Home | Links | Contact Us | More About Intellectual Property | Bookmark

Search patents:

Home

Processing Data

Method-and-protocol-for-synchronized-transfer-window-based-firewall-traversal

Method and apparatus for driving liquid crystal panel in dot inversion

Accordingly, it is an object of the present invention to provide a liquid crystal panel driving ...

Direct memory access controller for handling cyclic execution of data transfer in accordance with stored transfer control information

It is therefore a general object of the present invention to provide a novel and useful direct ...

Disc sorting apparatus and method

What is claimed is: 1. A disc sorting apparatus for sorting discs of different identities, the ...

Method of transferring signals within electronic control system for internal combustion engines

It is therefore the object of the invention to provide a method of transferring signals within an ...

Computer network system for detecting global deadlock

It is therefore an object of the present invention to provide a computer network system capable of ...

Bi-directional bus repeater

In accordance with one aspect of the invention, a bi-directional bus repeater includes two ...

Method and apparatus for bi-directional bus driver

The present invention provides a self-directioning bidirectional bus circuit that can sense the ...

Test and control access architecture for an integrated circuit

The present invention provides a microprocessor that has a bidirectional bus circuit, a central ...

System and method for improving signal propagation

The above mentioned problems are addressed by the present subject matter and will be understood by ...

Configuring computer network operations based upon a sequence of interactive user entries into a network server computer with a one time entry of data commonly required by multiple clients

The present invention provides a solution to the above problems by providing a network of a server ...

Method and protocol for synchronized transfer-window based firewall traversal

Details

Inventors: Naudus, Stanley T.;
Assignee: 3Com Corporation (Santa Clara, CA)
Primary Examiner: Matar; Ahmad F.
Assistant Examiner: Barot; Bharat
Attorney, Agent or Firm: McDonnell Boehnen Hulbert & Berghoff, Lesavich; Stephen

A protocol and method for synchronized transfer-window based firewall traversal is provided. The firewall traversal protocol includes messages for securely opening and closing a virtual data transfer-window through a firewall. The method allows a first network device inside a firewall to allow a virtual data transfer-window through a firewall to be opened with a second network device outside the firewall by sending the second network device secure information with the firewall traversal protocol. The secure information allows the second network device outside the firewall to securely traverse the firewall through the virtual data transfer-window to reach the first network device inside the firewall. The protocol and method help to improve firewall security and may help make the firewall less vulnerable to a number of common firewall attacks.

DETAILED DESCRIPTION In accordance with a preferred embodiment of the present invention, some of the problems associated with using firewalls are overcome.
A protocol and method for synchronized transfer-window based firewall traversal is presented.
The firewall traversal protocol and method are used by a first network device on a first network inside a firewall to coordinate a connection with a second network device on a second network outside the firewall.
Secure firewall traversal information is sent from inside the firewall to outside the firewall.
In firewall traversals known in the art, a second network device on a second network outside a firewall typically coordinates a connection with the first network device on the first network inside a firewall.
A preferred embodiment of the present invention coordinates a connection through a firewall from inside the firewall.
The firewall traversal protocol includes an open-transfer window message, an open-transfer window acknowledgment message, a close-transfer-window message and a close-transfer window acknowledgment message.
However, the firewall traversal protocol can also include more or fewer messages and preferred embodiment of the present invention is not limited to four firewall traversal protocol messages.
The open transfer-window message opens a "virtual" data transfer-window in a firewall.
The open transfer-window message includes secure firewall traversal information such as: a network address of a network device within a firewall (e.
g.
, an IP address of a specific network access card) to use for data transfer; a starting firewall traversal sequence number to use to begin a data transfer; Security Parameters Index ("SPI") or other encryption indicator; transfer rate information to ensure the network device is not overloaded during the data transfer; or other desired information.
The open transfer-window acknowledgment message includes firewall traversal information from the open transfer-window message and acknowledges the open transfer-window message, thereby providing synchronized firewall traversal

Related patents

	Bidirection data switch sequencing circuit What is claimed is: 1. In a circuit having at least two port means for sending and receiving signals, said port means being coupled to one another by bidirectional ...
	Multiplexed synchronous/asynchronous data bus Thus, one object of the present invention is to advantageously combine a self-clocking synchronous data bus and a serial asynchronous data bus. A master data device, ...
	Logic isolator with high transient immunity The present invention includes a logic isolator with high transient immunity, for isolating digital logic signals, such as signals between equipment on a field side and ...
	Adiabatic charging logic circuit The present invention has been made in consideration of the above situation, and has an object to provide a logic circuit which can efficiently implement adiabatic ...
	Data processing system and apparatus and display system with image information memory control An object of the present invention is to provide a data processing system and apparatus suitable for an image display maintaining a real-time operability as a man-...
	Display data write control device The present invention has been proposed in consideration of the above problems, and the object thereof is to provide a display control device in which the software ...
	Data processing system and apparatus capable of inhibiting the storage of image data during partial rewriting An object of the present invention is to provide a data processing system and apparatus suitable for an image display maintaining a real-time operability as a man-...
	Apparatus and method for transferring image data to display driver in a time series format to reduce the number of required input terminals to the driver The display driving device of this invention has a display driver for driving a display device by image data to perform a display. The display driving device includes: a ...
	Display control method and apparatus An object of the invention is to eliminate the aforementioned drawbacks. The present invention resides in effecting excellent image display, when the level number of ...
	Image data control apparatus and display system It is an object of the invention to provide a liquid crystal display system whose compatibility with a CRT display system has been improved and, more particularly, to ...

0.014
Archive: All patents - Links Copyright (c)2006 Eipa-patents.org - All rights reserved