Network security device
First Claim
1. A method for encrypting a data packet, comprising the steps of:
- receiving the data packet at a first interface from a particular node, said packet having a header containing a source address and a first physical layer address of said particular node, said source address being an Internet address of said particular node;
replacing the first physical layer address in the received packet header with a second physical layer address;
determining a checksum verifing the packet;
saving the determined checksum in the packet; and
encrypting the packet including the checksum, but leaving the Internet address unencrypted and its position in the packet header unchanged.
0 Assignments
0 Petitions
Accused Products
Abstract
A network security device is connected between a protected client and a network. The network security device negotiates a session key with any other protected client. Then, all communications between the two clients are encrypted. The inventive device is self-configuring and locks itself to the IP address of its client. Thus, the client cannot change its IP address once set and therefore cannot emulate the IP address of another client. When a packet is transmitted from the protected host, the security device translates the MAC address of the client to its own MAC address before transmitting the packet into the network. Packets addressed to the host, contain the MAC address of the security device. The security device translates its MAC address to the client'"'"'s MAC address before transmitting the packet to the client.
-
Citations
1 Claim
-
1. A method for encrypting a data packet, comprising the steps of:
-
receiving the data packet at a first interface from a particular node, said packet having a header containing a source address and a first physical layer address of said particular node, said source address being an Internet address of said particular node;
replacing the first physical layer address in the received packet header with a second physical layer address;
determining a checksum verifing the packet;
saving the determined checksum in the packet; and
encrypting the packet including the checksum, but leaving the Internet address unencrypted and its position in the packet header unchanged.
-
Specification