Intrusion detection for virtual layer-2 services
Originating portfolio: ALU
Estimated expiration: 2030-Mar-11
Potentially relevant companies (3): Barracuda Networks, Inc., Cisco Systems, Inc., Juniper Networks Inc.
Products & technologies (1): Network:Firewall
A method of detecting an attempt of an intruder system (30) to participate in a virtual Layer-2 service in a packet switching network, characterized in that said method also comprises the steps of :
monitoring an operational status of an interface port (PI) of a provider edge router (PE 1) to which a customer edge router (CE 1) is communicatively coupled for providing the virtual Layer-2 service;
detecting a change has occurred in the operational status of said interface port (PI) of said provider edge router (PEI);
retrieving a current version of information related to said customer edge router (CE 1);
comparing the current version of the information to an initial version of the information;
interpreting a difference between the versions of information to indicate that an intruder system (30) has attempted to participate in the virtual Layer-2 service,
disabling the interface port (PI) upon making said interpretation, and wherein the information includes configuration data other than a MAC or IP address relating to the
customer edge router (CE 1) which is obtainable from the customer edge router (CE1) via a management entity (14).
Interested in licensing a slice of this patent? Contact us to take the next step, or read about our method to understand the logistics.