WO2008039506A3 - Deploying group vpns and security groups over an end-to-end enterprise network and ip encryption for vpns - Google Patents
Deploying group vpns and security groups over an end-to-end enterprise network and ip encryption for vpns Download PDFInfo
- Publication number
- WO2008039506A3 WO2008039506A3 PCT/US2007/020811 US2007020811W WO2008039506A3 WO 2008039506 A3 WO2008039506 A3 WO 2008039506A3 US 2007020811 W US2007020811 W US 2007020811W WO 2008039506 A3 WO2008039506 A3 WO 2008039506A3
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- network
- security
- vpns
- group
- encryption
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/46—Interconnection of networks
- H04L12/4641—Virtual LANs, VLANs, e.g. virtual private networks [VPN]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/50—Routing or path finding of packets in data switching networks using label swapping, e.g. multi-protocol label switch [MPLS]
- H04L45/502—Frame based
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0272—Virtual private networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/105—Multiple levels of security
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/065—Network architectures or network communication protocols for network security for supporting key management in a packet data network for group communications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/16—Implementing security features at a particular protocol layer
- H04L63/164—Implementing security features at a particular protocol layer at the network layer
Abstract
Group Virtual Private Networks (Group VPNs) are provided for different types of machines in a data processing network Security groups are defined by a security policy for each member, wherein security policies and encryption keys are deployed to members of a security group using an IP Security (IPSec) network infrastructure with authentication via VPN mechanisms The group VPNs provide a trusted Internet Protocol (IP) network that can leverage and co-exist with security access control technologies, such as endpoint security that controls client network access or application security that controls user access to enterprise applications Additionally, IPSec protocol application to data packets on the enterprise network environment provide security for the data packet forwarding through the network Encryption of IP traffic using IPSec at the edge of the enterprise network supports resilient BGP/MPLS IP VPN network designs In the system a network A (100A, 101 A, 170A) communicates with network B (100, 101 A, 170A) through a network (150).
Applications Claiming Priority (6)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US52955906A | 2006-09-27 | 2006-09-27 | |
US11/529,560 US8607301B2 (en) | 2006-09-27 | 2006-09-27 | Deploying group VPNS and security groups over an end-to-end enterprise network |
US11/529,560 | 2006-09-27 | ||
US11/529,559 | 2006-09-27 | ||
US11/656,077 US8284943B2 (en) | 2006-09-27 | 2007-01-22 | IP encryption over resilient BGP/MPLS IP VPN |
US11/656,077 | 2007-01-22 |
Publications (3)
Publication Number | Publication Date |
---|---|
WO2008039506A2 WO2008039506A2 (en) | 2008-04-03 |
WO2008039506A3 true WO2008039506A3 (en) | 2008-08-28 |
WO2008039506B1 WO2008039506B1 (en) | 2008-10-16 |
Family
ID=39230822
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/US2007/020811 WO2008039506A2 (en) | 2006-09-27 | 2007-09-27 | Deploying group vpns and security groups over an end-to-end enterprise network and ip encryption for vpns |
Country Status (1)
Country | Link |
---|---|
WO (1) | WO2008039506A2 (en) |
Families Citing this family (17)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8938782B2 (en) * | 2010-03-15 | 2015-01-20 | Symantec Corporation | Systems and methods for providing network access control in virtual environments |
CN104247367B (en) * | 2012-03-30 | 2017-08-04 | 华为技术有限公司 | Lift IPsec performances and anti-eavesdrop security |
US9344403B2 (en) | 2013-03-15 | 2016-05-17 | Tempered Networks, Inc. | Industrial network security |
US10270809B2 (en) | 2013-12-02 | 2019-04-23 | Akamai Technologies, Inc. | Virtual private network (VPN)-as-a-service with delivery optimizations while maintaining end-to-end data security |
US9729580B2 (en) | 2014-07-30 | 2017-08-08 | Tempered Networks, Inc. | Performing actions via devices that establish a secure, private network |
US9300635B1 (en) | 2015-06-15 | 2016-03-29 | Tempered Networks, Inc. | Overlay network with position independent insertion and tap points |
CN107086958B (en) * | 2016-02-16 | 2020-02-18 | 中国移动通信集团江苏有限公司 | Data transmission method, wap gateway and system |
US9729581B1 (en) | 2016-07-01 | 2017-08-08 | Tempered Networks, Inc. | Horizontal switch scalability via load balancing |
CN106230793A (en) * | 2016-07-22 | 2016-12-14 | 安徽皖通邮电股份有限公司 | A kind of MPLSVPN of realization operates in the method on the IPVPN of encryption |
US10069726B1 (en) | 2018-03-16 | 2018-09-04 | Tempered Networks, Inc. | Overlay network identity-based relay |
US10116539B1 (en) | 2018-05-23 | 2018-10-30 | Tempered Networks, Inc. | Multi-link network gateway with monitoring and dynamic failover |
US10158545B1 (en) | 2018-05-31 | 2018-12-18 | Tempered Networks, Inc. | Monitoring overlay networks |
US10911418B1 (en) | 2020-06-26 | 2021-02-02 | Tempered Networks, Inc. | Port level policy isolation in overlay networks |
US11070594B1 (en) | 2020-10-16 | 2021-07-20 | Tempered Networks, Inc. | Applying overlay network policy based on users |
US10999154B1 (en) | 2020-10-23 | 2021-05-04 | Tempered Networks, Inc. | Relay node management for overlay networks |
CN113676469A (en) * | 2021-08-17 | 2021-11-19 | 盐城工学院 | Enterprise network security management method |
CN117353959A (en) * | 2022-06-29 | 2024-01-05 | 深圳市中兴微电子技术有限公司 | Data transmission method, electronic device and computer storage medium |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20020067725A1 (en) * | 2000-12-06 | 2002-06-06 | Naoki Oguchi | Virtual network construction method, system, and relaying apparatus |
US20060187942A1 (en) * | 2005-02-22 | 2006-08-24 | Hitachi Communication Technologies, Ltd. | Packet forwarding apparatus and communication bandwidth control method |
US20060198368A1 (en) * | 2005-03-04 | 2006-09-07 | Guichard James N | Secure multipoint internet protocol virtual private networks |
-
2007
- 2007-09-27 WO PCT/US2007/020811 patent/WO2008039506A2/en active Application Filing
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20020067725A1 (en) * | 2000-12-06 | 2002-06-06 | Naoki Oguchi | Virtual network construction method, system, and relaying apparatus |
US20060187942A1 (en) * | 2005-02-22 | 2006-08-24 | Hitachi Communication Technologies, Ltd. | Packet forwarding apparatus and communication bandwidth control method |
US20060198368A1 (en) * | 2005-03-04 | 2006-09-07 | Guichard James N | Secure multipoint internet protocol virtual private networks |
Also Published As
Publication number | Publication date |
---|---|
WO2008039506A2 (en) | 2008-04-03 |
WO2008039506B1 (en) | 2008-10-16 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2008039506A3 (en) | Deploying group vpns and security groups over an end-to-end enterprise network and ip encryption for vpns | |
Quinn et al. | Problem statement for service function chaining | |
US7809126B2 (en) | Proxy server for internet telephony | |
US8625599B2 (en) | Method and system for dynamic secured group communication | |
Gupta et al. | Authentication/confidentiality for OSPFv3 | |
Jahan et al. | Application specific tunneling protocol selection for Virtual Private Networks | |
WO2003060671A3 (en) | Communication security system | |
Chavez et al. | Techniques for the dynamic randomization of network attributes | |
WO2009146300A1 (en) | Regional virtual vpn | |
WO2014142985A1 (en) | Emulate vlans using macsec | |
WO2008108821A2 (en) | Virtual security interface | |
Mendonca et al. | A flexible in-network IP anonymization service | |
Liyanage et al. | A scalable and secure VPLS architecture for provider provisioned networks | |
Liyanage et al. | Securing virtual private LAN service by efficient key management | |
Liyanage et al. | Secure hierarchical VPLS architecture for provider provisioned networks | |
Quinn et al. | RFC 7498: Problem Statement for Service Function Chaining | |
Liyanage et al. | Secure virtual private LAN services: An overview with performance evaluation | |
Liyanage et al. | Secure hierarchical virtual private LAN services for provider provisioned networks | |
Fancy et al. | An evaluation of alternative protocols-based Virtual Private LAN Service (VPLS) | |
Adeyinka | Analysis of IPsec VPNs performance in a multimedia environment | |
Singh et al. | A Novel approach for the Analysis & Issues of IPsec VPN | |
Ashraf et al. | SECURE INTER-VLAN IPv6 ROUTING: IMPLEMENTATION & EVALUATION. | |
Liyanage et al. | Enhancing security, scalability and flexibility of virtual private LAN services | |
Jee et al. | Security in Network Virtualization: A Survey | |
Nacht | The spectrum of modern firewalls |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 07852436 Country of ref document: EP Kind code of ref document: A2 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 07852436 Country of ref document: EP Kind code of ref document: A2 |