Secured FTP architecture
First Claim
1. A system providing secure transfer of data, said system comprising:
- a client system;
a server;
a security system interposed between said client system and said server for controlling communications between said client system and said server, said security system including;
a first proxy system and a second proxy system, said first proxy system coupled between said client system and said second proxy system, and said second proxy system coupled between said server and said first proxy system;
a firewall coupled between said first proxy system and said second proxy system, said firewall restricting data flow between said first proxy system and said second proxy system to outbound communications through a single port on said firewall;
wherein all FTP data are transferred between said client system and said server through said single port on said firewall.
1 Assignment
0 Petitions
Accused Products
Abstract
A system for providing secured file transfer protocol (“FTP”) services between a passive FTP client system coupled to a private network and a FTP server coupled to a public communication network, such as the Internet. The passive FTP client system requests a communication session with a first proxy server that is coupled to the private network. The passive FTP client system submits to the first proxy server the uniform resource locator (“URL”) of a desired FTP server. The first proxy server initiates an outbound request from the private network, through a single port on a firewall, to a second proxy server that is coupled to the public communication network. The first proxy server submits the URL to the second proxy server. The second proxy server uses the URL to establish a FTP session with the desired FTP server. Upon receiving an identified socket provided by the FTP server for the data channel, the first proxy server changes the received data packets from the FTP server by substituting its own IP address for the FTP server'"'"'s IP address, thus identifying a new socket on the first proxy server. The passive FTP client system transmits a FTP data request to the new socket on the first proxy server. The first proxy server forwards the data request to the FTP server via the outbound connection established with the second proxy server. All FTP data flows through a single port on the firewall.
-
Citations
25 Claims
-
1. A system providing secure transfer of data, said system comprising:
-
a client system;
a server;
a security system interposed between said client system and said server for controlling communications between said client system and said server, said security system including;
a first proxy system and a second proxy system, said first proxy system coupled between said client system and said second proxy system, and said second proxy system coupled between said server and said first proxy system;
a firewall coupled between said first proxy system and said second proxy system, said firewall restricting data flow between said first proxy system and said second proxy system to outbound communications through a single port on said firewall;
wherein all FTP data are transferred between said client system and said server through said single port on said firewall. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A method for providing secure transfer of data, said method comprising:
-
using a client system to request data;
using a server to provide data;
controlling communications between said client system and said server using a security system, said security system including;
a first proxy system and a second proxy system, said first proxy system coupled between said client system and said second proxy system, and said second proxy system coupled between said server and said first proxy system;
a firewall coupled between said first proxy system and said second proxy system, said firewall restricting data flow between said first proxy system and said second proxy system to outbound communications through a single port on said firewall;
using said security system to transfer said data between said client and said server; and
restricting all flow of FTP data passing through said security system through a single port on said firewall. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25)
-
Specification