WO2001043392A3 - System and method for enabling scalable security in a virtual private network - Google Patents

System and method for enabling scalable security in a virtual private network Download PDF

Info

Publication number
WO2001043392A3
WO2001043392A3 PCT/US2000/042630 US0042630W WO0143392A3 WO 2001043392 A3 WO2001043392 A3 WO 2001043392A3 US 0042630 W US0042630 W US 0042630W WO 0143392 A3 WO0143392 A3 WO 0143392A3
Authority
WO
WIPO (PCT)
Prior art keywords
security
processes
level
private network
virtual private
Prior art date
Application number
PCT/US2000/042630
Other languages
French (fr)
Other versions
WO2001043392A2 (en
Inventor
Germano Caronni
Amit Cupta
Tom R Markson
Sandeep Kumar
Christoph L Schuba
Glenn C Scott
Original Assignee
Sun Microsystems Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Sun Microsystems Inc filed Critical Sun Microsystems Inc
Priority to AU43109/01A priority Critical patent/AU4310901A/en
Publication of WO2001043392A2 publication Critical patent/WO2001043392A2/en
Publication of WO2001043392A3 publication Critical patent/WO2001043392A3/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0272Virtual private networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • H04L61/2514Translation of Internet protocol [IP] addresses between local and global IP addresses
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • H04L61/2521Translation architectures other than single NAT servers
    • H04L61/2525Translation at a client
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • H04L61/255Maintenance or indexing of mapping tables
    • H04L61/2553Binding renewal aspects, e.g. using keep-alive messages
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • H04L61/256NAT traversal
    • H04L61/2575NAT traversal using address mapping retrieval, e.g. simple traversal of user datagram protocol through session traversal utilities for NAT [STUN]

Abstract

Methods and systems consistent with the present invention provide dynamic security policies that change the granularity of the security at the node level, process level, or socket level. Specifically, a channel number and virtual address are associated with various processes included in a process table. Since a security policy is required for all processes, secure and insecure processes located on the same channel may communicate with one another. Moreover, processes located on different channels may communicate with one another by a gateway that connects both channels. This scalable blanketing security approach provides an institutionalized method for securing any process, node or socket by providing a unique mechanism for policy enforcement at runtime or by changing the security policies.
PCT/US2000/042630 1999-12-10 2000-12-08 System and method for enabling scalable security in a virtual private network WO2001043392A2 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
AU43109/01A AU4310901A (en) 1999-12-10 2000-12-08 System and method for enabling scalable security in a virtual private network

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US09/457,914 1999-12-10
US09/457,914 US7765581B1 (en) 1999-12-10 1999-12-10 System and method for enabling scalable security in a virtual private network

Publications (2)

Publication Number Publication Date
WO2001043392A2 WO2001043392A2 (en) 2001-06-14
WO2001043392A3 true WO2001043392A3 (en) 2002-02-21

Family

ID=23818571

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2000/042630 WO2001043392A2 (en) 1999-12-10 2000-12-08 System and method for enabling scalable security in a virtual private network

Country Status (3)

Country Link
US (1) US7765581B1 (en)
AU (1) AU4310901A (en)
WO (1) WO2001043392A2 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11966482B2 (en) 2021-03-30 2024-04-23 Sophos Limited Managing untyped network traffic flows

Families Citing this family (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2003003666A1 (en) * 2001-06-27 2003-01-09 Hyglo Ab System and method for providing services in virtual private networks
CN100428712C (en) * 2003-12-24 2008-10-22 华为技术有限公司 Method for implementing mixed-granularity virtual cascade
US7647622B1 (en) * 2005-04-22 2010-01-12 Symantec Corporation Dynamic security policy through use of empirical security events
US7954143B2 (en) * 2006-11-13 2011-05-31 At&T Intellectual Property I, Lp Methods, network services, and computer program products for dynamically assigning users to firewall policy groups
CA2585808A1 (en) * 2007-03-26 2008-09-26 David Ker Method and system for implementing a secured and centrally managed virtual ip network on a common ip network infrastructure
US10419374B1 (en) 2010-07-09 2019-09-17 Gummarus, Llc Methods, systems, and computer program products for processing a request for a resource in a communication
US20140172998A1 (en) * 2012-12-16 2014-06-19 Deep River Ventures, Llc Methods, Systems, and Computer Program Products for Browsing Via a Communications Agent
US10171392B1 (en) 2010-07-09 2019-01-01 Gummarus LLC Methods, systems, and computer program products for processing a request for a resource in a communication
US10212112B1 (en) 2010-07-09 2019-02-19 Gummarus LLC Methods, systems, and computer program products for processing a request for a resource in a communication
US10015122B1 (en) 2012-10-18 2018-07-03 Sitting Man, Llc Methods and computer program products for processing a search
US10158590B1 (en) 2010-07-09 2018-12-18 Gummarus LLC Methods, systems, and computer program products for processing a request for a resource in a communication
US8793766B2 (en) 2012-03-13 2014-07-29 International Business Machines Corporation Method and apparatus for security-aware elasticity of application and services
US10013158B1 (en) 2012-09-22 2018-07-03 Sitting Man, Llc Methods, systems, and computer program products for sharing a data object in a data store via a communication
US10021052B1 (en) 2012-09-22 2018-07-10 Sitting Man, Llc Methods, systems, and computer program products for processing a data object identification request in a communication
US10033672B1 (en) 2012-10-18 2018-07-24 Sitting Man, Llc Methods and computer program products for browsing using a communicant identifier
US10019135B1 (en) 2012-10-18 2018-07-10 Sitting Man, Llc Methods, and computer program products for constraining a communication exchange
US10878110B2 (en) * 2017-09-12 2020-12-29 Sophos Limited Dashboard for managing enterprise network traffic

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1989008887A1 (en) * 1988-03-11 1989-09-21 Qpsx Communications Ltd. Access security system for switched communications networks
EP0887981A2 (en) * 1997-06-26 1998-12-30 Sun Microsystems, Inc. Layer-independent security for communication channels

Family Cites Families (142)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
IN165278B (en) * 1984-09-21 1989-09-09 Digital Equipment Corp
US4825354A (en) 1985-11-12 1989-04-25 American Telephone And Telegraph Company, At&T Bell Laboratories Method of file access in a distributed processing computer network
JPH087709B2 (en) 1989-05-15 1996-01-29 インターナシヨナル・ビジネス・マシーンズ・コーポレーシヨン Access privilege control method and system
NO168860C (en) 1989-11-13 1992-04-08 Alcatel Stk As COMMUNICATION NETWORK
JP3080382B2 (en) 1990-02-21 2000-08-28 株式会社日立製作所 Cryptographic communication system
JPH04211802A (en) * 1990-07-25 1992-08-03 Toshiba Corp Neural network device
US5220604A (en) 1990-09-28 1993-06-15 Digital Equipment Corporation Method for performing group exclusion in hierarchical group structures
US5241599A (en) 1991-10-02 1993-08-31 At&T Bell Laboratories Cryptographic protocol for secure communications
US5519833A (en) 1992-08-13 1996-05-21 Computervision Corporation Distributed data processing system providing a distributed stream software environment to enable application on a first system to use driver on a second system
US6018771A (en) 1992-11-25 2000-01-25 Digital Equipment Corporation Dynamic assignment of multicast network addresses
US5452456A (en) 1992-12-18 1995-09-19 Apple Computer, Inc. Apparatus for executing a plurality of program segments having different object code types in a single program or processor environment
US5331637A (en) 1993-07-30 1994-07-19 Bell Communications Research, Inc. Multicast routing using core based trees
US6279029B1 (en) 1993-10-12 2001-08-21 Intel Corporation Server/client architecture and method for multicasting on a computer network
US5604803A (en) 1994-06-03 1997-02-18 Sun Microsystems, Inc. Method and apparatus for secure remote authentication in a public network
US5548646A (en) 1994-09-15 1996-08-20 Sun Microsystems, Inc. System for signatureless transmission and reception of data packets between computer networks
US5864683A (en) 1994-10-12 1999-01-26 Secure Computing Corporartion System for providing secure internetwork by connecting type enforcing secure computers to external network for limiting access to data based on user and process access rights
US5623601A (en) 1994-11-18 1997-04-22 Milkway Networks Corporation Apparatus and method for providing a secure gateway for communication and data exchanges between networks
FR2727269B1 (en) 1994-11-21 1997-01-17 Allegre Francois ACCESS CONTROL SYSTEM FOR COMPUTER MACHINES CONNECTED IN A PRIVATE NETWORK
CA2137587C (en) 1994-12-08 1999-03-23 Murray Charles Baker Broadcast/multicast filtering by the bridge-based access point
GB9501378D0 (en) 1995-01-24 1995-03-15 Ibm A system and method for establishing a communication channel over a heterogeneous network between a source node and a destination node
US5905984A (en) 1995-01-26 1999-05-18 Thorsen; Hans Verner Computer-implemented control of access to atomic data items
US6467054B1 (en) 1995-03-13 2002-10-15 Compaq Computer Corporation Self test for storage device
US5608865A (en) * 1995-03-14 1997-03-04 Network Integrity, Inc. Stand-in Computer file server providing fast recovery from computer file server failures
US5572528A (en) * 1995-03-20 1996-11-05 Novell, Inc. Mobile networking method and apparatus
US5696763A (en) 1995-04-04 1997-12-09 Starlight Networks Multicast routing technique
US5586121A (en) 1995-04-21 1996-12-17 Hybrid Networks, Inc. Asymmetric hybrid access system and method
US5758182A (en) * 1995-05-15 1998-05-26 Nvidia Corporation DMA controller translates virtual I/O device address received directly from application program command to physical i/o device address of I/O device on device bus
US5802320A (en) 1995-05-18 1998-09-01 Sun Microsystems, Inc. System for packet filtering of data packets at a computer network interface
JP3262689B2 (en) 1995-05-19 2002-03-04 富士通株式会社 Remote control system
US5636371A (en) * 1995-06-07 1997-06-03 Bull Hn Information Systems Inc. Virtual network mechanism to access well known port application programs running on a single host system
US5657390A (en) * 1995-08-25 1997-08-12 Netscape Communications Corporation Secure socket layer application program apparatus and method
US6226678B1 (en) * 1995-09-25 2001-05-01 Netspeak Corporation Method and apparatus for dynamically defining data communication utilities
US6560707B2 (en) 1995-11-06 2003-05-06 Xerox Corporation Multimedia coordination system
US6370552B1 (en) * 1997-05-14 2002-04-09 Citrix Systems, Inc. Apparatus and method for displaying application output in an HTML document
US5771291A (en) 1995-12-11 1998-06-23 Newton; Farrell User identification and authentication system using ultra long identification keys and ultra large databases of identification keys for secure remote terminal access to a host computer
DE59510586D1 (en) 1995-12-21 2003-04-17 Siemens Ag Method for forming routing information in an ATM communication network
US5963731A (en) * 1995-12-25 1999-10-05 Hitachi, Ltd. Method of assisting execution of plural simulation programs for coupled simulation
US5835723A (en) 1995-12-28 1998-11-10 Intel Corporation Dynamic assignment of multicast addresses
US6148323A (en) 1995-12-29 2000-11-14 Hewlett-Packard Company System and method for managing the execution of system management
US6859783B2 (en) * 1995-12-29 2005-02-22 Worldcom, Inc. Integrated interface for web based customer care and trouble management
US5913024A (en) 1996-02-09 1999-06-15 Secure Computing Corporation Secure server utilizing separate protocol stacks
US5856974A (en) 1996-02-13 1999-01-05 Novell, Inc. Internetwork address mapping gateway
JP3131137B2 (en) * 1996-02-28 2001-01-31 株式会社日立製作所 Virtual network system
US6108304A (en) 1996-03-08 2000-08-22 Abe; Hajime Packet switching network, packet switching equipment, and network management equipment
US5790548A (en) 1996-04-18 1998-08-04 Bell Atlantic Network Services, Inc. Universal access multimedia data network
AU707905B2 (en) 1996-04-24 1999-07-22 Nortel Networks Corporation Internet protocol filter
US5933420A (en) 1996-04-30 1999-08-03 3Com Corporation Method and apparatus for assigning spectrum of a wireless local area network
US5802397A (en) * 1996-05-23 1998-09-01 International Business Machines Corporation System for storage protection from unintended I/O access using I/O protection key by providing no control by I/O key entries over access by CP entity
US5748736A (en) 1996-06-14 1998-05-05 Mittra; Suvo System and method for secure group communications via multicast or broadcast
JP3937475B2 (en) 1996-06-14 2007-06-27 キヤノン株式会社 Access control system and method
US5774660A (en) * 1996-08-05 1998-06-30 Resonate, Inc. World-wide-web server with delayed resource-binding for resource-based load balancing on a distributed resource multi-node network
US6532543B1 (en) 1996-08-13 2003-03-11 Angel Secure Networks, Inc. System and method for installing an auditable secure network
US5950195A (en) 1996-09-18 1999-09-07 Secure Computing Corporation Generalized security policy management system and method
US5774739A (en) * 1996-09-20 1998-06-30 Bay Networks, Inc. Using a lockup processor to search a table of keys whose entries contain instruction pointer values of code to execute if key is found
US6185215B1 (en) * 1996-10-15 2001-02-06 International Business Machines Corporation Combined router, ATM, WAN and/or LAN switch (CRAWLS) cut through and method of use
US5987506A (en) 1996-11-22 1999-11-16 Mangosoft Corporation Remote access and geographically distributed computers in a globally addressable storage environment
US6002689A (en) 1996-11-22 1999-12-14 Sprint Communications Co. L.P. System and method for interfacing a local communication device
US5884024A (en) 1996-12-09 1999-03-16 Sun Microsystems, Inc. Secure DHCP server
US6061346A (en) 1997-01-17 2000-05-09 Telefonaktiebolaget Lm Ericsson (Publ) Secure access method, and associated apparatus, for accessing a private IP network
US6055575A (en) 1997-01-28 2000-04-25 Ascend Communications, Inc. Virtual private network system and method
US6600733B2 (en) * 1997-02-06 2003-07-29 Verizon Laboratories Inc. System for interconnecting packet-switched and circuit-switched voice communications
US6111858A (en) * 1997-02-18 2000-08-29 Virata Limited Proxy-controlled ATM subnetwork
US6130892A (en) 1997-03-12 2000-10-10 Nomadix, Inc. Nomadic translator or router
US6026430A (en) 1997-03-24 2000-02-15 Butman; Ronald A. Dynamic client registry apparatus and method
US6141339A (en) 1997-04-04 2000-10-31 Sprint Communications Company, L.P. Telecommunications system
US5987453A (en) 1997-04-07 1999-11-16 Informix Software, Inc. Method and apparatus for performing a join query in a database system
US6067608A (en) * 1997-04-15 2000-05-23 Bull Hn Information Systems Inc. High performance mechanism for managing allocation of virtual memory buffers to virtual processes on a least recently used basis
US6212558B1 (en) 1997-04-25 2001-04-03 Anand K. Antur Method and apparatus for configuring and managing firewalls and security devices
US6175916B1 (en) * 1997-05-06 2001-01-16 Microsoft Corporation Common-thread inter-process function calls invoked by jumps to invalid addresses
US6173399B1 (en) 1997-06-12 2001-01-09 Vpnet Technologies, Inc. Apparatus for implementing virtual private networks
US6134591A (en) 1997-06-18 2000-10-17 Client/Server Technologies, Inc. Network security and integration method and system
US6330671B1 (en) 1997-06-23 2001-12-11 Sun Microsystems, Inc. Method and system for secure distribution of cryptographic keys on multicast networks
US6049528A (en) * 1997-06-30 2000-04-11 Sun Microsystems, Inc. Trunking ethernet-compatible networks
US6098108A (en) * 1997-07-02 2000-08-01 Sitara Networks, Inc. Distributed directory for enhanced network communication
US6307837B1 (en) 1997-08-12 2001-10-23 Nippon Telegraph And Telephone Corporation Method and base station for packet transfer
US6061796A (en) 1997-08-26 2000-05-09 V-One Corporation Multi-access virtual private network
US6275938B1 (en) 1997-08-28 2001-08-14 Microsoft Corporation Security enhancement for untrusted executable code
US5931947A (en) 1997-09-11 1999-08-03 International Business Machines Corporation Secure array of remotely encrypted storage devices
US7225249B1 (en) * 1997-09-26 2007-05-29 Mci, Llc Integrated systems for providing communications network management services and interactive generating invoice documents
US6470386B1 (en) * 1997-09-26 2002-10-22 Worldcom, Inc. Integrated proxy interface for web based telecommunications management tools
US6745229B1 (en) * 1997-09-26 2004-06-01 Worldcom, Inc. Web based integrated customer interface for invoice reporting
CA2217277A1 (en) 1997-10-03 1999-04-03 Newbridge Networks Corporation Automatic link establishment for distributed servers in atm networks
CA2217267A1 (en) 1997-10-03 1999-04-03 Newbridge Networks Corporation Scalable, robust configuration of edge forwarders in a distributed router
US6188694B1 (en) 1997-12-23 2001-02-13 Cisco Technology, Inc. Shared spanning tree protocol
US6339595B1 (en) 1997-12-23 2002-01-15 Cisco Technology, Inc. Peer-model support for virtual private networks with potentially overlapping addresses
US6049878A (en) 1998-01-20 2000-04-11 Sun Microsystems, Inc. Efficient, secure multicasting with global knowledge
US6079020A (en) * 1998-01-27 2000-06-20 Vpnet Technologies, Inc. Method and apparatus for managing a virtual private network
JP3609599B2 (en) * 1998-01-30 2005-01-12 富士通株式会社 Node proxy system, node monitoring system, method thereof, and recording medium
US6259791B1 (en) 1998-02-26 2001-07-10 Motorola, Inc. Method and apparatus in a wireless messaging system for controlling a hierarchical provision of service
US6353614B1 (en) 1998-03-05 2002-03-05 3Com Corporation Method and protocol for distributed network address translation
US6453419B1 (en) 1998-03-18 2002-09-17 Secure Computing Corporation System and method for implementing a security policy
JPH11275068A (en) 1998-03-20 1999-10-08 Fujitsu Ltd Key management server, terminal equipment for chat system, chat system and recording medium
US6141755A (en) 1998-04-13 2000-10-31 The United States Of America As Represented By The Director Of The National Security Agency Firewall security apparatus for high-speed circuit switched networks
US5999531A (en) 1998-04-17 1999-12-07 Cabletron Systems, Inc. Method and system for identifying ports and forwarding packets in a multiport switch
US6226751B1 (en) 1998-04-17 2001-05-01 Vpnet Technologies, Inc. Method and apparatus for configuring a virtual private network
US6175917B1 (en) 1998-04-23 2001-01-16 Vpnet Technologies, Inc. Method and apparatus for swapping a computer operating system
US6219694B1 (en) 1998-05-29 2001-04-17 Research In Motion Limited System and method for pushing information from a host system to a mobile data communication device having a shared electronic address
US6557037B1 (en) * 1998-05-29 2003-04-29 Sun Microsystems System and method for easing communications between devices connected respectively to public networks such as the internet and to private networks by facilitating resolution of human-readable addresses
JP3581251B2 (en) 1998-06-16 2004-10-27 株式会社東芝 Communication system, data packet transfer method, router device, and packet relay device
JP3969467B2 (en) * 1998-06-17 2007-09-05 富士通株式会社 Network system, transmission / reception method, transmission device, reception device, and recording medium
US6836483B1 (en) * 1998-06-24 2004-12-28 Research Investment Network, Inc. Message system for asynchronous transfer
US6212633B1 (en) 1998-06-26 2001-04-03 Vlsi Technology, Inc. Secure data communication over a memory-mapped serial communications interface utilizing a distributed firewall
US6446109B2 (en) 1998-06-29 2002-09-03 Sun Microsystems, Inc. Application computing environment
US7082391B1 (en) * 1998-07-14 2006-07-25 Intel Corporation Automatic speech recognition
US6192394B1 (en) 1998-07-14 2001-02-20 Compaq Computer Corporation Inter-program synchronous communications using a collaboration software system
US6434156B1 (en) 1998-07-24 2002-08-13 Nortel Networks Limited Virtual switching for interconnected networks
US6751729B1 (en) 1998-07-24 2004-06-15 Spatial Adventures, Inc. Automated operation and security system for virtual private networks
US6078586A (en) 1998-08-03 2000-06-20 Mci Communications Corporation ATM virtual private networks
US6304973B1 (en) 1998-08-06 2001-10-16 Cryptek Secure Communications, Llc Multi-level security network system
US6401128B1 (en) 1998-08-07 2002-06-04 Brocade Communiations Systems, Inc. System and method for sending and receiving frames between a public device and a private device
US6505255B1 (en) 1999-04-29 2003-01-07 Mitsubishi Electric Information Technology Center America, Inc. (Ita) Method for formatting and routing data between an external network and an internal network
US6487600B1 (en) 1998-09-12 2002-11-26 Thomas W. Lynch System and method for supporting multimedia communications upon a dynamically configured member network
US6377811B1 (en) 1998-09-28 2002-04-23 Sharp Laboratories Of America, Inc. Wireless communications system and method of virtual line/direct station selection
US6546425B1 (en) * 1998-10-09 2003-04-08 Netmotion Wireless, Inc. Method and apparatus for providing mobile and other intermittent connectivity in a computing environment
US6691230B1 (en) 1998-10-15 2004-02-10 International Business Machines Corporation Method and system for extending Java applets sand box with public client storage
US6463470B1 (en) 1998-10-26 2002-10-08 Cisco Technology, Inc. Method and apparatus of storing policies for policy-based management of quality of service treatments of network data traffic flows
US6286052B1 (en) * 1998-12-04 2001-09-04 Cisco Technology, Inc. Method and apparatus for identifying network data traffic flows and for applying quality of service treatments to the flows
US6393485B1 (en) 1998-10-27 2002-05-21 International Business Machines Corporation Method and apparatus for managing clustered computer systems
JP3644579B2 (en) 1998-10-29 2005-04-27 富士通株式会社 Security enhancement method and apparatus
US6826616B2 (en) 1998-10-30 2004-11-30 Science Applications International Corp. Method for establishing secure communication link between computers of virtual private network
BR9908762A (en) 1998-11-02 2004-02-25 Integrated Data Communications Geospatial Internet Protocol Addressing
US6308282B1 (en) 1998-11-10 2001-10-23 Honeywell International Inc. Apparatus and methods for providing fault tolerance of networks and network interface cards
US6493349B1 (en) 1998-11-13 2002-12-10 Nortel Networks Limited Extended internet protocol virtual private network architectures
US6253238B1 (en) 1998-12-02 2001-06-26 Ictv, Inc. Interactive cable television system with frame grabber
US6615349B1 (en) 1999-02-23 2003-09-02 Parsec Sight/Sound, Inc. System and method for manipulating a computer file and/or program
US6484257B1 (en) 1999-02-27 2002-11-19 Alonzo Ellis System and method for maintaining N number of simultaneous cryptographic sessions using a distributed computing environment
US6507908B1 (en) 1999-03-04 2003-01-14 Sun Microsystems, Inc. Secure communication with mobile hosts
US6081900A (en) 1999-03-16 2000-06-27 Novell, Inc. Secure intranet access
US6393484B1 (en) 1999-04-12 2002-05-21 International Business Machines Corp. System and method for controlled access to shared-medium public and semi-public internet protocol (IP) networks
US6466964B1 (en) * 1999-06-15 2002-10-15 Cisco Technology, Inc. Methods and apparatus for providing mobility of a node that does not support mobility
US6505192B1 (en) 1999-08-12 2003-01-07 International Business Machines Corporation Security rule processing for connectionless protocols
US6415323B1 (en) 1999-09-03 2002-07-02 Fastforward Networks Proximity-based redirection system for robust and scalable service-node location in an internetwork
US6693878B1 (en) 1999-10-15 2004-02-17 Cisco Technology, Inc. Technique and apparatus for using node ID as virtual private network (VPN) identifiers
US6353891B1 (en) 2000-03-20 2002-03-05 3Com Corporation Control channel security for realm specific internet protocol
US6631416B2 (en) * 2000-04-12 2003-10-07 Openreach Inc. Methods and systems for enabling a tunnel between two computers on a network
US6874152B2 (en) 2000-04-19 2005-03-29 Nowavision, Llc System for accessing content by virtual remote control through mapping channel codes to network addresses
GB2363297B (en) 2000-06-09 2004-04-07 Hewlett Packard Co Secure network communications
US7168093B2 (en) 2001-01-25 2007-01-23 Solutionary, Inc. Method and apparatus for verifying the integrity and security of computer networks and implementation of counter measures
US7136374B1 (en) 2001-03-19 2006-11-14 Juniper Networks, Inc. Transport networks supporting virtual private networks, and configuring such networks
US6662198B2 (en) 2001-08-30 2003-12-09 Zoteca Inc. Method and system for asynchronous transmission, backup, distribution of data and file sharing
US6804777B2 (en) 2002-05-15 2004-10-12 Threatguard, Inc. System and method for application-level virtual private network
US6755692B2 (en) * 2002-08-06 2004-06-29 Wen-Hao Hsu Connecting pin structure for a transformer core

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1989008887A1 (en) * 1988-03-11 1989-09-21 Qpsx Communications Ltd. Access security system for switched communications networks
EP0887981A2 (en) * 1997-06-26 1998-12-30 Sun Microsystems, Inc. Layer-independent security for communication channels

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
FREIER A O ET AL: "THE SSL PROTOCOL VERSION 3.0", INTERNET DRAFT, XX, XX, 18 November 1996 (1996-11-18), pages ABSTRACTS,1 - 72, XP002923866 *

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11966482B2 (en) 2021-03-30 2024-04-23 Sophos Limited Managing untyped network traffic flows

Also Published As

Publication number Publication date
WO2001043392A2 (en) 2001-06-14
US7765581B1 (en) 2010-07-27
AU4310901A (en) 2001-06-18

Similar Documents

Publication Publication Date Title
WO2001043392A3 (en) System and method for enabling scalable security in a virtual private network
WO2005057827A3 (en) 802.1x authentication technique for share media
WO2003005245A3 (en) Systems and methods of information backup
WO2002086715A3 (en) Integrated procedure for partitioning network data services among multiple subscribers
WO2006063002A3 (en) Performing security functions on a message payload in a network element
CA2277054A1 (en) Secure access method, and associated apparatus, for accessing a private data communication network
GB2447143A (en) Controller area network based self-configuring vehicle management system and method
WO2003019798A3 (en) System and method for collision-free transmission scheduling using neighborhood information and advertised transmission times
WO2004038563A3 (en) System and method for automatically launching and accessing network addresses and applications
FI974665A0 (en) Method of verification of the packet by means of a modifier and the addresser and protocol
TW362177B (en) Method for enabling objects outside a computer system security firewall to obtain data connections to selected objects inside said firewall and tunneling apparatus therefor
TW200420029A (en) Estimating the location of a network client using a media access control address
TW200501681A (en) Network protocol off-load engine memory management
WO1997037477A3 (en) Policy management and conflict resolution in computer networks
WO2004034720A3 (en) Method and system for establishing a connection via an access network
ATE343818T1 (en) MULTI-LEVEL FIREWALL SYSTEM
WO2004061597A3 (en) Method and system for transmitting authentication context information
WO2003025756A3 (en) A system and method for the allocation of network storage
WO2004010632A3 (en) System and method for providing a customer controlled network
CA2330857A1 (en) User specific automatic data redirection system
WO2007005101A3 (en) System and method for establishing a shared key between network peers
AU4240100A (en) Generalized network security policy templates for implementing similar network security policies across multiple networks
WO2001065769A3 (en) Network resource control system
WO2002052403A3 (en) System and method for adaptive reliability balancing in distributed programming networks
CA2323766A1 (en) Providing secure access to network services

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CR CU CZ DE DK DM DZ EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
AK Designated states

Kind code of ref document: A3

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CR CU CZ DE DK DM DZ EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A3

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase

Ref country code: JP