P. 1
Deep Packet Inspection (DPI): High-impact Strategies - What You Need to Know: Definitions, Adoptions, Impact, Benefits, Maturity, Vendors

Deep Packet Inspection (DPI): High-impact Strategies - What You Need to Know: Definitions, Adoptions, Impact, Benefits, Maturity, Vendors

|Views: 1,224|Likes:
Published by Emereo Publishing
The Knowledge Solution. Stop Searching, Stand Out and Pay Off. The #1 ALL ENCOMPASSING Guide to Deep Packet Inspection (DPI).

An Important Message for ANYONE who wants to learn about Deep Packet Inspection (DPI) Quickly and Easily...

"Here's Your Chance To Skip The Struggle and Master Deep Packet Inspection (DPI), With the Least Amount of Effort, In 2 Days Or Less..."

Deep Packet Inspection (DPI) (also called complete packet inspection and Information eXtraction - IX -) is a form of computer network packet filtering that examines the data part (and possibly also the header) of a packet as it passes an inspection point, searching for protocol non-compliance, viruses, spam, intrusions or predefined criteria to decide if the packet can pass or if it needs to be routed to a different destination, or for the purpose of collecting statistical information. There are multiple headers for IP packets, network equipment only needs to use the first of these (the IP header) for normal operation, but use of the second header (TCP, UDP etc.) is normally considered to be shallow packet inspection (usually called Stateful Packet Inspection) despite this definition.

Deep Packet Inspection (and filtering) enables advanced network management, user service, and security functions as well as internet data mining, eavesdropping, and censorship. Although DPI technology has been used for Internet management for many years, some advocates of net neutrality fear that the technology can be used anticompetitively or to reduce the openness of the Internet.
DPI is currently being used by the enterprise, service providers and governments in a wide range of applications.

Get the edge, learn EVERYTHING you need to know about Deep Packet Inspection (DPI), and ace any discussion, proposal and implementation with the ultimate book – guaranteed to give you the education that you need, faster than you ever dreamed possible!

The information in this book can show you how to be an expert in the field of Deep Packet Inspection (DPI).

Are you looking to learn more about Deep Packet Inspection (DPI)? You're about to discover the most spectacular gold mine of Deep Packet Inspection (DPI) materials ever created, this book is a unique collection to help you become a master of Deep Packet Inspection (DPI).

This book is your ultimate resource for Deep Packet Inspection (DPI). Here you will find the most up-to-date information, analysis, background and everything you need to know.

In easy to read chapters, with extensive references and links to get you to know all there is to know about Deep Packet Inspection (DPI) right away. A quick look inside: Deep packet inspection, Allot Communications, Barracuda Networks, Check Point, Cisco Systems, Front Porch, Labris Teknoloji, Narus (company), NebuAd, Network intelligence, Radware, Sandvine, SonicWALL, Stonesoft Corporation, Theta Networks, Viaedge, Network packet, Active queue management, Paul Baran, Berkeley Packet Filter, Black hole (networking), Blue (queue management algorithm), Broadcasting (computing), Business Control Layer, Catenet, Chernobyl packet, Christmas tree packet, Cisco Express Forwarding, Context-based access control, Cut-through switching, Data Path Acceleration Architecture (DPAA), Data-dependent jitter, Datagram, Datakit, Donald Davies, Deterministic jitter, Dynamic Packet Transport, Fast packet switching, Firewall (computing), Frame (networking), Frame check sequence, G.8261, Gigapackets, GSM 03.48, IPv6 packet, Jitter, Jumbo frame, Jumbogram, Lag, Link state packet, Packet loss, Mangled packet, Martian packet...and Much, Much More!

This book explains in-depth the real drivers and workings of Deep Packet Inspection (DPI). It reduces the risk of your technology, time and resources investment decisions by enabling you to compare your understanding of Deep Packet Inspection (DPI) with the objectivity of experienced professionals - Grab your copy now, while you still can.
The Knowledge Solution. Stop Searching, Stand Out and Pay Off. The #1 ALL ENCOMPASSING Guide to Deep Packet Inspection (DPI).

An Important Message for ANYONE who wants to learn about Deep Packet Inspection (DPI) Quickly and Easily...

"Here's Your Chance To Skip The Struggle and Master Deep Packet Inspection (DPI), With the Least Amount of Effort, In 2 Days Or Less..."

Deep Packet Inspection (DPI) (also called complete packet inspection and Information eXtraction - IX -) is a form of computer network packet filtering that examines the data part (and possibly also the header) of a packet as it passes an inspection point, searching for protocol non-compliance, viruses, spam, intrusions or predefined criteria to decide if the packet can pass or if it needs to be routed to a different destination, or for the purpose of collecting statistical information. There are multiple headers for IP packets, network equipment only needs to use the first of these (the IP header) for normal operation, but use of the second header (TCP, UDP etc.) is normally considered to be shallow packet inspection (usually called Stateful Packet Inspection) despite this definition.

Deep Packet Inspection (and filtering) enables advanced network management, user service, and security functions as well as internet data mining, eavesdropping, and censorship. Although DPI technology has been used for Internet management for many years, some advocates of net neutrality fear that the technology can be used anticompetitively or to reduce the openness of the Internet.
DPI is currently being used by the enterprise, service providers and governments in a wide range of applications.

Get the edge, learn EVERYTHING you need to know about Deep Packet Inspection (DPI), and ace any discussion, proposal and implementation with the ultimate book – guaranteed to give you the education that you need, faster than you ever dreamed possible!

The information in this book can show you how to be an expert in the field of Deep Packet Inspection (DPI).

Are you looking to learn more about Deep Packet Inspection (DPI)? You're about to discover the most spectacular gold mine of Deep Packet Inspection (DPI) materials ever created, this book is a unique collection to help you become a master of Deep Packet Inspection (DPI).

This book is your ultimate resource for Deep Packet Inspection (DPI). Here you will find the most up-to-date information, analysis, background and everything you need to know.

In easy to read chapters, with extensive references and links to get you to know all there is to know about Deep Packet Inspection (DPI) right away. A quick look inside: Deep packet inspection, Allot Communications, Barracuda Networks, Check Point, Cisco Systems, Front Porch, Labris Teknoloji, Narus (company), NebuAd, Network intelligence, Radware, Sandvine, SonicWALL, Stonesoft Corporation, Theta Networks, Viaedge, Network packet, Active queue management, Paul Baran, Berkeley Packet Filter, Black hole (networking), Blue (queue management algorithm), Broadcasting (computing), Business Control Layer, Catenet, Chernobyl packet, Christmas tree packet, Cisco Express Forwarding, Context-based access control, Cut-through switching, Data Path Acceleration Architecture (DPAA), Data-dependent jitter, Datagram, Datakit, Donald Davies, Deterministic jitter, Dynamic Packet Transport, Fast packet switching, Firewall (computing), Frame (networking), Frame check sequence, G.8261, Gigapackets, GSM 03.48, IPv6 packet, Jitter, Jumbo frame, Jumbogram, Lag, Link state packet, Packet loss, Mangled packet, Martian packet...and Much, Much More!

This book explains in-depth the real drivers and workings of Deep Packet Inspection (DPI). It reduces the risk of your technology, time and resources investment decisions by enabling you to compare your understanding of Deep Packet Inspection (DPI) with the objectivity of experienced professionals - Grab your copy now, while you still can.

More info:

Published by: Emereo Publishing on Sep 15, 2011
Copyright:Traditional Copyright: All rights reserved
List Price: $39.95

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
This book can be read on up to 6 mobile devices.
Full version available to members
See more
See less

10/31/2014

Sections

  • Deep packet inspection
  • Allot Communications
  • Barracuda Networks
  • Check Point
  • Cisco Systems
  • Front Porch
  • Labris Teknoloji
  • Narus (company)
  • NebuAd
  • Network intelligence
  • Radware
  • Sandvine
  • SonicWALL
  • Stonesoft Corporation
  • Theta Networks
  • Viaedge
  • Network packet
  • Active queue management
  • Paul Baran
  • Berkeley Packet Filter
  • Black hole (networking)
  • Blue (queue management algorithm)
  • Broadcasting (computing)
  • Business Control Layer
  • Catenet
  • Chernobyl packet
  • Christmas tree packet
  • Cisco Express Forwarding
  • Context-based access control
  • Cut-through switching
  • Data Path Acceleration Architecture (DPAA)
  • Data-dependent jitter
  • Datagram
  • Datakit
  • Donald Davies
  • Deterministic jitter
  • Dynamic Packet Transport
  • Fast packet switching
  • Firewall (computing)
  • Frame (networking)
  • Frame check sequence
  • G.8261
  • Gigapackets
  • GSM 03.48
  • IPv6 packet
  • Jitter
  • Jumbo frame
  • Jumbogram
  • Link state packet
  • Packet loss
  • Mangled packet
  • Martian packet
  • Maximum segment size
  • Maximum transmission unit
  • Network congestion
  • NIST RBAC model
  • OmniPeek
  • Out-of-order delivery
  • Packet aggregation
  • Packet analyzer
  • Packet Assembler/Disassembler
  • Packet capture
  • Packet concatenation
  • Packet drop attack
  • Packet generator
  • Packet injection
  • Packet segmentation
  • Packet Switch Stream
  • Packet switching
  • Packet telephony
  • Packet transfer delay
  • Packet-switched network
  • Packet-switching node
  • PARC Universal Packet
  • Ping (video gaming)
  • Protocol data unit
  • Public switched data network
  • Robust random early detection
  • Raw socket
  • SQLFilter
  • Start Frame Delimiter
  • Statistical time division multiplexing
  • Syncword
  • TCP reset attack
  • Virtual packet
  • Article Sources and Contributors
  • Image Sources, Licenses and Contributors
  • License

Deep Packet Inspection (DPI

)
IN-DEPTH: THE REAL DRIVERS AND
WORKINGS

Kevin Roebuck

REDUCES THE RISK OF YOUR TECHNOLOGY, TIME AND RESOURCES
INVESTMENT DECISIONS

ENABLING YOU TO COMPARE YOUR
UNDERSTANDING WITH THE OBJECTIVITY OF EXPERIENCED PROFESSIONALS

High-impact Strategies - What You Need to Know: Definitions, Adoptions, Impact, Benefits, Maturity, Vendors

Topic relevant selected content from the highest rated entries, typeset, printed and shipped. Combine the advantages of up-to-date and in-depth knowledge with the convenience of printed books. A portion of the proceeds of each book will be donated to the Wikimedia Foundation to support their mission: to empower and engage people around the world to collect and develop educational content under a free license or in the public domain, and to disseminate it effectively and globally. The content within this book was generated collaboratively by volunteers. Please be advised that nothing found here has necessarily been reviewed by people with the expertise required to provide you with complete, accurate or reliable information. Some information in this book maybe misleading or simply wrong. The publisher does not guarantee the validity of the information found here. If you need specific advice (for example, medical, legal, financial, or risk management) please seek a professional who is licensed or knowledgeable in that area. Sources, licenses and contributors of the articles and images are listed in the section entitled “References”. Parts of the books may be licensed under the GNU Free Documentation License. A copy of this license is included in the section entitled “GNU Free Documentation License” All used third-party trademarks belong to their respective owners.

Contents
Articles
Deep packet inspection Allot Communications Barracuda Networks Check Point Cisco Systems Front Porch Labris Teknoloji Narus (company) NebuAd Network intelligence Radware Sandvine SonicWALL Stonesoft Corporation Theta Networks Viaedge Network packet Active queue management Paul Baran Berkeley Packet Filter Black hole (networking) Blue (queue management algorithm) Broadcasting (computing) Business Control Layer Catenet Chernobyl packet Christmas tree packet Cisco Express Forwarding Context-based access control Cut-through switching Data Path Acceleration Architecture (DPAA) Data-dependent jitter Datagram Datakit 1 8 10 14 19 28 29 30 33 40 43 46 49 51 54 55 57 62 64 68 69 70 72 73 75 75 76 77 78 79 80 80 81 81

Donald Davies Deterministic jitter Dynamic Packet Transport Fast packet switching Firewall (computing) Frame (networking) Frame check sequence G.8261 Gigapackets GSM 03.48 IPv6 packet Jitter Jumbo frame Jumbogram Lag Link state packet Packet loss Mangled packet Martian packet Maximum segment size Maximum transmission unit Network congestion NIST RBAC model OmniPeek Out-of-order delivery Packet aggregation Packet analyzer Packet Assembler/Disassembler Packet capture Packet concatenation Packet drop attack Packet generator Packet injection Packet segmentation Packet Switch Stream Packet switching Packet telephony Packet transfer delay

83 85 85 86 87 92 93 94 94 95 96 102 108 110 111 113 114 116 116 117 117 122 129 130 132 133 133 135 137 140 140 141 143 144 144 147 151 152

Packet-switched network Packet-switching node PARC Universal Packet Ping (video gaming) Protocol data unit Public switched data network Robust random early detection Raw socket SQLFilter Start Frame Delimiter Statistical time division multiplexing Syncword TCP reset attack Virtual packet

152 159 159 161 162 164 164 166 167 167 168 169 170 172

References
Article Sources and Contributors Image Sources, Licenses and Contributors 173 178

Article Licenses
License 179

Deep packet inspection

1

Deep packet inspection
Deep Packet Inspection (DPI) (also called complete packet inspection and Information eXtraction - IX -) is a form of computer network packet filtering that examines the data part (and possibly also the header) of a packet as it passes an inspection point, searching for protocol non-compliance, viruses, spam, intrusions or predefined criteria to decide if the packet can pass or if it needs to be routed to a different destination, or for the purpose of collecting statistical information. There are multiple headers for IP packets, network equipment only needs to use the first of these (the IP header) for normal operation, but use of the second header (TCP, UDP etc.) is normally considered to be shallow packet inspection (usually called Stateful Packet Inspection) despite this definition.[1] Deep Packet Inspection (and filtering) enables advanced network management, user service, and security functions as well as internet data mining, eavesdropping, and censorship. Although DPI technology has been used for Internet management for many years, some advocates of net neutrality fear that the technology can be used anticompetitively or to reduce the openness of the Internet.[2] DPI is currently being used by the enterprise, service providers and governments in a wide range of applications.[3]

Background
DPI combines the functionality of an Intrusion Detection System (IDS) and an Intrusion Prevention System (IPS) with a traditional stateful firewall.[4] This combination makes it possible to detect certain attacks that neither the IDS/IPS nor the stateful firewall can catch on their own. Stateful firewalls, while able to see the beginning and end of a packet flow, cannot on their own catch events that would be out of bounds for a particular application. While IDSs are able to detect intrusions, they have very little capability in blocking such an attack. DPIs are used to prevent attacks from viruses and worms at wire speeds. More specifically, DPI can be effective against buffer overflow attacks, Denial of Service (DoS) attacks, sophisticated intrusions, and a small percentage of worms that fit within a single packet. DPI-enabled devices have the ability to look at Layer 2 and beyond Layer 3 of the OSI model, in cases DPI can be evoked to look through Layer 2-7 of the OSI model. This includes headers and data protocol structures as well as the actual payload of the message. DPI functionality is evoked when a device looks or takes other action based on information beyond Layer 3 of the OSI model. DPI can identify and classify traffic based on a signature database that includes information extracted from the data part of a packet, allowing finer control than classification based only on header information. End points can utilize encryption and obfuscation techniques to evade DPI actions in many cases. A classified packet can be redirected, marked/tagged (see quality of service), blocked, rate limited, and of course reported to a reporting agent in the network. In this way, HTTP errors of different classifications may be identified and forwarded for analysis. Many DPI devices can identify packet flows (rather than packet-by-packet analysis), allowing control actions based on accumulated flow information.

DPI at the enterprise
Until recently, security at the enterprise was just a perimeter discipline, with a dominant philosophy of keeping unauthorized users out, and shielding authorized users from the outside world. The most frequently used tool for accomplishing this has been a stateful firewall. It can permit fine-grained control of access from the outside world to pre-defined destinations on the internal network, as well as permitting access back to other hosts only if a request to the outside world has been made previously.[5] However, vulnerabilities exist at network layers that are not visible to a stateful firewall. Also, an increase in the use of laptops in the enterprise makes it more difficult to prevent threats such as viruses, worms and spyware from penetrating the corporate network, as many users will connect the laptop to less-secure networks such as home

When an e-mail user tries to send a protected file he may be given information on how to get the proper clearance to send the file.[8] Policies can be defined that allow or disallow connection to or from an IP address.[11] Poor network performance increases customer dissatisfaction and leads to a decline in service revenues. The acquisition component of this functionality can be provided in many ways. and as many of 10% of US customers have been tracked in this way. video and software downloads". Targeted advertising Because ISPs route all of their customers' traffic. Firewalls also do not distinguish between permitted and forbidden uses of legitimately-accessed applications.000 US customers are tracked this way. US ISPs monitoring their customers include Knology. to sharing of music. DPI enables IT administrators and security officials to set policies and enforce them at all layers. and copyright enforcement. At least 100.to access a user's datastream.[7] Policy definition and enforcement Service providers obligated by the service level agreement with their customers to provide a certain level of service. offering tiered services. In some countries the ISPs are required to perform filtering depending on the country's laws. P2P drives increasing traffic loads. policy definition and enforcement. This can be documents. certain protocols. This is not possible in contemporary digital networks. requiring additional network capacity. they are able to monitor web-browsing habits in a very detailed way allowing them to gain information about their customers' interests. Internet service providers also apply this technology on the public networks provided to customers. quality of service. Due to the frequently large size of media files being transferred. Deep Packet Inspection is able to detect a few kinds of buffer overflow attacks. Service providers say a minority of users generate large quantities of P2P traffic and degrade performance for the majority of broadband subscribers using applications such as email or Web browsing which use less bandwidth. including the application and user layer to help combat those threats. targeted advertising. Common uses of DPI by ISPs are lawful intercept. to websites. and unfair use of bandwidth. DPI enabled products that are "LI or CALEA-compliant" can be used . which can be used by companies specializing in targeted advertising. including DPI. In addition.Deep packet inspection broadband connections or wireless networks in public locations. illegal materials.when directed by a court order . the UK ISP British Telecom has admitted testing technology from Phorm without their customers' knowledge or consent. and at the same time enforce an acceptable use policy.[9] and Wide Open West. may make use of DPI to implement certain policies that cover copyright infringements. Decades ago in a legacy telephone environment. Lawful interception Service providers are required by almost all governments worldwide to enable lawful intercept capabilities. and probably also Embarq. music and videos. Technology providers include NebuAd. . or even heuristics that identify a certain application or behavior. P2P traffic is typically used by applications that do file sharing. this was met by creating a traffic access point (TAP) using an intercepting proxy server that connects to the government's surveillance equipment. DPI can be used by the enterprise for Data Leak Prevention (DLP). DPI allows service providers to "readily know the packets of information you are receiving online—from e-mail.[10] Quality of service Applications such as peer-to-peer (P2P) traffic present increasing problems for broadband service providers. Front Porch and Phorm.[6] 2 DPI at network/Internet service providers In addition to using DPI to secure their internal networks.

to differentiate "walled garden" services from "value added". per application. Sony BMG.[14] Instead of prosecuting file sharers one at a time. For instance. .[12] This is the approach that service providers use to dynamically allocate bandwidth according to traffic that is passing through their networks.S. on the other hand has taken the position with the Federal Communications Commission (FCC) that network neutrality could hurt anti-piracy technology such as Deep Packet Inspection and other forms of filtering. Universal Music and Warner Music have begun suing ISPs like Eircom for not doing enough about protecting their copyrights. Europe and Asia use DPI for various purposes such as surveillance and censorship. or "all-you-can-eat" rather than a "one-size-fits-all" package. Tele2. The FCC. was given a court injunction and told it must block its customers from accessing The Pirate Bay. 3 Tiered services Mobile and broadband service providers use DPI as a means to implement tiered service plans. The Motion Picture Association of America (MPAA) which enforces movie copyrights. Other Vendors claim that DPI is ineffective against P2P and that other methods of Bandwidth Management are more effective. Access to trend data also help network planning. “all-you-can-eat" and "one-size-fits-all” data services. pursuant to its mandate from the US Congress. the operator can tailor his offering to the individual subscriber and increase their Average Revenue Per User (ARPU). a higher priority can be allocated to a VoIP or video conferencing call which requires low latency versus web browsing which does not. Subpart Z. and the DPI system in turn enforces that policy.[18] United States FCC adopts Internet CALEA requirements. it might be of interest whether users with a 2 Mbit connection use the network in a dissimilar manner to users with a 5 Mbit connection. governments in North America.[16] The IFPI wants ISPs to filter traffic to remove illicitly uploaded and downloaded copyrighted material from their network. a launching point for BitTorrent. Copyright enforcement ISPs are sometimes requested by copyright owners or required by courts or official policy to help enforce copyrights. including Internet services. despite European directive 2000/31/EC clearly stating that ISPs may not be put under a general obligation to monitor the information they transmit and directive 2002/58/EC granting European citizens a right to privacy of communications. one of Denmark's largest ISPs. many of these programs are classified. Additionally.[13] By being able to charge for a "walled garden".[15] the International Federation of the Phonographic Industry (IFPI) and the big four record labels EMI.[17] Statistics DPI allows ISPs to gather statistical information about usage patterns by user group. In 2006.Deep packet inspection DPI allows the operators to oversell their available bandwidth while ensuring equitable bandwidth distribution to all users by preventing network congestion. DPI was one of the platforms essential to meeting this requirement and has been deployed for this purpose throughout the U. per service. allowing the user access to different services and applications. Deep Packet Inspection by governments In addition to using DPI for the security of their own networks. In 2006. has required that all telecommunication providers. and in line with the policies of most countries worldwide. A policy is created per user or user group. be capable of supporting the execution of a court order to provide real-time communication forensics of specified users. rules requiring Internet Access Providers meet these requirements. the FCC adopted new Title 47.

."[20] Narus's Semantic Traffic Analyzer software which runs on IBM or Dell Linux servers. dividing the signal so that 50 percent of the signal strength went to each output fiber." and thus. according to a report in the Wall Street Journal in June. He said the company determined it was no longer part of its core business. Mr. the Dalai Lama. According to Marcus’s affidavit. a joint venture Siemens AG.[23] 4 China The Chinese government uses Deep Packet Inspection to monitor and censor network traffic and content that it claims harmful to Chinese citizens or state interests. The DPI is used to find which packets are carrying e-mail or a Voice over Internet Protocol (VoIP) phone call.com. are simply not delivered. Certain traffic was selected and sent over a dedicated line to a "central location" for analysis. Falun Gong. the German conglomerate. Narus states that such devices are capable of real-time data collection (recording data for consideration) and capture at 10 gigabits per second. quoting NSN spokesperson Ben Roome. a Munich-based investment firm. sorting and forwarding more intelligent. what it called 'intelligence solutions. or a variety of anti-Communist movements[25] as those materials were signed as DPI sensitive keywords already." .. People within China often find themselves blocked while accessing Web sites containing content related to Taiwanese and Tibetan independence. "the designers of the . drug trafficking and other criminal activities carried out online. Roome said. and Nokia Corp. 2009. by selling it to Perusa [27] Partners Fund 1 LP. the Tiananmen Square protests and massacre of 1989.[26] Iran The Iranian government purchased a system.. with cooperation from AT&T has used Deep Packet Inspection technology to make internet traffic surveillance. and political dissent. as well as alter it for disinformation purposes.' said Mr. China also blocks VoIP traffic in and out of their country. According to the Journal. to exclude data sources comprised primarily of domestic data. Bush and Attorney General Alberto R. part of the Iranian government's telecom monopoly. political parties that oppose that of the ruling Communist party. One of the output fibers was diverted to a secure room. reportedly for deep packet inspection.. with no notification provided to either participant in the conversation. China also blocks visual media sites like YouTube. or substantially all. and messages containing sensitive material.Deep packet inspection The National Security Agency (NSA). The secure room contained Narus traffic analyzers and logic servers. in the case of VoIP. such as curse-words. the diverted traffic "represented all.' The joint venture exited the business that included the monitoring equipment." The system was purchased by the Telecommunication Infrastructure Co. the system "enables authorities to not only block communication but to monitor it to gather information about individuals. Voice traffic in Skype is unaffected. IP address or. If so. According to unnamed experts cited in the article.[22] The Defense Information Systems Agency has developed a sensor platform that uses Deep Packet Inspection.. the connection will be cut. sorts through IP traffic at 10Gbit/s to pick out specific messages based on a targeted e-mail address. the Finnish cellphone company. The monitoring center that Nokia Siemens Networks sold to Iran was described in a company brochure as allowing 'the monitoring and interception of all types of voice and data communication on all networks. in terms of location or position of the fiber split.[21] President George W. information on religion. child pornography. This material includes pornography. Gonzales have asserted that they believe the president has the authority to order secret intercepts of telephone and e-mail exchanges between people inside the United States and their contacts abroad without obtaining a FISA warrant. configuration made no attempt. and various photography and blogging sites.' at the end of March.[19] Traffic associated with AT&T’s Common Backbone was "split" between two fibers. of AT&T’s peering traffic in the San Francisco Bay area. the other carried communications on to AT&T’s switching equipment. NSN "provided equipment to Iran last year under the internationally recognized concept of 'lawful intercept. using DPI technology.. although text messages are subject to DPI.[24] Chinese network ISPs use DPI to see if there's any sensitive keyword going through their network. in 2008 from Nokia Siemens Networks (NSN). he said.. phone number. Roome. That relates to intercepting data for the purposes of combating terrorism. a capability that most if not all telecom companies have.

Roome is denying the quotes attributed to him and that he. aspx?Feed=PR& Date=20080205& ID=8139811& Symbol=ALLT). earlier in the decade. Retrieved 2006-02-06.[28] Questions have been raised about the reporting reliability of the Journal report by David Isenberg. Retrieved 2008-03-02. ars technica. com/ doc/ 20060213/ chester). [2] Hal Abelson. Security Focus.Added and Tiered Service Packages" (http:/ / news. a comprehensive list is maintained by the dPacket. . Retrieved 2010-02-01. Chris Lewis (2009). Retrieved 2008-05-14. de/ ~bendrath/ Paper_Ralf-Bendrath_DPI_v1-5. call them "a solution in search of a problem" and say that net neutrality rules would reduce incentives to upgrade networks and launch next-generation network services. com/ insider/ details.289142. php/ essays/ just-deliver-the-packets/ ). Paper presented at the International Studies Annual Convention. itbusinessedge.C.[29] NSN has issued the following denial: NSN "has not provided any deep packet inspection. Office of the Privacy Commissioner of Canada. thenation.[31] 5 DPI and net neutrality People and organizations concerned about privacy or network neutrality find inspection of the content layers of the Internet protocol to be offensive. web censorship or Internet filtering capability to Iran.Deep Packet Inspection" (http:/ / www. [8] Jeff Chester (2006-02-01). charter. meanwhile. msn. Retrieved 2008-04-08. "Data leak prevention starts with trusting your users" (http:/ / searchnetworking. . "Every Click You Make: Internet Providers Quietly Test Expanded Tracking of Web Use to Target Advertising" (http:/ / www. [6] Michael Morisy (2008-10-23). Ken Ledeen. Retrieved 2006-02-06. The Nation."[30] A concurrent article in The New York Times said the NSN sale had been covered in a "spate of news reports in April [2009].org community [36] References [1] Dr. do?command=viewArticleBasic& taxonomyId=16& articleId=9036959& intsrc=hm_topic).[33] Software Opendpi[34] is the open source version for non obfuscated protocols. 15–18 February 2009" (http:/ / userpage. asp?sku_id=1221& skuitem_itemid=957). . "Ball State uses Deep Packet Inspection to ensure videoconferencing performance" (http:/ / www. . . gc. "The Case for Deep Packet Inspection" (http:/ / www. but did not mention DPI. . Ottawa" (http:/ / dpi. moneycentral.-based analyst and Cato Institute Adjunct Scholar. [9] "Charter Communications: Enhanced Online Experience" (http:/ / connect. pdf). ca/ index. "Just Deliver the Packets. [12] Matt Hamblen (2007-09-17). Money Central. SearchNetworking. Retrieved 2010-01-08. computerworld. Security Focus. Retrieved 2008-03-03. [3] Ralf Bendrath (2009-03-16). "The End of the Internet?" (http:/ / www. 2008-02-05. Retrieved 2010-01-08. an independent Washington. CALEA" (http:/ / arstechnica. com/ ticker/ article. .com. . New York City. "Firewall Evolution . [5] Elan Amir (2007-10-29).00. ars). [7] Nate Anderson (2007-07-25). . . com/ landing/ op1. html).[7] saying for example." and reviewed censorship of the Internet and other media in the country. had similar complaints with one of the same Journal reporters himself in an earlier story. html). Thomas Porter (2005-01-11). "Deep Packet Inspection meets 'Net neutrality. Isenberg. techtarget. [11] "Deep Packet Inspection: Taming the P2P Traffic Beast" (http:/ / www. Retrieved 2008-03-03. Retrieved 2008-03-02. "the 'Net was built on open access and non-discrimination of packets!"[32] Critics of network neutrality rules. [4] Ido Dubrawsky (2003-07-29). . securityfocus. Light Reading. specifically saying that Mr. com/ item/ ?ci=35275). PACE includes obfuscated/encrypted protocols like Skype or encrypted BitTorrent.Deep packet inspection The NSN system followed on purchases by Iran from Secure Computing Corp. com/ wp-dyn/ content/ article/ 2008/ 04/ 03/ AR2008040304052. com/ action/ article. securityfocus. html). washingtonpost. fu-berlin. com/ infocus/ 1817). lightreading. D. International Studies Association. Computer World.[35] The open source community offers a wide array of options for performing deep packet inspection functions. "The Perils of Deep Packet Inspection" (http:/ / www.sid7_gci1335767. . com/ news/ article/ 0. [10] Peter Whoriskey (2008-04-04). com/ infocus/ 1716). in: "Essays on Deep Packet Inspection". com/ articles/ culture/ Deep-packet-inspection-meets-net-neutrality. "Global technology trends and national regulation: Explaining Variation in the Governance of Deep Packet Inspection. [13] "Allot Deploys DPI Solution at Two Tier 1 Mobile Operators to Deliver Value. Retrieved 2008-03-02. . IT Business Edge. . priv. including The Washington Times. The Washington Post.

cybertelecom. org/ ci/ neutral.17. opennetinitiative. ars/ post/ 20080311-year-of-filters-turning-into-year-of-lawsuits-against-isps. [20] Bellovin. pdf).D. Retrieved 6/22/09. [25] "Internet Filtering in China in 2004-2005: A Country Study" (http:/ / www. [23] Cheryl Gerber (2008-09-18). [15] Matthew Clark (2005-07-05). isen. com/ science/ discoveries/ news/ 2006/ 05/ 70914). . com/ article/ 08/ 02/ 13/ Danish-ISP-prepares-to-fight-Pirate-Bay-injunction_1. IDG News Service. html) by David S. com/ newsletters/ isp/ 2007/ 0625isp1. com/ article/ SB124562668777335653. ars) [36] (https:/ / www. org/ articles/ deep-security-disa-beefs-security-deep-packet-inpection-ip-transmissions).. Network World. "Danish ISP prepares to fight Pirate Bay injunction" (http:/ / www.com/ resources/white-papers/) .Deep packet inspection Retrieved 2008-03-03. com/ 8301-10784_3-9746938-7.registration required (http://www. de/ english/ who_we_are. June 22. [30] "Provision of Lawful Intercept capability in Iran" (http:/ / www. wired. com/ news. "Network Neutrality: Historic Neutrality" (http:/ / www. "The Ultimate Net Monitoring Tool" (http:/ / www. June 22. "The Great Firewall of China" (http:/ / www. [19] J. [29] "Questions about WSJ story on Net Management in Iran" (http:/ / www. (2006-09-26). networkworld. Retrieved 6/22/09. ie/ frontpage/ news-9617239. com/ blog/ 2009/ 06/ questions-about-wsj-story-on-net. Retrieved 2008-03-12. html) by Christopher Rhoads in New York and Loretta Chao in Beijing.blog. Matt Blaze. opendpi. CNET News. Retrieved 2008-03-03.com/2011/02/08/ what-is-deep-packet-inspection-and-why-the-controversy/) • White Paper "Deep Packet Inspection – Technology. IEEE Security and Privacy (IEEE Computer Society) 6 (1): 24–33.ca/) • What Is Deep Packet Inspection and Why the Controversy (http://netequalizernews. [17] Anne Broach (2007-07-19). The New York Times. "MPAA: Net neutrality could hurt antipiracy tech" (http:/ / www.1109/MSP. "How the NSA warrantless wiretap system works" (http:/ / www. Retrieved 6/23/09. com/ papers/ paa-ieee.com/security/computer_security/editorials/deepinspect/) • A collection of essays from industry experts (http://dpi. 2009. Steven M. [24] Ben Elgin and Bruce Einhorn (2006-01-12). Susan Landau. Retrieved 2008-03-13. businessweek. "Risking Communications Security: Potential Hazards of the Protect America Act" (http:/ / www. . com/ global/ Press/ Press+ releases/ news-archive/ Provision+ of+ Lawful+ Intercept+ capability+ in+ Iran. [27] http:/ / www. html). ""Year of filters" turning into year of lawsuits against ISPs" (http:/ / arstechnica. . com/ 2009/ 06/ 23/ world/ middleeast/ 23censor. June 22. The Washington Post.io/?p=9) • What is "Deep Inspection"? (http://www. htm#his). dpacket. Whitfield Diffie. Retrieved 6/22/09. . ENN. and Jennifer Rexford (January/February 2008). 2009. washingtonpost. Restores Flickr and Blogspot" (http:/ / www. com/ technology/ content/ jan2006/ tc20060112_434051. infoworld. com/ open-source/ news/ 2009/ 09/ deep-packet-inspection-engine-goes-open-source. Neumann.ipoque. perusa-partners. org/ ) [35] Deep packet inspection engine goes open source (http:/ / arstechnica. Leonnig (2007-01-07).sites/ article. [26] "China Blocks YouTube. . html). Retrieved 2008-03-12. "Report Rebuts Bush on Spying .inputoutput. [33] Genny Pershing. Retrieved 2008-03-03. [16] Eric Bangeman (2008-03-11). html?_r=1& hp) by Brian Stelter and Brad Stone. org/ group-posts/ open-source-software-general-discussion/ open-source-software-related-deep-packet-inspect) 6 External links • Test Methodology . . Open Net Initiative. htm) Company press release. Retrieved 2008-03-13. nerdylorrin. enn. com/ article/ id. . Retrieved 2008-10-30. "Network Neutrality: Insufficient Harm" (http:/ / www. Retrieved 2008-06-26. Retrieved 2008-03-03. . "OEM provider Bivio targets government market" (http:/ / www. net/ jerry/ politics/ Warrantless/ WarrantlessFACTS.138599-c. PC World. Retrieved 2008-03-12. Retrieved 2008-03-13. "Eircom and BT won't oppose music firms" (http:/ / www.Domestic Action's Legality Challenged" (http:/ / www. 2009. Isenberg. 2007-10-18. [14] Jeremy Kirk (2008-02-13). [31] "Web Pries Lid of Iranian Censorship" (http:/ / www. php [28] "Iran's Web Spying Aided By Western Technology" (http:/ / online.com/resources/ resiliency-methodologies/dpi-resiliency-methodology) • Subverting Deep Packet Inspection the Right Way (http://www. [32] Genny Pershing. ars technica. com/ wp-dyn/ content/ article/ 2006/ 01/ 06/ AR2006010601772. cybertelecom. Retrieved 2008-03-12. Cybertelecom. htm). [22] Carol D.gc. I. . "Deep Security: DISA Beefs Up Security with Deep Packet Inpection of IP Transmissions" (https:/ / www. Retrieved 2008-03-03. html). Ph. net/ studies/ china/ ). Cybertelecom. Business Week. isen. . Retrieved 2008-06-26. news.priv. [18] Carolyn Duffy Marsan (2007-06-27). html). June 23.ranum. html). [21] Robert Poe (2006-05-17). . org/ ci/ neutral. Applications & Net Neutrality" (http://www. wsj. Retrieved 2008-03-03. html). dpacket. Nelson. doi:10.breakingpointsystems. html). .2008. nokiasiemensnetworks. pcworld. The Wall Street Journal. nytimes. Wired. 2009. html). . crypto. [34] Opendpi (http:/ / www. htm#ins). Peter G. . .

Deep packet inspection • Egypt's cyber-crackdown aided by US Company (http://therealnews.DPI technology used by Egyptian government in recent internet crackdown • http://www.com/t2/latest-news/ best-of-web?task=videodirectlink&id=9042) .com/products/mu-test-suite/ scale-testing.com/ • Deep Packet Inspection puts its stamp on an evolving Internet (http://advancedtca-systems.savetheinternet.com/ deep-stamp-an-evolving-internet/) • Validate DPI policy using real applications (http://www.mudynamics.html) 7 .

following an IPO which raised $78m.[5] In 2006.[5] By 2004 Allot raised $38 million. Walden Israel. by Michael Shurman and Yigal Jacoby. a manufacturer of RMON-based network management solutions. Communication systems 1996 Key people CEO: Rami Hadar. JAFCO Investment. CTO: Jay Klein VP Operations: Pini Gvili Products Revenue Net income Networking. who served as chief executive and chairman until 2006.[7] . in several rounds of funding.Allot Communications 8 Allot Communications Allot Communications Type Industry Founded Public (NASDAQ: ALLT [1] ) Technology. Gemini.allot.76 million (2010) Employees 400 Website www. carriers and enterprises.[4] Corporate history Allot Communications was founded in 1996. QoS Solutions. which was sold to Bay Networks for $33m in 1996. Rami Hadar appointed President and Chief Executive Officer. Jerusalem Venture Partners.com [2] Allot Communications (NASDAQ: ALLT [1]. Bandwidth optimization US$ 56. from several venture capital funds. This ranking represented revenue growth of nearly 1900% in a year's time.[5] Jacoby previously founded Armon Networking. application control and subscriber management. and Tamar Technology Ventures. including: Genesis Partners. Deloitte & Touche named Allot the fourth fastest growing company on its Israel Technology Fast 50 list.[6] In November 2003. and the company began trading publicly on the Nasdaq Global Market under the ticker symbol ALLT.97 million (2010) US$ 5. BancBoston Capital. TASE: ALLT [3]) is a provider of IP service optimization solutions for service providers. Allot solutions use deep packet inspection (DPI) technology to change broadband pipes into smart networks offering complete network visibility.

com/ asp/ SummaryQuote. co. Combines Teams and Technologies to Form Solid Base for Continued Growth." (http:/ / www. Allot solutions are also used to support the need of service providers to charge more from heavy users of peer-to-peer. Richard (March 17. in Nasdaq listing" (http:/ / www. 1996. Light Reading. com/ doc/ 1G1-18165625. 2009). 2006). highbeam. com/ doc/ 1P1-131347725. and enterprises. External links • Allot Communications (http://allot. encyclopedia. html). so that value-added Internet services can be rapidly deployed. "Allot raises $78m. Avi (November 17. tmcnet. VoIP and Video applications. March 24. Allot's portfolio of hardware platforms and software applications employs Deep Packet Inspection (DPI) technology to turn broadband pipes into smart networks. 2002. "Allot Communications wraps up $8 million financing round" (http:/ / www. a provider of network application priority switches (NAPS). Zuri (25-08-2004). com/ channels/ bandwidth-management/ articles/ 52408-allot-communications-sigma-service-gateway. asp?articleID=2128).com) . html). asp?symbol=ALLT& selected=ALLT [2] http:/ / www. in order to enhance its quality of service (QoS) and bandwidth management solutions. htm?objectId=& objectType=& securityType=& searchTerm=ALLT [4] Grigonis. [7] Krawitz.com. TMCnet. com/ doc/ 1G1-92808325. com/ document. il/ TASEEng/ Management/ GeneralPages/ SimpleSearchResult. com/ ivcWeeklyItem. [6] "Bay Networks acquires Armon Networking" (http:/ / www. com/ [3] http:/ / www. Israel Business Today.[8] • In January 2008 Allot Acquired Esphion. asp?doc_id=142343). allot. [5] Dar. "Allot Communications' Sigma Service Gateway" (http:/ / www. January 3. 2008. a New Zealand based developer of network protection solutions for carriers and internet service providers. htm). The Jerusalem Post. The Marker.[4] References [1] http:/ / quotes. nasdaq. service providers.[9] Products Allot provides intelligent IP service optimization solutions for DSL. September 24. tase. highbeam. html).Allot Communications 9 Acquisitions • In September 2002 Allot acquired NetReality. ivc-online. Business Wire. wireless broadband carriers. [8] "Allot Communications Acquires NetReality. [9] "Allot Acquires Esphion" (http:/ / www. lightreading.

NG firewalls. for free and public use in blocking spam at the gateway. and viruses.[10] [11] [12] [13] As of October 2009.[8] In December 2008.[6] On January 29. in July 2008 Barracuda launched a countersuit against Trend Micro claiming Trend Micro violated several antivirus patents Barracuda Networks had acquired from IBM.Barracuda Networks 10 Barracuda Networks Barracuda Networks Type Industry Founded Private Telecommunication 2003 Headquarters Campbell.[4] and opened an office in Ann Arbor. Netscreen. the company launched the BRBL (Barracuda Reputation Block List). Sequoia Capital had previously provided financing to Cisco Systems. Barracuda Networks was sued by Trend Micro over their use of the open source anti-virus software Clam AntiVirus. United States Key people Dean Drako (CEO) Michael Perone (CMO) Zach Levow (CTO) Products Spam Firewalls. application delivery controllers.[5] In January 2006.com [1] Barracuda Networks.[14] .barracudanetworks.[3] In 2007 the company moved its headquarters to Campbell. networking and storage solutions based on appliances and cloud services. trojans. its proprietary and dynamic list of known spam servers. and Yahoo!. CudaTel PBX Employees Website 500-1000 www. which Trend Micro claimed to be in violation of their patent on 'anti-virus detection on an SMTP or FTP gateway'. The company's networking and storage solutions include web filtering. spyware. Load balancers.000 customers. Email Archivers. is a privately held company providing security. Inc.[7] In addition to providing samples of prior art in an effort to render Trend Micro's patent invalid. Google. it closed its first outside investment of $40 million from Sequoia Capital and Francisco Partners. IM firewalls. Web Site Firewalls. California. Web filters.[2] Barracuda Networks was established in 2003 and introduced the Barracuda Spam and Virus Firewall. web hackers and instant messaging threats such as spam. message archiving. 2008. load balancing. backup services and data protection. The company’s security products include solutions for protection against email. Michigan. Backup solutions. web surfing. California. SSL VPNs.[9] Soon after opening BRBL many IP addresses got blacklisted without apparent reason and without any technical explanation. Barracuda had over 85. NG Firewalls.

Barracuda Networks acquired controlling interest in phion AG.[30] In November 2008.in August 2010. Barracuda announced the release of CudaTel. Barracuda launched a spam and virus firewall for large enterprises and ISPs.[33] In October 2009.[25] • Purewire Web Security Service .Launched in September 2005 to protect and archive instant messaging content.[19] • Message archiver .[16] • Web filter . Barracuda added message-level backup for Microsoft Exchange and Novell GroupWise. Barracuda Networks launched the Purewire Web Security Service which is a software as a service offering for Web filtering.Announced in September 2008.[15] In June 2008. remote access. 2008. a software as a service (SaaS) company offering cloud based web filtering and security. on-site backup with data deduplication and off-site data replication for disaster recovery. to optimize and aggregate internet connections from different providers. clientless.Barracuda Networks 11 Products • Spam and virus firewall .In April 2005. formerly Tapeware.In October 2003. the company introduced message archiving to index and preserve emails.[32] September 2009. CudaTel features FreeSWITCH.[18] • Load balancer . Barracuda Networks acquired Yosemite Technologies to add software agents for incremental backups of applications such as Microsoft Exchange Server and SQL Server. Barracuda Networks acquired 3SP. The firewalls integrate web and email filtering. the company introduced its web filtering appliance to prevent spyware and viruses from gathering and transmitting user data.[27] • CudaTel Communication Server (PBX) . and safe web surfing. a VOIP Private branch exchange designed for IT administrators. in conjunction with its acquisition of Purewire. Barracuda announced its NG Firewalls to protect enterprise network infrastructures.[20] • SSL VPN . and to meet legal and regulatory compliance.In October 2009.Announced in February 2008. a open-source project sponsored by Barracuda Networks.In November 2006.[31] In January 2009. layer 7 application profiling. Barracuda Networks acquired NetContinuum.[29] In November 2008.In November 2008. Barracuda announced its spam and virus firewall plug-in appliance. Barracuda Networks acquired Purewire Inc. including [24] In January 2009. for securing Web applications for large enterprises and to address regulation compliance such as PCI DSS. the company introduced a load balancing appliance for high availability distribution of network traffic across multiple servers. and Windows system states. an Austria-based public company delivering enterprise-class firewalls. integrating Barracuda Backup Service with Yosemite Backup. and network access control into one platform that is centrally managed across multiple distributed enterprise network locations.[28] Acquisitions In September 2007.In February 2010. allowing the company to introduce Secure Sockets Layer (SSL) Virtual Private Network (VPN) products to perform malware scans on files uploaded during a VPN session to network file shares or internal Web sites.[34] .[26] • NG Firewall .[22] • Link Balancer . content security. the company announced a service to back up data in the cloud. intrusion prevention.[17] • IM Firewall . Barracuda Networks expanded into cloud-based backup services by acquiring BitLeap.[21] • Web Application Firewall . the company launched its secure sockets layer virtual private network product to provide secure.[23] • Backup services .In July 2007.In November. a company providing application controllers to secure and manage enterprise web applications. NG Firewalls are available both as hardware or as a virtual appliance and include wide area network traffic optimization. and to control web surfing.

com/ 2008/ 11/ 06/ barracudacentral-another-blacklist-black-hole/ [13] http:/ / community. com/ archive/ ?module=comments& func=display& cid=1204572 [12] http:/ / steve. html) [26] Channel Insider Barracuda Acquires Cloud Security Vendor Purewire (http:/ / www. cfm?item=23340) [17] InformationWeek Barracuda Rolls Out Spyware-Blocking Appliance (http:/ / www. computerworld. ars/ post/ 20080702-barracuda-bites-back-at-trend-micro-in-clamav-patent-lawsuit. com/ ns/ products/ ) Barracuda Networks. com/ s/ article/ 104909/ Security_Log?taxonomyId=017) [19] IT & Security Portal Barracuda Networks Launches Barracuda Load Balancer (http:/ / www. com/ archives/ campbellreporter/ 20070323/ business2. com/ usa/ story. com/ archives/ campbellreporter/ 20070323/ business2. com/ news/ security/ vulnerabilities/ showArticle. com/ barracuda-networks-buys-netcontinuum/ article/ 35669/ ) [30] InformationWeek Barracuda Swims Into The Cloud (http:/ / www. eweek. barracudanetworks. com/ sanjose/ stories/ 2009/ 09/ 28/ daily9. (http:/ / www. jhtml?articleID=160902103) [18] ComputerWorld Security Security Log (http:/ / www. linux. com/ archive/ articles/ 155880) [10] http:/ / andrew. com/ blog/ main/ archives/ 2008/ 11/ barracuda_swims.com Barracuda offers a new alternative to Spamhaus (http:/ / www. shtml) [5] Crain's Detroit Business Silicon Valley firm picks Ann Arbor for office (http:/ / www. cfm?item=15073) [23] ISP Planet Barracuda Networks' Link Balancer (http:/ / www. com/ news/ 2006/ 011106-barracuda. com/ c/ a/ Security/ Barracuda-Networks-Breaks-Into-SSL-VPN-Space-for-Small-Business/ ) [32] PC World Backup Merger Unites Barracuda. com/ view/ 7138/ barracuda-moves-into-distributed-firewall-technology/ ) [28] Barracuda Networks Launches CudaTel – New VoIP PBX Based on the Open Source FreeSWITCH Project (http:/ / www. html) [34] Atlanta Business Chronicle Barracuda buys Purewire Inc. html. echannelline. com/ equipment/ 2008/ barracuda+ link+ balancer. bizjournals. pcworld. [3] VentureBeat Barracuda swallows Purewire as it becomes a bigger fish in web-based security services (http:/ / venturebeat. isp-planet. html) [24] Information Week Barracuda Swims Into The Cloud (http:/ / www. ca/ barracuda-problems. com/ 2009/ 10/ 13/ barracuda-swallows-purewire-as-it-becomes-a-bigger-fish-in-web-based-security-services/ ) [4] The Campbell Reporter Barracuda Networks sinks its teeth into site on Winchester Boulevard (http:/ / www. com/ news. html?ana=from_rss) . com/ blog/ main/ archives/ 2008/ 11/ barracuda_swims. html) [9] Linux. spiceworks. networkworld. html?fsrc=rss-virusworms) [7] Ars Technica Barracuda defends open-source antivirus from patent attack (http:/ / arstechnica. com/ ns/ news_and_events/ index. php?nid=368) [29] SCMagazine Barracuda Networks buys NetContinuum (http:/ / www. informationweek. html) [20] ISP Planet Barracuda's Message Archiver (http:/ / www. scmagazineus. com/ usa/ brief. com/ article/ 158462/ backup_merger_unites_barracuda_yosemite. linux. html) [21] Comms Express New SSL VPN Announced (http:/ / www. com/ atlanta/ stories/ 2009/ 10/ 19/ story7. Retrieved 2010-02-10. informationweek. com/ topic/ 32502 [14] San Jose Business Journal Barracuda Networks buys Purewire (http:/ / sanjose. com/ equipment/ 2007/ barracuda_message_archiver. html [11] http:/ / www. com/ news/ networking-equipment/ floor-boxes/ new-ssl-vpn-announced-18881252/ ) [22] eChannelline Barracuda puts bite on SMB Web application controller (http:/ / www.jsessionid=XDFD2WAXZBEB3QE1GHPCKH4ATMY32JVN) [25] PCWorld Backup Merger Unites Barracuda. community-newspapers. bizjournals. echannelline. shtml) [6] NetworkWorld Barracuda attracts $40 million in venture investment (http:/ / www.Barracuda Networks 12 References [1] http:/ / www. triumf. com/ article/ 158462/ backup_merger_unites_barracuda_yosemite. com/ c/ a/ Security/ Barracuda-Acquires-Cloud-Security-Vendor-Purewire-559167/ ) [27] InfoSecurity Barracuda moves into distributed firewall technology (http:/ / www. com/ s/ article/ 86007/ Barracuda_Networks_launches_antispam_appliance_line?taxonomyId=086) [16] eChannelline Barracuda launches Spam Firewall for large enterprises (http:/ / www. it-observer. comms-express. heyvan. com/ [2] Company Product Page.jsessionid=OVGGXQ5J5OOQHQE1GHPCKH4ATMY32JVN) [31] Eweek Barracuda Networks Breaks into SSL VPN Space (http:/ / www. channelinsider. Yosemite (http:/ / www. html) [15] ComputerWorld Barracuda Networks launches antispam appliance line (http:/ / www. community-newspapers. ars/ post/ 20080129-barracuda-defends-open-source-antivirus-from-patent-attack. (http:/ / www. computerworld. Yosemite (http:/ / www. com/ news. informationweek. html) [33] Silicon Valley Business Journal Barracuda Networks takes controlling interest in phion (http:/ / sanjose. infosecurity-magazine. com/ sanjose/ stories/ 2009/ 10/ 12/ daily19. html. pcworld. html) [8] Ars Technica Barracuda bites back at Trend Micro in ClamAV patent lawsuit (http:/ / arstechnica. isp-planet. barracudanetworks. com/ barracuda-networks-launches-barracuda-load-balancer. barracudanetworks. bizjournals.

barracudanetworks.barracudanetworks.com/ns/products/) • CudaTel .com) .Barracuda Networks 13 External links • Barracuda Networks corporate website (http://www.cudatel.com) • Barracuda Networks company Products page (http://www.Barracuda Networks PBX/Phone System (http://www.

Today the company develops. as well as in Canada in the Ottawa. Ontario area. Marius Nacht (currently serving as Vice Chairman) and Shlomo Kramer (who left Check Point in 2003 to set up a new company – Imperva.Check Point 14 Check Point Check Point Software Technologies Ltd. Founder FireWall-1. Sweden (Former Protect Data development centre) and in Belarus. data security and security management. together with two of his friends. Type Public NASDAQ-100 component NASDAQ: CHKP IT security Computer software Computer hardware [1] Traded as Industry Founded 1993 Headquarters Tel Aviv. UTM-1. Best known for its firewall and VPN products. Check Point first pioneered the industry with FireWall-1 and its patented stateful inspection technology. Web Application Security Revenue Net income Employees Subsidiaries Website US$ $1. Chairman & CEO Marius Nacht. The company also has offices in the United States.200 (2010) ZoneAlarm. markets and supports a wide range of software and combined hardware and software products that cover all the aspects of IT security. including network security. by the company’s current Chairman & CEO Gil Shwed. in Redwood City. security. Texas area. Check Point today counts approximately 2. Intrusion prevention systems. California and in the Dallas. (NASDAQ: CHKP [1]) is a global provider of IT security solutions. Israel (before May 2007: Ramat Gan) Key people Gil Shwed.com [3] Products Check Point Software Technologies Ltd.8 million (2010) [2] 2. SofaWare www. endpoint security. The company's development centers are located in Israel. Endpoint. Gil had the initial idea for the company’s core technology known as stateful inspection. California (ZoneAlarm). which became the foundation for the company’s first product (simply called FireWall-1). Founded in 1993 in Ramat-Gan.300 employees worldwide.9 million (2010) US$ $452. Check Point Integrity. Founder. History Check Point was established in 1993. VPN-1. Security appliances. where he serves as President and CEO).097. Israel. at the age of 25. soon afterwards they also developed one of the world’s first .checkpoint.

Media Encryption and Port Control secure data-at-rest on endpoints. California. A separate product called VPN Power-1 VSX can host multiple virtual security gateways on a single machine.[12] 15 Products Check Point offers the following primary solutions and product lines. Intrusion Prevention. UTM-1 Edge. and also contains encrypted storage for confidential data. the company was named worldwide firewall market leader by IDC with a market share of 40 percent.[7] The company’s first commercial breakthrough came in 1994 when Check Point signed an OEM agreement with Sun Microsystems. culminating in the acquisition of Nokia’s network security business unit in 2009. URL filtering.deployed as a single security agent that combines firewall. and device provisioning. [5] [6] Initial funding of $600. and Integrated Appliance Solutions platforms. I/O port protection (e. network access control. Antivirus. IP Appliances.[10] In 1998. or as a VMware network appliance. set policy and apply protections across the entire security infrastructure from a single interface. managed service providers.[4] followed by a distribution agreement with HP in 1995.Check Point VPN products (VPN-1). • Mobile Security . UTM-1. antivirus.The Security Gateway VE product for virtual environments.[11] by 2000 the company became the world’s leading provider of VPN solutions (in terms of market share). just over 10 years after first establishing the partnership with Nokia. correlation. a venture capital fund established by brothers Eli and Nir Barkat (who on November 11.[4] Shwed developed the idea while serving in the Israel Defense Forces. the U. IPsec VPN. with a portfolio of 11 management software blades including event analysis.[4] During the 2000s. Full Disk Encryption. multi-domain security management. • Virtualization Security . or on Check Point’s own line of appliances which includes Safe@Office. Anti-spam. USB).000 was provided by BRM Group. 2008 was elected as mayor of Jerusalem). access controls. . Check Point raised $67 million from its initial public offering on NASDAQ. enterprises. secures virtual machines and applications via either hypervisor integration using the VMSafe API. either from technology partners like Crossbeam and Hewlett-Packard. • Endpoint Security . which runs on VMware ESX and ESXi. • Security Management . Check Point established a successful partnership with Nokia.Check Point's core business has historically focused on network security components including Firewall. These products are deployed as software on x86 based servers or appliances. The security policies for networked endpoints can be centrally managed from a single location via the Endpoint Policy Management Software Blade product.g. which are sold to small and medium businesses (SMBs).Data security solutions focus on securing data throughout the stages of the data lifecycle. removable media encryption. By February 1996. mobile phones. VPNs. which bundled Check Point’s Software with Nokia’s computer Network Security Appliances.S. full disk encryption. anti-spyware. Check Point started acquiring other IT security companies. The Check Point Abra USB device provides a secure virtual desktop for Microsoft Windows machines.Allows administrators to manage events. and a VPN client. and the DLP security gateway product secure data-in-motion and data-in-use. head office was established in Redwood City. Check Point Document Security focuses on protecting data-in-use. allowing remote access of the corporate network via a VPN connection. Solutions are based on the Software Blade architecture. and tablet PCs. where he worked on securing classified networks.[9] In June 1996. • Data Security . Data Loss Prevention and Application Control. and telecommunications carriers: • Network Security . Mobile Access.the Check Point Mobile Access software product provides secure access to corporate resources via a SSL VPN portal for devices such as laptops.[8] The same year. Power-1.

with the purpose of extending Check Point's success in the enterprise market.[26] . Check Point tried to acquire intrusion prevention system developers Sourcefire for $225 million. in 2003. the company started selling the Safe@Office / Safe@Home line of security appliances. the Tel Aviv District Court Judge ruled that Bogner SofaWare could sue Check Point by proxy for $5.[13] His derivative suit was ultimately approved and Check Point was ordered to pay SofaWare NIS 13 million for breach of contract.[19] but later withdrew its offer after it became clear US authorities would try to block the acquisition. Adi Ruppin and Etay Bogner. claiming Check Point was not transferring funds to SofaWare as required for its use of SofaWare's products and technology. One of the key aspects of this effort has been the creation of a management system designed to enable service providers or value added resellers to lift the burden of security management from the end users while at the same time delivering additional services such as automatic security and software updates. an intrusion prevention system developer.[13] In 2004.[15] Prior to their acquisition by Check Point. in January 2002 (partial acquisition). a data security startup company based in Boston.[23] Relations between Check Point and the SofaWare founders went sour after the company acquisition in 2002. following its failed plan to acquire the larger IPS vendor Sourcefire. makers of the ZoneAlarm personal firewall software. anti-virus and more. which owns 60% of Sofaware. Bogner sought court approval to file a shareholder derivative suit.[22] In 2002. which includes Bogner.[24] Bogner claimed that Check Point. sales of SofaWare's Safe@Office firewall/VPN appliances skyrocketed. for $20 million in late 2006.Check Point 16 Acquisitions • SofaWare Technologies.[13] In 2011. and began a process of acquiring the remaining shares. has behaved belligerently. was acquired in April 2009. has veto power to prevent SofaWare from taking any decision of which he disapproves.[16] • NFR security. consumer and branch office market. but only as a group and by majority rule.[17] • Nokia Security Appliances division. and SofaWare held the #1 revenue position in the worldwide firewall/VPN sub-$490 appliance market.[21] By the fourth quarter of 2002. the holding company for PointSec Mobile Technologies.[13] The court ruled that the three founders could not individually exercise their veto power.[25] In 2009. SofaWare began selling firewall appliances under the SofaWare S-Box brand. According to SofaWare's co-founder Adi Ruppin. Etay Bogner. in a cash deal valued at $586m in late 2006.[13] In 2006.1 million in alleged damage to SofaWare. for $205 million in cash and shares.[12] • Privately held Liquid Machines. content filtering. but later lost the appeal. As part of the settlement it acquired the SofaWare shares held by Bogner and Ruppin. Check Point settled all litigation relating to SofaWare. with a 38% revenue market share.[13] • Zone Labs. co-founder of SofaWare scored a legal victory over Check Point. to the small business.[18] In 2005. as a cooperation between Check Point and SofaWare's founders.[20] SofaWare Legal Battle SofaWare Technologies was founded in 1999.[14] • Protect Data. "[21] In 2001. under the Check Point brand. the Israeli Supreme Court ruled that a group of founders of SofaWare. "The Company's vision is to take this enterprise-strength technology and make it as simple to use and as affordable as possible without detracting from its quality. was acquired in June 2010. resulting in SofaWare becoming a wholly owned subsidiary. and withheld monies due for use of SofaWare technology and products[24] Check Point appealed the ruling. Protect Data acquired Reflex Software.

. businessweek. sciencedirect. Oct 1. Research Policy 36 (9): Research Policy. Nov. html). [6] Gil Shwed. . com/ print-edition/ business/ etay-bogner-bests-check-point-in-court-once-again-1. David. com/ doc/ 1G1-17461605. 2009-04-13. 1999. Retrieved 2008-10-12. [10] Breznitz.October 19. google. Founder and Managing Director of SofaWare. marketwire.Check Point Certified Security Administrator CCSE .and Ready for Prime Time" (http:/ / www. [15] "Check Point Announces a Cash Tender Offer to Acquire Protect Data" (http:/ / www. [16] "Protect Data acquires Reflex Software Limited to extend product portfolio" (http:/ / www. htm) [19] "Check Point and Sourcefire to Explore Alternative Business Relationship" (http:/ / www. CRN. [13] Roth. "CIO 20/20 Honorees--Innovator's Profile: Gil Schwed of Check Point Software Technologies Ltd" (http:/ / www. checkpoint. 2006-11-02. "MOVERS & SHAKERS: Eli Barkat: Making Push More Polite -. [20] "Check Point calls off Sourcefire buy" (http:/ / www. . encyclopedia. "Etay Bogner bests Check Point in court once again" (http:/ / www. 2006-03-24. com/ article/ 31405/ CIO_20_20_Honorees_Innovator_s_Profile_Gil_Schwed_of_Check_Point_Software_Technologies_Ltd. . com/ press/ 2006/ nfrsecurity121906. php?id=361) [22] Check Point bolsters new firewall appliance. com/ press/ 2009/ check-point-completes-nokia-acquisition-041309. 2001. . com/ press/ 2006/ sourcefire032306. 1996. CIO Magazine October 1. Marcia. com/ [4] Mayor. 2002. 18 . Worldwide Market Share of 40 Percent Represents Significant Lead in Providing Enterprise Network Security Solutions. Expands Intrusion Prevention Capabilities to Fortify Enterprise Networks" (http:/ / www.Check Point Certified Master Architect References [1] http:/ / quotes. Retrieved 2009-04-13. Retrieved 2008-10-12. [21] Interview with Adi Ruppin. Retrieved 2008-10-12. 3385). nasdaq. htm). Check Point Software Tech (http:/ / www. 2006-03-23. "CheckPoint Software Named Firewall Market Share Leader by IDC. CIO (http:/ / books. html). encyclopedia. securityfocus. by Berislav Kucan . com/ news/ 11382). com/ books?id=MA0AAAAAMBAJ& lpg=PA76& dq=Gil Shwed& pg=PA76#v=onepage& q=Gil Shwed& f=false). 1999. com/ science?_ob=ArticleURL& _udi=B6V77-4PTN8PN-1& _user=10& _rdoc=1& _fmt=& _orig=search& _sort=d& _docanchor=& view=c& _searchStrId=1085105296& _rerunOrigin=google& _acct=C000050221& _version=1& _urlVersion=0& _userid=10& md5=3cf69059540492454dd362317b553b2f). asp?symbol=CHKP& selected=CHKP [2] "Check Point Software Facts @ A Glance" (http:/ / www. Business Wire . haaretz. 2001. 2006-11-20. Retrieved 2008-10-12. 21 January 2003. 2003-12-15. com/ doc/ 1G1-17461605. Gil Shwed. html). com/ asp/ SummaryQuote. html). com/ science?_ob=ArticleURL& _udi=B6V77-4PTN8PN-1& _user=10& _rdoc=1& _fmt=& _orig=search& _sort=d& _docanchor=& view=c& _searchStrId=1085105296& _rerunOrigin=google& _acct=C000050221& _version=1& _urlVersion=0& _userid=10& md5=3cf69059540492454dd362317b553b2f)." (http:/ / www.Check Point 17 Certification Check Point has a long-running history of training and certification on their products. htm). [9] Press Release.Check Point Certified Security Expert CCSE+ . 2002 [7] Wallace. Retrieved 2008-10-13. 07.December 1. checkpoint. [12] "Check Point Completes Acquisition of Nokia Security Appliance Business" (http:/ / www. retrieved 2009-11-09 [8] Company Press Release. html). com/ corporate/ facts.February 5. [17] "Check Point to Acquire NFR Security. cio. Business Week . [11] Press Release . 15. "Check Point Software & Nokia Expand Partnership" (http:/ / www. . crn. com/ press/ 2003/ zonelabs121503. checkpoint." (http:/ / www. [5] Savage.September 25. checkpoint. 1995. net-security. com/ press/ pointsec/ 2006/ 11-02. html). . Retrieved 2008-10-12. checkpoint. "Industrial R&D as a national policy: Horizontal technology policies and industry-state co-evolution in the growth of the Israeli software industry" (http:/ / www. org/ article. Haaretz. Nurit (26-11-09).Check Point Certified Security Expert Plus CCMSE . including the following: • • • • • • CPCS .. com/ press/ 2006/ pointsec112006. Business Wire . Business Wire . market-leading FireWall-1 solution now available through HP and its reseller channel. [3] http:/ / www. html). sciencedirect.Tuesday.Check Point Certified Managed Security Expert CCMA .com. "CheckPoint Software and HP sign distribution agreement. checkpoint. Network World Dec 17. Chairman & CEO. (http:/ / www. [18] Check Point Acquires Data Security Startup Liquid Machines (http:/ / www. ). checkpoint. com/ ebiz/ 9912/ em1201.Check Point Certified Specialist CCSA . . checkpoint. Dan. p. com/ press-release/ Check-Point-Acquires-Data-Security-Startup-Liquid-Machines-NASDAQ-CHKP-1273411. Retrieved 2009-07-01. 2006-12-19. html). html). com/ news/ channel-programs/ 18836954/ gil-shwed-chairman-ceo-check-point-software-tech. [14] "Check Point Software Technologies to Acquire Zone Labs" (http:/ / www. . Tracy.

ח' מלצר. themarker. 2006).1 million" (http:/ / english. . "Sofaware founder cleared to sue Check Point for $5. html) [24] Arbel. Retrieved 14 June 2010.Check Point [23] Check Point Software Stakes Claim in Small Business Internet Security Space Company Duplicates Market-leading Enterprise Success in Sub-$490 Appliance Segment (http:/ / www.checkpoint. Ha'aretz. 2850/08 ‫ עא‬CHECK POINT SOFTWARE TECHNOLOGIES LTD ‫'נ' איתי בוגנר )עליון. א' רובינשטיין. 2011 18 External links • Corporate website (http://www. [25] Israeli Supreme Court. checkpoint. 186085). com/ economy-finance/ sofaware-founder-cleared-to-sue-check-point-for-5-1-million-1. נ‬ ‫)הנדל‬ [26] Check Point 20-F SEC filing. com/ press/ 2003/ infonetics031203. Oded (April 25.com/) .

and communications technology and .49 billion (2011) [4] US$ 87.cisco. VOIP. that designs and sells consumer electronics. California (1984) Len Bosack Sandy Lerner Richard Troiano [2] [3] San Jose.21 billion (2011) [4] US$ 7. United States Worldwide John T.Cisco Systems 19 Cisco Systems Cisco Systems.25 billion (2011) [5] 70. (NASDAQ: CSCO [1]. voice. Chambers (Chairman & CEO) Networking Device Network Management Cisco IOS and NX-OS Software Interface and Module Optical networking Storage area networks Wireless. Inc. Security Datacenter List of Cisco Products Revenue Operating income Net income Total assets Total equity Employees Subsidiaries Website [4] US$ 43. California.09 billion (2011) [4] US$ 47.67 billion (2011) [4] US$ 6. Telepresence.cisco.700 (2011) List of acquisitions [www.com www. Inc. SEHK: 4333 [6]) is a multinational corporation headquartered in San Jose. Type Traded as Public NASDAQ: CSCO [1] Dow Jones Industrial Average Component S&P 500 Component Industry Founded Founder(s) Computer networking San Francisco.com] Headquarters Area served Key people Products Cisco Systems. California. networking.

The stock was added to the Dow Jones Industrial Average on June 8. her husband Bosack resigned in protest.[7] 20 Corporate history Len Bosack and Sandy Lerner.[8] In 1988.[14] it is still one of the most valuable companies. Lerner moved on to direct computer services at Schlumberger.Cisco Systems services. who held the position from 1987 to 1988. a married couple who worked as computer operations staff members at Stanford University. 1990.000 jobs that would be eliminated by the end of August 2011.[10] As the Internet Protocol (IP) became widely adopted.[18] [19] Media and Awards Cisco products.[11] In late March 2000. 1990. Cisco was a 2002-03 recipient of the Ron Brown Award. 70% of which was committed to their own charity. One of the many buildings on the Cisco Systems campus in San Jose While Cisco was not the first company to develop and sell a router.[12] [13] In July 2009. the Russell 1000 Index. presidential honor to recognize companies "for the exemplary quality of their relationships with employees and communities". Cisco introduced a new logo that was created in collaboration with Joe “Phenom” Finocchiaro and Jerry “The King” Kuyper.000 employees and annual revenue of US$ 40.[21] [22] a U. founded Cisco Systems in 1984. due to lower than expected profit.0 billion as of 2010.000 jobs means around 14 percent of the 73. 2009. Cisco System Inc. Cisco's largest routers are primarily used to deliver IP packets. Today. Lerner was fired. The company's first CEO was Bill Graves.000 employees with an early-retirement program who accepted buyout and 7. the importance of multi-protocol routing declined. cut annual expenses by $1 billion in July 2011.S. later joined by Richard Troiano. the company went public (with a market capitalization of $224 million) and was listed on the Nasdaq stock exchange. and succeeded in 1995 by John Chambers. with a market cap of about US$108. 2006. NASDAQ 100 Index and the Russell 1000 Growth Stock Index. Bosack adapted multiple-protocol router software originally written some years before by William Yeager. San Francisco. it has built its Globalization Centre East in Bangalore for $1 billion and 20% of Cisco's leaders will be based there.[9] it was one of the first to sell commercially successful routers supporting multiple network protocols. with a market capitalization of more than US$500 billion. John Morgridge was appointed CEO. On August 28. Cisco was the most valuable company in the world. Cisco commonly stays on top of Fortune "100 Best Companies to work for".400 total employees before curtailment. most notably IP phones and Telepresence are frequently sighted in movies and TV series [20] The company itself and its history was featured in the documentary film Something Ventured which premiered in 2011. On February 16. The couple walked away from Cisco with $170 million. with position #20 in 2011 [23] . upon hearing the news. another Stanford employee who later joined Sun Microsystems.[16] As part of the company's overseas strategy.03 billion. and is also included in the S&P 500 Index. For Cisco's first product.[15] On September 7. The name "Cisco" was derived from the city name. which is why the company's engineers insisted on using the lower case "cisco" in the early days. at the height of the dot-com boom.[17] However. Cutting as many as 10. Cisco has more than 70. moving full time to Cisco in 1987. The company cut around 3.

a start-up company located in Petaluma. data and network security solutions etc. WebEx. Cisco acquired Linksys in 2003. wireless systems. Cisco completed the acquisition of privately held network configuration and change management solutions company Pari Networks. In 1995-1996 the company completed 11 acquisitions. WAN acceleration. a product design consulting firm that helped develop Cisco's Flip video camera. energy and building management systems and media aware networks. for about US$7 billion. Cisco Group.[34] [35] . switches. which form the basis for how Cisco approaches each market.[30] • Small businesses[31] • • • • • Routers and switches Security and surveillance: IP cameras.Cisco Systems 21 Acquisitions Cisco acquired a variety of companies to bring in products and talent into the company. HealthPresence. were the biggest deals in the industry when they occurred. broadcast video contribution/distribution. During the Internet boom in 1999. In the recent merger deals.[27] • Collaboration: IP video and phones. and only the acquisition of Scientific Atlanta has been larger. and home networking. Enterprise social networks and Mobile applications[28] • Datacenter and Virtualization: Unified Computing.[24] Several acquisitions. the company acquired Cerent Corporation. Enterprise Voice over Internet Protocol (VOIP). Several acquired companies have grown into $1Bn+ business units for Cisco. Call Center systems. California. The solutions for each market are segmented into Architectures. entitlement and content delivery systems.[26] Products and services Cisco's current portfolio of products and services is focused upon three market segments – Enterprise and Service Provider. including LAN switching. Storage Networking and Cloud services. • Corporate market: Enterprise networking and Service Providers • Borderless networks: for their range of routers. security systems.[32] Voice and conferencing solutions: VOIP phones and gateway-systems. It will no longer carry the making of Flip cameras. Small Business and the Home. Cisco bought Starent Networks (a mobile technology company) and Moto Development [25] Also in 2010. Cisco announced they were discontinuing all Flip camera production. 2011. • Broadband: cable modems • Cisco ūmi . video conferencing Wireless: WiFi Access points Network storage systems • Home user[33] • Linksys product line of access points. TelePresence. became a key stakeholder in e-Skills Week. switches etc.video conferencing Cisco also attempted to enter consumer market with a line of video recording devices dubbed "Flip". This move did not go well and on April 12. It was the most expensive acquisition made by Cisco to date. Unified Communications. such as Stratacom. In March 2011.[29] • IP NGN (Next Generation Networks): High-end routing and switching for fixed and mobile service provider networks. Unified Fabric. Data Centre Switching.

including: 837. Hardware • Datacenter products: Nexus Switches (1000v.Cable/IP . MDS. the world leader in Telepresence systems[39] • VOIP: Wireless IP Phone 7920 • CLEO: Low Earth Orbit router • Cisco Wireless LAN • Cisco Cius: a new Android-based collaboration tablet • Cisco Wide Area Application Services (WAAS) • Set Top Boxes (High Definition PVRs). 6900 series) • Cisco Application Control Engine (ACE): Application Delivery Controller • Routers. 12000. • Unified Computing: Cisco Unified Computing System (UCS) virtual server platform: with VMWare [38] virtualization system run servers on Cisco hardware • Catalyst switches: Cisco Catalyst 2900 Series. 5000. 7942. as opposed to focussing on discussions around products. Cisco intends to gradually knit together its various products. Unified Computing System (UCS) • Flip pocket camera (Discontinued in April 2011[37] ) • Cisco SPA500 Series IP Phones • Linksys SPA900 Series IP Phones • Cisco Unified IP Phones (7945. Cisco acquired Tandberg. 2000. Cisco Catalyst 3000 Series. 3600 Series. 1000 Series. and introduce new products and features in order to provide a complete set of capabilities in each area. 7000). Cisco announced a new focus around six ‘Architectures’ in 2009.[36] These are: • • • • • • Borderless Networks Collaboration Data Center and Virtualization IP NGN (Next Generation Networks) Small Business Consumer Under these architectures. 8900 series. Cisco Catalyst 6500 Series • Collaboration systems such as Cisco TelePresence. 7965. Catalyst 4500. 7600. 9900 series.Cisco Systems 22 Architectures In an effort to allow their sales team to have more business-focused conversations with customers. Cisco Manufacturing Mobile Video Collaboration with Librestream. 2500 Series. PIX 500 series A Cisco ASM/2-32EM router deployed at CERN in 1987. 4000. ASR Series and CRS-1 and CRS-3 • Cisco Security Manager • Security appliances: ASA 5500.

Cisco Unified Contact Center. Linksys has partnered with companies such as Skype and Yahoo to integrate consumer VoIP services with wireless and cordless phones.Cisco Systems 23 Software • • • • • • • • • • • • • • • • • • Internetwork Operating System NX-OS Cisco Active Network Abstraction Cisco Fabric Manager Cisco AnyConnect Secure Mobility Client Cisco Systems VPN Client CiscoView Data Center Management and Automation . running for 72 hours continuously. and Cisco Webex Meeting Center.8-meter satellite antenna. Cisco Unity Connection (unified messaging). voice over IP. North Carolina for strategic deployment in North America and are capable of being [42] [43] The NERV has been fully operational within 15 minutes of arrival. network based video surveillance and secured high definition video conferencing for leaders and first responders in crisis areas with up to 5 Mbps of bandwidth via a 1. Cisco Unified Mobility. and others. NERVs are normally stored at Cisco facilities in San Jose. A part of the Cisco Unified Services Delivery Solution. didactic network simulator Cisco Network Magic Pro Cisco Unified Communications Manager Cisco IP Communicator Cisco Quad Cisco Security Manager WebEx Collaboration Tools VoIP services Cisco became a major provider of Voice over IP to enterprises. the 2010 San Bruno gas pipeline explosion. Cisco NAC Appliance Cisco Eos Packet Tracer. The vehicles are self contained and provide wired and wireless services including voice and radio interoperability. and is now moving into the home user market through its acquisitions of Scientific Atlanta and Linksys. Silicon Valley Chapter for it's development and use of these vehicles in disasters. hurricanes Gustav. Cisco received the Innovation Preparedness award from the American Red Cross. Hosted Collaboration Solution Cisco partners can now offer cloud-based services based on Cisco's virtualized Unified Computing System (UCS). Rogers Communications. [44] In 2011. UPC. it will include hosted versions of Cisco Unified Communications Manager (UCM). Scientific Atlanta provides VoIP equipment to cable service providers such as Time Warner. and tornado outbreaks in North Carolina and Alabama in 2011.[45] . deployed to incidents such as the October 2007 California wildfires. Ike.[41] Network Emergency Response The company maintains several Network Emergency Response Vehicles (NERV)s which are staffed by Cisco employees during natural disasters and other public crises. Cisco Unified Presence. Cablevision. California and Research Triangle Park. and Katrina.Cisco Intelligent Automation [40] CiscoWorks Network Management software Clean Access Agent.

Censorship in China Cisco has been criticized for its involvement in censorship in the People's Republic of China. Canadian Judge Ronald McKinnon. the Brazilian Federal Police and Brazilian Receita Federal (equivalent to the American IRS) under the "Persona Operation" uncovered an alleged tax fraud scheme employed by Cisco Systems since 2002 that exempted the company from paying over R$1. Storage Networking.[46] While Cisco denied all allegations in the suit. 2001 accused Cisco of making misleading statements that "were relied on by purchasers of Cisco stock" and of insider trading. Service Provider.[51] Wired News had uncovered a leaked. 2009. and Wireless. 2008. Multiven filed an antitrust lawsuit[55] [56] [57] [58] [59] [60] against Cisco Systems. journalist Sarah Stirland accuses Cisco of marketing its technology "specifically as a tool of repression. Inc.[50] According to author Ethan Gutmann. Multiven's complaint alleges that Cisco harmed Multiven and consumers by bundling and tying bug fixes/patches and updates for its operating system software to its maintenance services (SMARTnet) and through a series of other illegal exclusionary and anticompetitive acts designed to maintain Cisco's alleged monopoly in the network maintenance services market for Cisco networking equipment. Network Security." He also condemned the US . Design." Tax fraud investigation On October 16. Routing & Switching. 2008.5 billion (US$824 million) in taxes. Criticisms and controversy Shareholder Relations A class action lawsuit filed on April 20. Associate. Cisco's liability insurers. the Free Software Foundation filed suit against Cisco regarding Cisco's failure to comply with the GPL and LGPL license models and make the applicable source code publicly available. British born Peter Alfred-Adekeye. Cisco says that it does not customize or develop specialized or unique filtering capabilities to enable governments to block access to information and that it sells the same equipment in China as it sells worldwide. 2006. Cisco responded by accusing the person who filed the anti-trust suit. Cisco and other telecommunications equipment providers supplied the Chinese government with surveillance and Internet infrastructure equipment that is used to block Internet websites and track Chinese on-line activities.75 million to settle the suit. in an effort to open up the network maintenance services marketplace for Cisco equipment. with hacking and pressured the US government to extradite him from Canada where he was giving evidence against Cisco in an anti-trust hearing. Cisco settled this lawsuit by complying with FSF licensing terms and making a monetary contribution to the [49] FSF. and officers paid the plaintiffs US$91.[47] Intellectual property disputes On December 11. 2007. Voice. on August 18. Professional. confidential Cisco powerpoint presentation that details the commercial opportunities of the Golden Shield Project of Internet control. promote competition and ensure consumer choice and value. and recently Architect. There are five levels of certification: Entry. the newly introduced Service Provider Operations.[53] [54] Antitrust lawsuit On December 1.[48] On May 20. who oversaw the extradition hearing.Cisco Systems 24 Cisco Career Certifications Cisco Systems also sponsors a line of IT Professional certifications for Cisco products. its directors. as well as eight different paths. stated the real reason for the extradition proceedings was because Alfred-Adekeye "dared to take on a multinational giant. Expert.[52] In her article.

Reuters.S. html?hpg1=bn). . htm).Bloomberg (http:/ / www. [16] "Cisco Logo: Design and History" (http:/ / www. icmrindia. "The History of Cisco" (http:/ / www. com/ dlls/ corpinfo/ corporate_overview. html). [5] "News@Cisco -> Corporate Overview" (http:/ / newsroom. visited 27 Feb 2011 . June 14. . com/ cgi-bin/ article. wsj. networkworld. 2011. sfgate. 2011. San Francisco Chronicle. . DTL). com/ article/ SB124386244318072033. 2000-03-25. [8] "Cisco's Acquisition Strategy" (http:/ / www. highbeam. com/ ie/ daily/ 20000326/ ibu26043. Retrieved 2007-01-25. com/ asp/ SummaryQuote. org/ casestudies/ catalogue/ Business Strategy2/ BSTR083. html). Forbes. com/ news/ 2011-07-11/ cisco-may-cut-about-5-000-jobs-in-august-gleacher-analyst-says. org/ cringely/ nerdtv/ transcripts/ 013. com/ press-release-content?type=webcontent& articleId=456320). Retrieved 2011-08-10. Dan (2006-05-05). The Economist. cisco. yahoo. Retrieved 2007-01-25. TechCrunch. Retrieved 2010-10-15. [12] "Cisco pushes past Microsoft in market value" (http:/ / www. E. " Cisco Buys Moto – no. asp?WidCoID=4333& WidCoAbbName=& Month=& langcode=e [7] Browning. com/ 2011/ 03/ 02/ cisco-completes-acquisition-of-pari-networks-started-by-former-cisco-execs/ ).000 Jobs to Buoy Profit . com/ dlls/ corp_093003. Cisco Replace Citi. yahoo. Transcript | PBS" (http:/ / www. Inc). January 2004. com/ dlls/ 2004/ hd_061404. 1997-08-25. half-truths and falsehoods" adding "This speaks volumes for Cisco's duplicity" and accused them of "unmitigated gall" in using such a heavy-handed move as an unsupportable arrest and jailing to pressure Alfred-Adekeye to drop or settle his civil antitrust complaint. [18] Cisco to cut costs and jobs as profit stalls (http:/ / news. Judge McKinnon described the information provided by Cisco and the US prosecutor as "full of innuendo. cisco. [6] http:/ / www. . com/ opinion/ displaystory. March 1. [14] Cisco Systems Summary (http:/ / finance. 2004. com/ s/ ap/ 20110511/ ap_on_hi_te/ us_earns_cisco) [19] Cisco Said to Plan Cutting Up to 10. com/ node/ 17414206). com/ news/ 2010/ 051810-cisco-acquires-moto. FamousLogos. techcrunchit. "Chron 200 Market capitalization" (http:/ / www. html). .us. The Economist. hk/ eng/ invest/ company/ quote_page_e. marketwatch. . com/ q?s=csco& d=t) [15] Fost. for stating that Alfred-Adekeye had left the USA in a time period when he had not and a formal request for extradition was not filed against Alfred-Adekeye when he was taken into custody. [25] By Jim Duffy. html). cisco. cnn. [9] "I. Retrieved 2011-08-19.org. com/ forbes/ 1997/ 0825/ 6004058a_2. 2010-04-15. 2010. Interview. . not that Moto (http:/ / www. . The Evolution of Access Routing (http:/ / newsroom. [4] "Cisco Reports 2011 Earnings" (http:/ / newsroom. expressindia. cgi?f=/ c/ a/ 2006/ 05/ 05/ BUC200MARKETCAP. html). The Indian Express. (2009-06-01). Retrieved 21 December 2009. Retrieved 2011-09-03. George (Jan 9. 2011-08-10. cfm?story_id=15879369). economist. Cringely. asp?symbol=CSCO& selected=CSCO [2] "Cisco Reports Fourth Quarter and Fiscal Year 2011 Earnings" (http:/ / newsroom. . cisco. Pbs. Retrieved 2009-06-02.[62] [63] Notes [1] http:/ / quotes. cisco. CBS Marketwatch. Retrieved 2010-08-14. 2011. [3] "A special report on innovation in emerging markets: The world turned upside down" (http:/ / www. visited 10 Apr 2011 [23] http:/ / money. brighthub. visited 10 Apr 2011 [22] Cisco News website Cisco Systems Receives Presidential Award for Corporate Leadership (http:/ / newsroom. cisco. com. bloomberg. aspx?guid={FA6BADEF-05F2-4169-ADDA-12E9D17C4433}). [17] "The other elephant" (http:/ / www. . Wall Street Journal (Dow Jones & Company. [27] Cisco website Borderless network products (http:/ / www. html). . NetworkWorld. . forbes.Cisco Systems prosecutor for hiding the fact that Alfred-Adekeye was in legal proceedings against Cisco Systems. [10] Cisco claim of first multi-protocol router. html#~24 [21] Highbeam Research website Presidential Award For Corporate Leadership Presented to Cisco Systems (http:/ / www. [11] "Does Pink Make You Puke?" (http:/ / www. . pbs. aspx). 2011-08-10. Cisco Systems. 2011). [13] "Cisco replaces Microsoft as world's most valuable company" (http:/ / www. . Retrieved Jan 28. com/ doc/ 1G1-108316480. 2010-11-04. 2000-03-25. html). hkex. us/ cisco-logo). com/ cisco/ web/ UK/ about/ tvmovies. [26] "Cisco Completes Acquisition Of Pari Networks (Started By Former Cisco Execs)" (http:/ / www. GM in Dow" (http:/ / online. famouslogos. cisco. Retrieved on 2009-01-04. html) [20] http:/ / www.[61] 25 Intimidation Cisco has been reported as using intimidation tactics in several news reports." May 18. com/ magazines/ fortune/ bestcompanies/ 2011/ snapshots/ 20. "Travelers. com/ en/ US/ netsol/ ns1015/ products. . Retrieved 2007-01-25. html). BSTR083. Case Studies In Business Strategy (ICMR) IV: 2. economist. html). com/ news/ story/ cisco-pushes-past-microsoft-market/ story. nasdaq. com/ press-release-content?type=webcontent& articleId=456320). NerdTV. html [24] Garza. Retrieved June 28. Retrieved 2008-11-13. Cisco Systems. com/ computing/ enterprise-security/ articles/ 65663.

youtube. visited 26 Feb 2011 [30] Cisco website on IP Next-Generation Networks (http:/ / www. 2008-12-01. Press release. . youtube. techtarget. com/ watch?v=V1L7pgotdEo) [46] Cisco Systems. lightreading. Cisco. SearchITChannel. "Multiven Files Antitrust Lawsuit Against Cisco Systems. Pbs. Cisco Can Deliver Its Own 911" (http:/ / www. Sarah (2008-05-20). ChannelWeb. com/ news-analysis/ cisco-launches-hosted-collaboration-solution. (2008-12-01). [35] ""World According to Jon" video about discontinuation" (http:/ / www. com/ en/ US/ products/ ps6505/ Products_Sub_Category_Home. html?page=1). CatholicOnline. Cisco Systems is now ready to help communities in need of disaster assistance with emergency communications capability. Press release. aspx). Retrieved 2008-12-01. [49] Free Software Foundation (May 20. 2010-07-02. . Archived from the original (http:/ / blogs.. com/ watch?v=SVhxp4F_qD8). cnet. iht. com/ cisco/ web/ solutions/ small_business/ products/ security/ index. cisco. com/ networking/ 212201523). [42] "In a Disaster. com/ news?article_id=12). cisco. 2011. 2008-12-04. networkworld.00. visited 6 April 2011 [37] "Cisco gives Flip video biz the boot" (http:/ / news. cisco. Retrieved 2009-06-27. php?id=41037). March 12. [38] Cisco website Products and Services on Unified Computing (http:/ / www. html). com/ en/ US/ netsol/ ns1007/ products. com/ en/ US/ netsol/ ns1007/ products. Jon Paula. April 12. org/ technology/ story. 2008). [58] Multiven. Retrieved 2007-01-25. html). "Like a good neighbor. com/ gov/ 2006/ 02/ cisco_testimony_before_house_i. Retrieved 2011-08-21. . CNET. Silicon Valley/San Jose Business Journal. John (2006-02-15). Tandberg. html). org/ news/ 2008-12-cisco-suit). . visited 25 Feb 2011 [32] SME Products and services (http:/ / www. Retrieved 2008-12-02. cisco. [40] http:/ / www. html). [56] "Net maintenance provider sues Cisco over allegedly monopolistic SMARTnet" (http:/ / www.Cisco Systems [28] Cisco website Collaboration products and services (http:/ / www. 2011. . visited 27 Feb 2011 [33] Cisco Home products (http:/ / home. executives arrested in Brazil: reports" (http:/ / www. Inc. WRAL. com/ sanjose/ stories/ 2006/ 08/ 14/ daily75. 2009). visited 27 Feb 2011 [39] "Tandberg product inquiry page". wral. . com/ en/ US/ partner/ netsol/ ns537/ networking_solutions_solution_category. . [44] Cisco NERV: The ultimate first responder vehicle | TechRepublic (http:/ / www. com/ networkhub/ cisco-internal-memo-changes-to-sales-strategy-and-channel-org/ ). Retrieved 2007-01-25. visited 27 Feb 2011 [29] Cisco website on Datacenter products (http:/ / www. networkworld. cisco. html). Retrieved 2008-12-02. html). Press release. . visited 06 Apr 2011 [31] Products for small businesses (http:/ / www. .sid96_gci1341067. [55] "Multiven Sues Cisco" (http:/ / www. [57] "Cisco Accused Of Monopoly In Antitrust Lawsuit" (http:/ / www. com/ en-us/ home) on company website. org/ news/ 2009-05-cisco-settlement. html) on 2006-12-06. 2007-10-17.visited 27 Feb 2011 [34] "Catholic Online Statement about Flip Camera" (http:/ / www.. Retrieved 2009-01-04. Retrieved 2008-12-04. com/ document. . crn. Rio de Janeiro" (http:/ / www. 2011. html [41] "Cisco Launches Hosted Collaboration Solution" (http:/ / www. [36] Post on IT Knowledge Exchange Cisco internal memo: changes to sales strategy and channel org (http:/ / itknowledgeexchange. techtarget. com/ threatlevel/ 2008/ 05/ leaked-cisco-do/ ). 2006-08-18. cisco. catholic. html). html) on company website. Inc. bizjournals. html?track=sy540). com/ business/ legacy_local_tech_wire/ news/ video/ 2285408/ #/ vid2285408). pbs. Cisco Systems. [51] Earnhardt. 2008-12-01.‏‬YouTube (http:/ / www. html). [48] Free Software Foundation (December 11. com/ news/ article/ 0. . ucstrategies. php). com/ news/ 2007/ 101607-cisco-brazil-arrests. html). org/ web/ 20061206095153/ http:/ / blogs. Retrieved 2007-01-25. org/ wgbh/ pages/ frontline/ tankman/ internet/ ).com." (http:/ / multiven. [53] "Cisco offices raided. lightreading. com/ dlls/ 2006/ corp_081806. cisco.289142. Inc. Press release. cisco. . NetworkWorld. fsf. close Cisco System's offices in São Paulo. [47] "Cisco resolves class action lawsuit" (http:/ / sanjose. "Cisco Testimony Before House International Relations Subcommittee" (http:/ / web. Retrieved 2008-11-13. . NetworkWorld. cisco. fsf. Press release.Cisco Tactical Operations‬‫ . (2006-08-18). com/ articles/ ap/ 2007/ 10/ 17/ business/ LA-FIN-Brazil-Cisco. Inc. html). "Cisco Shareholder Class Action Lawsuit Resolved" (http:/ / newsroom. UCStrategies. "Cisco Leak: ‘Great Firewall’ of China Was a Chance to Sell More Routers" (http:/ / www. . 26 . [50] "FRONTLINE: the tank man: the struggle to control information | PBS" (http:/ / www. asp?doc_id=168775). . com/ 8301-30686_3-20053075-266. . com/ en/ US/ products/ ps10265/ index. [59] "Cisco Systems hit with antitrust lawsuit" (http:/ / searchitchannel. Retrieved 2009-05-20." [43] [providing phone and video communications according to the National Incident Management System "Cisco Network Emergency Response Vehicle at a glance"]. archive. . [52] Stirland. com/ blog/ networking/ cisco-nerv-the-ultimate-first-responder-vehicle/ 581) [45] ‪2011 Innovative Preparedness . "Free Software Foundation Files Suit Against Cisco For GPL Violations" (http:/ / www. March 13. cisco. . 2007-10-16. techrepublic. [54] "Brazilian tax authorities raid. providing phone and video communications according to the National Incident Management System. cisco. com/ cisco/ web/ solutions/ small_business/ products/ index. wired.com. com/ gov/ 2006/ 02/ cisco_testimony_before_house_i. com/ community/ node/ 35852). Retrieved 2007-10-17. Retrieved 2008-12-02. 2008-12-02. . Retrieved 2007-10-16. "FSF Settles Suit Against Cisco" (http:/ / www.org.

External links • Official website (http://www. Retrieved 5 June 2011. ISBN 0-7615-2775-3.xhtml) at Hoover's Cisco Systems (http://www. K. Die Cisco Story (in German). uk/ 2011/ 06/ 03/ cisco_charged_with_duplicity/ ). (2003). (2000). html). (2001). Wiley. & Brate. J.blogspot. 2008-12-03. fiercetelecom.edgar-online.com//--ID__13494--/free-co-factsheet. ISBN 0-471-35711-1.com/ 2007/12/john-morgridge. D. Less ‘Intimidation’" (http:/ / seattletimes.cisco. .Armenia (http://netacad. ISBN 3-478-35995-3. • Stauffer.com) • VoIP for business Cisco (http://www. Wiley. . (2001). Wiley. . "Cisco resorting to intimidation tactics" (http:/ / www.com/?sym=CSCO) SEC filings at EDGAR Online Cisco Systems (http://www. HarperCollins.allvoipnews. Retrieved 5 June 2011.com/money/compnies/ 2007-03-18-cisco-advice-usat_N.htm) -Broken • Interview with former CEO. Nothing but Net Business the Cisco Way. Prima Lifestyles. Moderne Industrie.am/) • USA Today Q&A with CEO John Chambers (http://www. (2001). • Paulson.com/videos/cisco-systems/) (Videos) Business data • • • • • • Cisco Systems (http://finance.reuters. ISBN 1-84112-087-1. the contest which was the main reason to build the AKS-team and start generating ideas (http://power-idea. Cisco Unauthorized: Inside the High-Stakes Race to Own the Future. Bloomberg. Network World. D. by Stanford students of iinnovate (http://iinnovate. • Bunnell. Further reading • Bunnell. Jim (2 June 2011). Wiley. 27 [63] "Cisco Rivals Woo Users With Price Cuts. The Eye of the Storm: How John Chambers Steered Cisco Through the Technology Collapse. [62] Duffy. com/ story/ lawsuit-cisco-blocks-outsider-gear-maintenance/ 2008-12-03). E. A.html) • AKS-Innovations team ~ Find out more about Cisco I−Prize.sec. Inside Cisco: The Real Story of Sustained M&A Growth. (2001).usatoday. [61] "Cisco charged with duplicity" (http:/ / www. ISBN 0-471-41425-5.com/q?s=CSCO) at Yahoo! Finance Cisco Systems (http://www.com/finance/stocks/overview?symbol=CSCO) at Reuters Cisco Systems (http://google.yahoo.cisco. ISBN 0-471-00833-8. D. com/ html/ businesstechnology/ 2015242310_btcisco06.html) • Cisco Systems vs. Making the Cisco Connection: The Story Behind the Real Internet Superpower. fiercetelecom. Juniper Networks (http://www.html)) • Cisco Networking Academy .gov/cgi-bin/browse-edgar?action=getcompany&CIK=858877) SEC filings at the Securities and Exchange Commission . channelregister.hoovers. • Slater. 2 June 2011.com/web/mobile/index. . S. nwsource.com/news/2010/ 060710-tech-argument-cisco-juniper. John Morgridge. com/ community/ blog/ cisco-resorting-intimidation-tactics). co. (2002).google. John Chambers and the Cisco Way: Navigating Through Volatility.brand. • Young. R. networkworld.Cisco Systems [60] "Lawsuit: Cisco blocks outsider gear maintenance" (http:/ / www.com/finance?q=CSCO) at Google Finance Cisco Systems (http://finance. J. • Waters. ISBN 0-06-018887-1. Retrieved 2008-12-03.com) ( Mobile (http://www.networkworld.

The European free-hotspot. Founder and Chief Executive Officer. com/ columns/ article. Vice President. php/ 3587581). California [3] and Denver International Airport[4] .frontporch. frontporch. Wi-Fi Planet. USA Key people Website Jim Owen. Internet Service Providers use products by Front Porch to present its own interstitial. frontporch. . [5] Stone. Asia and Emerging Markets = Online advertising www. but is also found in the more traditional "wired" broadband ISPs[2] . wi-fiplanet. Linda (2008-01-07). com/ NewsRoom/ News/ 2010/ NR-2010-06-14.Front Porch 28 Front Porch Front Porch. com/ html/ ff012808. Multichannel News. [4] "Denver International Airport Offers FreeFi Networks' Free Wi-Fi Service to Passengers" (http:/ / www. Founder and Chief Technology Officer. sidebar. References [1] http:/ / www.. "A Seat on the Front Porch" (http:/ / www. uses the technology to notify customers about complaints from Copyright holders[2] .com (http://www. Raul Vaughn. External links • www. . FreeFi Networks' provides ad-supported Internet access throughout John Wayne Airport in Orange County. aspx).frontporch.frontporch. Headquarters Sonora. com/ [2] Haugsted. . such as customer service notices[2] or online advertising. Inc. [3] "JOHN WAYNE AIRPORT INTRODUCES FREE WI-FI SERVICE" (http:/ / www. Ohio. Front Porch also creates the software to manage advertising campaigns or billing messages. Type Founded Founder(s) Privately held Company 1998 Zach Britton.com network uses Front Porch technology[5] to present a terms-of-service and portal page to users with local advertising and content. This technology is often used in the delivery of advertiser-supported wireless Internet access. multichannel.com [1] Front Porch. provides services to Internet Service Providers. Derek Maxson. a provider in Massillon. Adam (2006-02-24). . 2008-01-28. Front Porch technology enables an Internet Service Provider (ISP) to insert its own messages to be presented to users as they use their web browsers. com/ article/ CA6517230. Applications Massillon Cable TV.com/) . Chief Operating Officer. html). "Fair Warning for Copyright Holders" (http:/ / www. ocair. California. PR Newswire. Inc. pop-up. or pop-under advertising or service messages while the browser transitions to or between web pages. 2010-06-14. html).

Lawful Interception. Antivirus/Antispam Gateway. Webfilter. Oğuz Yılmaz Unified threat management (UTM). It is deemed to deserve to be the third most successful private sector project by TÜBİTAK.html) . It manufactures high-technology business network security appliances and software. It is headquartered in ODTÜ Technopolis in Ankara. Web filtering www.Labris Teknoloji 29 Labris Teknoloji Labris Teknoloji Informatic Solutions Industry Founded Network security & Internet security 2001 Headquarters Ankara.labris. Labris is one of the 12 Common Criteria EAL4+ certified gateway brand in the world and the first and only gateway in Turkey. Intrusion-prevention system.ssm. Zero Time. VPN.labristeknoloji.eu [1] Labris Teknoloji Informatic Solutions is a Turkish R&D company. [1] http:/ / www. Intrusion Prevention (IPS). Logging and Detailed Reporting modules. Firewalls.action?load=detay& link=168835) 6 March 2009 • Labris Teknoloji (http://www2. Turkey Key people Products Website Founder and CEO: Seçkin Gürler. Server Load Balancer. Wireless Authentication (WAUTH).eu/) • Labris in Azerbaijan (http://www. LBRLOG Series) have Firewall.tr/katalog2007/data\4313\firmaeng. VPN/SSL VPN.com/newsDetail_getNewsById. labristeknoloji.gov. L Series. eu/ References • Corporate Website (http://www.todayszaman. The products which Labris manufactures (LBRUTM Series. Antispyware. Antivirus. Antispam.

From the Press Release announcing this:[5] "Crowell is an independent security consultant and holds several board positions with a variety of technology and technology-based security companies.Narus (company) 30 Narus (company) Narus Type Industry Founded Subsidiary of Boeing Telecommunication 1997 Headquarters Sunnyvale." Narus has venture funding from companies including JP Morgan Partners. William Crowell as a director. Presidio Venture Partners. It was founded in 1997 by Ori Cohen.narus.[2] It is notable for being the creator of NarusInsight. a supercomputer system which is allegedly used by the NSA and other bodies to perform mass surveillance and monitoring of citizens' and corporations' Internet communications in real-time. California. NeoCarta. Intel. AT&T. United States Key people Products Parent Website Founder. In 2004.com [1] Narus is a company.[3] Management and investors According to Narus's own website listing of the Board of Directors [4]. Narus engaged the former Deputy Director of the National Security Agency. NTT Software and Sumisho Electronics. to prevent what they term "revenue leakage". and whose installation in AT&T's San Francisco Internet backbone gave rise to a 2006 class action lawsuit by the Electronic Frontier Foundation against AT&T. Since 9/11. . Crowell has served on the Defense Advanced Research Projects Agency (DARPA) Task Force on Terrorism and Deterrence. Prior to 9/11 Narus worked on building carrier-grade tools to analyze IP network traffic for billing purposes. Dr. Narus has several business partners who provide various technologies similar to the features of NarusInsight. Post-9/11 they have continued down that path while adding more semantic monitoring abilities for surveillance purposes. now owned by Boeing which produces mass surveillance systems. the National Research Council Committee on Science and Technology for Countering Terrorism and the Markle Foundation Task Force on National Security in the Information Age. Several of the partners are funded by In-Q-Tel. Hepting v. Ori Cohen Monitoring/surveillance systems Boeing www. Cohen is no longer the Chairman of the Board. Walden International. an early media streaming pioneer. who had been in charge of technology development for VDONet. Mayfield.

rendering of web pages. compiling lists of people who visit a certain type of web site or use certain words or phrases in their emails). • Compliance with CALEA and ETSI. protocol. including Google Gmail. Yahoo! Mail. meaning. Aggregation and Analysis provide a model of user. monitor which applications they are using (e. Narus partner products. in real-time. examination of e-mail and the ability to analyze the payload/attachments of e-mail or file transfer protocols.000 telephone modems. A single NarusInsight machine can monitor traffic equal to the maximum capacity (10 Gbit/s) of around 39. web browsers.e. This data is stored and analyzed for surveillance and Other capabilities include playback of streaming media (i. and Gawab Mail (English and Arabic [8] versions). Correlation. in practical terms. structure and significance of traffic in real time. capturing and reconstruction of webmail traffic. which enables it to sift through the vast quantities of information that travel over the Internet. [7] ." It can also perform semantic analysis of the same traffic as it is happening. application and network behaviors.Narus (company) 31 NarusInsight System specification and capabilities Some features of NarusInsight include:[6] • Scalability to support surveillance of large. According to a company press release. • NarusInsight's functionality can be configured to feed a particular activity or IP service such as security. That is it can track individual users. But. MSN Hotmail. such as Pen-Link. The intercepted data flows into NarusInsight Intercept Suite forensic analysis purposes. The exact use of this data is not fully documented. • Normalization. as the public is not authorized to see what types of activities and ideas are being monitored.g. • High reliability from data collection to data processing and analysis. email) and what they are doing with those applications (e. . offer the ability to quickly analyze information collected by the Directed Analysis or Lawful Intercept modules. element.. which web sites they have visited. the 10 Gbit/s capacity of one NarusInsight installation enables it to monitor the combined traffic of several million broadband users.. what they have written in their emails/IM conversations).g. the latest version of NarusInsight Intercept Suite (NIS) is "the industry's only network traffic intelligence system that supports real-time precision targeting. since individual internet connections are not continually filled to capacity. instant messaging applications. in other words analyze the content. VoIP). lawful intercept or even Skype detection and blocking. complex IP networks (such as the Internet) • High-speed Packet processing performance.g. • Certified by Telecommunication Engineering Center (TEC) in India for lawful intercept and monitoring systems for ISPs. and see how users' activities are connected to each other (e.000 DSL lines or 195.

Retrieved 2011-01-30. does the—basically the tapping of the communications on AT&T.com/27BStroke6/att_klein_wired. Corporation's Role in Egypt's Brutal Crackdown" (http:/ / axisoflogic.html) • Wired News article (http://www. com/ index. narus. reuters.Narus (company) 32 Mass surveillance Narus provides technology to governments such as the United States and Egypt to facilitate the mass surveillance of their citizens.org/wgbh/pages/frontline/homefront/ view/)` TV documentary originally aired on PBS 15 May 2007 with a section entitled "The NSA's Eavesdropping at AT&T" with the story of Mark Klein exposing NSA wiretapping with a secure room and Narus STA 6400 at an AT&T facility in San Francisco.pbs. org/ 2008/ 10/ 14/ james_bamford_the_shadow_factory_the).com/news/technology/0.com/news/technology/0. Reuters. democracynow. [9] "One U.[9] References [1] http:/ / www.org/20071201184647/http://blog. org/ web/ 20050206184639/ narus.S. "This company. • Frontline Flash Video "Spying on the Home Front" (http://www. html) [6] Key Features list of NarusInsight (http:/ / narus. eff. php/ about/ board [5] Narus Appoints Former Deputy Director of the National Security Agency To Its Board of Directors (http:/ / web. Retrieved 2008-02-13.narus. 2011-01-29. html) [7] http:/ / www. 2007-12-10. com/ article/ pressRelease/ idUS140435+ 10-Dec-2007+ BW20071210?sp=true). External links • Official website (http://www. and equipment lists and installation dates. . com/ index. And Verizon chose another company. com/ artman/ publish/ Article_62125. archive.archive. php/ solutions/ intercept [8] "Narus Expands Traffic Intelligence Solution to Webmail Targeting" (http:/ / www. Narus. org/ cases/ att) [4] http:/ / narus. Retrieved 2008-10-30.70914-0. Huffington Post. com/ [2] "James Bamford: "The Shadow Factory: The Ultra-Secret NSA from 9/11 to the Eavesdropping on America"" (http:/ / www.wired. 2007).com: Source story for implications of the company's product (http://dailykos. .com/storyonly/2006/4/ 8/14724/28476) . com/ press/ 2004/ 0929. CA] • DailyKos. narus.70908-0. . ironically also founded in Israel and largely controlled by and developed by people in Israel called Verint. including pictures.com/) • Wired News article (http://www. which was founded in Israel and has large Israel connections.wired." [3] EFF vs AT&T (http:/ / www.html) (AT&T whistleblower Mark Klein discusses Narus STA 6400) • Documents.pdf) at the Wayback Machine (archived December 1. shtml). wiring diagrams.wired. com/ products/ index. from Mark Klein (http://web.

NebuAd UK Ltd was dissolved in February 2010[8] . Inc Former type Industry Founded Defunct Privately held Company Online advertising 2006 2009 Headquarters California. but there is no way for users to prevent ISPs from sending the data to NebuAd in the first place[12] [13] . Because ISPs route all of their customers' traffic. www. By analyzing this traffic. religious beliefs.adjuggler. It was one of several companies developing behavioral targeting advertising systems. NebuAd's privacy policy says that they will "specifically not store or use any information relating to confidential medical information.[5] its agreements with providers covering 10 percent of the broadband users in America[6] . eventually resorted to reinstalling his . micro-targeted advertising. NebuAd had signed up more than 30 customers. but when they contacted WOW's support department. NebuAd's largest ISP customers have all pulled out. unexpected cookies for sites such as nebuad.com were being read and written. Adzilla and Project Rialto also appear to be developing similar systems. Due to fallout following public and Congressional concern. racial or ethnic origins. an off-site server complex to analyze and categorize the contents of users' Internet communications. NebuAd says it gains more information about customers' particular interests than less intrusive methods can provide[14] . Phorm is a similar company operating out of Europe. courts or law enforcement. seeking deals with ISPs to enable them to [4] analyse customer's websurfing habits in order to provide them with more relevant.NebuAd 33 NebuAd NebuAd. WOW initially denied that it was responsible for this activity. or sexuality which are tied to personally identifiable information ('sensitive personal information'). Kira Makagon Chief Executive Officer and co-founder."[11] It also advises.[10] Users can "opt-out" of NebuAd’s information collection and targeted ads[11] . that information may be subject to access requests by governments.com [2] NebuAd was an American online advertising company based in Redwood City. At one point. and relationships with advertising networks willing to present NebuAd's targeted advertising[9] . The System works by installing a hardware device inside an ISP network. followed by the US in May 2009 [7] . As a result. USA Key people Website [1] Robert Dykes.NebuAd. "The information we collect is stored and processed on NebuAd's servers in the United States. with offices in New York and London and was funded by the investment companies Sierra Ventures and Menlo Ventures[3] .000 users. mostly Internet access providers." At least two customers of a Middle America ISP known as WOW! noticed that when they used Google. . Each device can monitor up to 50. California. NebuAd closed for business in the UK in August 2008.[15] One customer spent hours trying to disinfect his machine as he wrongly believed that it had been infected with spyware after noticing problems with Google loading slowly and the creation of these non-Google cookies. Overview of the service NebuAd's solution has three main parts: Hardware hosted within the ISP that is capable of inserting content into pages. founder. it is a perfect vantage point from which to monitor all the traffic to and from a consumer using Deep packet inspection (DPI). Chairman. .

NebuAd machine from scratch. Nebuad uses data such as Web search terms.50 per month for each [16] user. [18] Nebuad does not have access to user browser info and connection speed to categorise its user's interests.[17] NebuAd argues that behavioral targeting enriches the Internet on several fronts. Tennessee reports that she also was not notified that she was being monitored. Charter Communications announced that it planned to monitor websites visited by its customers via a partnership with NebuAd. only to discover the problem had not gone away. identification information from the ISP. the roll out was completed in the first week of March 2008. Bob Dykes. not for sale. which may maintain or lower consumers' Internet access bills. In response to an inquiry from members of the United States House of Representatives Telecommunications Subcommittee about its pilot test of NebuAd's services. a weak opt-out method[13] .[25] A Knology user in Knoxville. the lack of oversight over what any third-party company does with the contents of Internet communications[22] . Charter changed its mind in June.[23] and in some cases informed customers that the terms had been updated. which could increase profits or reduce the amount of page-space dedicated to advertising.[20] Privacy advocates criticize the lack of disclosure[21] that some ISPs provided prior to using NebuAd. page views. page and ad clicks.[26] In May 2008. 2008 WOW! suspended the use of Nebuad services to its subscribers.[19] 34 Controversies Generally. Better targeted advertising also leads to a more relevant and personalized online experience. Customers were not explicitly notified about NebuAd until later.[24] Embarq said that it notified consumers by revising its privacy policy two weeks prior to sending its users' data streams to NebuAd. sometime after the third week of March 2008[15] . WOW! (formerly Wide Open West) started rolling out Nebuad in February 2008. less than 1% of users opt-out. its conflicts with United States wiretap laws[13] [16] . WOW updated its terms and conditions to include a mention of Nebuad. hence reducing the "scattergun approach" (publish as many ads as possible in the hope of catching a client) and users are offered more relevant adverts: Just because one visits the financial pages of a newspaper does not mean all they are interested in is financial product and books on investing. but may be able to discover this through traffic monitoring (for example.[27] [28] But after customers voiced their concerns. website owners are offered an improved click-through rate (CTR). Consumer Notification A large American cable operator. Nebuad buy impressions from ad networks including Valueclick. NebuAd provided an additional income stream to network operators. One ISP expects to earn at least $2. and the company's refusal to name its partner ISPs. NebuAd CEO claims "We have 800 [consumer interest segments] today and we're expanding that to multiple thousands". Owners of previously thought ad-unfriendly websites are offered a chance to make money not on the subject matter of their website but on the interests of their visitors. time spent on specific sites. zip code. Firstly. email traffic may tie an email address to an ip address). Advertisers are offered better targeted adverts. Critics believe that the raw content of their internet communications are entrusted to the ISP for handling without being inspected or modified.[29] . ISPs were paid for allowing NebuAd access to their network on a per-user per-active profile basis. According to Nebuad's sales.[15] On July 9.

[31] All of the inbound and outbound information is intercepted and sent to NebuAd's offsite server to be processed. which will be added to the end of the web page when it is rendered by the end-user's browser.[33] The "Fair Eagle" advertisement hardware. Even if a user has opted out of the service.[35] . the Gator Corporation). These are not correct.[13] The same writer has asked if it would breach anti-wiretapping laws. it does not prevent the ISP from sending the data to NebuAd. The injected ads stopped appearing toward the end of June. Both Claria and NebuAd are located in Redwood City.faireagle. famous for ad software known as Gator[35] . The June 2006 creation[36] of nebuad. a Texas based ISP was using a NebuAd technology to inject Redmoon's own advertising into pages visited by its users. a ranking member of the House Committee on Energy and Commerce. patent application data that mention such inventions. NebuAd has repeatedly denied any corporate connection to Claria. Opt-In Members of US Congress. The content of this specious packet. or places additional advertising to page. Use of Packet Forgery and Browser Exploits A report by Robert M.[16] Opt-Out vs. The substance to these concerns can likely be traced to the company's "Fair Eagle" operation. and Joe Barton. inserted additional advertising alongside the content of web pages. and a loose relationship to Claria Corporation whose products and history suggest such tactics. or if they will only be able to opt-out of receiving targeted ads.com coincides with timing of Claria's decision to shutdown[37] the Gator service.[34] Relationship with Claria Corporation Some senior staff members of NebuAd used to work at ad company Claria Corporation (formerly. and have written to Charter requesting they suspend the test "We respectfully request that you do not move forward on Charter Communications' proposed venture with NebuAd until we have an opportunity to discuss with you issues raised by this proposed venture". have argued that such services must be opt-in only to comply with the provisions laid down by Section 631 of the US Communications Act. shows that NebuAd's devices create cookies on end-users machines by injecting a specious packet into the end of the data stream returned in response to some web page requests submitted to major search engines Google and Yahoo. Ed Markey. and one employee was planning to re-route his traffic to avoid NebuAd's Deep Packet Inspection hardware. 2007. The ads featured a window with the "Fair Eagle" title bar. chairman of the House Subcommittee on Telecommunications and the Internet. provided by NebuAd.com.NebuAd 35 Friction between ISP Staff and Management Plans to implement NebuAd had not gone down well with some ISP's employees.[30] A writer for Wired News has questioned whether Charter users can really opt-out of being monitored. In 2007 it was reported that Redmoon. California[35] .[13] An engineer who has examined the system confirms there is no way to Opt-Out of the monitoring. chief technology consultant of the Free Press and Public Knowledge. contains HTML Script tags which cause the browser to request Javascript from http://a. Topolski. describing its hiring of Claria employees as a result of that company shedding employees in a tight market for experienced advertising sales staff in the Valley.[32] Superimposing or Adding Advertising to Web Pages Critics are concerned that NebuAd superimposes its own advertising over the ads of other advertisers.

and has not decided whether to move forward[51] with Behavioral Targeting advertising "either through NebuAd or with any other vendor"[52] . with employees only and not with its customers. The software was never implemented at any time as there were concerns on several levels regarding privacy issues. and CenturyTel that they would no longer use NebuAd on their networks. [46] High Speed Networks -E50 (HSNe50) . Blackfoot's Mary Worden later explained. • CenturyTel. WOW! . [17] Metro Provider .Net) . one of the earliest known ISPs to test NebuAd[5] . notified customers in late May 2008 that it was deploying the hardware[53] . [44] Progressive Internet Services (Jayco.[56] . notified users via its Privacy Policy page that it was using NebuAd as of April 23. Reed Freeman Kelley Drye & Warren LLC NebuAd's ISP Partners ISPs which trialled or deployed or prepared to deploy Nebuad included: • • • • • [42] [43] Broadstripe (formerly and formally Millennium Digital Media)."[57] • Nexicom.Net . Following the announcements by Charter. Inc. Bresnan told a blogger that their NebuAd trial had ended and they would comply with whatever regulatory model emerges from the current debate. 2008[58] . [47] RTC on Line (Rochester Telephone Company. • • • • [44] OnlyInternet. [45] Eastern Oregon Net. Montana appeared to have tried NebuAd between March and May 2008[57] . Nexicom's Paul Stewart replied. • An Embarq[49] spokesperson told the Associated Press that it ended its trial with NebuAd.NebuAd 36 Current and Former Officers and Employees in Common to NebuAd and Claria Name Scott Tavenner Chuck Gilbert Mike Miller Amy Auranicky Jeanne Houwelingis Deepak Nair [38] [39] [40] of Relationship to NebuAd Vice President of Business Development Senior Product Manager Vice President of Ad Sales Director of Advertising Sales Vice President of Advertising Services Business Intelligence Marketing Consultant Attorney for NebuAd before the Federal Trade Commission Relationship to Claria Vice President of Business Development Senior Product Manager Director of Sales Integration Manager Senior Director of Business Development Database Developer & Data Architect Associate Marketing Manager Chief Privacy Officer and Regulatory Affairs [41] Counsel Melissa Horwath D. but had similar concerns to those raised by consumer groups and elected not to launch the service. of Missoula. Indiana). • Web cache evidence indicated that Blackfoot Telecommunications Group. In a response to customer inquiries. [44] Decaturnet Internet Services .net) All ISPs have ended or suspended their relationship with NebuAd. in March 2008. • Charter Communications suspended its plans[49] to test NebuAd following scrutiny from lawmakers and privacy groups[50] ."[59] • WOW![15] [49] (formerly Wide Open West) completed suspension of NebuAd services on July 9. WOW! indicated. Inc. "With Congress in active review of online behavioral advertising. (EONI) . Canada. "Nexicom was investigating using the NebuAd service. References to NebuAd in Nexicom's Privacy Policy has been removed. [48] 20/20 Communications (2020comm. only to pull out of the deal alongside of Charter a month later[54] . Embarq. "Blackfoot tested NebuAd on its internal corporate network. Following a question to users on a public forum. serving Central Ontario and the Kawarthas. • Bresnan Communications used the NebuAd technology[55] .

nebuad. 2009-06-18. Retrieved 2008-05-14. . Ex-employees moved to work within a variety of other online advertising and technology companies. html). . html). . washingtonpost. Cable One had decided against using the technology "commercially" on its systems[64] but in September said it was waiting for "clear rules and boundaries". Retrieved 2008-04-18. gov. org/ web/ 20080713030851/ http:/ / www. Retrieved 2008-04-26. html?page=3628004). vator. Zscaler. Peter (2008-04-04). . [19] "ISPs Collect User Data for Behavioral Ad Targeting" (http:/ / www. [2] http:/ / www. html?page=3628009). . dslreports. uk/ 2008/ 04/ 22/ wide_open_west_users_with_nebuad/ ). Retrieved 2008-06-28. wired. Threat Level from Wired. . MediaPost. We believe that all parties are best served by a thoughtful and thorough review of this emerging advertising model. clickz. theregister. [17] "Questions for Bob Dykes. washingtonpost. [15] "Data pimping catches ISP on the hop" (http:/ / www. org/ jcblog/ ?p=586). [6] Whoriskey. tv/ pitch/ show/ transforming-online-ad-industry?play=false). PubMatic. uk/ 2008/ 09/ 03/ bob_dykes_nebuad_quits/ ).com. Broadband Reports. democraticmedia. juniperamspmarketing. [12] Singel. Retrieved 2008-04-23. Karl (2008-05-28). com/ company/ management. Retrieved 2008-05-14. html). showArticle& art_aid=106277). com/ publications/ ?fa=Articles.NebuAd Internet. "Can Charter Broadband Customers Really Opt-Out of Spying? Maybe Not" (http:/ / blog. AdChemy. com/ NebuAD. 2008-02-18.[63] As of August 2008. Retrieved 2008-04-18. Archived from the original (http:/ / www. com/ wp-dyn/ content/ article/ 2008/ 04/ 03/ AR2008040304052. theregister. Retrieved 2008-06-19. com/ shownews/ Infighting-At-ISPs-Over-Using-NebuAD-94835). uk/ c3aac31df2e47117900ab23b5d4530e6/ companysearch?disp=1& frfsh=1281110903#result)"UK Companies House website [9] "Juniper Networks partners with NebuAd to enable ISPs to participate in online advertising revenues on the web" (http:/ / web.000 customers in Alabama for six months beginning in November 2007. juniperamspmarketing. [11] "NebuAd / Privacy" (http:/ / www. Retrieved 2008-05-14. . Retrieved 2008-05-21. [5] White. "Infighting At ISPs Over Using NebuAD" (http:/ / www. com/ showPage. cdt. companieshouse. co. "Congressmen Ask Charter to Freeze Web Profiling Plan" (http:/ / blog. com/ 27bstroke6/ 2008/ 05/ congressmen-ask. ClickZ. . . 2008-06-12. com/ showPage. [4] "American ISPs already sharing data with outside ad firms" (http:/ / www. Retrieved 2008-07-03. blogs. Red Aril. . Retrieved 2008-09-04. "Every Click You Make" (http:/ / www.Cable. The New York Times. theregister. html?mod=todays_us_nonsub_marketplace).Phone is suspending its deployment of NebuAd services to our subscribers at this time. clickz. dslreports. wsj. Ryan (2008-05-16). uk/ 2008/ 04/ 10/ american_isps_embrace_behavioral_ad_targeting/ ). [16] Bode. . archive. com/ NebuAD. [14] "Robert Dykes (CEO) presenting NebuAd at OnMediaNYC-01/28/2008" (http:/ / vator. Bobby (2007-12-06). 2008-09-03. Crescendo Networks and TeleNav. The Register. References [1] "NebuAd CEO quits" (http:/ / www. com/ 2008/ 04/ 07/ nebuad-observes-useful-but-innocuous-web-browsing/ ). php). 2008-04-22. . Retrieved 2008-06-28."[60] • Knology[42] [61] reported to the United States House Committee on Energy and Commerce that it discontinued a trial of NebuAd in all markets as of July 14. . php). including VeriFone. The Wall Street Journal. 2008-01-03. com/ shownews/ Wide-Open-West-Using-NebuAD-92520). Wired.tv. and we welcome the opportunity for that discussion to take place. Retrieved 2008-05-14. [20] "CDT Urges Stronger Guidelines for Behavioral Advertising" (http:/ / www. The Register. 2008-04-10. Retrieved 2008-05-17.. The Register. ." (http:/ / www.. mediapost. clickz. [10] Hansell. nebuad. 2008-01-03. NebuAd CEO" (http:/ / www. "Watching What You See on the Web" (http:/ / online. Digital Destiny. Plaxo.[62] • Unbenownst to its users. nebuad. . Saul (2008-04-07). . "NebuAd Observes ‘Useful. org/ headlines/ 1126). Cable One conducted NebuAd tests on 14. com/ privacy/ servicesPrivacy. wired. com/ [3] "Management & Investors" (http:/ / www. 2008-03-11. but Innocuous’ Web Browsing" (http:/ / bits.[65] 37 The End of NebuAd NebuAd was closed down in the UK in August 2008 and in the US in May 2009[7] . . htm). juniperamspmarketing. com/ 27bstroke6/ 2008/ 05/ theres-no-optin. com/ article/ SB119690164549315192. co.com. [7] "Case Closed: NebuAd Shuts Down" (http:/ / www. . htm) on 2008-07-13. nytimes. co. [13] Single. 2008. 2008-05-14. [21] "Wide Open West Using NebuAD Users don't get much of a heads up. . Ryan (2008-05-16). [18] "Charter Cable to Spy on its Broadband Users to Serve Targeted Ads via NebuAd" (http:/ / www. . [8] " (http:/ / wck2.

Free Press. Retrieved 2008-06-24. BroadbandReports. pdf) (PDF). "Claria Abandons Adware" (http:/ / www. . 2004-04-20. Cade (2008-05-16). 2008-06-26. dslreports. com/ forum/ r20704276-OnlyInternetNet-uses-NebuAd-for-Behavioral-Targeting). com/ 2008/ 05/ 14/ charter-will-monitor-customers-web-surfing-to-target-ads/ index. Techcrunch. . Retrieved 2008-05-14. "Embarq: Don't all users read our 5. "Charter Will Monitor Customers' Web Surfing to Target Ads" (http:/ / bits. 2008-06-26. gov/ os/ comments/ behavioraladprinciples/ 080411nebuad. 2008-05-14. 2008-06-26. And unless they alter the architecture of their system drastically. Retrieved 2010-05-20. dslreports. [40] "Comments Of Nebuad. com/ wire/ security/ 183701933). com/ news. . [45] "One More ISP to add to the list of ISPs" (http:/ / www. ars technica. via The New York Times Company. Retrieved 2008-06-25. blogs.com. . [28] http:/ / www. uk/ 2008/ 05/ 16/ congress_questions_nebuad/ ). org/ web/ 20080224042248/ http:/ / www. html?pr=pr040420). [23] "WOW Terms and Conditions" (http:/ / www1. "When we asked them about an opt-out method for our customers. . . ars/ post/ 20080715-congress-goes-after-nebuad-again. 2008-06-20.com. . Joins growing list of NebuAD customers" (http:/ / www. [36] http:/ / whois. Retrieved 2008-06-26. com/ wow/ wow. Reed Freeman. again" (http:/ / arstechnica.. html). Jr. freepress. [24] Anderson.. com/ embarq-pleads-the-fifth-on-disclosing-nebuad-test-to-customers-040002/ ). broadstripe. [27] Hansell. wowway. pdf) (PDF). [35] "NebuAd looks to 'spyware' firm for recruits" (http:/ / www. linkedin. Forgery and Browser Hijacking" (http:/ / www. Robb (2008-07-21). techweb. com/ 2007/ 06/ 23/ real-evil-isp-inserted-advertising/ ).. com/ forum/ r20703445-And-Even-One-More-ISP-to-add-to-NebuAds-Harem). nytimes. com/ terms/ privacypolicy. com [37] Keizer. com/ in/ deepaknair73). com/ shownews/ Broadstripe-Now-Selling-User-Browsing-History-94378). com/ nebuad. Their system is a bridge.com. nytimes. "Charter Won’t Track Customers’ Web Use" (http:/ / www. benanderson. marketingvox. . [47] "RTC on Line aka Rochester Telephone Company sells to NebuAd" (http:/ / www. . . com/ forum/ r20705904-RTC-on-Line-aka-Rochester-Telephone-Company-sells-to-NebuAd). [39] "LinkedIn Profile of Melissa Horwath" (http:/ / www. BroadbandReports. Retrieved 2008-07-02.000 word privacy policy?" (http:/ / arstechnica. com/ forum/ r20703209-One-More-ISP-to-add-to-the-list-of-ISPs). com/ forum/ r20600537-ISP-Data-Collection-Congress-Investigation-Urged-NebuAd). 38 . Retrieved 2008-07-23. they won't ever have one. htm). [34] "benanderson. Archived from the original (http:/ / www. dslreports. [41] "Claria Names D. everyone's data is still pumped into a third-party box. dslreports. html?ref=technology). BroadbandReports. net/ gb/ inquirer/ news/ 2008/ 05/ 14/ charter-track-users-replace [29] The Associated Press (June 25." So while the data actually created and stored by NebuAd or Embarq may end up being totally anonymous and innocuous. they didn't have one. Retrieved 2008-06-26. [43] "Broadstripe High Speed Internet Online Privacy Policy" (http:/ / web. ars technica. ftc. com/ terms/ privacypolicy. net/ files/ NebuAd_Report. html). The New York Times. broadstripe. . Robert (2008-06-18). 2007-06-22. MarketingVOX: The Voice of Online Marketing. "Ready — Fire — Aim: NebuAd and Charter Shellacked -. Saul (2008-05-14). As Chief Privacy Officer And Vice President Of Regulatory And Legislative Affairs" (http:/ / www. 2008).Right Idea.net-Fair Eagle taking over the world? ISPs being compromised or just cheap?" (http:/ / www. uk/ 2008/ 06/ 20/ nebuad_claria/ ). aspx?ConIdent=28& RCView=False& TermID=11#TPA). [31] Anderson. "NebuAd and Partner ISPs: Wiretapping. dslreports. Retrieved 2008-06-20. org/ node/ 1664). . The Register. html). co. . [25] "Customers Shoulda Read the Privacy Policy. Retrieved 2008-04-26. theregister.opted out or not. [30] Metz. theregister. Retrieved 2008-06-20. How would you build a device like this without profiling your users in the first place to determine who had opted out? It's not like there is an opt-out bit you can flip in the header of an Ethernet frame. . . [42] "Broadstripe Now Selling User Browsing History. com/ news. Retrieved 2008-06-29. "Claria will exit out of the adware business by the end of the second quarter of 2006. BroadbandReports. Retrieved 2008-04-30. ars/ post/ 20080723-embarq-dont-all-users-read-our-5000-word-privacy-policy. BroadbandReports. claria. "US Congress questions legality of Phorm and the Phormettes" (http:/ / www.com. [46] "And Even One More ISP to add to NebuAds Harem" (http:/ / www. . [44] "OnlyInternet.. Retrieved 2008-05-17. "He points out that the system is essentially a massive bridge running Fedora. [26] Topolski. techcrunch.com. net/ blog/ weblog. . php?id=D20070622). . Inc. . Retrieved 2008-06-26." [32] Topolski. com/ press-release-article. On The Commission Staff's Proposed Self-Regulatory Principles For Online Behavioral Advertising" (http:/ / www. linkedin. Says Embarq" (http:/ / www. so you would need some sort of magical layer-two switching device upstream that switched frames from users that have opted out around the NebuAd appliance. 2008-06-06. Retrieved 2008-06-19. Retrieved 2008-06-19.. Wrong Targets" (http:/ / www. [33] "Real Evil: ISP Inserted Advertising" (http:/ / www. Retrieved 2008-06-26. Retrieved 2008-06-24. 2007-06-23. htm) on 2008-02-24. 2008-06-26. and that NebuAd advises ISPs to install it inline in their networks in such a way that all web traffic passes through it. Nate (2008-07-23).NebuAd [22] "ISP Data Collection — Congress Investigation Urged (NebuAd-CDT Press Release)" (http:/ / www. domaintools. . . As the engineer explains. theinquirer. Nate (2008-07-15). Gregg. dslreports. Public Knowledge Policy Blog. The Register. . archive. TechWeb Technology News. co." [38] "LinkedIn Profile of Deepak Nair" (http:/ / www. com/ in/ melissahorwath).Net uses NebuAd for Behavioral Targeting" (http:/ / www. publicknowledge. . com/ 2008/ 06/ 25/ technology/ 25charter. . "Congress goes after NebuAd.

dslreports. "9. Salon. Associated Press via Google. "Beginning April 23rd. Retrieved 2008-08-11. com/ forum/ r20258823-Bresnan-actively-intercepting-ALL-packets). 2008-06-26.com.com. com/ privacy/ optout. DSLReports. Retrieved 2008-09-01. . John Linko (Blog). com/ shownews/ Charter-User-Monitoring-Plans-Suspended-95551). . 2008-07-03. or any other personally identifiable information. pdf) (PDF). [49] Hansell.. Philip P. Knology. Retrieved 2008-06-27. 2008-07-01. [57] "Blackfoot Telecommunications Group. Karl (2008-06-24). [56] "Bresnan — Internet Privacy Update" (http:/ / johnlinko.S. telephone number. . These advertisements will be based on those users' anonymous surfing behavior while they are online. BroadbandReports. The New York Times. com/ 2008/ 05/ 14/ charter-will-monitor-customers-web-surfing-to-target-ads/ index. Rodger. . blogs. These advertisements will be based on those users' anonymous surfing behavior while they are online. If you would like to opt out.. com/ forum/ r20706000-Blackfoot-Telecommunications-Group-Inc-Missoula-MT-Nebuad). .. Associated Press via Google. except these advertisements will be less relevant and less useful to you. Retrieved 2008-06-30. BroadbandReports. Committee on Energy and Commerce — US House of Representatives. . com/ forum/ r20554465-Centurytel-and-NebuAd). php" [62] Johnson. [61] "Knology Customer Service Agreement" (http:/ / support. Retrieved 2008-09-01. net/ privacy. php). com/ article/ ALeqM5hojy5UugX8vlpZa1urv5KYVDHDjAD92TSRNG0). nebuad.. dslreports. [52] Svensson. This anonymous information will not include those users' name. Retrieved 2008-07-01. U. email address. blogspot. 2008-05-28. [60] prack (2008-07-03). com/ forum/ r20711216-Centurytel-drops-NebuAd). Canadian Broadband Forum on BroadbandReports. If You would like to opt out. html). net/ content/ custService_agree_121207. [63] Jesdanun. dslreports. seoserpent. php page)" [59] "Nexicom is using Nebuad" (http:/ / www. 2008-06-27. By opting out. BroadbandReports. . 39 . 2008-06-26. Knology will partner with a third party to deliver or facilitate delivery of advertisements to our users while they are surfing the web. com/ forum/ r20736487-WOW-Suspension-of-Nebuad-Services). google. Inc. com/ 2008-09/ isp-behavioral-targeting/ ). salon. . dslreports. html?ref=business). [58] "Nexicom Privacy Policy" (http:/ / www. google. Retrieved 2008-07-21.O. knology. You will continue to receive advertisements as normal. com/ forum/ r20737958-Nexicom-is-using-NebuAd).W. 2008). . nytimes. from Responses to August 1. Committee on Energy and Commerce. 080108responseKnology. [51] "ISP Behavioral Targeting Versus You" (http:/ / www. [55] "Bresnan actively intercepting ALL packets" (http:/ / www. Inc. dslreports. com/ 2008/ 07/ bresnan-internet-privacy-update. or any other personally identifiable information. "Charter Will Monitor Customers’ Web Surfing to Target Ads" (http:/ / bits. CEO and Chairman of the Board. 2008-09-26. nexicom." (http:/ / www. . com/ privacy/ optout. Saul (2008-05-14). Third Party Advertisers. [65] Jesdanun. "RE: Internet Advertising Inquiry" (http:/ / energycommerce. we will partner with a third party to deliver or facilitate delivery of advertisements to our users while they are surfing on the web. Retrieved 2008-06-26. .'Enhanced user experience' apparently not so enhanced. "6 Internet providers disclose Web tracking for ads" (http:/ / ap. [64] Ji. BroadbandReports. Retrieved 2008-06-25. Retrieved 2008-07-02. . "Ad targeting based on ISP tracking now in doubt" (http:/ / ap. Retrieved 2008-09-01. . [50] Bode. 080108responseCABLE001. click here.com. . 2008 Letters to Network Operators Regarding Data Collection Practices" (http:/ / energycommerce. . pdf) (PDF via Google HTML). html). "Letter. "Charter User Monitoring Plans Suspended .NebuAd [48] "20/20 Communications and NebuAd" (http:/ / www. house.com. BroadbandReports. (2008-08-08). com/ wires/ ap/ scitech/ 2008/ 06/ 25/ D91HAQHO1_tec_web_tracking/ index. dslreports. House of Representatives. com/ article/ ALeqM5i0jj6e-BuV4qnseoMIL1fJFB7uhAD92TEAE80). 2008). "WOW! Suspension of Nebuad Services" (http:/ / www. Peter (2008-06-25).com. email address. Anick (September 1. . gov/ Press_110/ Responses to 080108 TI Letter/ 110-ltr.com Forums — US Cable Support — W. except these advertisements will be less relevant and less useful to you. Retrieved 2008-06-18. com/ forum/ r20704629-2020-Communications-and-NebuAd). dslreports. . gov/ Press_110/ Responses to 080108 TI Letter/ 110-ltr. telephone number. pdf) (PDF). . Retrieved 2008-05-14. Retrieved 2008-06-25. This anonymous information will not include those users' name. [53] "CenturyTel and NebuAd" (http:/ / www. [54] "CenturyTel Drops NebuAd" (http:/ / www. Anick (August 31.com.com. go to: http:/ / nebuad. "ISPs still considering tracking Web use" (http:/ / www. house.. By opting out you will continue to receive advertisements as normal. (links to http:/ / www. dslreports. Retrieved 2008-06-27. Missoula MT Nebuad" (http:/ / www.

Sometimes referred to as Network Acceleration. policy management. security functions and data mining for new products and services needed since the emergence of Web 2. With ongoing changes in communications networks and how information can be exchanged. It enables vendors to create an information layer with metadata from IP traffic to feed multiple applications for more detailed and expansive visibility into network-based activity. in real time. online chat. DPI focuses on recognizing different types of IP traffic as part of a CSP’s infrastructure. NI provides the means to quickly identify. . methods of access. NI’s value-add to solutions traditionally based on DPI has attracted the attention of industry [10] now includes NI companies on its analysts who specialize in DPI market research. applications. examine and correlate interactions involving Internet users.Network intelligence 40 Network intelligence Network Intelligence (NI) is a technology that builds on the concepts and capabilities of Deep Packet Inspection (DPI).[1] [2] [3] [4] Background [7] The evolution and growth of Internet and wireless technologies offer possibilities for new types of products and services.[4] [5] as well as opportunities for hackers and criminals to exploit weaknesses and perpetrate cyber crime[6] . instant messaging. NI technology correlates network traffic data from a variety of data communication vehicles for network visibility. lawful interception and cyber security. when. when. enabling better cyber security and IP services. NI is used as a middleware to capture and feed information to network operator applications for bandwidth management. performance optimization and Quality of Service (QoS).. types of activity and volume of content generated.[4] Business Intelligence for data networks In much the same way that BI technology synthesizes business application data from a variety of sources for business visibility and better decision-making. since it not only recognizes protocols but also extracts a wide range of valuable metadata.[8] [9] Traditional DPI tools from established vendors like Sandvine and Allot have historically addressed specific network infrastructure applications such as bandwidth management. charging and billing (including usage-based and content billing). It is currently being incorporated into a wide range of applications by vendors who provide technology solutions to Communications Service Providers (CSPs). It examines. laptops and mobile devices. NI technology goes beyond traditional DPI. service assurance. revenue assurance. or who accesses what database. Webmail. NI creates a powerful nexus of subscriber and network data. NI extends network controls. Packet Capture and Business Intelligence (BI). NI provides more granular analysis. social networks – and from different access points via desktops. where and how. business capabilities. market research mega panel analytics. For example. When combined with traditional BI tools that examine service quality and customer care. IP data packets that cross communications networks by identifying the protocols used and extracting packet content and metadata for rapid analysis of data relationships and communications patterns. governments and large enterprises.. blogs.0 and wireless 3G and 4G technologies. Network optimization and security solutions therefore need to address the exponential increases in IP traffic. The technology enables a global understanding of network traffic for applications that need to correlate information such as who contacts whom. and protocols whether or not the protocols are tunneled or follow the OSI model. Heavy Reading Deep Packet Inspection Semi-Annual Market Tracker. people are no longer linked exclusively to physical subscriber lines. VoIP. The same person can communicate in multiple ways – FTP. traffic shaping. and the information viewed..

Real-time network metrics are equally important for companies to deliver and manage services. Customer Segmentation. Content-Based Billing. applicable for Bandwidth & Resource Optimization. Software Vendors and Systems Integrators that serve the industry. NI mitigates the risks by providing Infrastructure as a Service (IaaS). Internet Service Providers (ISPs) and Mobile Network Operators (MNOs) are under increasing competitive pressures to move to smart pipe business models. are risks of information security. Requirement Purpose • • • • Network Metrics • • services events Identify / deliver / manage services • • • • • Example Applications Audience measurement User behavior analysis Customer segmentation Personalized services Bandwidth / resources optimization Content / application-aware billing Quality of Experience (QoE) analysis VoIP fraud monitoring Regulatory compliance Customer Metrics Understand customer demand NI as enabling technology for smart pipe applications Customer metrics are especially important for telecom companies to understand consumer behaviors and create personalized IP services. and correlates activity between all layers. Because NI captures detailed information from the hundreds of IP applications that cross mobile networks.Network intelligence 41 Use in telecommunications Telcos. Quality of Service (QoS). and critical transparency to allay fears of potential customers. NI enables faster and more sophisticated Audience Measurement. and Personalized Services. Quality of Experience (QoE). A vendor can demonstrate hardened network security to prevent Data Leakage or Data Theft and an irrefutable audit trail of all network transaction – communication and content – related to a customer’s account. Platform as a Service (PaaS) and Software as a Service (SaaS) vendors with real-time situational awareness of network activity. e-discovery. .[11] [12] [13] Among concerns. generates metadata for communication sessions. however. VoIP Fraud Monitoring and Regulatory Compliance. User Behavior Analysis. Use in cloud computing The economics and deployment speed of cloud computing is fueling rapid adoption by companies and government agencies. regulatory compliance and auditing[14] [15] [16] . The cost savings and revenue opportunities driving smart pipe strategies also apply to Network Equipment Providers. as well as manage usage once deployed. NI classifies protocols and applications from layers 2 through 7. it provides the required visibility and analysis of user demand to create and deliver differentiating services.

. Light Reading. govinfosecurity. . [5] Aditya Kishore (2008-07-21). asp?doc_id=159415). com [11] Stacey Higginbotham (2009-07-21). com/ document. ironport. com/ podcasts. com). TMCnet. com/ businesscenter/ article/ 162157/ more_cash_for_cloud_computing_in_2009. [16] Jon Brodkin (2008-07-02). Retrieved 2009-07-27. Info World. "Will P2P Soon Be the Scourge of Mobile Networks?" (http:/ / gigaom. [13] Tom Sullivan (2008-03-29). "The Everyday Relationship Between You and ‘Your’ Information: What’s Out There on the Internet" (http:/ / ipcommunications. php?podcastID=229). Yankee Group Anchor Report. IDC. Retrieved 2011-03-15. . messagelabs. com/ news/ 2008/ 070208-cloud. Retrieved 2009-07-28. com/ topics/ ip-communications/ articles/ 52992-everyday-relationship-between-and-information-whats-out-there. com/ getdoc. it enhances the effectiveness of applications for Database Security. html). com/ securitytrends/ ). pcworld. Retrieved 2010-06-15. IronPort. "Light Reading report: Network Acceleration . "Network Intelligence is Key to Profiting from Anywhere Demand" (http:/ / www. . com/ 2009/ 07/ 21/ a-brave-new-world-700m-new-net-users-seen-by-2013/ #more-59899). when where and how. Real-time data capture. . . [14] Henry Sienkiewicz (2008-04-30). com/ mlireport/ MLIReport_Annual_2008_FINAL. Light Reading. . [12] "IDC Finds Cloud Computing Entering Period of Accelerating Adoption and Poised to Capture IT Spending Growth Over the Next Five Years" (http:/ / idc. extraction and analysis allow security specialists to take preventive measures and protect network assets in real time as a complement post-mortem analysis after an attack. Retrieved 2009-07-27. Info World. . Heavy Reading. com/ 2009/ 07/ 21/ will-p2p-soon-be-the-scourge-of-mobile-networks/ #more-59491). do?id=53513). htm). TMCnet. Retrieved 2009-07-27. com/ ResearchDocument. [6] Shireen Dee (2009-02-03). 2008. providing situational awareness for Lawful Interception and Cyber Security. . The network visibility afforded by NI can also be used to build enhancements and next-generation solutions for Network Performance Management. Retrieved 2010-06-15. heavyreading. "More Cash for Cloud Computing in 2009" (http:/ / www. GigaOM. fiercetelecom. 2009. lightreading. [15] Ephraim Schwartz (2008-07-07). . . Retrieved 2009-07-28. "A Brave New World: 700M New Net Users Seen By 2013" (http:/ / gigaom. . "Market Research: New Opportunity for Service Providers?" (http:/ / www. [9] Jordan Golson (2009-07-21). and internal billing of networked applications. Use in business Because NI combines real-time network monitoring with IP metadata extraction. Retrieved 2009-07-28. "DISA’s Cloud Computing Initiatives" (http:/ / www. GigaOM. html). "Qosmos Network Intelligence Helps Development of Smart Pipe Solutions" (http:/ / caas.Managing Data Growth" (http:/ / www. com/ offer/ windriver_intel?source=ebook_tab). . "The dangers of cloud computing" (http:/ / www. [7] "MessageLabs Intelligence: 2008 Annual Security Report" (http:/ / www. "Gartner: Seven cloud-computing security risks" (http:/ / www. . jsp?containerId=prUS21480708). [4] Simon Sherrington (2010-06). [8] "2008 Internet Security Trends" (http:/ / www. WAN Optimization. Retrieved 2009-07-27. Content Filtering. "Deep Packet Inspection Semi-Annual Market Tracker" (http:/ / www. Database Auditing and Network Protection. Government Information Security Podcasts. networkworld. Retrieved 2009-07-28. yankeegroup. [2] Brian Partridge (2010-05-17). PC World. References [1] Jessica Schieve (2011-02-23). com/ d/ cloud-computing/ dangers-cloud-computing-839). pdf).Network intelligence 42 Use in government NI extracts and correlates information such as who contacts whom. 2008-10-20. Retrieved 2010-06-15. heavyreading. . . tmcnet. htm). Customer Experience Management. Retrieved 2009-07-27. Retrieved 2009-07-28. MessageLabs. [10] http:/ / www. [3] Thibaut Bechetoille (2009-03-25). infoworld. tmcnet. com/ topics/ caas-saas/ articles/ 49997-qosmos-network-intelligence-helps-development-smart-pipe-solutions. Retrieved 2009-07-27.

mobile communications. is a provider of integrated Application Delivery and Network Security solutions based in Tel Aviv. healthcare. transportation.[4] The company is headquartered in Tel Aviv. education. Israel. Europe.[5] Radware former VP of business development is businessman Yuval Tal. insurance. e-Commerce. Its customers cover all major industry segments including financial services. CEO and Director. Radware offers networking solutions for data center virtualization. Israel Key people Products Revenue Employees Subsidiaries Website CEO: Roy Zisapel CFO: Meir Moshe COO: Ilan Kinreich Application Delivery and Network Security $144. For the enterprise. application & WAN optimization. Roy Zisapel is the current President. In February 2009 Radware acquired Nortel’s Application Delivery business (Alteon) and now offers them under a merged brand. The disposal by Nortel was part of a move to reduce its debt and recover from Chapter 11. Israel and is a member of the Rad Group of companies.1 million USD (2010) 700+ Radware Alteon www. now President of Payoneer.radware. .[3] History Radware was co-founded by Yehuda Zisapel and Zohar Zisapel in 1997.Radware 43 Radware Radware Type Industry Founded Public (NASDAQ: RDWR Technology 1997 [1] ) Headquarters Tel Aviv. Radware Alteon. and security. Africa and Asia Pacific. manufacturing. retail.com [2] Radware (NASDAQ:RDWR). cloud computing. Middle East. In 1999 the company had an initial public offering and was listed on the NASDAQ stock exchange. government. Sales markets The company markets and sells its products worldwide through an indirect sales channel that includes distributors and resellers located in the Americas. services and carriers.

January 21.com/newsevents/ mediacoveragedetail. Files for $43m IPO (http:/ / www. Forum. Juniper Networks.aspx?id=8363) TechNewsWorld. com/ asp/ SummaryQuote. Gartner. pdf).radware. BEA. . Riverbed.radware. (http:/ / www. com/ news/ net_management_firm_radware_files_for_43m_ipo).radware. Computer Business Online. retrieved 2009-10-16 [6] Radware partners (http:/ / www. RSA and BEA. February 24. 2011 . February 1. 2011 • Web Traffic Requires Traffic Cop. FBI Wants New Tools (http://www.aspx?id=8365) Global Security Mag.aspx?id=8361) CTO Edge. radware. com/ 2448-14061_23-272392. January 27.radware.com/newsevents/ mediacoveragedetail. com/ [3] Magic Quadrant for Application Delivery Controllers. VMWare. January 19.com/newsevents/ mediacoveragedetail. Microsoft. html). securitytechnet. 2011 • Radware Makes ADCs Virtual (http://www. Finjan.com/newsevents/mediacoveragedetail.radware. .com. asp?symbol=RDWR& selected=RDWR [2] http:/ / www.[6] References [1] http:/ / quotes. .aspx?id=8417) Processor. Radware USA: Facebook hacked: a reminder for on-line businesses (http://www. Security (http://www. radware. ByteMobile. aspx). SAP AG.aspx?id=8315) Infosecurity Magazine. com/ resource/ networking/ loadbalancing/ Mediaproducts-gartner. nasdaq.Radware 44 Core technology The core technologies that make up Radware’s offering include: • • • • • • • • • • • • Application Delivery Virtualization Global Load Balancing VoIP Load Balancing SIP Load Balancing Application Acceleration SSL Acceleration XML Acceleration/Security MultiWAN Switching Quality of Service (QoS) Web Application Firewalling Network Intrusion Prevention DPI/DFI Partners Radware partners with leading industry application and technology providers such as: AT&T.radware. January 26. 2011 • Smartphones and Social Media Can Be a Risky Combination (http://www. Oracle Corporation.com/newsevents/mediacoveragedetail. InfoSys. retrieved 2009-10-16 External links • To Probe 'Dark Spots' Where Cybercrooks Lurk. Blue Coat.com/newsevents/mediacoveragedetail. retrieved 2009-10-16 [4] Net Management Firm. February 11.radware. Blackboard. HP. 2011 • Inside Data Center Preparedness (http://www. com/ Company/ TechnologyAlliances/ default. cbronline.aspx?id=8419) Fox News.com/newsevents/mediacoveragedetail. retrieved 2009-10-16 [5] Radware acquires Nortel division for USD18m (http:/ / www. . aspx?id=8295) Investor’s Business Daily. Radware. IBM. bnet. BNET. 2011 • Carl Herberger VP of security solutions. 2011 • Facebook Once Again Hangs Up on Phone Rumors (http://www.

xhtml?ID=61374&cm_ven=PAID& cm_cat=OVR&cm_pla=CO4&cm_ite=radware) .com/q/pr?s=RDWR) 45 .com/ newsevents/mediacoveragedetail. December 10.aspx?id=8239) ConnectedPlanet.radware.com/newsevents/ mediacoveragedetail.com/free/co/factsheet.com • Radware on Yahoo Finance (http://finance.aspx?id=8211) Investor’s Business Daily.hoovers. 2011 • WikiLeaks Hacktivists Explain “Operation Payback” (http://www. January 13.radware.by Hoovers.Radware • Virtualized infrastructure key to enticing enterprise to carrier cloud services (http://www. 2010 • Radware Factsheet (http://www.yahoo.

ranging from service creation. Initial product sales focused at congestion management as operators struggled with the high growth of broadband. and substitute it for the one selected by the P2P . Ontario. Co-Founder. Co-Founder. Co-Founder. usage-based billing. In March 2006 Sandvine completed an initial public offering on the London AIM exchange under the ticker 'SAND'.[6] congestion management. COO and VP Engineering Don Bowman. VoIP and gaming. AIM: SAND [2]).[8] Company history Sandvine was formed in August 2001 in Waterloo. Many operators have shifted focus to revenue generating services and reducing operational expenditure. and P2P path optimisation. Co-Founder. Ontario (2001) Industry Founded Headquarters Waterloo. A subsequent round of financing of $19M (Cdn) was completed in May 2005. using multiple source (EHLO) domains and large address books. CFO Tom Donnely.[9] [10] Quality of service control is provided for a range of media applications including video conferencing. CTO Website www. DSL.[5] billing. is a networking equipment company based [4] in Waterloo. Ontario Key people Dave Caputo.[7] Sandvine targets its products at consumer Tier 1 and Tier 2 networks including cable. Canada. including the control of spam. The device can then determine the optimal peer to use. and uses a path cost algorithm to reduce congestion while still delivering the same content. Sandvine network policy control products are designed to implement broad network policies.com [3] Sandvine Incorporated (TSX: SVC [1]. quality of service.Sandvine 46 Sandvine Sandvine Incorporated Type Public [1] TSX: SVC [2] AIM: SAND Networking Hardware and Software Waterloo. Rather than identifying individual messages. PixStream.sandvine. EVP Marketing & Sales Brad Siim. President and CEO Scott Hamilton. Technology Sandvine's technology focuses on policy management. and mobile. In October 2006 Sandvine completed an initial public offering on the Toronto stock exchange under the ticker 'SVC'. spam control is based on identifying sources of spam from behaviors such as using multiple SMTP servers. Canada. Ontario.[11] [12] The P2P path optimizer [13] focuses on Gnutella. including the hash requested. and security. by a team of approximately 30 people from a recently closed Cisco acquisition. An initial round of VC funding launched the company with $20M (Cdn). Stateful Policy Management [14] uses stateful deep-packet inspection and packet spoofing to allow the networking device to determine the details of the p2p conversation.

asp) [12] CNW Group | VECIMA NETWORKS INC. as well as all fixed access." [15] The usage-based-billing includes[16] pre-paid and post-paid 3G and 4G mobile access. May 2000 article "Nonintrusive TCP Connection Admission Control for Bandwidth Management of an Internet Access Link". com/ news/ pr_detail. com/ news/ pr_detail.and post-paid service plans across converged networks (http:/ / www.[20] Comcast injected reset packets into peer-to-peer connections. php?qm_symbol=SVC http:/ / www. htm?bsg=true& ns=SAND http:/ / www. session management is an effective strategy. com/ news/ pr_detail. cantechletter. sandvine. int/ pctdb/ en/ wo. gov/ prod/ ecfs/ retrieve. sandvine. References [1] [2] [3] [4] [5] http:/ / tmx.Major Wireless Carrier Selects Sandvine’s 10-Gigabit Ethernet Solution to Give Subscribers More Control over their Mobile Internet Experience (http:/ / www. londonstockexchange. This method of network management was described in the IEEE Communications. html) [10] (WO/2005/109816) A SYSTEM AND METHOD FOR DETECTING SOURCES OF ABNORMAL COMPUTER NETWORK MESSAGES (http:/ / www. com/ news. | CableMatrix and VCom Showcase First QoS Enhanced Video Conferencing over WiMAX Solution (http:/ / www. sandvine.[18] Sandvine's current congestion management product. org/ html/ rfc6057) [20] eff.[17] 47 Comcast Controversy Sandvine products are used by Comcast in the United States to manage Internet traffic generated by peer-to-peer file sharing software. This is the default behaviour for Sandvine’s session management policy and limits external leechers from [23] connecting to internal seeds.StarHub Selects Sandvine to Deploy End-to-End PacketCable MultiMedia Solution (http:/ / www. asp?ID=100) [6] Sandvine Incorporated: Press Release . thefreelibrary. do?lang=EN& docClass=7& issuerNo=00024246& fileName=/ csfsprod/ data106/ filings/ 01560378/ 00000001/ s:\svcMDA. pdf) [9] A SYSTEM AND METHOD FOR DETECTING SOURCES OF ABNORMAL COMPUTER NETWORK MESSAGES . wipo. com/ 2011/ 05/ cantech-letter-interviews-dave-caputo-of-sandvine-tsxsvc/ Sandvine Incorporated: Press Release . ietf. freepatentsonline. cgi?native_or_pdf=pdf& id_document=6520169715) [19] Comcast's Protocol-Agnostic Congestion Management System (http:/ / tools. eff. jsp?wo=2005109816) [11] Sandvine Incorporated: Service Delivery Engine (http:/ / www. quotemedia. patch distribution and illegal downloads). is described in detail in an RFC. newswire. html) [13] (WO/2003/094465) PATH OPTIMIZER FOR PEER TO PEER NETWORKS (http:/ / www. This affects all uses of BitTorrent (such as open-source project distribution.Patent EP1743466 (http:/ / www. asp?ID=243) [17] Sandvine supports pre.Free Online Library (http:/ / www. -a0139417017) [8] Sandvine Management's Discussion and Analysis (http:/ / sedar.[19] According to independent testing. org/ deeplinks/ 2007/ 10/ comcast-also-jamming-gnutella-and-lotus-notes) . com/ Adelphia+ Selects+ Sandvine+ to+ Protect+ Subscribers+ from+ Worms+ and+ Spam. In cases where a subscriber is a “seeder” and uploads content to an off net “leecher”. com/ quote. groupware clients affected (http:/ / arstechnica. sandvine. wipo. int/ pctdb/ en/ wo. ca/ en/ releases/ archive/ October2006/ 10/ c6288. com/ EP1743466. sandvine.. asp?FILEID=16) [15] Comcast traffic blocking: even more apps. sandvine.Sandvine algorithm. fcc. which effectively caused a certain limited number of outbound connections to immediately terminate. by "[sitting] in the middle. ars/ post/ 20071021-comcast-traffic-blocking-even-more-apps-groupware-clients-affected. com/ news/ pr_detail. html) [16] Sandvine Supports Cricket Broadband Internet (http:/ / www. com/ general/ getfile. asp?ID=148) [7] Adelphia Selects Sandvine to Protect Subscribers from Worms and Spam. sandvine. com/ products/ service_delivery_engine. jsp?wo=2003094465) [14] "Meeting the Challenge of Today's Evasive P2P Traffic" (http:/ / www.[21] [22] A product whitepaper published by Sandvine confirms that its products are configurable to use "Session Management" capability to prevent customers using BitTorrent from providing uploads to peers who are not close to them on the network. imitating both ends of the connection. .org article on Comcast jamming Gnutella and Lotus (http:/ / www. com/ GetFile. com/ en-gb/ pricesnews/ prices/ Trigger/ genericsearch. asp?ID=283) [18] Comcast's compliance report to FCC on its previous network management techniques (http:/ / gullfoss2. Fairshare. the subscriber may be session managed without negative impact.. and sending reset packets to both client and server. com/ http:/ / www.

comsoc.org/ci/private/2000/may/Kumar.html (http://www. sandvine.org/article. org/ ci/ public/ 2000/ may/ index.Managing the Impact on Subscriber Experience http:/ / www. html) [22] Nonintrusive TCP Connection Admission Control for Bandwidth Management of an Internet Access Link (http:/ / www. com/ general/ getfile.com/forum/ r18323368-Comcast-is-using-Sandvine-to-manage-P2P-Connections) • http://www. html) [23] Session Management: BitTorrent Protocol . asp?FILEID=21 48 External links • Sandvine (http://www.org/ci/private/2000/ may/Kumar.comsoc.sandvine.Sandvine [21] IEEE Communications Interactive (http:/ / www. org/ ci/ private/ 2000/ may/ Kumar.pl?sid=07/10/19/1417238) • Dslreports: Comcast is using Sandvine to manage P2P Connections (http://www.comsoc.dslreports.com) • Slashdot: Comcast filtering network packets (http://slashdot. comsoc.html) .

[8] On July 23.[7] The company has acquired a number of companies through the years. which includes the Ontario Teachers' Pension Plan through its private investor department. (Matt) Medeiros (formerly of Philips Components) became CEO in March 2003.[3] The company solutions also serve to solve issues surrounding HIPPA and PCI compliance issues.sonicwall. Spyware. California Key people CEO: Matthew T. Sudhakar Ravi Products Revenue Employees Website Security Appliance filtering Spam. . backup and recovery. UTMs (Unified Threat Management).SonicWALL 49 SonicWALL SonicWALL Type Industry Founded Private Backup and Recovery. Backup and Recovery. Internet security 1991 Headquarters San Jose. (Matt) Medeiros CFO: Robert D. In November 1999 they went public (SNWL). Teachers' Private Capital. LLC. Selvi Founders: Sreekanth Ravi.[3] [5] In the late 1990s they released a security product later branded "SonicWALL" which was a dedicated hardware appliance with firewall and VPN software intended for the small-business market. 2010 SonicWALL announced that it has completed its merger with affiliates of an investor group led by Thoma Bravo. hubs and bridges. VPNs (Virtual Private Network). The company also markets information subscription services related to their products. These include devices providing services for network firewalls.[6] Matthew T. CA. After the merger SonicWall was delisted from NASDAQ. Viruses and other Malware USD 219 million (2008) 700 (January 2008) www. Security appliances.[4] History The company was founded in 1991 under the name "Sonic Systems" by brothers Sreekanth and Sudhakar Ravi to develop Ethernet and Fast Ethernet cards.com [2] [1] SonicWALL is a private company headquartered in San Jose. expanding its product line in the process. and anti-spam for email. It sells a range of internet appliances primarily directed at content control and network security.

2010.) (http:/ / www. Retrieved 2010-03-05. 1999. SonicWALL. sonicwall. com/ q/ pr?s=SNWL). sonicsys. O). 2011. Retrieved 2010-03-05. 2010. [7] "SonicWall Company Officers . redzonetech. sec. [8] "News Archive Search of "SonicWall acquisition" including frequency chart" (http:/ / news.Reuters" (http:/ / www. archive. html?wlc=1267835772). reuters. 2010. Yahoo!. html) on 1999-05-04. Retrieved 2011-06-06. . [4] "Sonicwall PCI Compliance Case Study" (http:/ / www. . aisec. com/ finance/ stocks/ companyOfficers?symbol=SNWL. Google. sonicsys. com [3] "SNWL: Profile for SonicWALL. ecommercetimes. html). Inc. . Retrieved 2010-03-05. net/ wp-content/ uploads/ 2011/ 06/ Davco_Restaurants_SW. co. uk/ ) [11] SonicWALL Online (UK Gold Partner) (http:/ / www. uk/ ) [12] RedZone Technologies (http:/ / www.SonicWALL 50 Resellers • • • • New England[9] UK & Ireland[10] UK & Ireland[11] United States[12] References [1] sec.gov (http:/ / www. 1999. Retrieved 2010-03-05. pdf). [5] "Corporate Information" (http:/ / web. gov/ Archives/ edgar/ data/ 1093885/ 000109388509000007/ f10k. com/ ) [10] AIS (Access Information Security) (http:/ / www. sonicwallonline. . Retrieved 2010-03-05. com/ archivesearch?um=1& cf=all& ned=us& hl=en& q=SonicWall+ acquisition& cf=all). NSIserv." (http:/ / finance. org/ web/ 19990504153444/ http:/ / www. com/ Corporate_Info/ index. Ecommerce Times. yahoo. htm) [2] http:/ / www. [9] NSI (New England Systems Inc. [6] "SonicWall IPO Should Make Noise" (http:/ / www. co. Archived from the original (http:/ / www. SonicWALL. com/ story/ 1715. redzonetech. google. . Reuters. . net/ ) . com/ Corporate_Info/ index.

originally developed for Check Point FireWall-1. software. Finland Area served Key people Worldwide Ilkka Hiidenheimo (Chairman & CEO) Juha Kivikoski (COO) Mikael Nyberg [2] (CFO) Products Network security Firewall IPS VPN Security appliances Virtual appliances Employees Website [3] 174 (Dec 2009) stonesoft. IPS (intrusion detection and prevention systems). and sales offices throughout Europe. Its product portfolio includes firewall/VPN devices. can be managed from the StoneGate Management Center. Finland-based vendor of network security solutions.[7] The product portfolio differentiates through unique clustering and load balancing technologies based on the company's older StoneBeat technology.Stonesoft Corporation 51 Stonesoft Corporation Stonesoft Corporation Secure Information Flow Type Public [1] NASDAQ OMX: SFT1V Network Security Helsinki. Georgia. United States. with a regional headquarters in Atlanta. and China. . the Middle East. as well as third-party devices.[5] each available as hardware appliances. and VMware-certified virtual appliances. Finland (1990) Ilkka Hiidenheimo Hannu Turunen Industry Founded Founder(s) Headquarters Helsinki. Stonesoft does business globally.com [4] Stonesoft Corporation is a publicly owned Helsinki.[6] Each of the components. and SSL VPN systems.

[13] The District Court of Helsinki had originally dismissed the claims in a decision on November 15. com/ solutions/ partners/ stonesoft_fc. the Helsinki Court of Appeal issued a decision in a case brought against Stonesoft and several members of its management team. The StoneGate Firewall/VPN was launched on March 19. In 1994 it introduced StoneBeat. yet "a profit warning should in fact have been issued". the company introduced the first virtual firewall/VPN solution.621& RS=PN/ 6. pdf [4] http:/ / www. com [5] http:/ / www.[12] Controversy In 2008. Stonesoft expanded its product set into the firewall/VPN space. and is currently placed in the niche quadrant.[10] Products Stonesoft's current product portfolio can be divided into four major categories[5] : • • • • StoneGate Firewall/VPN StoneGate IDS/IPS StoneGate SSL VPN StoneGate Management Center (SMC) The StoneGate Firewall/VPN has placed in Gartner's Magic Quadrant for Enterprise Network Firewalls for several years. uspto.856. for IBM mainframes. The court "held that two members of the company's board of directors and a former CEO through gross negligence had failed to give a profit warning in due time". stonesoft. com/ cgi-bin/ stories. html& r=1& f=G& l=50& co1=AND& d=PTXT& s1=6. com/ us/ products/ smc/ index.[11] The StoneGate IPS has also placed in Gartner's Magic Quadrant for Network Intrusion Prevention.[14] References [1] http:/ / www.856. com/ us/ products/ index. and it has a loyal customer base". PN.621 [9] http:/ / www. high availability is key or when the leaders are otherwise not welcome". stonesoft. and is one of only four vendors in the consortium to achieve that certification. & OS=PN/ 6. 2006. com/ products?tid[]=4222 . icsalabs. pl?ACCT=104& STORY=/ www/ story/ 01-22-2003/ 0001876476& EDATE= [11] http:/ / www.[11] The StoneGate firewall/VPN is regarded for its "robust performance and feature set relative to company resources. In January 2003. prnewswire. opsec. com/ appliances/ directory/ cat/ 522?k=Stonesoft& c=522 [7] http:/ / www. pdf [12] https:/ / www. The reports indicated the company was sound and profitable. vmware. the company extended StoneBeat with a patented load balancing clustering technology. It is also certified by ICSA Labs Network Intrusion Prevention and Detection category. com/ aktier/ shareinformation?Instrument=HEX24350 [2] http:/ / www. gov/ netacgi/ nph-Parser?Sect1=PTO2& Sect2=HITOFF& p=1& u=%2Fnetahtml%2FPTO%2Fsearch-bool.856. html [6] http:/ / www. com/ en/ investor_relations/ corporate_governance/ management/ [3] http:/ / www.[11] Gartner notes that Stonesoft "serves a set of placements well – usually.[8] launching StoneBeat FullCluster. 2001. html [10] http:/ / www2. html [8] http:/ / patft. stonesoft.[9] In 2001. In 1999. stonesoft. nasdaqomxnordic. com/ pdf/ Gartner_Magic_Quadrant_Firewalls_2010.[13] The issue at hand was discrepancies between the profitability forecasted in the company's year 2000 interim reports and the actual state of the company at that time. a technology for creating a high availability pair of firewalls in an active-passive configuration. vadition. stonesoft. becoming a direct competitor to Check Point. It was one of the first technologies certified in Check Point's OPSEC program.621.Stonesoft Corporation 52 History Stonesoft started as a systems integrator in the Nordic regions of Europe. com/ export/ download/ financial_files/ stonesoft_annual_report_2009_en.

euroinvestor. uk/ news/ story. co.com) • Semi-official community Web site (http://stoneblog. fi/ whats_new/ newsletters/ D& I%20Q4%202008.com) . dittmar. PDF [14] http:/ / www.stonesoft.Stonesoft Corporation [13] http:/ / www. aspx?id=10020587 53 External links • Official website (http://www.stonesoft.

thetanetworks. com/ news_events/ china_mobile_thanks_theta_networks_for_its_unique_support_during_the_olympics. Theta's solutions reassembles and finds relationships between subscriber application sessions at Open Systems Interconnection layer 7 using Deep Packet Inspection. Ericsson. fr/ Press-Announcements/ Press-AnnouncementTheta-Networks. com/ resources/ cross_packet_inspection. genetel.[13] References [1] Theta Networks. nokiasiemensnetworks. php?press_id=1162 [7] http:/ / www. (http:/ / investing. com/ news/ view/ 119 [13] http:/ / www. com/ news_events/ theta_networks_manage_data_services_for_beijing_2008_olympic_games.[10] The company has office in New Jersey. html [10] http:/ / searchsecurity. com/ [3] http:/ / www. com/ extras/ ict_telecom_press_release_article. SMS. html [6] http:/ / www.com [2] http:/ / www. vanillaplus.[7] [8] [9] This technology can be applied to mobile use of WAP. html [5] http:/ / www. and also recently established partnerships in Australia[12] . ossnewsreview. connect-world. Orange and China Mobile [4] [5] Games Recently. and Cross Session Inspection. thetanetworks. Theta Networks company works in France through a partner[11] . South America. thetanetworks. techtarget. Motorola. com/ resources/ deep_session_inspection. Cross Packet Inspection. and Streaming Technology. html [12] http:/ / www. and assisted China Mobile during the Olympic Networks. htm [4] http:/ / www. a DPI-based network security product. uk [11] http:/ / www. html [9] http:/ / www. html [8] http:/ / www. co. rl. html& src=searchsecurity. uk/ detail/ PROD/ 1110792023_599. Inc. co. thetanetworks. Theta Networks has been a major supplier to Nokia Siemens [1] [3] . com/ global/ Press/ Press+ releases/ news-archive/ Nokia+ Siemens+ Networks+ to+ expand+ its+ customer+ base+ in+ service+ management+ through+ channel+ partners. HTTP.Theta Networks 54 Theta Networks Theta Networks Type Industry Founded Founder(s) Headquarters Key people Products Website Private Telecommunication [1] 2005 Steve Zhu New Jersey. techtarget. com/ resources/ cross_session_inspection. Theta Networks also offers VirusGuardMax. com/ research/ stocks/ private/ snapshot.[1] The company develops Deep Packet Inspection-based software that can be used for monitoring. MMS. and China. United States Steve Zhu (CEO) DPI Software [2] Theta Networks is a New Jersey based Telecommunication solutions company that was founded in 2005. and Russia. com/ telecom-oss/ theta-networks-and-syrus-systems-form-partnership-in-russia/ . asp?privcapId=28831084) BusinessWeek. optimization. Theta Networks has also been working with China Mobile on monitoring and support for their new TD-SCDMA networks[6] . rl. thetanetworks. thetanetworks. subscriber management and security on mobile networks. DNS. businessweek.

In 2010. Corporate focus is on networking gears. Viaedge offers products in various segments of the Application Delivery Controller market. 75% of the Viaedge business was with ET 500 companies. If a server went down or became overloaded. KEMP Technologies.viaedge. Armorlogic. Corporate history Viaedge Software Technologies was founded in 2002.Theta Networks 55 External links • Company Site (http://www. Gartner cite the most significant competitors (in terms of market share) as Cisco Systems and Citrix Systems. Crescendo Networks. This appliance can then run one or more product modules (depending on the appliance selected).com) Viaedge Viaedge Software Technologies (I) Pvt.com [1] Viaedge Software Technologies. was originally a network load balancer but today also offers other functionality such as access control and application security. Type Industry Founded Private Limited company Technology 2002 Headquarters Mumbai. Products V-Load Director (VLD) Viaedge's VLD product is based on a network appliance (either virtual or physical).ThetaNetworks. Other competitors include A10 Networks. Viaedge's first product was a Server load balancer called VLD. It is headquartered in Mumbai. . It originally manufactured and sold load balancing products.. . Coyote Point Systems. the V-Load Director. Barracuda Networks. Ltd. Radware and Zeus Technology. Viaedge' flagship product. India Key people Products Website MD: Phani Bhushan Networking www. Array Networks. VLD directed traffic away from that server to other servers that could handle the load. which runs on top of Linux. is a networking appliances company. Maharashtra and has development and marketing offices PAN India. Add-on modules to VLD family of products offer email filtering and intelligent compression to allow for lower bandwidth and faster downloads in addition to load balancing and local traffic management capabilities. Brocade. which provide the VLD functionality.

a PC/server-type motherboard . The previous platforms had two internal boards . This appliance can then run one or more product modules (depending on the appliance selected).[2] with approximate best-case throughput indicated: Model VLD 100 Advertised throughput 1 Gbit/s VLD Pro 4101 1 Gbit/s VLD Pro 4102 2 Gbit/s VLD Pro 4202 2 Gbit/s VLD Pro 4204 4 Gbit/s VLD Pro 4206 6 Gbit/s VLD Ent 5404 4 Gbit/s VLD Ent 5408 8 Gbit/s VLD Ent 5812 12 Gbit/s VLD Ent 5816 16 Gbit/s Model Throughput WAN Ports 2 2 3 4 6 8 10 12 Restricted Maximum Bandwidth 2 Mbps 4 Mbps 6 Mbps 10 Mbps 20 Mbps 45 Mbps 100 Mbps 500 Mbps LLB S-002 200 Mbps LLB S-004 200 Mbps LLB P-006 300 Mbps LLB P-010 2 Gbps LLB E-020 3 Gbps LLB E-045 4 Gbps LLB T-100 5 Gbps LLB T-500 6 Gbps . but some previous models have included AMD Opteron CPUs.Viaedge 56 V-NetLink (VLLB) Viaedge's V-Netlink product is based on a network appliance (either virtual or physical). and hardware compression assistance. which runs on top of Linux. and the hardware models internally use a single custom-fabricated system board. Viaedge Appliances The current line of VLD & V-NetLink appliance was released between 2009 and 2010. Hardware models include a front LCD panel for configuration and monitoring and a separate service processor for out-of-band management. The current hardware line-up uses Intel CPUs. Some models include hardware SSL acceleration for key exchanges and bulk encryption/decryption . The full model line-up is as follows. which provide the VLD functionality.

Packet framing A packet consists of two kinds of data: control information and user data (also known as payload). for example: source and destination addresses. . External links • viaedge. control information is found in packet headers and trailers. and sequencing information. characters. Different communications protocols use different conventions for distinguishing between the elements and for formatting the data. like Ethernet. viaedge. Computer communications links that do not support packets. In Binary Synchronous Transmission. and the data area is whatever the person puts inside the envelope. Typically.viaedge. the packet is formatted in 8-bit bytes. A good analogy is to consider a packet to be like a letter: the header is like the envelope. The control information provides data the network needs to deliver the user data. By using packet switched networking it is also harder to guarantee a lowest possible bitrate. error detection codes like checksums.com (http://www. Retrieved 2010-08-17.com/) Network packet In computer networking. Other protocols. establish the start of the header and data elements by their location relative to the start of the packet. with user data in between. the bitrate of the communication medium can be better shared among users than if the network were circuit switched. such as traditional point-to-point telecommunications links. is that some networks can break a larger packet into smaller packets when necessary (note that these smaller data elements are still formatted as packets). When data is formatted into packets. however. com/ solutions/ data-centre-solutions/ application-load-balancer). a packet is a formatted unit of data carried by a packet mode computer network. WAN OptimiZation Module: A data centre symmetric WAN optimization solution. and special characters are used to delimit the different elements. V-Application Delivery Controller: Global Server Load Balancing using DNS. Some protocols format the information at a bit level instead of a byte level. . NetLink: Inbound and outbound ISP load balancing. simply transmit data as a series of bytes. A difference. A network design can achieve two major results by using packets: error detection and multiple host addressing. com/ [2] "Viaedge Hardware Data Sheet" (http:/ / viaedge. 57 References [1] http:/ / www. or bits alone.Viaedge Viaedge Product Modules • • • • V-Load Director : Local load balancing based on a full-proxy architecture.

Meanwhile. it provided a reliable packet delivery procedure to its connected hosts via its 1822 interface. 4 bits that contain the version. also referred to as Quality of Service (QoS). Once the message was delivered to the destination host. All these protocols use packets. a field to identify position of fragment within original packet . TCP and IP provide a reliable service. Together. the term packet applies to any message formatted as a packet. like the ARPANET and the modern Internet. 3 bits that contain a zero. In complex networks constructed of multiple routing and switching nodes. inserted the address of the destination host computer. the developers of CYCLADES and of ALOHAnet demonstrated that it was possible to build an effective computer network without providing reliable packet transmission. but UDP packets are generally called datagrams. This technology is called packet switching. 4 bits that contain the Internet Header Length which is the length of the header in multiples of 4 bytes (e. 5. a series of packets sent from one host computer to another may follow different routes to reach the same destination. and this pushed responsibility for error detection onto the sending host in any case. 6. 2. 16 bits that contain the length of the packet in bytes. and a flag to state whether more fragments of a packet follow (MF: More Fragments) 7. Host addressing Modern networks usually connect three or more host computers together. a flag that says whether the packet is allowed to be fragmented or not (DF: Don't fragment). If a network does not guarantee packet delivery. The IPv4 packet header consists of: 1. 5 means 20 bytes). that specifies if it's an IPv4 or IPv6 packet. 16 bits that contain an identification tag to help reconstruct the packet from several fragments. while the term datagram is generally reserved for packets of an "unreliable" service. The packet trailer often contains error checking data to detect errors that occur during transmission. Packets vs. which is one of the Internet's fundamental design assumptions. Example: IP packets IP packets are composed of a header and payload.g.[1] A "reliable" service is one that notifies the user if delivery fails. whereas UDP and IP provide an unreliable one. IP provides an unreliable service. which describes what priority the packet should have. while an "unreliable" one does not notify the user if delivery fails. If the network could not deliver the message. datagrams In general. 8 bits that contain the Type of Service. 13 bits that contain the fragment offset. A host computer simply arranged the data in the correct packet format. This lesson was later embraced by the designers of Ethernet. Subsequent experience on the ARPANET indicated that the network itself could not reliably detect all packet delivery failures.[1] When the ARPANET pioneered packet switching. 4. an acknowledgement was delivered to the sending host. For example. in such cases the packet header generally contains addressing information so that the packet is received by the correct host computer. then it becomes the host's responsibility to provide reliability by detecting and retransmitting lost packets. This led to the development of the end-to-end principle. and sent the message across the interface to its connected Interface Message Processor. 3. it would send an error message back to the sending host.Network packet 58 Error detection It is more efficient and reliable to calculate a checksum or cyclic redundancy check over the contents of a packet than to check errors using character-by-character parity bit checking.

The size of a frame. • Packet sizes are fixed during the development phase. However. nonduplication of packets. 32 bits that contain the source IP address. then the data that packet carries is added. the presence of errors nearly always is detected by the error-correcting code or by a separate error-detecting code. and the sender's and receiver's IP addresses. e. • Even when the channel errors exceed the correction capability of the error-correcting code.542 bytes. 16 bits that contain the Header Checksum. can range up to 2048 bytes. an image or other data sent from a spacecraft instrument is transmitted using one or more packets. Because packet lengths are variable but frame lengths are fixed. of the seven layered OSI model. 59 Delivery not guaranteed Many networks do not provide guarantees of delivery. optional flags can be added of varied length. Handling data loss Deleted undecodable whole frames are the principal type of data loss that affects compressed data sets.. After those 160 bits. • Frames for which uncorrectable errors are detected are marked as undecodable and typically are deleted. which are fixed-length data blocks. 12. Telecom processing notes Data in a frame is typically protected from channel errors by error-correcting codes. Under this standard. computer or device along a network) the packet is allowed to pass before it dies (for example. The header of a packet specifies the data type. Example: the NASA Deep Space Network The Consultative Committee for Space Data Systems (CCSDS) packet telemetry standard defines the protocol used for the transmission of spacecraft instrument data over the deep-space channel. There generally would be little to gain from attempting to use compressed data from a frame marked as undecodable.g. which has its own header and trailer. ranging from 7 to 65. etc. a number used in error detection. • Packetized data is transmitted via frames. 8 bits that contain the Time to live (TTL) which is the number of hops (router. ICMP. including frame header and control information. 9.Network packet 8. the UDP protocol of the Internet. TCP and UDP are the best examples of layer 4. a packet with a TTL of 16 will be allowed to go across 16 routers to get to its destination before it is discarded). it is possible to layer a transport protocol on top of the packet service that can provide such protection. An IP packet has no trailer. or in-order delivery of packets. which can change based on the protocol used. the Transport Layer. CCSDS packet definition A packet is a block of data with length that can vary between successive packets. 11. an IP packet is often carried as the payload inside an Ethernet frame. including the packet header. packet number. . packet boundaries usually do not coincide with frame boundaries. The term frame is sometimes used to refer to a packet exactly as transmitted over the wire or radio. total number of packets. 8 bits that contain the protocol (TCP. UDP. However. 32 bits that contain the destination address.) 10.

Network packet • When errors are present in a frame. In the case of private streams the first byte of the payload is the sub-stream number. but not misleading. The elementary stream is packetized by encapsulating sequential data bytes from the elementary stream inside PES packet headers. • For frames coded by the CCSDS Reed–Solomon code. such as those used in an ATSC and DVB. which has an undetected frame-error rate of less than 1 in 32. Can be zero as in not specified for video streams in MPEG transport streams [2] [3] [4] [5] Size 3 bytes 0x000001 Description . the bits of the subband pixels are already decoded before the first bit error will remain intact. PES Packet length Optional PES header Stuffing bytes Data 2 bytes variable length variable length See elementary stream. The TS packets can then be multiplexed and transmitted using broadcasting techniques. which are the types of codes most likely to yield substantial fractions of bit errors throughout those frames that are undecodable. • Furthermore. Thus. whereas in the case of detected erroneous frames.000. frames with detected errors would be essentially unusable even if they were not deleted by the frame processor. 60 Example: Radio & TV Broadcasting MPEG packetized stream Packetized Elementary Stream (PES) is a specification defined by the MPEG communication protocol (see the MPEG-2 standard) that allows an elementary stream to be divided into packets. compressed data usually are protected by powerful. long-blocklength error-correcting codes.000 erroneous frames can escape detection. a single bit error is often just as disruptive as many bit errors. • Fortunately. • If an erroneous frame escapes detection. data. the decompressor can base its reconstruction on incomplete. This data loss can be compensated for with the following mechanisms. A typical method of transmitting elementary stream data from a video or audio encoder is to first create PES packets from the elementary stream data and then to encapsulate these PES packets inside an MPEG transport stream (TS) packets or an MPEG program stream (PS). it is extremely rare for an erroneous frame to go undetected. fewer than 1 in 40. Video streams (0xE0-0xEF) Note: The above 4 bytes is called the 32 bit start code. PES packet header Name Packet start code prefix Stream id 1 byte Examples: Audio streams (0xC0-0xDF). • All frames not employing the Reed–Solomon code use a cyclic redundancy check (CRC) error-detecting code. the decompressor will blindly use the frame data as if they were reliable. but all subsequent decoded bits in the segment usually will be completely corrupted.

Two completely different digital mono sound channels. or can transmit two or three entirely different sound streams. The mode is auto-selected by the inclusion of a 3-bit type field in the data-stream • • • • One digital stereo sound channel. One 704 kbit/s data channel. NICAM offers the following possibilities. This latter mode could be used to transmit audio in different languages. A NICAM-based stereo-TV infrastructure can transmit a stereo TV programme as well as the mono "compatibility" sound at the same time. One digital mono sound channel and a 352 kbit/s data channel.Network packet Optional PES header Name Number of Bits 2 2 1 1 indicates that the PES packet header is immediately followed by the video start code or audio syncword 1 implies copyrighted 1 implies original 11 = both present. . the NICAM signal is transmitted on a subcarrier alongside the sound carrier. 10 = only PTS 10 binary or 0x2 hex 00 implies not scrambled Description 61 Marker bits Scrambling control Priority Data alignment indicator 1 Copyright Original or Copy PTS DTS indicator ESCR flag ES rate flag DSM trick mode flag Additional copy info flag CRC flag extension flag PES header length Optional fields Stuffing Bytes 1 1 2 1 1 1 1 1 1 8 variable length variable length gives the length of the remainder of the PES header presence is determined by flag bits above 0xff NICAM In order to provide mono "compatibility". The four other options could be implemented at a later date. Only the first two of the ones listed are known to be in general use however. in a similar manner to that used for in-flight movies on international flights. NICAM packet transmission The NICAM packet (except for the header) is scrambled with a nine-bit pseudo-random bit-generator before transmission. the user can select which soundtrack to listen to when watching the content by operating a "sound-select" control on the receiver. In this mode. This means that the FM or AM regular mono sound carrier is left alone for reception by monaural receivers. • The topology of this pseudo-random generator yields a bitstream with a repetition period of 511 bits.

european-patent-office. Historically. By dropping packets probabilistically. Massachusetts: Thomson Course Technology. epo. active queue management (AQM) is a technique that consists in dropping or ECN-marking packets before a router's queue is full. com/ EP1827030. Network+ Guide to Networks. Queue management An Internet router typically maintains a set of queues. and dropped otherwise. Boston. such queues use a drop-tail discipline: a packet is put onto the queue if the queue is shorter than its maximum size (measured in packets or in bytes). 62 References [1] Kurose. AQM disciplines typically avoid both of these issues. • At the start of each NICAM packet the pseudo-random bit generator's shift-register is reset to all-ones. and can be run with their default parameters in most or all circumstances. • The pseudo-random generator is initialized with: 111111111. the result seems counter-intuitive to many network engineers: "Why should I drop perfectly good packets when I still have free buffer space?" .Network packet • The pseudo-random generator's polynomial is: x^9 + x^4 + 1. Drawbacks of AQM Early AQM disciplines (notably RED and SRED) require careful tuning of their parameters in order to provide good performance. org/ PublicationServer/ document. Blue. that hold packets scheduled to go out on that interface. dTS101154. v1. Making the NICAM bitstream look more like white noise is important because this reduces signal patterning on adjacent TV channels. Modern AQM disciplines (ARED. dvb. "Computer Networking: A Top-Down Approach" ISBN 0-321-49770-8 [2] http:/ / www.Patent EP1827030 (http:/ / www. tm1214r30. pdf [3] Method and apparatus for changing codec to reproduce video and/or audio data streams encoded by different codecs within a channel . Tamara (2006). For AQM systems that drop packets (rather than using ECN marking). jsp?PN=EP1827030%20EP%201827030& iDocId=6296342& iFormat=0 • Dean. Keith W. This is necessary so as to aid in locking on to the NICAM data stream and resynchronisation of the data stream at the receiver. Active queue disciplines drop or mark packets before the queue is full. one per interface.[2] By providing endpoints with congestion indication before the queue is full. Recent Publications in Active Queue Management (AQM) schemes [1] Benefits of AQM Drop-tail queues have a tendency to penalise bursty flows. • The NICAM header is not subject to scrambling. which reduces network latency ("ping time"). PI) are self-tuning. they operate by maintaining one or more drop/mark probabilities. and to cause global synchronisation between flows. & Ross. 8. Typically. org/ technology/ standards/ a001r7. html?iAction=3& cc=EP& pn=1827030& ki=A2) [5] https:/ / publications. AQM disciplines are able to maintain a shorter queue length than drop-tail queues. (2007). org/ patents/ patent-information/ european-patent-documents/ publication-server. 1. freepatentsonline. James F. and probabilistically dropping or marking packets even when the queue is short. html) [4] European publication server (http:/ / www. Active queue management In Internet routers.

Ref (http:/ / portal. cfm?id=1789954. org/ citation. and Zhiping Cai. RSFB: a Resilient Stochastic Fair Blue algorithm against spoofing DDoS attacks (http:/ / sites. com/ site/ cwzhangres/ home/ files/ RSFBaResilientStochasticFairBluealgorithmagainstspoofingDDoSattacks. Van (August 1993). doi:10. Jianping Yin. html). google. Sally. org/ xpl/ freeabs_all. "Random Early Detection (RED) gateways for Congestion Avoidance" (http:/ / www. Ref (http:/ / ieeexplore. com/ site/ cwzhangres/ home/ files/ RREDRobustREDAlgorithmtoCounterLow-rateDenial-of-ServiceAttacks. pdf?attredirects=0 [5] Changwang Zhang. google. vol. com/ site/ cwzhangres/ home/ posts/ recentpublicationsinactivequeuemanagementaqmschemes [2] Floyd. ieee. . com/ site/ cwzhangres/ home/ posts/ aqmdossimulationplatform [4] http:/ / sites. com/ site/ cwzhangres/ home/ files/ RSFBaResilientStochasticFairBluealgorithmagainstspoofingDDoSattacks. etc.More Details [3] AQM algorithms • • • • • • • Adaptive Virtual Queue (AVQ). 1790341) . pp. com/ site/ cwzhangres/ home/ files/ RREDRobustREDAlgorithmtoCounterLow-rateDenial-of-ServiceAttacks. 14. google. Robust random early detection (RRED) [4][5] • RSFB [6]: a Resilient Stochastic Fair Blue algorithm against spoofing DDoS attacks [7] References [1] http:/ / sites. Spoofing DoS. org/ floyd/ papers/ red/ red. RRED.) and Active Queue Management (AQM) algorithms (RED.). Retrieved 2008-03-16. Jianping Yin. acm. google.1109/90. and Weifeng Chen. 2010. pdf?attredirects=0 [7] Changwang Zhang. Low-rate DoS. [3] http:/ / sites. RRED: Robust RED Algorithm to Counter Low-rate Denial-of-Service Attacks (http:/ / sites. 2009. Zhiping Cai. PI controller.Active queue management 63 The Simulation and Analysis Platform for AQM algorithms An Active Queue Management and Denial-of-Service (AQM&DoS) Simulation Platform is established based on the NS-2 simulation code of the RRED algorithm. etc. in International Symposium on Communication and Information Technology (ISCIT). Random Exponential Marking (REM). pdf?attredirects=0). icir. It automatically calculate and record the average throughput of normal TCP flows before and after DoS attacks to facilitate the analysis of the impact of DoS attacks on normal TCP flows and AQM algorithms. IEEE Communications Letters.251892. SFB. Blue and Stochastic Fair Blue (SFB). pdf?attredirects=0). CHOKe. IEEE/ACM Transactions on Networking 1 (4): 397–413. google. Jacobson. google. The AQM&DoS Simulation Platform [3] can simulate a variety of DoS attacks (Distributed DoS. Random early detection (RED). jsp?arnumber=5456075) [6] http:/ / sites. 489-491.

Paul Baran

64

Paul Baran
Paul Baran

Born

April 29, 1926 Grodno, Poland March 26, 2011 (aged 84) Palo Alto, California United States (Polish born) RAND Corporation UCLA, Drexel Institute of Technology, Philadelphia Packet Switching

Died

Citizenship Institutions Alma mater Known for

Notable awards IEEE Alexander Graham Bell Medal, National Medal of Technology and Innovation, National Inventors Hall of Fame Spouse Evelyn Murphy Baran, PhD

Paul Baran (1926–2011) was a Polish American engineer who was a pioneer in the development of computer networks. He invented packet switching techniques, and went on to start several companies and develop other technologies that are an essential part of the Internet and other modern digital communication.

Early life
Paul Baran was born in Grodno, Poland (which is now in Belarus) on April 29, 1926.[1] [2] He was the youngest of three children in a Jewish family,[3] with the Yiddish given name "Pesach". His family moved to the United States on May 11, 1928,[4] settling in Boston and later in Philadelphia, where his father, Morris "Moshe" Baran (1884–1979), opened a grocery store. He graduated from Drexel University in 1949 (then called Drexel Institute of Technology), with a degree in electrical engineering. He then joined the Eckert-Mauchly Computer Company, where he did technical work on UNIVAC models, the first brand of commercial computers in the USA.[5] In 1955 he married Evelyn Murphy, moved to Los Angeles, and worked for Hughes Aircraft on radar systems. He obtained his Masters degree in engineering from UCLA in 1959, with advisor Gerald Estrin while taking night classes. His thesis was on character recognition.[1]

Packet switched network design
After joining the RAND Corporation that same year, Baran took on the task of designing a "survivable" communications system that could maintain communication between end points in the face of damage from nuclear weapons.[6] At the time of the Cold War, most American military communications used High Frequency connections which could be put out of action for many hours by a nuclear attack. Baran decided to automate RAND director Franklin R. Collbohm's previous work with emergency communication over conventional AM radio networks and

Paul Baran showed that a distributed relay node architecture could be survivable. The Rome Air Development Center soon showed that the idea was practicable.[7] Using the mini-computer technology of the day, Baran and his team developed a simulation suite to test basic connectivity of an array of nodes with varying degrees of linking. That is, a network of n-ary degree of connectivity would have n links per node. The simulation randomly 'killed' nodes and subsequently tested the percentage of nodes who remained connected. The result of the simulation revealed that networks where n ≥ 3 had a significant increase in resilience against even as much as 50% node loss. Baran's insight gained from the simulation was that redundancy was the key.[8] His first work was published a RAND report in 1960,[9] with more papers generalizing the techniques in the next two years.[10] After proving survivability Baran and his team needed to show proof of concept for this design such that it could be built. This involved high level schematics detailing the operation, construction and cost of all the components required to construct a network that leveraged this new insight of redundant links. The result of this was one of the first store-and-forward data layer switching protocols, a link-state/distance vector routing protocol, and an unproved connection-oriented transport protocol. Explicit detail of these designs can be found in the complete series of reports "On Distributed Communications", published by RAND in 1964.[11] The design flew in the face of telephony design of the time, placing inexpensive and unreliable nodes at the center of the network, and more intelligent terminating 'multiplexer' devices at the endpoints. In Baran's words, unlike the telephone company's equipment, his design didn't require expensive "gold plated" components to be reliable.

65

Selling the idea
After the publication of "On Distributed Communications'", Paul Baran presented the findings of his team to a number of audiences, including AT&T engineers (not to be confused with Bell labs engineers, who at the time provided Paul Baran with the specifications for the first generation of T1 circuit which he used as the links in his network design proposal). In subsequent interviews Baran mentions how his idea of non-dedicated physical circuits for voice communications were scoffed at by the AT&T engineers who at times claimed that Baran simply did not understand how voice telecommunication worked.[12] Leonard Kleinrock developed a theoretical basis for the operation of packet networks in his Ph.D. thesis in 1961. Baran used the term "message blocks" for his units of communication. Donald Davies at the National Physical Laboratory in the United Kingdom was the first to use the term "packet switching" in 1965, and apply the concept to a general-purpose computer network. Davies' key observation was that computer network traffic was inherently "bursty" with periods of silence, compared with relatively constant telephone traffic.[1] [13] In 1969 when the US Defense Advanced Research Projects Agency (ARPA) was developing the idea of an inter-networked set of terminals to share computing resources, among the number of reference materials considered was Baran and the RAND Corporation's "On Distributed Communications" volumes.[1] The resiliency of a packet switched network that uses link-state routing protocols used on the Internet stems in some part from the research to develop a network that could survive a nuclear attack.[1] [14]

Later work
In 1968 Baran was a founder of the Institute for the Future, and then involved in other networking technologies developed in Silicon Valley. He was involved in the origin of the packet voice technology developed by StrataCom at its predecessor, Packet Technologies. This technology led to the first commercial pre-standard Asynchronous Transfer Mode product. He was also involved with the discrete multitone modem technology developed by Telebit, which was one of the roots of Orthogonal frequency-division multiplexing which is used in DSL modems. In 1985, Paul Baran founded Metricom, the first wireless Internet company, which deployed Ricochet,[2] the first public wireless mesh networking system. He also founded Com21, an early cable modem company.[5] Following Com21, Baran founded and was president of GoBackTV, which specializes in personal TV and cable IPTV infrastructure

Paul Baran equipment for television operators.[15] Most recently he founded Plaster Networks, providing an advanced solution for connecting networked devices in the home or small office through existing wiring.[16] Baran extended his work in packet switching to wireless-spectrum theory, developing what he called "kindergarten rules" for the use of wireless spectrum.[17] In addition to his innovation in networking products, he is also credited with inventing the first metal detector, a doorway gun detector.[5] [18] He received an honorary doctorate when he gave the commencement speech at Drexel in 1997.[19]

66

Death
Baran died in Palo Alto, California at the age of 84 on March 26, 2011,[1] [20] due to complications from lung cancer.[14] Upon his death James Thomson, the president of RAND stated that "Our world is a better place for the technologies Paul Baran invented and developed, and also because of his consistent concern with appropriate public policies for their use."[20] One of the fathers of the internet, Vinton Cerf, stated that "Paul wasn't afraid to go in directions counter to what everyone else thought was the right or only thing to do."[14] According to Paul Saffo, Baran also believed that innovation was a "team process" and he didn't seek credit for himself.[18] On hearing news of his death, Robert Kahn, co-inventor of the Internet, said: "Paul was one of the finest gentlemen I ever met and creative to the very end."

Awards and honors
• • • • • • • • IEEE Alexander Graham Bell Medal (1990)[21] Marconi Prize (1991) Nippon Electronics Corporation C&C Prize (1996) Bower Award and Prize for Achievement in Science (2001)[5] Fellow of the American Academy of Arts and Sciences (2003)[22] National Inventors Hall of Fame (2007) National Medal of Technology and Innovation (2007)[23] UCLA Engineering Alumnus of the Year (2009)[24]

References
[1] Katie Hafner (March 27, 2011). "Paul Baran, Internet Pioneer, Dies at 84" (http:/ / www. nytimes. com/ 2011/ 03/ 28/ technology/ 28baran. html). The New York Times. . [2] Nathan Brewer; et al (March 28, 2011). "Paul Baran" (http:/ / www. ieeeghn. org/ wiki/ index. php/ Paul_Baran). IEEE Global History Network. New York: IEEE. . Retrieved March 28, 2011. [3] Georgi Dalakov. "Paul Baran" (http:/ / history-computer. com/ Internet/ Birth/ Baran. html). History of Computers web site. . Retrieved March 31, 2011. [4] David Ira Snyder (August 4, 2009). "Morris "Moshe" Baran (1884 - 1979)" (http:/ / www. geni. com/ people/ Morris-Moshe-Baran/ 6000000005033975818). Genealogy of the Baran family. Geni.com web site. . Retrieved March 29, 2011. [5] "Paul Baran - Franklin Laureate Database" (http:/ / www. fi. edu/ winners/ 2001/ baran_paul. faw?winner_id=2272). The Franklin Institute Awards - Laureate Database. Philadelphia, PA: The Franklin Institute. . Retrieved March 29, 2011. [6] "Internet pioneer Paul Baran passes away" (http:/ / www. bbc. co. uk/ news/ technology-12879908). BBC News. March 28, 2011. . Retrieved March 28, 2011. [7] Brand, Stewart (March 2001). "Founding Father" (http:/ / www. wired. com/ wired/ archive/ 9. 03/ baran. html). Wired (New York: Condé Nast Digital) 9 (3). ISSN 1059-1028. OCLC 433726773. . Retrieved March 27, 2011. "Paul Baran conceived the Internet's architecture at the height of the Cold War. Forty years later, he says the Net's biggest threat wasn't the USSR—it was the phone company". Stewart Brand's interviews Paul Baran about his work at RAND on survivable networks. [8] "Paul Baran and the Origins of the Internet" (http:/ / www. rand. org/ about/ history/ baran. list. html). RAND corporation. . Retrieved March 29, 2011. [9] Paul Baran (1960). "Reliable Digital Communications Systems Using Unreliable Network Repeater Nodes" (http:/ / www. rand. org/ pubs/ papers/ P1995. html). RAND Corporation papers, document P-1995. . Retrieved March 29, 2011.

Baran discusses his interaction with the group at ARPA who were responsible for the later development of the ARPANET.pdf?abstractid=732483&mirid=5) (PDF). org/ Infrastructure/ Wireless_cellular_radio/ ). Retrieved March 28. 2011. "Opportunity Lies In Ideas. He Received An Honorary Doctorate" (http:/ / articles. San Francisco. . 1994). philly.org/index. . [11] Paul Baran et al. [12] "Internet Architect Paul Baran Dies at 84" (http:/ / www. . MN: Charles Babbage Institute. the objections he received. 2011). Retrieved March 31.com/).cbi. . Retrieved March 29. March 29.Wireless/Cellular/Radio" Archive (http:/ / w2. 2011. Retrieved March 31. 2011. . "Keynote Talk Transcript. "Oral history interview with Paul Baran" (http://www. 2011. gov/ about/ nmti/ recipients/ 2007. and the writing and distribution of his eleven-volume work. rand. p. his initial interest in survivable communications. . html). and Future: Paul Baran Addresses CableLabs® Winter Conference" (http://www. A 44-page transcript in which Baran describes his working environment at RAND. transcript). School of Law. Patrick S. Minneapolis. com/ 1997-06-15/ news/ 25524943_1_constantine-papadakis-paul-baran-graduation-ceremony). Retrieved March 29.livinginternet.php)) 3 (2): 239–274. eff. html). Retrieved March 31. Retrieved March 29. 2011. Retrieved March 29. • "Convergence: Past. 2011. pdf).com (http://www. 2011. com/ company-management. html).edu/oh/index. William Stewart. [19] Nita Lelyveld (June 15.pgs/leadstory. [14] "Internet pioneer Paul Baran passes away" (http:/ / www. Rand. (March 5. goBackTV web site. story). eff. rand. 2011. "the Grandfather Of The Internet" Spoke At His Alma Mater. org/ about/ history/ baran-list. [21] "IEEE Alexander Graham Bell Medal Recipients" (http:/ / www. 2010. php). CA: Electronic Frontier Foundation. 2011. [17] Barran. March 28. com/ news/ obituaries/ la-me-paul-baran-20110329. The United States Patent and Trademark Office. ieee. com/ about. Retrieved March 29. (June 1. pdf). Retrieved March 29. org/ Infrastructure/ Wireless_cellular_radio/ false_scarcity_baran_cngn94.livinginternet. [24] "In Memoriam: Paul Baran MS ’59" (http:/ / www. uspto. 2011. 2011. [18] Jessica Guynn (March 29. engineer. RAND Corporation papers. uk/ news/ business-of-it/ 2011/ 03/ 29/ packet-switching-inventor-paul-baran-dies-aged-84-40092315/ ). Retrieved March 31. html) on June 15. edu/ newsroom/ featured-news/ archive/ 2011/ in-memoriam-paul-baran-ms-201959). org/ 20060615000308/ http:/ / www. 67 External links • "Paul Baran Invents Packet Switching" (http://www. • Ryan. ISSN 1543-8899. Retrieved March 29. [23] "The National Medal of Technology and Innovation 2007 Laureates" (http:/ / www. the evolution of his plan for distributed networks. plasternetworks.4562265. wired. amacad. CO: University of Colorado. 2011. org/ publications/ BookofMembers/ ChapterB. January 17. 2011 A transcript of Baran's keynote . 2011. BBC.edu/oh/ display. March 28. [20] "Packet switching inventor Paul Baran dies aged 84" (http:/ / www.Paul Baran [10] Paul Baran (1962). 8th Annual Conference on Next Generation Networks Washington. CBI'S COLLECTIONS > Oral history database (http://www. ucla. . Retrieved May 17. . com/ epicenter/ 2011/ 03/ internet-architect-paul-baran-dies-at-84/ ). [15] "Management Team" (http:/ / www. co. latimes. "Paul Baran dies at 84. History of Computers web site. uk/ news/ technology-12879908). org/ documents/ bell_rl. DC" (http:/ / w2. (1964). On Distributed Communications. . Paul (November 9. 2011. 2011. gobacktv. Wired.umn. Silicon Flatirons Telecommunications Program (http://www. "SSRN-Wireless Communications and Computing at a Crossroads: New Paradigms and Their Impact on Theories Governing the Public's Right to Spectrum Access" (http://papers. Retrieved March 29. 2005). [16] "About Plaster Networks" (http:/ / www. Retrieved March 31. 2011. Retrieved March 29. 1997). EFF "GII . .cbi. January 7. Los Angeles Times.cfm/SSRN_ID732483_code355448. . American Academy of Arts and Sciences. . IEEE. phtml). Engineer Tells Drexel Grads Paul Baran. cablelabs. Journal on Telecommunications & High Technology Law (Boulder. Judy E.0. "On Distributed Communications Networks" (http:/ / www. Boulder. org/ about/ history/ baran-list. co. 2011. Retrieved March 31. [22] "Book of Members. Plaster Networks web site. 2. 1990). www.com/i/ii_rand. "On Distributed Communications" (http:/ / replay. The Inquirer (Philadelphia). inventor helped lay foundation for Internet" (http:/ / www. . bbc. Archived from the original (http:/ / www. waybackmachine. 2011. jsp). . "Donald Davies" (http:/ / history-computer. html). • O'Neill.html) Louisville. .umn. [13] Georgi Dalakov. 2011.livinginternet. org/ pubs/ papers/ P2626.ssrn. CO: Cable Television Laboratories.silicon-flatirons. Inc February 1999. 2006.phtml?id=110).com/news/newsletter/SPECS/JanFeb_SPECSTECH/tech. UCLA Engineering web site. This describes Paul Baran's development of packet switching and its application to wireless computing. 2011. 2011. com/sol3/Delivery. com/ Internet/ Birth/ Davis.htm). ZDNet UK. 1780-2010: Chapter B" (http:/ / www. zdnet. OCLC 66137086. document P-2626.NII . rand. Present. Retrieved March 29.

on systems where the filtering is done in user mode.com/news/2011/032811-paul-baran-packet-switching-obit. OCLC 173437996. perform arithmetic operations on data from the packet. although legal action is ongoing that may eventually force an answer. . In August 2003. 2005. 2006. can be received. Chapel Hill.Paul Baran address at the Countdown to Technology 2000 Winter Conference that includes a photo. which are called by network interface drivers (and pseudo-drivers) to deliver incoming and outgoing packets to the BPF mechanism. with some wrapping them in macros such as BPF_MTAP() and BPF_TAP(). it allows the interface to be put into that mode. Internet Pioneers (http://www. it supports "filtering" packets.privateline. although. MA: Network World. 2011. Retrieved April 8. Internet and packet switching pioneer. even those destined for other hosts. so that only "interesting" packets can be supplied to the software using BPF.unc. rather than to the entire interface. when capturing packets on systems without kernel-mode support for that filtering mechanism. a raw interface to data link layers. "Inventing the Internet Again" (http://www. In addition. 68 Berkeley Packet Filter The Berkeley Packet Filter or BPF provides. reducing the CPU requirement to capture packets and the buffer space required to avoid dropping packets. BSD kernels implement routines such as bpf_mtap() and bpf_tap().html). code using the pcap API will work on both types of systems. is mourned" (http://www. Kernel-mode interpreters for that same virtual machine language are used in raw data link layer mechanisms in other operating systems. Forbes ASAP (New York: Forbes) 159 (11): 106–120.gilder. BPF's filtering capabilities are implemented as an interpreter for a machine language for the BPF virtual machine. NC: School of Information and Library Science (http://sils. Bob (March 27. George (June 2.ibiblio. Framingham. and compare the results against constants or against data in the packet or test bits in the results. including those that will be filtered out. 2011. ISSN 1078-9901. 2011). November 6. That interpreter can also be used when reading a file containing packets captured using pcap.edu/) and the School of Journalism and Mass Communication at the University of North Carolina at Chapel Hill. 2011. this can avoid copying "uninteresting" packets from the operating system kernel to software running in user mode. if the driver for the network interface supports promiscuous mode. all packets. On some platforms. programs in that language can fetch data from the packet.com/Switching/gilder. • Gilder. "Paul Baran. Programmers quickly discovered the code in question was the Berkeley Packet Filter. In addition. networkworld. packets can be filtered in user mode. Archived from the original (http://www. 1997).com/public/telecosm_series/inventing. SCO Group publicly claimed to own Unix code which they alleged the Linux kernel infringed. accepting or rejecting the packet based on the results of those tests. on some Unix-like systems. BPF is sometimes used to refer just to the filtering mechanism. "Baran credited with inventing packet switching in 1960s against military backdrop" • "Paul Baran" (http://www. Retrieved April 2.ibiblio. Inc. html). just-in-time compilation is used to convert virtual machine instructions into native code in order to further avoid overhead. such as Tru64 Unix.ibiblio. permitting raw link-layer packets to be sent and received. and for socket filters in Linux and in the WinPcap packet capture mechanism. including FreeBSD and WinPcap. While clear that SCO did not own the BPF code. so that.html).org/pioneers/baran.org/ pioneers/) at ibiblio. so that all packets on the network. they did not explain or acknowledge the mistake. A user-mode interpreter for it is provided with the libpcap/WinPcap implementation of the pcap application programming interface (API).html) on April 10.org/). • Brown. are copied from the kernel to user space.org (http://www. Retrieved April 2.

org/ ~robert/ freebsd/ 2007asiabsdcon/ 20070309-devsummit-zerocopybpf. and can only be detected by monitoring the lost traffic. Black hole filtering Black hole filtering refers specifically to dropping packets at the routing level. watson. . cgi?query=bpf& apropos=0& sektion=0& manpath=FreeBSD+ 8-current& format=html [4] http:/ / netsniff-ng. without informing the source that the data did not reach its intended recipient. pdf [2] http:/ / www. black holes refer to places in the network where incoming traffic is silently discarded (or "dropped"). FreeBSD. resulting in small or large "black holes" in the network. Even though TCP/IP provides means of communicating the delivery failure back to the sender via ICMP. hence the name. While one copy remains in the receipt path for user processes. tcpdump. allowing kernel packet capture in the device driver interrupt handler to write directly to user process memory in order to avoid the requirement for two copies for all packet data received via the BPF device. 69 External links • • • • 1993 USENIX paper that describes BPF [1] (PDF) FreeBSD Developer Summit presentation describing Zero-copy BPF [2] (PDF) FreeBSD 8. pdf [3] http:/ / www. Firewalls and "stealth" ports Most firewalls can be configured to silently discard packets addressed to forbidden hosts or ports. usually using a routing protocol to implement the filtering on several routers at once. Robert Watson and Christian Peron added zero-copy buffer extensions to the BPF implementation in the FreeBSD operating system. this preserves the independence of different BPF device consumers.x BPF(4) man page. as well as allowing the packing of headers into the BPF buffer rather than copying complete packet data. org/ papers/ bpf-usenix93. including description of zero-copy BPF buffers [3] bpfc. traffic destined for such addresses is often just dropped. org/ cgi/ man. When examining the topology of the network. often dynamically to respond quickly to distributed denial-of-service attacks. a BPF compiler for Linux (part of netsniff-ng) [4] References [1] http:/ / www.Berkeley Packet Filter In 2007. org/ Black hole (networking) In networking. the black holes themselves are invisible. Dead addresses The most common form of black hole is simply an IP address that specifies a host machine that is not running or an address to which no host has been assigned.

Whenever the queue overflows. Assuming the mix of traffic on the interface doesn't change. sourceforge. Black hole e-mail addresses A black hole e-mail address is an e-mail address which is valid (messages sent to it will not generate errors). and whenever the queue is empty. it requires little or no tuning on the part of the network administrator. ipexpert. cisco. and treats all flows as a single aggregate. External links • • • • Remotely triggered black hole filtering (Cisco Systems) [1] University of Washington blackhole monitor/lookup system (link doesn't work) [2] Tools for detecting a blackhole attack in an ad hoc wireless network [3] Remote Triggered Black Hole Filtering [4] References [1] [2] [3] [4] http:/ / www. washington. net/ http:/ / blog. SFB can be implemented using a Bloom filter rather than a hash table.Black hole (networking) 70 PMTUD black holes Some firewalls incorrectly discard all ICMP packets. Unlike RED. Stochastic Fair Blue (SFB)[2] is a stochastically fair variant of Blue which hashes flows and maintains a different mark/drop probability for each hash value. This causes TCP connections from/to hosts with a lower MTU to hang. In the presence of hash collisions. edu/ http:/ / safewireless. is that it doesn't distinguish between flows. Operation of Blue A Blue queue maintains a drop/mark probability p. however. and drops/marks packets with probability p as they enter the queue. Therefore. cs. Unlike other stochastically fair queuing disciplines. SFB is able to provide a fair share of buffer space for every flow. flows. Stochastic Fair Blue The main flaw of Blue. These addresses are often used as return addresses for automated e-mails. which dramatically reduces its storage requirements when the number of flows is large. which it shares with most single-queue queueing disciplines. com/ warp/ public/ 732/ Tech/ security/ docs/ blackhole. p is decreased by a constant pi<pd. including the ones needed for Path MTU discovery to work correctly. Like RED. better behaved. a single aggressive flow can push out of the queue packets belonging to other. . p is increased by a small constant pd. such as SFQ. and never stored or seen by humans. but to which all messages sent are automatically deleted. SFB is only stochastically fair. com/ 2010/ 11/ 24/ remote-triggered-black-hole-filtering/ Blue (queue management algorithm) Blue[1] is an Active Queue Management algorithm. pdf http:/ / hubble. it operates by randomly dropping or ECN-marking packets in a router's queue before it overflows. Assuming no hash collisions. p will slowly converge to a value that keeps the queue within its bounds with full link utilisation.

. Kang G. . Shin (April 1999). edu/ techreports/ cse/ 99/ CSE-TR-387-99.thefengs. 1790341) [4] Juliusz Chroboczek. in International Symposium on Communication and Information Technology (ISCIT). References [1] Wu-chang Feng. Dilip D. Jianping Yin. and rate-limited. Such an inelastic flow is put in a "penalty box". pdf). Dilip D. are notably vulnerable to spoofing Distributed Denial-of-Service (DDoS) attacks. Ref (http:/ / portal. retrieved 2010-01-02 [3] Changwang Zhang.jussieu. including the fairness-aimed ones. Kandlur. eecs. and Zhiping Cai. .39. umich. com/ site/ cwzhangres/ home/ files/ RSFBaResilientStochasticFairBluealgorithmagainstspoofingDDoSattacks. acm. doi:10. the alternative AQM framework for BSD Unix. "Stochastic Fair Blue: an algorithm for enforcing fairness" (http:/ / www. [3] Implementations An implementation of Blue is part of ALTQ.916648. pps. Proc. thefengs. A Resilient Stochastic Fair Blue (RSFB) algorithm was proposed against spoofing DDoS attacks. org/ citation.fr/~jch/software/sfb/). the flow has been shown to not react to congestion indications from the network. Kandlur. An implementation of SFB for the Linux kernel (http:/ / www. cfm?id=1789954. Shin (April 2001).6. INFOCOM 2001 3: 1520–1529. RSFB algorithm is effective in preserving the TCP throughput in the presence of spoofing DDoS attacks. 2009.Blue (queue management algorithm) When a flow's drop/mark probability reaches 1. An implementation of SFB for Linux[4] has been included in Linux since version 2.2001.1109/INFCOM.com/wuchang/blue/).pps. pdf?attredirects=0). jussieu. fr/ ~jch/ software/ sfb/ ) External links • Wu-chang Feng's page about Blue and SFB (http://www. PDF). 71 Resilient Stochastic Fair Blue (RSFB [6]) The existing Active Queue Management (AQM) algorithms. com/ wuchang/ blue/ 41_2. Kang G. "BLUE: A New Class of Active Queue Management Algorithms" (http:/ / www. google. Debanjan Saha. RSFB: a Resilient Stochastic Fair Blue algorithm against spoofing DDoS attacks (http:/ / sites. U. • An implementation of SFB for the Linux kernel (http://www. Debanjan Saha. The basic idea behind RSFB is to record the responsive normal TCP flows and rescue their dropped packets. Michigan Computer Science Technical Report (CSE–TR–387–99). retrieved 2010-12-22 [2] Wu-Chang Feng.

Overview Routing schemes anycast broadcast multicast unicast geocast In computer networking. broadcasting refers to transmitting a packet that will be received by every device on the network[1] . for example broadcasting on Ethernet. In practice.Broadcasting (computing) 72 Broadcasting (computing) In telecommunication and information theory. for example broadcasting Message Passing Interface. Broadcast a message is in contrast to unicast addressing in which a host sends datagrams to another single host identified by a unique IP address. broadcasting refers to a method of transferring a message to all recipients simultaneously. the scope of the broadcast is limited to a broadcast domain. . Broadcasting can be performed as a high level operation in a program. or it may be a low level networking operation.

com/EBchecked/topic/80540/ broadcast-network) • Network Broadcasting and Multicast (http://www. The victim computer is flooded by the replies from all computers in the domain. In the emerging fields of service over the Internet Protocol (IP). customer-recognition. Broadcasting may be abused to perform a DoS-attack. at customer level. Both Ethernet and IPv4 use an all-ones broadcast address to indicate a broadcast packet. multicasting limits the pool of receivers to those that join a specific multicast receiver group. It allows providers to address customer service plans from a holistic business perspective bringing state-of-the-art capabilities like bundling. Broadcasting is largely confined to local area network (LAN) technologies. ISBN 0130661023. content) and all sources (telecommunications networks. data.comptechdoc. The attacker sends fake ping request with the source IP-address of the victim computer. most notably Ethernet and token ring. from all services (voice. . and Packet Cable Multi-Media (PCMM) the need for real-time network changes continues to grow. in order to improve operators' transaction revenue and at the same time. for example. p. nor is there any form of Internet-wide broadcast. The successor to Internet Protocol Version 4 (IPv4).) the business control layer is capable of dynamically adapting network or service behavior. and hierarchies to the OSS layer.britannica. Network Business Control allows service providers to • Inject business sense into the network .25 nor frame relay have broadcast capability. customer experience.Broadcasting (computing) Not all network technologies support broadcast addressing. IPv6 also does not implement the broadcast method to prevent disturbing all nodes in a network when only a few may be interested in a particular service. IP Multimedia Subsystem (IMS). customer-premises equipment. 368.html) Business Control Layer Business Control Layer (BCL) is a software layer in the provider's infrastructure residing between the network/OSS and the BSS.2 control field. Computer Networks. Instead it relies on multicast addressing a conceptually similar one-to-many routing methodology. where the performance impact of broadcasting is not as large as it would be in a wide area network. 73 References [1] Andrew Tanenbaum (2003). External links • Encyclopedia Britannica entry broadcast network (http://www.Each customer interaction should be analyzed and handled from a business standpoint rather than from just the simple network management or charging perspectives. neither X. 2) Balance management 3) Business rule engine or Business Control engine 4) Dynamic real-time execution and provisioning 5) On-line charging and rating. Token Ring uses a special value in the IEEE 802. etc. Business control layer key functions include: 1) Ability to simultaneously collect events from any source.org/independent/networking/guide/ netbroadcasting. Taking all customer interaction into account. However.

placing value on every aspect of their service plan so that their services satisfy customers needs. • Real-time control for IP sessions and events . charge for P2P. com/ . Reengineering Legacy Application to E-Business with a modified rational unified process [5] 4. Telenet. aradial. 3.Aradial Radius & Policy servers [6].Integrates with operator legacy billing system or as a full billing for the IP services replacing the existing. com/ en/ US/ products/ ps6151/ products_white_paper0900aecd801d8a83. cisco.FTS Software. Changing dynamically the bandwidth for a customer when reaching monetary values. com/ html/ products_netenforcer. page http:/ / www. fts-soft.IP services should be managed in real time. E. org/ xpls/ abs_all. shtml http:/ / ieeexplore. Allot Communications "Bandwidth Management enables IP Service Optimization" [3]. 2. Sources 1. com/ http:/ / www. ieee. be/ nl/ klantendienst/ klantendienst_thuis/ internet/ topvragen/ telemeter.g. Aradial Technologies . This solution is the underlying network intelligence behind their Broadband service and their TeleMeter [1] (in Dutch). telenet. NV is the first company to deploy such a solution in their network. References [1] [2] [3] [4] [5] http:/ / www. jsp?arnumber=1192421 [6] http:/ / www. charge for VOIP traffic. Cisco Systems "Bridging the Infrastructure Gap: the Importance of Service Control in Broadband Networks" [4]. with online responses (provisioning) based on customer or operator-defined business rules. Download a movie.E. allot. allowing providers to interact with the network during active sessions. • Dynamically detecting and charging for IP services.g. Retrieved 2006-08-24. Retrieved 2006-08-24.Providers should be able to analyze. • Example of applications: Boots an internet connection for a limited time.Business Control Layer • Analyse and monitor of customer-consumed services . • Deployments . Charging for IP services . The technology underlying these 74 services are built upon the Cisco SCE DPI device and the FTS Leap Business Control Engine BCE) [2] . record and charge for IP services. shtm http:/ / www.

Catenet was the concept of linking these networks into a network of networks with specifications for compatibility of addressing and routing. The term was named after the April 1986 nuclear accident at Chernobyl.[2] a pioneer in packet-switching technology and founder of the CYCLADES network. The term catenet was gradually displaced by the short-form of the term internetwork. when the Internet Protocol replaced earlier protocols on the ARPANET. L. at a time when network meant what is now called a local area network. 1023-36.Catenet 75 Catenet Catenet is an obsolete term for a system of packet-switched communication networks interconnected via gateways. .[1] The term was coined by Louis Pouzin. Cerf. The typical scenario involves an IP Ethernet datagram that passes through a gateway with both source and destination Ether and IP address set as the respective broadcast addresses for the subnetworks being gated between. IEN 48. edu/ in-notes/ ien/ ien48. Pouzin. DARPA Information Processing Techniques Office. V. internet (lower-case i). isi. July 1978 [2] A Proposal for Interconnecting Packet Switching Networks. References [1] http:/ / www. txt The Catenet Model for internetworking. May 1974. Proceedings of EUROCOMP. Chernobyl packet A Chernobyl packet is a network packet that induces a broadcast storm or some other kind of "network meltdown". Bronel University. pp.

such as a Christmas tree packet. External links • Nmap documentation [1] References [1] http:/ / insecure. A large number of Christmas tree packets can also be used to conduct a DoS attack by exploiting the fact that Christmas tree packets require much more processing by routers and end-hosts than the 'usual' packets do. org/ nmap/ man/ man-port-scanning-techniques. By observing how a host responds to an odd packet. URG and PSH set.Christmas tree packet 76 Christmas tree packet In information technology. Cisco IOS. as in. a Christmas tree packet is a packet with every single option set for whatever protocol is in use. packets that initiate connection according to the standards). Since Christmas tree scan packets do not have the SYN flag turned on. From a network security point of view. all turned on. HP-UX." It can also be known as a kamikaze packet. and IRIX display behaviors that differ from the RFC standard when queried with said packets. the TCP header of a Christmas tree packets has the flags SYN. BSD/OS. they can pass through these simple systems and reach the target host. Christmas tree packets can be easily detected by intrusion-detection systems or more advanced firewalls. FIN. Christmas tree packets can be used as a method of divining the underlying nature of a TCP/IP stack by sending the packets and awaiting and analyzing the responses. When used as part of scanning a system. assumptions can be made regarding the host's operating system. MVS. Versions of Microsoft Windows. The term derives from a fanciful image of each little option bit in a header being represented by a different-colored light bulb. Many operating systems implement their compliance with the Internet Protocol standard (RFC 791) in varying or incomplete ways. Christmas tree packets are always suspicious and indicate a high probability of network reconnaissance activities. "the packet was lit up like a Christmas tree. nastygram or a lamp test segment. Some stateless firewalls only check against security policy those packets which have the SYN flag set (that is. html .

CEF consists of two key components: The Forwarding Information Base (FIB) and adjacencies. Packets with FIB entries pointing to NULL adjacencies will normally be dropped. where there is a FIB table on each of the line cards. it is recommended to use distributed CEF (dCEF). • Punt adjacency: Deals with packets that require special handling or can not be switched by CEF. cisco. There are five types of adjacencies: • Null adjacency: Handles packets destined to a NULL interface. com/ en/ US/ docs/ ios/ 12_1/ switch/ configuration/ guide/ xcdcef. CEF currently supports Ethernet. • Drop adjacency: Packets pointing to this entry are dropped. Function CEF is mainly used to increase packet switching speed by reducing the overhead and delays introduced by other routing techniques. External links • CEF (Cisco Express Forwarding) site [1] • Choosing the best routing switching path [2] References [1] http:/ / www. • Discard adjacency: FIB entries pointing to this type of adjacency will be discarded. Instead. Frame Relay. avoiding the need for an ARP request for each table lookup. and Cisco HDLC. The adjacency maintains layer 2 or switching information linked to a particular FIB entry. html [2] http:/ / www. FDDI. but without layer 2 information. The FIB is similar to the routing table generated by multiple routing protocols. like packets sent to the router itself. fast switching will be performed on the line card itself.Cisco Express Forwarding 77 Cisco Express Forwarding Cisco Express Forwarding (CEF) is an advanced layer 3 switching technology used mainly in large core networks or the Internet to enhance the overall network performance. maintaining only the next-hop address for a particular IP-route. This avoids the need for querying the main processor or routing table in order to get the next-hop information. • Glean adjacency: Handles packets destined for currently attached hosts. tunnels. but the prefix will be checked. In order to take full advantage of CEF. com/ en/ US/ tech/ tk827/ tk831/ technologies_white_paper09186a00800a62d9. Such packets are forwarded to the next switching layer (generally fast switching) where they can be forwarded correctly. PPP. cisco. shtml . ATM.

and SQL*Net) involve multiple control channels. However. or at most. This is the basic function of a stateful inspection firewall. CBAC can inspect traffic for sessions that originate from the external network.Context-based access control 78 Context-based access control Context-based access control (CBAC) intelligently filters TCP and UDP packets based on application layer protocol session information and can be used for intranets. the transport layer. (In other words. CBAC does the deep packet inspection and hence it is termed to be a IOS Firewall. CBAC inspects traffic that travels through the firewall to discover and manage state information for TCP and UDP sessions. Most of the multimedia protocols as well as some other protocols (such as FTP. CBAC examines not only network layer and transport layer information but also examines the application-layer protocol information (such as FTP connection information) to learn about the state of the TCP or UDP session. Without CBAC. RPC. This state information is used to create temporary openings in the firewall's access lists to allow return traffic and additional data connections for permissible sessions (sessions that originated from within the protected internal network). This allows support of protocols that involve multiple channels created as a result of negotiations in the FTP control channel. CBAC can be configured to permit specified TCP and UDP traffic through a firewall only when the connection is initiated from within the network needing protection. CBAC also provides the following benefits: • Denial-of-Service prevention and detection • Real-time alerts and audit trails . extranets and internets. traffic filtering is limited to access list implementations that examine packets at the network layer. CBAC can inspect traffic for sessions that originate from either side of the firewall.) However. while this example discusses inspecting traffic for sessions that originate from the external network.

[1] Fragment free is a variation on cut-through switching that partially addresses this problem by assuring that collision fragments are not forwarded. A cut-through switch will forward corrupted packets where a store and forward switch will drop them. this has become less of a problem since packet latency has become much smaller. With higher speed links. Adaptive switching dynamically selects between cut-through and store and forward behaviors based on current network conditions. This is only useful if there is a chance of a collision on the source port. such as supercomputer clusters. but decreases reliability. .What Are Forwarding Modes and How Do They Work?" (http:/ / support. the switch is not able to verify the integrity of an incoming packet before forwarding it. Pure cut-through switching is only possible when when the speed of the outgoing interface is equal to the incoming interface speed. Archived from the original (http:/ / newsroom. . webcitation. This technique reduces latency through the switch. cisco. htm). Leading Ethernet Switching Company" (http:/ / www. Fragment free will hold the frame until the first 64 bytes are read from the source to detect a collision before forwarding. Use in InfiniBand Cut-through switching is very popular in InfiniBand networks. wherein the switch starts forwarding a frame (or packet) before the whole frame has been received. References [1] "Cisco to Acquire Kalpana. cut-through switching is a method for packet switching systems. The alternative to cut-through switching is store and forward. org/ 5qaWOQRdn). intel.[2] Use in ATM Cut-through routing was one of the important features of IP networks using ATM networks since the edge routers of the ATM network were able to use cell switching through the core of the network with low latency at all points.. because the frame check sequence appears at the end of the frame. Cisco Systems. Use in Ethernet When cut-through switching is used in Ethernet. Retrieved 2011-08-13. html) on 2010-06-18. .Cut-through switching 79 Cut-through switching In computer networking. The technology was developed by Kalpana the company that introduced the first Ethernet switch. normally as soon as the destination address is processed. since these are often deployed in environments where latency is a prime concern. Inc. [2] "Switches . com/ dlls/ 1994/ corp_102494. com/ support/ express/ switches/ sb/ cs-014410.

. which is usually recorded in a PDF. addressing issues and requirements resulting from the multicore nature of QorIQ™ SoCs. previously transmitted symbols can affect the edge cross over time.electropages. Therefore. in order to get an accurate measure of the DDJ in a particular system.com/2010/08/ freescale-three-new-qoriq-processors-incorporate-data-path-acceleration/ Data-dependent jitter Data-dependent jitter (DDJ) is a specific class of timing jitter.Data Path Acceleration Architecture (DPAA) 80 Data Path Acceleration Architecture (DPAA) The QorIQ™ DPAA is a comprehensive architecture which integrates all aspects of packet processing in the SoC.cn/cstory/ftf/2009/download/net_f0279. In particular.com. Hardware offload accelerators. The DPAA includes Cores. Properties Depending on characteristics of the signal and transmission topology. This creates a probability distribution for the timing of the signal edge. The infrastructure required to facilitate the flow of packets between the above The DPAA also addresses various performance related requirements especially those created by the high speed network I/O found on multicore SoCs such as the P4080 References External links • http://freescalesemi. it is a form of deterministic jitter which is correlated with the sequence of bits in the data stream. Network and packet I/O. a large number of bit patterns must be analyzed (often just a PRBS) unless an analytical solution can be found. DDJ's PDF is always a series of pulses at the locations where a specific bit pattern experiences a cross over. It is also a form of ISI.pdf • http://www.

TCP/IP is also run over Datakit links. References [1] Kurose. it can operate over multiple media.[1] Second. then its fragments may be referred as packets. TCP refers to its fragments as TCP segments. The term datagram is often considered synonymous to "packet". However. URP assumes that packets arrive in order. IP itself provides an unreliable service and UDP over IP also provides an unreliable one. (2007). Datakit Virtual Circuit Switch (VCS) nodes connect to the Datakit network with a Datakit interface (IOA)[5] . At the physical layer. Datakit offers a packet-switched protocol called Universal Receiver Protocol (URP) that spreads PDU overhead across multiple packets and performs immediate packet processing.25. while the term datagram is generally reserved for packets of an "unreliable" service. where the header contains information sufficient for routing from the originating equipment to the destination without relying on prior exchanges between the equipment and the network. not packets. from slow speed EIA-232 to 500Mbit fiber optic links (called FIBERKIT)[4] . On top of DK transport service. An "unreliable" service does not notify the user if delivery fails. remote printing. but not as datagrams. which means that for this situation immediate packet processing is no longer possible[7] . However. James F. "Computer Networking: A Top-Down Approach" ISBN 0-321-49770-8 [2] RFC 793 Datakit Datakit is a virtual circuit-switched network layer computer networking protocol similar to X. if a datagram fragments.[2] presumably to assert that its fragments are reliable. & Ross. First. Keith W. Most of Bell Laboratories was trunked together on Datakit. the term packet applies to any message formatted as a packet. but there are some nuances. It supports file transfers. For example. On a network with misordering. ISN is the version of Datakit that was supported by AT&T Information Systems. and in widespread deployment by the Regional Bell Operating Companies (RBOCs)[3] . The source and destination addresses as well as a type field are found in the header of a datagram. That is why UDP packets are generally called datagrams. A datagram consists of header and data areas. packets would have to be reordered before processing. and remote command execution. remote login. developed at Bell Labs[1] for both local-area and wide-area networks[2] . several operating systems (including UNIX) implemented UUCP for electronic mail and dkcu for remote login[6] .Datagram 81 Datagram A datagram is a basic transfer unit associated with a packet-switched network in which the delivery arrival time and order are not guaranteed. .

jsp?url=/ iel2/ 717/ 971/ 00025918. edu/ accessPages/ CSD-88-474. from the Free On-line Dictionary of Computing [2] http:/ / techreports. pdf?arnumber=25918 [5] http:/ / stratadoc. com/ vos/ 15. berkeley. phrack. html . com/ 5583859. freepatentsonline. htm?context=r307-00& file=ch5r307-00d. 1. html?issue=18& id=9#article [7] http:/ / www. html [6] http:/ / www. stratus. com/ issues. org/ Xplore/ login. ieee.Datakit 82 References [1] Datakit. 1/ r307-00/ wwhelp/ wwhimpl/ js/ html/ wwhelp. html [3] Network Dictionary By Javvin [4] http:/ / ieeexplore. lib.

and then joined the war effort working as an assistant to Klaus Fuchs. where he headed and transformed its computing activity. It is said that Davies spotted mistakes in Turing's seminal 1936 paper On Computable Numbers. he worked on Government technology initiatives designed to stimulate the British computer industry. which evolved into the Internet.[6] In 1970. Wales 28 May 2000 (aged 75) Welsh Computer science National Physical Laboratory Died Nationality Fields Institutions Alma mater Imperial College Known for Packet switching Donald Watts Davies. These were perhaps some of the first "programming" errors in existence. where he saw that a significant problem with the new time-sharing computer systems was the cost of keeping a phone connection open for each user.[3] He received a BSc degree in physics (1943) at Imperial College London. DEUCE was manufactured by English Electric Computers and became one of the best-selling machines of the 1950s. died a few months later. His father.Donald Davies 83 Donald Davies Donald Watts Davies Born 7 June 1924 Treorchy. CBE FRS[1] (7 June 1924 – 28 May 2000) was a Welsh computer scientist who was the inventor of packet switching (and originator of the term). where he went to school.[7] Larry Roberts of the Advanced Research Projects Agency in the United States became aware of the idea. which first worked in May 1950.[4] He first presented his ideas on packet switching at a conference in Edinburgh on 5 August 1968. leading to Turing's departure. Davies helped build a packet switched network called the Mark I to serve the NPL in the UK. He became interested in data communications following a visit to the Massachusetts Institute of Technology. A commercial spin-off. even if they were for a theoretical computer. he married Diane Burton. and remained in operation until 1986.[4] . In the early 1960s.[2] Career history Davies was born in Treorchy in the Rhondda Valley. much to Turing's annoyance. he was also awarded the Lubbock memorial Prize as the outstanding mathematician of his year.[5] From 1947. Wales.[4] Davies then worked for a while on applications such as traffic simulation and machine translation.[4] He then returned to Imperial taking a first class degree in mathematics (1947). In 1955. he worked at the National Physical Laboratory (NPL) where Alan Turing was designing the Automatic Computing Engine (ACE) computer. and built it into the ARPANET.[4] Davies took the project over and concentrated on delivering the less ambitious Pilot ACE computer. and his mother took Donald and his twin sister back to her home town of Portsmouth. the universal Turing machine. they had a daughter and two sons. It was replaced with the Mark II in 1973. In 1966 he returned to the NPL at Teddington just outside London. The ACE project was overambitious and foundered.[3] on the nuclear weapons Tube Alloys project at Birmingham University. a clerk at a coalmine. influencing other research in the UK and Europe.

org/internet/history/davies. Autumn 2008.shtml) from the Internet Society (ISOC) • UK National Physical Laboratory (NPL) & Donald Davies (http://www.Donald Davies Biography (http:/ / www.net/) • Famous names at NPL (http://www.thocp. Barber: Communication Networks for Computers. • With W. Davies discusses a much larger. Davies (at 19m20s). doi:10. 1979. (2002). 2 June 2000.umn. 6 September 2008 [7] Packet Switching (http:/ / www. Computer Resurrection. documentary ca.com/) • Computer Networks: The Heralds of Resource Sharing (http://video. C.guardian. [6] Luke Collins. 1972 about the ARPANET. 1973. com/ i/ iw_packet.edu/oh/display. Price. becoming a security consultant to the banking industry. Includes footage of Donald W. internet-guide.cbi. a CBE in 1983 and a Fellow of the Royal Society in 1987. Wiley. 2010. Davies describes computer projects at the U. co. co. [2] "Donald Watts Davies" (http:/ / www.uk/news/2000/jun/02/guardianobituaries2) from The Guardian • Obituary (http://www. The Guardian. References [1] Needham. htm) External links • Oral history interview with Donald W. . C.phtml?id=116). uk/ DonaldWattsDavies. Davies (http://www. Charles Babbage Institute. htm) [4] Martin Cambell-Kelly. from the 1947 design work of Alan Turing to the development of the two ACE computers. IET. 1984. Internet Guide.uk/about/famous_names/) • Obituary (http://www.htm) from the History of Computing Project (http://www.thocp. Biographical Memoirs of Fellows of the Royal Society 48: 87.0006.28 May 2000".npl.1098/rsbm. Pioneer Profiles: Donald Davies. Barber.E. Solomonides: Computer Networks and Their Protocols. National Physical Laboratory. thocp.2002.Donald Davies Davies relinquished his management responsibilities in 1979 to return to research. He retired from the NPL in 1984. 84 Books • With D.com/ videoplay?docid=4989933629762859961). 44.possibly the first commercially produced computer in Great Britain. D.livinginternet. Price: Security for Computer Networks. livinginternet. "Network pioneer remembered".isoc. guardian.com/i/ii_npl. . and the decision to contract with English Electric Company to build the DEUCE -. M.co.K. uk/ news/ 2000/ jun/ 02/ guardianobituaries2). 7 June 1924 .net/biographies/davies_donald. second ACE. • Biography (http://www. html). ISSN 0958-7403 [5] Obituary (http:/ / www. net/ biographies/ davies_donald. Wiley. • With W.[4] Davies was appointed a Distinguished Fellow of the British Computer Society in 1975. [3] The History of Computing Project . Wiley.livinginternet.B. "Donald Watts Davies. R.co.google. He became particularly interested in computer network security. University of Minnesota.htm) from Living Internet (http://www. Engineering & Technology.

Cisco claims that DPT can run with double the bit-rate of POS due to this characteristic. data dependent jitter. Types of Data in DPT Networks As with most other lower layer protocols. DPT is not a PPP whereas POS is. The peak-to-peak value of this jitter is bounded. Deterministic Jitter includes different categories such as periodic jitter. Both control packets. The other major class of jitter is non-deterministic. and data packets are transmitted on both rings in order to maintain connectivity and full bandwidth utilization in normal situations. Dynamic Packet Transport Dynamic packet transport (DPT) is a Cisco transport protocol designed for use in optical fiber ring networks. but once a failure occurs. DPT as opposed to POS or normal SONET/SDH is able to use both rings at the same time whereas POS only uses one ring under normal circumstances but switches to the second upon failure of the first.Deterministic jitter 85 Deterministic jitter Deterministic jitter (or DJ) is a type of jitter with a known non-Gaussian probability distribution. With the introduction of DPT came the introduction of another Cisco developed MAC layer protocol. It was one of the major influences on the Resilient Packet Ring/802. the control data will notify the applicable routers of the failure and all the routers will switch to using only their active interfaces for data and control packets. and increased throughput in common situations. It is necessary for the nodes to be able to communicate control data between each other in case of a fiber cut or link failure so the nodes can forward traffic on the appropriate interfaces and maintain network connectivity. .17 standard. This means the network is composed of two completely separate rings of fiber that are both able to transmit data concurrently. Spatial Reuse Protocol or SRP. or random jitter. and duty-cycle dependent jitter. this means that traffic between two nodes of a DPT ring does not affect intermediate nodes. The use of SRP in conjunction with DPT makes it possible for DPT to communicate with the physical layer. and the bounds can easily be observed and predicted. Protocol Design DPT is implemented as two counter-rotating rings. This design provides for redundancy in case of a fiber cut or link failure. it is quite similar to POS and DTM. Characteristics Deterministic jitter is clock timing jitter or data signal jitter that is predictable and reproducible. there are methods for communicating not only application data between the nodes of a DPT network. In overview.

Overhead reduction is accomplished by allocating flow control and error correction functions to either the user applications or the network nodes that interface with the user. a protocol type identifier (used for identifying the upper layer protocol contained in the payload). Gigabit Ethernet. and others.25 switches.Dynamic Packet Transport 86 DPT Packet Structure The structure of a DPT Packet is quite similar to that of Ethernet. Cell relay and frame relay are two implementations of fast packet switching. DPT also contains a "plug and play" feature which dynamically fetches the MAC addresses of neighboring devices which provides for very simple configuration with little to no setup prior to functional data transfer. References [1] http:/ / www. It contains a source and destination MAC address (both 48-bits long). htm . FPS does not refer to a switch that can directly support packet switching over an X. Fast packet switching In telecommunications. DPT is composed of two rings for fault tolerance and increased throughput. As aforementioned. bldrdoc. This ensures that a fiber cut or link failure (layer 1 error) will be rectified and IP traffic will be resumed within 50 ms. its. References •  This article incorporates public domain material from the General Services Administration document "Federal Standard 1037C" [1]. gov/ fs-1037/ fs-1037c. fast packet switching is a packet switching technique that increases the throughput by eliminating overhead. The method for switching between these two rings in the event of a failure is called Intelligent Protection Switching.25 interfaace as faster speeds than eisting X. or IPS. DPT Topologies Both DPT and SRP are independent of their physical layers. and an FCS used to validate the data. This means that the DPT protocol can operate above several physical mediums such as SONET/SDH.

• Firewall helps to prevent viruses and worms to enter into your computer.Firewall (computing) 87 Firewall (computing) A firewall is a device or set of devices designed to permit or deny network transmissions based upon a set of rules and is frequently used to protect networks from unauthorized access while permitting legitimate communications to pass. such as the metal sheet separating the engine compartment of a vehicle or aircraft from the passenger compartment. An illustration of where a firewall would be located in a network. and NASA Ames. The predecessors to firewalls for network security were the routers used in [2] the late 1980s: An example of a user interface for a firewall on Ubuntu (Gufw) • Clifford Stoll's discovery of German spies tampering with his system[2] • Bill Cheswick's "Evening with Berferd" 1992 in which he set up a simple electronic to observe an attacker[2] • In 1988. • If one of the computers is infected. conversely. • A Firewall is a security system that adds a level of protection between your computer and the internet. Many routers that pass data between networks contain firewall components and. many firewalls can perform [1] basic routing functions. Lawrence Livermore. "We are currently under attack from an Internet VIRUS! It has hit Berkeley." . an employee at the NASA Ames Research Center in California sent a memo by email to his colleagues [3] that read. firewall on each computer help to prevent the spread of virus in a network Many personal computer operating systems include software-based firewalls to protect against threats from the public Internet. Stanford. Later uses refer to similar structures. UC San Diego. History The term firewall originally referred to a wall intended to confine a fire or potential fire within a building. Firewall technology emerged in the late 1980s when the Internet was a fairly new technology in terms of its global use and connectivity.

At AT&T Bell Labs. Though there is still a set of static rules in such a firewall. then the firewall will block the TCP protocol for port number 23. developed the second generation of firewalls. the port number). This type of firewall can actually be exploited by certain Denial-of-service attacks which can fill the connection tables with illegitimate connections. Therefore they regard placement of each individual packet within the packet series. its protocol. the online community was neither expecting an attack nor prepared to deal with one. or is an invalid packet. calling them circuit level firewalls. Janardan Sharma.[5] Packet filters act by inspecting the "packets" which represent the basic unit of data transfer between computers on the Internet. remote printing. it filters the packet on a protocol/port number basis (GSS). unless the machines on each side of the packet filter are both using the same non-standard ports. the packet filter will drop (silently discard) the packet. Dave Presetto.[7] Packet filtering firewalls work mainly on the first three layers of the OSI reference model. and Kshitij Nigam.Firewall (computing) • The Morris Worm spread itself through multiple vulnerabilities in the machines of the time. Although it was not malicious in intent.e. Bill Cheswick and Steve Bellovin were continuing their research in packet filtering and developed a working model for their own company based on their original first generation architecture. and send "error responses" to the source).[4] 88 First generation: packet filters The first paper published on firewall technology was in 1988. a "stateless" packet filter can distinguish between. file transfer). when engineers from Digital Equipment Corporation (DEC) developed filter systems known as packet filter firewalls. work up to layer 4 (transport layer) of the OSI model. and because TCP and UDP traffic by convention uses well known ports for particular types of traffic. and thus control. This technology is generally referred to as a stateful packet inspection as it maintains records of all connections passing through the firewall and is able to determine whether a packet is the start of a new connection. the Morris Worm was the first large scale attack on Internet security.[8] When a packet originates from the sender and filters through a firewall. For example. Second-generation firewalls. in addition to what first-generation look for. it stores no information on connection "state"). This fairly basic system was the first generation of what became a highly evolved and technical internet security feature. those types of traffic (such as web browsing. with a little bit of peeking into the transport layer to figure out source and destination port numbers. it filters each packet based only on information contained in the packet itself (most commonly using a combination of the packet's source and destination address. [6] for TCP and UDP traffic. Instead. and. TCP and UDP protocols constitute most communication over the Internet. . email transmission. This type of packet filtering pays no attention to whether a packet is part of an existing stream of traffic (i. a part of an existing connection. If a packet matches the packet filter's set of rules. the device checks for matches to any of the packet filtering rules that are configured in the firewall and drops or rejects the packet accordingly. When the packet passes through the firewall. or reject it (discard it. [9] Second generation: "stateful" filters From 1989-1990 three colleagues from AT&T Bell Laboratories. if a rule in the firewall exists to block telnet access. the state of a connection can itself be one of the criteria which trigger specific rules. which means most of the work is done between the network and physical layers.

The product known as "Visas" was the first system to have a visual integration interface with colors and icons. DNS. if an organization wants to block all the information related to "foo" then content filtering can be enabled on the firewall to block that particular word. TCP. An application firewall is much more secure and reliable compared to packet filter firewalls because it works on all seven layers of the OSI model. Many of these applications can not only be blocked or allowed but manipulated by the more advanced firewall products to allow only certain functionality enabling network security administrations to give users functionality without enabling unnecessary vulnerabilities. The NuFW firewall provides real identity-based firewalling. the Middlebox Communication Working Group of the Internet Engineering Task Force (IETF) is working on standardizing protocols for managing firewalls and other middleboxes. . which is very approximate and can be easily turned around. DHCP. In 2009/2010 the focus of the most comprehensive firewall security vendors turned to expanding the list of applications such firewalls are aware of now covering hundreds and in some cases thousands of applications which can be identified automatically. Another axis of development is about integrating identity of users into Firewall rules. Software-based firewalls (MS-ISA) are much slower than hardware based stateful firewalls but dedicated appliances (McAfee & Palo Alto) provide much higher performance levels for Application Inspection. As a consequence these advanced version of the "Third Generation" firewalls are being referred to as "Next Generation" and surpass the "Second Generation" firewall. Telnet. Subsequent developments In 1992. after authentication via SSH. and it can detect if an unwanted protocol is sneaking through on a non-standard port or if a protocol is being abused in any harmful way. UDP and TFTP (GSS). An application firewall can filter higher-layer protocols such as FTP. Currently. by requesting the user's signature for each connection. from the application down to the physical Layer. Bob Braden and Annette DeSchon at the University of Southern California (USC) were refining the concept of a firewall. or web browsing). Many firewalls provide such features by binding user identities to IP or MAC addresses. Good examples of application firewalls are MS-ISA (Internet Security and Acceleration) server. HTTP. DNS. The existing deep packet inspection functionality of modern firewalls can be shared by Intrusion-prevention systems (IPS). authpf on BSD systems loads firewall rules dynamically per user. In 1994 an Israeli company called Check Point Software Technologies built this into readily available software known as FireWall-1. For example. It is expected that due to the nature of malicious communications this trend will have to continue to enable organizations to be truly secure.Firewall (computing) 89 Third generation: application layer The key benefit of application layer filtering is that it can "understand" certain applications and protocols (such as File Transfer Protocol. which could be easily implemented and accessed on a computer operating system such as Microsoft's Windows or Apple's MacOS. McAfee Firewall Enterprise & Palo Alto PS Series firewalls. This is similar to a packet filter firewall but here we can also filter information on the basis of content.

application firewalls further filter connections by examining the process ID of data packets against a ruleset for the local process involved in the data transmission. If a packet does not match an existing connection. In principle. it will be evaluated according to the ruleset for new connections. The extent of the filtering that occurs is defined by the provided ruleset.Firewall (computing) 90 Types There are different types of firewalls depending on where the communication is taking place. destination IP address or port. operate at a relatively low level of the TCP/IP protocol stack. The firewall administrator may define the rules. Application-layer Application-layer firewalls work on the application level of the TCP/IP stack (i. [10] Network layer and packet filters Network layer firewalls. However. pf (OpenBSD. data transfer. On inspecting all packets for improper content. of the source. Network layer firewalls generally fall into two sub-categories. Application firewalls accomplish their function by hooking into socket calls to filter the connections between the application layer and the lower layers of the OSI model. The additional inspection criteria can add extra latency to the forwarding of packets to their destination. or completion connection). TTL values. and use that "state information" to speed packet processing.e. These per process rulesets have limited efficacy in filtering every . application firewalls can prevent all unwanted outside traffic from reaching protected machines. iptables/ipchains (Linux). Stateless firewalls require less memory. handshaking. and all other BSDs). They block other packets (usually dropping them without acknowledgment to the sender). Any existing network connection can be described by several properties. Generally. also called packet filters. They can filter based on protocols. Commonly used packet filters on various versions of Unix are ipf (various). or default rules may apply.[11] Also. and may intercept all packets traveling to or from an application. not allowing packets to pass through the firewall unless they match the established rule set. Application firewalls that hook into socket calls are also referred to as socket filters. netblock of originator. it will be allowed to pass without further processing. Stateful firewalls maintain context about active sessions. Given the variety of software that exists. or all telnet or ftp traffic). The term "packet filter" originated in the context of BSD operating systems. prompts are used to define rules for processes that have not yet received a connection. and the current stage of the connection's lifetime (including session initiation. firewalls can restrict or prevent outright the spread of networked computer worms and trojans. They may also be necessary for filtering stateless network protocols that have no concept of a session. Modern firewalls can filter traffic based on many packet attributes like source IP address. they cannot make more complex decisions based on what stage communications between hosts have reached. UDP or TCP ports. and many other attributes. stateful and stateless. including source and destination IP address. If a packet matches an existing connection based on comparison with the firewall's state table.. where the communication is intercepted and the state that is being traced. Application firewalls work much like a packet filter but application filters apply filtering rules (allow/block) on a per process basis instead of filtering connections on a per port basis. ipfw (FreeBSD/Mac OS X). application firewalls only have more complex rulesets for the standard services. Application firewalls function by determining whether a process should accept any given connection. such as sharing services. source port. and can be faster for simple filters that require less time to filter than to look up a session. It is rare to find application firewalls not combined or used in conjunction with a packet filter. all browser traffic. destination service like WWW or FTP.

net/ tcpudp. & f=false)". symantec. application firewalls are beginning to be supplanted by a new generation of application firewalls that rely on mandatory access control (MAC). Steven M. google. edu. these per process ruleset cannot defend against modification of the process via exploitation. Also. by Cheswick et al. Because of these limitations. as defined in RFC 1918. pdf) Kenneth Ingham and Stephanie Forrest [3] (http:/ / ocw. and the hosts protected behind a firewall commonly have addresses in the "private address range". symantec. com/ books?id=_ZqIh0IbcrgC& lpg=PA142& dq=Firewalls and Internet Security. Check PointResources [2] A History and Survey of Network Firewalls (http:/ / www. com/ connect/ articles/ software-firewalls-made-straw-part-1-2 [12] http:/ / www.Talal Alkharobi [4] RFC 1135 The Helminthiasis of the Internet (http:/ / tools. tech-faq. An example of a next generation application firewall is AppArmor included in some Linux distributions. Cheswick. kfupm. Bellovin. skullbox. Aviel D. com/ connect/ articles/ software-firewalls-made-straw-part-1-2 . org/ html/ rfc1135) [5] http:/ / www. by Cheswick et al. Firewalls often have such functionality to hide the true address of protected hosts. & pg=PA176#v=onepage& q=Firewalls and Internet Security. org/ resources/ firewall/ network-layer-firewall Network Layer Firewall [7] http:/ / www. Washington Post [10] Firewall http:/ / www. Conversely. also referred to as sandboxing. sa/ user062/ CSE55101/ firewall. ietf. Hiding the addresses of protected devices has become an increasingly important defense against network reconnaissance. Firewalls and Internet security: repelling the wily hacker [9] Aug 29. google. 2003 Virus may elude computer defenses (http:/ / news. wanredundancy. crackers may still employ methods such as IP spoofing to attempt to pass packets to a target network. While use of internal address spaces enhances security. php TCP vs. cs. Originally. the proxy then masquerades as that system to other internal machines. References [1] Definition of Firewall (http:/ / www. UDP By Erik Rodriguez [8] William R.[12] 91 Proxies A proxy device (running either on dedicated hardware or as software on a general-purpose machine) may act as a firewall by responding to input packets (connection requests. Proxies make tampering with an internal system from the external network more difficult and misuse of one internal system would not necessarily cause a security breach exploitable from outside the firewall (as long as the application proxy remains intact and properly configured). internetfirewall. to protect vulnerable services. html [11] http:/ / www. Rubin (2003). pdf) Firewalls by Dr. html The History of Firewalls [6] http:/ / www.6607496& dq=firewall& hl=en) by Charles Duhigg. com/ newspapers?id=neIqAAAAIBAJ& sjid=Vo4EAAAAIBAJ& pg=4057. " Google Books Link (http:/ / books. checkpoint. Network address translation Firewalls often have network address translation (NAT) functionality.Firewall (computing) possible association that may occur with other processes. such as memory corruption exploits. while blocking other packets. intruders may hijack a publicly-reachable system and use it as a proxy for their own purposes. unm. the NAT function was developed to address the limited number of IPv4 routable addresses that could be used or assigned to companies or individuals as well as reduce both the amount and therefore cost of obtaining enough public addresses for every computer in an organization. org/ article/ internet-firewall-basics/ the-history-of-firewalls. for example) in the manner of an application. com/ firewall. com/ resources/ firewall/ ). edu/ ~treport/ tr/ 02-12/ firewall.

cs. 2005-09-20. TDMA examples are the 2G and 3G circuit switched cellular voice services. 18. • Software Firewalls: Made of Straw? Part 1 (http://www.securityfocus. Retrieved 2010-01-31. October 1989. In computer networking. org/ html/ rfc1122& #035. tcpipguide. a frame is a data packet on the Layer 2 of the OSI model. htm). i.com/infocus/1840) .com/infocus/1839) and Software Firewalls: Made of Straw? Part 2 (http://www. with references to the original papers where first firewall work was reported. Retrieved 2010-06-07. ietf. IETF. a sequence of bits or symbols making it possible for the receiver to detect the beginning and end of the packet in the stream of symbols or bits. p. . a frame is a digital data transmission unit or data packet that includes frame synchronization.Firewall (computing) 92 External links • Internet Firewalls: Frequently Asked Questions (http://www. • Evolution of the Firewall Industry (http://www. • A History and Survey of Network Firewalls (http://www.org/faqs/firewalls-faq/). a frame is a cyclically repeated data block that consists of a fixed number of time slots. one for each logical TDM channel or TDMA transmitter. The TCP/IP Guide.securityfocus. a frame is typically an entity at the physical layer. how packets are processed.e. The frame is also an entity for time-division duplex. where the mobile terminal may transmit during some timeslots and receive during others.pdf) provides an overview of firewalls at the various ISO levels. If a receiver is connected to the system in the middle of a frame transmission.42 modem frames.unm.htm) . [2] "RFC 1122: Requirements for Internet Hosts — Communication Layers" (http:/ / tools. In this consist.Discusses different architectures and their differences. compiled by Matt Curtin.a thorough reference and tutorial Frame (networking) In computer networking and telecommunication.cisco."[2] Examples are Ethernet frames (maximum 1500 byte plus overhead). and provides a timeline of the evolution. . com/ free/ t_DataLinkLayerLayer2.[1] A frame is "the unit of transmission in a link layer protocol. RFC 1122. O’Reilly .faqs. In telecommunications. it ignores the data until it detects a new frame synchronization sequence. Marcus Ranum and Paul Robertson.com/catalog/9781565928718) Second Edition.edu/~treport/tr/02-12/firewall.a technical view on software firewall design and potential weaknesses • Building Internet Firewalls (http://oreilly. TDM application examples are SONET/SDH and the ISDN circuit switched B-channel. References [1] "Data Link Layer (Layer 2)" (http:/ / www.com/univercd/cc/td/doc/product/iaabu/centri4/user/ scf4ch3. specifically time-division multiplex (TDM) and time-division multiple access (TDMA). PPP frames and V. . and consists of a link-layer header followed by a packet.page-18).

and adds control information to help deliver the packet to the destination node. The LLC sublayer takes the network protocol data. (OSI model) All frames and the bits. are susceptible to errors from a variety of sources. bytes. References [1] "Frame Relay Glossary [Frame Relay (http:/ / www.Cisco Systems"]. and fields contained within them. It may then discard the data. an error is assumed. and expect to see a fixed result (such as zero) when it is correct. 100615 cisco. An Ethernet frame.Frame check sequence 93 Frame check sequence A frame check sequence (FCS) refers to the extra checksum characters added to a frame in a communication protocol for error detection and correction. The FCS is often transmitted in such a way that the receiver can compute a running sum over the entire frame. If the two numbers are different. com/ en/ US/ tech/ tk713/ tk237/ technologies_tech_note09186a00801e32e7. This number is added to the end of a frame that is sent. including the trailing FCS. The data package includes the message to be sent. The receiving host computes the checksum on the frame using the same algorithm. . Extra bytes may be added so frames have a minimum length for timing purposes. Such an FCS generally appears immediately before the frame-ending delimiter. including the FCS terminating the frame. HDLC 16 or 32 bits. or user application data.com . and compares it to the received FCS. LLC bytes are also included with the Data field in the IEEE standard frames. The sending host computes a checksum on the entire frame and appends this as a trailer to the data. cisco. This way it can detect whether any data was lost or altered in transit. and request retransmission of the faulty frame.[1] Point-to-Point Protocol (PPP) 16 or 32 bits. X. The FCS field contains a number that is calculated by the source node based on the data in the frame.25 16 or 32 bits. Frames are used to send upper-layer data and ultimately the user application data from a source to a destination. and other data link layer protocols. By far the most popular FCS algorithm is a cyclic redundancy check (CRC). When the destination node receives the frame the FCS number is recalculated and compared with the FCS number included in the frame. Frame Relay 16 bits. Layer 2 communicates with the upper layers through LLC. which is an IP packet. used in the Ethernet with 32 bits. the frame is discarded. shtml) .

as the communications industry moves toward an all IP core and edge network.8261 ITU-T Recommendation G. the minimum requirements that network equipment at the TDM interfaces at the boundary of these packet networks can tolerate.8261 recommendation publication [1] References [1] http:/ / www.G. and the minimum requirements for the synchronization function of network equipment. External links • ITU-T G. However. The packet is the fundamental unit of information in computer networks. These rates are seen in network speeds of gigabit Ethernet or 10 Gigabit Ethernet and SONET Optical Carrier rates of OC-48 at 2. The bit rates that are used to create gigapackets are in the range of gigabits per second.8261/Y.5 Gbit/s and OC-192 at 10 Gbit/s.1361 (formerly G. itu. Data transfer rates in gigapackets per second are associated with high speed networks. 8261-200804-I/ en Gigapackets Gigapackets are billions (109) of packets or datagrams. especially fiber optic networks.8261 94 G. int/ rec/ T-REC-G. . This is essential for the interworking with PSTN. there is a need to provide synchronization functionality to traditional TDM-based applications. The goal is provide a Primary Reference Clock (PRC) traceable clock for the TDM applications. Usage Packet networks have been inherently asynchronous.pactiming) "Timing and Synchronization Aspects in Packet Networks" specifies the upper limits of allowable network jitter and wander.

48/ 0348-890. The Sending Entity prepends a Security Header (the Command Header) to the Application Message.GSM 03.48 95 GSM 03. It then applies the requested security to part of the Command Header and all of the Application Message. . application specific data supplied by the Receiving Application. htm).g. Retrieved 16 May 2011. The Receiving Entity subsequently forwards the Application Message to the Receiving Application indicating to the Receiving Application the security that was applied. com). . The Response Packet will be returned to the Sending Entity. org/ ftp/ Specs/ archive/ 03_series/ 03. subject to constraints in the transport layer.48 Scope It is used to the exchange of secured packets between an entity in a GSM PLMN and an entity in the SIM. with an indication of the security to be applied to the message. The resulting structure is here referred to as the (Secured) Command Packet. References [1] "GSM 03. Both the Response Header and the application specific data are secured using the security mechanisms indicated in the received Command Packet. The Response Packet consists of a Security Header (the Response Header) and optionally. including any padding octets. (e. Application messages are commands or data exchanged between an application resident in or behind the GSM PLMN and on the SIM. Retrieved 16 May 2011. 3gpp. 3gpp.48 have been applied. timing). . zip). the Receiving Entity shall create a (Secured) Response Packet. [2] "GSM 03. If so indicated in the Command Header. org/ ftp/ Specs/ html-info/ 0348. Under normal circumstances the Receiving Entity receives the Command Packet and unpacks it according to the security parameters indicated in the Command Header. Retrieved 16 May 2011. [1] [2] [3] Overview The Sending Application prepares an Application Message and forwards it to the Sending Entity. Secured Packets contain application messages to which certain mechanisms according to GSM 03. The interface between the Sending Application and Sending Entity and the interface between the Receiving Entity and Receiving Application are proprietary. googlecode.48 Java API and Realization Library" (https:/ / gsm0348.48 Version 890" (http:/ / www. [3] "3GPP Standard Page" (http:/ / www. .

[2] [3] The remaining two bits are used for ECN. but this may also be a higher layer tunneling protocol. Flow Label (20 bits) Originally created for giving real-time applications special service. IPv6 packets are typically transmitted over a Link Layer protocol. and a payload consisting of user data. Traffic Class (8 bits) The bits of this field hold two values.[5] [6] and first uses of this field are emerging.g. [1] Routers do not fragment IPv6 packets.[7] Payload Length (16 bits) . ICMPv6) or Link Layer (e. OSPF) instead.[4] priority values subdivide into ranges: traffic where the source provides congestion control and non-congestion control traffic. Hosts may use fragmentation to send packets larger than the observed path MTU. The control information in IPv6 packets is subdivided into a mandatory fixed header and optional extension headers.. The payload of an IPv6 packet is typically a datagram or segment of the higher-level Transport Layer protocol. such as Ethernet which encapsulates each packet in a frame. but may be data for an Internet Layer (e. which is used to classify packets. as they do for IPv4.[1] Flow Label specifications and minimum requirements are described.IPv6 packet 96 IPv6 packet An IPv6 packet is the smallest message entity exchanged via the Internet Protocol across an Internet Protocol version 6 (IPv6) network.g. Packets consist of control information for addressing and routing. Hosts are "strongly recommended" to implement path MTU discovery to take advantage of MTUs greater than the smallest MTU of 1280 octets. The 6 most-significant bits are used for DSCP.[1] It has the following format: Fixed header format Offsets Octet Octet 0 4 8 12 16 20 24 28 32 36 Bit   0  32  64  96 128 160 192 224 256 288 Destination Address 0 1 2 3  0  1  2  3  4  5  6  7  8  9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 Version Traffic Class Payload Length Source Address Flow Label Next Header Hop Limit Version (4 bits) The constant 6 (bit sequence 0110). such as IPv4 when using 6to4 or Teredo transition technologies.. Fixed header The fixed header of an IPv6 packet consists of its first 40 octets (320 bits).

the Next Header field of the last extension header indicates the type of the upper-layer protocol header in the payload of the packet. Destination Address (128 bits) The IPv6 address of the destination node(s). Note that all extension headers are optional and should only appear at most once. as both fields have the same function (see List of IP protocol numbers). The length is set to zero when a Hop-by-Hop extension header carries a Jumbo Payload option. should there be more than one extension header following the fixed header. This field usually specifies the transport layer protocol used by a packet's payload. including sending and receiving node. All extension headers are a multiple of 8 octets in size. [1] There are several extension headers defined. The values are shared with those used for the IPv4 protocol field. This value is decremented by one at each intermediate node the packet visits. except for Hop-by-Hop Options. If a node does not recognize a specific extension header. The defined extension headers below are listed in the preferred order. The Next Header field in the fixed header indicates the type of the first extension header. the header has no checksum to protect it.IPv6 packet The size of the payload in octets.[1] The headers form a chain. .[1] When a Next Header value 0 appears in a header other than the fixed header a node should do the same. which may appear twice. Hop Limit (8 bits) Replaces the time to live field of IPv4. and since current link layer technology is assumed to provide sufficient error detection[9] . except for the Destination Options header. and are placed between the fixed header and the upper-layer protocol header. it should discard the packet and send an Parameter Problem message (ICMPv6 type 4. including any extension headers.[1] 97 Extension headers Extension headers carry optional Internet Layer information.[8] Next Header (8 bits) Specifies the type of the next header. When the counter reaches 0 the packet is discarded. using the Next Header fields. which need to be processed at every intermediate node on the packet's path. and new extension headers may be defined in the future. some extension headers require internal padding to meet this requirement. In order to increase performance. Extension headers are to be examined and processed at the packet's destination only. Source Address (128 bits) The IPv6 address of the sending node. When extension headers are present in the packet this field indicates which extension header follows. code 1).

Options and Padding Next Header (8 bits) Specifies the type of the next header.. Methods to specify the route for a datagram (used with Mobile IPv6). This data should be ignored by hosts. Options (variable) Contains one or more options. Options that need to be examined only by the destination of the packet. 0 1 2 3  0  1  2  3  4  5  6  7  8  9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 Next Header Hdr Ext Len Options and Padding Optional: more Options and Padding . The Destination Options extension header need to be examined by the destination node(s) only. still be data in the payload if the payload length in the first header of the packet is greater than the length of all extension headers in the packet. including sending and receiving nodes. not even a header of an upper-layer protocol. The extension headers are both at least 8 octets in size. but passed unaltered by routers. It means that. Hop-by-hop options and destination options The Hop-by-Hop Options extension header needs to be examined by all nodes on the packet's path. . Bit   0  32  64 .. not including the first 8 octets. Options are TLV-coded.. from the header's point of view. the IPv6 packet ends right after it: the payload should be empty. Destination Options (before upper-layer header) 60 Value 59 (No Next Header) in the Next Header field indicates that there is no next header whatsoever following this one.. Hop-by-Hop Options and Destination Options extension header format Offsets Octet Octet 0 4 8 . if more options are present than will fit in that space.[1] There could. Contains parameters for fragmentation of datagrams. Carries encrypted data for secure communication. however. Hdr Ext Len (8 bits) Length of this header in 8-octet units. blocks of 8 octets are added to the header repeatedly—containing options and padding—until all options are represented.IPv6 packet 98 Extension Header Hop-by-Hop Options Destination Options (before routing header) Routing Fragment Authentication Header (AH) Encapsulating Security Payload (ESP) Type 0 60 43 44 51 50 Description Options that need to be examined by all devices on the path.. and optional padding fields to align options and to make the total header length a multiple of 8 octets. Contains information used to verify the authenticity of most parts of the packet. Options that need to be examined only by the destination of the packet..

1.[1] .. or 2. until all Type-specific Data is placed. this header is deprecated[11] and host and routers are required to ignore these headers. The header is at least 8 octets in size.. not including the first 8 octets... Type-specific Data (variable) Data that belongs to this type of routing header. The Fragment extension header carries the information necessary to reassemble the original (unfragmented) packet. Routing Header type 2 is a limited version of type 0 and is used for Mobile IPv6. the sending node splits the packet into fragments. Next Header (8 bits) Indicates the type of the next header. Segments Left (8 bits) Number of nodes this packet still has to visit before reaching its final destination. Routing Header type 1 is used for the Nimrod[12] project funded by DARPA. blocks of 8 octets are added to the header repeatedly.IPv6 packet 99 Routing The Routing extension header is used to direct a packet to one or more intermediate nodes before being sent to its destination. Routing types Due to the fact that with Routing Header type 0 a simple but effective[10] denial-of-service attack could be launched. Hdr Ext Len (8 bits) The length of this header. Bit   0  32  64 .. Fragment In order to send a packet that is larger than the path MTU.[1] Routing extension header format Offsets Octet Octet 0 4 8 .. in multiples of 8 octets. 0 1 2 3  0  1  2  3  4  5  6  7  8  9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 Next Header Hdr Ext Len Type-specific Data Routing Type Segments Left Optional: more Type-specific Data . where it can hold the Home Address of the Mobile Node. if more Type-specific Data is needed than will fit in 4 octets. Routing Type (8 bits) 0.

allows the exchange of packets with payloads of up to one byte less than 4 GB (232 − 1 = 4294967295 bytes). the data provided by the transport layer. Rsvd. M Next Header (8 bits) Identifies the type of the next header. capable of specifying a maximum size of 65535 octets for the payload. . The Next Header field of the last IPv6 header indicates what type of payload is contained in this packet. plus 8 octets for the Hop-by-Hop extension header). in 8-octet units. for example a TCP segment or a UDP datagram. Fragment Offset (13 bits) Offset. plus 40 octets for the fixed header. Since both TCP and UDP include fields limited to 16 bits (length. Standard payload length The payload length field of IPv6 (and IPv4) has a size of 16 bits. (2 bits) Reserved. Reserved (8 bits) Initialized to all zeroes. relative to the start of the fragmentable part of the original packet. Identification (32 bits) Packet identification value. generated by the source node. Needed for reassembly of the original packet. the jumbo payload option in a Hop-By-Hop Options extension header[8] .[8] Jumbograms are only relevant for links that have a MTU larger than 65583 octets (more than 65535 octets for the payload. Most Link Layer protocols cannot process packets larger than 65535 octets. initialized to zeroes. urgent data pointer). Jumbogram An optional feature of IPv6. by making use of a 32-bit length field.IPv6 packet 100 Fragment extension header format Offsets Octet Octet 0 4 Bit   0  32 0 1 2 3  0  1  2  3  4  5  6  7  8  9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 Next Header Reserved Identification Fragment Offset Rsvd. M Flag (1 bit) 1 means more fragments follow. 0 means last fragment.[13] [14] Payload The fixed and optional IPv6 headers are followed with the upper-layer payload. Packets with such payloads are called jumbograms. support for IPv6 jumbograms requires modifications to the Transport Layer protocol implementation. Authentication Header (AH) and Encapsulating Security Payload (ESP) The Authentication Header and the Encapsulating Security Payload are part of IPsec and are used identically in IPv6 and in IPv4.

whose flag is set to 0. Hosts are permitted to make an attempt to reassemble fragmented datagrams larger than 1500 bytes. they will be rearranged by the receiving node. except the last. However. The first fragment(s) hold the rest of the extension headers (if present). If not all fragments are received within 60 seconds after receiving the first packet with a fragment. or else the Hop-by-Hop extension header.[1] End nodes in IPv6 are expected to perform path MTU discovery to determine the maximum size of packets to send. Each fragment is a multiple of 8 octets in length. After that the rest of the payload follows. except the last fragment. . Packets containing fragments need not arrive in sequence. if the packet was discarded for this reason. if the upper-layer protocol is unable to do so. After the Fragment extension header a fragment of the rest of the original packet follows. reassembly of the original packet is abandoned and all fragments are discarded. identified by a fragment offset. Reassembly The original packet is reassembled by the receiving node by collecting all fragments and placing each fragment at the right offset and discarding the Fragment extension headers of the packets that carried them. If the first fragment was received (which contains the fixed header). Each Fragment extension header has its M flag set to 1 (indicating more fragments follow). the unfragmentable part is just the fixed header. after reassembly. unless they have previous assurance that the receiver is capable of reassembling such large datagrams. similarly to the IPv4 method when the Don't Fragment bit set. and the upper-layer protocol is expected to limit the payload size. Therefore. the sending host may use the Fragment extension header in order to perform end-to-end fragmentation of IPv6 packets. and a piece of the fragmentable part of the original packet. contain up to 1500 bytes. If neither extension headers are present. Receiving hosts must make a best-effort attempt to reassemble fragmented IP datagrams that. Fragmenting A packet containing a fragment of an original (larger) packet consists of two parts: the unfragmentable part of the original packet (which is the same for all fragments). The Next Header value of the last (extension) header of the unfragmentable part is set to 44 to indicate that a Fragment extension header follows. IPv6 routers never fragment IPv6 packets. code 1) is returned to the node originating the fragmented packet. senders should avoid sending fragmented IP datagrams with a total reassembled size larger than 1500 bytes. The unfragmentable part of a packet consists of the fixed header and some of the extension headers of the original packet (if present): all extension headers up to and including the Routing extension header. but they are also permitted to silently discard any datagram after it becomes apparent that the reassembled packet would be larger than 1500 bytes. Packets exceeding the size of the maximum transmission unit of the destination link are dropped and this condition is signaled by a Packet too Big ICMPv6 type 2 message to the originating node.IPv6 packet 101 Fragmentation Unlike in IPv4. a Time Exceeded message (ICMPv6 type 3. Any data link layer conveying IPv6 data must be capable of delivering an IP packet containing 1280 bytes without the need to invoke end-to-end fragmentation at the IP layer.

html) IETF. ietf. [9] RFC 1726 section 6. ietf. B. org/ html/ rfc5095). Baker. IETF. Jitter can cause a display monitor to flicker. org/ html/ rfc3168. N. introduce clicks or other undesired effects in audio signals. RMS." [11] Abley. org/ html/ rfc3595). IETF. (Augustus 1996) The Nimrod Routing Architecture (http:/ / tools. or peak-to-peak displacement. EADS. D. (December 2005) IP Encapsulating Security Payload (http:/ / tools. RFC 2474. Hinden. Also like other time-varying signals. e. S. [5] Wijnen. IETF. (December 2007). J. S. (December 1998). Deprecation of Type 0 Routing Headers in IPv6 (http:/ / tools. [13] Kent. RFC 5095. secdev. P. K. ietf. [12] Castineyra. org/ html/ rfc4302. Black. ietf. Carpenter. RFC 3168. Jitter is a significant. IPv6 Jumbograms (http:/ / tools. RFC 3595. version 6 (IPv6) Specification (http:/ / tools. is its inverse. B. Neville-Neil. D. [3] Grossman. (September 2001) The Addition of Explicit Congestion Notification (ECN) to IP (http:/ / tools.. Jitter may be observed in characteristics such as the frequency of successive pulses. F. RFC 3260.. Steenstrup. pdf) (pdf). the more commonly quoted figure. html). A.. RFC 1992. org/ html/ rfc3260. Deering. [6] Rajahalme. and loss of transmitted data between network devices. USB. S. J.. org/ html/ rfc2474.. often in relation to a reference clock source. ietf. [14] Kent.. Savola. (August 1999). ietf. org/ html/ rfc2675). "IPv6 Routing Header Security" (http:/ / www. (December 1998) Definition of the Differentiated Service Field (DS Field) in the IPv4 and IPv6 Headers (http:/ / tools.g. IETF. [7] draft-blake-ipv6-flow-label-nonce-02 (http:/ / tools. or phase of periodic signals. IETF. IETF.IPv6 packet 102 References [1] Deering. ietf. Chiappa... Blake.. ITU-T G. S... . In clock recovery applications it is called timing jitter. PCI-e. ietf. jitter can be expressed in terms of spectral density (frequency content). Internet Protocol. org/ html/ rfc4303. ietf. (December 2005) IP Authentication Header (http:/ / tools. Retrieved 3 December 2010. html). RFC 2460. S. IETF. ietf. G. R. Jitter may be caused by electromagnetic interference (EMI) and crosstalk with carriers of other signals. org/ html/ rfc2460). (September 2003) Textual Conventions for IPv6 Flow Label (http:/ / tools. SATA.2 [10] Philippe Biondi.... RFC 3697. html). Deering. Floyd. html) IETF. The amount of tolerable jitter depends on the affected application. and usually undesired. K. [2] Nickols. "Type 0: the evil mechanism. Jitter frequency.. . Hinden. IETF. Conta. I.810 classifies jitter frequencies below 10 Hz as wander and frequencies at or above 10 Hz as jitter. Arnoud Ebalard (April 2007). S. the signal amplitude. Jitter Jitter is the time variation of a periodic signal in electronics and telecommunications. RFC 4202. R. IETF. RFC 2675. Black. factor in the design of almost all communications links (e. D.. org/ html/ draft-blake-ipv6-flow-label-nonce-02) [8] Borman. org/ html/ rfc3697). OC-48).. (March 2004) IPv6 Flow Label Specification (http:/ / tools. affect the performance of processors in personal computers.. [4] Ramakrishnan. ietf. org/ html/ rfc1992)'. M. ietf. (April 2002) New Terminology and Clarifications for DiffServ (http:/ / tools.g. org/ conf/ IPv6_RH_security-csw07. D. S.[1] Jitter can be quantified in the same terms as all time-varying signals. Jitter period is the interval between two times of maximum effect (or minimum effect) of a signal characteristic that varies regularly with time.. RFC 4203.

Samples should be converted at regular intervals. the sampling frequency is normally assumed to be constant. Compact disc seek jitter In the context of digital audio extraction from Compact Discs. A network with constant latency has no variation (or jitter). the extraction process may restart a few samples early or late. Various effects can come about depending on the pattern of the jitter in In telecommunications circuit analysis an Eye diagram shows distortions caused by jitter.[3] PDV is an important quality of service factor in assessment of network performance. resulting in doubled or omitted samples. for this use. These glitches often sound like tiny repeating clicks during playback. Packet jitter in computer networks In the context of computer networks. and is used in manufacturing DVD and CD-ROM discs. In some conditions. CD manufacturers avoid seek jitter by extracting the entire disc in one continuous read operation using special CD drive models at slower speeds so the drive does not re-seek.[2] Packet jitter is expressed as an average of the deviation from the network mean latency. The standards-based term is packet delay variation (PDV). . Due to additional sector level addressing added in the Yellow Book (CD standard). the term is imprecise. As a result. seek jitter causes extracted audio samples to be doubled-up or skipped entirely if the Compact Disc drive re-seeks. However. A jitter meter is a testing instrument for measuring clock jitter values. relation to the signal. This is a consideration in high-frequency signal conversion. Most extraction programs perform seek jitter correction. less than a nanosecond of jitter can reduce the effective bit resolution of a converter with a Nyquist frequency of 22 kHz to 14 bits. or where the clock signal is especially prone to interference. If there is jitter present on the clock signal to the analog-to-digital converter or a digital-to-analog converter then the instantaneous signal error introduced will be proportional to the slew rate of the desired signal and the absolute value of the clock error. CD-ROM data discs are not subject to seek jitter.Jitter 103 Sampling jitter In conversion between digital and analog signals. the term jitter is often used as a measure of the variability over time of the packet latency across a network. A successful approach to correction in software involves performing overlapping reads and fitting the data to find overlaps at the edges. The problem occurs because the Red Book (audio CD standard) does not require block-accurate addressing during seeking.

it can be thought of as the discrete-time derivative of absolute jitter. jitter distribution is significantly non-Gaussian.Jitter 104 Phase jitter metrics For clock jitter. Absolute jitter is the absolute difference in the position of a clock's edge from where it would ideally be. different circuit effects. in particular IP networks such as the Internet. Hence. all real jitter). This unit is useful because it scales with clock frequency and thus allows relatively slow interconnects such as T1 to be compared to higher-speed internet backbone links such as OC-192. so that the shortest clock period approaches the average clock period. It can be important for some types of clock generation circuitry used in microprocessors and RAM interfaces. period jitter. and the performance of the circuitry is limited by the average clock period. Absolute units such as picoseconds are more common in microprocessor applications. it can be thought of as the discrete-time derivative of period jitter. All have shortcomings but most tend to be good enough for the purposes of engineering work. In telecommunications. while two standard deviations from the mean (medium and dark blue) account for about 95% and three standard deviations (light. Period jitter tends to be important in synchronous circuitry like digital state machines where the error-free operation of the circuitry is limited by the shortest possible clock period. the reference point for jitter is defined such that the mean jitter is 0. Period jitter (aka cycle jitter) is the difference between any one clock period and the ideal clock period. This can occur if the jitter is caused by external sources such as power supply noise. In networking. Accordingly. and dark blue) meaningful peaks (which is the case in account for about 99. medium. peak-to-peak measurements are more useful. If jitter has a Gaussian distribution. . In these cases. the unit used for the above types of jitter is usually the Unit Interval (abbreviated UI) which quantifies the jitter in terms of a fraction of the ideal period of a bit. and cycle to cycle jitter. Cycle-to-cycle jitter is the difference in length of any two adjacent clock periods. it is useful to quantify them separately. and different measurement methodology. it is usually quantified using the standard deviation of this distribution (aka. Note that typically. Often. Accordingly.7%. there are three commonly used metrics: absolute jitter. jitter can refer to the variation (statistical dispersion) in the delay of the packets. synchronous circuitry benefits from minimizing period jitter. Many efforts have been made to meaningfully quantify distributions In the normal distribution one standard deviation from the mean (dark blue) accounts for that are neither Gaussian nor have about 68% of the set. Units of degrees and radians are also used. RMS). Since they have different generation mechanisms.

Testing of device performance for jitter tolerance often involves the injection of jitter into electronic components with specialized test equipment. which has a Gaussian distribution. Examples of data-dependent jitter are duty-cycle dependent jitter (also known as duty-cycle distortion) and intersymbol interference. For example. Another reason for random jitter to have a distribution like this is due to the central limit theorem. One example of bounded uncorrelated jitter is Periodic jitter. The central limit theorem states that composite effect of many uncorrelated noise sources. which may have eye openings on the order of 1000 picoseconds. T = Dpeak-to-peak + 2× n×Rrms. Higher clock frequencies have commensurately smaller eye openings. n BER 6. modern computer motherboards have serial bus architectures with eye openings of 160 picoseconds or less. Jitter is measured and evaluated in various ways depending on the type of circuitry under test.7 10−11 7 10−12 7. also called Gaussian jitter.6 10−14 Total jitter Total jitter (T) is the combination of random jitter (R) and deterministic jitter (D): in which the value of n is based on the bit error rate (BER) required of the link. jitter in serial bus architectures is measured by means of eye diagrams. Determistic jitter can either be correlated to the data stream (data-dependent jitter) or uncorrelated to the data stream (bounded uncorrelated jitter). regardless of the distributions. The peak-to-peak value of this jitter is bounded.3 10−13 7. approaches a Gaussian distribution. Random jitter typically follows a Gaussian distribution or Normal distribution. according to industry accepted standards. It is believed to follow this pattern because most noise or jitter in a electrical circuit is caused by thermal noise. Deterministic jitter Deterministic jitter is a type of clock timing jitter or data signal jitter that is predictable and reproducible. A less . is unpredictable electronic timing noise.4 10−10 6. This is extremely small compared to parallel bus architectures with equivalent performance.Jitter 105 Types Random jitter Random Jitter. and thus impose tighter tolerances on jitter. A common bit error rate used in communication standards such as Ethernet is 10−12. and the bounds can easily be observed and predicted. Testing Testing for jitter and its measurement is of growing importance to electronics engineers because of increased clock frequencies in digital electronic circuitry to achieve higher device performance. One of the main differences between random and deterministic jitter is that deterministic jitter is bounded and random jitter is unbounded. For example.

as well as for data sampling systems such as the analog-to-digital converter and digital-to-analog converter. the goal of jitter measurement is to verify that the jitter will not disrupt normal operation of the circuitry. The maximum jitter that can be countered by a de-jitter buffer is equal to the buffering delay introduced before starting the play-out of the mediastream. Adaptive de-jittering involves introducing discontinuities in the media play-out.Jitter direct approach—in which analog waveforms are digitized and the resulting data stream analyzed—is employed when measuring pixel jitter in frame grabbers. see the paper by S. Some systems use sophisticated delay-optimal de-jitter buffers that are capable of adapting the buffering delay to changing network jitter characteristics. In this case it can be suppressed with high fidelity clock signal usage. These are known as adaptive de-jitter buffers and the adaptation logic is based on the jitter estimates computed from the arrival characteristics of the media packets. that allows the lengths of the silence periods to be adjusted. such as waiting-time jitter. Adaptive de-jittering is usually carried out for audio play-outs that feature a VAD/DTX encoded audio. compliant systems are required to conform to these standards. A dejitterizer is usually ineffective in dealing with low-frequency jitter. Filtering A filter can be designed to minimize the effect of sampling jitter. Jitter buffers Jitter buffers or de-jitter buffers are used to counter jitter introduced by queuing in packet switched networks so that a continuous playout of audio (or video) transmitted over the network can be ensured. For more information.[4] In all cases. thus minimizing the perceptual impact of the adaptation. There are standards for jitter measurement in serial bus architectures. which may appear offensive to the listener or viewer. jitter transfer function and jitter generation. Where applicable. AJCs operate by re-timing the output pulses so they align more closely to an idealised pulse signal. A dejitterizer usually consists of an elastic buffer in which the signal is temporarily stored and then retransmitted at a rate based on the average rate of the incoming signal. In the context of packet-switched networks. 106 Mitigation Anti-jitter circuits Anti-jitter circuits (AJCs) are a class of electronic circuits designed to reduce the level of jitter in a regular pulse signal. Chen entitled. Inside digital to analog converters jitter causes unwanted high-frequency distortions. Dejitterizer A dejitterizer is a device that reduces jitter in a digital signal. Examples of anti-jitter circuits include phase-locked loop and delay-locked loop. . with the required values for these attributes varying among different applications. Minimizing the effects of sampling jitters in wireless sensors networks. They are widely used in clock and data recovery circuits in digital communications. The standards cover jitter tolerance. Ahmed and T. the term packet delay variation is often preferred over jitter.

com/literature/cp/cp-01048-jitter-resonance.00. Jitter and Signal Integrity Verification for Synchronous and Asynchronous I/Os at Multiple to 10 GHz/Gbps (http://www.pdf). Mike P.techtarget. Eve L. and Their Impact on SSJ (http://www. com/ support/ pixjiter.altera.wikibooks.11/dcn/04/ 11-04-1458-00-000n-jitter-requirements.edu/pub/mplsServices/other/ QoS_Testing_Methodology.ieee.pdf).. and Zhe Li. Further reading • Wolaver. pp. and Kowalski Jitter Requirements (https://mentor. Mike P.cfm/an_pk/377/CMP/WP-35) A Heuristic Discussion of Fibre Channel and Gigabit Ethernet Methods • Jitter in Packet Voice Networks (http://www.211 [2] Comer. Alexander (2008).com/sDefinition/0.altera. Artech ISBN 089006248X External links • Jitter in VoIP . IETF (2002) [4] Khvilivitzky. Phase-Locked Loop Circuit Design.com/en/US/tech/tk652/tk698/ technologies_tech_note09186a00800945df. htm).html) • Definition of Jitter in a QoS Testing Methodology (ftp://ftp. IP Packet Delay Variation Metric for IP Performance Metrics (IPPM). Hong Shi. Presented at International Test Conference 2008. • Phabrix SxE . in/ books?id=tm-evHmOs3oC& pg=PA476).phabrix. SOC-System Jitter Resonance and Its Impact on Common Approach to the PDN Impedance (http:// www.pdf). A New Jitter Classification Method Based on Statistical. p. Jitter in Digital Transmission Systems.com/appnotes. solutions and recommended values (http://www.en. OPD.antelopeaudio. • Liu. "Pixel Jitter in Frame Grabbers" (http:/ / www. Presented at DesignCon 2009.maxim-ic. 1991.shtml) • Clock and data recovery/Introduction/Definition of (phase) jitter (http://en.voipforo. (2008).com/appnotes.Jitter 107 References  This article incorporates public domain material from the General Services Administration document "Federal Standard 1037C" [1] (in support of MIL-STD-188).pdf) • An Introduction to Jitter in Communications Systems (http://www.com/QoS/QoS_Jitter.org/802. co. .org/wiki/ Clock_and_data_recovery/Introduction/Definition_of_(phase)_jitter) • Zamek. Patrick R. .cisco. Computer Networks and Internets (http:/ / books. 1989. Prentice Hall. Iliya.com/literature/cp/cp-01049-jitter-si-verification.Hand-held Tool for eye and jitter measurement and analysis (http://www.ppt) (Causes.com/literature/cp/cp-01055-impact-ssj. Data Encoding. Douglas E.com/en/digital_clocking. and Spectroscopic Mechanisms (http://www. Dan H. Prentice Hall. • Li.Causes. Presented at Electronics Components and Technology Conference 2009. Pre-Driver PDN SSN.com/literature/cp/cp-01052-jitter-classification. Hui. Retrieved 2008-02-15. php) • Jitter Buffer (http://searchenterprisevoice.altera. [3] RFC 3393. 1991. google. [1] Wolaver. and Varma. Physical. • Li.altera. Ohtani.pdf). 476. Xiaohong Jiang. Presented at International Test Conference 2008.unh. solutions and recommended values for digital audio) • Igor Levin Terms and concepts involved with digital clocking related to Jitter issues in professional quality digital audio (http://www. pages 211-237 • Trischitta. sensoray.sid66_gci906844. ISBN 0-13-662743-9. ISBN 9780136061274.iol.html) .maxim-ic.com) • Miki.cfm/an_pk/1916/ CMP/WP-34) • Jitter Specifications Made Easy (http://www.

Conventionally. This reduces CPU utilization (mostly due to interrupt reduction) and increases throughput by allowing the system to concentrate on the data in the frames. Thus. which is more than 9 times the length of an Ethernet MTU. manufacturers have in turn adopted 9000 bytes as the conventional jumbo frame size.S. Many other vendors also adopted the size. However.11 Wireless LAN. but most commercial Internet service providers do not. as doing so would remove interoperability with existing Ethernet equipment and other 802 protocols. they did not become part of the official IEEE 802. but variations exist and some care must be taken when using the term. This gives two additional bits of error detection ability at MTU-sized data words compared to the Ethernet CRC standard polynomial while not sacrificing HD=4 capability for data word sizes up to and beyond 72k bits. Selection of this polynomial was based upon work documented in the paper "32-Bit Cyclic Redundancy Codes for Internet Applications"[3] . a similar reduction in CPU utilization can be achieved by using TCP segmentation offloading.Jumbo frame 108 Jumbo frame In computer networking. especially on low bandwidth links. however.663 bits. . As a result. If the frame size is increased. Interrupt-combining Ethernet chipsets.3 Ethernet standard. jumbo frames can carry up to 9000 bytes of payload. ESnet. and without requiring any changes to other stations on the network. network interface cards capable of jumbo frames require explicit configuration to use jumbo frames. including 802. can provide effectively all the gains of jumbo frames without the re-send costs. The presence of Jumbo frames may have an adverse effect on network latency. The use of 9000 bytes as preferred size for jumbo frames arose from discussions within the Joint Engineering Team of Internet2 and the U. when combined with interrupt combining.5 Token Ring and 802. each frame requires that the network hardware and software process it. Some Fast Ethernet switches and Fast Ethernet network interface cards support jumbo frames. In order to meet this mandatory purchasing criterion. the same amount of data can be transferred with less effort. interfaces using the standard frame size and interfaces using the jumbo frame size should not be in the same subnet. To reduce interoperability issues. IETF solutions for adopting Jumbo Frames avoids the data integrity reductions through use of the Castagnoli CRC polynomial being implemented within the SCTP transport (RFC 4960). Jumbo frames gained initial prominence when Alteon WebSystems introduced them in their ACEnic Gigabit Ethernet adapters. Inception The original 1500-byte payload size for Ethernet frames was used because of the high error rates and low speed of communications. do provide most of the same gain for the receiver. although this does not reduce the receiver CPU load.360 bit data word length) and HD=4 to 114. jumbo frames are Ethernet frames with more than 1500 bytes of payload. The Castagnoli polynomial 0x11EDC6F41 achieves the Hamming Distance HD=6 beyond one Ethernet MTU (to a 16. federal government networks.[1] Most national research and education networks (such as Internet2/NLR. instead of the frames around the data. and AARNet) support jumbo frames. Many Gigabit Ethernet switches and Gigabit Ethernet network interface cards support jumbo frames. however. only 1500 bytes (plus 18 bytes for the frame header and other overhead) must be re-sent to correct the error.[2] Adoption The IEEE 802 standards committee does not recognize jumbo frames. Zero-copy NICs and device drivers. Their recommendation has been adopted by all other national research and education networks. At the sender. and work without special consideration and without requiring all stations to support jumbo frames. and iSCSI (RFC 3720). if one receives a corrupted packet. GÉANT. Internet Protocol subnetworks require that all hosts in a subnet have an identical MTU.

process to increase the path MTU of high performance national research and education networks from 1518 bytes to 9000 bytes or so. Generally.Jumbo frame By using a CRC checksum rather than simple additive checksums as contained within the UDP and TCP transports. . Testing that led to adoption of RFC 3309 compiled evidence based upon simulated error injection against real data that demonstrated as much as 2% of these errors were not being detected. cmu. the number of machine cycles spent parsing packet headers decreases as the average MSS per packet increases. This relationship becomes increasingly important as average network line bit rate increases to 10 gigabits per second. Retrieved 2011-08-22. Network World. References [1] "Jumbo/Giant Frame Support on Catalyst Switches Configuration Example" (http:/ / www. osn. As it has been a relatively difficult. pdf) by Philip Koopman. a subsequent increase. ece.[1] Super jumbo frames Super jumbo frames (SJFs) are generally considered to be Internet packets which have a payload in excess of the tacitly accepted jumbo frame size of 9000 bytes. This however implies the covariant scaling of numerous intermediating logic circuits along the network path. may take some time. as found with TCP and UDP. both at end nodes and intermediate transit nodes. 001) [4] 16 000–64 000 B pMTU experiments with simulation: The case for super jumbo frames at Supercomputing ’05 (http:/ / dx. 10. [3] "32-Bit Cyclic Redundancy Codes for Internet Applications" (http:/ / www. The main benefit of this is the reduction of the packet rate. networkworld. ECE Department & ICES. "Alteon still stumping for Jumbo Frames" (http:/ / www. . The relative scalability of network data throughput as a function of packet transfer rates is related in a complex manner [4] to payload size per packet. CRC calculations done in software have always resulted in slower performance than that achieved when using simple additive checksums. and within a TCP transport designed to carry SCSI data. errors generated internal to NICs can be detected as well. Support of Castagnoli CRC polynomial within a general purpose transport designed to handle data chunks. doi. com/ en/ US/ products/ hw/ switches/ ps700/ products_configuration_example09186a008010edab. since these errors with simple summations tend to be self cancelling. One of the major impediments toward the adoption of Jumbo Frames has been the inability to upgrade existing Ethernet infrastructure that would be needed to avoid a reduction in the ability to detect errors. and above. "Catalyst 3750/3560 Series switches support an MTU of 1998 bytes for all 10/100 interfaces" [2] Jeff Caruso (October 22. org/ 10. 1016/ . 2006. 1998). Intel now offers 1Gb NIC (82576) and 10Gb NIC (X520) that off-load SCTP checksum calculations and Core i7 processors support the CRC32c instruction as part of their new SSE4 vector math instruction set. Retrieved July 4. Both TCP and UDP have proven ineffective at detecting bus specific bit errors. cisco. both provide improved error detection rates despite the use of Jumbo Frames where increase of the Ethernet MTU would have otherwise resulted in a significant reduction in error detection. com/ news/ 1022alteon. To overcome the performance penalty. html). Carnegie Mellon University j. to accommodate the maximum transmission unit (MTU). Cisco. possibly to 64000 bytes for example. and somewhat lengthy. shtml). As the nodes in general use reciprocating logic to handle the packets. the packet payload size should increase in direct proportion to maintain equivalent timing parameters. as line bit rate increases. 109 Baby giant frames Baby giants are frames that are only slightly larger than allowed by the IEEE Ethernet standards. required. The main factor involved with an increase in the maximum segment size (MSS) is an increase in the available memory buffer size in all of the intervening persistence mechanisms along the path. 2011. edu/ ~koopman/ networks/ dsn02/ dsn02_koopman.

. however.edu/~mathis/MTU) • IEEE 802.html) • Jumbo frames? Yes! (http://www. Transport Layer protocols. thus allowing data of up to 65535octets. References [1] Borman. This theoretical limit for the Internet Protocol (IP) MTU.wareonearth. Hinden. 2/23/1998 in NetworkWorld • SJF Supercomputing 2005 Demo (http://www. S. by making use of a 32-bit length field. D.edu/~koopman/networks/ dsn02/dsn02_koopman. The support for IPv6 jumbograms required a redesign in all Transport Layer protocols. . Historically.cmu.. R.psc. a jumbogram (portmanteau of jumbo and datagram) is a packet of any size exceeding the standard Maximum Transmission Unit (MTU) of the underlying network technology at either the Link Layer or the Internet Layer. Alteon Networks.967.html). In discussions of jumbograms for Link Layer technologies. the jumbo payload option. RFC 2675. urgent data pointer). such as the Transmission Control Protocol (TCP) and the User Datagram Protocol (UDP). by Selina Lo.rutherford-research.smallnetbuilder. Thus. allows the exchange of packets with payloads of up to one byte less than 4 GiB (232 − 1 = 4. IETF.ece. Deering.295 bytes).org/3/frame_study/index. in the context of IPv6 a jumbogram is understood as an IPv6 packet carrying a payload larger than 65535octets[1] IPv6 jumbograms An optional feature of IPv6. they are often referred to as jumbo frames. include data size parameters limited to only 16 bits (length.ieee802.php) • Pushing up the Internet MTU (http://www. ietf.ca/rrx/hpc/sc05.3as Frame Expansion Task Force (http://www.NetworkWorld. The jumbo payload option and the transport-layer modifications are described in RFC 2675.html) • 32-Bit Cyclic Redundancy Codes for Internet Applications (http://www.Where to use it? (http://sd.php/Jumbo_Frames) Jumbogram In packet-switched computer networks.294.pdf) • Need To Know: Jumbo Frames in Small Networks (http://www.org/index.com/content/view/30201/54/ ) • How to Jumbo Frames in Archlinux (http://wiki. (August 1999).com/~phil/jumbo.archlinux. The payload length field of IPv4 and IPv6 has a size of 16 bits. the designers of IPv6 have provided a protocol extension to permit packets of larger size. is reached only on networks that have a suitable Link Layer infrastructure.Jumbo frame 110 External links • Jumbo Frames . org/ html/ rfc2675). IPv6 Jumbograms (http:/ / tools. While IPv4 has no facilities to exceed its theoretical IP MTU limit.com/forum/0223jumboyes.

[4] In distributed applications (such as MMORPGs). the round-trip network latency between a client game and the host server is referred to as the client's ping time.Lag 111 Lag Lag is a common word meaning to fail to keep up or to fall behind.[6] In general parlance. RuneScape. similarly as it does for local gaming. For example. usually due to a slow internet connection. video game lag refers to delays that are noticeable to a player. etc. But in general parlance. lag is often caused by communication latency. Final Fantasy XI. Heroes of Newerth. the term is used when the application fails to respond in a timely fashion to inputs. the Internet and/or LAN connection the game server. A minimum bound on latency is determined by the distance between communicating devices and the speed at which the signal propagates in the circuits (typically 70–95% of the speed of light in vacuum). The tolerance for lag depends heavily on the type of game. and other traffic. the time for that data to traverse the network equipment between the nodes. some twitch games can be designed such that only events that impact the outcome of the game introduce lag. For the cloud gaming experience to be acceptable. Lag is also often used in reference to video games to describe to the delay (or latency) between an action by a player and the reaction of the game. It includes the time to encode the packet for transmission and transmit it. and the user is only running a thin client locally that forwards game controller actions upstream to the game server.[2] [3] The most common use regards online gaming when the game doesn't respond in sync with the player's controls. And. and the display of the video on a display device) must be low enough that the user perception is that the game is running . Call of Duty. League of Legends.[5] This can be misleading because there can be other causes for the symptom. and the time to receive and decode the data. Adventure Quest Worlds. Actual latency is often much higher because of packet processing in networking equipment. the game execution on the game server. and user tolerance for lag depends highly upon the type of game. incur online lag due to a combination of local and remote processing lag and communications latency. World of Warcraft. For instance. Lag in local video gaming All video games incur some lag. a strategy game or a turn-based game with a low pace may have a high threshold or even be mostly unaffected by high delays. allowing for fast local response most of the time. which is the time taken for a sent packet of data to be received at the other end. the video and audio compression and decompression. The game server then renders the next frame of the game video which is compressed using low-lag video compression and is sent downstream and decompressed by the thin client. But. since once an input from the player is received. whereas a twitch gameplay game such as a first-person shooter with a considerably higher pace may require significantly lower delay to be able to provide satisfying gameplay. fast chess is a turn-based game that is fast action and may not tolerate high lag. the round-trip lag of all elements of the cloud gaming system (the thin client. the specific characteristic of the game matter. The term lag is often also used as a synonym for communication latency. [1] In real-time applications. server latency or overworked hardware. Lag in online multiplayer gaming All online video games such as Minecraft. the game must compute the next frame of video and that video frame must be scanned out to a display device.[4] Lag in cloud gaming Cloud gaming is a type of online gaming where the entire game is hosted on a game server in a data center. This is also known as "one-way latency".

Retrieved 2010-08-27. edu/ videos/ 545/ 60/ 79).[11] In September 2010.[11] resulting in the assessment in July 2010 that "Out of controlled conditions.html) • Bandwidth and Latency (http://compnetworking. onlive. [5] What is Lag? at gamedev. 2010-07-09.htm) • It's the Latency.reference. OnLive" (http:/ / www. Retrieved 2010-08-27.htm) . 2010-08-09. OnLive has managed to get within spitting distance of console response times". Retrieved 2010-08-27. Stupid (http://rescomp. distance considerations of the speed of light through optical fiber come into play.edu/~cheshire/rants/Latency.Lag Section (http://www. . eurogamer. ndia-mich. allthingsd. 2009-09-05. cloud gaming lag is only slightly higher than local console lag.com/guide/lag.Lag locally. . Retrieved 2010-08-27. columbia. gamedev. In fact. 2010-09-06. [10] "Console Gaming: The Lag Factor" (http:/ / www. reference.com/od/speedtweaks/l/aa021902a. net/ articles/ digitalfoundry-vs-onlive-article/ ). 2010-02-23. iPhone" (http:/ / video. gamezone. Console. Retrieved 2010-01-23. 290F/ papers/ claypool-10. Wall Street Journal. Mac.bluesnews. ucsb. . [12] "OnLive Does What Consoles Can’t: The promise of constant performance upgrades may pull it ahead of today’s consoles. Eurogamer Digital Foundry. [9] "Beta Testing at the Speed of Light" (http:/ / blog. brighthub. reviewers reported a steady reductions in lag due to constant improvements in the technology. pdf/ ). [11] "Digital Foundry vs. OnLive. aspx/ ). com/ video/ d8-video-onlive-demo/ 9D57A2C6-24ED-4351-8266-F3F7BA0C4D18/ ). . . Retrieved 2010-08-27. net/ reference/ articles/ article712. External links • The Gamer's Guide from Blues News ." (http:/ / www. according to OnLive.[9] Cloud gaming is a very new technology. cs. currently limiting the distance between a user and a cloud gaming game server to approximately 1000 miles. 2010-01-21. seas.net (http:/ / www. Unreal Tournament 3 incurs up to 133ms of lag on a console[10] and was tested in July 2010 as incurring 150ms in lag on OnLive. Eurogamer Digital Foundry. Lag and Servers" (http:/ / www. asp) [6] "Latency Can Kill: Precision and Deadline in Online Games" (http:/ / www. com/ editorials/ item/ onlive_succeeds_consoles_by_constant_performance_upgrades/ ). the only company thus far operating a cloud gaming service. [7] "D8 Video:OnLive demoed on iPad. The FU Foundation School of Engineering & Applied Science (Columbia University). but early tests have shown that in practice.about. wiktionary. . [8] "The Process of Invention: OnLive Video Game Service" (http:/ / tv. pdf) [4] "Noob Glossary: Ping. PC. org/ wiki/ lag) [3] Mitigating the Effects of Time Lags on Driving Performance (robotics) (http:/ / www.com (http:/ / dictionary. Retrieved 2010-08-19. 2009-12-13. com/ video-games/ pc/ articles/ 45925. Gamezone. eurogamer. . I forgot that it wasn't running natively on my PC. org/ downloads/ GVSETS/ GVSETSPapers/ Robotic Systems/ Mitigating the Effects of Time Lags on Driving Performance.stanford."[12] 112 References [1] "lag" at dictionary.[7] [8] Because of such tight lag requirements. ACM. to the point where "the actions on screen were one-to-one with my input controls. Retrieved 2010-01-23. For example. com/ 2010/ 01/ 21/ beta-testing-at-the-speed-of-light/ ). Bright Hub!. com/ browse/ lag) [2] "lag" at wiktionary (http:/ / en. edu/ ~almeroth/ classes/ W10. net/ articles/ digitalfoundry-lag-factor-article?page=3/ ). .

Link state packet 113 Link state packet Overview Link State Packet (LSP) is a packet of information generated by a network router in a link state routing protocol that lists the router's neighbors. In order to make the flooding procedure reliable. Depending on the state of the sending interface and the source of the advertisements being acknowledged. . If retransmission of certain advertisements is necessary. to the multicast address AllDRouters. However. To make the flooding of link state advertisements reliable. followed by a sequence number and age. Smart flooding. but cannot use the routing database. and the cost of changing a link if the need arises. For each neighbor. or changing its properties appreciatively. Link State Update packets are multicast on those physical networks that support multicast/broadcast. because it generates exponential behavior. or as a unicast. LSPs are queued for transmission. Types of Link State packets Link state packets are usually implemented with Open Shortest Path First(OSPF) protocol. Developing Link State Packets When Information needed for exchange is collected. if a link failure occurs. at regular intervals. Each Link State Update packet carries a collection of link state advertisements one hop further from its origin. a Link State Acknowledgment packet is sent either to the multicast address AllSPFRouters. the retransmitted advertisements are always carried by unicast Link State Update packets. that is. Building a link state packet is usually easy. the complex part is determining when to build them. flooded advertisements are explicitly acknowledged. They are used to efficiently determine what the new neighbor is. ordinary flooding may result in problems. and can be distributed throughout the network. These packets implement the flooding of link state advertisements. or when some significant event occurs. a router then builds a packet containing all the data. OSPF's reliable update mechanism is implemented by Link State Update and Link State Acknowledgment packets. Link state update packet Link State Update packets are OSPF packet type 4. Several link-state advertisement may be included in a single packet. such as a line or neighbor going down or coming back up again. Multiple link state advertisements can be acknowledged in a single Link State Acknowledgment packet. The packet starts with the identity of the sender. Link state packet can also be further defined as special datagrams that determine the names of and the cost or distance to any neighboring routers and associated networks. This acknowledgment is accomplished through the sending and receiving of Link State Acknowledgment packets. the delay to that neighbor is given. A major procedure called flooding which is used for distributing link state algorithms throughout the routing domain can be implemented with link state packets. and must time out at about the same time. They must be acknowledged. flooded advertisements are acknowledged in Link State Acknowledgment packets. Link state acknowledgment packet Link State Acknowledgment Packets are OSPF packet type 5. and a list of neighbors. One way to reduce this problem is to build them periodically. on the other hand recognizes link state packets appropriately.

[6] Although TCP can recover from packet loss. Effects When caused by network problems. Packet loss is distinguished as one of the three main error types encountered in digital communications. Protocols such as UDP provide no recovery for lost packets. and will affect all other network applications to a degree. the other two being bit error and spurious packets caused due to noise. packet drop because of channel congestion [1] [2] . corrupted packets rejected in-transit. faulty network drivers or normal routing routines (such as DSR in ad-hoc networks ). [4] However. Applications that use UDP are expected to define their own mechanisms for handling packet loss. [5] Packet recovery Some network transport protocols such as TCP provide for reliable delivery of packets. the receiver asks for retransmission or the sender automatically resends any segments that have not been acknowledged. Infocom 2004. If the latency and the packet loss at the destination hop are acceptable then the hops prior to that one don't matter. it is important to note that packet loss does not always indicate a problem. NJ : Prentice Hall. This retransmission causes the overall throughput of the connection to drop.Link state packet 114 References • FireWire system architecture : IEEE 1394a / MindShare. the only effect seen due to the occasional dropped packet is jitter. Don. In certain variants of TCP. voice over IP. Don Anderson Anderson. online gaming and videoconferencing. Acceptable packet loss “The fraction of lost packets increases as the traffic intensity increases. packet loss probability is also affected by signal-to-noise ratio and distance between the transmitter and receiver. In addition to this. c1999 • Routing in communications networks / editor. faulty [3] networking hardware. performance at a node is often measured not only in terms of delay. it will be re-sent along with every packet that had been sent after it. if a transmitted packet is lost. . for Voice over IP traffic. Martha Steenstrup Englewood Cliffs. but also in terms of the probability of packet loss…a lost packet may be retransmitted on an end-to-end basis in order to ensure that all data are[sic] eventually transferred from source to destination. Packet loss Packet loss occurs when one or more packets of data travelling across a computer network fail to reach their destination. : Addison-Wesley. For example. and therefore “[m]issing one . 1995 • Radia Perlman “Rbridges: Transparent Routing”. Mass. lost or dropped packets can result in highly noticeable performance issues or jitter with streaming technologies. 1953Reading. retransmitting missing packets causes the throughput of the connection to decrease. Causes Packet loss can be caused by a number of factors including signal degradation over the network medium due to multi-path fading.” [7] The amount of packet loss that is acceptable depends on the type of data being sent. Inc. This drop in throughput is due to the sliding window protocols used for acknowledgment of received packets. In the event of packet loss. Therefore.

W. (2010).”[8] On the other hand. In some connections. C. Software.php?simu=tcp_fast_retransmit&protocol=TCP&title=4. P 147. then there is no other solution than to drop packets. K. J. Computer Networking: A Top-Down Approach. Kurose. W. & Ross. New York: Addison-Wesley. F. Kurose. Computer Networking: A Top-Down Approach. Computer Networking: A Top-Down Approach.[9] The TCP protocol is designed with a slow-start connection strategy so that excessive packet loss will cause the sender to throttle back and stop flooding the bottleneck point with data (using perceived packet loss as feedback to discover congestion). K. P 42-43. & Antonakos. When given a situation where the amount of content due to be pushed through a connection is growing at a rate greater than it is possible to push through that connection. & Ross. & Ross.net/tcp_histrory.Fast transmit&ctype=1) . K. P 30. & Ross. J. There are many methods used for determining which packets to drop. P 30. P 282-283 External links • Interactive animation of TCP fast retransmit simulation: packet loss detection and recovery. & Ross. Cengage Learning. "Packet loss or latency at intermediate hops. packet loss is not necessarily an indication of poor connection reliability or a bottleneck. Losses between 5% and 10% of the total packet stream will affect the quality significantly. J. J. (2010). [10] Kurose. Computer Networking: A Top-Down Approach. nessoft. Computer Networking: A Top-Down Approach. W. packets may be intentionally dropped in order to slow down specific services for no other reason than to dissuade users from using those services. [9] Kurose. New York: Addison-Wesley. which is where the aforementioned packet retransmission schemes are used. New York: Addison-Wesley. (2010). New York: Addison-Wesley. Computer Networking: A Top-Down Approach. For this reason. W. K. W. Boston: Course Technology. K. P 242. W. quality of service and other methods are applied. (2010)." (http:/ / www. visualland. (2010). Packet loss is closely associated with quality of service considerations. For these types of connections. E. Computer Networking: A Top-Down Approach. F. J. F. [10] The data packets will be transmitted over a longer duration. J. 115 References [1] [2] [3] [4] [5] [6] [7] [8] Kurose. Computer Networking from LANs to WANs: Hardware. dropping packets when the queue is full is a poor solution for any connection that requires real-time throughput. (http://www. when transmitting a text document or web page. Perkins.Packet loss or two packets every now and then will not affect the quality of the conversation. F. . Boston: Addison-Wesley. However. F. a single dropped packet could result in losing part of the file. (2010). New York: Addison-Wesley. (2010). F. Kurose. Ad-Hoc Networking. (2001). Kurose. J. & Ross. New York: Addison-Wesley. and is related to the erlang unit of measure. K. W. P 602. (2010). New York: Addison-Wesley. P 30. P501. also known as a bottleneck. K. This type of packet dropping is called tail drop. com/ kb/ 24) (HTTP). Retrieved 2007-02-25. and Security. Mansfield. F. Most basic networking equipment will use FIFO queuing for packets waiting to go through the bottleneck and they will drop the packet if the queue is full at the time the packet is received. C. J. & Ross. L. K.

References [1] Javvin Www Networkdictionary Com (1 March 2007).[1] The name is derived from packet from Mars. ISBN 9781602670006. It aims to destabilize the network and sometimes to reveal its available services – when network operators need to restart the disabled ones. most invalid packets are easily filtered by modern stateful firewalls.0/16.0. Their usage is associated with a type of network attack called a denial-of-service (DoS) attack.0/8. when not participating in a private network. 172. iana. a mangled or invalid packet is a packet—especially IP packet—which either lacks order or self-coherence. Martian packet A Martian packet is an IP packet which specifies a source or destination address that is reserved for special-use by Internet Assigned Numbers Authority (IANA) and cannot actually originate as claimed or be delivered. • An incoming or outgoing packet whose source or destination address is in the range 127. catb. • An incoming packet with a destination address of 255.Mangled packet 116 Mangled packet In computer networking. [4] RFC 5735 . Mangled packets can be generated by dedicated software such as nmap or Nessus. or contains code aimed to confuse or disrupt computers. p.Ingress Filtering for Multihomed Networks [3] "Jargon File: martian" (http:/ / www. Javvin Technologies Inc.168. org/ jargon/ html/ M/ martian.. com/ books?id=On_Hh23IXDUC& pg=PA300).0.0. which is reserved for loopback within the host. org/ assignments/ ipv4-address-space/ ). a place where packets clearly can not originate. .Special Use IPv4 Addresses [5] "IANA IPv4 Address Space Registry" (http:/ / www.16. .255.0.0/12. google. 300.255. . • An incoming or outgoing packet with a Bogon source or destination address in an as-yet-unallocated range.0.[1] Martian packets commonly arise from IP address spoofing in denial-of-service attacks.[3] Examples of Martian packets are[4] : • A packet with a source or destination IPv4 address in the ranges 10. Network Dictionary (http:/ / books. which is reserved for internal broadcast.0/8.[2] but can also arise from network equipment malfunction or misconfiguration of a host.0. .0/4. References [1] RFC 1812 . or 192. routers or any service present on the network.[1] As of 2008. Retrieved 21 April 2011. firewalls. html).0. or in [5] the future-use range 240.0.Requirements for IP Version 4 Routers [2] RFC 3704 .255/32.

At a given bit error rate larger packets are more likely to be corrupted.). For most computer users. It does not count the TCP header or the IP header. The TCP/IP Guide [2] (3E ed. htm Maximum transmission unit In computer networking. Further reading • Comer. . for example) can fix the size of an MTU. USA: Prentice Hall. such as headers or underlying per-packet delays. Charles M. specified in bytes. remain fixed. and therefore in a single IP datagram. MTU parameters usually appear in association with a communications interface (NIC. causing greater delays to following packets and increasing lag and minimum latency. Internetworking with TCP/IP (5E ed.[1] The IP datagram containing a TCP segment may be self-contained within a single packet. com/ free/ t_TCPMaximumSegmentSizeMSSandRelationshiptoIPDatagra-2.). NJ. Retransmissions of larger packets take longer. Corruption of a single bit in a packet requires that the entire packet be retransmitted. References [1] RFC 879 (http:/ / tools. the resulting higher efficiency means a slight improvement in bulk protocol throughput. Retrieved 2007-11-28. org/ html/ rfc879#section-3). "The MSS counts only data octets in the segment. Standards (Ethernet.). ties up a 14. A larger MTU brings greater efficiency because each packet carries more user data while protocol overheads. Each direction of data flow can use a different MSS. a 1500-byte packet. tcpipguide. the largest allowed by Ethernet at the network layer (and hence over most of the Internet). either way.Maximum segment size 117 Maximum segment size The maximum segment size (MSS) is a parameter of the TCP protocol that specifies the largest amount of data. Upper Saddle River. (2006). ietf. Large packets are also problematic in the presence of communications errors." [2] http:/ / www. per-packet-processing can be a critical performance limitation. Douglas E. page 2. or it may be reconstructed from several fragmented pieces. • Kozierok. Large packets can occupy a slow link for some time. the maximum transmission unit (MTU) of a communications protocol of a layer is the size (in bytes) of the largest protocol data unit that the layer can pass onwards.4k modem for about one second. serial port. it does not count the TCP header or the IP header. Therefore: MSS + Header ≤ MTU Every host is required to be able to handle an MSS of at least 536 bytes. the MSS limit applies to the total amount of data contained within the final reconstructed TCP segment. or systems (such as point-to-point serial links) may decide MTU at connect time. etc. that a computer or communications device can receive in a single TCP segment. Section 3. (2005-09-20). the MSS option is established by operating system on the SYN packet during the TCP handshake. In some systems. For example. A larger MTU also means processing of fewer packets for the same amount of data.

2272 4464 [8] 4352 [4] IP (Internet protocol) DARPA designed the Internet protocol suite to work over many networking technologies. almost everything has to be fragmented. but every intermediate router has to do double the work in terms of header parsing and routing decisions.3) Ethernet Jumbo Frames WLAN (802. Another potential problem is that higher-level protocols may create packets larger than a particular link supports. each small enough to pass over the single link that is being fragmented for. To get around this issue. but each packet now has to be sent in two fragments. This fragmentation process takes place at the IP layer (OSI layer 3) and marks packets it fragments as such. In certain cases the overhead this causes can be considered unreasonable or unnecessary.[2] Media Maximum Transmission Unit (bytes) Internet IPv4 Path MTU At least 68 [3] Practical path MTUs are generally higher. Systems may use Path MTU Discovery to find the actual path MTU. This method implies a number of possible drawbacks: • All fragments of a packet must arrive for the packet to be considered received. the second of which carries very little payload. so that the IP layer of the destination host knows it should reassemble the packets into the original datagram. If the network drops any fragment. using the MTU parameter configured for that interface. which is 576.5) FDDI At least 1280 [4] [4] [6] 1500 1492 1500-9000 The limit varies by vendor. which has a value of 576 for IPv4[1] and of 1280 for IPv6. each of which may have different sized packets. Systems must use Path MTU Discovery to find the actual path MTU. IPv4 links must be able to forward packets of size up to 68 [4] bytes. the whole Ethernet network must have the same MTU. • When the size of most or all packets exceed the MTU of a particular link that has to carry those packets.11) Token Ring (802. [7] Practical path MTUs are generally higher. The MTU must not be confused with the minimum datagram size that all hosts must be prepared to accept. Jumbo frames are usually only seen in special purpose networks. Nearly all IP over Ethernet implementations use the Ethernet V2 frame format. the entire packet is lost.including IP headers but excluding headers from lower levels in the protocol stack. . Notes Internet IPv6 Path MTU Ethernet v2 Ethernet (802. For example. it will not initially know the lowest MTU in a chain of links to any other peers. This should not be mistaken [5] with the packet size every host must be able to handle. For correct interoperation. The same amount of payload is being moved. various tunneling situations cross the MTU by very little as they add just a header's worth of data. IP allows fragmentation: dividing the datagram into pieces. While a host will know the MTU of its own interface and possibly that of its peers (from initial handshakes). The addition is small.Maximum transmission unit 118 Table of MTUs of common media Note: the MTUs in this section are given as the maximum size of IP packet that can be transmitted without fragmentation .

The Internet Protocol requires that hosts must be able to process IP datagrams of at least 576 bytes (for IPv4) or 1280 bytes (for IPv6). The process repeats until the MTU becomes small enough to traverse the entire path without fragmentation. which prevents path MTU discovery from working. this does not preclude Data Link Layers with an MTU smaller than IP's minimum MTU from conveying IP data. It works by setting the DF (Don't Fragment) option in the IP headers of outgoing packets. For example. but get no response after that. Also. separate from IP's own fragmentation mechanism. border protocols like PPPoE will reduce this. then the link layer MUST provide its own fragmentation and reassembly mechanism. which may introduce further packet drops before the host finds the new safe MTU. depending on which part of the network one controls. the path MTU is the largest packet size that can traverse this path without suffering fragmentation. with the possible result of making some sites behind badly-configured firewalls unreachable. to the IP layer. in response to various events (load-balancing. One can possibly work around this.this could result in the path MTU changing (sometimes repeatedly) during a transmission. However. RFC 4821. . congestion. Packetization Layer Path MTU Discovery. increasing numbers of networks drop ICMP traffic (e.g. to ensure that a 1280-byte IP datagram can be delivered. This information allows the source host to reduce its assumed path MTU appropriately.) . • There is no simple method to discover the MTU of links beyond a node's direct peers.g. any further fragmentation that turns out to be necessary will increase the overhead even more. to prevent denial-of-service attacks). 119 Path MTU Discovery The Internet Protocol defines the "Path MTU" of an Internet transmission path as the smallest MTU of any of the IP hops of the "path" between a source and destination. with IRC a connecting client might see the initial messages up to and including the initial ping (sent by the server as an anti spoofing measure). a technique for determining the path MTU between two IP hosts. outages. etc. according to IPv6's specification. Put another way. for example one can change the MSS (maximum segment size) in the initial packet that sets up the TCP connection at one's firewall. however. For example. Any device along the path whose MTU is smaller than the packet will drop such packets and send back an ICMP "Destination Unreachable (Datagram Too Big)" message containing its MTU. 1500) and the Path MTU causes Path MTU Discovery to come into effect. The difference between the MTU seen by end-nodes (e. One often detects such blocking in the cases where a connection works for low-volume data but hangs as soon as a host sends a large block of data at a time. Most Ethernet LANs use an MTU of 1500 bytes (modern LANs can use Jumbo frames. the path from the source address to the destination address often gets modified dynamically.Maximum transmission unit • As it is normal to maximize the payload in every fragment. describes a Path MTU Discovery technique which responds more robustly to ICMP filtering. in an IP network. RFC 1191 (IPv4) and RFC 1981 (IPv6) describe "Path MTU Discovery". Unfortunately. allowing for an MTU up to 9000 bytes). intact. This is because the large set of welcome messages are sent out in packets bigger than the real MTU. in general as well as when fragmenting. if a particular Data Link Layer physically cannot deliver an IP datagram of 1280 bytes in a single frame.

So in the worst case. and an AAL5 overhead of 8 bytes. developed by ITU-T. So in this example. RFC 2516 prescribes a maximum MTU for PPPoE/DSL connections of 1492: a PPPoE header of 6 bytes. Taking this figure of 1488 and subtracting from it any overheads contributed by all relevant higher protocols we can obtain a suggested value for an artificially-reduced optimal MTU. The G. For example. This is almost always caused by faulty devices. one additional cell is needed to transmit the one last byte of payload. or 31 full ATM cells. in the form of one extra ATM cell. leaving enough room for a 1488 byte payload.for example: where an ATM (Asynchronous Transfer Mode) network carries IP traffic. again choosing to fill 31 ATM cells as before. Disruption The transmission of a packet on a physical network segment that is larger than the segment's MTU is known as jabber. For the example of IP over DSL connections using PPPoA/VC-MUX. each of which can carry a payload of 48 bytes of user data with 5 bytes of overhead for a total cost of 53 bytes per cell. So the total length of the transmitted data length is 53 * ncells bytes. artificially declaring a reduced MTU in software maximises protocol efficiency at the ATM layer by making the ATM AAL5 total payload length a multiple of 48 bytes whenever possible.Maximum transmission unit 120 ATM backbones. phone lines and coaxial cables).hn Data Link Layer accepts data frames of up to 214 bytes (16384 bytes). use ATM on their internal backbone network. ATM operates at optimum efficiency when packet length is a multiple of 48 bytes. an example of MTU tuning Sometimes the demands of efficiency encourage artificially declaring a reduced MTU in software below the true maximum possible length supported . 31 completely filled ATM cells carry a payload of 31*48=1488 bytes. MTU in other standards The G. For this reason. keeping to a self-imposed reduced MTU of 1478 as opposed to sending IP packets of total length 1500 saves 53 bytes per packet at the ATM layer at a cost of a 22 byte reduction of the length of IP packets. particularly those with a telephony background. the final cell costing an extra 53 transmitted bytes 47 of which are padding.hn defines a procedure for segmentation that divides the data frame into smaller segments. where ncells = the number of required cells of = INT((payload_length+47)/48). Some providers. we obtain a desired optimal reduced MTU figure of 1478 = 31*48-10 taking into account an overhead of 10 bytes consisting of a Point-to-Point Protocol overhead of 2 bytes. In order to avoid the problem of long data-frames taking up the medium for long periods of time.hn standard. In the case of IP sent over ADSL using PPPoA the figure of 1478 would be the total length of the IP packet including IP headers.[9] . G. Many network switches have a built-in capability to detect when a device is jabbering and block it until it resumes proper operation. In the case where the user would normally send 1500 byte packets. sending between 1489 and 1536 bytes requires an additional fixed cost of 53 bytes transmitted. This is because ATM is sent as a stream of fixed-length packets (known as 'cells'). provides a high-speed (up to 1 Gigabit/s) local area network using existing home wiring (power lines. This gives a total cost of 31*53=1643 bytes transmitted via ATM from a 1478 byte packet passed to PPPoA. where the total length = (48*n+1) bytes.

11 MAC Frames .phildev.html). 24. p. Retrieved 2007-09-02. p.shtml) via ping and setting it in Microsoft Windows • DrTCP (http://www. 3com.Wireless.wifi. "Every internet module must be able to forward a datagram of 68 octets without further fragmentation.com/projects/mturoute.cfm)   MTU discovery tool for IPv4 and IPv6 networks . wireless-center.php) – a console utility for debugging mtu problems • MSS Initiative (http://www. com/ infodeli/ tools/ switches/ ss3/ management/ ug/ cli_mg6a.net/iptables-tutorial/iptables-tutorial. 24.com/products/mtupath. htm) • Marc Slemko (January 18.Optimization Tips (http:/ / www.com/~marcs/ mtu/index.expedient. html) [9] 3Com SuperStack Switch Management Guide (http:/ / support.co.dslreports.Wlan. "Path MTU Discovery and Filtering ICMP" (http://alive.Maximum transmission unit 121 References [1] RFC 791. External links • Tweaking your MTU / RWin for Orange Broadband Users (http://www. "Every internet destination must be able to receive a datagram of 576 octets either in one piece or in fragments to be reassembled.elifulkerson.iea-software.net/mss/) • MTU Path (http://www. p.frozentux.orangeproblems. 1998). net/ Wireless-Internet-Technologies-and-Applications/ 1925." [4] RFC 1191 [5] RFC 791.com/drtcp) – a utility for optimizing MTU under Microsoft Windows • mturoute (http://www.znep.Configuration. 13 [2] RFC 2460.and. p." [6] RFC 2460 [7] RFC 6145 [8] Structure of the IEEE 802. 13 [3] RFC 791. html#TCPMSSTARGET) • Discovering of MTU value (http://help.net/broadband/mtu_ping_test.uk/kitz/) • How to set the TCP MSS value using iptables (http://www.

However: • today's (2006) Wireless LAN effective bandwidth throughput (15-100Mbit/s) is easily filled by a single personal computer. Modern networks use congestion control and network congestion avoidance techniques to try to avoid congestion collapse. networks using these protocols can exhibit two stable states under the same level of load. • Denial of service attacks by botnets are capable of filling even the largest Internet backbone network links (40 Gbit/s as of 2007). including router processing time and link throughput. • Even on fast computer networks (e.11's CSMA/CA and the original Ethernet. An example of this is 802. Network capacity The fundamental problem is that all network resources are limited. or to an actual reduction in network throughput. phone lines and coaxial cables). RFC 2914 addresses the subject of congestion control in detail.Network congestion 122 Network congestion In data networking and queueing theory. Congestion collapse generally occurs at choke points in the network. These include: exponential backoff in protocols such as 802. and there are high levels of packet delay and loss (caused by routers discarding packets because their output queues are too full) and general quality of service is extremely poor. but they help to alleviate the effects of congestion for some services. generating large-scale network congestion Congestive collapse Congestive collapse (or congestion collapse) is a condition which a packet switched computer network can reach.1p. and fair queueing in devices such as routers. The stable state with low throughput is known as congestive collapse. Another method to avoid the negative effects of network congestion is implementing priority schemes. Typical effects include queueing delay. so that some packets are transmitted with higher priority than others.hn standard. where the total incoming bandwidth to a node exceeds the outgoing bandwidth. window reduction in TCP. Connection points between a local area network and a wide area network are the most likely choke points. • Because P2P scales very well. it has settled (under overload) into a stable state where traffic demand is high but little useful throughput is available. packet loss or the blocking of new connections. . A third method to avoid network congestion is the explicit allocation of network resources to specific flows. When a network is in such a condition. network congestion occurs when a link or node is carrying so much data that its quality of service deteriorates. Thus. the backbone can easily be congested by a few servers and client PCs. A DSL modem is the most common small network example. with between 10 and 1000 Mbit/s of incoming bandwidth and at most 8 Mbit/s of outgoing bandwidth. when little or no useful communication is happening due to congestion. particularly when nearby peers are preferred over distant peers. Priority schemes do not solve network congestion by themselves. One example of this is the use of Contention-Free Transmission Opportunities (CFTXOPs) in the ITU-T G. file transmissions by P2P have no problem filling and will fill an uplink or some other network bottleneck. Network protocols which use aggressive retransmissions to compensate for packet loss tend to keep systems in a state of network congestion even after the initial load has been reduced to a level which would not normally have induced network congestion. which provides high-speed (up to 1 Gbit/s) Local area networking over existing home wires (power lines. A consequence of these latter two is that incremental increases in offered load lead either only to small increases in network throughput.g. 1 Gbit).

such as reducing the rate of sending packets. Let be the rate of flow and . The mathematical expression for optimal rate allocation is as follows. Congestion control Congestion control concerns controlling traffic entry into a telecommunications network. dated 6 January). and be 1 if flow uses link and 0 otherwise. so that each flow sets its own rate. The sum of these Lagrange multipliers. which measures how . so as to avoid congestive collapse by attempting to avoid oversubscription of any of the processing or link capabilities of the intermediate nodes and networks and taking resource reducing steps. When this packet loss occurred. called the utility. expecting the end points of the network to retransmit the information. the end points sent extra packets that repeated the information lost. vectors and matrix. and this continued to occur until end nodes started implementing Van Jacobson's congestion control between 1987 and 1988. although many others are possible. doubling the data rate sent. Cause When more packets were sent than could be handled by intermediate routers. It was first observed on the early Internet in October 1986. This pushed the entire network into a 'congestion collapse' where most packets were lost and the resultant throughput was negligible.Network congestion 123 History Congestion collapse was identified as a possible problem as far back as 1984 (RFC 896. based only on a "price" signalled by the network. Theory of congestion control The modern theory of congestion control was pioneered by Frank Kelly. A major weakness of this model is that it assumes all flows observe the same price. The optimal rate allocation then satisfies much benefit a user obtains by transmitting at rate such that The Lagrange dual of this problem decouples. However. Many current congestion control algorithms can be modelled in this framework. early TCP implementations had very bad retransmission behavior. is the price to which the flow responds. which gives rise to a Lagrange multiplier. Congestion control then becomes a distributed optimisation algorithm for solving the above problem. be the be the corresponding be an increasing. which prevents the sender from overwhelming the receiver. who applied microeconomic theory and convex optimization theory to describe how individuals controlling their own rates can interact to achieve an "optimal" network-wide rate allocation. . Let capacity of link . the intermediate routers discarded many packets. with being either the loss probability or the queueing delay at link . while sliding window flow control causes "burstiness" which causes different flows to observe different loss or delay at a given link. when the NSFnet phase-I backbone dropped three orders of magnitude from its capacity of 32 kbit/s to 40 bit/s. It should not be confused with flow control. Each link capacity imposes a constraint. strictly convex function. Let . exactly the opposite of what should be done during congestion. . Examples of "optimal" rate allocation are max-min fair allocation and Kelly's suggestion of proportional fair allocation.

delay. fairness. The correct end point behaviour is usually still to repeat dropped information. Other strategies such as slow-start ensure that new connections don't overwhelm the router before the congestion detection can kick in. where the mechanisms described above can handle it. End-to-end flow control mechanisms designed into the end points which respond to congestion and behave appropriately. Thus. sender. can be troublesome. where packets are randomly dropped proactively triggering the end points to slow transmission before congestion collapse actually occurs. sender and receiver need modification. lossy links.Network congestion 124 Classification of congestion control algorithms There are many ways to classify congestion control algorithms: • By the type and amount of feedback received from the network: Loss. cheap fiber-optic lines have reduced costs in the Internet backbone. the congestion lifts and good use of the network occurs. proportional. TCP is perhaps the best behaved. Some end-to-end protocols are better behaved under congested conditions than others. such as quality-of-service routing. The most common router mechanisms used to prevent congestive collapses are fair queueing and other scheduling algorithms. but it was not until Van Jacobson's inclusion of an open source solution in the Berkeley Standard Distribution UNIX ("BSD") in 1988 that good TCP implementations became widespread. and random early detection. The first TCP implementations to handle congestion well were developed in 1984. . Congestion in the Internet backbone is very difficult to deal with. receiver and routers need modification. Protocols built atop UDP must handle congestion in their own way. 2. special measures. Fair queueing is most useful in routers at choke points with a small number of connections passing through them. but progressively slow the rate that information is repeated. single-bit or multi-bit explicit signals • By incremental deployability on the current Internet: Only sender needs modification. Larger routers must rely on RED. Protocols atop UDP which transmit at a fixed rate. UDP does not. or RED. including many Voice over IP protocols. and the end points all get a fair share of the available bandwidth. must be taken to keep packets from being dropped from streams. The backbone can thus be provisioned with enough bandwidth to keep congestion at the periphery. In general. variable-rate links • By the fairness criterion it uses: max-min. advantage to short flows. A mechanism in routers to reorder or drop packets under overload. only router needs modification. Provided all end points do this. in itself. • By the aspect of performance it aims to improve: high bandwidth-delay product networks. "minimum potential delay" Avoidance The prevention of network congestion and collapse requires two major components: 1. have any congestion control mechanism. Real-time streaming protocols. independent of congestion. congestion in pure datagram networks must be kept out at the periphery of the network. Fortunately. have this property.

By keeping the average queue size small. Experiments have confirmed that the existing RED-like algorithms are notably vulnerable under Low-rate Denial-of-Service [4] (LDoS) attacks due to the oscillating TCP queue size caused by the attacks [11] . Robust random early detection (RRED) Robust Random Early Detection (RRED) algorithm was proposed to improve the TCP throughput against Denial-of-Service (DoS) attacks.g. RRED algorithm can significantly improve the performance of TCP under Low-rate Denial-of-Service attacks [11] . since there are a number of different trade-offs available. Recent Publications in low-rate Denial-of-Service (DoS) attacks [12] . Active Queue Management (AQM) Purpose "Recommendations on Queue Management and Congestion Avoidance in the Internet" (RFC 2309[7] ) states that: • • • • Fewer packets will be dropped with Active Queue Management (AQM). RED indirectly signals to sender and receiver by deleting some packets. time. Random early detection [8] [9] On network One solution is to use random early detection (RED) on network equipments port queue buffer. 50% (lower threshold) filled and deletes linearly more or (better according to paper) cubical more [10] up to e. [1] TCP/IP congestion avoidance The TCP congestion avoidance algorithm is the primary basis for congestion control in the Internet. e.g.Network congestion 125 Practical network congestion avoidance Implementations of connection-oriented protocols.g. The link utilization will increase because less TCP global synchronization will occur. The average queue buffer lengths are computed over 1 second at a packets. equipment ports with more than one queue buffer. weighted random early detection (WRED) could be used if available. when the average queue buffer lengths are more than e. losses. queue management will reduce the delays and jitter seen by flows.this is called TCP global synchronization. particularly Low-rate Deinal-of-Service (LDoS) attacks. Then TCP's automatic congestion avoidance is not enough. [2] [3] [4] [5] [6] Problems occur when many concurrent TCP flows are experiencing port queue buffer tail-drops. The connection bandwidth will be more equally shared among connection oriented flows. All flows that experience port queue buffer tail-drop will begin a TCP retrain at the same moment . or delays (see Quality of Service) in order to adjust the transmit speed. There are many different network congestion avoidance processes. even without flow-based RED or WRED. generally watch for packet errors. 100% (higher threshold). such as the widely-used TCP protocol.

this data creates a congestion point at an upstream provider by flooding the queue much faster than it can be emptied. When there are many applications simultaneously requesting downloads.[8] one of the authors of ECN. [15] [16] TCP Window Shaping Congestion avoidance can also efficiently be achieved by reducing the amount of traffic flowing into a network. Engine IV and V has the possibility to classify all flows in "aggressive" (bad) and "adaptive" (good). It ensures that no flows fill the port queues for a long time. However. This technique can reduce congestion in a network by a factor of 40. The TCP connections running over a radio based physical layer see the data loss and tend to believe that congestion is occurring when it isn't and erroneously reduce the data rate sent. but it requires explicit support by both hosts to be effective. by Sally Floyd. thus reducing the congestion and allowing traffic to flow more freely. e. this method. . With Another approach is to use IP ECN. an ECN bit is used to signal that there is explicit congestion.Network congestion Flowbased-RED/WRED Some network equipment are equipped with ports that can follow and measure each flow (flowbased-RED/WRED) and are hereby able to signal to a too big bandwidth flow according to some QoS policy. [14] Some outdated or buggy network equipment drops packets with the ECN bit set. Cisco AQM: Dynamic buffer limiting (DBL) Cisco has taken a step further in their Catalyst 4000 series with engine IV and V. This results in the server sending a full window of data (assuming the file is larger than the window). this causes WiFi. This is better than the indirect packet delete congestion notification performed by the RED/WRED algorithms. DBL can utilize IP ECN instead of packet-delete-signalling. the remote servers will send less data. A policy could divide the bandwidth among all flows by some criteria.g. Side effects of congestive collapse avoidance Radio links The protocols that avoid congestive collapse are often based on the idea that data loss on the Internet is caused by congestion. graphic or web page. By using a device to reduce the window advertisement. it usually advertises a "window" of between 32K and 64K. it will set an ECN-flag notifying the sender of congestion. 3G or other networks with a radio layer to have poor throughput in some cases since wireless networks are susceptible to data loss due to interference. More information on the status of ECN including the version required for Cisco IOS. errors during transmission are rare on today's fiber based Internet. When an application requests a large file. IP ECN [13] ECN is only used when the two hosts signal that they want to use it. rather than ignoring the bit. by decreasing the tcp window size (sending rate) or by other means. This is true in nearly all cases. The sender then ought to decrease its transmission bandwidth. 126 When a router receives a packet marked as ECN capable and anticipates (using RED) congestion.

no parameters are to be adjusted. pdf?attredirects=0). Karels. psu. htm#1271759) • "Deploying IP and MPLS QoS for Multiservice Networks: Theory and Practice" by John Evans. and Fast Recovery Algorithms [4] RFC 2581 . 489-491.org/html/rfc896) .ietf. Van Jacobson. Stanford.314–329.1(4): pp. Compared to the original linear drop function applicability is extended by far.org/html/rfc2914) . edu/ bagal99comparative. ECN and TCP Rate Control (1999) (http:/ / citeseer. com/ univercd/ cc/ td/ doc/ product/ lan/ cat4000/ 12_1_19/ config/ qos. com/ site/ cwzhangres/ home/ posts/ recentpublicationsinlow-ratedosattacks [13] RFC 3168 . The applicability of the derived function is independent of the load range. This kept most connections in the slow start mode. Ref (http:/ / ieeexplore. com/ RealtimeMantra/ Networking/ TCP_Congestion_Avoidance. org/ xpl/ freeabs_all. September..Our example with realistic system parameters gives an approximation function of the cubic of the queue size. and Weifeng Chen. cisco. 2010. Congestion Avoidance and Control (http:/ / citeseer. significantly increasing latency. ist. html) (1993). IEEE/ACM Transactions on Networking. html) [9] Sally Floyd. [3] RFC 2001 . com/ univercd/ cc/ td/ doc/ product/ lan/ cat4000/ 12_1_19/ config/ qos. vol. CA. eventhelix. November. ist. ISBN 0-12-370549-5) • RFC 2914 (http://tools. psu. org/ publications/ aqm_iscc2003. ist. Invented Random Early Detection (RED) gateways. Congestion Avoidance. org/ floyd/ red. edu/ lee00tcp. ist-mobydick. cisco. 14. html) (1988). the initial performance can be poor. html) [15] Active Queue Management (http:/ / www. Proceedings of the Sigcomm '88 Symposium. John Nagle. ieee. 1988.lbl. Van Jacobson and Michael J. Sally Floyd. htm#1271743) [16] Enabling Dynamic Buffer Limiting (http:/ / www. pdf) Quote: ".TCP Increasing TCP's Initial Window [6] TCP Congestion Avoidance Explained via a Sequence Diagram (http:/ / www. Zhiping Cai.18(4): pp. August. pp." [11] Changwang Zhang. Older web browsers would create many consecutive short-lived connections to the web server. 6 January 1984 • Introduction to Congestion Avoidance and Control (http://ee. 1988 ."Congestion Control in IP/TCP". vol.pdf).ietf. modern browsers either open multiple connections simultaneously or reuse one connection for all files requested from a particular web server. psu. com/ site/ cwzhangres/ home/ files/ RREDRobustREDAlgorithmtoCounterLow-rateDenial-of-ServiceAttacks. RRED: Robust RED Algorithm to Counter Low-rate Denial-of-Service Attacks (http:/ / sites. Jianping Yin. 127 References [1] TCP Tunnels: Avoiding Congestion Collapse (2000) (http:/ / citeseer. and would open and close the connection for each file requested. edu/ 462978.Congestion Control Principles. google.The Addition of Explicit Congestion Notification (ECN) to IP [14] Comparative study of RED.. edu/ 484335.TCP Slow Start. vol. 2000 • RFC 896 (http://tools. This paper originated many of the congestion avoidance algorithms used in TCP/IP. However... icir. pdf) [7] RFC 2309 .The advantage of this function lies not only in avoiding heavy oscillations but also in avoiding link under-utilization at low loads. jsp?arnumber=5456075) [12] http:/ / sites. Clarence Filsfils (Morgan Kaufmann.Network congestion Short-lived connections The slow-start protocol performs badly for short-lived connections. google. which resulted in poor response time. Karels.TCP Congestion Control [5] RFC 3390 . IEEE Communications Letters. To avoid this problem. ist.397–413.. html) [2] Van Jacobson. Random Early Detection Gateways for Congestion Avoidance (http:/ / citeseer.. 2007. [10] An Analytical RED Function Design Guaranteeing Stable System Behavior (http:/ / www. Michael J. Fast Retransmit. and many connections never get out of the slow-start regime.gov/papers/congavoid.April 1998: Recommendations on Queue Management and Congestion Avoidance in the Internet [8] Sally Floyd: RED (Random Early Detection) Queue Management (http:/ / www. psu.

aciri.google.html) • TFRC Homepage (http://www. August 1999) • Sally Floyd. J.ccs. Fall.neu.edu/talks/workshops/10-22-24.edu/homes/ratul/red-pd/) • A Generic Simple RED Simulator for educational purposes by Mehmet Suzen (http://code. October 1999) (pdf format) • Linktionary term: Queuing (http://www. " Guidelines for optimizing Multi-Level ECN. S.html) • Pierre-Francois Quet.cse. org/floyd/end2end-paper.html) • Explicit Congestion Notification Homepage (http://www.edu/home/ladrian/abstract/aimdfc. and K.net/tcp_histrory. Mukundan Sridharan. using fluid flow based TCP model" (http://www. Arjan Durresi.html) • Sally Floyd.Network congestion 128 Books • "Deploying IP and MPLS QoS for Multiservice Networks: Theory and Practice" by John Evans.org/floyd/red.html) • Random Early Detection Homepage (http://www.com/q/queuing. Hitay Ozbay.Fast recovery&ctype=1) . RFC 896: Congestion control in IP/TCP internetworks (1984) • Floyd. On the Evolution of End-to-end Congestion Control in the Internet: An Idiosyncratic View (http:// www.linktionary.pdf) • Papers in Congestion Control (http://www. S. David Wetherall: RED-PD: RED with Preferential Dropping (http://www.com/p/ guduz/) • Approaches to Congestion Control in Packet Networks (http://utopia.edu/Homepages/shivkuma/research/cong-papers.pdf) (IMA Workshop on Scaling Phenomena in Communication Networks.ecse. ISBN 0-12-370549-5) External links • Nagle. Ratul Mahajan.org/tfrc/) • AIMD-FC Homepage (http://www.99/floyd/floyd. 2007.umn.visualland.cs.html) (IEEE/ACM Transactions on Networking. php?simu=tcp_fast_recovery&protocol=TCP&title=5. washington. Clarence Filsfils (Morgan Kaufmann.wustl.icir.icir.html) • TCP congestion control simulation: Fast recovery (http://www.ima. RFC 2914: Congestion control principles (2000) • Floyd.gr/~emamatas/jie2007. Raj Jain.edu/ ~jain/papers. Sriram Chellappan.icir.org/floyd/ecn. Promoting the Use of End-to-End Congestion Control in the Internet (http://www.rpi.duth.

External links • (http://csrc. R. nist. [2] References [1] Sandhu.F. (Nov/Dec 2007).nist.html) (NIST RBAC web site) • (http://incits. Sandhu. gov/ groups/ SNS/ rbac/ documents/ ferraiolo-kuhn-sandhu-07. . D. R. Kuhn. the standard was adopted and is copyrighted and distributed as INCITS 359-2004 by the International Committee for Information Technology Standards (INCITS). In 2004.F.173. NIST made revisions and proposed a U. "The NIST Model for Role Based Access Control: Toward a Unified Standard" (http:/ / csrc. and Kuhn later published an explanation of the design choices in the model. the standard received ballot approval and was adopted as INCITS 359-2004. Ferraiolo. D. and Youman (1996).S. "RBAC Standard Rationale: comments on a Critique of the ANSI Standard on Role Based Access Control" (http:/ / csrc. Ferraiolo.R. pp.R. doi:10. (July 2000). nist.1109/MSP. Following debate and comment within the RBAC and security communities.org) (INCITS web site) .2007. and Sandhu. and Kuhn [1] and presented at the ACM 5th Workshop on Role Based Access Control.NIST RBAC model 129 NIST RBAC model The NIST RBAC model is a standardized definition of role based access control. D. pdf) (PDF). national standard for RBAC through the INCITS.gov/groups/SNS/rbac/index. 47–63. 5th ACM Workshop Role-Based Access Control. It is managed by INCITS committee CS1. and Kuhn. Ferraiolo. .. integrating the RBAC model published in 1992 by Ferraiolo and Kuhn with the RBAC framework introduced by Sandhu. pdf) (PDF). IEEE Security & Privacy (IEEE Press) 5 (6): 51–53. [2] Ferraiolo. This proposal was published by Sandhu. D. gov/ rbac/ sandhu-ferraiolo-kuhn-00. History In 2000. Although originally developed by the National Institute of Standards and Technology.. NIST called for a unified standard for RBAC. Feinstein. Coyne..

The first product by WildPackets was written for the Mac. was converted into a plug-in and integrated into a new version of the product called EtherPeekNX. NetSense.. In 2001. and linux boxes. It supports a plugin API. These plug-in wizards make it easy and . an expert system for network troubleshooting. the WildPackets' building in Walnut Creek California completely burnt to the ground. History WildPackets. 2002.11 wireless networks. and called EtherPeek.[5] Plug-ins: There are over 40 different plug-in's available for the OmniPeek Platform.. Adapters are also available to aggregate packets from multiple network segments and wireless channels at the same time. was founded in 1990 by Mahboud Zabetian and Tim McCreery. the user is left with a working plugin with entry points for adding application logic. Cisco AP's. as well as other mechanisms to extend and enhance the program. However. there are remote adapters to capture from RMON.wildpackets. which are interpreted text files that can be extended by the user to enhance the display and analysis of existing protocols. Optimized network analysis training courses and instructors were added to WildPackets services. and as a hardware network recorder appliance.com [1] OmniPeek is a packet analyzer software tool from WildPackets Inc. which added support for 802. a dialog appears providing options for different types of functionality that sample code will be generated for. It was a protocol analyzer for ethernet networks. Remote Adapters: Adapters provide a means to capture packets and stats from various sources. Aruba AP's. SFlow. NetFlow. It was later ported to Windows.OmniPeek 130 OmniPeek OmniPeek Developer(s) WildPackets Operating system Windows Type Website Packet analyzer www. In 2003.[3] WildPackets acquired Optimized Engineering Corporation in 2001. AiroPeek was released. When the wizard is complete.[4] Extensibility OmniPeek has API's on the front-end for automation.[6] Plugin Wizards: The Plugin Wizards for both the OmniPeek Console and the OmniEngine are Microsoft Visual Studio Project Templates that generate working plug-ins. These plug-ins range from simple logging extensions to full-blown applications that are hosted by OmniPeek.[2] Acquisitions WildPackets acquired Net3 Group in November 2000. without releasing new versions of the application. Their product. When the wizard is run. Currently. On the morning of July 15. Decoders: The most notable of these are the protospecs and decoder files. It is used for network troubleshooting and protocol analysis. the OmniEngine Distributed Capture Engine was released as software. API's on the back-end for analysis. which was released in 1997. and add knowledge of completely new protocols. Inc. the company survived the fire.

com/ 2008/ 05/ throwin-down-the-decoder-gauntlet. . . . -a0179645388)." (http:/ / www. MyPeek: The MyPeek Community Portal is a website dedicated to the extension of OmniPeek. . [7] "WildPackets Launches MyPeek Community Portal" (http:/ / www. Expands Protocol Analysis Training and Services. com/ article/ articleid/ 95726/ an-open-api-sets-wildpackets-apart. Retrieved 2009-07-23. internetnews. It provides plug-in's. and is uses the peek driver API to capture packets. Retrieved 2009-07-23.Write scripts that process packets Decoder Plugin . com/ coms2/ summary_0286-10587967_ITM).0. [8] "PlaceMap 1. Retrieved 2009-07-23. Business Wire. . html). php/ 1433881).Construct and display web pages from packets IM Plugin . com/ news/ technology/ 575128/ wildpackets_offers_free_google_map_plugin/ index.Send packet an adapter or a capture window PowerBar Plugin .0. . [5] "An Open API Sets WildPackets Apart" (http:/ / windowsitpro. and expertise for those interested in extending OmniPeek themselves. PlaceMap is a notable example of extensibility in that it uses exactly the same Google Map plugin that is also available for the OmniPeek.stream packets from any machine with SSH and tcpdump Cisco Remote Adapter Plugin . .[7] PlaceMap: is a freely available standalone Google Maps Packet sniffer application for Windows that captures network traffic and maps nodes to the Google Map.Save and query packets from a database PeekPlayer Plugin . bizjournals. com/ eastbay/ stories/ 2000/ 11/ 20/ daily2. com/ products/ distributed_network_analysis/ omnipeek_network_analyzer [2] "WildPackets Survives Fire" (http:/ / www. [6] "Throwin' Down The Decoder Gauntlet!" (http:/ / blog.Display instant message screen names and chat WebStats Plugin . cnet. [9] "WildPackets Offers Free Google Map Plug-In" (http:/ / www.OmniPeek quick to develop extensions to OmniPeek. redorbit. wildpackets. Retrieved 2009-07-23.stream packets from Cisco Access Points Aruba Remote Adapter Plugin . Retrieved 2009-07-23. . [3] "WildPackets to buy Net3" (http:/ / eastbay. adapters.Map nodes to a Google Map[9] SQLFilter Plugin . Retrieved 2009-07-23.[8] 131 Example Plugins • • • • • • • • • • • • Google Map Plugin .Collect and report web statistics Remote TCPDump Adapter Plugin . com/ wireless/ article.4" (http:/ / download. Retrieved 2009-07-23. and various levels of support for the different plug-ins posted there. com/ PlaceMap/ 3000-2085_4-10588141. wildpackets. accessmylibrary. 2001-01-31. scripts. tools.stream packets from Aruba Networks Air Monitors References [1] http:/ / www. html). Retrieved 2009-07-23. 2000-11-20.Decode packets WatchMe Plugin . com/ WildPackets+ Launches+ MyPeek+ Community+ Portal. thefreelibrary. html). [4] "WildPackets to Acquire Optimized Engineering Corporation. . html).Display web sites in real-time from URL's Browser Plugin . html).

By Rob Smithers of Miercom (http:// www.1.slac. Improved Packet Reordering Metrics. 18. Tested: WildPackets OmniPeek Enterprise 4.pert. Out-of-order delivery can be caused by packets following multiple paths through a network.net/PERTKB/PacketReordering • http://www-iepm. 22. Robert Smithers. External links • RFC 4737.com/en/US/tech/tk722/tk809/technologies_tech_note09186a008063e5de. Bare.html) • Network World . Robert Tarpley (http://www. Network IT Week.uk/networkitweek/software/2161896/packet-inspector-offers-simple) • Network World. or via parallel processing paths within network equipment that are not designed to ensure that packet ordering is preserved. 2006: LWAPP Decodes Enablement on WildPackets OmniPeek and EtherPeek 3. Shalunov.wildpackets. April 23. A. Jayasumana. by Dave Bailey. One of the functions of TCP is to prevent the out-of-order delivery of data. Rand Dvorak (http://www.edu/monitoring/reorder/ . co. By Anthony Mosco.itweek. Morton. 19 Aug 2006.networkworld. Packet reordering is a common behavior in real-world networks.stanford.com/reviews/2006/091806-voip-test-analysis-wildpackets. 2008: Clear Choice Test VoIP analysis tools.html?nlhttest=ts_031108& nladname=031108producttestal) • Cisco Website. R. T. out-of-order delivery is the delivery of data packets in a different order from which they were sent. L. N.com/reviews/2008/031008-voip-analysis-tools-test.networkworld. Perser. June 2008 • http://kb. A. Piratla. J.com) • Network World. March 10. 2006: Review of WildPackets' OmniPeek.geant.OmniPeek 132 External links • Official website (http://www.0 Software (http://www. shtml) Out-of-order delivery In computer networking.networkworld. 2007: WLAN analyzers: WildPackets' OmniPeek For Windows 4. November 2006 • RFC 5236. G. either by reassembling packets into order or forcing retries of out-of-order packets. html) • IT Week. Mar. Ramachandran. Packet Reordering Metrics. Whitner. By Tom Henderson.com/reviews/2007/042307-wireless-lan-test-omnipeek.cisco. Ciavattone. WildPackets' latest OmniPeek tool makes it easier to inspect traffic and troubleshoot networks. A. Sept.0 (http://www. Banka. S.

headers. Protocol Analyzers can also be hardware based. . On wireless LANs. to capture traffic other than unicast traffic sent to the machine running the sniffer software. these can act as protocol testers. determine the root causes of errors. depending on the network structure (hub or switch). In a communication system based on a layered OSI model. cyclic redundancy check. The captured information is decoded from raw digital form into a human-readable format that permits users of the protocol analyzer to easily review the exchanged information. or as is increasingly more common combined with a disk array. packet aggregation is the process of joining multiple packets together into a single transmission unit. etc. On wired broadcast and wireless LANs. For network monitoring purposes it may also be desirable to monitor all data packets in a LAN by using a network switch with a so-called monitoring port. and analyzes its content according to the appropriate RFC or other specifications. Such testers generate protocol-correct traffic for functional testing. decodes the packet's raw data. however. protocol analyzer or sniffer. showing the values of various fields in the packet. one can capture traffic on all or just parts of the network from a single machine within the network. multicast traffic sent to a multicast group to which that machine is listening. others don't.hn standard.Packet aggregation 133 Packet aggregation In a packet-based communications network. To see those packets.g.) or where the expected packet size is small compared to the maximum amount of information that can be transmitted. if needed. is an example of a protocol that employs packet aggregation to increase efficiency. Packet aggregation is useful in situations where each transmission unit may have significant overhead (preambles. or for particular types of networks. even if the adapter is in promiscuous mode. and broadcast traffic. and may also have the ability to deliberately introduce errors to test for the DUT's ability to deal with error conditions. whose purpose is to mirror all packets passing through all ports of the switch when systems (computers) are connected to a switch port. the network adapter being used to capture the traffic must be put into promiscuous mode. one can capture traffic on a particular channel. the sniffer captures each packet and. These devices record packets (or a slice of the packet) to a disk array. To use a network tap is an even more reliable solution than a monitoring port since taps are less likely to drop packets during high traffic loads. Protocol analyzers vary in their abilities to display data in multiple views.[1] As data streams flow across the network. packets not for the service set for which the adapter is configured will usually be ignored. This allows historical forensic analysis of packets without the user having to recreate any fault.[2] On wireless LANs. which provides a way to create a high-speed (up to 1 Gigabit/s) Local area network using existing home wiring (power lines. etc. either in probe format. automatically detect errors. Packet analyzer A packet analyzer (also known as a network analyzer. Capabilities On wired broadcast LANs. Some protocol analyzers can also generate traffic and thus act as the reference device. packet aggregation may be responsible for joining multiple MSDUs into a single MPDU that can be delivered to the physical layer as a single unit for transmission. phone lines and coaxial cables). there are some methods to avoid traffic narrowing by switches to gain access to traffic from other systems on the network (e. in order to reduce the overhead associated with each transmission. The ITU-T G. an Ethernet sniffer or wireless sniffer) is a computer program or a piece of computer hardware that can intercept and log traffic passing over a digital network or part of a network. ARP spoofing). some sniffers support this. the adapter must be in monitor mode. generate timing diagrams.

Packet analyzer 134 Uses The versatility of packet sniffers means they can be used to: • • • • • • • • • • • • • • • • • • • Analyze network problems Detect network intrusion attempts Detect network misuse by internal and external users Documenting regulatory compliance through logging all perimeter and endpoint traffic Gain information for effecting a network intrusion Isolate exploited systems Monitor WAN bandwidth utilization Monitor network usage (including internal and external users and systems) Monitor data-in-motion Monitor WAN and endpoint security status Gather and report network statistics Filter suspect content from network traffic Serve as primary data source for day-to-day network monitoring and management Spy on other network users and collect sensitive information such as passwords (depending on any content encryption methods which may be in use) Reverse engineer proprietary protocols used over the network Debug client/server communications Debug network protocol implementations Verify adds. • • • • • • • • • • • • • • • • • • • • • Capsa Cain and Abel dSniff Justniffer ettercap Microsoft Network Monitor ngrep Network Grep snoop tcpdump Wireshark (formerly known as Ethereal) Carnivore (FBI) Clarified Analyzer Congruity Inspector Software Fluke Lanmeter NetScout nGenius Infinistream NetScout Sniffer Global Analyzer NetScout Sniffer Portable Professional Analyzer Network Instruments Observer Niksun NetDetector OPNET Technologies ACE Analyst SkyGrabber . Web filter. proxy) Notable packet analyzers For a more comprehensive list. Spam filter. moves and changes Verify internal control system effectiveness (firewalls. access control. see Comparison of packet analyzers.

character echo.org/Computers/Software/Networking/Network_Performance/ Protocol_Analyzers//) at the Open Directory Project • How-to Packet Sniff (http://www.29 defines the DTE-P (packet mode) interface to a PAD.3 parameters are similar in function to present day Telnet options.html) • A Quick Intro to Sniffers (http://www.dmoz. Retrieved 2011-03-13.Use Packet Sniffers. Many commercial PAD products provided completely different enhanced user interfaces.25 addresses.org/nst/tools/wiki-redirect. X. ISBN 978-0735542730. Sometimes. it takes data packets from packet-switching network or host computer and returns them into a character stream that can be sent to the terminals (disassembly). pp.28 defines the DTE-C (asynchronous character mode) interface to a PAD.php) Packet Assembler/Disassembler A packet assembler/disassembler. X. flow control. and manipulating the X. netresec. php?page=Multi-Tap_Network_Packet_Capturing) • How to Deploy a Packet Analyzer under Different Network Environment (http://www. NETRESEC Network Security Blog. this is referred to as a Triple-X PAD. ITU-T (Triple-X PAD) The structure of a PAD is defined by the ITU-T in recommendations X.Packet analyzer • WildPackets OmniPeek (old name AiroPeek. including the commands for making and clearing down connections.e.com/pubs/ sniffing-faq. Law of Internet Security and Privacy. et al. how the PAD encapsulates characters and control information in X.evilfingers. i.com/publications/howto_EN/HowTo .com/i. [2] "Sniffing Tutorial part 1 .25 host.pdf) • The Making of a Professional cTrace Packet Analyzer (http://www. .29.25 packets. due to the three X series recommendations which define it. for a connection to an X. . A PAD also does the reverse.org/web/20050221103207/http://www.net/raw-sockets/ raw-sockets. It collects data from a group of terminals and places the data into X. Connolly (2003). a bit like (but not at all compatible with) Hayes modem commands.3 specifies the parameters for terminal-handling functions such as line speed. abbreviated PAD is a communications device which provides multiple asynchronous terminal connectivity to an X.25 packets (assembly).com/support/ installation.Intercepting Network Traffic" (http:/ / www. The X. The commands were very crude.28.121 14-digit X. EtherPeek) 135 References [1] Kevin J.php?page=security/AQuickIntrotoSniffers) • Multi-Tap Network Packet Capture (http://www.archive.aesclever.pdf) • Packet Sniffing FAQ (http://web.robertgraham. External links • Protocol Analyzers (http://www. com/ ?page=Blog& month=2011-03& post=Sniffing-Tutorial-part-1---Intercepting-Network-Traffic). Connections are established using X. and X. 131. A FRAD (Frame Relay Assembler/Disassembler) is a similar device for accessing Frame Relay networks.irongeek.networksecuritytoolkit. X. 2011-03-11. Aspen Publishers.3 parameters. X.3.html) by Robert Graham • Video Tutorials on Sniffer Programming using Raw Sockets (http://security-freak.com/pages/current/ ProfessionalCPA.25 (packet-switching) network or host computer.colasoft.

uk/ ca/ technology/ networking/ p001. which is another of the Coloured Book protocols. ITP predated Triple-X. Green Book. a very similar protocol which ran over the Yellow Book Transport Service.29 that generally the two will interwork.3 and X.Packet Assembler/Disassembler 136 Green Book PAD One of the UK Coloured Book protocols. the predecessor of PSS). Science and Engineering Research Council (SERC) also used ITP on SERCnet and continued developing ITP after EPSS.25 developed in the 1970s for use with UK GPO's EPSS (Experimental Packet Switching System. and is a completely different protocol. Green Book was developed by (UK) Post Office Telecommunications in the 1970s. de/ produkte/ ta/ taomega [2] http:/ / www. Green Book is sufficiently similar to X. also defines two PAD protocols. tdt. ITP ITP (Interactive Terminal Protocol) was an early PAD protocol for use over X. Although not identical to Triple-X. although it eventually gave way to Triple-X. chilton-computing. Green Book also specifies TS29. Products • Das Multiprotokoll-Talent mit zwei ISDN und vier Benutzerschnittstellen [1] External links • ITP: Protocols in the SERC/NERC Network" [2] References [1] http:/ / www. htm . org.

Complete capture is the unrestricted. they may be flushed away and actual packet contents are no longer available. Complete capture Packet capture has the ability to capture packet data from the data link layer on up (layers 2-7) of the OSI model. and ensure data communications and network usage complies with outlined policy. or stored. but yet have enough data to reveal the essential information required for problem diagnosis. Filtering Packet capture can either capture the entire data stream or capture a filtered portion of stream. after the data has already crossed the network. Many deep packet inspection tools rely on real-time inspection of data as it crosses the network. and avoid legal problems. [2] answering the question “what happened leading up to. If packets are not stored after capture. using known criteria for analysis. it can be analyzed right away or stored and analyzed later. etc. protocol or other distinguishing bits of data in the packet. Headers include information about what is contained in the packet and could be synonymous to an address or other printed information on the outside of an envelope.[1] Partial packet capture can record headers without recording the total content of datagrams. at full network speed. Historical capture and analysis Once data is captured. software tools can perform Deep packet inspection (DPI) to review network packet data. perform forensics analysis to uncover the root cause of network problems. raw capture of all network packets. DPI tools make real-time decisions on what to do with packet data. either in short-term memory or long-term storage. As DPI and analysis tools deliver alerts. Deep packet capture (DPC) is the act of capturing. IP address. Complete capture encompasses every packet that crosses a network segment. regardless of source. Filtered capture Packet capture devices may have the ability to limit capture of packets by protocol. Short-term capture and analysis tools can typically detect threats only when the triggers are known in advance but can act in real-time. unfiltered. diverted. inspect. the historical record can be analyzed to apply context to the alert. With the application of filters. complete network packets (header and payload) crossing a network with a high traffic rate. MAC address. The payload includes the actual content of the packet and therefore synonymous to the contents of the envelope. Some DPCs can be coupled with DPI and can as a result manage. This can reduce storage requirements. and analyze all network traffic in real-time at wire speeds while keeping a historical archive of all network traffic for further analysis. and after. identify security threats. This includes headers and payload. the alert?” . Historical capture and analysis stores all captured packets for further analysis. only complete packets that meet the criteria of the filter (header and payload) are captured.Packet capture 137 Packet capture Packet capture is the act of capturing data packets crossing a computer network. Once captured and stored. perform designated analysis and act on the results.

[3] DPC can capture network traffic accessing certain servers and other systems to verify that the traffic flows belong to authorized employees. When an event happens. or satisfactory security for use in this application. Collection of data from a carrier system without a warrant is illegal due to laws about interception. etc. take corrective action. This could be very helpful in the event of litigation or in the case of a credit card company receiving possibly fraudulent claims of unauthorized purchases on cards whose numbers were not compromised. Identifying data leakage Analyzing historical data flows captured with DPC assists in content monitoring and identifying data leaks and pinpointing their source. . Detecting data loss In the event that an intrusion allowed information (credit card numbers. a system administrator may replay that attack against systems which have been patched to prevent the attack. social security numbers. Lawful intercept Packet capture can be used to fulfill a warrant from a law enforcement agency (LEA) to produce all network traffic generated by an individual. This will help the administrator know whether or not their fix worked. telecommunications carriers can provide the legally required secure and separate access to targeted network traffic and are able to use the same device for internal security purposes.[4] However this technique cannot function as an intrusion prevention system. Verifying security fixes If an exploit or intrusion was monitored via DPC. DPC can capture all packets on important network links continuously. medical records.[7] Network Troubleshooting If an adverse event is detected on a network. an administrator could verify exactly which information was stolen and which information was safe.[9] However DPC appliances may be unable to provide chain of evidence audit logs.) to be stolen.[5] [6] Analysis of DPC data can also reveal what files that have been sent out from the network. its cause or source can be more reliably determined if the administrator has access to complete historical data.[8] This helps reduce the Mean Time To Repair.[3] Using packet capture and storage. a network administrator can then assess the exact circumstances surrounding a performance event. DPC probes can provide lossless capture of target traffic without compromising network performance.Packet capture 138 Use Identifying security breaches Analysis of historical data captured with DPC assists in pinpointing the source of the intrusion. Deep Packet Capture provides a record of all network activities. Internet service providers and VoIP providers in the United States of America must comply with CALEA (Communications Assistance for Law Enforcement Act) regulations. and ensure that the problem will not reoccur.

exactly how many systems were affected. Solera Networks. Net Scout Systems. forensicfocus. NETRESEC Network Security Blog. asp). [4] "Capture Appliances" (http:/ / www. endace. Archived from the original (http:/ / www. htm) on 2008-05-01. . com/ article/ 03/ 07/ 11/ 27TCniksun_1. Retrieved 2007-03-13. netscout.Solera Networks and Bivio Networks announce product interoperability" (http:/ / web. historical data may allow a system administrator to determine. informationweek. Retrieved 2008-04-01. Retrieved 2008-03-15. com/ solutions/ iti_packet_analysis. php). networkworld. net/ news_releases/ 102407-solera. Triggers can be set up to capture certain events or breaches. worm or other problem has been detected on a network. [10] Paul Venezia (2003-07-11). the device can send e-mail notifications and SNMP traps. "Startup Of The Week: NetWitness Is Like TiVo For IT" (http:/ / www. Inc. the historical data allows an administrator to view a specific window of time and determine the cause of the performance issues. . "Getting started with content monitoring" (http:/ / www. "Solera Networks Announces Advanced Deep Packet Inspection and Capture Solution for Full 10Gbps Speeds" (http:/ / www. bivio. com/ news/ showArticle. net/ news_releases/ 102407-solera. Bivio Networks. infoworld. com/ what-we-do/ application-overview) on 2008-03-04. Once a particular attack or signature has been identified. com/ solutions/ top-ten.[11] Benchmarking performance If performance suddenly takes a hit. endace. com/ article/ pressRelease/ idUS169612+ 06-Dec-2007+ BW20071206). com/ ?page=Blog& month=2011-03& post=Sniffing-Tutorial-part-2---Dumping-Network-Traffic-to-Disk) . Archived from the original (http:/ / www. com/ newsletters/ techexec/ 2007/ 0716techexec1. soleranetworks. Infoworld. When an event triggers. bivio. 2011 (http:/ / www. "NetDetector captures intrusions" (http:/ / www. Endace. . reuters. . htm). . netresec. 2008. com/ what-we-do/ application-overview). conclusively. org/ web/ 20080304025423/ http:/ / www. [3] Linda Musthaler (2007-07-16).. [2] (Business Wire) (2007-12-06). jhtml?articleID=204802907). . . Retrieved 2009-08-28.[3] All traffic or a selected segment on any given interface can be captured with a DPC appliance. Retrieved 2008-03-15. 2007-10-07. [5] Tom Bowers (2007-02-05). Retrieved 2008-04-01. html). Retrieved 2008-03-15. com/ columnists/ 2007/ 020507insider. Network World. Retrieved 2008-03-13. "Rewind and replay what happens on your network" (http:/ / www. Network World. Reuters.[10] Packet capturing for forensic investigations can also be performed reliably with free open source tools and systems. [7] Erik Hjelmvik (2008). . html). [8] "Network Troubleshooting" (http:/ / www. html). "Passive Network Security Analysis with NetworkMiner" (http:/ / www. [11] "Sniffing Tutorial part 2 . Information Week. [6] Andrew Conry-Murray (2008-12-15). both in raw packet form or accurately rendered in its original format. 2007. archive. org/ web/ 20080501222529/ http:/ / www. .Dumping Network Traffic to Disk". networkworld. Retrieved 2008-03-15. 2008.Packet capture 139 Forensics Once an intrusion. [9] "Application overview" (http:/ / web. com/ passive-network-security-analysis-networkminer). archive. such as FreeBSD and dumpcap. virus. Retrieved 2008-03-15.[3] References [1] "Press Release . every packet included in that event is available. Forensic Focus. .

Retrieved 5/5/2011. and the host is able to drop packets at will. a packet drop attack or blackhole attack is a type of denial-of-service attack in which a router supposed to relay packets discards them instead. "Malicious packet dropping: how it might impact the TCP performance and how we can detect it" (http:/ / www. if the malicious router begins dropping packets on a specific time period or over every n packets. [2] Al-Shurman. "Black Hole Attack in Mobile Ad Hoc Networks" (http:/ / engsci. [3] References [1] Zhang. By doing this. [3] Wang. .g. the packet drop attack is very hard to detect and prevent. a packet every n packets or every t seconds. The malicious router can also accomplish this attack selectively. "Defending against Collaborative Packet Drop Attacks on MANETs" (http:/ / www. the attack can actually be discovered fairly quickly through common networking tools such as traceroute. However. edu/ srds2009/ dncms2009_submission_Wang. pdf). Also. a host can broadcast that it has the shortest path towards a destination. pdf). al. cse. pdf). (2000). et. buffalo. all traffic will be directed to the host that has been compromised. [2] Also over a Mobile Ad-Hoc Network. hosts are specifically vulnerable to collaborative attacks where multiple hosts will become compromised and deceive the other hosts on the network. when other routers notice that the compromised router is dropping all traffic. This is rather called a gray hole attack. Packet drop attack In computer networking. Retrieved 5/5/2011. it is often harder to detect because some traffic still flows across the network. Weichao. aau. by dropping packets for a particular network destination. org/ 2000/ papers/ 2000-24. .[1] The packet drop attack can be frequently deployed to attack Wireless Ad-Hoc Networks. One cause mentioned in research is through a denial-of-service attack on the router using a known DDoS tool.[1] Because packets are routinely dropped from a lossy network. e.Packet concatenation 140 Packet concatenation Packet concatenation is a computer networking optimization that coalesces multiple packets under a single header. ieee-icnp. dk/ kurser/ ETC/ Wms2/ Papers/ Ad-hocSec/ Sub/ al-shurman. If the malicious router attempts to drop all packets that come in. icmp: 263. or a randomly selected portion of the packets. . Xiaobing. This usually occurs from a router becoming compromised from a number of different causes. Mohammad. at a certain time of the day. they will generally begin to remove that router from their forwarding tables and eventually no traffic will flow to the attack. . Because wireless networks have a much different architecture than that of a typical wired network.

sourceforge. Yakov Tetruashvili Colasoft Windows. Unix Windows/Linux/BSD Windows CLI CLI GUI AnetTest Bit-Twist GPL GPLv2 Packet Builder License [4] Cat Karat packet [3] builder Colasoft Packet [7] [8] [5] Windows GUI Packet Builder License: [6] Freeware BSD GPLv3 GPLv2 GPLv2 free BSD GPLv2 ? ? Jeff Nathan pstavirs Linux Foundation Miha Jemec aka jemcek Pieter Blommaert Philippe BIONDI Mixter ? Windows. sourceforge. Comparison General Information Title Author OS Interface Link [1] [2] License AnetTest Bit-Twist Cat Karat packet builder Colasoft Packet Builder Nemesis Ostinato Pktgen packETH pierf Scapy targa3 Winsock Packet Editor UMPA Anton aka kronos256 ayeowch aka det_re Valery Diomin. This is useful for testing implementations of IP stacks for bugs and security vulnerabilities. net/ [8] http:/ / ostinato. linuxfoundation. php [7] http:/ / nemesis. net/ [2] http:/ / bittwist. com/ packet_builder/ [6] http:/ / www. org/ en/ Net:Pktgen . colasoft. colasoft. net/ [4] Custom: free for personal use [5] http:/ / www. Windows Windows(Cygwin)/Linux Linux/Unix/Windows Linux. com/ download/ products/ download_packet_builder. sourceforge. Unix Windows CLI GUI CLI GUI CLI CLI CLI ? Nemesis Ostinato Pktgen [9] [10] packETH pierf [11] [12] [13] Scapy targa3 Winsock Packet [14] Editor UMPA [15] [4] Adriano Monteiro Marques Daniel Borkmann cxxxap Author Cross-platform (Python) Linux Windows OS ? CLI GUI Interface GPLv2 GPLv2 trafgen xcap Title netsniff-ng xcap [16] License Link [1] http:/ / anettest. Unix Windows/Linux/BSD/MacOSX Linux Linux. Packet generators utilize raw sockets.Packet generator 141 Packet generator A packet generator or packet builder is a type of software that generates random packets or allows the user to construct detailed custom packets. org/ [9] http:/ / www. net/ [3] http:/ / packetbuilder.

Packet generator [10] http:/ / packeth.net/) Scapy (http://www.umitproject.org/) Ostinato (http://ostinato.net/) Bit-Twist (http://bittwist.sourceforge.html) .googlecode.youtube.com/index. sourceforge.secdev. secdev.net/) Cat Karat packet builder (http://packetbuilder.com/watch?v=O_pk5Wr2_8I) Nemesis (http://nemesis. sourceforge. org/ projects/ scapy/ [13] http:/ / packetstormsecurity.sourceforge. weebly.org/en/Net:Pktgen) packETH (http://packeth.com/packet_builder/) Video: Generate Packets to Test Firewall (http://www.linuxfoundation. c [14] http:/ / wpepro.weebly.net/) pierf (http://pierf.com/) Pktgen (http://www. part of the netsniff-ng suite (http://www. net/ [12] http:/ / www.org/projects/scapy/) targa3 (http://packetstormsecurity.packet generator & sender (http://xcap. umitproject.sourceforge.c) UMPA (http://umpa.org) Winsock Packet Editor (http://wpepro.sourceforge.netsniff-ng.net/) trafgen.org/DoS/targa3. org/ [16] http:/ / xcap.net/) Colasoft Packet Builder (http://www.sourceforge.net) xcap . html 142 External links • • • • • • • • • • • • • • • • AnetTest (http://anettest. org/ DoS/ targa3. net/ [15] http:/ / umpa.colasoft. net/ [11] http:/ / pierf. com/ index.

usually by a party not otherwise participating in the said connection. net http:/ / www. Sometimes IP address spoofing is used. packeteditor. file2air. Ostinato [8]. aircrack-ng. External links • PacketEditor [2] • Void11 [3] • Winsock Packet Editor [4] • • • • Nemesis Ostinato [8] Packet Injection using raw sockets [5] aircrack-ng [6] [7] References [1] [2] [3] [4] [5] [6] http:/ / www. html http:/ / www. aircrack-ng. net/ packet-injection/ packet-injection. htm http:/ / wpepro. and libradiate. CommView for WiFi Packet Generator. org/ doku. Other packet-injectors are Nemesis.Packet injection 143 Packet injection Packet injection is a computer networking term which refers to sending a packet on a network into an already established connection. AirJack. This is accomplished by crafting a packet using raw sockets. org/ Contents/ Void11Main. php?id=aireplay-ng& DokuWiki=a96e889dd81ae5677cf2eaa686569563 http:/ / www. com http:/ / wirelessdefence. Software A popular packet injection application for wireless networks is aireplay-ng[1]. pcap. Void11. org . which is part of the aircrack-ng suite. Winsock. security-freak.

via published phone numbers. Packet Switch Stream (PSS) was an X. provided by the British Post Office Telecommunications and then British Telecom starting in 1980.29 PAD (Packet Assembler/Disassembler) service oriented to the then prevalent dumb terminal market place. Companies and individual users could also connect in to the PSS network using a basic non-error correcting RS232/V. for cost reasons.3/X. However most customers. when problems of 10-100ms transmission failures with the PCM Voice based transmission equipment used by the early Kilostream service were resolved. Of particular note was the use of PSS for the first networked Clearing House Automated Payment System (CHAPS). phone lines and coaxial cables). The experimental predecessor network (EPSS) formally closed down on 31 July 1981 after all the existing connections had been moved to PSS.25 interface. Segmentation may be required in many scenarios: • When the data packet is larger than the maximum size supported by the network.hn standard. Some customers connected to the PSS network via the X.24 asynchronous character based interface via an X. This was before privatization and the creation of British Telecommunications plc (BT) in 1984.28/X. is an example of a protocol that employs packet segmentation to increase reliability over noisy media. which provides a way to create a high-speed (up to 1 Gigabit/s) local area network using existing home wiring (power lines.25-based packet-switched network. packet segmentation is the process of dividing a data packet into smaller units for transmission over the network. via a dedicated four-wire telephone circuit using a PSS analog modem and later on. The ITU-T G. packet segmentation may be responsible for splitting one MPDU into multiple physical layer service data units so that reliable transmission (and potential re-transmission via ARQ) of each one can be performed individually. This was a network system . Companies and individual users could connect in to the PSS network using the full X. This process may include automatic repeat-request (ARQ) mechanisms to detect missing segments and to request the source to re-transmit specific segments. The PAD service could be connected to via a dedicated four-wire telephone circuit using a PSS analog modem and later on via a Kilostream digital access circuit. In this early 1980s era installation lead times for suitable 4-wire analog lines could be more than 6 months in the UK. PSS was one of the first telecommunications networks in the UK to be fully liberalized in that customers could connect their own equipment to the network. In a communication system based on a layered OSI model. using an ID/password provided as a subscription service. • When the network is unreliable and it's desirable to divide the information into smaller segments to maximize the probability that each one of them can be delivered correctly to the destination.25 service and bought their own PADs. Protocols that perform packet segmentation at the source usually include a mechanism at the destination to reverse the process and reassemble the original packet from individual segments. via a Kilostream digital access circuit (actually a baseband modem).Packet segmentation 144 Packet segmentation In a data communications networks. chose to dial up via an analog modem over the then UK analog telephony network to their nearest public PAD. The current day analogy of ISP's offering broadband always on and dial up services to the internet applies here. Packet Switch Stream In the United Kingdom. After a period of pre-operational testing with customers (mainly UK Universities and computer manufacturers at this early phase) the service was launched as a commercial service on 20 August 1981. PSS could be used to connect to a variety of online databases and mainframe systems.

Dorset who also sold Telex and Traffic light systems. June 28. Note: in those days 2. At the time of PSS's launch this was in advance of both Telenet's own network and most others that used general purpose mini-computers as packet switches. The highest and lowest speed lines were provided by the Megastream and Kilostream services. Individual users could link into PSS.400 Baud modems were quite rare.000 UKP (in early 1980s monetary value) between the major UK banks and other major financial institutions based in the UK. BT bought Telenet's system via Plessey Controls of Poole. In the words of BT's own history: British Telecom purchased the Tymnet network systems business and its associated applications activities from the McDonnell Douglas Corporation on 19 November (1989) for $355 million. 4800 bit/s. the faster the line the more expensive it cost to rent it. by using a 110. Later on BT used Telematics packet switches for the Vascom network to support the Prestel service and also bought the Tymnet network from McDonneld Douglas. The operating system and the packet switching software was developed by Telenet (later on GTE Telenet). These network management systems were based in London 145 .200 Baud was the usual speed in the 1980s. These connections moved over to PSS and other European networks as commercial X. 9600 bit/s and 48 kbit/s were offered. It is believed BT subsequently exchanged major US elements of the Tymnet business with MCI for other assets when the proposed merger of their two businesses was thwarted by MCI's purchase by WorldCom. Customers would be able to enjoy one-stop-shopping for global data networks. This started in about 1978 before PSS went into operation due to the high demand for affordable access to US based database and other network services. 2M (Mega) Baud and 256K (kilo) Baud respectively. The International Packet Switch Stream (IPSS) is an international X. and EDI*Net. the US market leader in electronic data interchange. The last PSS (node) in the UK was finally switched off Wednesday. 1. the public network business. and a related project Diane to encourage more database and network services to develop in Europe.Packet Switch Stream used to transfer all payments over £10. and a portfolio of products designed for a global market place. on a pay as you go basis. the Card Service processing business. These services were subsequently offered by BT Global Network Services. Its activities included TYMNET.25 links. Network management had been run on a system of 24 Prime 63xx and 48xx computers running a modified versions of Revisions 20 and 22 of the Primos operating system. 300. although 110 and 300 Baud modems were not uncommon. Later on the InterStream gateway between the Telex network and PSS was introduced based on a low speed PAD interface. 2006. A PAD service was provided by IPSS to this market in advance of PSS launch. 1200/75. and developing dedicated or hybrid networks that embraced major trading areas. On analog links 2400 bit/s. Euronet. 1.25 network service launched by the international division of BT to which PSS was linked to other packet switched networks around the world.200 or 2. and subsequently by Concert as part of Concert Global Network Services after the Concert joint venture company was launched on 15 June 1994. Logica (now LogicaCMG) designed the CHAPS system and incorporated an encryption system able to cope with HDLC bit stuffing on X. It replaced a paper based system that operated in the City of London using electrical vehicles similar to milk floats. the OnTyme electronic mail service.400 Baud PSTN modem to connect a Data Terminal Equipment terminal into a local PSS exchange. BT Tymnet anticipated developing an end to end managed network service for multi-national customers. For a brief time the EEC operated a packet switched network. There was a choice of different speeds of PSS lines.25 services launched. plus its associates private and hybrid (mixed public and private) network activities. The network was initially based upon a dedicated modular packet switch using DCC's TP 4000 communication processor hardware.

BT did not capitalise as much as other packet switch operators by subsequent mistakes concerning the internet. 146 . Eventually the UK government decided the SNA joint venture was anti-competitive and vetoed it. Ideas like providing a more user friendly menu based interface. PSS suffered from inconsistent investment during its early years. This rested on running PSS efficiently and cutting the VANS as much as possible. as one concern of regulators was this joint venture might damage work on Open Systems Interconnection. And for a time significant extra expenditure was allowed for BT's data services.25 services and the obvious trend for more demanding bandwidth intensive applications that required investment in more powerful switches a decision to develop BT's own hardware and network applications was made instead. Investments in value added network services (VANS) and BT's own access level packet switching hardware delayed operating profit. Tymnet. called Jove. In the midst of this IBM (the then market leader in computing) and BT attempted to launch a joint venture. However significant on-going expenditure had been committed already to manufacture packet switch hardware and by using the very expensive Tandem computers in existing VANS. etc. While PSS eventually went the way of all X. power. PSS being the major part. Packet switches were installed at major trunk exchanges in most major conurbations in the UK.25 networks and was overwhelmed by the internet and more significantly the internet's superior application suite and cost model. As the added value services.25 host traffic. This in turn dented PSS's low credibility with BT's management still further. than X. McKinsey's startling insight that increasing revenue while cutting costs was required to turn around the business was duly followed by the new management and an operating profit achieved in about 1988. Nor were they adequate for X. But not before PSS management was allowed to commit to large investments that caused serious problems later. Each low end packet switch installed added costs for floor space. added significant costs and headcount while contributed virtually no revenue a change in PSS's management eventually resulted. It was believed that putting a packet switch in every local telephone exchange would allow this and other low bandwidth applications to drive revenue. Operating profit was still not achieved and a further change in management with McKinsey consultant being called in was the result. BT's attitude to packet switching was ambivalent at best. One of the few successful value added applications was the transaction phone used to check credit cards by retailer to validate transactions and prevent fraud. BT's North American operations and the Concert Global Services with ATT. The DNICs used by IPSS and PSS were 2341 and 2342 respectively.Packet Switch Stream and Manchester. Compared to France's Transpac that had a separate commercial company with dedicated management and saw X. without any significant value added revenue benefit resulting. for managed SNA services in the UK. Even in its recent history BT's senior management stated that the Internet was "not fit for purpose". While a decision was eventually made to put some of the basic network services people in senior positions and try to launch what had been developed this proved to be a major mistake.28 was proven obsolete by the advent windows based clients on PCs. The lesson of Tymnet's similar transaction phone that just used a dial up link to a standard PAD based service was not followed. Sometimes not enough and sometimes too much but mostly for the wrong reasons. An exodus of people who were developing the value added network services helped reduce some costs. PSS was then merged with other failing business like Prestel as it became part of a larger Managed Network Services division that was used to fix or close BT's problem businesses. This only made cost control worse and achieving operating profit delayed further.25 packet switching as a core offering BT's then senior management regarded packet switching as a passing phase until the telecommunications nirvana of ISDN's 64 kbit/s for everyone arrived. called Epad. Despite healthy demand for basic X. named PSS Plus collectively.

and are delivered in order. The packets include a connection identifier rather than address information. In case of traffic fees. for example in cellular communication services. even when no data is transferred. Packet mode communication may be utilized with or without intermediate forwarding nodes (packet switches or routers). Packet switching features delivery of variable-bit-rate data streams (sequences of packets) over a shared network. Packet switching contrasts with another principal networking paradigm. Only after BT changed its most senior management who were fixated on circuit switching/ISDN based on System X/Y telephone exchanges and embracing broadband/internet lock stock and barrel has this changed. type. (1) connectionless packet switching. packet switching and other store-and-forward buffering introduces varying latency and throughput in the transmission. first-out buffering. htm Packet switching Packet switching is a digital networking communications method that groups all transmitted data – regardless of content. Now BT appears to be inheriting a dominating position in the Global Network Services market. the packets may be delivered according to some packet-mode multiple access scheme. sometimes resulting in different paths and out-of-order delivery. switches. An emergency rights issue also helped resolve the debt from acquiring second or third ranked old telcos style companies around the world. called packets. As the commodity price of IP services based in their core 21st century MPLS network to carry voice and data finally gives them the real cost efficiencies that packet switching always promised. network resources are managed by statistical multiplexing or dynamic bandwidth allocation in which a communication channel is effectively divided into an arbitrary number of logical variable-bit-rate channels or data streams. In the first case each packet includes complete addressing or routing information. resulting in variable delay and throughput depending on the traffic load in the network. In the second case a connection is defined and preallocated in each involved node during a connection phase before any packet is transferred. 147 External links • Pictures of the BT PSS equipment [1] References [1] http:/ / www. In case of a shared physical medium. Demon and Energis based virtual ISPs in the same sector has only been recovered from recently. Alternatively. or structure – into suitably sized blocks. packets are buffered and queued. based on packet switching. euclideanspace. traffic shaping or for differentiated or guaranteed quality of service. The packets are routed individually. Two major packet switching modes exist. In all packet mode communication. circuit switching. a method which sets up a limited number of dedicated connections of constant bit rate and constant delay between nodes for exclusive use during the communication session. Each logical stream consists of a sequence of packets. also known as datagram switching. and (2) connection-oriented packet switching. com/ coms/ history/ pss/ index.Packet Switch Stream BT's failure to become the major ISP in its own home market unlike every other former PTT and the success of Dixon's Freeserve. When traversing network adapters. circuit switching is characterized by a fee per time unit of connection time. such as weighted fair queuing or leaky bucket. Statistical multiplexing. while packet switching is characterized by a fee per unit of information. the packets may be forwarded according to some scheduling discipline for fair queuing. also known as virtual circuit switching. . See below. routers and other network nodes. as CSC and Reuters sell up their networks to BT. which normally are forwarded by the multiplexers and intermediate network nodes asynchronously using first-in.

delivery of these messages by store and forward switching. bringing the two groups together. In 1966 Davies proposed that a network should be built at the laboratory to serve the needs of NPL and prove the feasibility of packet switching. and UDP.25. Asynchronous Transfer Mode (ATM). Davies had chosen some of the same parameters for his original network design as Baran. The paper focuses on three key ideas: first. after which a person from the Ministry of Defence (MoD) told him about Baran's work. the ARPANET. 2000). he also later played a leading role in building and management of the world's first packet switched network. and TCP. connection oriented packet-switching protocols include X. Davies developed the concept of packet-switched networks and proposed development of a UK wide network. as it only needs to contain the ID and any information (such as length. is available. Frame relay. IP. Connectionless and connection-oriented packet switching The service actually provided to the user by networks using packet switching nodes can be either connectionless (based on datagram messages). Baran developed the concept of message block switching during his research at the RAND Corporation for the US Air Force into survivable communications networks. Interestingly. Multiprotocol Label Switching (MPLS). Leonard Kleinrock conducted early research in queueing theory which would be important in packet switching.C. UK.R. Baran's P-2626 paper described a general architecture for a large-scale. In connection oriented networks.Packet switching 148 History The concept of switching small blocks of data was first explored by Paul Baran in the early 1960s. Roberts and the ARPANET team took the name "packet switching" itself from Davies's work. The packet header can be small. Some connectionless protocols are Ethernet. first presented to the Air Force in the summer of 1961 as [1] [2] in 1962 and then including and expanding somewhat briefing B-265 then published as RAND Paper P-2626 within a series of eleven papers titled On Distributed Communications [3] in 1964. and it helped influence Lawrence Roberts to adopt the technology when Taylor put him in charge of development of the ARPANET. use of a decentralized network with multiple paths between any two points. The first computer network and packet switching network deployed for computer resource sharing was the Octopus Network at the Lawrence Livermore National Laboratory that began connecting four Control Data 6600 computers to several shared storage devices (including an IBM 2321 Data Cell[4] in 1968 and an IBM Photostore[5] in 1970) and to several hundred Teletype Model 33 ASR terminals for time sharing use starting in 1968. as it just requires the node to look up the ID in the table. Donald Davies at the National Physical Laboratory (NPL) in the UK had developed the same ideas (Abbate. In 1965. survivable communications network.[6] In 1973 Vint Cerf and Bob Kahn wrote the specifications for Transmission Control Protocol (TCP). Baran's study made its way to Robert Taylor and J. Independently. Address information is only transferred to each node during a connection set-up phase. timestamp. an internetworking protocol for sharing resources using packet-switching among the nodes. The NPL Data Communications Network entered service in 1970. The signalling protocols used allow the application to specify its requirements and the network to specify what capacity etc. Licklider at the Information Processing Technology Office. such as a packet size of 1024 bits. He gave a talk on the proposal in 1966. and published a book in the related field of digital message switching (without the packets) in 1961. dividing complete user messages into what he called message blocks (later called packets). both wide-area network evangelists. and second. each packet is labeled with a connection ID rather than an address. distributed. A member of Davies' team met Lawrence Roberts at the 1967 ACM Symposium on Operating System Principles. then third. Baran's work was similar to the research performed independently by Donald Davies at the National Physical Laboratory. and acceptable values for service parameters to be negotiated. or sequence number) which is different for different . when the route to the destination is discovered and an entry is added to the switching table in each network node through which the connection passes. Routing a packet is very simple. or virtual circuit switching (also known as connection oriented).

the International Packet Switched Service (IPSS). the original message/data is reassembled in the correct order. Technologies such as Multiprotocol Label Switching (MPLS) and the resource reservation protocol (RSVP) create virtual circuits on top of datagram networks. MPLS. for example as an alternative to circuit mode terminal switching. and port numbers.25 protocol suite. This precludes the need for a dedicated path to help the packet find its way to its destination. also known as virtual circuit switching. as well as ATM. In 1978. Asynchronous Transfer Mode (ATM) also is a virtual circuit technology. For example. also known as the OSI protocol suite.25 is a reliable protocol. and to increase robustness of communication.Packet switching packets. GPRS. Virtual circuits are especially useful in building robust failover mechanisms and allocating bandwidth for delay-sensitive applications. have been called "fast packet" technologies. In connectionless networks.25 and Frame Relay provide connection-oriented packet switching. Each packet is dispatched and may go via different routes. The Internet is implemented by the Internet Protocol Suite using a variety of Link Layer technologies. while X. It is only used for "semi-permanent" connections. X. Modern routers. based on node-to-node automatic repeat request. based on the packet sequence number. Thus a virtual connection. A major difference between X. has been [7] called "ATM without cells". do not require these technologies to be able to forward variable-length packets at multigigabit speeds across the network. MPLS and its predecessors. indeed. and does not provide logical addresses and routing. source address.25 connections also can be established for each communication session. and for automated teller machines.25 protocol is a network layer protocol. potentially. which uses fixed-length cell relay connection oriented packet switching. Frame relay is a further development of X. The X. X.25 vs. however. Frame relay is a data link layer protocol. Ethernet and Frame Relay are common. At the destination. although intermediate network nodes only provides a connectionless network layer service. These virtual circuits carry variable-length packets. Frame Relay packet switching Both X. Frame Relay was used to interconnect LANs or LAN segments. many international traffic across wide area networks.25 and Frame Relay packet switching are that X. The most well-known use of packet switching is the Internet and most local area networks. each packet is labeled with a destination address. but with less information as to the application's requirements. the system has to do as much work for every packet as the connection-oriented system has to do in connection set-up.25 is a notable use of packet switching in that. The simplicity of Frame Relay made it considerably faster and more cost effective than X. mainly in the 1990s by large companies that had a requirement to handle heavy telecommunications [8] :250 Despite the benefits of frame relay packet switching. also known as a virtual circuit or byte stream is provided to the end-user by a transport layer protocol. it may also be labeled with the sequence number of the packet. Newer mobile phone technologies (e. and this information needs to be looked up in power-hungry content-addressable memory. I-mode) also use packet switching.25 packet switching. while Frame Relay is a non-reliable protocol. Datagram packet switching is also called connectionless networking because no connections are established. . and is part of the X. to minimize the transmission latency (the time it takes for data to pass across the network). Any retransmissions must be carried out by higher layer protocols. which is therefore larger. X. it provided virtual circuits to the user. but means that much more information is needed in the packet header.g. despite being based on packet switching methods.25. 149 Packet switching in networks Packet switching is used to optimize the use of the channel capacity available in digital telecommunication networks such as computer networks.25 provided the first international and commercial packet switching network. maximum packet length is 1000 bytes.. It was widely used in switching networks during the 1980s and early 1990s.

org/ pubs/ papers/ P2626/ [3] http:/ / www.html). html). and K. html [4] The IBM 2321 Data Cell Drive (http:/ / www. org/ pubs/ research_memoranda/ RM3420/ index. May 31.packet.). [2] http:/ / www. In the United States.lk. R. computer-history. 1961) Proposal for a Ph. html).25 on slower networks. G. rand. Thesis • Leonard Kleinrock.html) (Fall AFIPS Conference. Retrieved 2009-05-06. August. Cambridge.25 packet switching was used heavily in government and financial networks that use mainframe applications.html) (RAND Corporation Research Documents. Samuel (1970-11-30). New York: McGraw-Hill/Irwin. info/ Page4. A. Many companies did not intend to cross over to Frame Relay packet switching because it is more cost effective to use X.25 was the only technology available.rand.D. Retrieved March 6. (1997. "Paul Baran Invents Packet Switching" (http:/ / www. [7] Interview with the author (of an MPLS-based VPN article) (http:/ / www.ucla.packet. Davies.25 users remaining loyal despite frame-relay hype. com/ cisco/ newsletter/ SL/ interview_08-12-03. M. Volumes I-XI (http://www. (MIT. October 1966) Lawrence Roberts. from ABI/INFORM Global database. jsp?arnumber=1088883). P. 16. Lawrence Livermore Laboratory Computing History [6] Mendicino.org/search/wrapper. The design of a message switching Centre for a digital communication network (IFIP 1968) Larry Roberts and Tom Merrill. X. January). 1964) • Paul Baran. and P.[9] 150 References [1] Stewart. Bartlett. dir/ index. . certificationzone. Retrieved 2008-05-08. Scantlebury. Bartlett. T. T. com/ i/ ii_rand. . dir/ pages/ Photostore. htm).rand.org/publications/RM/RM3420/) (RAND Memorandum RM-3420-PR. Toward a Cooperative Network of Time-Shared Computers (http://www. columbia. J. A. Bill (2000-01-07). In certain parts of the world.Packet switching companies are staying with the X. ca/ PS/ OCTOA/ OCTO.edu/ bibliography-public_reports. 31(4). (Document ID: 10946641). On Distributed Communications: I Introduction to Distributed Communications Network (http:// www. Computerworld. On Distributed Communications. W. A.org/about/history/ baran-list. 1978) • • • • • . (2009). Living Internet. July 1961) • Leonard Kleinrock. Bibliography • Leonard Kleinrock. Information Flow in Large Communication Nets (http://www. Columbia University Computing History [5] The IBM 1360 Photostore (http:/ / www. The Evolution of Packet Switching (http://www. 2009. A.25 standard. edu/ acis/ history/ datacell. G. cc/files/toward-coop-net. Communication Nets: Stochastic Message Flow and Delay (McGraw-Hill. Pildush [8] O’Brien.. 1964) • Paul Baran et al.ieee. K. August 1964) Paul Baran. rogerdmoore.cc/files/ev-packet-sw. Wilkinson.cs. particularly in Asia-Pacific and South America regions. html). html). [9] Girard. livinginternet.html) (Proceedings of the IEEE. K. Wilkinson. A. November. A digital communications network for computers giving rapid response at remote terminals (ACM Symposium on Operating Systems Principles. rand. "Octopus: The Lawrence Radiation Laboratory Network" (http:/ / www. Scantlebury. (IEEE Transactions on Communications Systems. October 1967) R. & Marakas. Management Information Systems (9th ed. X. X. Information Flow in Large Communication Nets (RLE Quarterly Progress Report. March 1964) D. New York. On Distributed Communications Networks (http://ieeexplore.

which is licensed under the GFDL. site reviewed by Baran. Packet telephony Packet telephony is the use of personal computers and a packet data network to produce a voice conversation.com/i/iw_packet. Baran describes his working environment at RAND.org/internet/history/brief. Transforming Computer Technology: Information Processing for the Pentagon. 2000) ISBN 0-262-51115-0 • Arthur Norberg. Roberts.rand. The goal of packet switched fabric in both LAN and WAN. Charles Babbage Institute University of Minnesota. as well as his initial interest in survivable communications. . Inventing the Internet (MIT Press.cbi. • Packet Switching History and Design (http://www. 1962-1982 (Johns Hopkins University. It consists of telephony and data tightly coupled on packet-based switched multimedia networks.shtml) This article was originally based on material from the Free On-line Dictionary of Computing. "On Distributed Communications." Baran discusses his interaction with the group at ARPA who were responsible for the later development of the ARPANET. the vision in to drive voice and data over a single multimedia (packet based N/W) allowing waves to engage in a media rich communication in a natural and straightforward manner. However technology matures and new application proliferate packet technology will appear in broader market. Judy E.org/about/history/baran.umn. The packet and based fabric is capable of supporting future applications such as video streaming and video conferencing. 1996) pp 52–67 • Janet Abbate.isoc. There is a major distinction between Intranet telephony and VoIP. and Kleinrock • Paul Baran and the Origins of the Internet (http://www.html) • A Brief History of the Internet (http://www. and the evolution.edu/oh/display.livinginternet.phtml?id=110). 1996) External links • Oral history interview with Paul Baran (http://www. Where Wizards Stay Up Late (Simon and Schuster. writing and distribution of his eleven-volume work.htm).Packet switching 151 Further reading • Katie Hafner. The transaction to a new paradigm will take years to complete. O'Neill. Minneapolis.

X. type. There are four sources of packet transfer delay: 1. Depends on congestion level of router 3. d = Length of physical link 2. Time to send bits into link = L/R 4.25 and the OSI model. Propagation delay: 1.25 interfaces. called packets. Packet transfer delay is influenced by the level of network congestion and the number of routers along the way of transmission. Check bit errors 2.25 era when many postal. The network over which packets are transmitted is a shared network which routes each packet independently from all others and allocates transmission resources as needed. When traversing network adapters.Packet transfer delay 152 Packet transfer delay Packet transfer delay is a concept in packet switching technology. Transmission delay: 1. In the datagram system the host must detect loss or duplication of packets. the network guarantees sequenced delivery of data to the host. Before the introduction of X. The principal goals of packet switching are to optimize utilization of available link capacity. Early networks ARPANET and SITA HLN became operational in 1969. L=Packet length (bits) 3. about twenty different network technologies were developed. The history of such networks can be divided into three eras: early networks before the introduction of X. This results in a simpler host interface with less functionality than in the datagram model. packets are buffered and queued. s = Propagation speed in medium 3. telephone and telegraph (PTT) companies introduced networks with X. Nodal processing: 1. resulting in variable delay and throughput. Queuing: 1. the X. and the Internet era when restrictions on connection to the Internet were removed. There was a debate about the merits of two drastically different views as to proper division of labor between the hosts and the network. The sum of store-and-forward delay that a packet experiences in each router gives the transfer or queuing delay of that packet across the network. switches and other network nodes. Propagation delay = d/s Packet-switched network A packet-switched network is a digital communications network that groups all transmitted data. Determine output link 2. In the virtual call system.25 is the best . Time waiting at output link for transmission 2. R=Link bandwidth (bit/s) 2. depending on the traffic load in the network. irrespective of content.25 in 1973 [1] . or structure into suitably sized blocks. minimize response times and increase the robustness of communication. Transmission Control Protocol /Internet Protocol (TCP/IP) is the best known example of a host to datagram protocol.

was given the job of turning the business around. BNR later made major contributions to the CCITT X. the centers were computer service bureaus. [2] CYCLADES CYCLADES was an experimental French network. It mixed circuit switching and packet switching. DDX-1 This was an experimental network from Nippon PTT.Packet-switched network known virtual call protocol. TCP/IP. The handling of link control messages (acknowledgements and flow control) was differed from that of most another networks and is not fully explained in the published literature. In some cases custom I/O devices were added to allow inexpensive or exotic attachments to communication lines. a data network based on this voice-phone network was designed to connect GE's four computer sales and service centers (Schenectady. EIN nee COST II European Informatics Network was a project to link several national networks. (Though it has been stated by some that Tymshare copied the GEIS system to create their network. apparently the world's first commercial online service. based on Kemney's work at Dartmouth—which used a computer on loan from GE—could be profitable.) After going international some years later. Tymnet. BNRNET BNRNET was a network which Bell Northern Research developed for internal use. EPSS EPSS (Experimental Packet Switching System) was an experiment of the UK Post Office. Louis Pouzin was the principal designer. The company originally designed a telephone network to serve as its internal (albeit continent-wide) voice telephone network. Phoenix. GEIS created a network data center near Cleveland.) The design was hierarchal with redundant communication links. Warner was right. In 1965. and Phoenix) to facilitate a computer time-sharing service. General Electric was a major international provider of information services. Ferranti supplied the hardware and software. Ohio. Very little has been published about the internal details of their network. a high-level marketing manager. Chicago. 153 ARPANET This is the principal survivor from the early era. They lost money from the beginning.25 project. It became operational in 1976. offering batch processing services. It initially had only one host but was designed to support many hosts. He decided that a time-sharing system. Some ideas from this network were later incorporated into ARPANET. Inexpensive minicomputers were an important component in the early networks. which was an important component of ARPANET2. was chosen for use in NSFNET which eventually became the Internet. (In addition to selling GE computers. [3] [4] GEIS As General Electric Information Services (GEIS). It was succeeded by DDX-2. and Sinback. at the instigation of Warner Sinback. [5] [6] .

Packet-switched network 154 IPSANET IPSANET was a semi-private network constructed by I. RCP influenced the specification of X. It was used to gain experience with packet switching technology before the specification of Transpac was frozen. and it included first Nordic electronic journal Extemplo.25 [12] [13] [14] RETD Red Especial de Transmisión de Datos was a network developed by Compañía Telefónica Nacional de España.25 network. It was a datagram network with a single switching node. Further developments led to Xerox Network Systems (XNS). [15] [16] [17] SCANNET "The experimental packet-switched Nordic telecommunication network SCANNET was implemented in Nordic technical libraries in 70's. The entire suite provided routing and packet delivery. NPL built a single node network to connect sundry hosts at NPL. along with numerous applications. CYCLADES was concerned with host-to-host communication. RCP emphasised terminal to host and terminal to terminal connection. RCP was a virtual-circuit network in contrast to CYCLADES which was based on datagrams. Surrey developed a packet switching network for internal use. it was created by researchers at Xerox PARC in the mid-1970s. It connected sundry hosts at the lab to interactive terminals and various computer peripherals including a bulk storage system. as well as higher level functions such as a reliable byte stream. [8] [9] [10] Philips Research Philips Research Laboratories in Redhill." [18] . TRANSPAC was introduced as an X. It became operational in May 1976. [11] PUP The PARC Universal Packet (PUP or Pup) was one of the two earliest internetwork protocol suites. It became operational in 1972 and thus was the first public network. NPL Donald Davies of the National Physical Laboratory. Libraries were also among first ones in universities to accommodate microcomputers for public use in early 80's. Sharp Associates to serve their time-sharing customers. P. [7] OCTOPUS Octopus was a local network at Lawrence Livermore National Laboratory. RCP RCP was an experimental network created by the French PTT. UK made many important contributions to the theory of packet switching.

As with many non-academic networks very little has been published about it. [19] SNA Systems Network Architecture (SNA) is IBM's proprietary networking architecture created in 1974. Tyme. and government agencies. . It carried interactive traffic and message-switching traffic. (Interesting note: Tymnet was not named after Mr. X. Bolt.25 networks. He had tried to interest AT&T in buying the technology. Their High Level Network became operational in 1969 at about the same time as ARPANET. This allowed construction of a private network. It was founded by former ARPA IPTO director Larry Roberts as a means of making ARPANET technology public. educational institutions. Northern Telecom sold several DATAPAC clones to foreign PTTs including the Deutsche Bundespost. The business consisted of a large public network that supported dial-up users and a private network business that allowed government agencies and large companies (mostly banks and airlines) to build their own dedicated networks. It initially used ARPANET technology but changed the host interface to X.25/X. An IBM customer could acquire hardware and software from IBM and lease private lines from a common carrier.S. Another employee suggested the name. A user or host could call a host on a foreign network by including the DNIC of the remote network as part of the destination address. but the monopoly's reaction was that this was incompatible with their future.25 networks.Packet-switched network 155 SITA HLN SITA is a consortium of airlines. DATAPAC was developed by Bell Northern Research which was a joint venture of Bell Canada (a common carrier) and Northern Telecom (a telecommunications equipment supplier).75 gateways. The private networks were often connected via gateways to the public network to reach locations not on the private network. Users typically connected via dial-up connections or dedicated async connections. Telenet was incorporated in 1973 and started operations in 1975. It was developed from PARC Universal Packet (PUP). Tymnet Tymnet was an international data communications network headquartered in San Jose.) [21] [22] XNS Xerox Network Systems (XNS) was a protocol suite promulgated by Xerox. Tymnet was also connected to dozens of other public networks in the U. as well as higher level functions such as a reliable stream. Telenet designed these protocols and helped standardize them in the CCITT.25 and the terminal interface to X. which provided routing and packet delivery. and internationally via X. It went public in 1979 and was then sold to GTE. Some such as DATAPAC and TRANSPAC were initially implemented with an X. and remote procedure calls. SNA/SDLC.25. Beranack and Newman (BBN) provided the financing.75 and X. [20] Telenet Telenet was the first FCC-licensed public data network in the United States.121 allowed the interconnection of national X.25 external interface. BSC and ASCII interfaces to connect host computers (servers)at thousands of large companies.29. Some older networks such as TELENET and TYMNET were modified to provide a X. CA that utilized virtual call packet switched technology and used X. X.25 era There were two kinds of X.25 host interface in addition to older host connection schemes.

AUSTPAC was Australia's first public packet-switched data network. or. Eirpac is run by Eircom. message switching software was also included. replacing Euronet. . Iberpac is run by Telefonica. by linking a permanent X.25 network (1976). Datanet 1 Datanet 1 was the public switched data network operated by the Dutch PTT Telecom (now known as KPN).25 and X. the name also referred to the public PAD service Telepad (using the DNIC 2049).25 packet switching. financial applications — the Australian Tax Office made use of AUSTPAC — and remote terminal access to academic institutions. supporting applications such as on-line betting.121 DNIC 2041). ConnNet ConnNet was a packet switched data network operated by the Southern New England Telephone Company serving the state of Connecticut. Although this use of the name was incorrect all these services were managed by the same [23] people within one department of KPN contributed to the confusion.25 network operated by Telstra.Packet-switched network 156 AUSTPAC AUSTPAC was an Australian public X. It covered major Canadian cities and was eventually extended to smaller centres. Switched virtual calls were not supported. [24] Iberpac Iberpac is the Spanish public packet switched network. And because the main Videotex service used the network and modified PAD devices as infrastructure the name Datanet 1 was used for these services as well. Datex-P Deutsche Bundespost operated this national network in Germany. providing X.25 node to the network. The technology was acquired from Northern Telecom. Access can be via a dial-up terminal to a PAD. Strictly speaking Datanet 1 only referred to the network and the connected users via leased lines (using the X.25 services. who maintained their connections to AUSTPAC up until the mid-late 1990s in some cases. HIPA-NET Hitachi designed a private network system for sale as a turnkey package to multi-national organizations. It was launched in 1984. Started by Telecom Australia in the early 1980s. Datapac DATAPAC was the first operational X. Eirpac Eirpac is the Irish public switched data network supporting X.28. Messages were buffered at the nodes adjacent to the sending and receiving terminals. but through the use of "logical ports" an originating terminal could have a menu of pre-defined destination terminals. In addition to providing X.

"Some Design Aspects of a public packet switching network" (http:/ / rogerdmoore. IFIP Congress 1974.T. . National LambdaRail National LambdaRail is a high-speed national computer network in the United States that runs over fiber-optic lines. United Kingdom: Noordhoff International Publishing. Jim Metzler (2008). 223–228. "THE BNR NETWORK: A CANADIAN EXPERIENCE WITH PACKET SWITCHING TECHNOLOGY" (http:/ / rogerdmoore. and various InterStream gateways to other services such as Telex.. M. References [1] Taylor. and is the first transcontinental Ethernet network working to establish a direct line of communications between international parties. The X. A. Wilkin. rogerdmoore. ca/ PS/ EPSSB. "EXPERIMENTAL PACKET SWITCHING PROJECT OF THE UK POST OFFICE" (http:/ / rogerdmoore. Raymond L. com/ newsletters/ frame/ 2008/ 0128wan1. C. "A SURVEY OF PRESENT AND PLANNED GENERAL PURPOSE EUROPEAN DATA AND COMPUTER NETWORKS" (http:/ / rogerdmoore. Rober R. ca/ PS/ Kirs1973/ Ki. Internet era When Internet connectivity was made available to anyone who could pay for an ISP subscription. "Vint Cerf on why TCP/IP was so long in coming" (http:/ / www. and run X. It began operation in 1978[25] . Transpac Transpac was the national X. html). . and Pickholtz. The JANET network grew out of the 1970s SRCnet (later called SERCnet) network. 10–14. ca/ PS/ BNR/ BNRnet. British Telecom renamed PSS under its GNS (Global Network Service) name. Researchers have created some experimental networks to complement the existing Internet.Packet-switched network 157 JANET JANET was the UK academic and research network.25 network in France. Proceedings of the 2nd ICCC 74. Michael A. [7] Scantlebury. The development was done by the French PTT and influenced by the experimental RCP network. 199–213. html).25 links at up to 8 Mbit/s in its final phase before being converted to an IP based network. . C. Grushcow. [5] Kirstein. higher education establishments. S. 435–44. Proceedings of the 2nd ICCC 74. . (1973). pp.25 network with a DNIC of 2342. but the PSS name has remained better known. Roy D. (1974).25 network was based mainly on GEC 4000 series switches. Peter T. (1973). It is a research consortium which has created the Abilene Network. P. Steve. pp. Some older technologies such as circuit switching have resurfaced with new names such as fast packet switching. Sussex. Proceedings of the IEEE 60 (11): 1408–23. [3] Bright. html#GEISCO). "Terminal-Oriented Computer-Communication Networks" (http:/ / rogerdmoore. publicly funded research laboratories. ca/ PS/ EPSSFer/ EF. R. pp. [2] Martel. ca/ PS/ NPLPh/ NPL1974A. D J. Sussex. [6] Schwartz. . Mischa. "The National Physical Laboratory Data Communications Network" (http:/ / www. It was developed locally at about the same time as DataPac in Canada. ca/ PS/ TONET/ TON. D (1974). linking all universities. PSS also included public dial-up PAD access. Internet2 Internet2 is not an actual network. [4] Pearson. html). (November 1972). Wilkinson. pp. Proceedings of the NATO Advanced Study Institute on Computer Communication Networks. html). html#GEISCO).. PSS PSS was the UK Post Office (later to become British Telecom) national X. the distinctions between national networks blurred. The user no longer saw network identifiers such as the DNIC. Cunningham and M. . .. html). United Kingdom: Noordhoff International Publishing. Smith. networkworld. J. Proceedings of the NATO Advanced Study Institute on Computer Communication Networks. . Boorstyn.

(1972).Packet-switched network [8] Mendicino.'s PACKET SWITCHING NETWORK.: Prentice-Hall Inc. Proceedings of the NATO Advanced Study Institute on Computer Communication Networks. [16] Cuenca.J. 163–170. Herrera. cfm?id=810357). LA ROY W. 211–16. html). .phrack.group. nl/ extra1/ afstversl/ E/ 354398. R. html). ca/ PS/ CTNEC1. 28.): 95–100. Kato and S.J. R.H.euclideanspace. pp. (1970). ca/ PS/ RCPDEP/ RD. [13] Bache. Proceedings of the SJCC 1971.TUE. Zakon Group LLC (http://www. . 373–396.5.rogerdmoore.. Computer Networks (North-Holland Publishing Company) 1: 341–348.. .3. .org/robert/ internet/timeline/) • 20+ articles on packet switching in the 70s (http://www. H. ca/ PS/ HIPA/ HIA. Sussex. [15] Alarcia. 158 External links • "The Guide to Hacking & Phreaking. Luis (1980).25 Virtual Circuits .R. . D. ca/ PS/ OCTOA/ OCTO. 311–16. (1980). John G. 1991. 39. pp. ca/ PS/ NPLPh/ PhilipsA. dir/ pages/ Octopus. "TYMNET — A terminal oriented communication network" (http:/ / rogerdmoore. L. Proceedings of 5th ICCC 80. G. [25] "X. Sethi. . Connections. Matras (1976). html). Proceedings of ICCC '80. Retrieved 15 June 2011 [24] Tomaru. html). "A Private Packet Network and Its Application in A Worldwide Integrated Communication Network" (http:/ / rogerdmoore. free.D.4.T. [12] Després.zakon. ca/ PS/ RCPHCC/ RH. computer-history. . Chapter 3: page 20 and further.J. Issue #2". Proceedings of ICCC 76. (1976). Proceedings of ICCC 74. html). 05/3/88 (http://www.Transpac in France . the Experimental Packet-Switched Data Transmission Service of the French PTT: History.5. N. Layec. pp.1–28. rogerdmoore. Steneker: Graduation Report on X. A. Long and Y. [23] H. G. . pp.J. "RCP. html). Guillou.25 data services in GSM network (http:/ / alexandria. Control" (http:/ / rogerdmoore. html). "Libraries as key players at the local level" (http:/ / edoc. J. hu-berlin. Samuel F. dir/ index.. 517–22. IEEE. "Principles of Design in the Octopus Computer network" (http:/ / portal. de/ conferences/ eunis2001/ e/ Haarala/ HTML/ haarala-ch2.. fr/ Publications/ X25-TPC. LA ROY W. . PROTOCOLS AND PERFORMANCE OF RETD" (http:/ / rogerdmoore. html?issue=18&id=3#article) • EPSS (http://www. L.. (1975).I. pdf) Electrical Engineering . "C.lt/hacking/icebook2. A. (1973). [10] Fletcher. ""1980 SNA'S First Six Years: 1974-1980"" (http:/ / rogerdmoore. [14] Bache. . html). THE EXPERIMENTAL PACKET-SWITCHED DATA TRANSMISSION SERVICE OF THE FRENCH PTT" (http:/ / rogerdmoore. Robert H'obbes' Zakon.. Y. Konig. the Experimental Packet-Switching Data Transmission Service of the French PTT" (http:/ / rogerdmoore. [18] Haarala. [11] Burnett. 171–85. despres. IEEE TRANSACTIONS ON COMMUNICATIONS COM-29 (4): 392–98. "Fundamental Choices in the Development of RCP. G. . ca/ PS/ TYMNET/ TY. ca/ PS/ SNA6Y/ SNA6. "AN ENGINEERING VIEW OF THE LRL OCTOPUS COMPUTER NETWORK" (http:/ / www.N.M. info/ Page4. Proceedings of 2nd ICCC 74. and Rech. [21] TYMES. "1970 OCTOPUS: THE LAWRENCE RADIATION LABORATORY NETWORK" (http:/ / rogerdmoore. [17] Lavandera. Phrack. S.. Schultz (1980). Proceedings of ICCC 76. COMPUTER NETWORKS (Englewood Cliffs. ca/ PS/ TYMFlow/ TF. ca/ PS/ RCPBAC/ RB. [9] Pehrson. Liquid Jesus (http://textfiles. (1974). "A PUBLIC PACKET SWITCHING DATA COMMUNICATIONS NETWORK: EIGHT YEARS OF OPERATING EXPERIENCE" (http:/ / rogerdmoore. T. pp. pp. [22] TYMES. Manchester and Glasgow. . pp. . . ca/ PS/ SITAB. H. (1974). .. [20] Sundstrom.com/coms/history/epss/index. B. 38. Conference Record of ICC 80.3. org/ citation. html). "The SITA Network" (http:/ / rogerdmoore. Matras. pp. html).htm) Pictures of the EPSS exchanges in London. ITS APPLICATIONS" (http:/ / rogerdmoore. html). ca/ PS/ RETDB. html). W. . acm. United Kingdom: Noordhoff International Publishing. Arja-Riitta. David L. "ARCHITECTURE. . html). tue.4. (APRIL 1981). Yamaguchi (1980).E.J. K.org/issues. . "Routing and Flow Control in TYMNET" (http:/ / www. Conference Record of ICC 80.txt) • "Hobbes' Internet Timeline v8.. 16 May. "RCP.1–39. pp. 578–585. ca/ PS/ CTNEA/ CTA. html). IEEE.ca/PS) • "An Introduction to Packet Switched Networks". [19] Chretien. html).1". html). "Packet Switching at Philips Research Laboratories" (http:/ / rogerdmoore.Pre-Internet Data Networking" (http:/ / remi.

This was a smaller packet size than IP. Larger packets could be fragmented. although the original documents usually use Pup) was one of the two earliest internetwork protocol suites. a packet-switching node is usually configured to support up to thirty-two X. PARC Universal Packet The PARC Universal Packet (commonly abbreviated to PUP. but operating at a lower level. similar to IP's ping. socket fields were part of the full network address in the PUP header. which roughly corresponds to the Internet Protocol (IP) layer in TCP/IP. History The origins of the PUP suite lie in two developments. and receiving data packets. an 8-bit host number. (Technically.) The entire suite provided routing and packet delivery. PUP also included a simple echo protocol at the internetwork layer. the name "PUP" only refers to the internetwork-level protocol. the development of PUP split off because Xerox PARC wished to move ahead with implementation. but it is also applied to the whole protocol suite. in the same events in the early 1970s as the very earliest stage of the development of TCP/IP (see History of the Internet). and the creation of the Ethernet local area network at PARC. However. . if the hosts support them). and the checksum. Also.  This article incorporates public domain material from the General Services Administration document "Federal Standard 1037C" [1] (in support of MIL-STD-188). and for hosts to discover routers. and at least one Terminal Access Controller (TAC). formatting. unlike IP). A full PUP network address consisted of an 8-bit network number. but others are quite different. along with numerous applications. routing. Basic internetwork protocol The main internetwork layer protocol was PUP. individual PUP host pairs on a particular network might use larger packets. The network number had a particular special value which meant 'this network'. some of the protocols in the XNS suite (such as the Internetwork Datagram Protocol) were lightly modified versions of the ones in the PUP suite. as well as higher level functions such as a reliable byte stream. a node that contains data switches and equipment for controlling. A protocol named the Gateway Information Protocol (a remote ancestor of RIP) was used as both the routing protocol. Unlike TCP/IP. an optional 2-byte checksum covered the entire packet. so that upper-layer protocols did not need to implement their own demultiplexing. which requires all hosts to support at least 576 (but supports packets of up to 65K bytes.25 56 kbit/s host connections. and a 16-bit socket number. PUP packets were up to 554 bytes long (including the 20 byte PUP header). Note: In the Defense Data Network (DDN). In the 1980s Xerox used PUP as the base for the Xerox Network Systems (XNS) protocol suite. as many as six 56 kbit/s interswitch trunk (IST) lines to other packet-switching nodes.Packet-switching node 159 Packet-switching node Packet-switching node: In a packet-switching network. The fundamental design of the PUP suite was substantially complete by 1974. for use by hosts which did not (yet) know their network number. reflecting the experience gained with PUP and IP. PUP also supplied packet types (again. transmitting. but no PUP router was required to handle them. it was created by researchers at Xerox PARC in the mid-1970s. for in-house use.

1975) • Jon A. Robert M. Byte Stream Protocol (BSP).g. Pup Specifications (Xerox Parc. It is still in use as an interior routing protocol. Taft. doi:10. copying disk packs. Dealers of Lightning: Xerox PARC and the Dawn of the Computer Age (HarperBusiness. page-level remote access to file servers. Palo Alto. Taft. State Machine for Rendezvous/Termination Protocol (Xerox Parc. Robert M. July. BSP took over and managed the data transfer. July. 1999). Application protocols PUP supported a large number of applications. 1978 and October. which was used to initiate communication between two entities. Taft. 1975) • Edward A. 1975) • Edward A. 1975) • Edward A. Pup Network Constants (Xerox Parc. 291-293 . Like TCP.1094684. New York. were basically the same protocols as used on the ARPANET (much as occurred with the TCP/IP suite). BSP's semantics and operation were in terms of bytes. However. and as the foundation for the later XNS protocols. this was discarded in favour of packets for the equivalent protocol in XNS. Taft. (somewhat modified to match the syntax of addresses of other protocol suites).PARC Universal Packet 160 Transport layer protocols To establish a transport connection. 1979) Further reading • David R. before the arrival of the more modern OSPF and IS-IS. • Michael A. Metcalfe (April. John F. References • Edward A. The Gateway Information Protocol's descendant. Palo Alto. Others were novel. July. etc (although some of these capabilities had been seen before. IEEE Transactions on Communications 28 (4): 612–624. 1980). "Pup: An Internetwork Architecture". Some of them. Naming and Addressing Conventions for Pup (Xerox Parc.1109/TCOM. June. Palo Alto. the ARPANET already made heavy use of remote management for controlling the Interface Message Processors which made it up). RIP. The second was the primary transport layer protocol. the Rendezvous and Termination Protocol (RTP). July. Pup Error Protocol (Xerox Parc. two protocols came into play. Shoch. name lookup. Hupp. such as Telnet and File Transfer Protocol. PUP was very influential. Impact In showing that internetworking ideas were feasible. 1978 and October. in small sites with simple requirements. Edward A. including protocols for printer spooling. Palo Alto. which was analogous to TCP. The first. in being influential in the early work on TCP/IP. Palo Alto. 1978 and October. remote management. pp. Boggs. Hiltzik. Sequenced Packet Protocol.1980. remains in wide use today in other protocol suites. that demonstration would not have been anything like as powerful as it was without all the capabilities that a working internetwork provided. as well as manage and terminate the connection. 1978 and October. Once RTP had started the connection. One version of RIP served as one of the initial so-called interior gateway protocols for the growing Internet. e. Taft. its biggest impact was probably as a key component of the office of the future model first demonstrated at Xerox PARC. Metcalfe.

the server keeps track of where the user's avatar is. game programmers often instead build their own latency detection into existing game packets (usually based on the UDP protocol). which is often more costly than the time it takes an electrical signal to traverse a typical span of cable. and either the game server or another client (i. In these games. a high ping causes lag. For instance. Internet connection speed. Hacking If a hacker applies a Denial-of-Service Attack on a game server. if someone is in India. Many game servers are not big enough to handle Denial of Service Attacks. Servers will often disconnect a client if the ping is too high and it poses a detriment to others' gameplay. the quality of a user's Internet service provider and the configuration of firewalls.e. users with a high ping unintentionally gain an unfair advantage. For instance. playing on a server located in the United States. making it hard to judge where the character is exactly. Rather than using the traditional ICMP echo request and reply packets to determine ping times. For this reason. it may make players' ping considerably higher. client software will often mandate disconnection if the ping is too high. Ping is also affected by geographical location. Similarly. or qualitatively as low ping or high ping. Cheating In some games. and therefore it takes longer for data to be transmitted. ping refers to the network latency between a player's computer (client). so having a high latency will usually be to the user's peril. as in some implementations of the Quake III Arena network protocol and game engine. The latter usage is common among players of first-person shooter and real-time strategy games. However.Ping (video gaming) 161 Ping (video gaming) In multiplayer online video games.with thresholds as low as 130 milliseconds. In more modern multiplayer online video games implementations. rather. the distance between the two is greater than it would be for players located within the US. . the player aided by the higher ping skips around. very miserable. peer). and autokicking players more. making the player's gaming experience. One may "lag out" due to unacceptably high ping. Ping is often conflated with lag. many servers automatically remove players with higher than average ping . who does not crash. A high ping is not the result of lag. making the server liable to crash. the amount of packet-switching and network hardware in between the two computers is often more significant. This could be reported quantitatively as an average time in milliseconds. wireless network interface cards must modulate digital signals into radio signals. Some factors that might affect ping include: network protocol engineering. and thus more elusive to target. Having a low ping is always desirable because lower latency provides smoother gameplay by allowing faster updates of game data.

a code to identify the type of data in the packet and error-checking information. it might add a port number to identify the application. a unit of data which is specified in a protocol of a given layer and which consists of protocol-control information and possibly user data of that layer. the term protocol data unit (PDU) has the following meanings: 1. organizing the ones and zeros into chunks of data and getting them safely to the right place on the wire is done by the data link layer. decodes the data to extract the original service data unit. The features or services of the network are implemented in distinct "layers". fiber. Information that is delivered as a unit among peer entities of a network and that may contain control information. PDU is sometimes used as a synonym for its representation at that layer. When the PDU passes over the interface from the layer that constructed it to the layer that merely delivers it (and therefore does not understand its internal structure). 4. For example. In a layered system. The addition of addressing and control information (which is called encapsulation) to an SDU to form a PDU and the passing of that PDU to the next lower layer as an SDU repeats until the lowest layer is reached and the data passes over some medium as a physical signal. plus the original service data unit from the higher layer.Protocol data unit 162 Protocol data unit In telecommunications. or "peer". TCP segment) (Layer 5 and above are referred to as data. All this additional information. the PDU is passed to the peer using services of the next lower layer in the protocol "stack". Between the layers (and between the application and the top-most layer). the protocol layer will add to the SDU certain data it needs to perform its function. . For example. or data. it becomes a service data unit to that layer. etc. it treats it as payload. The matching layer. is done by the physical layer. etc. address information.g. 2. The Layer 1 (Physical Layer) PDU is the bit The Layer 2 (Data Link Layer) PDU is the frame The Layer 3 (Network Layer) PDU is the packet The Layer 4 (Transport Layer) PDU is the segment (e. In order to do this. For example: Bridge PDU or iSCSI PDU[1] PDUs are relevant in relation to each of the first 4 layers of the OSI model as follows: 1. Packet-switched data networks In the context of packet-switched data networks. Unless we have already arrived at the lowest (physical) layer. The significance of this is that the PDU is the structured information that is passed to a matching protocol layer further along on the data's journey that allows the layer to deliver its intended function or service. a network address to help with routing. a protocol data unit (PDU) is best understood in relation to a service data unit (SDU). 3. constitutes the protocol data unit at this layer. undertaking to get it to the same interface at the destination. the layers pass service data units across the interfaces. 2. passing data chunks over multiple connected networks is done by the network layer and delivery of the data to the right software application at the destination is done by the transport layer. The application or higher layer understands the structure of the data in the SDU. decide if it is error-free and where to send it next.) Given a context pertaining to a specific layer. but the lower layer at the interface does not. sending ones and zeros across a wire.

until it is combined with other bags in a crate. gov/ fs-1037/ fs-1037c.iso FAQ (http://www. and the crate is labelled with the region to which all the bags are to be sent.protocols. emerges. the top-level SDU.de/faq/archiv/osi-protocols/msg00000. bldrdoc. making it now an SDU. the letter itself. making the crate a PDU. External links • comp. When the crate reaches the destination matching its label.html) (search for "PDU") . The mail bag is labelled with the destination post code and so becomes a PDU. The sending post office might look only at the post code and place the letter in a mail bag so that the address on the envelope can no longer MAC layer PDU becomes physical layer SDU be seen. The letters themselves are SDUs when the bags are opened but become PDUs when the address is read for final delivery.uni-giessen. when it is now an SDU. its. When the addressee finally opens the envelope. it is opened and the bags (SDUs) removed only to become PDUs when someone reads the code of the destination post office. 163 References [1] This article incorporates public domain material from the General Services Administration document "Federal Standard 1037C" (http:/ / www.Protocol data unit The above process can be likened to the mail system in which a letter (SDU) is placed in an envelope on which is written an address (addressing and control information) making it a PDU. htm).

[1] A Robust RED (RRED) algorithm was proposed to improve the TCP throughput against LDoS attacks. Whilst there are several technologies that are superficially similar to the PSDN. RRED algorithm can significantly improve the performance of TCP under Low-rate Denial of Service attacks. Robust random early detection The existing Random Early Detection (RED) algorithm and its variants are found vulnerable to emerging attacks. ISDN utilizes the PSTN circuit-switched network. This is the basic idea of the detection algorithm of Robust RED (RRED). T* is a short time period. a packet is suspected to be an attacking packet if it is sent within a short-range after a packet is dropped. The basic idea behind the RRED is to detect and filter out LDoS attack packets from incoming flows before they feed to the RED algorithm. Consequently.arrivaltime is within [Tmax. Originally this term referred only to Packet Switch Stream (PSS).T1 is the arrival time of the last packet from flow f that is dropped by the detection and filter block. and DSL uses point-to-point circuit switching communications overlaid on the PSTN local loop (copper wires).T1. How to distinguish an attacking packet from normal TCP packets is critical in the RRED design.g.25-based packet-switched network.[1] The Design of Robust RED (RRED) A detection and filter block is added in front of a regular RED block on a router. T2) 03 if pkt. such as Integrated Services Digital Network (ISDN) and the Digital Subscriber Line (DSL) technologies. RRED-ENQUE(pkt) 01 f←RRED-FLOWHASH(pkt) 02 Tmax←MAX(Flow[f]. T2 is the arrival time of the last packet from any flow that is dropped by the Random Early Detection block. mostly used to provide leased-line connections between local area networks and the Internet using permanent virtual circuits (PVCs). distinct from the PSTN. a packet is dropped). T2). but also to Internet Protocol (IP). both providing PVCs. an X. Tmax = max(f. usually utilized for access to a packet-switched broadband IP network. Tmax+T*] then 04 reduce local indicator by 1 for each bin corresponding to f 05 else . the term may refer not only to Frame Relay and Asynchronous Transfer Mode (ATM).. More Details [4] The Algorithm of the Robust RED (RRED) f. the sender will delay sending new packets if loss is detected (e. they are not examples of it. Today. especially the Low-rate Denial-of-Service [4] (LDoS) attacks. which is empirically choose to be 10ms in a default RRED algorithm. and other packet-switching techniques. The basic idea behind the RRED is to detect and filter out attack packets before a normal RED algorithm is applied to incoming flows.T1. GPRS. Experiments have confirmed that the existing RED-like algorithms are notably vulnerable under LDoS attacks due to the oscillating TCP queue size caused by the attacks. Within a benign TCP flow.Public switched data network 164 Public switched data network A public switched data network (PSDN) is a publicly-available packet-switched network.

). IEEE Communications Letters. com/ site/ cwzhangres/ home/ posts/ recentpublicationsinrandomearlydetectionredschemes . org/ xpl/ freeabs_all. RRED.I←maximum of local indicators from bins of f if Flow[f]. 2010. Zhiping Cai. com/ site/ cwzhangres/ home/ files/ RREDRobustREDAlgorithmtoCounterLow-rateDenial-of-ServiceAttacks. It automatically calculate and record the average throughput of normal TCP flows before and after DoS attacks to facilitate the analysis of the impact of DoS attacks on normal TCP flows and AQM algorithms. 14. RRED: Robust RED Algorithm to Counter Low-rate Denial-of-Service Attacks (http:/ / sites.) and Active Queue Management (AQM) algorithms (RED. etc. pdf?attredirects=0). etc. Low-rate DoS. vol. The AQM&DoS Simulation Platform [3] is able to simulate a variety of DoS attacks (Distributed DoS. pp.T1←pkt. Jianping Yin.Robust random early detection 06 07 08 09 10 11 12 13 14 15 increase local indicator by 1 for each bin of f Flow[f]. google.arrivaltime drop(pkt) return 165 More Details [4] The Simulation code of the Robust RED (RRED) The simulation code of the RRED algorithm is published as an Active Queue Management and Denial-of-Service (AQM&DoS) Simulation Platform. SFB.More Details [3] Related Publications Recent Publications in Low-rate Denial-of-Service (LDoS) attacks [12] Recent Publications in Random Early Detection (RED) schemes [2] Recent Publications in Active Queue Management (AQM) schemes [1] References [1] Changwang Zhang. ieee.arrivaltime else Flow[f]. Ref (http:/ / ieeexplore. Spoofing DoS. jsp?arnumber=5456075) [2] http:/ / sites. 489-491. google.I >=0 then RED-ENQUE(pkt) //pass pkt to the RED block if RED drops pkt then T2←pkt. and Weifeng Chen.

Microsoft silently limited Winsock's raw socket support in a non-removable hotfix and offered no further support or workarounds for applications that used them. especially those based on Berkeley sockets.msdn.aspx) an indication of what's actually allowed on Windows. module for Perl applications.cpan.Michael Howard's Web Log (http://blogs. bypassing all encapsulation in the networking software of the operating system.org/papers/ sock_raw) .pm) Created by Sergey Kolychev (http://www. a raw socket is a socket that allows direct sending and receiving of network packets by applications. Windows XP When Microsoft released Windows XP in 2001 with raw socket support implemented in the Winsock interface. as opposed to standard sockets which receive just the packet payload without headers.al.html) • Net::RawIP. org/ nmap-hackers/ 2005/ 4) External links • Video Tutorials on Programming with Raw Sockets (http://security-freak.ua/~ksv/).org/~skolychev/Net-RawIP-0.lg. Three years after the Windows XP release.com/ michael_howard/archive/2004/08/12/213611.1/RawIP. (http://search. Most socket application programming interfaces (APIs).net/raw-sockets/raw-sockets. support raw sockets.[1] References [1] Microsoft Tightens the Noose on Raw Sockets (http:/ / seclists. the automatic addition of a header may be a configurable option of the socket.ic. Usually raw sockets receive packets inclusive of the header. • Network Programming for Microsoft Windows (ISBN 0-7356-1579-9) • A little more info on raw sockets and Windows XP SP2 . • SOCK_RAW Demystified: article describing inner workings of Raw Sockets (http://sock-raw. When transmitting packets. the media criticized Microsoft asserting that raw sockets are only of use to hackers to perform TCP reset attacks.Raw socket 166 Raw socket In computer networking.

php?id=33 [2] http:/ / blog. com/ 2009/ 01/ network-forensics. As more companies save large quantities of network traffic to disk. The packet database can also be used to build multi-tier data mining and network forensics systems. wildpackets. The preamble of an Ethernet frame consists of a 56-bit (7-byte) pattern of alternating 1 and 0 bits. it also loads the resulting packets directly into OmniPeek or EtherPeek. and signal the start of the actual frame. tools like the WildPackets SQLFilter make it possible to search through packet data more efficiently. and time to fix. which allows devices on the network to easily detect a new incoming frame. com/ view_submission. The matching packets are loaded directly into OmniPeek and analyzed. The packets can then be searched using SQL queries. References [1] https:/ / mypeek. This cuts out many of the steps usually involved in this process and dramatically shortens time to knowledge. For a more indepth discussion of the SQLFilter read Packet Data Mining and Network Forensics [2] . It has the value 10101011. The SFD is designed to break this pattern. Not only does the SQLFilter allow users to search for packets across thousands of trace files. wildpackets.SQLFilter 167 SQLFilter SQLFilter [1] is a plugin for OmniPeek that indexes packets and trace files into an SQLite database. The SFD is immediately followed by the destination MAC address. html Start Frame Delimiter The Start Frame Delimiter (SFD) is the 8-bit (1-byte) value marking the end of the preamble of an Ethernet frame. For network trouble shooters. this revolutionizes the job of finding packets. .

called the statistical multiplexing gain. When performed correctly. Statistical multiplexing schemes do not control user data transmissions. Statistical multiplexing normally implies "on-demand" service rather than one that preallocates resources for each data stream. Comparison with static TDM Time domain statistical multiplexing (packet mode communication) is similar to time-division multiplexing (TDM). or (in the case of datagram communication) complete destination address information. The packets may have varying lengths. Statistical multiplexing ensures that slots will not be wasted (whereas TDM can waste slots). Alternatively. for example a wireless channel. each packet or frame contains a channel/data stream identification number. Statistical multiplexing allows the bandwidth to be divided arbitrarily among a variable number of channels (while the number of channels and the channel data rate are fixed in TDM). Static TDM and other circuit switching is carried out at the physical layer in the OSI model and TCP/IP model. audio and data streams of different data rates to be transmitted over a bandwidth-limited channel (see #Statistical multiplexer). Usage Examples of statistical multiplexing are: • The MPEG transport stream for digital TV transmission. except that. where data streams from several application processes are multiplexed together. the packets may be delivered according to some scheduling discipline for fair queuing or differentiated and/or guaranteed quality of service. very similar to dynamic bandwidth allocation (DBA).Statistical time division multiplexing 168 Statistical time division multiplexing Statistical multiplexing is a type of communication link sharing. This is an alternative to creating a fixed sharing of a link. The channel number is denoted Program ID (PID). In statistical multiplexing. while statistical multiplexing is carried out at the data link layer and above. and experience varying delay (while the delay is fixed in TDM). The transmission capacity of the link will be shared by only those users who have packets. • The UDP and TCP protocols. rather than assigning a data stream to the same recurrent time slot in every TDM frame. statistical multiplexing can provide a link utilization improvement. Statistical multiplexing is used to allow several video. The link sharing is adapted to the instantaneous traffic demands of the data streams that are transferred over each channel. Each stream is divided into packets that normally are delivered asynchronously in a first-come first-serve fashion. a communication channel is divided into an arbitrary number of variable bit-rate digital channels or data streams. Statistical multiplexing is facilitated through packet mode or packet oriented communication. such as in general time division multiplexing (TDM) and frequency division multiplexing (FDM). is also facilitated through the following schemes: • Random frequency-hopping orthogonal frequency division multiple access (RFH-OFDMA) • Code-division multiple access (CDMA). where different amount of spreading codes or spreading factors can be assigned to different users. Channel identification In statistical multiplexing. The port numbers constitute channel identification numbers (and also . which amongst others is utilized in packet switched computer networks. each data stream is assigned time slots (of fixed length) or data frames (of variable lengths) that often appear to be scheduled in a randomized order. The packets have constant lengths. Statistical multiplexing of an analog channel.

Statistical time division multiplexing address information). HDLC uses bit stuffing or "octet stuffing". For example.in effect. The bisync protocol of the 1960s used a minimum of two ASCII "SYN" characters (0x16…0x16) to achieve character synchronization in an undifferentiated bit stream. using the X. then other special characters to synchronize to the beginning of a frame of characters. For example. 169 Statistical multiplexer In for example digital audio and video broadcasting. The international collection of X. and the channel number is denoted Virtual Connection Identifier (VCI).25 and Frame relay packet-switching protocols. without the overhead of an explicit syncword.25 providers. the FSK441 protocol achieves character synchronization by synchronizing on any "space" characters in the message -. com/ dvb-t/ slovenia/ multiplex-a-usage-chart Syncword In computer networks. a syncword. where the packets have varying lengths. This bandwidth sharing technique produces the best video quality at the lowest possible aggregate bandwidth. where the packets have fixed length. Alternatives In some communication systems.25 protocol suite was colloquially known as "the Packet switched network" in the 1980s and into the beginning of the 1990s. Examples For example an audio receiver is receiving a bit stream of data. External links • Example of Statistical Multiplexing [1] (Chart from a real DVB-T multiplex) References [1] http:/ / igorfuna. • The X. For example. while other systems use ASCII armor. • The Asynchronous Transfer Mode packet-switched protocol.[1] [2] Various techniques are used to "disguise" bytes of data at the data link layer that might otherwise be (incorrectly) recognized as the sync word. a statistical multiplexer is a content aggregating device that allows broadcasters to provide the greatest number of audio or video services for a given bandwidth by sharing a pool of fixed bandwidth among multiple services or streams of varying bitrates. every "space" character in the message does double duty as a syncword. CRC-based framing achieves character and start-of-header synchronization. a receiver can achieve character synchronization from an undifferentiated bit stream. The multiplexer allocates to each service the bandwidth required for its real-time needs so that services with complex scenes receive more bandwidth than services with less complex ones. An example of a syncword is 0x0B77 for an AC-3 encoded stream. or start-of-header synchronization from a byte stream. The channel identification number consists of a Virtual Connection Identifier (VCI) and a Virtual Path Identifier (VPI). . sync character or preamble is used to synchronize a transmission by indicating the end of header information and the start of data.

. called "protocols". the tampering is malicious. they are sent over TCP connections for convenience. When used as designed this can be a useful tool. Connectivity Knowledge Platform. and discard any further packets it receives with headers indicating they belong to that connection. or packets of data. Using a TCP connection gives the computers an easy way to exchange data items too big for a single packet. Computer A has no context for these packets and no way of knowing what to do with them. This system includes hardware to carry the messages. Freer (1996). 2011. References [1] "BiSync. Each of these headers contains a bit known as the "reset" (RST) flag. In most packets this bit is set to 0 and has no effect.computer B. it will then receive packets from the old pre-crash connection. BSC" (http:/ / ckp. The computer on the other end (computer B) will continue to send TCP packets since it does not know computer A has crashed. other times. Computer communications and networks (http:/ / books. Technical Background The Internet is. a system for individual computers to exchange electronic messages. One common application is the scenario where a computer (we'll call it computer A) crashes while a TCP connection is in progress. "spoofed TCP reset packets" or "TCP reset attacks". The basic protocol used on the Internet is the IP protocol. com/ bisync. It is used for both frame synchronization such as for Ethernet frames. which computer should receive it. such as copper and fiber optics cables. 170 Preamble In digital communication.Syncword In a self-synchronizing code. every character is. or music files. 12. Sometimes. and can be used to achieve character synchronization in an undifferentiated bit stream. Taylor & Francis. so it might send a TCP reset to the sender of the packets . Made IT. such as video clips. TCP (as opposed to other protocols such as UDP) is used with IP when a virtual connection is required between two computers. [2] John R. . google. and a formalized system for formatting the messages.It should not send any more packets using the connections identifying numbers (called ports). TCP resets The stream of packets in a TCP connection each contains a TCP header.). included near the front of each packet. html). TCP/IP is the protocol set used for email and web browsing. Headers contain information about which computer sent the packet. TCP reset attack TCP reset attack. This reset lets . com/ books?id=ye4DwILZhq0C& pg=PA12) (2nd ed. made-it. These terms refer to a method of tampering with Internet communications. however if this bit is set to 1 it indicates to the receiving computer that the computer should immediately stop using the TCP connection . TCP software on the two machines which will communicate (for example a workstation with a browser and a web server) by exchanging a stream of packets. the packet size. Retrieved July 5. a syncword. Although some web pages are small enough for a single packet. email attachments. p. ISBN 9781857283792. called a header. as well as channel estimation. Each protocol has a block of information.. which is usually coupled with additional protocols such as TCP (Transmission Control Protocol[1] ) or UDP (User Datagram Protocol). preamble is a sequence of known bits are sent in each frame. also known as "forged TCP resets". in essence. in effect. When computer A reboots. it is beneficial. A TCP reset basically kills a TCP connection instantly. etc.

org/ archive-1-1429. Are forgeries good or bad? One obvious application of forged TCP reset is to maliciously disrupt TCP connections without the consent of the two parties which own the endpoints . interesting-people.[6] In 2008 the NNSquad released the NNSquad Network Measurement Agent. The term "forged" Some representatives of ISPs dislike the use of the term "forged" when referring to these TCP resets.From Dave Faber's IP list .TCP reset attack computer B know that the connection is no longer working. They have also argued that these resets are a legitimate way to reduce network traffic. org/ pipermail/ netfilter/ 2000-May/ 003971. Vint Cerf. msnbc. network security systems using forged TCP resets have been designed as well. html) [4] Section of Wikipedia Comcast article [5] Associated Press. org/ archives/ interesting-people/ 200805/ msg00163. ietf.[7] References [1] TCP specification (http:/ / www. The user on computer B can now try another connection or take other action.more on this below. falsely. a Windows software program written by John Bartas. and then send a "forged" packet containing a TCP reset to one or both endpoints. Comcast Blocks Some Internet Traffic (http:/ / www. This started a controversy. netfilter. A prototype "Buster" software package was demonstrated in 1995 that would send forged resets to any TCP connection which used port numbers in a short list.[3] Comcast Controversy By late 2007 Comcast began using forged TCP resets to cripple peer-to-peer and certain groupware applications on their customers computers [4] [5] . In January 2008 the FCC announced it would investigate Comcast's use of forged resets. not the forger. 2008 it ordered Comcast to terminate the practice. which could detect Comcast's forged TCP resets and distinguish them from real endpoint-generated resets. which was followed by the creation of the Network Neutrality Squad (NNSquad) by Lauren Weinstein. txt) [2] May 2000 Linux discussion archives (http:/ / lists. David Farber. The headers in the forged packet must indicate. It's possible for a 3rd computer to monitor the TCP packets on the connection. snort. Properly formatted forged TCP resets can be a very effective way to disrupt any TCP connection the forger can monitor. 171 Forging TCP resets In the scenario above the TCP reset bit was sent by a computer which was one of the connection endpoints. Ironically the technology to detect the resets was developed from the earlier Open-source "Buster" software which used forged resets to block malware and ads in web pages. html) . html) [3] SNORT discussion archive re: TCP resets (http:/ / www. Linux volunteers proposed doing something similar with Linux firewalls in 2000 [2] . This information includes the endpoint IP addresses and port numbers. org/ ) [7] Article on validity of resets as management tool (http:/ / www. that it came from an endpoint. msn. Craig Newmark and other well-known founders of and champions of openness on the Internet. However. com/ id/ 21376597/ ) [6] NNSquad home page (http:/ / www. nnsquad. org/ rfc/ rfc0793. Every field in the IP and TCP headers must be set to a convincing forged value for the fake reset to trick the endpoint into closing the TCP connection. and the open source Snort used TCP resets to disrupt suspicious connections as early as 2003. and on August 21.

to simulate real-world network conditions such as packet storms • Packets at any layer or sublayer (as those terms are used in. for example.TCP reset attack 172 External links • SNORT Official website (http://www. These "virtual packets" allow heterogeneous networks to talk to each other using a common protocol. uk/ academic/ networks/ network-layer/ ip/ index.org/) • EFF report on Comcast use of resets (http://www. dcs. virtual packet may refer to: • Packets created by a packet generator. ac.org/wp/packet-forgery-isps-report-comcast-affair) Virtual packet In computer networking.eff. the OSI model) above the most basic packets or frames used in a network. bbk.snort. part of a course on computer networking hosted by the University of London . php).[1] References [1] Internet Protocol (IP) (http:/ / penguin.

A Man In Black. Mezzaluna. Alansohn. Muhgcee. Cybercobra. Stepheng3. Pmitrevs. Zidoc. Kuru. Tri400. Hellion 468. Jni. Charlemagne11.php?oldid=448514851  Contributors: 007007wiki. Frosted14. Tqbf. Jbromhead. Djeikyb. Papajohnin. Jcraft50. 82 anonymous edits Check Point  Source: http://en. Everyking. Aldie. Yngvarr. Chrisn4255. Martin451. Teraknor. ChrisRuvolo. Elphion. Brian2wood.php?oldid=444219406  Contributors: Agurwitz. John Hyams. Mgurunathan. BalkanFever. Kgrr. Aavindraa. Scnash. Apankrat. Sophus Bie. N328KF. Yaronf. Papa9090. JonHarder. Tycoon24. DMCer. Dinu. Tachitsuteto. JonHarder. Plasticup. Seevinayin. Cotisocetinoiu. 1exec1. Cipher 107. Andy Marchbanks. Kittoo. N5iln. Danroa. Scott McNay. Deepak175. Theaveng. Alison9. Maytran999. Guy Harris. Altenmann. Lbelkind. Sietse Snel. Colonies Chris.wikipedia. Davidstrauss. Polly. CliffC. Red Thrush. TachyonJack. Minesweeper. Alpha Quadrant. Aspenjazz. Scarpy. Jasper Deng. OCTANE95. WilliamCaban. Daveswagon. Rcragun. LesPoiEs. Annirak. MER-C. Woodshed. Presidentman. Firefighter Dog. SDC. Informationh0b0. Dman727. Sherool. Goltz20707. Aesalon. Admanonline. Nikolas Karalis. SusanLesch. Dragonnas. Steven312. Tnash7d. Ehudshapira.wikipedia.php?oldid=442297051  Contributors: Admanonline. Oo64eva. Reactor12. GayCommunist. Ha us 70. YUL89YYZ. Frickeg. Thumperward. Kinu. Qwyrxian. Kwsn. Ilyasali khan. Jalal0. Businessmonkey. Colonies Chris. Rio de serionata. Unknown W. SasiSasi.org/w/index. Edgarde. Venus 9274. THEN WHO WAS PHONE?. Chkptone. Phaldo. RexNL. Eagleal. Rednblu. Mjlodge.sg. Mailer diablo. Yonatan. John K. Kkm010. Lctech. Sherryp22. Nei1. Squids and Chips. JamesAM. Plausible to deny. RadioFan2 (usurped). Vitor Mazuco. SaratogaH. Lamro. Notquiteleet. Doretel. Crusio. Bobo192. Astor14. Van helsing. Nubiatech. Dcoetzee. Nonomy. Kim Rubin. Cdc. Kelvingeorge. Teles. Gordon Ecker. Ttonyb1. NeilN. Aymatth2. Jeff G. WurmWoode.Article Sources and Contributors 173 Article Sources and Contributors Deep packet inspection  Source: http://en. Mr. Molly. Rossami. Typhoon. Barri. Shortride. Bearcat. Kateshortforbob. Frap. Fuhrmanator. West London Dweller. KelleyCook. Takerman. Fastilysock. Sam Hocevar.matthews. Selene 372.lala. Sjc07. DDerby. Machismo500. Aecis. Courtarro. Kgrr. 3 anonymous edits Narus (company)  Source: http://en. Jrtayloriv. Geofones. Piarres. PigFlu Oink. Ejay. Trbdavies. Nybubba. DutchTreat. Stevebrigden. 33 anonymous edits Network intelligence  Source: http://en. YoavD. R. TaborL. Jesant13. Raanoo. 31 anonymous edits NebuAd  Source: http://en. Emersoni. Winston earl smith. Wprlh. Winchelsea. Nealmcb. Muzilino. Idaltu. Instantnood. JHunterJ. Chrisc8266. UrSuS. Nthep. KnowledgeOfSelf. Kubigula. Ronpeled. Thingg. FT2. Tagishsimon.org/w/index. Verified360. John. Ryan Roos. Mmernex.wikipedia. Jeffcrews. AndrewHowse. Treekids. Mikepelley. Therealcolletepierre. Mbell. Epbr123. Sephiroth storm. Shoone. Uniwares. Esrever. Qwertythecat. EXTremY. Gavint0. Amanfbd2002. Perspeculum. Swliv. GNMC. Astor14. Shuki. Gsarwa. B Pete. Johnpseudo. J04n. Yaronf. Pursey. Rjwilmsi. Noq. Beland. Pedant17. PaulHanson. Pde. 1 anonymous edits Labris Teknoloji  Source: http://en. Erik.php?oldid=441907094  Contributors: A Doon. Routergod. CraigB. Psychlohexane. Greenshed. Liquid Chrome1. QEDquid. Mtruch. Quigley. Calltech. Bunnyhop11.bar. Spoonboy42. TheNewPhobia. SimonMackay. Adambro. Dflasker. Amitnme. Edcolins.php?oldid=425301933  Contributors: Azumanga1. Ferdiaob. Mt7. Sceptre. Chowbok. Xcentaur. Onoes. Labarnah. Sdaronsky. Zvar. JosephBarillari. Rocastelo. ExplicitImplicity. Ahunt. Kll. Oroso. Zodon. Astralblue. Shirt58. PacketDude. MARQUIS111. AlexeyV. Kelly Martin. Koavf. Chrisdab. Kozuch. Edgar181. Trangana. Coolian. Ryan0. Superjordo. Hu12. Rwcgroup. Jim62sch. Cheemais. Telecart. Mineralè. Robina Fox. Biker Biker. InShaneee. 1001001. Jpbowen. Versus22. Whisky drinker.wikipedia. Rjwilmsi. Eros. Cisco (With Greg). Naugahyde. Malepheasant. Pdelong. Apankrat. Nihiltres. Knff. Ohconfucius. Zr2d2. Bill. Vhann. Corvus cornix. Netwrecked. B Pete. Woohookitty. DocWatson42. Visiting1. Cjsmed. Gilabrand. XSTRIKEx6864. Bluedisk. Petri Krohn. Jevansen. Tiredmain. Tombomp. Vikipedi.wikipedia. DMG413. Jvcdude. Ta bu shi da yu. OlEnglish. Falcorian. Noir. Mcingue.srinivaas. Mwanner. Jim. JohnnyBGood. Rjwilmsi. Keesiewonder. Ynhockey. SamJohnston. Hobartimus. Davidstrauss. Ailanto. Sbowers3. Iridescent. Cdowninge. CastAStone. HD999. Anna Lincoln. Downwards. Bongwarrior.php?oldid=440883331  Contributors: Alansohn. Mpeylo. YUL89YYZ. KiloByte. Astor14. SMC. Nathan. Naddy. Rick Sidwell. Paperclip777. Gilabrand. Bleakcomb. Zabby1982. Jay. Madhero88. Sreifa. Slashme. MartinHagberg. True Pagan Warrior. Mentifisto. Mitchdeweber. Lpmusix. Merope. Squirrelist. Irishguy. Travelbird. FlashSheridan. Djaydem66. Capricorn42. R'n'B. Darth Panda. Hansivers. Xrgtn. Jbyers. Ark25. Chris the speller.org/w/index. Levineps. Emadido. Tintenfischlein. Sravisha. 999mal. Spearhead. BTWheeler. JYOuyang. Kizor. EagleFan. Jpp42.moyal. Katana0182. Opelio. Ksensenig. Sdaman. Merzbow. Alex91dml. Shoeofdeath. The Thing That Should Not Be. Ptwopdude. Adrian. RandallJones. Mitensampat. Hax0rw4ng. Monkeyman.wikipedia. Ernestvoice. Danhm. Shanes. Rsecker. CarolGray. Santuccie. Paradoxicalengineer. Woohookitty. WikiDan61.org/w/index. Mcingue1. Brackets. MementoVivere. Arletty75. Oli Filth.). Mentallo 477. PAStheLoD. 42 anonymous edits Sandvine  Source: http://en. Boism. Mmernex. SomniOne. Robocoder. MrHat1065. ArnoldReinhold. Eastofethan. Kyleflaherty. Zigforjustice. DaRaeMan. Jerryseinfeld. Felixcatuk. Mrmodine.php?oldid=447837259  Contributors: Aaron Rotenberg. Homestarmy. Mozart20d. Surfingslovak. TexasAndroid. XKL. RockMFR. Berford. Mrmclean. Tjpayne. Trutkowski. UnitedStatesian. Tomich. SteveSims. Hu12. Gutenbergj. Mitchoyoshitaka. Minimavus. Y. Saffrony. CaptainMorgan.. Factcheckrz. Liquidsnakejr. Red Thrush. PaulHanson. Andareed. TheDJ. Rich Farmbrough. Mosquitohawk. Mdecampo8999. Behildeb. OlEnglish. DaBler. Stardust8212. The wub. Eustress. Aluvus. Cwolfsheep. Znx. Ckt2packet. Alsee. Filterbob. Junkware. Chris the speller.wikipedia. Michael Hardy. Bunni25. King Lopez. Tascha96. Jenrzzz. Ground Zero.php?oldid=446742035  Contributors: A. Mlluis. Jdfirth. Mehudson1. CecilWard. Pearle. Alerante. LemonairePaides. Evrik. Wikipodium. Washburnmav. GreenJoe. Giraffedata.golovko. Bentogoa. O1001010. Rjwilmsi. Austinmurphy.wikipedia. Acdx. Umers90. DaveB549. Michal Nebyla. Curps. S51438. Bevo. Jerrycho13. 0x6D667061. Trevc63. Lyonspotter. Prodoom. The wub. Cradel. GregorB. Powell1605. Tasmanian56. Favonian. Senzhang. Kwiki. ZimZalaBim. Gail. Tomlzz1. Chulk90. DaveBurstein. Rhopkins8. Joseanda1006. Fredrik. Epolk. Ebizdaniel. Moskovich. Tinton5. SaxicolousOne. Phillip Tyre. Secretlondon. RHaworth. Dr unix. Rsb7. Nishith Nand. Cisco crisco. @pple. The Rambling Man. Weyes. Nikai. Srijith2007q. Guy Harris.wikipedia. Sonar610. Cmr08. Niggurath. RJFJR. Smmgeek. WeisheitSuchen. RadioFan. Darklilac. Baeksu. KelleyCook. Joy. Riick. Mattyinwisconsin. Pristino. Jiddisch. Richard Arthur Norton (1958. Postoak. Woohookitty. Cheung1303. Vegaswikian. Iridescent. This user has left wikipedia. Ned Scott. Luna Santin. Dot-per-inch. David.moyal. OrgasGirl. D6. Winton. Rubyyasmin. Truthdowser.org/w/index. Psantora.org/w/index. Gmaxwell. Sig0. Krystalin 8159. Wizardman. Pmsyyz. 6 anonymous edits Radware  Source: http://en. Alepik. Ohnoitsjamie. Abhinvanand. For Loop. TonyW. Lostforwords. Sbfw. TimQuinn. Billhunt. Amcl. Tregoweth. Mole2386. BradReeseCom. Numberonegenius. Gaius Cornelius. Guyanakoolaid. Apohran. Wadamja. The Anome. Voidvector. Mr. Betacommand. DavidBlackwell. WJetChao. UncleDouggie. Rossumcapek.php?oldid=434934453  Contributors: AmySi41. Solarisworld. Csabo. Kparisot. Sophie. Meldodd. Uncle G. BaRiMzI. Shinson. Vsync. Sigma 7. BendersGame. ManosFate. Hmains. HamburgerRadio. Gaius Cornelius. Fatla00. Zeroday. EagleOne. Madchester. Frap. Metadigm.‫טרול רפאים‬ anonymous edits Cisco Systems  Source: http://en. Mr. Bumm13. Chenxiaoqino. Jrdioko. Qxz. Dan100.nakul. Doctaweeks. Ipsla. Jnc. Mandarax. Amilator. Sprinter76. NiZhiDao. Terrybader. Mellery. Jesse Viviano. Eugman. Neelix. Jadams76. Rjwilmsi. Hollaback22. Christopher Kraus. Caltas. Mean as custard. Scieberking. Jopetersen. Marcus Brute. Kirill Lokshin. Klapouchy. Catapult. Qwerty8991. Dawnseeker2000. Thogan. Piano non troppo. Erkan Yilmaz. Ckatz.wikipedia. Pylori. Stavrinov. Rettetast. Caliper. Nehle. Ftpaddict. Garywill. Ashishkapahi. Urbanrenewal. Hu12. Rutruth. Axiome2. Phatom87. Dana boomer.php?oldid=445444053  Contributors: Aspects. Ryker. Looxix. Elenabrown. Amandeep 11. Bluemoose. Avaneendra. RJHall. Andreas Kaufmann. Surv1v4l1st. John Hyams. Alvestrand. Tompsci. Moe Epsilon. Isonomia. KnowledgeOfSelf. Cmdrjameson. Namekatak. JonJuan. Nzd. Phatom87. Tkaizan. Kai-Hendrik. Bongomatic. Codwiki. Funchords. Catapult. Peipei. SmartGuy. Ptwopdude. SimonLyall.wikipedia.php?oldid=419184275  Contributors: Alexanderrock. Aristanet. Y. Fang Aili. Bender235. Malepheasant. Funchords. ProjectmanagerCHKP. Agentbla. Mild Bill Hiccup. Belazu. Singularity. Rjwilmsi. Pabouk. Evildeathmath. GraemeL. Switzpaw. Eric Klein. Brainyiscool. GavLewis. Akadruid. Brentyoung. NPatrick6. Juliancolton. Algotr. Larry V. Pathgrant. Langloisgroup. Aaronproot. Xnatedawgx. Elenap221. Prolog. 117 anonymous edits Allot Communications  Source: http://en. CliffC. Blaxthos. Cooldeep. Specious. Tide rolls. Brianhe. Frap. Olivier. Flashcube. Swellesley. Ivan Velikii (2006-2008). DJOMaul. Guy Harris. Tomdo08. Phil Holmes. Imperi. Agrechin. Katous1978. Jamcib. Kgrr. Uncle Dick. Christopher Kraus. Zidane2k1. Shashibg. Pandich. Moheed. HamburgerRadio. Smallfixer. Rcawsey. Apple17cm. Gobonobo. Muhandes. Sandspur1966. Zmiller923. Davis. JLaTondre. Bovineone. Edgar Waingortin. Philip Trueman. CesarB. TerrierHockey. Jacklyne Hamilton.larsson. Boothy443. Thepangelinanpost. Chris the speller. Biot. Cybercobra. ArtiePesh. Meehawl. Harryboyles. Music Sorter. Ceyockey. Vijaypadiyar. Ash1932. Airplaneman. Ziyadbasheer. KevinJones. Casablanca2000in.org/w/index. 2technical. Hmbr. Rabhyanker. Sayden. Nzd. Tedder.org/w/index. Dav92178. Jcharr. Ahbond. Shymian. Mahewa.php?oldid=396395157  Contributors: Bsimonis. Huiguo01. Harumphy. Vanished User 1004. Krypticmind. Qviri. CanisRufus. Ixfd64. John. M2petite. Rupertb. Haywire. Storkk. Giraffedata. Bomazi. 143 . JLaTondre. 972 anonymous edits Front Porch  Source: http://en. Togaaltos1. Mehudson1. EdJohnston. 24 anonymous edits Barracuda Networks  Source: http://en. WhisperToMe. Dragomiloff. DerHexer. Gwernol. EmbeddedBSL. SirGrant. Hasek is the best. Kbdank71. StuffOfInterest. Vespristiano. Marathi mulgaa. UU. Agasta. Lemento. Aymatth2. JetBlast. Anon515. FranzMeister. Ethyr. Jwojdylo. KD5TVI.moyal. Hblackhawks. Lightmouse. Bsdguru. Kinawi. Janegca. Brholden. Randirocks37. Alvarossjunior. Bobblewik. Akula4211. Alduhayman. Jimmy 21mar. E Wing. Kirklander. Kate. Mar Garina. Bookbrad. Kurauchi. AlfredWalsh. GoingBatty. Alecv. Rob1974. WadeSimMiser. Marokwitz. Everyking. Kimchi. Tinucherian. Anthony71. Phil Urich. Howardtheroarke. Dgtsyb. Dawnseeker2000. Lboulton. Scooby3. Mariguzm. DannyDin. 16@r. Plasticup. Towel401. Black206. Mtmatt. Truthcommission. Harryzilber. Mosquitohawk. Rhsimard. Wikidemon. Edward. Tom harrison. SNIyer12. Quadra630. Pooua. Shervinafshar. Mikeblas. NapoliRoma. Rcawsey. Kigali1. AliveFreeHappy. Yasakak. Drmies. One. Avernet. Astor14. Iztoku. Rrburke. DrachenFyre. Lightmouse. Petrinarobins. Mjpresson. Gogo Dodo. Moulding. Humphrey Churchill. Dispenser. R'n'B. Raul654. Piano non troppo. Melcombe.org/w/index. Blowfish. Aeons. Jeffhane100. Eiscosogin. Gwernol. JeffJonez.wikipedia. Veinor. Mr. Parrot. Jlemos35. Mukis. Zedla. Anetode. Goochelaar. Callidior. Derickmoore. Jessica Schieve. Macpl. Shadowjams. HybRiDx24. Nuance13x. Dchapes. Bewert.henderson. Tonkie67. Frecklefoot. BioPupil. Robguru. Matilda. Chaitanya. Ninja247. Deineka. CrypticBacon. Theothertomjones. Center4499.org/w/index. Dstivers. Drughwan. RedWolf. Mezigue. 128 anonymous edits . Vlad. Alansohn. Fry140. Beebux. Kaplanmyrth. Viewfinder. Leafyplant. Hairy Dude. Kandsten. Thorprime. Nina1995. Xyzzy288. Zuras 538.Smith. Winheinhtut. Bpringlemeir. Ed Poor. Brooke6969. Shawnc. Tinton5. Jamcib. G33k-3d1t. Lloyd Wood. Ugilad. Barrylb. Au k. Pip2andahalf. Ranumao.org/w/index. Uosdwis. MikeLynch. Lightmouse. Agencius. Storytellershrink. Brianhe. Ronambiar. Coolcaesar. Romney yw. Manoj-jaiswar. Hydraton31. KansasCity. Kamath. Kitch. AntiVanMan. MrChrome. RamapoJohn. Exobyte. Hardikp12. Hmains. Mattsday. JamesBWatson. BD2412. Iridescent. Common Man. JonHarder. Soumyasch. Ironholds.org/w/index. Simslover. Spikehall1234. Beto.

Peaceray. Cheatochris13. Hmains.org/w/index. Thepulse2007. Dcoetzee. Coconuts. 9 anonymous edits Context-based access control  Source: http://en. Wrs1864. Discospinster. Ahunt. P1h3r1e3d13.php?oldid=447766851  Contributors: Bearcat. Jnc. Fang Aili. Bkil. Intgr. Cffrost. InfoElfiq. Mr. Shyamjithgift.wikipedia. Guy Harris. Jcrifasi. Helix84. P. Takamaxa. VirulentIdeas. Boomshadow. 5 anonymous edits Cut-through switching  Source: http://en. Carltonh. 2 anonymous edits Network packet  Source: http://en. Kyonmelg.harris1. Daichinger. Apparition11. Freeingmind. Dawynn. R'n'B. Graham87. Wine Guy. ChibaRagi. W Nowicki. Frehley. Pyrop. G7huiben.Fred. Muhgcee. Chun-hian. Pgautier-neuze.org/w/index. Ash. Cit helper. Kvng.itian.php?oldid=437684258  Contributors: Adoniscik.wikipedia. Rsduhamel. Mr Sheep Measham. Rdmoore6. 1 anonymous edits Fast packet switching  Source: http://en. Timrem. Maradine. Michael Hardy. Jscroggin. Frap. Dcoetzee. Wireless friend. Kvng. Edward. Boleyn.org/w/index. Alan216. Bobo The Ninja. Red Director. Storkk. Kgrr. PaulHanson. Kbrose. Copsewood. Maximus Rex. Brianga. Devil0150.php?oldid=440433412  Contributors: Bearcat. Vaquerito. Closedmouth. Widefox. BrainyBroad. Gronky. Ebraminio. Cutter. KConWiki. Vivio Testarossa. Richie SWFC. Incnis Mrsi. Deineka. Oicumayberight. Mike Rosoft. CanadianLinuxUser. GcSwRhIc. Fernvale.wikipedia. Nurasko. Martin451. Goldenrowley. Frap.php?oldid=435868393  Contributors: Addshore. Dtcdthingy. Mange01. TheParanoidOne. Hairy Dude. The Nut. All Hallow's Wraith. Wilhelmina Will Data-dependent jitter  Source: http://en.php?oldid=409262059  Contributors: Alansohn. Bearcat. Anclation. Dogaroon. Bevo. Srimech. Acrosser. JonHarder.doom.wikipedia. Caerwine. Caerwine. 8 anonymous edits Black hole (networking)  Source: http://en. Bryan Derksen.NaZ. Demophon. 9 anonymous edits Cisco Express Forwarding  Source: http://en. DataWraith. Gonzopancho. Wildwild. Whywhenwhohow. SocratesJedi. Bryan Derksen.php?oldid=425344853  Contributors: CactusWriter. Sgeo. EdH. 151 anonymous edits Active queue management  Source: http://en. LachlanA.of. Anna Lincoln. CanisRufus. Jec. Hadrianheugh. Cander0000. Ched Davis. The Anome. Huon. Borgx. 9 anonymous edits Firewall (computing)  Source: http://en. Stefano85. PaulHanson. Jm34harvey. CoolingGibbon. Abaddon314159.php?oldid=354091201  Contributors: Adoniscik. Mleoking. Judgesurreal777. EdH.org/w/index. Kubanczyk. Beno1000. Fantasy. Derbeth. Backpackadam. M4gnum0n. Bryon575. Alphachimp. Hqb.org. HereToHelp. Mboltz7664. Nasa-verve. Lethe. Celarnor. Lemeza Kosugi. Eraserhead1.php?oldid=439892905  Contributors: Ankur19852007. J0lt C0la. MPerel.dai. Reliablesources. Joris. 5 anonymous edits Donald Davies  Source: http://en.wikipedia. Blahu77. Bencejoful. CarlHewitt. Brholden. BananaFiend. Slightsmile. Bkonrad. Harmil. Crystallina. Chriswaterguy. TravisTX. Daniel farrell. Paul Weaver. Learjeff. Easyas12c.org/w/index.pitre.telnet. Mleoking. Connormah. Jim. Heron. Ibarrere. Biot. Interbay. Benjaminmin.henderson. Jcmcclurg. W163. 6 anonymous edits Broadcasting (computing)  Source: http://en.wikipedia. Cander0000. Avicennasis. Jrcla2. 26 anonymous edits Data Path Acceleration Architecture (DPAA)  Source: http://en. Dixonjohnpaul. Jnc. Capi. Barticus88. Kbrose. Motyka. Andem. Cmdrjameson. Lawrennd. Chrisdab. Mro. C.henderson. Timan123. Simple Bob. Ucla90024. Yuriybrisk. Sinisterjim. Darth Panda. 11 anonymous edits Datakit  Source: http://en. Edward. Nbirkel. Incnis Mrsi. Bazsi.wikipedia. JonHarder. Philip Trueman. JonHarder. Bband11th. Nbarbettini. Bissinger. Casey Abell. Trevor. Ocram. Craiglew1508. Javacat. Etacar11. Karstbj. Roofbird. The Thing That Should Not Be. HupHollandHup. Iridescent. Hectorthebat. Kbrose.wikipedia. Peter Ellis.org/w/index. Jesse Viviano. PaulWay. 7 anonymous edits Catenet  Source: http://en. Jiraffe. Kenny sh. Captain-tucker. N5iln. Yuriz. Dondegroovily. Aejr120. Mysidia. CharlotteWebb. Crystallina. Jcy1978. Donreed. Ale jrb. Cburnett. Twobells. Paintman. Can't sleep.org/w/index. Лев Дубовой. Booster4324. Manuel Anastácio. Hooperbloob.php?oldid=375135832  Contributors: Dpr. Black Kite. 23 anonymous edits Business Control Layer  Source: http://en. Hetar. Capricorn42. Hadal. Mboverload. Rich Farmbrough. Amirpak 86.henderson. Mongolmax. Porturology. LeaveSleaves. Jpbowen. AlephGamma. Retired username. Addihockey10.org/w/index. Greenshed. Ans-mo. Henk. Maniamin. Woohookitty. Dimadick. TTZnju. Jim. Lewisoaten. Linuxbeak. Ryan Roos. Bugkarma. Mirv.php?oldid=444739845  Contributors: 16@r.wikipedia. 18 anonymous edits Viaedge  Source: http://en. Graphitesmoothie.muller. 4twenty42o. Uncle Dick. Mithaca. JMiall. La goutte de pluie. Can't sleep. AmiDaniel.org/w/index. Bigbluefish.php?oldid=444144130  Contributors: Alan Liefting.org/w/index. Altzinn. Pearle. Beetstra. Random user 39849958. Jim. DrDry55. Rameshbabu.php?oldid=448568520  Contributors: !Darkfire!6'28'14. Neutrality. Tillman. 85 anonymous edits Berkeley Packet Filter  Source: http://en. OverlordQ. Apy886. D6.Harris. Bobo192. Rajah.wikipedia. Borgx. Brownh2o. Jim. Zacharyjos. Arakunem. 4 anonymous edits Christmas tree packet  Source: http://en.org/w/index.wikipedia. Collin. Black Falcon.wikipedia. Aviv007. Petr Kopač. Remarks999. Lockley. Badgernet. Flewis. Intgr. RazorICE. Timotheus Canens. Dante Alighieri. B. Eric Shalov.wikipedia. Park3r. Stevenmyan Dynamic Packet Transport  Source: http://en. Discospinster. Tikiwont. Anabus. Pnm. CesarB. 1 anonymous edits Datagram  Source: http://en. Ketiltrout. Mhkay. RickK. Toffile. Kbdank71. Zack. Ameliorate!. Alfrodull. Biot. Calabraxthis. Pb30.benko. Kwi.g. Beezhive. Unyoyega. Dawynn. Kbdank71.wikipedia. Unaizu. Joy.sarcasm. Phatom87. Ews23. S. Mintleaf. Avono. Greswik. TheMoog.henderson. Roy464. Foaly19. D o z y. Triwbe. Bucketsofg. Phani96.org/w/index. JonHarder. AAriel42. CesarB.org/w/index. JordoCo. Leif. Useight. Toon05. Gascreed. Stepheng3. Edaelon. Jim. South Philly. Jengelh. Studerby. Wik. clown will eat me.php?oldid=442321342  Contributors: Alai. ImGz. Leafyplant. Jeffq. Rick Sidwell. DaveBurstein. Storkk. Glenn. Djg2006. Sarath02.php?oldid=434903517  Contributors: Alinja.php?oldid=332546973  Contributors: Alerante. Barakw. Splash. R Calvete. JeffBurdges.org/w/index. RunBAMrunfaster.org/w/index. Wihwang. SueHay. Bayerischermann. Tombrend. Thumperward.org/w/index. Haseo9999. Chzz. Jeck. TheKoG. Icairns. Nagy. Zondor.org/w/index. JonHarder. Eyrian. Hadal. C'est moi. ZeroOne. Jrcla2. Jaimie Henry. Timneu22. Cryptic C62. Johnuniq.henderson. 134 anonymous edits Stonesoft Corporation  Source: http://en. Shaw. CliffC.php?oldid=441679490  Contributors: Auric. DSatz. Frap. 7 anonymous edits Paul Baran  Source: http://en. CarlHewitt. Daicaregos. Rror. Bswilson. Adrian. Edcolins. Martarius. Sadads. Rich Farmbrough. Corpx.wikipedia. Phatmonkey.org/w/index. Black Kite. Scott5114. Hqb. 28 anonymous edits Deterministic jitter  Source: http://en. Obvious. Arastcp. Storkk. Joyous!.php?oldid=433421226  Contributors: A. Milan Keršláger. Android Mouse. clown will eat me. IronGargoyle. Glenn. Valentinejoesmith. Bender235. D6. Sreeji. =Josh. YellowMonkey. W163. Ahoerstemeier. Edward Z. Olivier Debre. Chowbok. Moonraker12. Shaddack. FruitMonkey. Angr. Cryptosmith. Torla42. Pboyd04. Scarian. Trasz. Elfguy. Flatterworld.wikipedia. The Anome. Lerdsuwa. M3tainfo. Boscobiscotti. YUL89YYZ.Hull. Slakr. Teles. Mlewis000. Msirivia. Woohookitty Theta Networks  Source: http://en. Adoniscik. 123Hedgehog456. SymlynX. Alexius08. GoingBatty. Asqueella. Noorg. Crystallina. Chetvorno. Rich Farmbrough. Smohideen2000. B Pete. C:Amie.henderson.php?oldid=332547061  Contributors: 1exec1. Sdedeo. Crakkpot. Blueronin. Intgr. Antandrus. Robofish. Tassedethe.wikipedia. JLM. The wub. Kbrose. Vipinhari. Genetikayos.php?oldid=442910119  Contributors: 2doorsdown. Albedo. Nbilogorskiy. Ayla. Bluebusy. Alex Middleton. Nurcanyilmaz. Steven.php?oldid=332546963  Contributors: Babbage. Perry Bebbington. Phatom87. Remuel. Berford. Koavf. Ian Yorston. Latitudinarian. Joel7687.php?oldid=447898830  Contributors: Aaronthepro. Quatloo.wikipedia. Kvng.php?oldid=431099959  Contributors: Chowbok. Blanchardb. Schusch. Kbh3rd. Nmacu. Janziff. Mozzerati. W Nowicki. Marcika. Chris55. 9Nak. Aeon1006.org/w/index. Kazfernandes. Haichen12. Cellspark.org/w/index. Jni. Deb. Cantons-de-l'Est. Aitias. Jnc. SimonP. Pig de Wig. Michael Hardy.php?oldid=398953190  Contributors: Dthomsen8. Alvestrand. Jnc. Robert K S. Networkengine. Chrisdab.php?oldid=438289667  Contributors: Alan Liefting. Cybercobra.Article Sources and Contributors SonicWALL  Source: http://en. Retran.org/w/index. R.wikipedia. Owen. Eastlaw. ConradPino. CecilWard. Thomascjackson. Foobaz. JLaTondre. Jpbowen. Jamesd. SDC. Rettetast. Guy Harris. Jim.wikipedia. Nickaubert. TNLNYC. Rjgodoy. Warrickball. Duncan. Michael Snow. The Anome Chernobyl packet  Source: http://en. Gordon Ecker.wikipedia. Caydel. Johnshepler. Alansohn.org/w/index. Eyreland. Robert K S. KennethJ. Ryan Postlethwaite. Jeh. JonHarder. 174 . Xmm0. GoingBatty. JMiall.henderson. Jec. The Anome. Francs2000. Unforgettableid. EncMstr. AlistairMcMillan.org/w/index. Icey. 19 anonymous edits Blue (queue management algorithm)  Source: http://en.wikipedia. QTCaptain.andrew. Masterknighted. Cxxl. CesarB. The wub.wikipedia. Sgeo.php?oldid=445083184  Contributors: Alvestrand. Zginder. Remuel.org/w/index. Torla42. Soldier. Rick Burns. RoyBoy. Andrei Stroe. Glamourtree. Jpbowen.php?oldid=445291190  Contributors: AdjustShift. Nikola Smolenski.. Svick. CrescentCaren. SCΛRECROW. Bangowiki.wikipedia. Jkl. Mindmatrix. Suruena. Tohd8BohaithuGh1. RichardVeryard. Karl Dickman.wikipedia. Middayexpress.org/w/index. Dream of Goats. Baccala@freesoft. Chuck369. Anthony Appleyard. R6144. Yang. Jeff Paine. Kyonmelg. Suruena.wikipedia. Michael Devore.php?oldid=408009017  Contributors: Cedars. Gary King.wikipedia. Golddragon24. West. Jim. Lotje. Marasmusine.org/w/index. John254.org/w/index. Elonka. Katharineamy. Eric Klein. Capricorn42. JECompton. Taemyr. Osu-mike. Erkan Yilmaz. Losthighway. Vulturell. Emersoni. Oe2k. Timrollpickering. Manoj2009patel20dec. Giftlite. Dawynn. Ixfd64. EagleOne.

CosineKitty. Paul D. Pissant. Jtir. OpenToppedBus. Mernen. EdwinGroothuis. Suicidalhamster. NortyNort. Dysprosia. David. Cubbyhouse. JonHarder. Kozuch. Vonvon. MichaelGoldshteyn. Ordo. Brown. The Thing That Should Not Be. Burfdl. Kenyon. JonHarder.8261  Source: http://en. 11 anonymous edits Jitter  Source: http://en. Bookandcoffee. Halmstad. Michael Hardy. Johnaduley. Equendil. Theda. Tinton5. Kvladiko. Justin20. Mange01. T Houdijk. Wordwizz. Heron. Bobo192. Kyleflaherty. Nancy. Gascreed. Yorick8080. DMahalko. Accdude92. Escape Orbit. Watson Ladd. OlEnglish. Spartanhelmet. Spearhead. New Age Retro Hippie. PuzzletChung. CASE. Brewcrewer. Lordjamex. E Wing. Kandarp. Woohookitty. Geoff B. NeonMerlin. Kablammo. Harryboyles. Gatta. Vlhsrp. Nachoman-au. Robertvan1. Requestion.php?oldid=446854804  Contributors: Abdull. Ttwaring. Tellyaddict. Kjwu. Tcncv. Wknight94. Griffenboy. Storkk. Stephen G. Seano1.php?oldid=446204325  Contributors: A5b. Cillie. Draglon.org/w/index. Mrwojo. JTN. EBorisch. Red Thrush.wikipedia. Danhm. Tobias Bergemann. Apshore. Isilanes. Lee Carre. Lee Carre. N328KF. Dandorid. Materialscientist. Jóna Þórunn. Sam Hocevar.0. JonHarder. Alksub. RayneZXZX. NewEnglandYankee. Dcampbell30. MMuzammils. Stonehead. Rpspeck. Lockeownzj00.org/w/index. Mattloaf1. Deville. Kvng. SecPHD. Why Not A Duck. Wiki Wikardo. Jurgen Hissen. Nmadhubala. AB. Deewiant. Creed1928. Woohookitty. Mspraveen. Jan1nad. Ary29. Rocketgoat. 8 anonymous edits Martian packet  Source: http://en. Nasa-verve. Qxz. Dmccreary. Rami R. Barcex. Graphitesmoothie. Kamathvasudev. Ggiust. Indefatigable. Jennavecia. Debresser. Quercusrobur. Fang Aili. Milan Kerslager. Red856. December21st2012Freak. Iokerapid. Yik Lin Khoo. Badmonkey0001. JSpung.48  Source: http://en. Tombomp. Pabouk. Taxman. Jec.org/w/index. Materialscientist. Janitor5. Chris the speller. Blahbleh. Thatguyflint.wikipedia. Cyndler. Nunquam Dormio. Tlesher. Schmitt. NightFalcon90909. Gonzonoir. Karnesky. Kubanczyk. JonnyJinx. 1263 anonymous edits Frame (networking)  Source: http://en. Yama. Eponymosity. Toffile. Hugger and kisser. Intgr. MickWest. Lukevenegas. Frap. Imcdnzl. Missionary.php?oldid=423816246  Contributors: ArtsCountyFair.amdphreak. Purpleslog. Aleksey Gerasimov. Twinkie Assassin. Tommysander. Damadm00. Forenti. Nwk.php?oldid=448310043  Contributors: Closedmouth. Jibjibjib. Ricky. Akendall.wikipedia. Leizer. LilHelpa. KnowledgeOfSelf. Ruzihm. Woohookitty. Henriquevicente.wikipedia. Rl. Eequor. WilliamSun. Khym Chanur. Doctorfluffy. Zeroshell. Hoods11. Lilac Soul. SkyWalker. XandroZ. Stephenman882. Jusdafax. Smallgene. Deville. Rbmcnutt. Satori Son. Mark Chung. Willy on Wheels over Ethernet. Soap.php?oldid=407829618  Contributors: Alan Liefting. Mrzaius. Weylin. Rjwilmsi. Hokiehead. FisherQueen. Rick Sidwell. SlipperyHippo. Njmanson.wikipedia. CohenTheBavarian. JDavis680. Crissov. Insanity Incarnate. RoyBoy. Fahadsadah. Racerboy. Elagatis. Cmdrjameson. The undertow. Katalaveno. WikiLaurent. GoodwinC. JonHarder. Ryan Roos. Tjbk tjb. Fulizer. Gdt. Gilliam. Grapht. Cometstyles. SGGH. Lee Carre. Pabouk.php?oldid=441847423  Contributors: Achilles2. Djg2006. V8rik. Od Mishehu. Eliteops1.php?oldid=440686361  Contributors: AdmJamrep-NJITWILL. Mix Bouda-Lycaon. Tranzent. Weylinp.wikipedia. Keegscee. Kvng. Mygerardromance. Tevildo. Ross Fraser.org/w/index. VasilievVV. Peyre. Scetoaux.org/w/index.batters.pande. Silver seren. Kyonmelg. Rivanvx. Mro. Luna Santin. Visor. Topspinslams.org/w/index. EliasAlucard. Haqpunk. Lir. Cwolfsheep. KnowledgeOfSelf. CanisRufus. Skacel8. Turnstep. Snigbrook. Chair Blaster. MrBenCai. Stuartyeates. Mikm. Dman727. Gogo Dodo. Danshelb. DavidChipman. Robofish. Fish and karate. DerHexer. Jeff G. Boscobiscotti. Phatom87. Dbrooksgta.delanoy. Hpa.wikipedia. ToobMug. Jfilcik.bar. Casablanca2000in. Husond. OlavN. Flewis. MER-C. Marcuswittig. Drmies. NellieBly.wikipedia. GTBacchus. Persian Poet Gal. Chscholz. Nnp. Sceptre. Random name. Dark Lord of the Sith. 5tych5. Vilerage.wikipedia. Jdeere man. Graham87. Ju66l3r. Rtouret.org/w/index. Joy. Mortein. Rurigok. Dcoetzee. Frap. Rich Farmbrough. Mirv. Zack. Rich Farmbrough. Closedmouth. CanisRufus. Geffmax. Stratadrake. Disorganized 676. JonHarder. Jimyoo.. Erencexor. Ixfd64. DerHexer. Seba5618. Killiondude.org/w/index. Marek69. Jeff G. NawlinWiki. Tom k&e.Dunstan. Lakshmin. Claude. Storkk. Rp751786. Lincolnite. Lolsalad. Frap. Oddbodz. Josh Parris. Feureau. Piet Delport. Jaraics.wikipedia. Postrach. Johnshepler. Dawynn. Rev3rend. Joyous!. Wai Wai. Secret. Shawniverson. G7yunghi. Muheer. David Haslam. Can't sleep. AndrewMollison. Dougher.C. Tapuwiki IPv6 packet  Source: http://en. Debackerl. Hussam92. Lee Carre. EddieNiedzwiecki. Vrenator. Tbhotch. Otisjimmy1.wilton. Huyi. Vendettax. Just James. CyberSkull. Canis Lupus. Paul. Willisja. Crazysane. FreplySpang. Jpbowen. Blakewestwood. Da monster under your bed. Rod57. Diberri. TexasAndroid. Mr.org/w/index. Trevor MacInnis. 18 anonymous edits 175 . J. Mild Bill Hiccup. Nasa-verve. JForget. Osky283. Dismas. Hungery. TenOfAllTrades. Hadal. Mariagor.php?oldid=444465818  Contributors: Alq131. Leszek Jańczuk. Grand Edgemaster. Megaboz.org/w/index. Femto. Lets Enjoy Life. Cybercobra. Πrate. Inov8er. 54 anonymous edits Jumbogram  Source: http://en. Eagleamn. Split Infinity. Piano non troppo. Rafiwiki. JzG. Simeon H. Giftlite. SJP. MrOllie. Rebel. Reguiieee. Dols. Tdcrone. Chenzw. Pabouk. S0me l0ser. Electron. Emmzyy. Charles Matthews. BazookaJoe. Mendaliv. Wubrgamer. 138 anonymous edits Jumbo frame  Source: http://en. Unschool. Dreadstar. Radagast83. Fragglet. The Anome. Prasan21. Skyezx. Frecklefoot. Amire80. Jalal0. Hps@hps. Mysterytrey. Jhi247. 9 anonymous edits Lag  Source: http://en. HarisM. Heywüd. Piet Delport. Nuttycoconut. Thingg. Suruena. Seb26. Arkrishna. Kvng. Mailer diablo. Casito. Ouzo. RedWolf. Fresheneesz. Possum. RoMo37. WikipedianMarlith. Gracefool. Interiot. Kbdank71. Tbird1965. Jramsey. Vakanuvis789. Zabanio. Jlavepoze. Arise Sir Loin of Beef. Guitardemon666. LeoNomis. Cougar w. Cryptosmith. Wk muriithi. Bobbis. Wrs1864. Kbdank71. Rwessel. Dean14. Grammarmonger. Kinema. Wtfnoob. Kbrose. Thecheesykid. Khirbat. Mad9cat. Jec.. Nachico. Robofish. Bryan Derksen. Javert.php?oldid=438815409  Contributors: Bearcat. Wsmarz. Peter. DeadEyeArrow. Luna Santin. The Kinslayer. Stevenmyan. DoogieConverted. Ciaran H. Firefly322. Cavebear42. MJ94. Timotab. Kf4yfd. Nakon. Discospinster. Tigermonkey. The Anome.org/w/index. Nuno Tavares. JonHarder. Emperorbma. Florescent. Nick Number. Frap. Egil.php?oldid=436864929  Contributors: 16@r. Manop. Nealmcb. Colin Marquardt. Chrumps. Occamsrazorwit. Djdancy.php?oldid=422163972  Contributors: AndreasWittenstein. Petzi1969. MichaelMan64. Jobeard. Splintercellguy. VernoWhitney. Storkk. Ascánder. Sg313d. Coolhandscot. DragonHawk. Sitearm. Richard001. Slakr. 28 anonymous edits G. Codinghorror. Jim. JasonTWL. Dysepsion. DESiegel. Daichinger. Wahooker. Mitaphane. DevastatorIIC. Wrs1864. Douggie1085. Pharos. Viriditas. Theymos. LOL. Xaosflux.delanoy. Wavelength. Rumping. Sanfranman59. MercuryFree. Prunesqualer. Doug. Rj. Sephiroth storm. Iamxsj. Mwalsh34. OwenX. Cybjit. Hetar. LeonTang. Hairy Dude. Rchandra. Haseo9999. DeathByROFL. 3 anonymous edits Maximum segment size  Source: http://en. Tsunanet. Moldylemonmedia. Fynali. LegitimateAndEvenCompelling. Jeffrey Mall. RainbowCrane. Harkathmaker. Aarktica. clown will eat me. Rsrikanth05. Regancy42. Σ. Edcolins. Indefatigable. Maxamegalon2000. HatlessAtlas. Auric. Jeh. Scientus. Hu12. Mandramas. Suruena. Jackrockstar. Zntrip. Bubbachuck. Jmprtice. Sporkmonger. DJ Clayworth. Xaje. Kenyon. Debresser. Gstroot. Emailtonaved. Ws227. Intgr. Jrmwng. Hax0rw4ng. Quentin X. 38 anonymous edits Frame check sequence  Source: http://en. CesarB. Dcoetzee. ElKevbo. Tim874536. Spazure. Verfee. Joseaperez. Hairy Dude. Philip Trueman.Article Sources and Contributors Corvus cornix. Noctibus. ShyShocker. Deville. Booch. Jaho. Nimiew. Rjwilmsi. Mwanner. Qrsdogg. Msebast. Mattgibson. KnightLago. Benlisquare. JonHarder. DSatz. Phoenix314. Elieb001. ENeville. 4 anonymous edits Gigapackets  Source: http://en.wikipedia. CraigB. Thearcher4. RadioActive. Heywüd. PrestonH. Poccil. 297 anonymous edits Link state packet  Source: http://en. Info lover. TripleF. Dan6hell66. Nneonneo. Lubos. Haakon. Waelder. Kgentryjr. Electron9. J. Mange01. Kglavin. SoCalSuperEagle. CYD. Nposs. 8 anonymous edits Packet loss  Source: http://en. Muhandes. TombraideerIIdeadmanschest. MarkRose. LeinaD natipaC.wikipedia. JonHarder. Imroy. Miremare. Monkeyman.php?oldid=443908554  Contributors: Adoniscik. Gc9580. R'n'B. BlueEarth. MartinHarper. Gurch. BeaverWithChainsaw. Petzi1969. Wtmitchell. Dzordzm. Prari.php?oldid=441693061  Contributors: Dub13. DARTH SIDIOUS 2. Henry W. Ntolkin. Isheden. Davidoff. Jebba. Eraserhead1. Bvavasseur.org/w/index. Seb az86556. GDallimore. Hans Persson. Stephenb. Sepersann. Rich Farmbrough. Omegatron. Desirsar. Fudoreaper. Akassix. Tcosta. LachlanA. FleetCommand. Lauk. Sferrier. Roseurey. Imcdnzl. El C. Mrlumpycole. Teenboi001. Gardar Rurak. Rchandra. Ilpostinouno. M347758. Michael Hardy. Ophel.fachkha. Mc6809e. Firsfron. Twinxor. Wmahan. TutterMouse. DVdm. Martarius. Purplepumpkins. Aulis Eskola. TheGreatFoo. Da Vynci. Maheshkumaryadav. Equazcion. Patrick. Prashanthns. Jay. Cwolfsheep. Gurch.org/w/index. Alansohn. Jusdafax. Pb30. Radiant!. Epbr123. Adrignola. Robbie Cook. OlEnglish. Gaiterin. Skrewz. Ohnoitsjamie. TheYmode. DonDiego. Tide rolls. Shiro jdn. Loren. Charles Matthews. Someguy1221. Seddon. Waskage. Zetawoof. Danski14. Brianjd. Intgr. Lee Carre. Enric Naval. Jigesh. Mcicogni. NawlinWiki. Meandtheshell. Qwyrxian. La Pianista. Demonkoryu. 4 anonymous edits GSM 03. Dfranke.piegorsch. Kbrose. CecilWard. Moreati.php?oldid=436367126  Contributors: Bobblewik. Japanese Searobin. DGJM. Tim. Ground Zero. Wikialoft.mtview. Pielover87. Davipo. Gxojo. 52 anonymous edits Mangled packet  Source: http://en. KnowledgeOfSelf. Muhandes. Woohookitty. Iune. CesarB. L'Aquatique. Learjeff. J Milburn. Hibernian. Gogo Dodo. Mysdaao. Tushard mwti. Expertour. Widefox. YUL89YYZ. Elcasc. FunkyBike1.wikipedia. Sensiblekid. Jpgordon. SarahKitty. Raanoo. Statkit1. Rror. JanCeuleers. Nihiltres. Matthäus Wander. OGoncho. Ulrichlang. John Siau. Deelkar. Mindmatrix. JonHarder. Sephiroth storm. Greenrd. Rwxrwxrwx. Object01. Tobias Bergemann. Cmathio. Cheetoian. Neurolysis. Nneonneo. Biot. Wmasterj. Hiebert. LeaveSleaves.kandy. Anderson. CronoDAS. Sparky132. Linkoman. Ricky81682. Pnm. LachlanA. Njaard. Mctmike. Schlyne. Ifeme. Katharineamy. Woohookitty. ST47. DagErlingSmørgrav. TheMandarin. Malo. Kralizec!. Sysy909. ZimZalaBim. Lucy1981. Legotech. Ancheta Wis. Mashby. Pinethicket. Danutz.wikipedia. Drbreznjev. Greg Grahame. Pmattos. Everyking. Hamzanaqvi. Liveste. Sgeo. Eldraco. Matticus78. Attilios. Simetrical. Ham Pastrami. Kbrose. Stevietheman. Trevor1. Oxymoron83. Storkk. Dandorid. Noctibus. Wk muriithi. WikiDao. JonHarder. Suruena. WPANI. Furrykef. Wheely Guy. Dse. Rbarreira. Fresheneesz. Bagatelle. Hazawazawaza. Venom8599. Eyreland. DStoykov. Niteowlneils. Ryan Roos. K001. Dandorid. Cenarium. Phatom87. Boardtc. Ch'marr. Mac. Hadal. Yk Yk Yk. Harland1. Kealper.org/w/index. Oli Filth. Transcend. Smalljim. Tide rolls. HappyCamper. Jchandlerhall. Mouchoir le Souris. Convenient ByStander. Rigworm. Phirenzic. Phatom87. Josemi. Jalara. Tad Lincoln. KCinDC. Batmanand. Gerbrant. Sleske. OisinisiO. Wyatt915. Shawnj99. Jclemens. AlistairMcMillan. Talyian. Kvng. Rs2. Anonymous Dissident. Sheridp. The Anome. KangKnight. Fightingirishfan. Meaghan. Tinucherian. JohnCD. TheRa'ike. Goodyhusband. Nageh. DemonThing. Intchanter. Voidxor. Ghaly. Fabioj. BigFatBuddha. Bevo. Randilyn. Ramu50. JZelos. Frap. FatalError. EQ5afN2M. Terronis. Wimt. The Garden Gnome. Phatmonkey. UncleBubba. Minnaert. Mange01. RJFJR. L33th4x0rguy. Kevin Saff. Ciphergoth. JohnCub.org/w/index. W Nowicki. Siroxo. TheCommunist1994. Markrpw. Mike. Allen3. JYOuyang. Fastily. Manuel Anastácio. JonHarder. Ptk.wikipedia. Kubanczyk. Kermesbeere. Netalarm. Kvng. ADobkin.php?oldid=445711028  Contributors: 1ForTheMoney. Knacker ITA. Rninneman. Netsnipe. FreplySpang. Guoguo12. Nuno Tavares. Acegik. Richard. Lambtron. Matt Britt. Thoobik.henderson. Newone. ILRainyday. Vinucube. Jec. Kizor. Julesd. L337p4wn. NetRolller 3D.

Guy Harris. Mojodaddy. Phatom87. Paquitotrek. Thparkth. Borgx.org/w/index. Prondou. Can't sleep. 14 anonymous edits Robust random early detection  Source: http://en. Dawnseeker2000. Mboverload. Jonnyct. Kbrose. Palmer1973. Piet Delport. Haseo9999. Imcdnzl. Julesd. Sonic Mew. JohnGrantNineTiles. Luk. Cburnett. NoExec. Bobblehead.M. Kundor.wikipedia. EvanCarroll. Synchrodyne. LachlanA.126. Shaddack.wikipedia. Jerrysmith222.wikipedia. Selket. X!. Rich Farmbrough. PeterEasthope. DonDaMon. Crossmr. My007ms. 4 anonymous edits PARC Universal Packet  Source: http://en. Bevo.H. Peyre.org/w/index. Ged Davies. SpacePacket. SCΛRECROW. Excirial. Mange01. Jim. Leblondleblond. Tmaufer. MarkFrancisMullins. Nimiew. Dirtydan667. Yinwulanyu. Jopsen. Xchbla423. Thegn. MS3FGX. Mange01. Babbage. Vidiii. The Anome Packet aggregation  Source: http://en. Dgrahame. Gbelknap. YUL89YYZ. BarretBonden. Milan Keršláger. BayTech. Mudalagi. Wirbelwind. Wingsandsword. Kaare. Paul1337. Imcdnzl. Niteowlneils. NapoliRoma. Zhou Yu. Lightmouse. Andrewpmk. Noctibus. W Nowicki. Gerald. LawrenceGRoberts. Dawnseeker2000. The Anome. Sowsnek. Biasoli. Ricojonah. Nitiniit. Storkk. Kk2mkk. Jnc. Wizard191. Groyolo. 3 anonymous edits OmniPeek  Source: http://en. Kate. PerryTachett.Ferguson. Neurolysis. 223 anonymous edits Packet telephony  Source: http://en. Tonkie67. Trevor d. Jm34harvey.php?oldid=389942039  Contributors: Guy Harris. YUL89YYZ. 1 anonymous edits Ping (video gaming)  Source: http://en. Jokes Free4Me. Logictheo. Kvng. Skier Dude. Zackman90. J. Ahoerstemeier. JTN. Itai. Harryzilber. Coolgamer. Rhodekyll. Stw. 2 anonymous edits 176 . Usangel1066. Kalathalan. Mjb4567. Moondyne. Frencheigh. Meredyth. Reliablesources. AlphaPyro. Dgtsyb.henderson. MetalGearLiquid. Blerg1. Maximaximax. Jim. Thingg. Retodon8. Dave Cohoe.cn. Selfev.org/w/index.org/w/index. John Vandenberg. KVDP. Binksternet. GregorB. JonHarder. Guy Harris.org/w/index. The Evil IP address. Glenn. Eastlaw. Jonnyct.php?oldid=418128155  Contributors: KelleyCook Packet drop attack  Source: http://en. Mbarbier. Widefox. ZoFreX. Unixguy. GPHemsley. Rvalles.org/w/index. Brookshawn. ThreePD. Wipe. Kbrose. The Singing Badger. ExDPN100Engineer. Netcrash87. Logicat. Guitarist6987876. Jim. Mange01. Gfoley4. Fredeccles. Wheet. Vrenator. R2jitu. Terra Xin. Rhobite. Gaius Cornelius. Hgmichna. Gardar Rurak. EAderhold. Airplaneman. Manaskb.org/w/index. Michael Devore. Diodime. Guy Harris.org/w/index. R'n'B. Timtim101. Nekohakase.delanoy. Securitywiki. Wmasterj. GoingBatty.a. Freedomfighter21. Itusg15q4user. Tmaufer.php?oldid=447899712  Contributors: Amorymeltzer.org/w/index. Malcolma. Mendaliv. Edcolins. Nicenevil.wikipedia. Bumm13. 17 anonymous edits NIST RBAC model  Source: http://en. R'n'B.wikipedia.wikipedia. Useight.uk.hprastiawan.org/w/index. Katharineamy.org/w/index. SarahStierch. Jones. PierreAbbat. Dky89. WereSpielChequers. Mancini. Watson Ladd. Fumblebruschi. Lexikorn. Frap. EGSchwartz. CyberSkull. Gerfaut. W163.org/w/index. Diberri.wikipedia. The Anome.org/w/index. Smithwillscott. PeteShanosky. Ashwin18. Bogsat.wikipedia.253. Yuanli. Giftlite. Hooperbloob. Maurreen. Jaffar. Piet Delport. BertK.henderson. BenFrantzDale. Edward Z.wikipedia. BradBeattie.php?oldid=444871256  Contributors: Althena. Giftlite. Btilm. JTN. UU. Btyner. Pyrotec. Mange01. FromOrleans. Francs2000. JMiall. Mleoking. Rholton. Knuckles. MER-C. Ali Esfandiari. 8 anonymous edits Packet generator  Source: http://en. Anaxial. Jerrysmith222. PBP. Wpifer. Ali@gwc.wikipedia.php?oldid=448224650  Contributors: 213. Ec2049. Pedant17. Rdmoore6. Kungfuadam. Tempshill. Jasrocks. Voidxor. Waveguy. Rjwilmsi.wikipedia. Wpifer. Charles Matthews. Networked. NBuccalo. Shilpi2809.php?oldid=447756520  Contributors: AManWithNoPlan.wikipedia.org/w/index. Kvng. Foelectric. Guy Harris. MOM4Evr. PrimroseGuy. MacStep. Chris the speller.wikipedia.delanoy. Storkk. RJHall. That Guy. Tinucherian. Mjb4567. 217.wikipedia. Sephiroth storm Packet Switch Stream  Source: http://en. Thomas d stewart. Alxeedo. Scoutersig. Skapur. The Original Wildbear. Faithtear. Packetman. LeviathinXII. Paulfeakins. 3 anonymous edits Packet analyzer  Source: http://en. Jedi Master Brownlow. Gazpacho. MCBastos. JTN. Jy. I2so4.henderson. 28 anonymous edits Packet injection  Source: http://en.php?oldid=440067247  Contributors: Akshaygs. JeLuF. Kabdcn. No1Jenny. 12 anonymous edits Packet capture  Source: http://en.php?oldid=406216024  Contributors: Baggie. Bobblewik. David-Sarah Hopwood. Casey Abell. Nubiatech. Pearle. Netmoninc. Rememberway. Lee Carre. Margin1522. Pcap. Bloodshedder.39. Yang. Brewhahaitsme. 16 anonymous edits Packet concatenation  Source: http://en. Bjelleklang. Thumperward. Rwhalb. Cxxxap.php?oldid=408353584  Contributors: Adamantios. Chancemill. Omegium. RedWolf. Omegatron. Kbrose. Ninjakttty. 175 anonymous edits Network congestion  Source: http://en. Someone42. Toreau. Idril. Loadmaster. Jpatokal. Badseed. Merope. Jason Stormchild. Nick Number. Steven Zhang. Gurch. Jim. Ppike.php?oldid=442089761  Contributors: Billc. Brooks.125. Getcrunk. W Nowicki. Ewlyahoocom. JonHarder. Tobias Bergemann. RedWolf. 39 anonymous edits Protocol data unit  Source: http://en. Gogo Dodo. Richard cocks.php?oldid=435085280  Contributors: Bearcat. AlistairMcMillan. Mandarax. Darth Panda. Richard W. 325 anonymous edits Packet Assembler/Disassembler  Source: http://en. Martyvis. Betbest1. Bryanarnold. NawlinWiki. Voyagerfan5761.org/w/index. Karada.php?oldid=421972347  Contributors: AlistairMcMillan. Lostchicken. Philbarker. Aldie. Rich Farmbrough. Discospinster. Malcolm. Jpbowen. Deema AlShamaa. GPHemsley. Kvng. Nuno Tavares.php?oldid=444049931  Contributors: A.php?oldid=332547189  Contributors: Phatom87. Polyakov. Mange01. Ioeth. Deineka. Stephen. GrahamDavies. Rogger. Ynhockey. Rick Sidwell. Benhoyt.org/w/index. Xcentaur. Ryan Roos. Jdm64. Woohookitty. The Anome. Groundeyes. DylanW. 802geek. Graeme Bartlett. Kablammo. Ciphers. Itusg15q4user. PaulELong. JNW. Colasoft capsa. Suplamer. Edward. WaffleMonster.wikipedia. Watson1966. Hetar. Corpx. Barberio. JonHarder. Seifried. Psrdotcom. Kvng. Nmatpt. Rabarberski. Roger Davies. M4gnum0n. Jimj wpg. Epbr123.xxx. clown will eat me. Hu12. Ground Zero. From That Show!. Hjf.org/w/index. Tagishsimon. Manop. Winterst. Maurreen. Chris the speller. Plugwash. Mleoking. Jeffmcfarland. J.php?oldid=390003240  Contributors: Guy Harris. JTN.H. Abune. Rich Farmbrough. Ewlyahoocom. The Thing That Should Not Be.wikipedia. Rdmoore6. Mini-Geek.org. L Kensington. Mikeblas.php?oldid=427695232  Contributors: DR (usurped). Devourer09. Bp2010. Calmcz. Jkl. Vary.php?oldid=332547289  Contributors: Big Bob the Finder. Let4time. Mild Bill Hiccup. Xxsquishyxx. MrOllie. Conversion script. Guy Harris. MarkmacVSS. DylanW. NI Team. Sricciar.php?oldid=377480337  Contributors: ApolloCreed. Mild Bill Hiccup.filmond. Zondor. CesarB. Xaje. Zhou Yu. CecilWard. Thumperward. Alantekore.Article Sources and Contributors Maximum transmission unit  Source: http://en.org/w/index. Donreed. Negrulio. Wrs1864. Mebden. Itusg15q4user. Johnbojaen. Niclas Wiberg. Storkk. Ospalh. AxelBoldt. Midnightcomm. Bobier. CesarB's unpriviledged account.combs.henderson. Joy.0. Onthegogo.php?oldid=442837325  Contributors: Bbx. Ishi Gustaedr. Rich Farmbrough. Nv8200p.wikipedia. Veinor. Helix84. Riffle. Bobier. Capricorn42. WereSpielChequers.org/w/index. Boscobiscotti. Josh Parris. QmunkE. Tammyzhou1983. DragonflySixtyseven. Haza-w. Omegatron. Neilc. Ee02b022. Timsk.org/w/index.wikipedia. Karol Langner. Pegship. Ron shelf. Liotier. Marasmusine. Newman9997. Kai. Phatom87. Rjwilmsi.php?oldid=425345090  Contributors: Pnm. Gaius Cornelius. Jpbowen. Wa3frp. Woohookitty.wikipedia. Jamescfield. Kgrr. Avalon. Woohookitty.wikipedia.org/w/index. LouScheffer. Evil saltine. Isnow. Schmloof. 7 anonymous edits Out-of-order delivery  Source: http://en. Jtk. Bsadowski1. Psmith811. ZeroOne. Kthnxrick. Alex6273. Glenn. Jnc. Marksza. Jmaes123. J.H. Waskage. Oli Filth.wikipedia. Fromageestciel. Hcberkowitz. CarolGray. ManuelGR. GoingBatty. Nurg. DeadEyeArrow.Petrenko. Steven. Lightmouse.php?oldid=369677408  Contributors: Adamantios. Bezzm. Intgr.php?oldid=422939538  Contributors: Barberio. Incompetence.wikipedia. Lee Carre. Graeme Bartlett. MER-C. Excirial. El Cubano. Nurg. Michael Devore. Dnas. Smsarmad.wikipedia. 4 anonymous edits Packet transfer delay  Source: http://en. 6 anonymous edits Packet switching  Source: http://en.php?oldid=421573374  Contributors: 4twenty42o. Chameleons84. Fishyghost. Xezbeth. Radiojon. Qwghlm. Dead3y3. Tatrgel. R'n'B. Yuanli. TubularWorld. Christophernoland. Giftlite. Yamaguchi先 生 . Bradyok. Zaf. Gbelknap. Teancum. CIreland. Loftenter. Welsh. Woohookitty. JohnOwens. Eastmain. Jeremy Swinarton. GoingBatty. Storkk. Bearcat. Peruvianllama. JosephBarillari. Rspanton. PaulHanson. Nightstallion. JonHarder. Wheet. Philip Trueman. Hamster2. Bearcat. EagleOne. Gundark. Jamsignal. Hm2k. Тиверополник. Adambiswanger1. SpacePacket. Malcolma. John 34345.org/w/index. Enduser32. David-Sarah Hopwood. 11 anonymous edits Packet segmentation  Source: http://en. Tsange. Whitepaw. Tom94022. AlphaEta. Jpbowen. Dhammala. Crispmuncher. Dcoetzee. Timwi. Djsuess. Joshurtree. Justin Piper.smith. 4 anonymous edits Packet-switched network  Source: http://en. Skyschulz. Andponomarev. Fleminra.php?oldid=441691777  Contributors: Alynna Kasmira.wasylewski. JonHarder. Mitch Ames. Hairy Dude. Тиверополник. Frap. A. Itusg15q4user. Jrtayloriv. Huntscorpio. Kenyon.org/w/index. K12u.org/w/index. Dgtsyb. Discospinster.org/w/index. Aldaron. Lucanos. Gentleman wiki. Ilario. Dkleeman. William Avery. Kgrr. M4gnum0n. CarlHewitt. N3ddy. Nmacu. Jnc.php?oldid=441122659  Contributors: Frap. Teemu Maki. Wireless friend. Jnc. Rogue Editor. Frap. B4hand.dai. PabloCastellano. Tgwaltz. Phatom87. Wafulz. Miracle Pen. Itusg15q4user. CanadianLinuxUser. CosineKitty.henderson. JoanneB. 48 anonymous edits Packet-switching node  Source: http://en. Dhar. Gardar Rurak. NetRolller 3D. Stwalkerster. Torla42.xxx. Xofc. Jaizovic. Foobaz. FJPB. Roy2009. Kbrose.wikipedia. Fresheneesz. 40 anonymous edits Public switched data network  Source: http://en. JIP. Mantipula. Lambiam. Cgarciap86. RedWolf. Jim. Yuanli. Cwolfsheep. Mild Bill Hiccup. Abdull. Closedmouth.wikipedia. Cgdallen. SunCreator. Jedonnelley. Mormegil. Jpbowen. Pgr94.

org/w/index. JonHarder. Jleedev.wikipedia. Zgadot. 1 anonymous edits Start Frame Delimiter  Source: http://en. Nealcardwell. Thomasyen. JonHarder. Kvng. Mboverload.wikipedia. Vobrcz. Frap. Suruena. Algocu.org/w/index. 49 anonymous edits SQLFilter  Source: http://en. SpacePacket. Choalbaton. IMSoP. Enduser. NortyNort. Noted trip3. Ryan Roos. Robofish.Cardenas. Kubanczyk. Discospinster. Sietse Snel. Modify. Clamum. Mikm. Btyner.php?oldid=418660128  Contributors: DanielPharos.org/w/index. Martin Hinks. Fred Condo. Radagast83. Jaeger5432. W Nowicki. R'n'B.php?oldid=332547334  Contributors: Biot. Bonadea. Riggler. Reisio.php?oldid=447807544  Contributors: Are you ready for IPv6?. UnicornTapestry. Ximensions. Melcombe. Storkk. Fschoenm.php?oldid=437942335  Contributors: Daniel. Erik9. OliverTwisted. Wdscxsj. Mmernex. Jeaux Bleaux. 28 anonymous edits Syncword  Source: http://en.Article Sources and Contributors Raw socket  Source: http://en. Sam Hocevar. Rholton. Tassedethe. JMay. Guy Harris. Edward.php?oldid=421971650  Contributors: Invitatious. Edward. Makibaohm. Cmdrjameson. Storkk. Pseudomonas.wikipedia. The Anome.org/w/index. LilHelpa. Pentap101. Jbartas.wikipedia. Fredgoat. Frap. ILF. Greenrd 177 . Tbhotch. 8 anonymous edits Virtual packet  Source: http://en. Flydpnkrtn.org/w/index. Mdupont. The Anome. JonHarder. Kbrose.php?oldid=432452324  Contributors: Adrignola. Legotech.wikipedia. 6 anonymous edits TCP reset attack  Source: http://en.php?oldid=332547365  Contributors: Commnerd. Jgm7.wikipedia. Pparazorback. Jonverve.org/w/index.org/w/index. 2 anonymous edits Statistical time division multiplexing  Source: http://en. Mange01. Phatom87. Mascurader.wikipedia.

php?title=File:Ciscosystemsrouteratcern.svg  License: Public Domain  Contributors: Easyas12c.php?title=File:Check_point_logo.svg  Source: http://en.org/w/index.org/w/index.wikipedia.wikipedia.php?title=File:Unicast.2.wikipedia Image:Ciscosystemsrouteratcern.jpg  License: GNU Free Documentation License  Contributors: Original uploader was Coolcaesar at en.PNG  License: unknown  Contributors: Daichinger.php?title=File:Decrease2.svg  Source: http://en.php?title=File:Viaedge_Logo. H Padleckas.org/w/index.svg  Source: http://en. which was based on Image:Red copyright.org/w/index. PhilKnight.04.php?title=File:Sonicwalllogo.png  License: Fair Use  Contributors: User:Ilyasali khan.04. Licenses and Contributors 178 Image Sources.wikipedia.wikipedia.svg  License: Fair Use  Contributors: Jeff G.1.png  License: Fair Use  Contributors: User:Bjelleklang.php?title=File:Sandvine_logo.org/w/index. 1 anonymous edits Image:standard deviation diagram.php?title=File:Geocast.org/w/index.php?title=File:Labris_Teknoloji_logo-orta.wikipedia. User:Polbot. Technion.org/w/index.png  License: Fair Use  Contributors: User:BetacommandBot.php?title=File:Allot_logo.svg  License: Public Domain  Contributors: Self-made Image:Stressed Eye. User:Iztoku Image:Sandvine logo.svg  Source: http://en.org/w/index.php?title=File:Cisco_logo.org/w/index.5  Contributors: Mwtoews Image:Pdu and sdu.org/w/index.org/w/index.wikipedia.svg  Source: http://en. User:Cydebot. Presidentman.php?title=File:Cast.svg  License: Public Domain  Contributors: Self-made .5.wikipedia.php?title=File:Ciscosystemsheadquarters.svg  License: Public Domain  Contributors: Dbenbenn.wikipedia.svg  Source: http://en.org/w/index.wikipedia.org/w/index.jpg  License: unknown  Contributors: Eraserhead1 image:broadcast.php?title=File:Radware.wikipedia.PNG  Source: http://en. 1 anonymous edits image:multicast.wikipedia. Rockfang.wikipedia..php?title=File:Gufw_9.org/w/index. 1 anonymous edits image:unicast.svg  License: Public Domain  Contributors: Easyas12c. Lupo.0.svg  Source: http://en.png  Source: http://en.wikipedia.) File:Firewall. User:Ehudshapira.php?title=File:Broadcast.wikipedia.svg  Source: http://en.jpg  License: GNU Free Documentation License  Contributors: Coolcaesar File:Labris Teknoloji logo-orta.png  Source: http://en.org/w/index.wikipedia.svg  Source: http://en.png  License: GNU Free Documentation License  Contributors: Phani Bhushan File:Paul Baran.svg  Source: http://en. Sfan00 IMG Image:Sonicwalllogo.svg  Source: http://en.wikipedia.wikipedia.jpg  Source: http://en.svg  Source: http://en.wikipedia. Perhelion image:geocast.php?title=File:Ethernet_frame.2.svg  License: Public Domain  Contributors: Easyas12c.0  Contributors: Bruno Pedrozo Image:Gufw 9.php?title=File:Firewall.php?title=File:Barracuda-networks-logo.svg  License: Public Domain  Contributors: Various.png  Source: http://en.php?title=File:Pdu_and_sdu. Jarekt.org/w/index.wikipedia.svg  License: Public Domain  Contributors: Easyas12c image:anycast. User:Cydebot.wikipedia. User:STBotI File:Increase2.org/w/index.svg  Source: http://en. UrSuS.PNG  Source: http://en.svg  License: Public Domain  Contributors: Easyas12c image:cast.wikipedia.wikipedia. 1 anonymous edits File:Decrease2.png by Duesentrieb.svg  License: Public Domain  Contributors: Sarang Image:Ciscosystemsheadquarters.svg  License: unknown  Contributors: Sarang Image:Barracuda-networks-logo.org/w/index.jpg  License: Free Art License  Contributors: Yasakak Image:Radware. User:MBisanz.org/w/index.png  License: Fair Use  Contributors: Impakti File:Flag of the United States.png  Source: http://en.PNG  License: Creative Commons Attribution-Sharealike 3.wikipedia.png  Source: http://en.wikipedia.Image Sources.php?title=File:PD-icon. Indolences. (Original SVG was based on File:PD-icon.php?title=File:Ethernet_frame.org/w/index. Jacobolus.png by Rfl.wikipedia.wikipedia.php?title=File:Multicast. User:Pabouk Image:Cisco logo.org/w/index.svg  License: Public Domain  Contributors: Mik81 Image:ethernet frame.org/w/index.0.org/w/index.wikipedia.org/w/index.php?title=File:Anycast.png  Source: http://en.php?title=File:Stressed_Eye.jpg  License: Fair Use  Contributors: Lamro Image:Check point logo.svg  Source: http://en.svg  Source: http://en.php?title=File:Increase2. Licenses and Contributors Image:Allot logo.svg  License: Creative Commons Zero  Contributors: Revolus Image:PD-icon. See log.svg  License: Creative Commons Attribution 2.org/w/index.wikipedia.php?title=File:Flag_of_the_United_States.jpg  License: Fair Use  Contributors: Dchapes.wikipedia. Zscout370.wikipedia.png  Source: http://en.org/w/index.jpg  Source: http://en.jpg  Source: http://en. Image:Viaedge Logo.png  License: Fair Use  Contributors: User:Mongolmax Image:Stonesoft Logo.0  Contributors: Gaiterin Image:Ethernet frame.org/w/index.org/w/index.jpg  Source: http://en.jpg  Source: http://en.png  License: Creative Commons Attribution-Sharealike 3.jpg  Source: http://en.php?title=File:Standard_deviation_diagram.php?title=File:Stonesoft_Logo.org/w/index.org/w/index.php?title=File:Paul_Baran.

License 179 License Creative Commons Attribution-Share Alike 3.0 Unported http:/ / creativecommons. 0/ . org/ licenses/ by-sa/ 3.

Frame check sequence.. G.. Broadcasting (computing).Grab your copy now. Martian packet. Context-based access control. Donald Davies. Cisco Express Forwarding. Network intelligence. Link state packet. searching for protocol non-compliance. IPv6 packet. analysis. Gigapackets. Data Path Acceleration Architecture (DPAA). .48. background and everything you need to know. Get the edge.and Much. this book is a unique collection to help you become a master of Deep Packet Inspection (DPI). Stand Out and Pay Off. Cisco Systems. faster than you ever dreamed possible! The information in this book can show you how to be an expert in the field of Deep Packet Inspection (DPI). Check Point... Much More! This book explains in-depth the real drivers and workings of Deep Packet Inspection (DPI).IX -) is a form of computer network packet filtering that examines the data part (and possibly also the header) of a packet as it passes an inspection point. Datakit. Business Control Layer. Sandvine. learn EVERYTHING you need to know about Deep Packet Inspection (DPI). but use of the second header (TCP.” Deep Packet Inspection (DPI) (also called complete packet inspection and Information eXtraction . Dynamic Packet Transport. UDP etc. Deep Packet Inspection (and filtering) enables advanced network management. while you still can. NebuAd. GSM 03. Here you will find the most up-to-date information. Viaedge. Paul Baran. viruses. The #1 ALL ENCOMPASSING Guide to Deep Packet Inspection (DPI). Black hole (networking). Firewall (computing).) is normally considered to be shallow packet inspection (usually called Stateful Packet Inspection) despite this definition. With the Least Amount of Effort. Active queue management. Catenet. DPI is currently being used by the enterprise. Allot Communications. Stop Searching.. and ace any discussion. and security functions as well as internet data mining. Front Porch. Jitter. Stonesoft Corporation. user service.. Theta Networks. proposal and implementation with the ultimate book – guaranteed to give you the education that you need. Jumbogram. Barracuda Networks. eavesdropping. and censorship. Radware. time and resources investment decisions by enabling you to compare your understanding of Deep Packet Inspection (DPI) with the objectivity of experienced professionals . Datagram. some advocates of net neutrality fear that the technology can be used anticompetitively or to reduce the openness of the Internet. Narus (company). network equipment only needs to use the first of these (the IP header) for normal operation. Mangled packet. There are multiple headers for IP packets. It reduces the risk of your technology. In 2 Days Or Less. Network packet. “Here’s Your Chance To Skip The Struggle and Master Deep Packet Inspection (DPI). Chernobyl packet.8261. A quick look inside: Deep packet inspection. spam. or for the purpose of collecting statistical information. Frame (networking). Jumbo frame. This book is your ultimate resource for Deep Packet Inspection (DPI). service providers and governments in a wide range of applications. Cut-through switching. Fast packet switching. Berkeley Packet Filter. Lag. SonicWALL. In easy to read chapters. Packet loss. Although DPI technology has been used for Internet management for many years. Are you looking to learn more about Deep Packet Inspection (DPI)? You’re about to discover the most spectacular gold mine of Deep Packet Inspection (DPI) materials ever created. Deterministic jitter. Labris Teknoloji. Christmas tree packet.The Knowledge Solution. Data-dependent jitter. Blue (queue management algorithm). with extensive references and links to get you to know all there is to know about Deep Packet Inspection (DPI) right away. An Important Message for ANYONE who wants to learn about Deep Packet Inspection (DPI) Quickly and Easily. intrusions or predefined criteria to decide if the packet can pass or if it needs to be routed to a different destination.

You're Reading a Free Preview

Download
scribd