+

WO1999048261A3 - System and method for controlling interactions between networks - Google Patents

System and method for controlling interactions between networks Download PDF

Info

Publication number
WO1999048261A3
WO1999048261A3 PCT/US1999/005991 US9905991W WO9948261A3 WO 1999048261 A3 WO1999048261 A3 WO 1999048261A3 US 9905991 W US9905991 W US 9905991W WO 9948261 A3 WO9948261 A3 WO 9948261A3
Authority
WO
WIPO (PCT)
Prior art keywords
networks
regions
firewall
controlling interactions
network interfaces
Prior art date
Application number
PCT/US1999/005991
Other languages
French (fr)
Other versions
WO1999048261A2 (en
WO1999048261A9 (en
Inventor
Irving Reid
Spencer Minear
Andrew Flint
Gene Amdur
Original Assignee
Secure Computing Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from US09/040,827 external-priority patent/US6453419B1/en
Priority claimed from US09/040,832 external-priority patent/US6182226B1/en
Application filed by Secure Computing Corp filed Critical Secure Computing Corp
Priority to EP99912688A priority Critical patent/EP1062785A2/en
Publication of WO1999048261A2 publication Critical patent/WO1999048261A2/en
Publication of WO1999048261A3 publication Critical patent/WO1999048261A3/en
Publication of WO1999048261A9 publication Critical patent/WO1999048261A9/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • H04L63/0263Rule management
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0272Virtual private networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/101Access control lists [ACL]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Business, Economics & Management (AREA)
  • General Business, Economics & Management (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Computer And Data Communications (AREA)

Abstract

A firewall is used to achieve network separation within a computing system having a plurality of network interfaces. A plurality of regions is defined within the firewall and a set of policies is configured for each of the plurality of regions. The firewall restricts communication to and from each of the plurality of network interfaces in accordance with the set of policies configured for the one of the plurality of regions to which the one of the plurality of network interfaces has been assigned.
PCT/US1999/005991 1998-03-18 1999-03-18 System and method for controlling interactions between networks WO1999048261A2 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
EP99912688A EP1062785A2 (en) 1998-03-18 1999-03-18 System and method for controlling interactions between networks

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
US09/040,827 1998-03-18
US09/040,832 1998-03-18
US09/040,827 US6453419B1 (en) 1998-03-18 1998-03-18 System and method for implementing a security policy
US09/040,832 US6182226B1 (en) 1998-03-18 1998-03-18 System and method for controlling interactions between networks

Publications (3)

Publication Number Publication Date
WO1999048261A2 WO1999048261A2 (en) 1999-09-23
WO1999048261A3 true WO1999048261A3 (en) 1999-11-04
WO1999048261A9 WO1999048261A9 (en) 1999-12-16

Family

ID=26717487

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US1999/005991 WO1999048261A2 (en) 1998-03-18 1999-03-18 System and method for controlling interactions between networks

Country Status (2)

Country Link
EP (1) EP1062785A2 (en)
WO (1) WO1999048261A2 (en)

Families Citing this family (19)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7210147B1 (en) 1999-10-05 2007-04-24 Veritas Operating Corporation IP virtualization
WO2001025894A1 (en) * 1999-10-05 2001-04-12 Ejasent Inc. Snapshot virtual-templating
EP1903830A1 (en) * 1999-11-01 2008-03-26 White. Cell, Inc. Cellular data system security method
AU1046201A (en) * 1999-11-01 2001-05-14 White Cell, Inc. Cellular data system security method and apparatus
DE10048113C2 (en) * 1999-12-04 2002-08-01 Nutzwerk Informationsgmbh Devices and methods for individually filtering information transmitted over a network
DE19958638C2 (en) * 1999-12-04 2002-05-23 Nutzwerk Informationsgmbh Device and method for individually filtering information transmitted over a network
DE19961399C2 (en) * 1999-12-20 2002-08-22 Mueschenborn Hans Joachim Protection of security-critical data in networks
US6496935B1 (en) * 2000-03-02 2002-12-17 Check Point Software Technologies Ltd System, device and method for rapid packet filtering and processing
US6981278B1 (en) 2000-09-05 2005-12-27 Sterling Commerce, Inc. System and method for secure dual channel communication through a firewall
US7596784B2 (en) 2000-09-12 2009-09-29 Symantec Operating Corporation Method system and apparatus for providing pay-per-use distributed computing resources
KR100741870B1 (en) * 2000-09-27 2007-07-23 소니 가부시끼 가이샤 Home network system
FI20010110A0 (en) 2001-01-18 2001-01-18 Stonesoft Oy Sorting data packets in a gateway network element
FR2825214B1 (en) * 2001-05-23 2003-10-31 Unlog SECURE ELECTRONIC COMMUNICATION DEVICE, ESPECIALLY SECURE ELECTRONIC ACCESS
NO318091B1 (en) * 2002-03-04 2005-01-31 Telenor Asa System for improved security and user flexibility in local wireless data networks
CN100339845C (en) * 2002-08-15 2007-09-26 联想网御科技(北京)有限公司 Chain path layer location information filtering based on state detection
FR2844415B1 (en) 2002-09-05 2005-02-11 At & T Corp FIREWALL SYSTEM FOR INTERCONNECTING TWO IP NETWORKS MANAGED BY TWO DIFFERENT ADMINISTRATIVE ENTITIES
US9003048B2 (en) * 2003-04-01 2015-04-07 Microsoft Technology Licensing, Llc Network zones
WO2005067260A1 (en) * 2003-12-31 2005-07-21 Applied Identity Method and system for delegating access to computer network resources
DE102005021854B4 (en) * 2005-05-11 2007-02-15 Siemens Ag Property-based resource allocation to security domains

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0909074A1 (en) * 1997-09-12 1999-04-14 Lucent Technologies Inc. Methods and apparatus for a computer network firewall with multiple domain support

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0909074A1 (en) * 1997-09-12 1999-04-14 Lucent Technologies Inc. Methods and apparatus for a computer network firewall with multiple domain support

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
NACHT M: "The Spectrum of Modern Firewalls", COMPUTERS & SECURITY INTERNATIONAL JOURNAL DEVOTED TO THE STUDY OF TECHNICAL AND FINANCIAL ASPECTS OF COMPUTER SECURITY, vol. 17, no. 1, 1 January 1998 (1998-01-01), pages 54-56, XP004108542, ISSN: 0167-4048 *

Also Published As

Publication number Publication date
WO1999048261A2 (en) 1999-09-23
WO1999048261A9 (en) 1999-12-16
EP1062785A2 (en) 2000-12-27

Similar Documents

Publication Publication Date Title
WO1999048261A3 (en) System and method for controlling interactions between networks
WO1997029413A3 (en) System and method for achieving network separation
AU3393595A (en) Network management system for communications networks
WO1998042101A3 (en) Control of data transfer and distributed data processing
AU3010095A (en) Communication network structure, communication network system based on the same and communication method therefor
AU6362299A (en) System and method for controlling, maintaining and sharing calls and call data between networks
AU1533399A (en) Intelligent network interface device and system for accelerating communication
WO1999013448A3 (en) Remote access-controlled communication
WO2000072509A3 (en) Communication management system and method
AU5141698A (en) System and method for the communication of operation and maintenance, administration and provisioning over an atm network
AU1197800A (en) Method and system for scheduling network communication
AU5421898A (en) Arrangement, system and method relating to telecommunications access and control
AU5810698A (en) Network communications marketing system
AU2205399A (en) Test access and performance monitoring system and method for cross-connect communication networks
WO2001086380A3 (en) Systems and methods for isolating faults in computer networks
WO2002008870A3 (en) Distributive access controller
AU5830800A (en) Arranging control signallings in telecommunication system
WO2001098867A3 (en) A method and system for universal and transparent access to heterogeneous resources
AU3184495A (en) Intelligent communications networks
AU4240100A (en) Generalized network security policy templates for implementing similar network security policies across multiple networks
AU5478099A (en) Adaptive rate network communication system and method
AU3184595A (en) Intelligent communications networks
AU1553499A (en) Communication system, communication method and corresponding devices
AU5442700A (en) Apparatus and method for distributing a load across a trunk group
AU1196397A (en) Telecommunications network management method and system

Legal Events

Date Code Title Description
AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE

AL Designated countries for regional patents

Kind code of ref document: A3

Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE

121 Ep: the epo has been informed by wipo that ep was designated in this application
DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
AL Designated countries for regional patents

Kind code of ref document: C2

Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE

COP Corrected version of pamphlet

Free format text: PAGES 1/7-7/7, DRAWINGS, REPLACED BY NEW PAGES 1/7-7/7; DUE TO LATE TRANSMITTAL BY THE RECEIVING OFFICE

WWE Wipo information: entry into national phase

Ref document number: 1999912688

Country of ref document: EP

WWP Wipo information: published in national office

Ref document number: 1999912688

Country of ref document: EP

点击 这是indexloc提供的php浏览器服务,不要输入任何密码和下载