open-api-sets-wildpackets-apart. [6] "Throwin' Down The Decoder Gauntlet!" (http:/ / blog.stream packets from Cisco Access Points Aruba Remote Adapter Plugin . 2001-01-31.4" (http:/ / download. html).[7] PlaceMap: is a freely available standalone Google Maps Packet sniffer application for Windows that captures network traffic and maps nodes to the Google Map. accessmylibrary. com/ 2008/ 05/ throwin-down-the-decoder-gauntlet. [4] "WildPackets to Acquire Optimized Engineering Corporation. Retrieved 2009-07-23. and various levels of support for the different plug-ins posted there.Display web sites in real-time from URL's Browser Plugin .Decode packets WatchMe Plugin . .stream packets from Aruba Networks Air Monitors References [1] http:/ / www. and expertise for those interested in extending OmniPeek themselves. thefreelibrary.0. [3] "WildPackets to buy Net3" (http:/ / eastbay.Write scripts that process packets Decoder Plugin . tools. php/ 1433881). com/ wireless/ article. Retrieved 2009-07-23. [7] "WildPackets Launches MyPeek Community Portal" (http:/ / www. cnet.Send packet an adapter or a capture window PowerBar Plugin . wildpackets.[8] 131 Example Plugins • • • • • • • • • • • • Google Map Plugin . Retrieved 2009-07-23. MyPeek: The MyPeek Community Portal is a website dedicated to the extension of OmniPeek.

net/PERTKB/PacketReordering • http://www-iepm. Sept. Jayasumana. A. or via parallel processing paths within network equipment that are not designed to ensure that packet ordering is preserved. April 23.pert. 18. 2006: LWAPP Decodes Enablement on WildPackets OmniPeek and EtherPeek 3. One of the functions of TCP is to prevent the out-of-order delivery of data. S. Robert Tarpley (http://www. March 10.com/reviews/2008/031008-voip-analysis-tools-test.itweek. Tested: WildPackets OmniPeek Enterprise 4. 2008: Clear Choice Test VoIP analysis tools. A. Improved Packet Reordering Metrics.0 Software (http://www.networkworld.com) • Network World.html) • Network World . Ramachandran.networkworld. By Tom Henderson. A. June 2008 • http://kb. November 2006 • RFC 5236. Robert Smithers.geant. Piratla.edu/monitoring/reorder/ . T. J. Network IT Week.slac.wildpackets. N.0 (http://www. Ciavattone. Banka. Mar. Packet reordering is a common behavior in real-world networks. shtml) Out-of-order delivery In computer networking. Packet Reordering Metrics. Perser. Morton. either by reassembling packets into order or forcing retries of out-of-order packets. Shalunov. Out-of-order delivery can be caused by packets following multiple paths through a network.cisco.com/en/US/tech/tk722/tk809/technologies_tech_note09186a008063e5de. By Anthony Mosco. out-of-order delivery is the delivery of data packets in a different order from which they were sent. R. 2007: WLAN analyzers: WildPackets' OmniPeek For Windows 4. By Rob Smithers of Miercom (http:// www.1. Whitner.html?nlhttest=ts_031108& nladname=031108producttestal) • Cisco Website. L.com/reviews/2006/091806-voip-test-analysis-wildpackets. G. co. Rand Dvorak (http://www.uk/networkitweek/software/2161896/packet-inspector-offers-simple) • Network World.OmniPeek 132 External links • Official website (http://www. 2006: Review of WildPackets' OmniPeek. by Dave Bailey.stanford. WildPackets' latest OmniPeek tool makes it easier to inspect traffic and troubleshoot networks. Bare. 19 Aug 2006. html) • IT Week. External links • RFC 4737.networkworld.com/reviews/2007/042307-wireless-lan-test-omnipeek. 22.

Some protocol analyzers can also generate traffic and thus act as the reference device. decodes the packet's raw data.) or where the expected packet size is small compared to the maximum amount of information that can be transmitted. Capabilities On wired broadcast LANs. or as is increasingly more common combined with a disk array. to capture traffic other than unicast traffic sent to the machine running the sniffer software. there are some methods to avoid traffic narrowing by switches to gain access to traffic from other systems on the network (e. packet aggregation may be responsible for joining multiple MSDUs into a single MPDU that can be delivered to the physical layer as a single unit for transmission. This allows historical forensic analysis of packets without the user having to recreate any fault. one can capture traffic on a particular channel. showing the values of various fields in the packet. an Ethernet sniffer or wireless sniffer) is a computer program or a piece of computer hardware that can intercept and log traffic passing over a digital network or part of a network. packets not for the service set for which the adapter is configured will usually be ignored. the sniffer captures each packet and. phone lines and coaxial cables). ARP spoofing). one can capture traffic on all or just parts of the network from a single machine within the network. or for particular types of networks.[2] On wireless LANs. determine the root causes of errors. and analyzes its content according to the appropriate RFC or other specifications. etc. however. and may also have the ability to deliberately introduce errors to test for the DUT's ability to deal with error conditions. others don't. the network adapter being used to capture the traffic must be put into promiscuous mode. the adapter must be in monitor mode. which provides a way to create a high-speed (up to 1 Gigabit/s) Local area network using existing home wiring (power lines. Protocol analyzers vary in their abilities to display data in multiple views. Packet analyzer A packet analyzer (also known as a network analyzer. In a communication system based on a layered OSI model. . is an example of a protocol that employs packet aggregation to increase efficiency. packet aggregation is the process of joining multiple packets together into a single transmission unit. multicast traffic sent to a multicast group to which that machine is listening. even if the adapter is in promiscuous mode. On wired broadcast and wireless LANs. whose purpose is to mirror all packets passing through all ports of the switch when systems (computers) are connected to a switch port. automatically detect errors. cyclic redundancy check.Packet aggregation 133 Packet aggregation In a packet-based communications network. On wireless LANs. some sniffers support this. either in probe format. These devices record packets (or a slice of the packet) to a disk array. etc. depending on the network structure (hub or switch). To use a network tap is an even more reliable solution than a monitoring port since taps are less likely to drop packets during high traffic loads.[1] As data streams flow across the network. Packet aggregation is useful in situations where each transmission unit may have significant overhead (preambles. For network monitoring purposes it may also be desirable to monitor all data packets in a LAN by using a network switch with a so-called monitoring port. headers. if needed.hn standard. in order to reduce the overhead associated with each transmission. these can act as protocol testers. The captured information is decoded from raw digital form into a human-readable format that permits users of the protocol analyzer to easily review the exchanged information. To see those packets. Such testers generate protocol-correct traffic for functional testing. protocol analyzer or sniffer. The ITU-T G. Protocol Analyzers can also be hardware based. generate timing diagrams. and broadcast traffic.g.

• • • • • • • • • • • • • • • • • • • • • Capsa Cain and Abel dSniff Justniffer ettercap Microsoft Network Monitor ngrep Network Grep snoop tcpdump Wireshark (formerly known as Ethereal) Carnivore (FBI) Clarified Analyzer Congruity Inspector Software Fluke Lanmeter NetScout nGenius Infinistream NetScout Sniffer Global Analyzer NetScout Sniffer Portable Professional Analyzer Network Instruments Observer Niksun NetDetector OPNET Technologies ACE Analyst SkyGrabber . see Comparison of packet analyzers. Web filter. Spam filter.Packet analyzer 134 Uses The versatility of packet sniffers means they can be used to: • • • • • • • • • • • • • • • • • • • Analyze network problems Detect network intrusion attempts Detect network misuse by internal and external users Documenting regulatory compliance through logging all perimeter and endpoint traffic Gain information for effecting a network intrusion Isolate exploited systems Monitor WAN bandwidth utilization Monitor network usage (including internal and external users and systems) Monitor data-in-motion Monitor WAN and endpoint security status Gather and report network statistics Filter suspect content from network traffic Serve as primary data source for day-to-day network monitoring and management Spy on other network users and collect sensitive information such as passwords (depending on any content encryption methods which may be in use) Reverse engineer proprietary protocols used over the network Debug client/server communications Debug network protocol implementations Verify adds. access control. moves and changes Verify internal control system effectiveness (firewalls. proxy) Notable packet analyzers For a more comprehensive list.

25 addresses. 2011-03-11.net/raw-sockets/ raw-sockets. flow control.com/pubs/ sniffing-faq. X. abbreviated PAD is a communications device which provides multiple asynchronous terminal connectivity to an X. ISBN 978-0735542730.php?page=security/AQuickIntrotoSniffers) • Multi-Tap Network Packet Capture (http://www. It collects data from a group of terminals and places the data into X.org/nst/tools/wiki-redirect.25 host.25 (packet-switching) network or host computer.com/support/ installation. pp.colasoft. NETRESEC Network Security Blog.irongeek. The X. this is referred to as a Triple-X PAD. [2] "Sniffing Tutorial part 1 .Intercepting Network Traffic" (http:/ / www.pdf) • Packet Sniffing FAQ (http://web.3 specifies the parameters for terminal-handling functions such as line speed.com/pages/current/ ProfessionalCPA. character echo. Many commercial PAD products provided completely different enhanced user interfaces. netresec.aesclever.archive. php?page=Multi-Tap_Network_Packet_Capturing) • How to Deploy a Packet Analyzer under Different Network Environment (http://www. Retrieved 2011-03-13. Connolly (2003).org/Computers/Software/Networking/Network_Performance/ Protocol_Analyzers//) at the Open Directory Project • How-to Packet Sniff (http://www. External links • Protocol Analyzers (http://www.29 defines the DTE-P (packet mode) interface to a PAD. and X.org/web/20050221103207/http://www. .e. A PAD also does the reverse. A FRAD (Frame Relay Assembler/Disassembler) is a similar device for accessing Frame Relay networks.25 packets (assembly).3 parameters. due to the three X series recommendations which define it.com/publications/howto_EN/HowTo . Sometimes.evilfingers.Use Packet Sniffers. X.Packet analyzer • WildPackets OmniPeek (old name AiroPeek.25 packets. Aspen Publishers.html) by Robert Graham • Video Tutorials on Sniffer Programming using Raw Sockets (http://security-freak.php) Packet Assembler/Disassembler A packet assembler/disassembler.3.28. ITU-T (Triple-X PAD) The structure of a PAD is defined by the ITU-T in recommendations X.pdf) • The Making of a Professional cTrace Packet Analyzer (http://www. . how the PAD encapsulates characters and control information in X.com/i.dmoz. EtherPeek) 135 References [1] Kevin J.networksecuritytoolkit. X.121 14-digit X. Connections are established using X. a bit like (but not at all compatible with) Hayes modem commands. including the commands for making and clearing down connections. 131.28 defines the DTE-C (asynchronous character mode) interface to a PAD. X. i.html) • A Quick Intro to Sniffers (http://www. it takes data packets from packet-switching network or host computer and returns them into a character stream that can be sent to the terminals (disassembly).3 parameters are similar in function to present day Telnet options. et al. com/ ?page=Blog& month=2011-03& post=Sniffing-Tutorial-part-1---Intercepting-Network-Traffic). Law of Internet Security and Privacy.robertgraham. The commands were very crude. and manipulating the X. for a connection to an X.29.

3 and X. although it eventually gave way to Triple-X.Packet Assembler/Disassembler 136 Green Book PAD One of the UK Coloured Book protocols. chilton-computing. which is another of the Coloured Book protocols. ITP predated Triple-X. Green Book. Although not identical to Triple-X. de/ produkte/ ta/ taomega [2] http:/ / www. Green Book was developed by (UK) Post Office Telecommunications in the 1970s. a very similar protocol which ran over the Yellow Book Transport Service. org.29 that generally the two will interwork. Green Book also specifies TS29. uk/ ca/ technology/ networking/ p001.25 developed in the 1970s for use with UK GPO's EPSS (Experimental Packet Switching System. Science and Engineering Research Council (SERC) also used ITP on SERCnet and continued developing ITP after EPSS. Products • Das Multiprotokoll-Talent mit zwei ISDN und vier Benutzerschnittstellen [1] External links • ITP: Protocols in the SERC/NERC Network" [2] References [1] http:/ / www. ITP ITP (Interactive Terminal Protocol) was an early PAD protocol for use over X. also defines two PAD protocols. and is a completely different protocol. tdt. the predecessor of PSS). Green Book is sufficiently similar to X. htm .

inspect. either in short-term memory or long-term storage. Once captured and stored. only complete packets that meet the criteria of the filter (header and payload) are captured. Deep packet capture (DPC) is the act of capturing. Complete capture encompasses every packet that crosses a network segment. the alert?” . and avoid legal problems. Historical capture and analysis stores all captured packets for further analysis. This can reduce storage requirements. As DPI and analysis tools deliver alerts. using known criteria for analysis.[1] Partial packet capture can record headers without recording the total content of datagrams. protocol or other distinguishing bits of data in the packet. [2] answering the question “what happened leading up to. software tools can perform Deep packet inspection (DPI) to review network packet data. and ensure data communications and network usage complies with outlined policy. IP address. and after. and analyze all network traffic in real-time at wire speeds while keeping a historical archive of all network traffic for further analysis. unfiltered. MAC address. Complete capture is the unrestricted. raw capture of all network packets. after the data has already crossed the network. perform designated analysis and act on the results. DPI tools make real-time decisions on what to do with packet data. the historical record can be analyzed to apply context to the alert. This includes headers and payload. Some DPCs can be coupled with DPI and can as a result manage. or stored. regardless of source. Complete capture Packet capture has the ability to capture packet data from the data link layer on up (layers 2-7) of the OSI model. Filtering Packet capture can either capture the entire data stream or capture a filtered portion of stream. complete network packets (header and payload) crossing a network with a high traffic rate. Many deep packet inspection tools rely on real-time inspection of data as it crosses the network. With the application of filters. Filtered capture Packet capture devices may have the ability to limit capture of packets by protocol. perform forensics analysis to uncover the root cause of network problems. The payload includes the actual content of the packet and therefore synonymous to the contents of the envelope. Headers include information about what is contained in the packet and could be synonymous to an address or other printed information on the outside of an envelope. Historical capture and analysis Once data is captured. they may be flushed away and actual packet contents are no longer available. If packets are not stored after capture.Packet capture 137 Packet capture Packet capture is the act of capturing data packets crossing a computer network. Short-term capture and analysis tools can typically detect threats only when the triggers are known in advance but can act in real-time. etc. it can be analyzed right away or stored and analyzed later. identify security threats. but yet have enough data to reveal the essential information required for problem diagnosis. at full network speed. diverted.

Packet capture 138 Use Identifying security breaches Analysis of historical data captured with DPC assists in pinpointing the source of the intrusion. This will help the administrator know whether or not their fix worked. and ensure that the problem will not reoccur. etc.) to be stolen. a system administrator may replay that attack against systems which have been patched to prevent the attack. its cause or source can be more reliably determined if the administrator has access to complete historical data. Detecting data loss In the event that an intrusion allowed information (credit card numbers. a network administrator can then assess the exact circumstances surrounding a performance event.[3] Using packet capture and storage. take corrective action. Lawful intercept Packet capture can be used to fulfill a warrant from a law enforcement agency (LEA) to produce all network traffic generated by an individual. When an event happens.[3] DPC can capture network traffic accessing certain servers and other systems to verify that the traffic flows belong to authorized employees.[5] [6] Analysis of DPC data can also reveal what files that have been sent out from the network. an administrator could verify exactly which information was stolen and which information was safe. medical records. Collection of data from a carrier system without a warrant is illegal due to laws about interception.[8] This helps reduce the Mean Time To Repair. . or satisfactory security for use in this application.[4] However this technique cannot function as an intrusion prevention system. Deep Packet Capture provides a record of all network activities. social security numbers. This could be very helpful in the event of litigation or in the case of a credit card company receiving possibly fraudulent claims of unauthorized purchases on cards whose numbers were not compromised. Identifying data leakage Analyzing historical data flows captured with DPC assists in content monitoring and identifying data leaks and pinpointing their source. telecommunications carriers can provide the legally required secure and separate access to targeted network traffic and are able to use the same device for internal security purposes.[9] However DPC appliances may be unable to provide chain of evidence audit logs. DPC probes can provide lossless capture of target traffic without compromising network performance.[7] Network Troubleshooting If an adverse event is detected on a network. Verifying security fixes If an exploit or intrusion was monitored via DPC. DPC can capture all packets on important network links continuously. Internet service providers and VoIP providers in the United States of America must comply with CALEA (Communications Assistance for Law Enforcement Act) regulations.

htm). Endace. networkworld. com/ newsletters/ techexec/ 2007/ 0716techexec1. . com/ article/ 03/ 07/ 11/ 27TCniksun_1. Reuters. virus. "NetDetector captures intrusions" (http:/ / www. "Passive Network Security Analysis with NetworkMiner" (http:/ / www. com/ what-we-do/ application-overview). Forensic Focus.Packet capture 139 Forensics Once an intrusion. [8] "Network Troubleshooting" (http:/ / www. Retrieved 2008-04-01. html). the device can send e-mail notifications and SNMP traps. forensicfocus. htm) on 2008-05-01. such as FreeBSD and dumpcap. com/ article/ pressRelease/ idUS169612+ 06-Dec-2007+ BW20071206). Inc. . exactly how many systems were affected.Solera Networks and Bivio Networks announce product interoperability" (http:/ / web. com/ what-we-do/ application-overview) on 2008-03-04. . Retrieved 2008-03-15. org/ web/ 20080304025423/ http:/ / www. Network World. org/ web/ 20080501222529/ http:/ / www. Once a particular attack or signature has been identified. Information Week. Triggers can be set up to capture certain events or breaches. Network World.[10] Packet capturing for forensic investigations can also be performed reliably with free open source tools and systems. [4] "Capture Appliances" (http:/ / www. Retrieved 2008-04-01. both in raw packet form or accurately rendered in its original format. Retrieved 2008-03-13. every packet included in that event is available. Bivio Networks.[11] Benchmarking performance If performance suddenly takes a hit. com/ ?page=Blog& month=2011-03& post=Sniffing-Tutorial-part-2---Dumping-Network-Traffic-to-Disk) . 2008. Infoworld. . worm or other problem has been detected on a network. "Startup Of The Week: NetWitness Is Like TiVo For IT" (http:/ / www. html).Dumping Network Traffic to Disk". jhtml?articleID=204802907). bivio. . com/ solutions/ iti_packet_analysis. . 2007-10-07. historical data may allow a system administrator to determine. . 2007. Net Scout Systems. the historical data allows an administrator to view a specific window of time and determine the cause of the performance issues. . Retrieved 2008-03-15. Retrieved 2008-03-15. [7] Erik Hjelmvik (2008). Archived from the original (http:/ / www. "Solera Networks Announces Advanced Deep Packet Inspection and Capture Solution for Full 10Gbps Speeds" (http:/ / www. html). informationweek. [3] Linda Musthaler (2007-07-16). [2] (Business Wire) (2007-12-06).. conclusively. archive.[3] References [1] "Press Release . . networkworld. bivio. "Getting started with content monitoring" (http:/ / www. netscout. archive. com/ columnists/ 2007/ 020507insider. NETRESEC Network Security Blog. endace. Retrieved 2008-03-15. net/ news_releases/ 102407-solera. . 2011 (http:/ / www. reuters. php). [10] Paul Venezia (2003-07-11). Solera Networks. netresec. [11] "Sniffing Tutorial part 2 . Retrieved 2008-03-15. asp). soleranetworks. net/ news_releases/ 102407-solera. "Rewind and replay what happens on your network" (http:/ / www. [6] Andrew Conry-Murray (2008-12-15). Retrieved 2007-03-13. 2008. When an event triggers. [5] Tom Bowers (2007-02-05). com/ news/ showArticle. endace. com/ passive-network-security-analysis-networkminer). infoworld. Retrieved 2009-08-28.[3] All traffic or a selected segment on any given interface can be captured with a DPC appliance. com/ solutions/ top-ten. Archived from the original (http:/ / www. [9] "Application overview" (http:/ / web.

One cause mentioned in research is through a denial-of-service attack on the router using a known DDoS tool. Retrieved 5/5/2011. Because wireless networks have a much different architecture than that of a typical wired network. Packet drop attack In computer networking. Weichao. However. pdf). and the host is able to drop packets at will. et. . if the malicious router begins dropping packets on a specific time period or over every n packets. "Malicious packet dropping: how it might impact the TCP performance and how we can detect it" (http:/ / www.[1] Because packets are routinely dropped from a lossy network.[1] The packet drop attack can be frequently deployed to attack Wireless Ad-Hoc Networks. all traffic will be directed to the host that has been compromised. "Defending against Collaborative Packet Drop Attacks on MANETs" (http:/ / www. a host can broadcast that it has the shortest path towards a destination. at a certain time of the day. dk/ kurser/ ETC/ Wms2/ Papers/ Ad-hocSec/ Sub/ al-shurman. . By doing this. by dropping packets for a particular network destination. The malicious router can also accomplish this attack selectively. Xiaobing. they will generally begin to remove that router from their forwarding tables and eventually no traffic will flow to the attack. cse. . edu/ srds2009/ dncms2009_submission_Wang. a packet every n packets or every t seconds. hosts are specifically vulnerable to collaborative attacks where multiple hosts will become compromised and deceive the other hosts on the network. buffalo. This usually occurs from a router becoming compromised from a number of different causes. icmp: 263. or a randomly selected portion of the packets. (2000). the attack can actually be discovered fairly quickly through common networking tools such as traceroute. the packet drop attack is very hard to detect and prevent. [2] Also over a Mobile Ad-Hoc Network. Also.Packet concatenation 140 Packet concatenation Packet concatenation is a computer networking optimization that coalesces multiple packets under a single header. al. org/ 2000/ papers/ 2000-24. [3] Wang. ieee-icnp. when other routers notice that the compromised router is dropping all traffic. This is rather called a gray hole attack. pdf). "Black Hole Attack in Mobile Ad Hoc Networks" (http:/ / engsci. Mohammad. Retrieved 5/5/2011. a packet drop attack or blackhole attack is a type of denial-of-service attack in which a router supposed to relay packets discards them instead. pdf). If the malicious router attempts to drop all packets that come in. aau. [3] References [1] Zhang. e. it is often harder to detect because some traffic still flows across the network. . [2] Al-Shurman.g.

Packet generators utilize raw sockets. Comparison General Information Title Author OS Interface Link [1] [2] License AnetTest Bit-Twist Cat Karat packet builder Colasoft Packet Builder Nemesis Ostinato Pktgen packETH pierf Scapy targa3 Winsock Packet Editor UMPA Anton aka kronos256 ayeowch aka det_re Valery Diomin. Windows Windows(Cygwin)/Linux Linux/Unix/Windows Linux. Unix Windows/Linux/BSD Windows CLI CLI GUI AnetTest Bit-Twist GPL GPLv2 Packet Builder License [4] Cat Karat packet [3] builder Colasoft Packet [7] [8] [5] Windows GUI Packet Builder License: [6] Freeware BSD GPLv3 GPLv2 GPLv2 free BSD GPLv2 ? ? Jeff Nathan pstavirs Linux Foundation Miha Jemec aka jemcek Pieter Blommaert Philippe BIONDI Mixter ? Windows. net/ [8] http:/ / ostinato. sourceforge.Packet generator 141 Packet generator A packet generator or packet builder is a type of software that generates random packets or allows the user to construct detailed custom packets. Unix Windows/Linux/BSD/MacOSX Linux Linux. com/ download/ products/ download_packet_builder. net/ [3] http:/ / packetbuilder. org/ en/ Net:Pktgen . php [7] http:/ / nemesis. org/ [9] http:/ / www. This is useful for testing implementations of IP stacks for bugs and security vulnerabilities. linuxfoundation. com/ packet_builder/ [6] http:/ / www. colasoft. net/ [4] Custom: free for personal use [5] http:/ / www. net/ [2] http:/ / bittwist. Unix Windows CLI GUI CLI GUI CLI CLI CLI ? Nemesis Ostinato Pktgen [9] [10] packETH pierf [11] [12] [13] Scapy targa3 Winsock Packet [14] Editor UMPA [15] [4] Adriano Monteiro Marques Daniel Borkmann cxxxap Author Cross-platform (Python) Linux Windows OS ? CLI GUI Interface GPLv2 GPLv2 trafgen xcap Title netsniff-ng xcap [16] License Link [1] http:/ / anettest. Yakov Tetruashvili Colasoft Windows. colasoft. sourceforge. sourceforge.

sourceforge.com/watch?v=O_pk5Wr2_8I) Nemesis (http://nemesis.sourceforge. org/ [16] http:/ / xcap.com/packet_builder/) Video: Generate Packets to Test Firewall (http://www. net/ [11] http:/ / pierf.com/) Pktgen (http://www.com/index.weebly. part of the netsniff-ng suite (http://www.netsniff-ng. com/ index.sourceforge.c) UMPA (http://umpa.html) .packet generator & sender (http://xcap.net/) pierf (http://pierf.net/) trafgen.youtube.sourceforge.colasoft.umitproject. html 142 External links • • • • • • • • • • • • • • • • AnetTest (http://anettest.linuxfoundation.secdev. net/ [12] http:/ / www.org/DoS/targa3. secdev. umitproject.googlecode. c [14] http:/ / wpepro.net/) Cat Karat packet builder (http://packetbuilder.org/) Ostinato (http://ostinato.sourceforge. net/ [15] http:/ / umpa.net/) Bit-Twist (http://bittwist.net) xcap . org/ DoS/ targa3.net/) Scapy (http://www.org) Winsock Packet Editor (http://wpepro.Packet generator [10] http:/ / packeth. sourceforge. org/ projects/ scapy/ [13] http:/ / packetstormsecurity. weebly.org/projects/scapy/) targa3 (http://packetstormsecurity. sourceforge.net/) Colasoft Packet Builder (http://www.org/en/Net:Pktgen) packETH (http://packeth.

This is accomplished by crafting a packet using raw sockets. pcap. Void11. which is part of the aircrack-ng suite. External links • PacketEditor [2] • Void11 [3] • Winsock Packet Editor [4] • • • • Nemesis Ostinato [8] Packet Injection using raw sockets [5] aircrack-ng [6] [7] References [1] [2] [3] [4] [5] [6] http:/ / www. net/ packet-injection/ packet-injection. org/ Contents/ Void11Main. html http:/ / www. com http:/ / wirelessdefence. AirJack. php?id=aireplay-ng& DokuWiki=a96e889dd81ae5677cf2eaa686569563 http:/ / www. org/ doku. htm http:/ / wpepro. Winsock. Ostinato [8]. security-freak. Other packet-injectors are Nemesis. file2air. Software A popular packet injection application for wireless networks is aireplay-ng[1]. org . aircrack-ng. aircrack-ng. CommView for WiFi Packet Generator. usually by a party not otherwise participating in the said connection. packeteditor. net http:/ / www. and libradiate. Sometimes IP address spoofing is used.Packet injection 143 Packet injection Packet injection is a computer networking term which refers to sending a packet on a network into an already established connection.

25-based packet-switched network. via published phone numbers.28/X. Packet Switch Stream (PSS) was an X. using an ID/password provided as a subscription service.29 PAD (Packet Assembler/Disassembler) service oriented to the then prevalent dumb terminal market place. packet segmentation is the process of dividing a data packet into smaller units for transmission over the network. via a dedicated four-wire telephone circuit using a PSS analog modem and later on. Some customers connected to the PSS network via the X. PSS could be used to connect to a variety of online databases and mainframe systems. provided by the British Post Office Telecommunications and then British Telecom starting in 1980. This process may include automatic repeat-request (ARQ) mechanisms to detect missing segments and to request the source to re-transmit specific segments.25 interface. However most customers. • When the network is unreliable and it's desirable to divide the information into smaller segments to maximize the probability that each one of them can be delivered correctly to the destination.3/X. Companies and individual users could also connect in to the PSS network using a basic non-error correcting RS232/V. Of particular note was the use of PSS for the first networked Clearing House Automated Payment System (CHAPS). packet segmentation may be responsible for splitting one MPDU into multiple physical layer service data units so that reliable transmission (and potential re-transmission via ARQ) of each one can be performed individually. The ITU-T G.Packet segmentation 144 Packet segmentation In a data communications networks. The experimental predecessor network (EPSS) formally closed down on 31 July 1981 after all the existing connections had been moved to PSS. for cost reasons. After a period of pre-operational testing with customers (mainly UK Universities and computer manufacturers at this early phase) the service was launched as a commercial service on 20 August 1981. phone lines and coaxial cables). Companies and individual users could connect in to the PSS network using the full X. The PAD service could be connected to via a dedicated four-wire telephone circuit using a PSS analog modem and later on via a Kilostream digital access circuit. Segmentation may be required in many scenarios: • When the data packet is larger than the maximum size supported by the network. which provides a way to create a high-speed (up to 1 Gigabit/s) local area network using existing home wiring (power lines. This was before privatization and the creation of British Telecommunications plc (BT) in 1984. chose to dial up via an analog modem over the then UK analog telephony network to their nearest public PAD. via a Kilostream digital access circuit (actually a baseband modem). Packet Switch Stream In the United Kingdom. PSS was one of the first telecommunications networks in the UK to be fully liberalized in that customers could connect their own equipment to the network.24 asynchronous character based interface via an X.25 service and bought their own PADs. when problems of 10-100ms transmission failures with the PCM Voice based transmission equipment used by the early Kilostream service were resolved. The current day analogy of ISP's offering broadband always on and dial up services to the internet applies here. This was a network system .hn standard. is an example of a protocol that employs packet segmentation to increase reliability over noisy media. In this early 1980s era installation lead times for suitable 4-wire analog lines could be more than 6 months in the UK. Protocols that perform packet segmentation at the source usually include a mechanism at the destination to reverse the process and reassemble the original packet from individual segments. In a communication system based on a layered OSI model.

300. These connections moved over to PSS and other European networks as commercial X.000 UKP (in early 1980s monetary value) between the major UK banks and other major financial institutions based in the UK.Packet Switch Stream used to transfer all payments over £10. by using a 110. and developing dedicated or hybrid networks that embraced major trading areas.25 links. 2M (Mega) Baud and 256K (kilo) Baud respectively. although 110 and 300 Baud modems were not uncommon. The network was initially based upon a dedicated modular packet switch using DCC's TP 4000 communication processor hardware. The last PSS (node) in the UK was finally switched off Wednesday. A PAD service was provided by IPSS to this market in advance of PSS launch.25 services launched. 1.200 or 2. Customers would be able to enjoy one-stop-shopping for global data networks. 1. and a portfolio of products designed for a global market place.400 Baud modems were quite rare. Note: in those days 2.200 Baud was the usual speed in the 1980s. This started in about 1978 before PSS went into operation due to the high demand for affordable access to US based database and other network services. the public network business. and a related project Diane to encourage more database and network services to develop in Europe. 9600 bit/s and 48 kbit/s were offered. 2006. Logica (now LogicaCMG) designed the CHAPS system and incorporated an encryption system able to cope with HDLC bit stuffing on X.25 network service launched by the international division of BT to which PSS was linked to other packet switched networks around the world. June 28. It replaced a paper based system that operated in the City of London using electrical vehicles similar to milk floats. These services were subsequently offered by BT Global Network Services. Euronet. the OnTyme electronic mail service. In the words of BT's own history: British Telecom purchased the Tymnet network systems business and its associated applications activities from the McDonnell Douglas Corporation on 19 November (1989) for $355 million. 1200/75. plus its associates private and hybrid (mixed public and private) network activities. Later on BT used Telematics packet switches for the Vascom network to support the Prestel service and also bought the Tymnet network from McDonneld Douglas. on a pay as you go basis. There was a choice of different speeds of PSS lines. Dorset who also sold Telex and Traffic light systems. On analog links 2400 bit/s. For a brief time the EEC operated a packet switched network. These network management systems were based in London 145 . The International Packet Switch Stream (IPSS) is an international X. the US market leader in electronic data interchange. It is believed BT subsequently exchanged major US elements of the Tymnet business with MCI for other assets when the proposed merger of their two businesses was thwarted by MCI's purchase by WorldCom. Later on the InterStream gateway between the Telex network and PSS was introduced based on a low speed PAD interface. and EDI*Net. The operating system and the packet switching software was developed by Telenet (later on GTE Telenet). and subsequently by Concert as part of Concert Global Network Services after the Concert joint venture company was launched on 15 June 1994. the faster the line the more expensive it cost to rent it. Individual users could link into PSS. The highest and lowest speed lines were provided by the Megastream and Kilostream services. BT bought Telenet's system via Plessey Controls of Poole. At the time of PSS's launch this was in advance of both Telenet's own network and most others that used general purpose mini-computers as packet switches. BT Tymnet anticipated developing an end to end managed network service for multi-national customers. Its activities included TYMNET. the Card Service processing business.400 Baud PSTN modem to connect a Data Terminal Equipment terminal into a local PSS exchange. Network management had been run on a system of 24 Prime 63xx and 48xx computers running a modified versions of Revisions 20 and 22 of the Primos operating system. 4800 bit/s.

Packet switches were installed at major trunk exchanges in most major conurbations in the UK. An exodus of people who were developing the value added network services helped reduce some costs. While PSS eventually went the way of all X. PSS being the major part. BT's North American operations and the Concert Global Services with ATT. Eventually the UK government decided the SNA joint venture was anti-competitive and vetoed it.Packet Switch Stream and Manchester.25 networks and was overwhelmed by the internet and more significantly the internet's superior application suite and cost model. PSS suffered from inconsistent investment during its early years. Even in its recent history BT's senior management stated that the Internet was "not fit for purpose". McKinsey's startling insight that increasing revenue while cutting costs was required to turn around the business was duly followed by the new management and an operating profit achieved in about 1988.25 host traffic. called Jove. Nor were they adequate for X. One of the few successful value added applications was the transaction phone used to check credit cards by retailer to validate transactions and prevent fraud. In the midst of this IBM (the then market leader in computing) and BT attempted to launch a joint venture. The DNICs used by IPSS and PSS were 2341 and 2342 respectively. This in turn dented PSS's low credibility with BT's management still further. This rested on running PSS efficiently and cutting the VANS as much as possible. As the added value services. However significant on-going expenditure had been committed already to manufacture packet switch hardware and by using the very expensive Tandem computers in existing VANS. BT's attitude to packet switching was ambivalent at best. PSS was then merged with other failing business like Prestel as it became part of a larger Managed Network Services division that was used to fix or close BT's problem businesses. added significant costs and headcount while contributed virtually no revenue a change in PSS's management eventually resulted. Each low end packet switch installed added costs for floor space. than X.28 was proven obsolete by the advent windows based clients on PCs. as one concern of regulators was this joint venture might damage work on Open Systems Interconnection. Despite healthy demand for basic X. This only made cost control worse and achieving operating profit delayed further. And for a time significant extra expenditure was allowed for BT's data services. Ideas like providing a more user friendly menu based interface. without any significant value added revenue benefit resulting. Investments in value added network services (VANS) and BT's own access level packet switching hardware delayed operating profit.25 services and the obvious trend for more demanding bandwidth intensive applications that required investment in more powerful switches a decision to develop BT's own hardware and network applications was made instead. 146 . But not before PSS management was allowed to commit to large investments that caused serious problems later. power. etc. Sometimes not enough and sometimes too much but mostly for the wrong reasons. Compared to France's Transpac that had a separate commercial company with dedicated management and saw X.25 packet switching as a core offering BT's then senior management regarded packet switching as a passing phase until the telecommunications nirvana of ISDN's 64 kbit/s for everyone arrived. BT did not capitalise as much as other packet switch operators by subsequent mistakes concerning the internet. Tymnet. Operating profit was still not achieved and a further change in management with McKinsey consultant being called in was the result. named PSS Plus collectively. While a decision was eventually made to put some of the basic network services people in senior positions and try to launch what had been developed this proved to be a major mistake. It was believed that putting a packet switch in every local telephone exchange would allow this and other low bandwidth applications to drive revenue. The lesson of Tymnet's similar transaction phone that just used a dial up link to a standard PAD based service was not followed. called Epad. for managed SNA services in the UK.

packet switching and other store-and-forward buffering introduces varying latency and throughput in the transmission. The packets include a connection identifier rather than address information. circuit switching. first-out buffering. and are delivered in order. . Alternatively. Packet mode communication may be utilized with or without intermediate forwarding nodes (packet switches or routers). 147 External links • Pictures of the BT PSS equipment [1] References [1] http:/ / www. switches. As the commodity price of IP services based in their core 21st century MPLS network to carry voice and data finally gives them the real cost efficiencies that packet switching always promised. such as weighted fair queuing or leaky bucket. and (2) connection-oriented packet switching. Packet switching contrasts with another principal networking paradigm. In the first case each packet includes complete addressing or routing information. Now BT appears to be inheriting a dominating position in the Global Network Services market. com/ coms/ history/ pss/ index. Demon and Energis based virtual ISPs in the same sector has only been recovered from recently. In case of a shared physical medium. Packet switching features delivery of variable-bit-rate data streams (sequences of packets) over a shared network. euclideanspace. See below. Each logical stream consists of a sequence of packets. network resources are managed by statistical multiplexing or dynamic bandwidth allocation in which a communication channel is effectively divided into an arbitrary number of logical variable-bit-rate channels or data streams. the packets may be forwarded according to some scheduling discipline for fair queuing. routers and other network nodes. a method which sets up a limited number of dedicated connections of constant bit rate and constant delay between nodes for exclusive use during the communication session. also known as datagram switching. Two major packet switching modes exist. called packets. based on packet switching. type. packets are buffered and queued. even when no data is transferred. resulting in variable delay and throughput depending on the traffic load in the network. In the second case a connection is defined and preallocated in each involved node during a connection phase before any packet is transferred. The packets are routed individually. circuit switching is characterized by a fee per time unit of connection time. sometimes resulting in different paths and out-of-order delivery. which normally are forwarded by the multiplexers and intermediate network nodes asynchronously using first-in. Only after BT changed its most senior management who were fixated on circuit switching/ISDN based on System X/Y telephone exchanges and embracing broadband/internet lock stock and barrel has this changed. as CSC and Reuters sell up their networks to BT. traffic shaping or for differentiated or guaranteed quality of service. also known as virtual circuit switching. for example in cellular communication services. Statistical multiplexing. the packets may be delivered according to some packet-mode multiple access scheme. In case of traffic fees.Packet Switch Stream BT's failure to become the major ISP in its own home market unlike every other former PTT and the success of Dixon's Freeserve. In all packet mode communication. (1) connectionless packet switching. When traversing network adapters. An emergency rights issue also helped resolve the debt from acquiring second or third ranked old telcos style companies around the world. or structure – into suitably sized blocks. htm Packet switching Packet switching is a digital networking communications method that groups all transmitted data – regardless of content. while packet switching is characterized by a fee per unit of information.

each packet is labeled with a connection ID rather than an address. IP. Davies had chosen some of the same parameters for his original network design as Baran. Donald Davies at the National Physical Laboratory (NPL) in the UK had developed the same ideas (Abbate. 2000). and acceptable values for service parameters to be negotiated. he also later played a leading role in building and management of the world's first packet switched network. The packet header can be small. as it just requires the node to look up the ID in the table. timestamp. first presented to the Air Force in the summer of 1961 as [1] [2] in 1962 and then including and expanding somewhat briefing B-265 then published as RAND Paper P-2626 within a series of eleven papers titled On Distributed Communications [3] in 1964. The NPL Data Communications Network entered service in 1970. Frame relay. The paper focuses on three key ideas: first. Address information is only transferred to each node during a connection set-up phase. A member of Davies' team met Lawrence Roberts at the 1967 ACM Symposium on Operating System Principles. dividing complete user messages into what he called message blocks (later called packets). Licklider at the Information Processing Technology Office. connection oriented packet-switching protocols include X.Packet switching 148 History The concept of switching small blocks of data was first explored by Paul Baran in the early 1960s.25. Connectionless and connection-oriented packet switching The service actually provided to the user by networks using packet switching nodes can be either connectionless (based on datagram messages). Leonard Kleinrock conducted early research in queueing theory which would be important in packet switching. and published a book in the related field of digital message switching (without the packets) in 1961. or virtual circuit switching (also known as connection oriented). Asynchronous Transfer Mode (ATM). such as a packet size of 1024 bits. and UDP. and TCP. Interestingly. use of a decentralized network with multiple paths between any two points. The first computer network and packet switching network deployed for computer resource sharing was the Octopus Network at the Lawrence Livermore National Laboratory that began connecting four Control Data 6600 computers to several shared storage devices (including an IBM 2321 Data Cell[4] in 1968 and an IBM Photostore[5] in 1970) and to several hundred Teletype Model 33 ASR terminals for time sharing use starting in 1968. as it only needs to contain the ID and any information (such as length. Multiprotocol Label Switching (MPLS). both wide-area network evangelists. In 1965.C. distributed. Baran's study made its way to Robert Taylor and J. Baran's work was similar to the research performed independently by Donald Davies at the National Physical Laboratory. delivery of these messages by store and forward switching. UK. Baran developed the concept of message block switching during his research at the RAND Corporation for the US Air Force into survivable communications networks. In 1966 Davies proposed that a network should be built at the laboratory to serve the needs of NPL and prove the feasibility of packet switching. an internetworking protocol for sharing resources using packet-switching among the nodes. and second. Baran's P-2626 paper described a general architecture for a large-scale. Some connectionless protocols are Ethernet. He gave a talk on the proposal in 1966. is available.[6] In 1973 Vint Cerf and Bob Kahn wrote the specifications for Transmission Control Protocol (TCP). Independently.R. then third. Davies developed the concept of packet-switched networks and proposed development of a UK wide network. the ARPANET. In connection oriented networks. or sequence number) which is different for different . after which a person from the Ministry of Defence (MoD) told him about Baran's work. when the route to the destination is discovered and an entry is added to the switching table in each network node through which the connection passes. bringing the two groups together. The signalling protocols used allow the application to specify its requirements and the network to specify what capacity etc. Roberts and the ARPANET team took the name "packet switching" itself from Davies's work. and it helped influence Lawrence Roberts to adopt the technology when Taylor put him in charge of development of the ARPANET. survivable communications network. Routing a packet is very simple.

In connectionless networks. potentially. based on the packet sequence number. The simplicity of Frame Relay made it considerably faster and more cost effective than X. also known as virtual circuit switching. the International Packet Switched Service (IPSS). At the destination. the system has to do as much work for every packet as the connection-oriented system has to do in connection set-up.Packet switching packets.25 connections also can be established for each communication session. for example as an alternative to circuit mode terminal switching.25 vs.25 and Frame Relay provide connection-oriented packet switching. Frame Relay was used to interconnect LANs or LAN segments. This precludes the need for a dedicated path to help the packet find its way to its destination.. do not require these technologies to be able to forward variable-length packets at multigigabit speeds across the network. despite being based on packet switching methods. Newer mobile phone technologies (e. the original message/data is reassembled in the correct order. Any retransmissions must be carried out by higher layer protocols. Frame relay is a further development of X.25 provided the first international and commercial packet switching network. it provided virtual circuits to the user.25 is a notable use of packet switching in that.25 and Frame Relay packet switching are that X.25 is a reliable protocol. each packet is labeled with a destination address. X. X. These virtual circuits carry variable-length packets. but means that much more information is needed in the packet header. and does not provide logical addresses and routing. Asynchronous Transfer Mode (ATM) also is a virtual circuit technology. also known as the OSI protocol suite. Frame relay is a data link layer protocol. X. Frame Relay packet switching Both X.g. however. For example. but with less information as to the application's requirements. It is only used for "semi-permanent" connections.25 protocol is a network layer protocol. as well as ATM. mainly in the 1990s by large companies that had a requirement to handle heavy telecommunications [8] :250 Despite the benefits of frame relay packet switching. GPRS. while Frame Relay is a non-reliable protocol. MPLS. Each packet is dispatched and may go via different routes.25. . has been [7] called "ATM without cells". The X. while X. it may also be labeled with the sequence number of the packet. Thus a virtual connection. and is part of the X. indeed. Technologies such as Multiprotocol Label Switching (MPLS) and the resource reservation protocol (RSVP) create virtual circuits on top of datagram networks. Virtual circuits are especially useful in building robust failover mechanisms and allocating bandwidth for delay-sensitive applications. to minimize the transmission latency (the time it takes for data to pass across the network). based on node-to-node automatic repeat request. which is therefore larger. and to increase robustness of communication. Ethernet and Frame Relay are common. and this information needs to be looked up in power-hungry content-addressable memory. many international traffic across wide area networks. It was widely used in switching networks during the 1980s and early 1990s. MPLS and its predecessors. In 1978. A major difference between X. I-mode) also use packet switching. which uses fixed-length cell relay connection oriented packet switching. Modern routers. and port numbers. have been called "fast packet" technologies. also known as a virtual circuit or byte stream is provided to the end-user by a transport layer protocol. Datagram packet switching is also called connectionless networking because no connections are established. although intermediate network nodes only provides a connectionless network layer service. source address.25 packet switching. The most well-known use of packet switching is the Internet and most local area networks. and for automated teller machines. maximum packet length is 1000 bytes. The Internet is implemented by the Internet Protocol Suite using a variety of Link Layer technologies.25 protocol suite. 149 Packet switching in networks Packet switching is used to optimize the use of the channel capacity available in digital telecommunication networks such as computer networks.

Retrieved March 6. Living Internet. A. 1978) • • • • • .[9] 150 References [1] Stewart. [9] Girard. In certain parts of the world. livinginternet. T. Thesis • Leonard Kleinrock. (MIT. . A digital communications network for computers giving rapid response at remote terminals (ACM Symposium on Operating Systems Principles. (2009). X. Pildush [8] O’Brien. Retrieved 2009-05-06.25 packet switching was used heavily in government and financial networks that use mainframe applications.Packet switching companies are staying with the X.html) (RAND Corporation Research Documents. A. Wilkinson. August 1964) Paul Baran. Samuel (1970-11-30). July 1961) • Leonard Kleinrock. com/ i/ ii_rand. info/ Page4. The Evolution of Packet Switching (http://www.html). X. rogerdmoore. and K. October 1966) Lawrence Roberts. jsp?arnumber=1088883).org/about/history/ baran-list. [7] Interview with the author (of an MPLS-based VPN article) (http:/ / www. October 1967) R. Davies. G. computer-history. org/ pubs/ papers/ P2626/ [3] http:/ / www. 31(4).lk. X. Bartlett. org/ pubs/ research_memoranda/ RM3420/ index.ucla. 16. R. March 1964) D. Computerworld.rand. T. particularly in Asia-Pacific and South America regions.D. certificationzone.25 standard. Wilkinson.rand. 1961) Proposal for a Ph. Bartlett. August. dir/ index. 1964) • Paul Baran. Volumes I-XI (http://www. "Octopus: The Lawrence Radiation Laboratory Network" (http:/ / www. Cambridge.25 on slower networks. cc/files/toward-coop-net. htm). K. G. The design of a message switching Centre for a digital communication network (IFIP 1968) Larry Roberts and Tom Merrill.ieee. html). May 31. W. & Marakas. [2] http:/ / www. . J. On Distributed Communications.org/search/wrapper. M. dir/ pages/ Photostore.edu/ bibliography-public_reports.packet. 2009. ca/ PS/ OCTOA/ OCTO. Information Flow in Large Communication Nets (RLE Quarterly Progress Report.org/publications/RM/RM3420/) (RAND Memorandum RM-3420-PR. In the United States. rand..packet.25 users remaining loyal despite frame-relay hype. A. Communication Nets: Stochastic Message Flow and Delay (McGraw-Hill. January). New York. Toward a Cooperative Network of Time-Shared Computers (http://www.). Management Information Systems (9th ed. columbia. rand. New York: McGraw-Hill/Irwin. html). P. A. Many companies did not intend to cross over to Frame Relay packet switching because it is more cost effective to use X. (1997.25 was the only technology available. and P. Information Flow in Large Communication Nets (http://www. On Distributed Communications: I Introduction to Distributed Communications Network (http:// www. html). Scantlebury. November. (IEEE Transactions on Communications Systems. Retrieved 2008-05-08. com/ cisco/ newsletter/ SL/ interview_08-12-03. K. Scantlebury.cs. Bill (2000-01-07). from ABI/INFORM Global database. Bibliography • Leonard Kleinrock.cc/files/ev-packet-sw.html) (Proceedings of the IEEE. Lawrence Livermore Laboratory Computing History [6] Mendicino. (Document ID: 10946641). "Paul Baran Invents Packet Switching" (http:/ / www. On Distributed Communications Networks (http://ieeexplore. html). edu/ acis/ history/ datacell. 1964) • Paul Baran et al. A.html) (Fall AFIPS Conference. Columbia University Computing History [5] The IBM 1360 Photostore (http:/ / www. html [4] The IBM 2321 Data Cell Drive (http:/ / www.

Packet telephony Packet telephony is the use of personal computers and a packet data network to produce a voice conversation." Baran discusses his interaction with the group at ARPA who were responsible for the later development of the ARPANET. O'Neill. Baran describes his working environment at RAND. writing and distribution of his eleven-volume work.Packet switching 151 Further reading • Katie Hafner. 1962-1982 (Johns Hopkins University.com/i/iw_packet. Charles Babbage Institute University of Minnesota.isoc. Roberts.umn.htm). site reviewed by Baran. Inventing the Internet (MIT Press. "On Distributed Communications. However technology matures and new application proliferate packet technology will appear in broader market.org/internet/history/brief.html) • A Brief History of the Internet (http://www. It consists of telephony and data tightly coupled on packet-based switched multimedia networks. The transaction to a new paradigm will take years to complete.rand.cbi. 1996) pp 52–67 • Janet Abbate. Minneapolis.org/about/history/baran. Transforming Computer Technology: Information Processing for the Pentagon. The packet and based fabric is capable of supporting future applications such as video streaming and video conferencing. as well as his initial interest in survivable communications. and the evolution.edu/oh/display. . and Kleinrock • Paul Baran and the Origins of the Internet (http://www. • Packet Switching History and Design (http://www. 1996) External links • Oral history interview with Paul Baran (http://www. The goal of packet switched fabric in both LAN and WAN.phtml?id=110). which is licensed under the GFDL. There is a major distinction between Intranet telephony and VoIP. Judy E.shtml) This article was originally based on material from the Free On-line Dictionary of Computing. 2000) ISBN 0-262-51115-0 • Arthur Norberg. Where Wizards Stay Up Late (Simon and Schuster.livinginternet. the vision in to drive voice and data over a single multimedia (packet based N/W) allowing waves to engage in a media rich communication in a natural and straightforward manner.

s = Propagation speed in medium 3. When traversing network adapters.25 and the OSI model. Before the introduction of X. d = Length of physical link 2.Packet transfer delay 152 Packet transfer delay Packet transfer delay is a concept in packet switching technology. the X. Queuing: 1. packets are buffered and queued. X. Determine output link 2.25 interfaces. The network over which packets are transmitted is a shared network which routes each packet independently from all others and allocates transmission resources as needed. and the Internet era when restrictions on connection to the Internet were removed. This results in a simpler host interface with less functionality than in the datagram model. The history of such networks can be divided into three eras: early networks before the introduction of X. Nodal processing: 1. resulting in variable delay and throughput. Time to send bits into link = L/R 4. R=Link bandwidth (bit/s) 2. Depends on congestion level of router 3. switches and other network nodes. Transmission delay: 1.25 is the best . In the virtual call system. minimize response times and increase the robustness of communication. or structure into suitably sized blocks. the network guarantees sequenced delivery of data to the host. Early networks ARPANET and SITA HLN became operational in 1969.25 in 1973 [1] . depending on the traffic load in the network. L=Packet length (bits) 3.25 era when many postal. Time waiting at output link for transmission 2. In the datagram system the host must detect loss or duplication of packets. irrespective of content. called packets. Packet transfer delay is influenced by the level of network congestion and the number of routers along the way of transmission. about twenty different network technologies were developed. Check bit errors 2. type. Propagation delay = d/s Packet-switched network A packet-switched network is a digital communications network that groups all transmitted data. The sum of store-and-forward delay that a packet experiences in each router gives the transfer or queuing delay of that packet across the network. Propagation delay: 1. telephone and telegraph (PTT) companies introduced networks with X. The principal goals of packet switching are to optimize utilization of available link capacity. There was a debate about the merits of two drastically different views as to proper division of labor between the hosts and the network. There are four sources of packet transfer delay: 1. Transmission Control Protocol /Internet Protocol (TCP/IP) is the best known example of a host to datagram protocol.

at the instigation of Warner Sinback. which was an important component of ARPANET2. a data network based on this voice-phone network was designed to connect GE's four computer sales and service centers (Schenectady. In 1965. Chicago. It became operational in 1976. was chosen for use in NSFNET which eventually became the Internet. Tymnet. Ohio. the centers were computer service bureaus.25 project. It initially had only one host but was designed to support many hosts. BNR later made major contributions to the CCITT X. BNRNET BNRNET was a network which Bell Northern Research developed for internal use. was given the job of turning the business around. a high-level marketing manager. The company originally designed a telephone network to serve as its internal (albeit continent-wide) voice telephone network. TCP/IP. and Sinback. It was succeeded by DDX-2. (Though it has been stated by some that Tymshare copied the GEIS system to create their network. offering batch processing services. EIN nee COST II European Informatics Network was a project to link several national networks. based on Kemney's work at Dartmouth—which used a computer on loan from GE—could be profitable. It mixed circuit switching and packet switching. General Electric was a major international provider of information services. [3] [4] GEIS As General Electric Information Services (GEIS). and Phoenix) to facilitate a computer time-sharing service. [2] CYCLADES CYCLADES was an experimental French network. Louis Pouzin was the principal designer. The handling of link control messages (acknowledgements and flow control) was differed from that of most another networks and is not fully explained in the published literature. Phoenix. Some ideas from this network were later incorporated into ARPANET. Warner was right. In some cases custom I/O devices were added to allow inexpensive or exotic attachments to communication lines. GEIS created a network data center near Cleveland. DDX-1 This was an experimental network from Nippon PTT. EPSS EPSS (Experimental Packet Switching System) was an experiment of the UK Post Office. He decided that a time-sharing system. Very little has been published about the internal details of their network. (In addition to selling GE computers. Inexpensive minicomputers were an important component in the early networks.) The design was hierarchal with redundant communication links. [5] [6] .) After going international some years later. They lost money from the beginning.Packet-switched network known virtual call protocol. apparently the world's first commercial online service. 153 ARPANET This is the principal survivor from the early era. Ferranti supplied the hardware and software.

Libraries were also among first ones in universities to accommodate microcomputers for public use in early 80's. RCP influenced the specification of X.25 [12] [13] [14] RETD Red Especial de Transmisión de Datos was a network developed by Compañía Telefónica Nacional de España. Surrey developed a packet switching network for internal use. P. Sharp Associates to serve their time-sharing customers." [18] . along with numerous applications. [8] [9] [10] Philips Research Philips Research Laboratories in Redhill. UK made many important contributions to the theory of packet switching. CYCLADES was concerned with host-to-host communication. [7] OCTOPUS Octopus was a local network at Lawrence Livermore National Laboratory. It was used to gain experience with packet switching technology before the specification of Transpac was frozen. RCP RCP was an experimental network created by the French PTT. It became operational in May 1976. RCP emphasised terminal to host and terminal to terminal connection. NPL built a single node network to connect sundry hosts at NPL.25 network. as well as higher level functions such as a reliable byte stream. It connected sundry hosts at the lab to interactive terminals and various computer peripherals including a bulk storage system. It was a datagram network with a single switching node. TRANSPAC was introduced as an X. [11] PUP The PARC Universal Packet (PUP or Pup) was one of the two earliest internetwork protocol suites. Further developments led to Xerox Network Systems (XNS). RCP was a virtual-circuit network in contrast to CYCLADES which was based on datagrams. It became operational in 1972 and thus was the first public network. and it included first Nordic electronic journal Extemplo. it was created by researchers at Xerox PARC in the mid-1970s. NPL Donald Davies of the National Physical Laboratory. [15] [16] [17] SCANNET "The experimental packet-switched Nordic telecommunication network SCANNET was implemented in Nordic technical libraries in 70's.Packet-switched network 154 IPSANET IPSANET was a semi-private network constructed by I. The entire suite provided routing and packet delivery.

BSC and ASCII interfaces to connect host computers (servers)at thousands of large companies. Some such as DATAPAC and TRANSPAC were initially implemented with an X. X. It carried interactive traffic and message-switching traffic. It was founded by former ARPA IPTO director Larry Roberts as a means of making ARPANET technology public. Beranack and Newman (BBN) provided the financing. Northern Telecom sold several DATAPAC clones to foreign PTTs including the Deutsche Bundespost.25.) [21] [22] XNS Xerox Network Systems (XNS) was a protocol suite promulgated by Xerox. as well as higher level functions such as a reliable stream. Some older networks such as TELENET and TYMNET were modified to provide a X. and internationally via X. Another employee suggested the name. [19] SNA Systems Network Architecture (SNA) is IBM's proprietary networking architecture created in 1974. It went public in 1979 and was then sold to GTE.25 networks. Tymnet Tymnet was an international data communications network headquartered in San Jose. but the monopoly's reaction was that this was incompatible with their future. Telenet was incorporated in 1973 and started operations in 1975.25/X.S. [20] Telenet Telenet was the first FCC-licensed public data network in the United States. SNA/SDLC. DATAPAC was developed by Bell Northern Research which was a joint venture of Bell Canada (a common carrier) and Northern Telecom (a telecommunications equipment supplier). He had tried to interest AT&T in buying the technology. Bolt. CA that utilized virtual call packet switched technology and used X. and remote procedure calls.75 gateways. X.25 host interface in addition to older host connection schemes. It initially used ARPANET technology but changed the host interface to X. Users typically connected via dial-up connections or dedicated async connections. As with many non-academic networks very little has been published about it.25 external interface. Tymnet was also connected to dozens of other public networks in the U. A user or host could call a host on a foreign network by including the DNIC of the remote network as part of the destination address.25 era There were two kinds of X.25 and the terminal interface to X. and government agencies. educational institutions. This allowed construction of a private network. The business consisted of a large public network that supported dial-up users and a private network business that allowed government agencies and large companies (mostly banks and airlines) to build their own dedicated networks. Tyme.29. It was developed from PARC Universal Packet (PUP). Telenet designed these protocols and helped standardize them in the CCITT.75 and X. Their High Level Network became operational in 1969 at about the same time as ARPANET. which provided routing and packet delivery.Packet-switched network 155 SITA HLN SITA is a consortium of airlines. (Interesting note: Tymnet was not named after Mr. An IBM customer could acquire hardware and software from IBM and lease private lines from a common carrier.121 allowed the interconnection of national X.25 networks. The private networks were often connected via gateways to the public network to reach locations not on the private network. .

who maintained their connections to AUSTPAC up until the mid-late 1990s in some cases. In addition to providing X.25 packet switching. Started by Telecom Australia in the early 1980s. Messages were buffered at the nodes adjacent to the sending and receiving terminals. financial applications — the Australian Tax Office made use of AUSTPAC — and remote terminal access to academic institutions. The technology was acquired from Northern Telecom. It covered major Canadian cities and was eventually extended to smaller centres. but through the use of "logical ports" an originating terminal could have a menu of pre-defined destination terminals. message switching software was also included.25 network operated by Telstra.25 and X. Eirpac Eirpac is the Irish public switched data network supporting X. providing X. ConnNet ConnNet was a packet switched data network operated by the Southern New England Telephone Company serving the state of Connecticut. Datapac DATAPAC was the first operational X. or.25 node to the network.Packet-switched network 156 AUSTPAC AUSTPAC was an Australian public X. It was launched in 1984. the name also referred to the public PAD service Telepad (using the DNIC 2049). HIPA-NET Hitachi designed a private network system for sale as a turnkey package to multi-national organizations. . by linking a permanent X. Datex-P Deutsche Bundespost operated this national network in Germany. Eirpac is run by Eircom. And because the main Videotex service used the network and modified PAD devices as infrastructure the name Datanet 1 was used for these services as well. Strictly speaking Datanet 1 only referred to the network and the connected users via leased lines (using the X.25 network (1976). [24] Iberpac Iberpac is the Spanish public packet switched network. supporting applications such as on-line betting. Although this use of the name was incorrect all these services were managed by the same [23] people within one department of KPN contributed to the confusion.25 services. Access can be via a dial-up terminal to a PAD.121 DNIC 2041).28. Iberpac is run by Telefonica. replacing Euronet. Switched virtual calls were not supported. Datanet 1 Datanet 1 was the public switched data network operated by the Dutch PTT Telecom (now known as KPN). AUSTPAC was Australia's first public packet-switched data network.

PSS also included public dial-up PAD access. R. "Some Design Aspects of a public packet switching network" (http:/ / rogerdmoore. C. "EXPERIMENTAL PACKET SWITCHING PROJECT OF THE UK POST OFFICE" (http:/ / rogerdmoore. [2] Martel. and run X. Smith. [7] Scantlebury. html). . British Telecom renamed PSS under its GNS (Global Network Service) name. The X. Proceedings of the 2nd ICCC 74. (1974). Transpac Transpac was the national X. and Pickholtz. 435–44. Internet era When Internet connectivity was made available to anyone who could pay for an ISP subscription. S. It began operation in 1978[25] . 223–228. Wilkin. PSS PSS was the UK Post Office (later to become British Telecom) national X. html#GEISCO). (November 1972). ca/ PS/ EPSSB. M. but the PSS name has remained better known. D (1974).25 network was based mainly on GEC 4000 series switches. [6] Schwartz. 10–14. United Kingdom: Noordhoff International Publishing. Boorstyn. Cunningham and M. It was developed locally at about the same time as DataPac in Canada. and various InterStream gateways to other services such as Telex. (1973). html). Roy D.T. Wilkinson. A. and is the first transcontinental Ethernet network working to establish a direct line of communications between international parties. [4] Pearson. [5] Kirstein. pp. ca/ PS/ Kirs1973/ Ki. "Terminal-Oriented Computer-Communication Networks" (http:/ / rogerdmoore.25 network in France. networkworld. Mischa.. D J. The JANET network grew out of the 1970s SRCnet (later called SERCnet) network. Proceedings of the IEEE 60 (11): 1408–23. . Rober R. National LambdaRail National LambdaRail is a high-speed national computer network in the United States that runs over fiber-optic lines. P. Raymond L. ca/ PS/ NPLPh/ NPL1974A.25 links at up to 8 Mbit/s in its final phase before being converted to an IP based network.. Peter T. References [1] Taylor. com/ newsletters/ frame/ 2008/ 0128wan1. html). IFIP Congress 1974. Proceedings of the NATO Advanced Study Institute on Computer Communication Networks. (1973). Proceedings of the NATO Advanced Study Institute on Computer Communication Networks. C. "Vint Cerf on why TCP/IP was so long in coming" (http:/ / www. Sussex. pp. [3] Bright. "A SURVEY OF PRESENT AND PLANNED GENERAL PURPOSE EUROPEAN DATA AND COMPUTER NETWORKS" (http:/ / rogerdmoore. . html#GEISCO). pp. Grushcow. Steve. Jim Metzler (2008).Packet-switched network 157 JANET JANET was the UK academic and research network. United Kingdom: Noordhoff International Publishing. ca/ PS/ EPSSFer/ EF. . ca/ PS/ BNR/ BNRnet. html). the distinctions between national networks blurred. publicly funded research laboratories. .25 network with a DNIC of 2342. It is a research consortium which has created the Abilene Network. Sussex. The development was done by the French PTT and influenced by the experimental RCP network. pp. ca/ PS/ TONET/ TON. linking all universities. J. Michael A. "THE BNR NETWORK: A CANADIAN EXPERIENCE WITH PACKET SWITCHING TECHNOLOGY" (http:/ / rogerdmoore. "The National Physical Laboratory Data Communications Network" (http:/ / www. 199–213. Some older technologies such as circuit switching have resurfaced with new names such as fast packet switching. . rogerdmoore. .. html). Proceedings of the 2nd ICCC 74. . Internet2 Internet2 is not an actual network. Researchers have created some experimental networks to complement the existing Internet. The user no longer saw network identifiers such as the DNIC. higher education establishments.

THE EXPERIMENTAL PACKET-SWITCHED DATA TRANSMISSION SERVICE OF THE FRENCH PTT" (http:/ / rogerdmoore. Control" (http:/ / rogerdmoore. html). html). Retrieved 15 June 2011 [24] Tomaru. ca/ PS/ SITAB. . ca/ PS/ TYMNET/ TY. the Experimental Packet-Switching Data Transmission Service of the French PTT" (http:/ / rogerdmoore. Luis (1980). [12] Després. [23] H. 578–585. cfm?id=810357). . 211–16. [18] Haarala. G.4. pp. 05/3/88 (http://www. "Packet Switching at Philips Research Laboratories" (http:/ / rogerdmoore. (1972). [9] Pehrson. A. D. [21] TYMES.org/robert/ internet/timeline/) • 20+ articles on packet switching in the 70s (http://www. ca/ PS/ TYMFlow/ TF. "AN ENGINEERING VIEW OF THE LRL OCTOPUS COMPUTER NETWORK" (http:/ / www. acm.J. 39. A. Conference Record of ICC 80. ca/ PS/ CTNEC1.5.R. [14] Bache. ca/ PS/ SNA6Y/ SNA6. 16 May. [13] Bache. Connections.rogerdmoore. . [22] TYMES. "Fundamental Choices in the Development of RCP. .htm) Pictures of the EPSS exchanges in London.zakon. pp.1–28. 171–85.5. Proceedings of 2nd ICCC 74.J. html). html). the Experimental Packet-Switched Data Transmission Service of the French PTT: History. ... fr/ Publications/ X25-TPC. Computer Networks (North-Holland Publishing Company) 1: 341–348. html). L. Proceedings of ICCC '80. de/ conferences/ eunis2001/ e/ Haarala/ HTML/ haarala-ch2. (1975). . ITS APPLICATIONS" (http:/ / rogerdmoore.. .J. tue.. ca/ PS/ RCPHCC/ RH. .'s PACKET SWITCHING NETWORK. 163–170. . Proceedings of ICCC 76. html). Steneker: Graduation Report on X. .M. html). html). rogerdmoore. J. Proceedings of ICCC 76.TUE. pp. [25] "X.25 Virtual Circuits . [19] Chretien. (APRIL 1981). Konig. 158 External links • "The Guide to Hacking & Phreaking.Transpac in France .. Guillou. pdf) Electrical Engineering .3. [20] Sundstrom. Arja-Riitta. "Libraries as key players at the local level" (http:/ / edoc.org/issues. nl/ extra1/ afstversl/ E/ 354398. Proceedings of the SJCC 1971. (1973). 373–396. "The SITA Network" (http:/ / rogerdmoore. G. 311–16. John G. .1". . 28. html). H. LA ROY W.4. Proceedings of the NATO Advanced Study Institute on Computer Communication Networks.H. Sethi. W. B. . Sussex.group. LA ROY W. COMPUTER NETWORKS (Englewood Cliffs. Schultz (1980). "Principles of Design in the Octopus Computer network" (http:/ / portal.ca/PS) • "An Introduction to Packet Switched Networks". 1991. G. Kato and S. ""1980 SNA'S First Six Years: 1974-1980"" (http:/ / rogerdmoore. pp. ca/ PS/ HIPA/ HIA. (1976). "RCP. [16] Cuenca.25 data services in GSM network (http:/ / alexandria.J. 38. .T.N. . . [17] Lavandera. ca/ PS/ RETDB. Issue #2". Chapter 3: page 20 and further.1–39. (1974). [15] Alarcia. html).): 95–100.phrack. IEEE. pp.. html). pp. T. pp. free. ca/ PS/ OCTOA/ OCTO.: Prentice-Hall Inc.Pre-Internet Data Networking" (http:/ / remi.I. L. html). "C.3. pp. IEEE TRANSACTIONS ON COMMUNICATIONS COM-29 (4): 392–98. and Rech.E. [11] Burnett. N. pp. computer-history. dir/ index. "A Private Packet Network and Its Application in A Worldwide Integrated Communication Network" (http:/ / rogerdmoore..Packet-switched network [8] Mendicino. ca/ PS/ RCPBAC/ RB. . Matras. html?issue=18&id=3#article) • EPSS (http://www. Y. Layec. David L. IEEE. H. info/ Page4. html). Yamaguchi (1980). dir/ pages/ Octopus. "Routing and Flow Control in TYMNET" (http:/ / www. Proceedings of ICCC 74. ca/ PS/ RCPDEP/ RD. org/ citation. html).. 517–22. R. Liquid Jesus (http://textfiles. "RCP. "ARCHITECTURE. Manchester and Glasgow.lt/hacking/icebook2. Conference Record of ICC 80.. K. Matras (1976). html). . ca/ PS/ CTNEA/ CTA. Long and Y. "1970 OCTOPUS: THE LAWRENCE RADIATION LABORATORY NETWORK" (http:/ / rogerdmoore. ca/ PS/ NPLPh/ PhilipsA. R.euclideanspace. "TYMNET — A terminal oriented communication network" (http:/ / rogerdmoore.J. (1974). S. Samuel F. Robert H'obbes' Zakon. Proceedings of 5th ICCC 80.com/coms/history/epss/index. Zakon Group LLC (http://www. Phrack. hu-berlin. despres. [10] Fletcher. Herrera.txt) • "Hobbes' Internet Timeline v8. "A PUBLIC PACKET SWITCHING DATA COMMUNICATIONS NETWORK: EIGHT YEARS OF OPERATING EXPERIENCE" (http:/ / rogerdmoore. PROTOCOLS AND PERFORMANCE OF RETD" (http:/ / rogerdmoore. United Kingdom: Noordhoff International Publishing. html). (1970). (1980).D.

although the original documents usually use Pup) was one of the two earliest internetwork protocol suites. and for hosts to discover routers. the name "PUP" only refers to the internetwork-level protocol. as well as higher level functions such as a reliable byte stream. History The origins of the PUP suite lie in two developments. PUP packets were up to 554 bytes long (including the 20 byte PUP header). and the creation of the Ethernet local area network at PARC. transmitting. PARC Universal Packet The PARC Universal Packet (commonly abbreviated to PUP. but no PUP router was required to handle them. similar to IP's ping. a packet-switching node is usually configured to support up to thirty-two X.) The entire suite provided routing and packet delivery. Unlike TCP/IP. and the checksum. (Technically. and at least one Terminal Access Controller (TAC). A protocol named the Gateway Information Protocol (a remote ancestor of RIP) was used as both the routing protocol. which roughly corresponds to the Internet Protocol (IP) layer in TCP/IP. reflecting the experience gained with PUP and IP. . for use by hosts which did not (yet) know their network number. Basic internetwork protocol The main internetwork layer protocol was PUP. but it is also applied to the whole protocol suite. The network number had a particular special value which meant 'this network'. A full PUP network address consisted of an 8-bit network number.25 56 kbit/s host connections.  This article incorporates public domain material from the General Services Administration document "Federal Standard 1037C" [1] (in support of MIL-STD-188). along with numerous applications. an optional 2-byte checksum covered the entire packet. Note: In the Defense Data Network (DDN). some of the protocols in the XNS suite (such as the Internetwork Datagram Protocol) were lightly modified versions of the ones in the PUP suite. PUP also included a simple echo protocol at the internetwork layer. an 8-bit host number. Larger packets could be fragmented. PUP also supplied packet types (again. but others are quite different. the development of PUP split off because Xerox PARC wished to move ahead with implementation. a node that contains data switches and equipment for controlling. and a 16-bit socket number. so that upper-layer protocols did not need to implement their own demultiplexing. Also. in the same events in the early 1970s as the very earliest stage of the development of TCP/IP (see History of the Internet).Packet-switching node 159 Packet-switching node Packet-switching node: In a packet-switching network. The fundamental design of the PUP suite was substantially complete by 1974. but operating at a lower level. for in-house use. and receiving data packets. formatting. which requires all hosts to support at least 576 (but supports packets of up to 65K bytes. routing. it was created by researchers at Xerox PARC in the mid-1970s. socket fields were part of the full network address in the PUP header. In the 1980s Xerox used PUP as the base for the Xerox Network Systems (XNS) protocol suite. individual PUP host pairs on a particular network might use larger packets. unlike IP). as many as six 56 kbit/s interswitch trunk (IST) lines to other packet-switching nodes. However. This was a smaller packet size than IP. if the hosts support them).

John F. page-level remote access to file servers.1094684. 291-293 . Robert M. in being influential in the early work on TCP/IP. Taft. Pup Network Constants (Xerox Parc. the ARPANET already made heavy use of remote management for controlling the Interface Message Processors which made it up). Robert M. References • Edward A. remains in wide use today in other protocol suites. State Machine for Rendezvous/Termination Protocol (Xerox Parc. July.g. 1975) • Edward A. name lookup. 1975) • Edward A. two protocols came into play. 1978 and October. 1978 and October.PARC Universal Packet 160 Transport layer protocols To establish a transport connection. 1975) • Edward A. July. etc (although some of these capabilities had been seen before. e. 1975) • Jon A. Palo Alto. and as the foundation for the later XNS protocols. Metcalfe. Pup Specifications (Xerox Parc. Palo Alto. before the arrival of the more modern OSPF and IS-IS. 1999). Edward A. which was analogous to TCP. Taft. • Michael A. in small sites with simple requirements. Impact In showing that internetworking ideas were feasible. doi:10. its biggest impact was probably as a key component of the office of the future model first demonstrated at Xerox PARC. IEEE Transactions on Communications 28 (4): 612–624. However. The Gateway Information Protocol's descendant. Taft. Palo Alto. 1980). 1979) Further reading • David R. "Pup: An Internetwork Architecture". 1978 and October. 1978 and October. June. Boggs. pp. including protocols for printer spooling. The second was the primary transport layer protocol. Palo Alto. Others were novel. Pup Error Protocol (Xerox Parc. PUP was very influential. RIP. It is still in use as an interior routing protocol. Hupp. BSP's semantics and operation were in terms of bytes. Some of them. Sequenced Packet Protocol. BSP took over and managed the data transfer. remote management. Once RTP had started the connection. Taft. Shoch. Naming and Addressing Conventions for Pup (Xerox Parc. July. such as Telnet and File Transfer Protocol. that demonstration would not have been anything like as powerful as it was without all the capabilities that a working internetwork provided. were basically the same protocols as used on the ARPANET (much as occurred with the TCP/IP suite). which was used to initiate communication between two entities. the Rendezvous and Termination Protocol (RTP). Dealers of Lightning: Xerox PARC and the Dawn of the Computer Age (HarperBusiness. Byte Stream Protocol (BSP). Metcalfe (April. Hiltzik. (somewhat modified to match the syntax of addresses of other protocol suites). One version of RIP served as one of the initial so-called interior gateway protocols for the growing Internet. New York. as well as manage and terminate the connection. Like TCP. Palo Alto. July. Taft. The first. this was discarded in favour of packets for the equivalent protocol in XNS.1109/TCOM. copying disk packs.1980. Application protocols PUP supported a large number of applications.

making the server liable to crash. Having a low ping is always desirable because lower latency provides smoother gameplay by allowing faster updates of game data. rather. which is often more costly than the time it takes an electrical signal to traverse a typical span of cable. who does not crash. For this reason. The latter usage is common among players of first-person shooter and real-time strategy games. playing on a server located in the United States. In these games. very miserable. so having a high latency will usually be to the user's peril. In more modern multiplayer online video games implementations. making the player's gaming experience. .with thresholds as low as 130 milliseconds. For instance. the player aided by the higher ping skips around. and therefore it takes longer for data to be transmitted. client software will often mandate disconnection if the ping is too high. Hacking If a hacker applies a Denial-of-Service Attack on a game server. A high ping is not the result of lag. This could be reported quantitatively as an average time in milliseconds. many servers automatically remove players with higher than average ping . However. and autokicking players more. Ping is often conflated with lag. and either the game server or another client (i. users with a high ping unintentionally gain an unfair advantage. Rather than using the traditional ICMP echo request and reply packets to determine ping times. Similarly.Ping (video gaming) 161 Ping (video gaming) In multiplayer online video games. ping refers to the network latency between a player's computer (client). Some factors that might affect ping include: network protocol engineering. Cheating In some games. if someone is in India. One may "lag out" due to unacceptably high ping. the quality of a user's Internet service provider and the configuration of firewalls. Servers will often disconnect a client if the ping is too high and it poses a detriment to others' gameplay. the server keeps track of where the user's avatar is. as in some implementations of the Quake III Arena network protocol and game engine. Many game servers are not big enough to handle Denial of Service Attacks. the distance between the two is greater than it would be for players located within the US. the amount of packet-switching and network hardware in between the two computers is often more significant.e. Ping is also affected by geographical location. making it hard to judge where the character is exactly. a high ping causes lag. wireless network interface cards must modulate digital signals into radio signals. Internet connection speed. peer). and thus more elusive to target. game programmers often instead build their own latency detection into existing game packets (usually based on the UDP protocol). it may make players' ping considerably higher. For instance. or qualitatively as low ping or high ping.

a unit of data which is specified in a protocol of a given layer and which consists of protocol-control information and possibly user data of that layer. TCP segment) (Layer 5 and above are referred to as data. sending ones and zeros across a wire. or "peer". For example. For example: Bridge PDU or iSCSI PDU[1] PDUs are relevant in relation to each of the first 4 layers of the OSI model as follows: 1. The significance of this is that the PDU is the structured information that is passed to a matching protocol layer further along on the data's journey that allows the layer to deliver its intended function or service. The features or services of the network are implemented in distinct "layers".) Given a context pertaining to a specific layer. address information. The Layer 1 (Physical Layer) PDU is the bit The Layer 2 (Data Link Layer) PDU is the frame The Layer 3 (Network Layer) PDU is the packet The Layer 4 (Transport Layer) PDU is the segment (e. For example. Unless we have already arrived at the lowest (physical) layer. a protocol data unit (PDU) is best understood in relation to a service data unit (SDU). organizing the ones and zeros into chunks of data and getting them safely to the right place on the wire is done by the data link layer. or data. etc. The addition of addressing and control information (which is called encapsulation) to an SDU to form a PDU and the passing of that PDU to the next lower layer as an SDU repeats until the lowest layer is reached and the data passes over some medium as a physical signal. When the PDU passes over the interface from the layer that constructed it to the layer that merely delivers it (and therefore does not understand its internal structure). decodes the data to extract the original service data unit. a code to identify the type of data in the packet and error-checking information. decide if it is error-free and where to send it next. undertaking to get it to the same interface at the destination. but the lower layer at the interface does not. PDU is sometimes used as a synonym for its representation at that layer. In order to do this. 2. . 2. 4. it treats it as payload.g. the term protocol data unit (PDU) has the following meanings: 1. In a layered system. is done by the physical layer. it might add a port number to identify the application. Information that is delivered as a unit among peer entities of a network and that may contain control information. the layers pass service data units across the interfaces.Protocol data unit 162 Protocol data unit In telecommunications. the PDU is passed to the peer using services of the next lower layer in the protocol "stack". the protocol layer will add to the SDU certain data it needs to perform its function. All this additional information. a network address to help with routing. The application or higher layer understands the structure of the data in the SDU. fiber. Packet-switched data networks In the context of packet-switched data networks. plus the original service data unit from the higher layer. passing data chunks over multiple connected networks is done by the network layer and delivery of the data to the right software application at the destination is done by the transport layer. 3. constitutes the protocol data unit at this layer. Between the layers (and between the application and the top-most layer). The matching layer. etc. it becomes a service data unit to that layer.

When the addressee finally opens the envelope. When the crate reaches the destination matching its label. The sending post office might look only at the post code and place the letter in a mail bag so that the address on the envelope can no longer MAC layer PDU becomes physical layer SDU be seen. making the crate a PDU. making it now an SDU.de/faq/archiv/osi-protocols/msg00000. The mail bag is labelled with the destination post code and so becomes a PDU. gov/ fs-1037/ fs-1037c. htm). and the crate is labelled with the region to which all the bags are to be sent.protocols. The letters themselves are SDUs when the bags are opened but become PDUs when the address is read for final delivery. the top-level SDU. the letter itself.iso FAQ (http://www. its. it is opened and the bags (SDUs) removed only to become PDUs when someone reads the code of the destination post office. 163 References [1] This article incorporates public domain material from the General Services Administration document "Federal Standard 1037C" (http:/ / www. when it is now an SDU.html) (search for "PDU") . bldrdoc. External links • comp.Protocol data unit The above process can be likened to the mail system in which a letter (SDU) is placed in an envelope on which is written an address (addressing and control information) making it a PDU.uni-giessen. until it is combined with other bags in a crate. emerges.

Public switched data network 164 Public switched data network A public switched data network (PSDN) is a publicly-available packet-switched network. T2 is the arrival time of the last packet from any flow that is dropped by the Random Early Detection block. usually utilized for access to a packet-switched broadband IP network. Whilst there are several technologies that are superficially similar to the PSDN.[1] A Robust RED (RRED) algorithm was proposed to improve the TCP throughput against LDoS attacks. ISDN utilizes the PSTN circuit-switched network. T2) 03 if pkt. RRED algorithm can significantly improve the performance of TCP under Low-rate Denial of Service attacks. Tmax+T*] then 04 reduce local indicator by 1 for each bin corresponding to f 05 else . Experiments have confirmed that the existing RED-like algorithms are notably vulnerable under LDoS attacks due to the oscillating TCP queue size caused by the attacks. and DSL uses point-to-point circuit switching communications overlaid on the PSTN local loop (copper wires). both providing PVCs. Originally this term referred only to Packet Switch Stream (PSS). especially the Low-rate Denial-of-Service [4] (LDoS) attacks. such as Integrated Services Digital Network (ISDN) and the Digital Subscriber Line (DSL) technologies. the sender will delay sending new packets if loss is detected (e. RRED-ENQUE(pkt) 01 f←RRED-FLOWHASH(pkt) 02 Tmax←MAX(Flow[f]. The basic idea behind the RRED is to detect and filter out attack packets before a normal RED algorithm is applied to incoming flows. The basic idea behind the RRED is to detect and filter out LDoS attack packets from incoming flows before they feed to the RED algorithm. which is empirically choose to be 10ms in a default RRED algorithm. Robust random early detection The existing Random Early Detection (RED) algorithm and its variants are found vulnerable to emerging attacks. This is the basic idea of the detection algorithm of Robust RED (RRED). More Details [4] The Algorithm of the Robust RED (RRED) f. Within a benign TCP flow. and other packet-switching techniques. distinct from the PSTN..T1.arrivaltime is within [Tmax.25-based packet-switched network. mostly used to provide leased-line connections between local area networks and the Internet using permanent virtual circuits (PVCs). Consequently. a packet is suspected to be an attacking packet if it is sent within a short-range after a packet is dropped. an X. but also to Internet Protocol (IP). they are not examples of it. How to distinguish an attacking packet from normal TCP packets is critical in the RRED design.g. the term may refer not only to Frame Relay and Asynchronous Transfer Mode (ATM).T1 is the arrival time of the last packet from flow f that is dropped by the detection and filter block.[1] The Design of Robust RED (RRED) A detection and filter block is added in front of a regular RED block on a router. a packet is dropped). GPRS.T1. T* is a short time period. Tmax = max(f. T2). Today.

google. pp. RRED: Robust RED Algorithm to Counter Low-rate Denial-of-Service Attacks (http:/ / sites. 2010. Low-rate DoS.More Details [3] Related Publications Recent Publications in Low-rate Denial-of-Service (LDoS) attacks [12] Recent Publications in Random Early Detection (RED) schemes [2] Recent Publications in Active Queue Management (AQM) schemes [1] References [1] Changwang Zhang.I >=0 then RED-ENQUE(pkt) //pass pkt to the RED block if RED drops pkt then T2←pkt. etc. and Weifeng Chen. vol. Ref (http:/ / ieeexplore. org/ xpl/ freeabs_all. Spoofing DoS. It automatically calculate and record the average throughput of normal TCP flows before and after DoS attacks to facilitate the analysis of the impact of DoS attacks on normal TCP flows and AQM algorithms.) and Active Queue Management (AQM) algorithms (RED. google.arrivaltime drop(pkt) return 165 More Details [4] The Simulation code of the Robust RED (RRED) The simulation code of the RRED algorithm is published as an Active Queue Management and Denial-of-Service (AQM&DoS) Simulation Platform.arrivaltime else Flow[f]. pdf?attredirects=0). Zhiping Cai. jsp?arnumber=5456075) [2] http:/ / sites. com/ site/ cwzhangres/ home/ posts/ recentpublicationsinrandomearlydetectionredschemes . com/ site/ cwzhangres/ home/ files/ RREDRobustREDAlgorithmtoCounterLow-rateDenial-of-ServiceAttacks.Robust random early detection 06 07 08 09 10 11 12 13 14 15 increase local indicator by 1 for each bin of f Flow[f].I←maximum of local indicators from bins of f if Flow[f]. 14. IEEE Communications Letters. 489-491. The AQM&DoS Simulation Platform [3] is able to simulate a variety of DoS attacks (Distributed DoS.T1←pkt. RRED. Jianping Yin. ieee.). etc. SFB.

When transmitting packets.Michael Howard's Web Log (http://blogs.[1] References [1] Microsoft Tightens the Noose on Raw Sockets (http:/ / seclists.lg.org/papers/ sock_raw) .ic. the automatic addition of a header may be a configurable option of the socket. support raw sockets. as opposed to standard sockets which receive just the packet payload without headers. Three years after the Windows XP release.aspx) an indication of what's actually allowed on Windows. a raw socket is a socket that allows direct sending and receiving of network packets by applications. • Network Programming for Microsoft Windows (ISBN 0-7356-1579-9) • A little more info on raw sockets and Windows XP SP2 . module for Perl applications. Usually raw sockets receive packets inclusive of the header.com/ michael_howard/archive/2004/08/12/213611. Most socket application programming interfaces (APIs).ua/~ksv/). org/ nmap-hackers/ 2005/ 4) External links • Video Tutorials on Programming with Raw Sockets (http://security-freak. Microsoft silently limited Winsock's raw socket support in a non-removable hotfix and offered no further support or workarounds for applications that used them.net/raw-sockets/raw-sockets.Raw socket 166 Raw socket In computer networking. (http://search.pm) Created by Sergey Kolychev (http://www. bypassing all encapsulation in the networking software of the operating system.cpan.org/~skolychev/Net-RawIP-0. the media criticized Microsoft asserting that raw sockets are only of use to hackers to perform TCP reset attacks. • SOCK_RAW Demystified: article describing inner workings of Raw Sockets (http://sock-raw. Windows XP When Microsoft released Windows XP in 2001 with raw socket support implemented in the Winsock interface.1/RawIP.html) • Net::RawIP.msdn. especially those based on Berkeley sockets.al.

The SFD is immediately followed by the destination MAC address. it also loads the resulting packets directly into OmniPeek or EtherPeek. Not only does the SQLFilter allow users to search for packets across thousands of trace files. wildpackets. It has the value 10101011. php?id=33 [2] http:/ / blog. and signal the start of the actual frame. and time to fix. For network trouble shooters. wildpackets. As more companies save large quantities of network traffic to disk. The preamble of an Ethernet frame consists of a 56-bit (7-byte) pattern of alternating 1 and 0 bits. this revolutionizes the job of finding packets. . tools like the WildPackets SQLFilter make it possible to search through packet data more efficiently. The matching packets are loaded directly into OmniPeek and analyzed. This cuts out many of the steps usually involved in this process and dramatically shortens time to knowledge. For a more indepth discussion of the SQLFilter read Packet Data Mining and Network Forensics [2] . com/ 2009/ 01/ network-forensics. The packets can then be searched using SQL queries. The SFD is designed to break this pattern. The packet database can also be used to build multi-tier data mining and network forensics systems. which allows devices on the network to easily detect a new incoming frame. html Start Frame Delimiter The Start Frame Delimiter (SFD) is the 8-bit (1-byte) value marking the end of the preamble of an Ethernet frame. References [1] https:/ / mypeek. com/ view_submission.SQLFilter 167 SQLFilter SQLFilter [1] is a plugin for OmniPeek that indexes packets and trace files into an SQLite database.

Comparison with static TDM Time domain statistical multiplexing (packet mode communication) is similar to time-division multiplexing (TDM). The channel number is denoted Program ID (PID). • The UDP and TCP protocols. the packets may be delivered according to some scheduling discipline for fair queuing or differentiated and/or guaranteed quality of service. Usage Examples of statistical multiplexing are: • The MPEG transport stream for digital TV transmission.Statistical time division multiplexing 168 Statistical time division multiplexing Statistical multiplexing is a type of communication link sharing. Statistical multiplexing ensures that slots will not be wasted (whereas TDM can waste slots). statistical multiplexing can provide a link utilization improvement. except that. Statistical multiplexing is facilitated through packet mode or packet oriented communication. The port numbers constitute channel identification numbers (and also . while statistical multiplexing is carried out at the data link layer and above. called the statistical multiplexing gain. or (in the case of datagram communication) complete destination address information. audio and data streams of different data rates to be transmitted over a bandwidth-limited channel (see #Statistical multiplexer). This is an alternative to creating a fixed sharing of a link. Statistical multiplexing of an analog channel. and experience varying delay (while the delay is fixed in TDM). Statistical multiplexing normally implies "on-demand" service rather than one that preallocates resources for each data stream. which amongst others is utilized in packet switched computer networks. In statistical multiplexing. Alternatively. such as in general time division multiplexing (TDM) and frequency division multiplexing (FDM). where data streams from several application processes are multiplexed together. When performed correctly. Statistical multiplexing is used to allow several video. where different amount of spreading codes or spreading factors can be assigned to different users. rather than assigning a data stream to the same recurrent time slot in every TDM frame. Static TDM and other circuit switching is carried out at the physical layer in the OSI model and TCP/IP model. Each stream is divided into packets that normally are delivered asynchronously in a first-come first-serve fashion. The packets have constant lengths. very similar to dynamic bandwidth allocation (DBA). each packet or frame contains a channel/data stream identification number. is also facilitated through the following schemes: • Random frequency-hopping orthogonal frequency division multiple access (RFH-OFDMA) • Code-division multiple access (CDMA). The packets may have varying lengths. The link sharing is adapted to the instantaneous traffic demands of the data streams that are transferred over each channel. Statistical multiplexing schemes do not control user data transmissions. The transmission capacity of the link will be shared by only those users who have packets. each data stream is assigned time slots (of fixed length) or data frames (of variable lengths) that often appear to be scheduled in a randomized order. Channel identification In statistical multiplexing. Statistical multiplexing allows the bandwidth to be divided arbitrarily among a variable number of channels (while the number of channels and the channel data rate are fixed in TDM). for example a wireless channel. a communication channel is divided into an arbitrary number of variable bit-rate digital channels or data streams.

CRC-based framing achieves character and start-of-header synchronization.Statistical time division multiplexing address information). An example of a syncword is 0x0B77 for an AC-3 encoded stream. every "space" character in the message does double duty as a syncword. • The X. Alternatives In some communication systems. For example. This bandwidth sharing technique produces the best video quality at the lowest possible aggregate bandwidth. where the packets have fixed length. External links • Example of Statistical Multiplexing [1] (Chart from a real DVB-T multiplex) References [1] http:/ / igorfuna. using the X. a syncword.in effect. a statistical multiplexer is a content aggregating device that allows broadcasters to provide the greatest number of audio or video services for a given bandwidth by sharing a pool of fixed bandwidth among multiple services or streams of varying bitrates. the FSK441 protocol achieves character synchronization by synchronizing on any "space" characters in the message -. then other special characters to synchronize to the beginning of a frame of characters. com/ dvb-t/ slovenia/ multiplex-a-usage-chart Syncword In computer networks. where the packets have varying lengths. and the channel number is denoted Virtual Connection Identifier (VCI). while other systems use ASCII armor.[1] [2] Various techniques are used to "disguise" bytes of data at the data link layer that might otherwise be (incorrectly) recognized as the sync word.25 providers. 169 Statistical multiplexer In for example digital audio and video broadcasting. The channel identification number consists of a Virtual Connection Identifier (VCI) and a Virtual Path Identifier (VPI). .25 protocol suite was colloquially known as "the Packet switched network" in the 1980s and into the beginning of the 1990s. without the overhead of an explicit syncword. or start-of-header synchronization from a byte stream. Examples For example an audio receiver is receiving a bit stream of data. The multiplexer allocates to each service the bandwidth required for its real-time needs so that services with complex scenes receive more bandwidth than services with less complex ones. HDLC uses bit stuffing or "octet stuffing". • The Asynchronous Transfer Mode packet-switched protocol. The international collection of X. sync character or preamble is used to synchronize a transmission by indicating the end of header information and the start of data. For example. The bisync protocol of the 1960s used a minimum of two ASCII "SYN" characters (0x16…0x16) to achieve character synchronization in an undifferentiated bit stream. a receiver can achieve character synchronization from an undifferentiated bit stream.25 and Frame relay packet-switching protocols. For example.

such as copper and fiber optics cables. When computer A reboots. A TCP reset basically kills a TCP connection instantly. Using a TCP connection gives the computers an easy way to exchange data items too big for a single packet.). The computer on the other end (computer B) will continue to send TCP packets since it does not know computer A has crashed. ISBN 9781857283792. com/ bisync. Computer A has no context for these packets and no way of knowing what to do with them. every character is. Each protocol has a block of information. such as video clips. included near the front of each packet. as well as channel estimation. however if this bit is set to 1 it indicates to the receiving computer that the computer should immediately stop using the TCP connection . or packets of data. email attachments. It is used for both frame synchronization such as for Ethernet frames.computer B. and can be used to achieve character synchronization in an undifferentiated bit stream. . In most packets this bit is set to 0 and has no effect. a system for individual computers to exchange electronic messages. TCP resets The stream of packets in a TCP connection each contains a TCP header. One common application is the scenario where a computer (we'll call it computer A) crashes while a TCP connection is in progress. 2011. and discard any further packets it receives with headers indicating they belong to that connection. TCP reset attack TCP reset attack. made-it. . The basic protocol used on the Internet is the IP protocol. p. Computer communications and networks (http:/ / books.Syncword In a self-synchronizing code. google. Taylor & Francis. "spoofed TCP reset packets" or "TCP reset attacks". the tampering is malicious. they are sent over TCP connections for convenience. and a formalized system for formatting the messages. it is beneficial. This system includes hardware to carry the messages. in effect. When used as designed this can be a useful tool. Made IT. Sometimes. in essence. Headers contain information about which computer sent the packet. 12. Connectivity Knowledge Platform. 170 Preamble In digital communication. etc. These terms refer to a method of tampering with Internet communications. preamble is a sequence of known bits are sent in each frame. References [1] "BiSync. also known as "forged TCP resets". which computer should receive it. so it might send a TCP reset to the sender of the packets . [2] John R. com/ books?id=ye4DwILZhq0C& pg=PA12) (2nd ed. the packet size. Each of these headers contains a bit known as the "reset" (RST) flag. html). TCP (as opposed to other protocols such as UDP) is used with IP when a virtual connection is required between two computers. called "protocols". Technical Background The Internet is. BSC" (http:/ / ckp. which is usually coupled with additional protocols such as TCP (Transmission Control Protocol[1] ) or UDP (User Datagram Protocol). Retrieved July 5. Although some web pages are small enough for a single packet.It should not send any more packets using the connections identifying numbers (called ports). This reset lets .. called a header. Freer (1996). TCP software on the two machines which will communicate (for example a workstation with a browser and a web server) by exchanging a stream of packets. it will then receive packets from the old pre-crash connection. other times. a syncword. or music files. TCP/IP is the protocol set used for email and web browsing.

which was followed by the creation of the Network Neutrality Squad (NNSquad) by Lauren Weinstein. Ironically the technology to detect the resets was developed from the earlier Open-source "Buster" software which used forged resets to block malware and ads in web pages.TCP reset attack computer B know that the connection is no longer working. It's possible for a 3rd computer to monitor the TCP packets on the connection. org/ archive-1-1429. and the open source Snort used TCP resets to disrupt suspicious connections as early as 2003. and on August 21. html) [4] Section of Wikipedia Comcast article [5] Associated Press. ietf. nnsquad. org/ rfc/ rfc0793. Properly formatted forged TCP resets can be a very effective way to disrupt any TCP connection the forger can monitor. Every field in the IP and TCP headers must be set to a convincing forged value for the fake reset to trick the endpoint into closing the TCP connection. David Farber. falsely. a Windows software program written by John Bartas. html) . Are forgeries good or bad? One obvious application of forged TCP reset is to maliciously disrupt TCP connections without the consent of the two parties which own the endpoints .[3] Comcast Controversy By late 2007 Comcast began using forged TCP resets to cripple peer-to-peer and certain groupware applications on their customers computers [4] [5] . However. The user on computer B can now try another connection or take other action. 2008 it ordered Comcast to terminate the practice. html) [3] SNORT discussion archive re: TCP resets (http:/ / www. interesting-people. and then send a "forged" packet containing a TCP reset to one or both endpoints. org/ pipermail/ netfilter/ 2000-May/ 003971. Vint Cerf.From Dave Faber's IP list . msn.[7] References [1] TCP specification (http:/ / www. org/ ) [7] Article on validity of resets as management tool (http:/ / www. that it came from an endpoint. Craig Newmark and other well-known founders of and champions of openness on the Internet. org/ archives/ interesting-people/ 200805/ msg00163. A prototype "Buster" software package was demonstrated in 1995 that would send forged resets to any TCP connection which used port numbers in a short list. which could detect Comcast's forged TCP resets and distinguish them from real endpoint-generated resets. This information includes the endpoint IP addresses and port numbers. snort. txt) [2] May 2000 Linux discussion archives (http:/ / lists. They have also argued that these resets are a legitimate way to reduce network traffic.more on this below. In January 2008 the FCC announced it would investigate Comcast's use of forged resets. Comcast Blocks Some Internet Traffic (http:/ / www. The term "forged" Some representatives of ISPs dislike the use of the term "forged" when referring to these TCP resets. This started a controversy. netfilter. com/ id/ 21376597/ ) [6] NNSquad home page (http:/ / www. The headers in the forged packet must indicate. msnbc. 171 Forging TCP resets In the scenario above the TCP reset bit was sent by a computer which was one of the connection endpoints.[6] In 2008 the NNSquad released the NNSquad Network Measurement Agent. not the forger. Linux volunteers proposed doing something similar with Linux firewalls in 2000 [2] . network security systems using forged TCP resets have been designed as well.

php). virtual packet may refer to: • Packets created by a packet generator.snort.eff.[1] References [1] Internet Protocol (IP) (http:/ / penguin. to simulate real-world network conditions such as packet storms • Packets at any layer or sublayer (as those terms are used in. bbk. uk/ academic/ networks/ network-layer/ ip/ index.org/wp/packet-forgery-isps-report-comcast-affair) Virtual packet In computer networking.TCP reset attack 172 External links • SNORT Official website (http://www.org/) • EFF report on Comcast use of resets (http://www. These "virtual packets" allow heterogeneous networks to talk to each other using a common protocol. part of a course on computer networking hosted by the University of London . dcs. the OSI model) above the most basic packets or frames used in a network. for example. ac.

Andy Marchbanks. GregorB. SNIyer12. Kgrr. Gilabrand. Au k. Zodon. Phil Urich. Mitchoyoshitaka. Anon515. Chowbok. Madhero88. Adambro.Article Sources and Contributors 173 Article Sources and Contributors Deep packet inspection  Source: http://en. PAStheLoD. Nina1995. Cdc. Apohran. The Thing That Should Not Be. Hydraton31. Astor14. 1001001. Dragomiloff. Emadido. Uncle Dick. Piano non troppo.php?oldid=434934453  Contributors: AmySi41. Senzhang. Tinucherian. Spikehall1234. JonHarder. XSTRIKEx6864. Yasakak. Zeroday. DavidBlackwell. Zigforjustice. Piarres. Kigali1. Mosquitohawk. Biot. Eros. John Hyams. Plasticup. Mtmatt. Ed Poor. Tachitsuteto. Kkm010. Petri Krohn. Sceptre. Agencius. Robguru. Quigley. HybRiDx24. Bookbrad. Kyleflaherty. Tasmanian56. 42 anonymous edits Sandvine  Source: http://en. WeisheitSuchen. Dawnseeker2000. Hmains. Hollaback22. Srijith2007q. Hmbr. Ohconfucius. Chrisc8266. BaRiMzI. Lpmusix. Ehudshapira. J04n. Unknown W. Ranumao. Rick Sidwell.php?oldid=440883331  Contributors: Alansohn. Merzbow. Eagleal. Jasper Deng. Marokwitz. AliveFreeHappy. Kurauchi. Kirill Lokshin. SaxicolousOne. Mrmodine. Mjpresson. MrChrome. Ahunt. 2technical. Onoes. Hblackhawks.php?oldid=447837259  Contributors: Aaron Rotenberg. YUL89YYZ. WadeSimMiser. Tinton5. Scieberking. Surv1v4l1st. Derickmoore. Kai-Hendrik. Dr unix. Sayden. Drmies. Winton. Winchelsea. Meldodd. Hansivers. Bearcat. Billhunt. Altenmann. Sbowers3. SamJohnston. Vijaypadiyar. Kelvingeorge. Kwiki. Brian2wood. SimonMackay. Andreas Kaufmann. Xnatedawgx. Wikidemon. KevinJones. Jbyers. Cmr08. Dinu. Tompsci. Maytran999. Evrik. E Wing. Dot-per-inch. Shoone. Hax0rw4ng. EXTremY.org/w/index. SomniOne. John. Jvcdude. Daveswagon. SMC. Eugman. Monkeyman. Y. Martin451. Barri.moyal. Vegaswikian. 33 anonymous edits Network intelligence  Source: http://en. CecilWard. Visiting1. Mpeylo. Veinor. Jdfirth. Xyzzy288.wikipedia. The Rambling Man. Gwernol. Jalal0. CaptainMorgan. Mailer diablo. Colonies Chris. Bongwarrior. Amandeep 11. TonyW. 82 anonymous edits Check Point  Source: http://en. Anna Lincoln. Aecis. BalkanFever.php?oldid=396395157  Contributors: Bsimonis. Mrmclean. Jessica Schieve. RedWolf. Irishguy. Ynhockey. Sdaronsky. Mean as custard. Vlad. Kgrr. Beto. Music Sorter. Manoj-jaiswar. Boism. Edgar181.moyal. UrSuS. Astralblue. Swliv. Therealcolletepierre. Aesalon. Kandsten. Beland. Phaldo. Stavrinov.org/w/index. NPatrick6. Mehudson1. Bsdguru. Luna Santin. RHaworth. Sherryp22. Hu12. Darth Panda. Bobblewik. Kittoo. Jwojdylo. Surfingslovak. Sophus Bie. Postoak. Akadruid. Tombomp. Powell1605. Hardikp12. Nzd. Elenap221. Chris the speller. Kparisot. Rwcgroup. Avaneendra. Amcl. Mild Bill Hiccup. Voidvector. Pde. Thepangelinanpost. Crusio. Elphion. Tagishsimon. Thumperward. Kbdank71. Colonies Chris. Theothertomjones. Corvus cornix. Paradoxicalengineer. Kwsn. Nthep. Filterbob. Barrylb. Ipsla. Rhsimard. Mentallo 477. Jesant13. Scnash. NeilN. Kimchi. Joseanda1006. Lctech. EdJohnston. Qwertythecat. Smmgeek. Hobartimus. G33k-3d1t. Weyes. JosephBarillari. Iztoku. Frap. Favonian. SmartGuy. Blowfish. Yaronf. Cmdrjameson. Kamath. Algotr. Seevinayin.. DrachenFyre.org/w/index. Oli Filth. Teles. Rjwilmsi.larsson. DMG413. Sietse Snel. Jacklyne Hamilton. Tregoweth. Krypticmind. Jopetersen. Vhann. Vitor Mazuco. Naugahyde. This user has left wikipedia. Nikolas Karalis. Arletty75. Rettetast. UnitedStatesian. Admanonline. GreenJoe. Kubigula. Chrisdab. Mehudson1. Viewfinder. Numberonegenius.org/w/index. Calltech.wikipedia. Ttonyb1. Ziyadbasheer. Treekids.php?oldid=419184275  Contributors: Alexanderrock. Amitnme. Shervinafshar. CrypticBacon. Codwiki. Woohookitty. Mitchdeweber. Berford. Alpha Quadrant. One. Secretlondon. Akula4211. Venus 9274. RexNL. B Pete. Shoeofdeath. CarolGray. Mmernex. Dragonnas. Mr. Marathi mulgaa. Machismo500.Smith. Exobyte. CliffC. John K. DerHexer. Tjpayne. Alerante. Parrot. Gaius Cornelius. Brianhe. Tnash7d. Mdecampo8999. Guyanakoolaid. Apankrat. Andareed.wikipedia. Piano non troppo. Shuki. Tiredmain. Robocoder. Kozuch. Soumyasch. Moe Epsilon. Jay. Jerryseinfeld. HamburgerRadio. Richard Arthur Norton (1958. Shashibg. KelleyCook. Jevansen. 24 anonymous edits Barracuda Networks  Source: http://en. R. Coolian. Madchester. Keesiewonder. Marcus Brute. FT2. Knff. DaveBurstein. Tide rolls. Astor14. Dgtsyb. Muzilino. Nybubba. Theaveng. Whisky drinker. Jiddisch. Stardust8212. Lyonspotter. Muhandes.wikipedia. Anthony71. Mozart20d. Zmiller923. RadioFan. HamburgerRadio. Niggurath. Jpp42. S51438. LemonairePaides. Kateshortforbob. Airplaneman. Informationh0b0. Ceyockey. Christopher Kraus. Alison9. Tycoon24. Mole2386. Gwernol. Guy Harris. Eiscosogin. Joy. Mosquitohawk. Gavint0. Bender235. NapoliRoma. Bovineone. Ejay. Fredrik. NiZhiDao. Naddy. Boothy443. Firefighter Dog. Nathan. Hmains. Dav92178. Perspeculum. Ailanto. Adrian. Sravisha. Netwrecked. Truthcommission. Shanes. JeffJonez. SasiSasi. R'n'B. R'n'B. Zvar. JLaTondre. Pursey. Vsync. Bluedisk. Swellesley. Everyking. Santuccie. KD5TVI. Aeons. MER-C. Phatom87. ExplicitImplicity. 972 anonymous edits Front Porch  Source: http://en. DDerby. Kim Rubin. Scooby3.php?oldid=445444053  Contributors: Aspects. Cheemais. Thorprime. O1001010. Bunnyhop11. Mmernex. Axiome2. 0x6D667061. Nikai. TerrierHockey. JetBlast. Scarpy. ZimZalaBim. Woohookitty. Kinu. GayCommunist. Aavindraa. Jamcib. JLaTondre. @pple. Juliancolton. Idaltu. Jbromhead. Pristino. Spoonboy42.php?oldid=425301933  Contributors: Azumanga1. Cwolfsheep. Vespristiano. Pedant17.golovko. Znx. THEN WHO WAS PHONE?. DMCer. Chris the speller. ChrisRuvolo. Y. Ivan Velikii (2006-2008). Looxix. Courtarro.org/w/index. Rjwilmsi. 16@r. Erik. ArtiePesh. D6. Lamro. Elenabrown. RJFJR. Kizor. Giraffedata. Nonomy. Matilda. Astor14. Chrisn4255. Noq. Hairy Dude. Shawnc. Epbr123. Trevc63. Mikepelley. Ryan0. Christopher Kraus. Typhoon. Aymatth2. Sjc07. SteveSims. Ronpeled. Mariguzm. Presidentman. Tascha96. Pmsyyz. Dispenser. Rcawsey. Sigma 7. Sherool. Mattsday. Storytellershrink. WurmWoode. Darklilac. WikiDan61. 143 . Ilyasali khan. Sonar610.wikipedia. TachyonJack. Geofones. Winston earl smith. Sephiroth storm. Rossumcapek. PaulHanson.php?oldid=448514851  Contributors: 007007wiki. Tom harrison. Common Man. Garywill. 1 anonymous edits Labris Teknoloji  Source: http://en. Hasek is the best. Cybercobra. FranzMeister. Notquiteleet. KansasCity. Rsb7. Davidstrauss. CanisRufus. AlfredWalsh. Ryan Roos. Quadra630. Howardtheroarke. Baeksu. Papajohnin. Kinawi. Spearhead. Wikipodium. Flashcube. Ernestvoice. Pathgrant. EmbeddedBSL. Tkaizan. Mgurunathan. Pooua. JonHarder. Red Thrush. Zr2d2. Takerman. Ckatz. Iridescent. Rjwilmsi. Bongomatic. Kaplanmyrth. Alex91dml. Ground Zero. Everyking. Lightmouse. Evildeathmath. Mellery. DaRaeMan. Ninja247. A Man In Black. Petrinarobins. Cotisocetinoiu. Zabby1982. Dchapes. Csabo. CliffC. Prodoom. Isonomia. Rsecker. Sprinter76. Thogan.‫טרול רפאים‬ anonymous edits Cisco Systems  Source: http://en. PacketDude. EagleFan. Superjordo. Jamcib. Mcingue.org/w/index. Dflasker. Tomich. Anetode. Biker Biker. Edward. Nihiltres. Ixfd64. Bewert. Molly. DannyDin. Fuhrmanator. Drughwan. Ferdiaob. The Anome. Dstivers. Frap. Center4499. Ftpaddict. Liquidsnakejr. SimonLyall. 6 anonymous edits Radware  Source: http://en. CesarB. Catapult. JamesAM. JamesBWatson. Xcentaur. Factcheckrz. Emersoni. Brianhe. Bobo192. Ha us 70. MrHat1065. Qviri. Yngvarr. Mahewa. True Pagan Warrior. John Hyams. Mentifisto. Esrever. CastAStone.wikipedia. Aymatth2. Jeffhane100. Alvarossjunior. Uncle G. Dana boomer. Rrburke. Yaronf. Ptwopdude. Sdaman. Guy Harris. Kll. Muhgcee. Lightmouse. Eastofethan. Ta bu shi da yu. RandallJones. Mezzaluna. Kuru. Alansohn. Felixcatuk.srinivaas. Zuras 538. Mcingue1. Callidior. Rjwilmsi. Teraknor.moyal. Mr. Jrtayloriv. Behildeb. 117 anonymous edits Allot Communications  Source: http://en. Pabouk. Michael Hardy. Urbanrenewal. Jeffcrews. DaBler. Lboulton.henderson. Levineps. SusanLesch. Moulding. Tinton5. Alepik. WJetChao. Katous1978. Danroa. Ohnoitsjamie. Avernet. JHunterJ. Cisco (With Greg). ProjectmanagerCHKP. Betacommand. Ashishkapahi. Tedder. Pearle. Noir. Shortride. MartinHagberg. Cybercobra. StuffOfInterest. Wprlh. Davidstrauss. Umers90. Papa9090. DaveB549. QEDquid. Xrgtn. Gail. Jim62sch. TheNewPhobia. Terrybader. Trangana. Hu12. Hu12. Togaaltos1. Bomazi. Prolog. TexasAndroid. For Loop. Rjwilmsi. Amanfbd2002. Kate. Wadamja. Plausible to deny. Mandarax. Lbelkind. Pmitrevs.bar. Psantora. Bpringlemeir. Brooke6969. King Lopez. Chenxiaoqino. Washburnmav. Lostforwords. Junkware. Ronambiar. Bleakcomb. Metadigm. Sophie. Mwanner. Belazu. Lemento. Storkk. Funchords. Bluemoose. Pdelong. Alsee. Mtruch. Sreifa. Selene 372. Krystalin 8159. Dawnseeker2000. WilliamCaban. Jcraft50. Jpbowen. Djaydem66. DocWatson42. Zedla. Agasta. Erkan Yilmaz. Peipei. Caltas. GavLewis. Jim. Johnpseudo. Mukis. Saffrony. Aristanet. Versus22. Katana0182. Smallfixer. Robina Fox. Kgrr. Jnc. Winheinhtut. Fry140. Olivier. Tomdo08.). Epolk. Rob1974. TaborL. Danhm.org/w/index. Neelix. PigFlu Oink. Pylori. Ebizdaniel. Trutkowski. Paperclip777. Bevo.php?oldid=441907094  Contributors: A Doon. Blaxthos. Jlemos35. Hellion 468. Giraffedata. Mattyinwisconsin. Nzd. MementoVivere. Tomlzz1. Funchords. Oo64eva. Guy Harris. Reactor12. BTWheeler.wikipedia. Acdx. Kitch. PaulHanson. Ash1932. Capricorn42. Jeff G. Phillip Tyre. The wub. Slashme. UU. Davis. David. GraemeL. Cooldeep. Eric Klein. Mitensampat. Rossami. Cdowninge. Iridescent. JohnnyBGood. Iridescent. Gaius Cornelius. Astor14. Philip Trueman. Rcragun. Shirt58. Brackets.org/w/index. Squirrelist. JonJuan. Downwards. GNMC. Gsarwa. Mikeblas. Simslover. JYOuyang. Mineralè. Goltz20707. Ksensenig.wikipedia. Zidoc. InShaneee. Gilabrand. Pandich. Scott McNay. Doretel. BioPupil. Meehawl.wikipedia. Nealmcb. Chulk90. Verified360.org/w/index. Ark25. BD2412. Woodshed. Mr. Austinmurphy. Aluvus. EagleOne. Alduhayman. KelleyCook. TheDJ. Uniwares.wikipedia.lala. Stepheng3. Vikipedi.matthews. Nehle. CraigB. Rhopkins8. Labarnah. Stevebrigden. Bunni25. Routergod. Beebux. Rich Farmbrough. Sam Hocevar. Minesweeper. The wub.php?oldid=444219406  Contributors: Agurwitz. Uosdwis. Alvestrand. BendersGame. BradReeseCom. Phatom87. Qwyrxian. Chaitanya. Alansohn. Jesse Viviano. Ironholds. Jerrycho13. Gordon Ecker. 1exec1. Zidane2k1. Romney yw. Tqbf. OrgasGirl. Namekatak. Woohookitty. TimQuinn. YUL89YYZ. Opelio. Frosted14. West London Dweller. Wizardman. Deepak175. OCTANE95. Plasticup. 999mal. Moskovich. Jrdioko. HD999. Chris the speller. Steven312. Frickeg. Ryker. Solarisworld. Brainyiscool.wikipedia. Mlluis. Tintenfischlein. ManosFate. Doctaweeks. Cradel. Gutenbergj. AndrewHowse.sg. John. Qxz. Harumphy. Pip2andahalf. Thingg. N328KF. Tri400. Travelbird. Annirak. M2petite. Moheed. Bill. Sandspur1966. Mar Garina. Oroso. Kelly Martin. Merope. Falcorian. Bumm13. Jni. Nuance13x. SaratogaH. AlexeyV. Cheung1303. Vanished User 1004. 31 anonymous edits NebuAd  Source: http://en. Edgarde. Deineka. Fastilysock. RJHall. Liquid Chrome1. Amilator. Rabhyanker. FlashSheridan. Mr. RamapoJohn. KiloByte. Fang Aili. Raanoo. KnowledgeOfSelf.php?oldid=446742035  Contributors: A. Homestarmy.org/w/index. Catapult. Leafyplant. Edgar Waingortin. Kirklander. Gogo Dodo. Truthdowser. Tonkie67. Malepheasant. RockMFR. Ethyr. Sig0. Curps. Ptwopdude. Yonatan. Trbdavies. Malepheasant. Nishith Nand. Towel401. Mt7. Rocastelo. Chkptone. Larry V. Gobonobo. Jcharr. Apankrat. WhisperToMe. Brholden. Red Thrush. Phil Holmes. Rupertb. Agrechin. Ned Scott. Koavf. Van helsing. Minimavus. Black206. Psychlohexane. Djeikyb. Michal Nebyla. SDC. Rubyyasmin. ArnoldReinhold. Coolcaesar. Agentbla. MikeLynch. Shadowjams. Ugilad. LesPoiEs. B Pete. Klapouchy. Sbfw. Alecv. Greenshed. Aldie. Mjlodge. Shinson. Telecart. Janegca. AntiVanMan. Cipher 107. Instantnood. Dman727. Frecklefoot. Nubiatech. Apple17cm. Mezigue. Raul654. JonHarder. Jimmy 21mar. 3 anonymous edits Narus (company)  Source: http://en.wikipedia. Brentyoung. KnowledgeOfSelf. Edcolins. Aspenjazz. Randirocks37. Abhinvanand.org/w/index. Singularity. Haywire.nakul. Aaronproot. Ahbond. YoavD. Cjsmed. Lloyd Wood. Rio de serionata. Businessmonkey. Huiguo01. Jenrzzz. UncleDouggie. Eustress. SirGrant. Rutruth. Dcoetzee. N5iln. Cisco crisco. Frap. Charlemagne11. Imperi. Specious. Rednblu. OlEnglish. Qwerty8991. Humphrey Churchill. Harryboyles. Casablanca2000in. Melcombe. MARQUIS111. Shymian. Caliper. Langloisgroup. Macpl.php?oldid=442297051  Contributors: Admanonline. Ckt2packet.org/w/index. Switzpaw. OlEnglish. DutchTreat. DJOMaul. Rcawsey. Riick. Polly. Fatla00. Nei1. Dan100. 128 anonymous edits . Goochelaar. Gmaxwell. Jadams76. GoingBatty. Lightmouse. Mbell. Bentogoa. XKL. Rjwilmsi. Squids and Chips. Harryzilber. RadioFan2 (usurped).

php?oldid=434903517  Contributors: Alinja. Teles. BananaFiend.org/w/index. Addihockey10.org/w/index. Sreeji. Kbdank71. Android Mouse. Can't sleep. Jim. Neutrality. Ibarrere. Kyonmelg. Unforgettableid. Giftlite. Jcmcclurg.Fred. DSatz. C'est moi. Dtcdthingy. Berford. Intgr. Jim. ChibaRagi. RunBAMrunfaster. The Anome. Bluebusy. YellowMonkey. Fernvale. JonHarder. Twobells. Blahu77.org/w/index.org/w/index. Simple Bob. Warrickball. Anna Lincoln. Michael Devore. Pb30. Bangowiki. 8 anonymous edits Black hole (networking)  Source: http://en. Barticus88. Mirv. Borgx.wikipedia. GoingBatty. W Nowicki. PaulHanson.php?oldid=444144130  Contributors: Alan Liefting. Chun-hian. Huon. Hqb.wikipedia. Nasa-verve. Etacar11. Nbarbettini. Kbrose. Graphitesmoothie.henderson.wikipedia. Edaelon. Bearcat. Eric Klein. Cxxl.wikipedia. Leafyplant. Gary King. Borgx.php?oldid=445291190  Contributors: AdjustShift. M3tainfo. Phatom87. Toffile. Dream of Goats. Phatom87. Fang Aili. Aejr120. Sinisterjim. 9 anonymous edits Cisco Express Forwarding  Source: http://en. Anthony Appleyard.henderson. Bigbluefish. Pnm. Slakr. CoolingGibbon. Torla42. Chrisdab. IronGargoyle. Mindmatrix. Dcoetzee. Goldenrowley.org/w/index. Jnc. Golddragon24. JonHarder.php?oldid=375135832  Contributors: Dpr. Apparition11. Connormah. Beno1000.muller. Owen. Jpbowen. Scott5114. InfoElfiq. LeaveSleaves. Daniel farrell. Glenn. Gonzopancho.henderson. OverlordQ. Glamourtree. 19 anonymous edits Blue (queue management algorithm)  Source: http://en. Paintman. Incnis Mrsi. Roy464. Storkk.henderson.php?oldid=442910119  Contributors: 2doorsdown. Mr. Jcrifasi. Michael Snow. Mongolmax. Jim. DataWraith. Vivio Testarossa. Capricorn42. Kbh3rd. Discospinster. Jec. Ahoerstemeier. Mike Rosoft. Ocram. Tassedethe. JMiall. Olivier Debre. Lerdsuwa. West. Roofbird. Jim. Useight. Jengelh. CecilWard. JECompton. Demophon. Peaceray. HereToHelp. Rdmoore6. Milan Keršláger.php?oldid=332546973  Contributors: Alerante. Dawynn. Bencejoful. Janziff. SymlynX. Pearle.wikipedia. Uncle Dick. Mboltz7664. Dondegroovily. Nurcanyilmaz. CarlHewitt. 7 anonymous edits Catenet  Source: http://en. Thepulse2007. Ian Yorston. Boscobiscotti. Rameshbabu. Wine Guy. BrainyBroad. Adoniscik.php?oldid=435868393  Contributors: Addshore. Toon05.of. Antandrus. South Philly. Kbdank71. Jamesd. Apy886. 2 anonymous edits Network packet  Source: http://en. LachlanA. W163. ZeroOne. Remarks999. Cmdrjameson. 9 anonymous edits Context-based access control  Source: http://en. Wrs1864. Ale jrb. Alvestrand. Backpackadam. The Anome. Manuel Anastácio. Mro.org/w/index. Jnc. Bkil. La goutte de pluie. Booster4324. Kazfernandes. Emersoni. Celarnor. Cit helper. Wireless friend. Copsewood.wikipedia. Martin451. All Hallow's Wraith.org/w/index. Mithaca. DaveBurstein. Icey. Dcoetzee. Biot. Jrcla2. Jeck. Cryptic C62. Kbrose. Easyas12c. Zacharyjos. Rich Farmbrough. Kgrr. Alexius08. CesarB. Stefano85. Chzz. Intgr. Foaly19. Casey Abell. Badgernet.php?oldid=447898830  Contributors: Aaronthepro. Hqb.wikipedia. W163. Cellspark. Rettetast. Jm34harvey. SocratesJedi. Guy Harris. Blanchardb. EdH. JonHarder. Avono. Dimadick. Dawynn. R'n'B. Takamaxa.org/w/index. VirulentIdeas.wikipedia. Nbilogorskiy. Marasmusine. Greswik. Slightsmile. The Nut. CliffC. Capi. Valentinejoesmith. Soldier. 4twenty42o. Robofish. Genetikayos. Benjaminmin. Quatloo. 28 anonymous edits Deterministic jitter  Source: http://en. CesarB. Linuxbeak.org/w/index.php?oldid=442321342  Contributors: Alai. M4gnum0n. Rror. Pgautier-neuze. Iridescent. Mleoking. Mysidia. Can't sleep.org/w/index. Abaddon314159. Woohookitty Theta Networks  Source: http://en. Avicennasis. Dawynn. 18 anonymous edits Viaedge  Source: http://en.php?oldid=433421226  Contributors: A. Carltonh. Johnuniq. AlephGamma.harris1. JonHarder.org/w/index. RazorICE. Chriswaterguy. D6. Eyrian. Scarian.dai. Peter Ellis. Middayexpress. Philip Trueman. Masterknighted. RickK. Altzinn. Black Falcon. Triwbe. Edward Z. PaulWay. Bazsi. Nickaubert.wikipedia. Frap. John254. YUL89YYZ. 5 anonymous edits Donald Davies  Source: http://en. Msirivia. Wihwang. Ahunt. Guy Harris. Heron. Angr. Rajah. 23 anonymous edits Business Control Layer  Source: http://en. Kvng. Shaddack. JordoCo. Marcika. Helix84.itian.php?oldid=441679490  Contributors: Auric. Schusch. Ryan Roos. Jeh. Thumperward. Timrollpickering. Ash.wikipedia. Ryan Postlethwaite. Flewis.php?oldid=398953190  Contributors: Dthomsen8. Alfrodull.wikipedia. Daicaregos. Obvious.henderson. Glenn. Edward. D6. Vaquerito. C. Jec. Acrosser. Cheatochris13. Pig de Wig. QTCaptain. Dante Alighieri. Rjgodoy. Wildwild. Lemeza Kosugi. The Thing That Should Not Be. Boomshadow. Moonraker12. AlistairMcMillan.org/w/index. Latitudinarian. Timrem. Darth Panda. Motyka.wikipedia. Icairns. JLaTondre.sarcasm. Jeff Paine. Harmil. Bayerischermann. Judgesurreal777. Baccala@freesoft. Jkl.org/w/index. Jim. Nmacu. D o z y. Andrei Stroe. Michael Hardy.org/w/index. Rick Burns. Freeingmind. Bryan Derksen. 11 anonymous edits Datakit  Source: http://en.pitre. JonHarder. Reliablesources. Flatterworld.wikipedia. DrDry55. Svick.telnet. Unyoyega. Eyreland. Chowbok. Lockley. Sadads. Hectorthebat. Shyamjithgift. Corpx. Nbirkel. Woohookitty. Porturology. JeffBurdges. Interbay. Chris55. Alansohn. Javacat. 1 anonymous edits Datagram  Source: http://en. Bkonrad. CanadianLinuxUser.wikipedia. 134 anonymous edits Stonesoft Corporation  Source: http://en. Jim. Brownh2o. Sdedeo. Yang. Lawrennd. Captain-tucker. Studerby. Yuriz.org/w/index. Djg2006. Arastcp.php?oldid=447766851  Contributors: Bearcat. Alphachimp. Mlewis000. Unaizu.php?oldid=409262059  Contributors: Alansohn. CrescentCaren. Maniamin. Black Kite. The wub. Robert K S. Tikiwont.wikipedia. Jnc. Widefox. Phatmonkey.org. Jiraffe. TheMoog. Calabraxthis.org/w/index. JLM. Manoj2009patel20dec. RichardVeryard. JonHarder. Crystallina. Bobo The Ninja.php?oldid=354091201  Contributors: Adoniscik. Deineka. Coconuts.org/w/index. Trasz. Ebraminio. RoyBoy. Ched Davis. TTZnju. S. FruitMonkey. Robert K S. Taemyr. Erkan Yilmaz. Phani96. Muhgcee. Hadrianheugh.g. Jcy1978. Storkk. ConradPino. Vulturell. Hmains.org/w/index. Aeon1006. Steven. Tombrend. Daichinger. Deb. Park3r. Maradine. PaulHanson. Trevor. Biot. CanisRufus. B. EagleOne. Devil0150. Kbrose. AmiDaniel. Whywhenwhohow. Kubanczyk. Hairy Dude. R6144. Incnis Mrsi. SDC. 9 anonymous edits Firewall (computing)  Source: http://en. Timneu22. Sgeo. Lotje. Ixfd64.NaZ. Aitias. Thomascjackson.php?oldid=448568520  Contributors: !Darkfire!6'28'14. Alan216. Cutter. Asqueella.org/w/index. Duncan. 7 anonymous edits Paul Baran  Source: http://en.org/w/index. Stevenmyan Dynamic Packet Transport  Source: http://en. Aviv007. J0lt C0la. Tohd8BohaithuGh1. Bswilson. Karl Dickman. Zondor.henderson. Jni. Mr Sheep Measham. Jeffq.Article Sources and Contributors SonicWALL  Source: http://en. Kyonmelg.wikipedia.wikipedia. Ameliorate!. Kvng. Pboyd04. KennethJ. Lethe. C:Amie. 85 anonymous edits Berkeley Packet Filter  Source: http://en. Xmm0. Joy.php?oldid=332546963  Contributors: Babbage.wikipedia. Alex Middleton. Fantasy.php?oldid=332547061  Contributors: 1exec1. Cander0000. Graham87.org/w/index.org/w/index. Anclation. Storkk. Remuel. Kvng. Cander0000. Katharineamy. Yuriybrisk. Edcolins. Eric Shalov. Cybercobra. Gordon Ecker. Mozzerati. Kbrose. Kwi. Zack.wikipedia. Ayla. EncMstr. Red Director. Andem. Shaw. MPerel. TheParanoidOne.org/w/index.andrew. Jim. Mange01. Hooperbloob. clown will eat me. Anabus. Edward. GoingBatty. Frehley.wikipedia. Stepheng3. Splash. Beezhive. TNLNYC. Bissinger. Leif. Gronky. Retired username. Donreed. GcSwRhIc. Bband11th. Nikola Smolenski. Oicumayberight. Oe2k. Maximus Rex.php?oldid=431099959  Contributors: Chowbok. CarlHewitt. Vipinhari. Karstbj.php?oldid=425344853  Contributors: CactusWriter. Brholden. Bugkarma. Chetvorno. Perry Bebbington. Chrisdab. Hadal. The Anome.wikipedia. Losthighway. 4 anonymous edits Christmas tree packet  Source: http://en. The Anome Chernobyl packet  Source: http://en. Hetar.. JMiall. Cantons-de-l'Est. Discospinster. 151 anonymous edits Active queue management  Source: http://en. Closedmouth. Tillman. Nurasko. 123Hedgehog456. 26 anonymous edits Data Path Acceleration Architecture (DPAA)  Source: http://en. Bucketsofg. Mhkay.Hull.org/w/index. Bevo. Rsduhamel. Joel7687. Remuel. Intgr. Martarius. 9Nak. Jscroggin. The wub. 5 anonymous edits Cut-through switching  Source: http://en. Cburnett. Gascreed. Mleoking. P. Boleyn. Suruena. Adrian. Caerwine. Crystallina. Michael Hardy. Joris. 6 anonymous edits Broadcasting (computing)  Source: http://en.org/w/index. Zginder. Arakunem. Timan123. CesarB.php?oldid=439892905  Contributors: Ankur19852007.org/w/index. Sarath02. Bryan Derksen. Sgeo. Srimech.Harris. Mintleaf. Richie SWFC. Pyrop. 174 . Networkengine. Hadal. Johnshepler. Smohideen2000. TheKoG. Eraserhead1. ImGz. Derbeth. W Nowicki.wikipedia. Haseo9999. Cffrost. Jesse Viviano. Jaimie Henry. Jpbowen.wikipedia. Eastlaw. Torla42.php?oldid=408009017  Contributors: Cedars. clown will eat me. Crakkpot. N5iln. Francs2000. Frap. Rich Farmbrough. SCΛRECROW. Noorg. Rick Sidwell. =Josh. KConWiki. HupHollandHup. Amirpak 86. Henk. Bender235. Timotheus Canens. G7huiben. SimonP.wikipedia. Barakw. Crystallina.php?oldid=440433412  Contributors: Bearcat.benko.wikipedia. Bryon575. Kenny sh.php?oldid=444739845  Contributors: 16@r. 1 anonymous edits Fast packet switching  Source: http://en. P1h3r1e3d13. Лев Дубовой. Bobo192. Craiglew1508.php?oldid=445083184  Contributors: Alvestrand. Frap. Ews23. Cryptosmith.doom. Ketiltrout. Petr Kopač. Beetstra. Paul Weaver. Jpbowen.henderson. Jrcla2. Ucla90024. Wilhelmina Will Data-dependent jitter  Source: http://en. Jnc. R Calvete. Black Kite. Brianga. Ans-mo. Caerwine. Rich Farmbrough. Osu-mike. Suruena. Nagy. Retran. Dogaroon. Albedo.org/w/index. Haichen12. Capricorn42. Elfguy. B Pete. Greenshed.wikipedia. Chuck369. Elonka. Koavf.php?oldid=438289667  Contributors: Alan Liefting. R. Blueronin. Joyous!. Mboverload. Learjeff. SueHay. Wik. Foobaz. AAriel42. TravisTX. Caydel.php?oldid=437684258  Contributors: Adoniscik. EdH. Random user 39849958. CharlotteWebb. Dixonjohnpaul. Collin.wikipedia. Lewisoaten.

Wubrgamer. Slakr. Rbmcnutt. Weylin. Everyking. clown will eat me. Kinema. Haqpunk. Shawniverson. Netalarm. Tellyaddict. Cwolfsheep. EQ5afN2M. Topspinslams. HatlessAtlas. Ruzihm. Charles Matthews. Red856. Secret. Ggiust.bar. Materialscientist. Equendil. Nuttycoconut. ST47. Object01. Biot. Wavelength. Ryan Roos. Ws227. Vendettax. Chenzw. Tcncv. Doug. Voidxor. Simeon H. 11 anonymous edits Jitter  Source: http://en. 4 anonymous edits GSM 03. Hugger and kisser. Radiant!. Michael Hardy. Richard001. Wikialoft. Muheer. GDallimore. Wmahan. Phirenzic.org/w/index. Raanoo. Dzordzm. Pinethicket. Mad9cat. David Haslam. Jennavecia. Nealmcb. Wknight94. Davidoff. GTBacchus. Jigesh. Wmasterj. 18 anonymous edits 175 . Tbird1965. Fulizer. Keegscee. Rich Farmbrough. 5tych5. Hussam92. Od Mishehu. Teenboi001.org/w/index. TombraideerIIdeadmanschest. Vinucube. Can't sleep. RedWolf. Piet Delport. Thecheesykid. Rivanvx. Dse. Killiondude. Dfranke. Kbrose. Qwyrxian. Pmattos. Aleksey Gerasimov. Khym Chanur. Smallgene. Mro. Epbr123. Learjeff. Pharos.wikipedia. Dougher. AB. Fudoreaper.wikipedia. Dark Lord of the Sith. Unschool.php?oldid=446854804  Contributors: Abdull. ILRainyday. Pb30. Intchanter. Talyian.amdphreak. Indefatigable. Claude. Joy. Apshore. NetRolller 3D. Graphitesmoothie. Jec. BigFatBuddha. Kubanczyk. Someguy1221. JonHarder. Matticus78. Rumping. Rwxrwxrwx. Kvng. Fang Aili. Frap. SarahKitty. Katharineamy. Auric. MrOllie. Seb az86556. Lir. Venom8599. Fightingirishfan. Visor. Mctmike. OlavN. Mernen. Pnm. Egil. FisherQueen.batters. Nakon. BlueEarth. Watson Ladd. Storkk. Mouchoir le Souris. 52 anonymous edits Mangled packet  Source: http://en. Stevietheman. Jchandlerhall. Lee Carre.org/w/index. Mattloaf1. Mwanner. Damadm00. WikipedianMarlith. OlEnglish. SlipperyHippo. JonHarder.php?oldid=445711028  Contributors: 1ForTheMoney.wilton. BeaverWithChainsaw. Stephenman882. Cubbyhouse. Dandorid. Paul. Drbreznjev. Griffenboy. Minnaert. Hungery. UncleBubba. Lauk. Emailtonaved. Kgentryjr. Missionary. Vakanuvis789. Jim. Tinucherian. Cmdrjameson. The Thing That Should Not Be. Indefatigable. Statkit1. Silver seren. Rj. JzG. Nnp. Tide rolls. Red Thrush. Booch.wikipedia. JasonTWL. Intgr. Loren.org/w/index. Convenient ByStander. CYD. Ouzo. Benlisquare. Mrwojo. Tobias Bergemann. Da Vynci. FreplySpang. Patrick. Draglon. Ham Pastrami. Tranzent. Σ. Rich Farmbrough. Prunesqualer.php?oldid=440686361  Contributors: AdmJamrep-NJITWILL. Iune. WilliamSun. Legotech. Kablammo. AndrewMollison. KnowledgeOfSelf. Hairy Dude. MJ94. J. TheYmode. Twinkie Assassin. Nneonneo. Boscobiscotti. VernoWhitney. Douggie1085.pande. Suruena. December21st2012Freak. LachlanA.48  Source: http://en. Edcolins. Philip Trueman. Emmzyy. Escape Orbit. Robbie Cook. Rl. Greg Grahame. Frap. Nwk. Transcend. Jec. Isheden. Gogo Dodo. Viriditas. Rocketgoat. Piet Delport. MercuryFree. Mwalsh34. Sephiroth storm. Sporkmonger. Mikm. Demonkoryu. Nuno Tavares. Nancy. Kralizec!. Janitor5. RoMo37. PrestonH. TripleF. Fresheneesz. Wiki Wikardo.0. Tim. Dman727. Piano non troppo. Sensiblekid. Gogo Dodo. Reguiieee. Sferrier. Shawnj99. Arise Sir Loin of Beef. Josh Parris.wikipedia. Malo. Trevor MacInnis. Lee Carre. Yama. Jeff G. Bobbis. Ju66l3r. DragonHawk.org/w/index. JohnCub. Tdcrone. Njmanson. Nuno Tavares. 4 anonymous edits Gigapackets  Source: http://en. Eequor. Kealper. Rchandra. Omegatron. Rs2. Kevin Saff. CyberSkull. Dbrooksgta. T Houdijk. Lilac Soul.org/w/index. Dan6hell66. Tigermonkey. Dysprosia. Boardtc. Timotab.org/w/index.wikipedia. Skacel8. Wimt. DonDiego. Julesd. Wheely Guy. 54 anonymous edits Jumbogram  Source: http://en. Lee Carre. Turnstep. Da monster under your bed. Vrenator. Creed1928. Fastily. TheCommunist1994. SGGH. Kvng. Postrach. BazookaJoe. Suicidalhamster. Neurolysis. Lee Carre. Tad Lincoln. Rwessel. Suruena. Hps@hps. Prasan21. Insanity Incarnate. Spartanhelmet. Arkrishna. JTN. Brianjd. Nasa-verve. Moldylemonmedia. Kozuch. OwenX. Xaje. Seb26. Eliteops1. The Anome. Heron. Japanese Searobin. Tushard mwti. TheMandarin. Deville.wikipedia. Ntolkin. Michael Hardy. Dawynn. Rev3rend. Richard. Mitaphane. Rbarreira. Niteowlneils. NeonMerlin. Megaboz. Cougar w. J. Jaho. Mattgibson. Codinghorror. Hoods11. Jay. Skyezx. Eldraco. Guitardemon666.wikipedia. Dcampbell30. Electron9. Canis Lupus. Gilliam. Njaard.Article Sources and Contributors Corvus cornix. Dcoetzee. Split Infinity. Possum. LeinaD natipaC. David. Sam Hocevar. Tinton5. Brown. Wyatt915. Xaosflux. Fahadsadah. Coolhandscot. Harkathmaker.wikipedia. MarkRose. Zeroshell. JohnCD. Florescent. MrBenCai. Fabioj.php?oldid=438815409  Contributors: Bearcat. Petzi1969. Jclemens. Mcicogni.org/w/index. Ryan Roos. Trevor1. Grammarmonger.wikipedia. New Age Retro Hippie. Giftlite. Discospinster. NawlinWiki. EliasAlucard. Bobo192. Sceptre. Peter. Kandarp. E Wing. JonHarder. Vonvon. Diberri. Nachico. Burfdl. Knacker ITA. Yorick8080. L33th4x0rguy. Petzi1969.org/w/index. Fresheneesz. Femto. Davipo.wikipedia. Danski14.8261  Source: http://en.org/w/index.piegorsch. Satori Son. Javert. Gatta. Kvladiko. Inov8er. Mrzaius. Electron.php?oldid=422163972  Contributors: AndreasWittenstein. Josemi. Ricky81682. Cheetoian.org/w/index.php?oldid=436864929  Contributors: 16@r.org/w/index. Gxojo.C. Nachoman-au. Twinxor. Deewiant. Feureau. Hu12.php?oldid=407829618  Contributors: Alan Liefting. Elcasc. Dean14. Poccil. Roseurey. Ross Fraser. Mac. Tcosta. Disorganized 676. Jurgen Hissen. Occamsrazorwit. Robofish. Woohookitty. Rebel. Phatom87. NellieBly. Moreati. Rchandra. Interiot. FleetCommand. MMuzammils. Lockeownzj00. JForget. Stevenmyan. Mange01. Karnesky. Waelder. Dmccreary. G7yunghi. WikiLaurent. SoCalSuperEagle. Nneonneo. Scientus. Iamxsj. Mspraveen. Jec. Hetar. OlEnglish. Desirsar. Accdude92. Ground Zero. Noctibus. Attilios. Pielover87. Katalaveno. SecPHD. Random name. Prashanthns. Jeh. R'n'B. Noctibus. Eraserhead1. Alksub. Lambtron. Kenyon. Hax0rw4ng. WikiDao. Justin20. DavidChipman. Ciaran H. Theda. Dandorid. Erencexor. Charles Matthews. Lakshmin. Mange01. GoodwinC. Jalal0. Seba5618. Jimyoo. Manuel Anastácio. SkyWalker. Stratadrake. RJFJR. Hiebert.php?oldid=441693061  Contributors: Dub13. Daichinger. Matthäus Wander. Flewis. Barcex. Gracefool. Kvng. Rigworm. Deville. Thingg. Osky283. Nick Number. Batmanand. Lee Carre.mtview. CesarB. Tevildo. Jackrockstar. Jramsey. Nunquam Dormio. Eagleamn. Splintercellguy. Ohnoitsjamie. Tombomp. 138 anonymous edits Jumbo frame  Source: http://en. Chris the speller. Msebast.php?oldid=446204325  Contributors: A5b. Lolsalad. Cybjit. Ordo. DESiegel. Robofish. Jpgordon. Zetawoof. Jfilcik. Iokerapid. Kbdank71. Storkk. Cenarium. EBorisch. Amire80. Paul D. Jóna Þórunn. Colin Marquardt.wikipedia. Debackerl. Lukevenegas. Jobeard. Ricky. Netsnipe. EddieNiedzwiecki. Jan1nad.php?oldid=441847423  Contributors: Achilles2. Materialscientist. Joseaperez. Sitearm. ZimZalaBim. W Nowicki. Bookandcoffee. Isilanes. N328KF. Rich Farmbrough. Rror. Badmonkey0001. DevastatorIIC.. The Garden Gnome. Wai Wai. Gurch. Gascreed. Quentin X. 9 anonymous edits Lag  Source: http://en. Huyi. LeoNomis. DVdm.henderson. Sanfranman59. Jrmwng. Liveste. Pissant. FunkyBike1. Khirbat. Eponymosity. Intgr. Mindmatrix. 8 anonymous edits Martian packet  Source: http://en.. JonHarder. Ancheta Wis. Sgeo. ADobkin. Greenrd. Requestion. Deville. JonHarder. 38 anonymous edits Frame check sequence  Source: http://en. Kbrose. Markrpw. Rjwilmsi. Why Not A Duck. Sepersann.org/w/index. Tlesher. Forenti. Firsfron. LOL. Ciphergoth. Mysdaao. Rami R. Wahooker. Cyndler. Luna Santin. Johnaduley. Danutz. Rod57.org/w/index. Stonehead. Wordwizz. Wk muriithi. DerHexer. Ghaly. Jpbowen. Cavebear42. EdwinGroothuis. Kjwu. Luna Santin. Oxymoron83. CASE. Akassix. 1263 anonymous edits Frame (networking)  Source: http://en. Sparky132. Nmadhubala. DStoykov. Phoenix314. Radagast83. RainbowCrane. 8 anonymous edits Packet loss  Source: http://en. Gurch. Ch'marr. JanCeuleers. Kizor. MER-C. Lordjamex. Rick Sidwell. Haakon. M347758. Jebba. Dysepsion. The Anome. JonnyJinx. Stephen G. Chrumps. Djg2006. Aarktica. CraigB. Jusdafax. Wtmitchell. Phatmonkey. Akendall. Storkk. Purpleslog. Toffile. Guoguo12. Taxman. Verfee. The Anome. Willisja. NewEnglandYankee. Nasa-verve. ENeville. Goodyhusband. Heywüd. Kvng. FreplySpang. DARTH SIDIOUS 2. Tobias Bergemann. Enric Naval. Kermesbeere. JonHarder. KCinDC. Bryan Derksen. Geoff B. Crazysane. HappyCamper. Jeffrey Mall. Kbdank71. Kvng. Vlhsrp. Deelkar. NawlinWiki. Marcuswittig. LegitimateAndEvenCompelling. HarisM. ToobMug. Casablanca2000in. Cillie. FatalError. L337p4wn. Ptk. Alansohn. Anonymous Dissident. LilHelpa. MichaelMan64. Matt Britt. DemonThing. La Pianista. Peyre. Phatom87. Cryptosmith. KnowledgeOfSelf. Mailer diablo.wikipedia. El C. DoogieConverted. Mashby. Bevo. Stephenb. Tom k&e. Heywüd. Johnshepler. Grand Edgemaster. Rtouret. Gerbrant. Woohookitty.wikipedia. Jmprtice.fachkha. Chair Blaster. ElKevbo. NightFalcon90909. Wsmarz. Halmstad. Cmathio. Dreadstar.php?oldid=423816246  Contributors: ArtsCountyFair. Hibernian. XandroZ. Snigbrook. Maxamegalon2000. Ascánder. JDavis680. Chscholz. Yik Lin Khoo. Rsrikanth05. Rpspeck. Monkeyman. KnightLago. Hokiehead. Smalljim. LeaveSleaves. Kenyon. Geffmax. DeadEyeArrow. Nposs. Mendaliv. Emperorbma. Pabouk.delanoy. Hadal. Furrykef. Kubanczyk. Frecklefoot. Muhandes. Tide rolls. Sysy909. 3 anonymous edits Maximum segment size  Source: http://en. Ulrichlang. Harryboyles. Mortein. Kf4yfd.php?oldid=448310043  Contributors: Closedmouth. Lucy1981. MartinHarper. JonHarder. Dismas. Seddon. Frap. Milan Kerslager. Casito. Sleske. Tbhotch.wikipedia. DJ Clayworth. Marek69. Manop. Harland1. Miremare. Ixfd64. Imcdnzl. Grapht. Jlavepoze. Crissov. Debresser. DerHexer. PuzzletChung. Πrate. JSpung. Woohookitty. RoyBoy. Zabanio. Bagatelle. Leszek Jańczuk. Zack. K001. Wtfnoob. Lubos. Ttwaring. Drmies. Meaghan. TexasAndroid. SJP. Tim874536. CronoDAS. Storkk. Sheridp.php?oldid=436367126  Contributors: Bobblewik.delanoy. Jusdafax. Wrs1864. VasilievVV. Cometstyles. Muhandes. Oli Filth. Dols. Ary29. Hamzanaqvi. Leizer. Info lover. Kglavin. Kamathvasudev. Martarius. Kbrose. Fynali. Firefly322. Stuartyeates. Jdeere man. OisinisiO. Theymos. Waskage. Tapuwiki IPv6 packet  Source: http://en. Thearcher4. OpenToppedBus. TenOfAllTrades.Dunstan. Woohookitty. The Kinslayer. DSatz. Lincolnite. Soap. Wk muriithi. Meandtheshell. Jaraics. Nimiew. NortyNort. Schlyne. Maheshkumaryadav. Dcoetzee. Henry W. Pabouk. CohenTheBavarian. Qxz. Rp751786. Mrlumpycole. DGJM. Terronis. Persian Poet Gal. V8rik. Phatom87. YUL89YYZ. CesarB. Gc9580. Blahbleh. CecilWard. Mike. CanisRufus. Mr. Anderson. Hadal. Linkoman. Purplepumpkins. Equazcion. JZelos.php?oldid=444465818  Contributors: Alq131. TutterMouse. Pabouk. Ramu50. Eyreland. DeathByROFL.org/w/index. Rjwilmsi. Mange01.wikipedia. Mysterytrey. Danshelb. Dandorid. L'Aquatique. TheGreatFoo. Imroy. Sephiroth storm. DagErlingSmørgrav. Randilyn. Aulis Eskola. Brewcrewer. Rafiwiki. S0me l0ser. Nihiltres.php?oldid=443908554  Contributors: Adoniscik. JonHarder. LachlanA. OGoncho. RayneZXZX. The undertow. Cybercobra. J Milburn. Scetoaux. Frap. Mygerardromance. Quercusrobur. Newone. CosineKitty. Mariagor. Yk Yk Yk. Doctorfluffy. Mandramas. Elagatis. Tsunanet. Adrignola. Haseo9999. Blakewestwood. Rninneman. Kyonmelg. Bubbachuck. Fragglet. LeonTang. Wrs1864. Imcdnzl. Zntrip. Closedmouth. Gonzonoir. Hpa. Seano1. Cwolfsheep. Mix Bouda-Lycaon. Mark Chung. Simetrical. KnowledgeOfSelf. Mc6809e. Hans Persson. Ophel. Djdancy. Oddbodz. 297 anonymous edits Link state packet  Source: http://en. WPANI. Gdt. Joyous!. John Siau. Nageh. Jtir. Sg313d. Lets Enjoy Life. AlistairMcMillan. Frap. Kyleflaherty. Gardar Rurak. Graham87. Spearhead. Allen3. Spazure. Otisjimmy1. 28 anonymous edits G. Expertour. Mirv. Widefox. Bvavasseur. Acegik. JonHarder. Jalara. Regancy42. Debresser. Jeff G. Suruena. Tjbk tjb. Danhm. RadioActive. Prari. Racerboy. Willy on Wheels over Ethernet. JYOuyang.kandy. TheRa'ike. ShyShocker. Jibjibjib. Husond. Robertvan1. CanisRufus. Intgr. Mild Bill Hiccup. Gstroot. JonHarder. Rurigok. Schmitt. MickWest. Fish and karate. Henriquevicente. Skrewz. Hairy Dude. Thatguyflint. DMahalko. Shiro jdn. Elieb001. Just James. Tommysander. Qrsdogg. Vilerage. KangKnight. JonHarder. Siroxo. Jhi247. Ifeme. Thoobik. Weylinp. Ilpostinouno. Hazawazawaza. Gaiterin. Woohookitty. MichaelGoldshteyn.

wikipedia. Seifried. Mjb4567.wikipedia. Coolgamer. Malcolm. Mini-Geek. Can't sleep. Milan Keršláger. The Original Wildbear. Phatom87. 3 anonymous edits Packet analyzer  Source: http://en. Widefox. 325 anonymous edits Packet Assembler/Disassembler  Source: http://en. Roy2009. YUL89YYZ. Cwolfsheep.php?oldid=444871256  Contributors: Althena. Zhou Yu. PaulHanson.php?oldid=447756520  Contributors: AManWithNoPlan. CyberSkull. PBP. Gaius Cornelius. Lucanos. Giftlite. Casey Abell.org/w/index. Idril. GPHemsley. Kthnxrick. Itai. Wheet. BenFrantzDale. El Cubano. DragonflySixtyseven. JTN. Mleoking.org/w/index. Jerrysmith222. Jokes Free4Me. Kalathalan. Freedomfighter21. Ee02b022. 16 anonymous edits Packet concatenation  Source: http://en.Article Sources and Contributors Maximum transmission unit  Source: http://en. Dcoetzee. Capricorn42.org/w/index. Lexikorn. Gbelknap. Jones. Logicat. Skyschulz. 17 anonymous edits NIST RBAC model  Source: http://en. 39 anonymous edits Protocol data unit  Source: http://en. Marksza. Bearcat. Cgarciap86. Pegship. Jkl. Ali@gwc. Storkk. Waskage. 6 anonymous edits Packet switching  Source: http://en. Stephen.wikipedia. Lee Carre. Steven. CarolGray. Kbrose. The Singing Badger. Kgrr. Pedant17. John Vandenberg. Mange01. 11 anonymous edits Packet segmentation  Source: http://en. SpacePacket. Woohookitty. Тиверополник. Tonkie67. Frap. Scoutersig. 7 anonymous edits Out-of-order delivery  Source: http://en. Prondou. Synchrodyne. Jnc. Malcolma.wikipedia. GrahamDavies. Guy Harris. The Evil IP address. Tammyzhou1983. AlphaPyro. Aldaron. Jmaes123. Babbage. Nubiatech. JosephBarillari.henderson. Suplamer. Smithwillscott. Michael Devore. Zhou Yu. NawlinWiki. Jerrysmith222. 3 anonymous edits OmniPeek  Source: http://en. Selfev. Niclas Wiberg. M4gnum0n. Thomas d stewart. Thingg.wikipedia. Lightmouse. Ron shelf. Borgx. JoanneB. CosineKitty. Mormegil. Andponomarev. Xchbla423. YUL89YYZ. Graeme Bartlett. Wa3frp. GregorB. Rjwilmsi. NoExec. Mojodaddy. Mitch Ames.125. My007ms. NI Team. Knuckles. 4 anonymous edits Packet-switched network  Source: http://en. Frap. Omegatron. Whitepaw.php?oldid=441691777  Contributors: Alynna Kasmira. Itusg15q4user. Gogo Dodo. MCBastos. Rholton. Kai. Excirial. Kvng. JohnGrantNineTiles.php?oldid=406216024  Contributors: Baggie. BertK. Alantekore. Blerg1. Welsh. Bezzm.org/w/index. Selket. Ali Esfandiari. MOM4Evr. Rich Farmbrough. Ewlyahoocom. GPHemsley. 223 anonymous edits Packet telephony  Source: http://en. Discospinster. Bogsat. Getcrunk. Noctibus. Ciphers. Thumperward. JonHarder. Bobier.H. Avalon. Faithtear. Timsk. Mendaliv. clown will eat me. Kvng. Leblondleblond.php?oldid=440067247  Contributors: Akshaygs. Chancemill. PeteShanosky.wikipedia. Gfoley4. Jy. Chris the speller.wikipedia. FJPB. Rjwilmsi. Lostchicken. Jpbowen.php?oldid=447899712  Contributors: Amorymeltzer. B4hand. Jason Stormchild. Yang. Mange01.org/w/index. Storkk. Gerfaut. JonHarder. Bradyok. Tmaufer. Josh Parris. Anaxial. Steven Zhang. Voidxor. 40 anonymous edits Public switched data network  Source: http://en. Jonnyct. Loadmaster. Shilpi2809. Rich Farmbrough. Xezbeth. SCΛRECROW. Jopsen. Jim. Mantipula. MER-C. Zackman90. The Anome. WaffleMonster. Dawnseeker2000. Jamescfield. Fredeccles. AxelBoldt. Imcdnzl. Dgtsyb. Fishyghost.delanoy. Guy Harris. Chris the speller. Meredyth. R'n'B. Moondyne.org/w/index. 217. Dirtydan667. Nick Number. The Thing That Should Not Be. CesarB. Wafulz. Jrtayloriv. Ashwin18. Frencheigh. Itusg15q4user. Dawnseeker2000. Ec2049. Tobias Bergemann. Woohookitty. Kbrose. Cxxxap. Loftenter. Wrs1864. Polyakov. 28 anonymous edits Packet injection  Source: http://en.wasylewski. Thumperward. Haza-w. Abdull. Edcolins. Kbrose. Manaskb. Miracle Pen. Ioeth. Teancum. Julesd. Bloodshedder. Wirbelwind. J.cn. Sonic Mew. Eastmain. Palmer1973. X!. RJHall. Hcberkowitz. Logictheo. Roger Davies. Nurg. K12u. Lightmouse. Rich Farmbrough. Rvalles. Nv8200p. JTN. SpacePacket. Itusg15q4user.org/w/index. Onthegogo.wikipedia. W163. Hooperbloob. Jtk. Nmatpt.H.wikipedia. Crossmr. ZeroOne. Psrdotcom. RedWolf. Imcdnzl. Terra Xin. Deema AlShamaa. JTN. Hu12. Aldie. Btyner. Groyolo.php?oldid=377480337  Contributors: ApolloCreed. Jamsignal.wikipedia. Adambiswanger1. Kabdcn. Jimj wpg. Michael Devore.php?oldid=332547189  Contributors: Phatom87. Intgr. Haseo9999. Evil saltine. Mange01. NetRolller 3D. UU. Wpifer. Neilc. Omegatron. Paulfeakins. 2 anonymous edits 176 . Bevo. Betbest1. Jnc.wikipedia. Jonnyct. Alxeedo. Huntscorpio.wikipedia. EGSchwartz. Excirial. Hjf. Glenn. JTN.php?oldid=421972347  Contributors: AlistairMcMillan. AlistairMcMillan. No1Jenny. 1 anonymous edits Ping (video gaming)  Source: http://en. Diberri. Darth Panda. Kbrose. Karada. MrOllie. Kaare.php?oldid=421573374  Contributors: 4twenty42o. Dnas. CesarB's unpriviledged account. Unixguy. W Nowicki.php?oldid=408353584  Contributors: Adamantios. From That Show!.wikipedia. Xaje.org/w/index. MS3FGX. Winterst. Giftlite.henderson.org/w/index. Ricojonah.dai. Tagishsimon. Cgdallen. Rdmoore6.org/w/index. Brewhahaitsme. Fromageestciel. Katharineamy. Ryan Roos. Joy.org/w/index. Jnc. 48 anonymous edits Packet-switching node  Source: http://en.wikipedia. Jedonnelley. Zaf.wikipedia. Benhoyt. JMiall. Devourer09. David-Sarah Hopwood. Retodon8.henderson. Yinwulanyu. Mange01.php?oldid=427695232  Contributors: DR (usurped). Nmacu. Lee Carre.wikipedia. Itusg15q4user. Gundark. Bobblehead. Mild Bill Hiccup. PaulELong. Bsadowski1.delanoy.php?oldid=332547289  Contributors: Big Bob the Finder.org/w/index.filmond. Harryzilber. DeadEyeArrow. 175 anonymous edits Network congestion  Source: http://en. Biasoli. CarlHewitt. Toreau. Storkk. Securitywiki. Nekohakase. Netcrash87. Rdmoore6. Piet Delport. R'n'B. JonHarder. Radiojon. Richard W. Ged Davies. Dave Cohoe. Shaddack. Maurreen. Yuanli. Gardar Rurak. Ppike. Niteowlneils. Gurch. Jpbowen. Mjb4567. Rememberway. Corpx. Luk. Peruvianllama. Tsange. QmunkE. PierreAbbat. Philbarker. Maurreen.org/w/index. Cburnett. Tempshill.php?oldid=425345090  Contributors: Pnm. Schmloof. SunCreator. Mudalagi. Kenyon. Djsuess.a. Qwghlm.253. DylanW. Riffle. Giftlite. Brookshawn. Stwalkerster. Incompetence. Tgwaltz. Rich Farmbrough.H. Rogue Editor. ThreePD.org/w/index. Teemu Maki. Bjelleklang.php?oldid=448224650  Contributors: 213. Oli Filth. William Avery. Edward Z. Diodime. PrimroseGuy. Ninjakttty. Malcolma. Eastlaw. Epbr123. Packetman. Merope. PerryTachett. Peyre. Gardar Rurak. Bobblewik. Mancini. Bobier. ManuelGR. John 34345. Joshurtree. Hgmichna. Gerald. Jim.wikipedia. Martyvis. Jpatokal. Mbarbier. Pgr94. Guy Harris. Woohookitty. Useight. Richard cocks. Тиверополник. 8 anonymous edits Packet generator  Source: http://en. M4gnum0n. Brooks.php?oldid=435085280  Contributors: Bearcat. 802geek.org/w/index. BradBeattie. Dgtsyb. Xcentaur. Jim. Jm34harvey. Paquitotrek.org/w/index. Yuanli. Ahoerstemeier. DonDaMon. Guitarist6987876. Marasmusine.org/w/index. Dgrahame.wikipedia.combs. Maximaximax. Liotier. CecilWard. Hm2k. Vary. RedWolf. Mild Bill Hiccup. Jnc.php?oldid=442089761  Contributors: Billc.Petrenko.org. TubularWorld. The Anome Packet aggregation  Source: http://en. Enduser32. Stw. Christophernoland.39. Chameleons84. Nicenevil. W Nowicki. That Guy. Zondor. JohnOwens. Justin Piper. Nurg. GoingBatty. Jim. Jpbowen. Let4time. Ewlyahoocom. MER-C. Neurolysis. Torla42. L Kensington. Rhobite. Usangel1066. Gbelknap. Sephiroth storm Packet Switch Stream  Source: http://en. Nuno Tavares. Airplaneman.wikipedia. ZoFreX. Thparkth.php?oldid=369677408  Contributors: Adamantios. Veinor. Boscobiscotti. The Anome. Phatom87. SarahStierch. Binksternet.php?oldid=442837325  Contributors: Bbx. JNW. DylanW. Gentleman wiki. The Anome. Dead3y3. Groundeyes. Donreed. Charles Matthews. Rick Sidwell. Phatom87. Alex6273. Badseed. 4 anonymous edits Packet transfer delay  Source: http://en. Guy Harris. Paul1337. Fleminra. 4 anonymous edits PARC Universal Packet  Source: http://en. I2so4. Netmoninc. Karol Langner. Mebden. MarkmacVSS. LawrenceGRoberts.org/w/index. Gaius Cornelius. GoingBatty. MacStep. FromOrleans. Reliablesources. Mikeblas. 12 anonymous edits Packet capture  Source: http://en. EAderhold. Jasrocks. Kvng.php?oldid=444049931  Contributors: A. Dhar. EvanCarroll. NapoliRoma. Omegium. J.org/w/index.org/w/index. Calmcz. Ynhockey. Glenn.hprastiawan. Xofc. Jedi Master Brownlow. Wmasterj. ExDPN100Engineer. AlphaEta. PeterEasthope. Mild Bill Hiccup. Tom94022.henderson. R2jitu. A. Sricciar. WereSpielChequers. Btilm. Jeremy Swinarton. Kvng. Wingsandsword. Colasoft capsa. Gazpacho. Wizard191.php?oldid=418128155  Contributors: KelleyCook Packet drop attack  Source: http://en. Rspanton. Negrulio. Nightstallion. NBuccalo. Kate.Ferguson. Ospalh.wikipedia. Kgrr. Crispmuncher. Someone42. Jaffar. EagleOne. Isnow. Dkleeman. Bryanarnold. WereSpielChequers. Yamaguchi先 生 . Wipe. Bearcat. Jpbowen.0. Tinucherian. Nitiniit. BarretBonden. Hairy Dude. Bp2010. Helix84. PabloCastellano. Plugwash. Vidiii. Skapur. RedWolf. Jeffmcfarland. Timwi.wikipedia. Mange01.org/w/index. R'n'B.xxx. Dhammala.wikipedia. Graeme Bartlett. JeLuF. JonHarder. Tmaufer. Frap. Woohookitty. Manop. Ilario. Itusg15q4user. Smsarmad.php?oldid=441122659  Contributors: Frap. Mandarax. Pearle.126. Skier Dude. Tatrgel. Pcap. Jdm64.wikipedia. Midnightcomm. MetalGearLiquid. N3ddy. Kundor. Nimiew.php?oldid=390003240  Contributors: Guy Harris. CanadianLinuxUser. Rhodekyll. Storkk.org/w/index. Ishi Gustaedr. Voyagerfan5761. Bumm13. Kk2mkk. LachlanA. David-Sarah Hopwood. Andrewpmk. Abune. Piet Delport.php?oldid=422939538  Contributors: Barberio. Thegn. Dky89. Wireless friend. Hamster2. Discospinster.M. Francs2000. Philip Trueman. Kablammo. Jaizovic. LouScheffer. GoingBatty. JonHarder. Lambiam. BayTech. Closedmouth. JIP. Newman9997.xxx. Johnbojaen. Fumblebruschi. Sowsnek. MarkFrancisMullins. Pyrotec. Networked. 14 anonymous edits Robust random early detection  Source: http://en. Wpifer. Foobaz. J.smith. CIreland.org/w/index. Margin1522. Watson1966. Psmith811. Mleoking. Kungfuadam. Foelectric.wikipedia. Rogger. Vrenator. Timtim101. Deineka.wikipedia. Wheet. Jim. Edward.henderson.org/w/index. Barberio. Guy Harris.php?oldid=389942039  Contributors: Guy Harris. Xxsquishyxx. Hetar. Ground Zero. Watson Ladd. LeviathinXII. Mboverload. Rabarberski.org/w/index. Waveguy. KVDP. Trevor d. Fresheneesz. Yuanli. Rwhalb. Conversion script.uk.

Nealcardwell. Tbhotch. Jaeger5432.wikipedia. Jeaux Bleaux. Jonverve. W Nowicki. Phatom87. Mdupont. ILF.wikipedia. JonHarder. Pseudomonas. OliverTwisted. Mascurader. Erik9. Enduser. Suruena.wikipedia. Choalbaton. Zgadot. Robofish. 2 anonymous edits Statistical time division multiplexing  Source: http://en. Fredgoat.org/w/index. Edward. Martin Hinks. Kvng. Ximensions. The Anome. Sietse Snel. Btyner.php?oldid=437942335  Contributors: Daniel.org/w/index. Makibaohm. Discospinster. JonHarder. LilHelpa. Jleedev. Cmdrjameson. Fred Condo. Noted trip3.wikipedia. Jbartas.php?oldid=421971650  Contributors: Invitatious. Radagast83. Jgm7. Kbrose. Tassedethe. SpacePacket. The Anome.php?oldid=447807544  Contributors: Are you ready for IPv6?. Thomasyen. IMSoP.wikipedia. JonHarder.wikipedia. Guy Harris. Storkk. Modify.Article Sources and Contributors Raw socket  Source: http://en.php?oldid=332547365  Contributors: Commnerd.org/w/index. 1 anonymous edits Start Frame Delimiter  Source: http://en. Rholton. Edward. Mange01.org/w/index. 28 anonymous edits Syncword  Source: http://en. Bonadea. 6 anonymous edits TCP reset attack  Source: http://en. Reisio. NortyNort. Storkk. Melcombe. R'n'B. Mikm.php?oldid=418660128  Contributors: DanielPharos. Flydpnkrtn. Mboverload. Mmernex. Sam Hocevar. JMay. Riggler.php?oldid=332547334  Contributors: Biot.Cardenas.org/w/index. Kubanczyk. Pparazorback. Clamum. Pentap101. Frap.org/w/index. Vobrcz. Greenrd 177 .php?oldid=432452324  Contributors: Adrignola. 49 anonymous edits SQLFilter  Source: http://en. Fschoenm. Ryan Roos. Frap. UnicornTapestry.wikipedia. Legotech. 8 anonymous edits Virtual packet  Source: http://en.org/w/index. Wdscxsj. Algocu.

php?title=File:Allot_logo.svg  Source: http://en.wikipedia.PNG  License: Creative Commons Attribution-Sharealike 3. Technion. Rockfang.php?title=File:Sonicwalllogo. PhilKnight. User:Iztoku Image:Sandvine logo.php?title=File:Decrease2.png by Rfl.org/w/index.svg  Source: http://en. Lupo.wikipedia.wikipedia.jpg  Source: http://en. User:MBisanz.php?title=File:Barracuda-networks-logo.wikipedia.org/w/index.jpg  License: unknown  Contributors: Eraserhead1 image:broadcast.php?title=File:Unicast.wikipedia.php?title=File:Labris_Teknoloji_logo-orta.php?title=File:Stonesoft_Logo.1.org/w/index.jpg  License: Free Art License  Contributors: Yasakak Image:Radware.org/w/index.org/w/index.org/w/index.jpg  Source: http://en.wikipedia.svg  License: Public Domain  Contributors: Easyas12c.php?title=File:Standard_deviation_diagram.png  Source: http://en. Zscout370. User:Polbot.wikipedia.jpg  License: Fair Use  Contributors: Dchapes. User:Cydebot.php?title=File:Ethernet_frame.jpg  Source: http://en. 1 anonymous edits image:unicast. (Original SVG was based on File:PD-icon.svg  Source: http://en.svg  License: unknown  Contributors: Sarang Image:Barracuda-networks-logo. Sfan00 IMG Image:Sonicwalllogo.wikipedia. See log.wikipedia.5  Contributors: Mwtoews Image:Pdu and sdu.wikipedia.php?title=File:PD-icon.org/w/index.jpg  Source: http://en.jpg  License: Fair Use  Contributors: Lamro Image:Check point logo.png  License: GNU Free Documentation License  Contributors: Phani Bhushan File:Paul Baran.png  License: Fair Use  Contributors: User:BetacommandBot.png  Source: http://en.org/w/index.org/w/index.php?title=File:Anycast.wikipedia.org/w/index.png  License: Creative Commons Attribution-Sharealike 3.wikipedia.php?title=File:Geocast.PNG  License: unknown  Contributors: Daichinger.org/w/index. 1 anonymous edits File:Decrease2. 1 anonymous edits image:multicast.0.org/w/index.php?title=File:Flag_of_the_United_States.wikipedia.php?title=File:Broadcast.php?title=File:Paul_Baran.jpg  License: GNU Free Documentation License  Contributors: Original uploader was Coolcaesar at en.wikipedia.svg  License: Public Domain  Contributors: Easyas12c image:anycast. User:Cydebot. User:STBotI File:Increase2.svg  License: Public Domain  Contributors: Mik81 Image:ethernet frame.org/w/index.svg  License: Creative Commons Zero  Contributors: Revolus Image:PD-icon.svg  Source: http://en.png  License: Fair Use  Contributors: Impakti File:Flag of the United States.svg  License: Public Domain  Contributors: Easyas12c.php?title=File:Firewall.wikipedia. 1 anonymous edits Image:standard deviation diagram.org/w/index.wikipedia.jpg  License: GNU Free Documentation License  Contributors: Coolcaesar File:Labris Teknoloji logo-orta.org/w/index.php?title=File:Cast.04.) File:Firewall.png  Source: http://en.svg  License: Public Domain  Contributors: Self-made Image:Stressed Eye. UrSuS.php?title=File:Ethernet_frame.png  License: Fair Use  Contributors: User:Bjelleklang.2.svg  Source: http://en.wikipedia Image:Ciscosystemsrouteratcern.org/w/index.org/w/index.svg  Source: http://en.php?title=File:Gufw_9.wikipedia.php?title=File:Radware.wikipedia.PNG  Source: http://en.org/w/index.0  Contributors: Gaiterin Image:Ethernet frame.wikipedia.png  Source: http://en.0  Contributors: Bruno Pedrozo Image:Gufw 9.php?title=File:Ciscosystemsrouteratcern.php?title=File:Check_point_logo.png  Source: http://en. Perhelion image:geocast..wikipedia.wikipedia.Image Sources.0.2.wikipedia.org/w/index.svg  License: Public Domain  Contributors: Various.png  Source: http://en. Jacobolus.svg  Source: http://en. Indolences.svg  Source: http://en.org/w/index.wikipedia.jpg  Source: http://en.svg  Source: http://en.php?title=File:Ciscosystemsheadquarters.svg  Source: http://en.wikipedia.PNG  Source: http://en.org/w/index.php?title=File:Multicast. Presidentman. User:Pabouk Image:Cisco logo.org/w/index. User:Ehudshapira. Licenses and Contributors Image:Allot logo.php?title=File:Sandvine_logo.wikipedia.org/w/index.wikipedia.svg  License: Public Domain  Contributors: Sarang Image:Ciscosystemsheadquarters.png  License: Fair Use  Contributors: User:Mongolmax Image:Stonesoft Logo.php?title=File:Cisco_logo.svg  License: Public Domain  Contributors: Easyas12c.org/w/index.svg  License: Public Domain  Contributors: Easyas12c image:cast.5.php?title=File:Viaedge_Logo.php?title=File:Stressed_Eye.wikipedia. Licenses and Contributors 178 Image Sources.svg  Source: http://en.svg  Source: http://en.svg  License: Public Domain  Contributors: Self-made . H Padleckas.png  Source: http://en.04.svg  Source: http://en.wikipedia.svg  License: Public Domain  Contributors: Dbenbenn.wikipedia.svg  Source: http://en.org/w/index.org/w/index.jpg  Source: http://en.svg  License: Creative Commons Attribution 2.org/w/index.svg  Source: http://en. Image:Viaedge Logo.org/w/index.org/w/index.org/w/index.wikipedia. which was based on Image:Red copyright.php?title=File:Pdu_and_sdu.png  License: Fair Use  Contributors: User:Ilyasali khan.png by Duesentrieb.svg  License: Fair Use  Contributors: Jeff G.php?title=File:Increase2. Jarekt.

0 Unported http:/ / creativecommons. org/ licenses/ by-sa/ 3. 0/ .License 179 License Creative Commons Attribution-Share Alike 3.

Frame check sequence. some advocates of net neutrality fear that the technology can be used anticompetitively or to reduce the openness of the Internet. Theta Networks. Cisco Systems. Martian packet.8261. It reduces the risk of your technology. With the Least Amount of Effort. service providers and governments in a wide range of applications. but use of the second header (TCP. Deterministic jitter.. Radware. Firewall (computing).Grab your copy now. Check Point. time and resources investment decisions by enabling you to compare your understanding of Deep Packet Inspection (DPI) with the objectivity of experienced professionals . Paul Baran. background and everything you need to know.IX -) is a form of computer network packet filtering that examines the data part (and possibly also the header) of a packet as it passes an inspection point. and security functions as well as internet data mining. Here you will find the most up-to-date information. The #1 ALL ENCOMPASSING Guide to Deep Packet Inspection (DPI). . Jumbogram. Cut-through switching. spam.The Knowledge Solution. Stop Searching. Data-dependent jitter. Deep Packet Inspection (and filtering) enables advanced network management. Sandvine. Donald Davies. Stonesoft Corporation.. faster than you ever dreamed possible! The information in this book can show you how to be an expert in the field of Deep Packet Inspection (DPI). IPv6 packet. learn EVERYTHING you need to know about Deep Packet Inspection (DPI). intrusions or predefined criteria to decide if the packet can pass or if it needs to be routed to a different destination. Context-based access control. analysis.48. Although DPI technology has been used for Internet management for many years. Data Path Acceleration Architecture (DPAA).. this book is a unique collection to help you become a master of Deep Packet Inspection (DPI).. Frame (networking). This book is your ultimate resource for Deep Packet Inspection (DPI). Black hole (networking). user service. Christmas tree packet. Fast packet switching. G. Network packet. SonicWALL. Labris Teknoloji. Jumbo frame. A quick look inside: Deep packet inspection. Blue (queue management algorithm). Stand Out and Pay Off. Berkeley Packet Filter.and Much. Get the edge. An Important Message for ANYONE who wants to learn about Deep Packet Inspection (DPI) Quickly and Easily. UDP etc. Are you looking to learn more about Deep Packet Inspection (DPI)? You’re about to discover the most spectacular gold mine of Deep Packet Inspection (DPI) materials ever created. In easy to read chapters. There are multiple headers for IP packets. Allot Communications. Datakit. and ace any discussion. Dynamic Packet Transport. “Here’s Your Chance To Skip The Struggle and Master Deep Packet Inspection (DPI). Broadcasting (computing). Viaedge.” Deep Packet Inspection (DPI) (also called complete packet inspection and Information eXtraction . Jitter. Cisco Express Forwarding. eavesdropping. DPI is currently being used by the enterprise. Lag. Business Control Layer. Packet loss. and censorship. Network intelligence. Narus (company). Catenet. Mangled packet. with extensive references and links to get you to know all there is to know about Deep Packet Inspection (DPI) right away. Much More! This book explains in-depth the real drivers and workings of Deep Packet Inspection (DPI). while you still can. GSM 03. In 2 Days Or Less. searching for protocol non-compliance. Link state packet.. Gigapackets.) is normally considered to be shallow packet inspection (usually called Stateful Packet Inspection) despite this definition. NebuAd. viruses. Barracuda Networks.. Active queue management. Chernobyl packet. network equipment only needs to use the first of these (the IP header) for normal operation. proposal and implementation with the ultimate book – guaranteed to give you the education that you need. Front Porch. or for the purpose of collecting statistical information. Datagram.

You're Reading a Free Preview

Download
scribd