Network sensor deployment for deep packet inspection

Assignee

• Rapid7, Inc. · US

Inventors

• John Brosnan · Galway, IE
• Jeff Myers · Paradise Valley, US
• Andriy Lyubka · Galway, IE
• Darragh Delaney · Claremorris, IE
• Erran Carey · Newtownabbey, GB
• Martin Hutchings · Lisburn, GB
• Ralph McTeggart · Belfast, GB
• Ryan Williams · Lisburn, GB
• Daniel Skelton · Belfast, GB
• Luke Coughlan · Galway, IE
• Gianpaolo Tedesco · Seoul, KR
• Luis Ramos dos Santos Lopes · Galway, IE
• Lars-Kristian Svenoy · Belfast, GB
• Dan-Adrian Moinescu · Brăila, RO
• Niall Cochrane · Belfast, GB
• Morgan Doyle · Cork, IE
• Sarah Addis · Belfast, GB

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L69/326
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

Disclosed herein are methods, systems, and processes for centralized containerized deployment of network traffic sensors to network sensor hosts for deep packet inspection (DPI) that supports various other cybersecurity operations. A network sensor package containing a pre-configured network sensor container is received by a network sensor host from a network sensor deployment server. Installation of the network sensor package on the network sensor host causes execution of the network sensor container that further causes deployment of an on-premise network sensor along with a network sensor management system, a DPI system, and an intrusion detection/prevention (IDS/IPS) system. The configurable on-premise network sensor is deployed on multiple operating system distributions of the network sensor host and generates actionable network metadata using DPI techniques for optimized log search and management and improved intrusion detection and response (IDR) operations.