Regular Expression (RegEx) Searching Using Ixia’s ATI Processor (ATIP)
Often in a network, you may want to identify patterns in traffic: credit card numbers, email addresses, filenames, or other items. The easiest way to look for these is by specifying a regular expression, which is a convenient way of describing what a string looks like. For example, a RegEx string which would search for the words “bat,” “bet,” or “bit” might look like
In a network packet broker (NPB), this is a particularly useful feature. You might be debugging a user email problem, so you want to search for any connections containing that email address and forward those connections to your network recording device. In a “lawful intercept” scenario, you might be searching for a particular phone number. Or you might want to search for a particular filename, URL, or credit card number.
Ixia’s Application and Threat Intelligence Processor (ATIP), available in multiple NTO platforms, allows an easy way to search for regular expressions in different applications without any complex scripting or programming knowledge. In this video, you’ll see how to search for particular email addresses in SMTP connections. ATIP can then forward email connections containing that address or a monitoring tool, show real-time statistics on the UI, or generate Netflow data.
If there are other how-to videos you’d like to see, please send an email or a message on twitter and we’ll get it posted.