摘要:
The claimed method and system provides a graphical user interface that illustrates network topology information, including connection paths between devices on the local network and an external network such as the Internet. The claimed method and system may use a three column format for presenting the topology that is more intuitive for a user. Also, the claimed method and system may aggregate context and connection information from multiple different protocols to provide the topology display. Further, the claimed method and system may use a device registry to enable customized and extensible representations of the network devices.
摘要:
A graphical user interface integrates into a single view multiple network devices discovered over a plurality of network protocols. The graphical user interface provides an intuitive user interface to indicate to a user the existence of all potential resources as defined by a network profile, the characteristics and properties of the resources via the representation of the device, and an interaction process specific to each discovered device that is customizable and extensible.
摘要:
The claimed method and system provides a graphical user interface that illustrates network topology information, including connection paths between devices on the local network and an external network such as the Internet. The claimed method and system may use a three column format for presenting the topology that is more intuitive for a user. Also, the claimed method and system may aggregate context and connection information from multiple different protocols to provide the topology display. Further, the claimed method and system may use a device registry to enable customized and extensible representations of the network devices.
摘要:
The claimed method and system provides a graphical user interface that illustrates network topology information, including connection paths between devices on the local network and an external network such as the Internet. The claimed method and system may use a three column format for presenting the topology that is more intuitive for a user. Also, the claimed method and system may aggregate context and connection information from multiple different protocols to provide the topology display. Further, the claimed method and system may use a device registry to enable customized and extensible representations of the network devices.
摘要:
The claimed method and system provides a graphical user interface that illustrates network topology information, including connection paths between devices on the local network and an external network such as the Internet. The claimed method and system may use a three column format for presenting the topology that is more intuitive for a user. Also, the claimed method and system may aggregate context and connection information from multiple different protocols to provide the topology display. Further, the claimed method and system may use a device registry to enable customized and extensible representations of the network devices.
摘要:
A method for a firewall-aware application to communicate its expectations to a firewall without requiring the firewall to change its policy or compromise network security. An application API is provided for applications to inform a firewall or firewalls of the application's needs, and a firewall API is provided that informs the firewall or firewalls of the application's needs. An interception module watches for connect and listen attempts by applications and services to the network stack on the local computer. The interception module traps these attempts and determines what user is making the attempt, what application or service is making the attempt, and conducts a firewall policy look-up to determine whether the user and/or application or service are allowed to connect to the network. If so, the interception module may instruct the host and/or edge firewall to configure itself for the connection being requested.
摘要:
A method for a firewall-aware application to communicate its expectations to a firewall without requiring the firewall to change its policy or compromise network security. An application API is provided for applications to inform a firewall or firewalls of the application's needs, and a firewall API is provided that informs the firewall or firewalls of the application's needs. An interception module watches for connect and listen attempts by applications and services to the network stack on the local computer. The interception module traps these attempts and determines what user is making the attempt, what application or service is making the attempt, and conducts a firewall policy look-up to determine whether the user and/or application or service are allowed to connect to the network. If so, the interception module may instruct the host and/or edge firewall to configure itself for the connection being requested.
摘要:
A security infrastructure and methods are presented that inhibit the ability of a malicious node from disrupting the normal operations of a peer-to-peer network. The methods of the invention allow both secure and insecure identities to be used by nodes by making them self-verifying. When necessary or opportunistic, ID ownership is validated by piggybacking the validation on existing messages. The probability of connecting initially to a malicious node is reduced by randomly selecting to which node to connect. Further, information from malicious nodes is identified and can be disregarded by maintaining information about prior communications that will require a future response. Denial of service attacks are inhibited by allowing the node to disregard requests when its resource utilization exceeds a predetermined limit. The ability for a malicious node to remove a valid node is reduced by requiring that revocation certificates be signed by the node to be removed.
摘要:
The present invention provides a method by which the connectivity status of network connections on a PC is determined in real-time by passively reviewing packet information from the TCP/IP stack. To achieve high accuracy of the connectivity status determination, the method involves the determination of the edge of a local network. In cases where little or no network traffic is observed on the network, scalable active probing methods are designed to make accurate connectivity determination. Special considerations for network setups like networks with web proxy servers, NAT or edge firewalls are also included to improve the accuracy of the determination in those environments.
摘要:
Systems and methods of authentication and authorization between a client, a server, and a gateway to facilitate communicating a message between a client and a server through a gateway. The client has a trusted relationship with each of the gateway and the server. A method includes registering the client with the gateway. The client also constructs the address space identifying the gateway and the client. The client communicates the address space to the server. The client receives an identity identifying the server. If the client authorizes to receive a message from the server through the gateway, the client informs the authorization to the gateway. The client puts the identity identifying the server on a list of servers which are authorized to send messages to the client. In addition, the client communicates the list of servers to the gateway.