-
1.发明申请FIREWALL SYSTEM FOR INTERCONNECTING TWO IP NETWORKS MANAGED BY TWO DIFFERENT ADMINISTRATIVE ENTITIES 失效用于互连两个不同管理实体管理的两个IP网络的防火墙系统公开(公告)号:US20070271605A1
公开(公告)日:2007-11-22
申请号:US11831631
申请日:2007-07-31
IPC分类号: G06F15/16
CPC分类号: H04L41/042 , H04L29/12339 , H04L61/2503 , H04L63/0209 , H04L63/0263 , H04L63/0272
摘要: Firewall system for interconnecting a first IP network (10) to a second IP network (16), these networks belonging to two different entities having each a different administration wherein any data packet transmitted/received by the first IP network is filtered by using a first firewall function and any data packet transmitted/received by the second IP network is filtered by using a second firewall function. The system comprises essentially a single firewall device (20) including filtering means (41, 43) performing both first firewall function and second firewall function, a console port (37) enabling the administrator in charge of each IP network to enter filtering rules for updating the associated firewall function and control means (39, 47, 49) interconnecting the console port and the filtering means for transmitting thereto the filtering rules so that each administrator may independently manage the system from the console port.
摘要翻译: 用于将第一IP网络(10)互连到第二IP网络(16)的防火墙系统,属于具有不同管理的两个不同实体的这些网络,其中由第一IP网络发送/接收的任何数据分组通过使用第一IP网络 防火墙功能和由第二IP网络发送/接收的任何数据包通过使用第二防火墙功能进行过滤。 该系统基本上包括单个防火墙设备(20),其包括执行第一防火墙功能和第二防火墙功能的过滤装置(41,43),使得管理员能够负责每个IP网络的控制台端口(37)输入用于更新的过滤规则 相关联的防火墙功能和控制装置(39,47,49),其互连控制台端口和过滤装置,用于向其发送过滤规则,使得每个管理员可以从控制台端口独立地管理系统。
-
2.发明申请FIREWALL SYSTEM FOR INTERCONNECTING TWO IP NETWORKS MANAGED BY TWO DIFFERENT ADMINISTRATIVE ENTITIES 有权用于互连两个不同管理实体管理的两个IP网络的防火墙系统公开(公告)号:US20080244726A1
公开(公告)日:2008-10-02
申请号:US12115392
申请日:2008-05-05
IPC分类号: G06F21/20
CPC分类号: H04L41/042 , H04L29/12339 , H04L61/2503 , H04L63/0209 , H04L63/0263 , H04L63/0272
摘要: Firewall system for interconnecting a first IP network (10) to a second IP network (16), these networks belonging to two different entities having each a different administration wherein any data packet transmitted/received by the first IP network is filtered by using a first firewall function and any data packet transmitted/received by the second IP network is filtered by using a second firewall function. The system comprises essentially a single firewall device (20) including filtering means (41, 43) performing both first firewall function and second firewall function, a console port (37) enabling the administrator in charge of each IP network to enter filtering rules for updating the associated firewall function and control means (39, 47, 49) interconnecting the console port and the filtering means for transmitting thereto the filtering rules so that each administrator may independently manage the system from the console port.
摘要翻译: 用于将第一IP网络(10)互连到第二IP网络(16)的防火墙系统,属于具有不同管理的两个不同实体的这些网络,其中由第一IP网络发送/接收的任何数据分组通过使用第一IP网络 防火墙功能和由第二IP网络发送/接收的任何数据包通过使用第二防火墙功能进行过滤。 该系统基本上包括单个防火墙设备(20),其包括执行第一防火墙功能和第二防火墙功能的过滤装置(41,43),使得管理员能够负责每个IP网络的控制台端口(37)输入用于更新的过滤规则 相关联的防火墙功能和控制装置(39,47,49),其互连控制台端口和过滤装置,用于向其发送过滤规则,使得每个管理员可以从控制台端口独立地管理系统。
-
公开(公告)号:US20080147871A1
公开(公告)日:2008-06-19
申请号:US11986534
申请日:2007-11-21
IPC分类号: G06F15/16
CPC分类号: H04L63/12 , H04L63/1466
摘要: Method of gaining secure access from a host (13) to Intranet resources provided by at least a content server (18) in a data transmission system wherein the host is connected to the content server through a gateway (17). Such a method consists in generating and sending at predetermined transmission instants from either the host or the gateway verification messages wherein each verification message contains a signature which depends upon the data exchanged between the host and the gateway since the preceding verification message, the host and the gateway also called peer devices having at their disposal same algorithm defining which of them sends a verification message at each of the predetermined instants.
摘要翻译: 从数据传输系统获得从主机(13)到由至少内容服务器(18)提供的内联网资源的安全访问的方法,其中主机通过网关(17)连接到内容服务器。 这种方法包括:从主机或网关验证消息的预定传输时刻生成和发送,其中每个验证消息包含取决于主机与网关之间交换的数据的签名,因为前述验证消息,主机和 网关还称之为具有相同算法的对等设备,其定义了在每个预定时刻中的哪一个发送验证消息。
-
4.发明申请Path analysis tool and method in a data transmission network including several internet autonomous systems 审中-公开包括几个互联网自主系统在内的数据传输网络中的路径分析工具和方法公开(公告)号:US20050283639A1
公开(公告)日:2005-12-22
申请号:US10638445
申请日:2003-08-11
CPC分类号: H04L41/00
摘要: Method for performing the analysis of the characteristics of a data path from a first data processing device to a second data processing device through a network comprising at least an autonomous system consisting in defining a scenario file the scenario to be used, such a scenario including the actions to be used, building a parameter file defining the parameters to be used in the actions, running at least one analysis module based upon the actions of the scenario file and the parameters of the parameter file, the analysis module calling at least a predefined information requesting procedure, and storing in at least an output file the data resulting from the running of the analysis modules
摘要翻译: 用于通过网络执行从第一数据处理设备到第二数据处理设备的数据路径的特性的分析的方法,所述网络包括至少包括将待使用的场景定义为场景文件的自治系统, 要使用的动作,构建定义要在动作中使用的参数的参数文件,基于脚本文件的动作和参数文件的参数运行至少一个分析模块,分析模块至少调用预定义的信息 请求过程,并且至少在输出文件中存储由分析模块运行产生的数据
-
公开(公告)号:US08634428B2
公开(公告)日:2014-01-21
申请号:US12582018
申请日:2009-10-20
摘要: The present invention includes a method, a system, and a computer readable medium for establishing a connection between hosts in a computer network with the connection configured for symmetrical forward and reverse routing. The method uses the following steps. First, a first host local routing table to route a packet from a first host to a first gateway according to a routing protocol. Next, the first gateway local routing table routes the packet from the first gateway to a first access router. After that, a first access router local routing table routes the packet from the first access router to a second access router. Then, a second access router local routing table routes the packet from the second access router to a second gateway. Finally, a second gateway local routing table routes the packet from the second gateway router to a second host.
摘要翻译: 本发明包括用于在计算机网络中的主机之间建立连接的方法,系统和计算机可读介质,其中所述连接被配置为对称正向和反向路由。 该方法使用以下步骤。 首先,根据路由协议,将分组从第一主机路由到第一网关的第一主机本地路由表。 接下来,第一网关本地路由表将分组从第一网关路由到第一接入路由器。 之后,第一接入路由器本地路由表将分组从第一接入路由器路由到第二接入路由器。 然后,第二接入路由器本地路由表将分组从第二接入路由器路由到第二网关。 最后,第二网关本地路由表将分组从第二网关路由器路由到第二主机。
-
公开(公告)号:US20080114892A1
公开(公告)日:2008-05-15
申请号:US11648082
申请日:2006-12-29
IPC分类号: G06F15/16
CPC分类号: H04L47/10 , H04L45/125 , H04L45/38 , H04L47/125 , H04L47/2441
摘要: A method and apparatus for flow based load balancing are disclosed. For example, the present method receives at least one packet from a flow. If the flow has not being previously classified, then the flow is classified based on the characteristics of the flow. Once classified, the present method matches the flow to at least one matched path from a plurality of available paths in accordance with the characteristics of the flow and characteristics of the at least one matched path. Once matched, the present method forwards the packet from the flow to the at least one matched path for processing.
摘要翻译: 公开了一种用于基于流量的负载平衡的方法和装置。 例如,本方法从流接收至少一个分组。 如果流量尚未分类,则根据流量的特征对流量进行分类。 一旦分类,本方法根据流的特性和至少一个匹配路径的特性,将来自多个可用路径的至少一个匹配路径的流匹配。 一旦匹配,本方法将分组从流转发到至少一个匹配路径进行处理。
-
公开(公告)号:US08601126B2
公开(公告)日:2013-12-03
申请号:US11648082
申请日:2006-12-29
IPC分类号: G06F15/173
CPC分类号: H04L47/10 , H04L45/125 , H04L45/38 , H04L47/125 , H04L47/2441
摘要: A method and apparatus for flow based load balancing are disclosed. For example, the present method receives at least one packet from a flow. If the flow has not being previously classified, then the flow is classified based on the characteristics of the flow. Once classified, the present method matches the flow to at least one matched path from a plurality of available paths in accordance with the characteristics of the flow and characteristics of the at least one matched path. Once matched, the present method forwards the packet from the flow to the at least one matched path for processing.
摘要翻译: 公开了一种用于基于流量的负载平衡的方法和装置。 例如,本方法从流接收至少一个分组。 如果流量尚未分类,则根据流量的特征对流量进行分类。 一旦分类,本方法根据流的特性和至少一个匹配路径的特性,将来自多个可用路径的至少一个匹配路径的流匹配。 一旦匹配,本方法将分组从流转发到至少一个匹配路径进行处理。
-
公开(公告)号:US08260861B1
公开(公告)日:2012-09-04
申请号:US11218063
申请日:2005-08-31
IPC分类号: G06F15/16
CPC分类号: H04L51/08
摘要: Described is a system and method for receiving an electronic mail including an attachment file and separating the attachment file from the electronic mail. The attachment is then sent to a remote source and the attachment file is replaced with a substitute file including identifying data for retrieving the attachment file from the remote source. The electronic mail with the substitute file is then forwarded to a receiver.
摘要翻译: 描述了一种用于接收包括附件文件并将附件文件与电子邮件分开的电子邮件的系统和方法。 然后将附件发送到远程源,附件文件将替换为替代文件,包括从远程源检索附件文件的标识数据。 然后将具有替代文件的电子邮件转发给接收者。
-
公开(公告)号:US20110069714A1
公开(公告)日:2011-03-24
申请号:US12582018
申请日:2009-10-20
IPC分类号: H04L12/56
摘要: The present invention includes a method, a system, and a computer readable medium for establishing a connection between hosts in a computer network with the connection configured for symmetrical forward and reverse routing. The method uses the following steps. First, a first host local routing table to route a packet from a first host to a first gateway according to a routing protocol. Next, the first gateway local routing table routes the packet from the first gateway to a first access router. After that, a first access router local routing table routes the packet from the first access router to a second access router. Then, a second access router local routing table routes the packet from the second access router to a second gateway. Finally, a second gateway local routing table routes the packet from the second gateway router to a second host.
摘要翻译: 本发明包括用于在计算机网络中的主机之间建立连接的方法,系统和计算机可读介质,其中所述连接被配置为对称正向和反向路由。 该方法使用以下步骤。 首先,根据路由协议,将分组从第一主机路由到第一网关的第一主机本地路由表。 接下来,第一网关本地路由表将分组从第一网关路由到第一接入路由器。 之后,第一接入路由器本地路由表将分组从第一接入路由器路由到第二接入路由器。 然后,第二接入路由器本地路由表将分组从第二接入路由器路由到第二网关。 最后,第二网关本地路由表将分组从第二网关路由器路由到第二主机。
-
公开(公告)号:US08136152B2
公开(公告)日:2012-03-13
申请号:US12105756
申请日:2008-04-18
IPC分类号: G06F15/00
CPC分类号: H04L63/0209 , H04L63/0272 , H04L63/0435 , H04L63/0464
摘要: A method and system for implementing secure network communications between a first device and a second device, at least one of the devices communicating with the other device via a firewall device, are provided. The method and system may include obtaining an encryption parameter that is shared by the first device, second device and firewall device. A data packet sent by the first device may then be copied within the firewall device, so that decryption of the copy of the data packet within a portion of the firewall device may take place. In particular, the portion of the firewall device in which decryption takes place is defined such that contents of the portion are inaccessible to an operator of the firewall device. Thus, scanning of the decrypted copy of the data packet for compliance with a predetermined criterion may take place within the firewall device, without an operator of the firewall device having access to the contents of the data packet to be transmitted. Thereafter, the original data packet can be forwarded to its originally intended recipient.
摘要翻译: 提供了一种用于在第一设备和第二设备之间实现安全网络通信的方法和系统,至少一个设备经由防火墙设备与另一设备通信。 该方法和系统可以包括获得由第一设备,第二设备和防火墙设备共享的加密参数。 然后可以在防火墙设备内复制由第一设备发送的数据分组,从而可以在防火墙设备的一部分内对数据分组的副本进行解密。 特别地,定义防火墙设备中发生解密的部分,使得该部分的内容对于防火墙设备的操作者是不可访问的。 因此,在防火墙设备内可以进行符合预定标准的数据分组的解密副本的扫描,而防火墙设备的操作者可以访问要发送的数据分组的内容。 此后,可以将原始数据分组转发到其原始的接收者。
-
-
-
-
-
-
-
-
-
搜索结果
96 条记录 (耗时 0.039 秒)