US 12,170,681 B2
Method and system for detecting data traffic in a communication network
Harald Albrecht, Nuremberg (DE); Stefan Kern, Karlsruhe (DE); and Lars Walpurgis, Nuremberg (DE)
Assigned to SIEMENS AKTIENGESELLSCHAFT, Munich (DE)
Appl. No. 17/802,429
Filed by Siemens Aktiengesellschaft, Munich (DE)
PCT Filed Jan. 29, 2021, PCT No. PCT/EP2021/052065
§ 371(c)(1), (2) Date Aug. 25, 2022,
PCT Pub. No. WO2021/170342, PCT Pub. Date Sep. 2, 2021.
Claims priority of application No. 20160112 (EP), filed on Feb. 28, 2020.
Prior Publication US 2023/0085505 A1, Mar. 16, 2023
Int. Cl. H04L 9/00 (2022.01); H04L 9/40 (2022.01)
CPC H04L 63/1425 (2013.01) [H04L 63/0823 (2013.01); H04L 63/1416 (2013.01); H04L 63/20 (2013.01)] 15 Claims
OG exemplary drawing
 
1. A method for detecting data traffic in a communication network comprising at least one network infrastructure device, to which at least a first and a second communication terminal are connected, the method comprising:
providing, via the at least one network infrastructure device, a monitoring interface arranged in at the at least one network infrastructure device, said monitoring interface detecting data traffic between at least the first and second communication devices, at least the first and the second communication terminal being connected to the least one network infrastructure device, and the monitoring interface being associated with the first and second communication terminals and being protected against unauthorized access;
ascertaining, via a device detection apparatus, interface information which includes available monitoring interfaces on network infrastructure devices and address information associated with the monitoring interfaces, and providing said interface information to at least one logging apparatus which is physically separate from the at least one network infrastructure device, a respective monitoring interface of the first network infrastructure device of the plurality of network infrastructure devices being directly, operatively connected to the at least one logging apparatus; and
responding, by the logging apparatus, to a request from a user to detect the data traffic between the first and second communication terminals by taking the interface information provided via the device detection apparatus as a basis for accessing the monitoring interface associated with the first and second communication terminals and at least temporarily storing data traffic detected at the monitoring interface;
wherein an evaluation apparatus which is physically separate from and directly, operatively coupled to the at least one logging apparatus provides a cluster capture service which includes monitoring functions for data traffic and virtualized communication networks.