Firewall system for protecting network elements connected to a public network
First Claim
1. A firewall system for preventing non-requested packets coming from a public network from reaching network elements connected thereto, said firewall system comprising:
- a front-end server having internal and external interfaces;
said front-end server external interface being attached to the public network;
said front-end server being configured to drop non-requested incoming packets from the public network;
said non-requested packets including signed packets and unsigned packets; and
a back-end server having internal and external interfaces;
said back-end internal interface being attached to the network elements and to said front end internal interface via said back-end external interface;
said back-end server being so configured as to gather packets requested by the network elements from the public network, and signed packets from the front-end server;
said back-end server being configured so as to prevent leaks from the network elements.
1 Assignment
0 Petitions
Accused Products
Abstract
A firewall system for protecting network elements of computer systems against attack from hosts on the Internet is described herein. The firewall system comprises a front-end server attached to the Internet and a back-end server attached to and between the computer systems to protect the front-end server. The front-end server is configured to prevent all unrequested packets from directly reaching the back-end server and the computer systems attached thereto. The back-end server is configured to forward to the Internet any request originating form the computer systems and to gather signed packets stacked at the front-end server level.
111 Citations
25 Claims
-
1. A firewall system for preventing non-requested packets coming from a public network from reaching network elements connected thereto, said firewall system comprising:
-
a front-end server having internal and external interfaces;
said front-end server external interface being attached to the public network;
said front-end server being configured to drop non-requested incoming packets from the public network;
said non-requested packets including signed packets and unsigned packets; and
a back-end server having internal and external interfaces;
said back-end internal interface being attached to the network elements and to said front end internal interface via said back-end external interface;
said back-end server being so configured as to gather packets requested by the network elements from the public network, and signed packets from the front-end server;
said back-end server being configured so as to prevent leaks from the network elements. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25)
-
Specification