Automated configuration of a virtual private network

US 20030041136A1
Filed: 08/23/2001
Published: 02/27/2003
Est. Priority Date: 08/23/2001
Status: Active Grant

First Claim

Patent Images

1. A computer implemented method for remotely configuring a Virtual Private Network (VPN) between a client-side system and a server-side system, comprising:

receiving data indicative of a selected server-side system and a selected client-side system between which a VPN is to be established;

automatically determining security settings for said client-side system based at least partially on said data; and

automatically transmitting VPN configuration details to said client-side system, where said VPN configuration details include said security settings, such that in use said client-side system is automatically configured with said VPN configuration details to establish a secure VPN tunnel between said client-side system and said server-side system.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Data is received by a service provider that is indicative of a selected server-side system and a selected client-side system between which a VPN is to be established. Security settings are then automatically determined for the client-side system based at least partially on the data. The security settings are preferably public and private keys and/or a Digital Certificate. VPN configuration details, including the security settings, are then automatically transmitted to the client-side system. The client side system then uses the configuration details to automatically configure itself to establish a secure VPN tunnel between the server-side system and itself. VPN configuration details may also be automatically transmitted to a VPN concentrator within the server-side system. A Virtual Private Network tunnel is subsequently established between the client-side system and the server-side system, and the tunnel'"'"'s operation verified. A computer program product for configuring a VPN system is also provided. (147 words)

Citations

27 Claims

1. A computer implemented method for remotely configuring a Virtual Private Network (VPN) between a client-side system and a server-side system, comprising:
- receiving data indicative of a selected server-side system and a selected client-side system between which a VPN is to be established;
  
  automatically determining security settings for said client-side system based at least partially on said data; and
  
  automatically transmitting VPN configuration details to said client-side system, where said VPN configuration details include said security settings, such that in use said client-side system is automatically configured with said VPN configuration details to establish a secure VPN tunnel between said client-side system and said server-side system.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The computer implemented method of claim 1, wherein said receiving comprises obtaining said data indicative of a selected server in said server-side system and a selected user of said client-side system from a system administrator, via an electronic network.
  - 3. The computer implemented method of claim 1, wherein said determining comprises creating a public and private key.
  - 4. The computer implemented method of claim 1, wherein said determining comprises establishing a Digital Certificate.
  - 5. The computer implemented method of claim 1, further comprising:
    - automatically ascertaining further security settings for said server-side system;
      
      automatically transmitting VPN configuration details to a concentrator within said server-side system, where said VPN configuration details include said further security settings.
  - 6. The computer implemented method of claim 1, further comprising:
    - automatically ascertaining further security settings for said server-side system; and
      
      automatically transmitting VPN configuration details to a firewall within said server-side system, where said VPN configuration details include said further security settings.
  - 7. The computer implemented method of claim 1, wherein said transmitting comprises communicating said VPN configuration details to a modem within said client-side system.
  - 8. The computer implemented method of claim 1, wherein said transmitting comprises communicating said VPN configuration details to a firewall on a modem within said client-side system.
  - 9. The computer implemented method of claim 1, further comprising the step, after said determining step, of:
    - storing said data and said security settings.
  - 10. The computer implemented method of claim 1, further comprising the steps, after said transmitting step, of:
    - receiving a password from said client-side system; and
      
      authenticating said password.
  - 11. The computer implemented method of claim 1, further comprising:
    - establishing a Virtual Private Network tunnel between said client-side system and said server-side system; and
      
      verifying that said tunnel is operational.
  - 12. The computer implemented method of claim 1, further comprising configuring a login page on a modem within said client-side system.

13. A computer program product for use in conjunction with a computer system for remotely configuring a Virtual Private Network (VPN) between a client-side system and a server-side system, the computer program product comprising a computer readable storage and a computer program stored therein, the computer program comprising:
- instructions for receiving data indicative of a selected server-side system and a selected client-side system between which a VPN is to be established;
  
  instructions for automatically determining security settings for said client-side system based at least partially on said data; and
  
  instructions for automatically transmitting VPN configuration details to said client-side system, where said VPN configuration details include said security settings.
- View Dependent Claims (14, 15, 16, 17)
- - 14. The computer program product of claim 13, wherein said instructions for receiving further comprise instructions for obtaining said data indicative of a selected server in said server-side system and a selected user of said client-side system from a system administrator, via an electronic network.
  - 15. The computer program product of claim 13, wherein said instructions for determining further comprise instructions for creating a public and private key.
  - 16. The computer program product of claim 13, wherein said instructions for determining further comprise instructions for establishing a Digital Certificate.
  - 17. The computer program product of claim 13, wherein said computer program further comprises:
    - instructions for automatically ascertaining further security settings for said server-side system; and
      
      instructions for automatically transmitting VPN configuration details to a concentrator within said server-side system, where said VPN configuration details include said further security settings.

18. A computer implemented method for remotely configuring a Virtual Private Network (VPN) between a client-side system and a server-side system, comprising:
- receiving at a modem within said client-side system, VPN configuration details from a service provider system, where said VPN configuration details include security settings for establishing a VPN with a remote server-side system; and
  
  automatically configuring said modem, with said VPN configuration details, such that in use a secure VPN tunnel can be established between said client-side system and said server-side system.
- View Dependent Claims (19, 20, 21, 24)
- - 19. The computer implemented method of claim 18, wherein said configuring further comprises setting-up a firewall on said modem with said security settings.
  - 20. The computer implemented method of claim 18, further comprising:
    - receiving a password from said client-side system; and
      
      authenticating said password.
  - 21. The computer implemented method of claim 20, wherein said authenticating comprises:
    - sending said password to an authentication server within said server-side system;
      
      receiving authentication from said authentication server.
  - 24. The remotely configurable Virtual Private Network (VPN) of claim 18, wherein said server-side network further comprises:
    - a router configured to electrically couple to the Internet;
      
      a firewall electrically coupled to said router;
      
      an authentication server for authenticating a user of said client computer;
      
      a file server;
      
      a proxy server; and
      
      a DNS (Domain Name System) server.

22. A remotely configurable Virtual Private Network (VPN) comprising:
- a client-side network comprising;
  
  a modem that communicates with the Internet; and
  
  at least one client computer electrically coupled to said modem;
  
  a server-side network comprising;
  
  a VPN concentrator that communicates with the Internet; and
  
  at least one server electrically coupled to said VPN concentrator; and
  
  a service provider network comprising;
  
  a security generator for automatically determining security settings used to secure VPN communication between said client computer and said server;
  
  a VPN synchronizer for automatically configuring said modem with said security settings; and
  
  a modem synchronizer for automatically configuring said modem with said security settings.
- View Dependent Claims (23, 25, 26, 27)
- - 23. The remotely configurable Virtual Private Network (VPN) of claim 22, wherein said modem is a DSL (Digital Subscriber Line) modem.
  - 25. The remotely configurable Virtual Private Network (VPN) of claim 22, wherein said server-side network further comprises an authentication server for authenticating a user of said client computer.
  - 26. The remotely configurable Virtual Private Network (VPN) of claim 22, wherein said service provider network further comprises:
    - a VPN provider;
      
      a DNS (Domain Name System) server; and
      
      an HTTP server.
  - 27. The remotely configurable Virtual Private Network (VPN) of claim 22, wherein said security generator is a PKI (Public Key Infrastructure) Synchronizer.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
DIRECTV, LLC (AT&T, Inc.)
Original Assignee
Hughes Electronics Corporation (AT&T, Inc.)
Inventors
Zhang, Ye, Cheline, Douglas A., Ma, Michael, Chong, Lester J.

Granted Patent

US 7,197,550 B2
Time in Patent Office

Days
Field of Search
US Class Current

709/223
CPC Class Codes

H04L 63/0272   Virtual private networks

H04L 63/0823   using certificates cryptogr...

H04L 63/0838   using one-time-passwords

H04L 63/102   Entity profiles

H04L 63/18   using different networks or...

H04L 63/20   for managing network securi...

H04L 67/14   Session management for real...

H04L 67/34   involving the movement of s...

H04L 69/329   in the application layer [O...

H04L 9/40   Network security protocols

Automated configuration of a virtual private network

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

Citations

27 Claims

Specification

Solutions

Use Cases

Quick Links

Automated configuration of a virtual private network

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

27 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links