Revision as of 01:20, 23 July 2004 edit Angela (talk \| contribs) Extended confirmed users 45,369 edits mNo edit summary ← Previous edit		Revision as of 22:41, 30 January 2005 edit undo Sam Hocevar (talk \| contribs) Extended confirmed users, Rollbackers 25,001 edits m spelling Next edit →
Line 1: '''Network Based Application Recognition''' (NBAR) is the mechanism used to recognize a dataflow by the first [[packet]] sent. The [[Computer network\|networking]] equipment which uses NBAR does a [[deep packet inspection]] on the first packet in a dataflow, to determine which traffic category the flow belongs to. It then programmes the internal [[ASIC]]s to handle this flow ~~appropriatly~~appropriately. The categorisation is usually done with [[OSI-layer4]] info, but new applications have made it difficult to cling to this kind of tagging. The NBAR approach is useful in dealing with malicious [[software]] using known [[Port (computing)\|ports]] to fake being "priority traffic", as well as non-standard apps using non-determinaly ports.

Network Based Application Recognition: Difference between revisions