Method for providing media communication across firewalls
First Claim
1. A packet-based communication network for communication through a communication network gateway comprising:
- a firewall on the communication network gateway for securing communications to and from the network;
a communication device on the communication network connected to the firewall by a communication link;
a trusted entity linked to the firewall by a communication link, said link allowing information packets to be sent to a first communication pinhole through the firewall to the communication device; and
said trusted entity replacing an address designation in the address header of one of said information packets with an address designation for the first communication pinhole so the information packet can be transmitted through said pinhole to said communication device.
8 Assignments
0 Petitions
Accused Products
Abstract
The present invention supports a method for transmitting information packets across network firewalls. A trusted entity is provisioned with an address designation for a pinhole through the firewall during setup of a communication session between two communication devices. This pinhole address is used throughout the communication session between the two communication devices to transmit information packets onto and out of the communication network.
Information packets addressed to the communication device inside the firewall are received by the trusted entity, which replaces address header information in the information packet with the address for the pinhole. The information packet is routed to the pinhole where it passes onto the network for routing to the communication device inside the firewall. Information packets transmitted from the network are also routed to the trusted entity for routing toward the communication device outside the firewall.
315 Citations
20 Claims
-
1. A packet-based communication network for communication through a communication network gateway comprising:
-
a firewall on the communication network gateway for securing communications to and from the network;
a communication device on the communication network connected to the firewall by a communication link;
a trusted entity linked to the firewall by a communication link, said link allowing information packets to be sent to a first communication pinhole through the firewall to the communication device; and
said trusted entity replacing an address designation in the address header of one of said information packets with an address designation for the first communication pinhole so the information packet can be transmitted through said pinhole to said communication device. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method for routing information packets across a firewall to a packet-based communication network comprising the steps of:
-
receiving a create pinhole request at a trusted entity linked to the firewall of the communication network and located outside the communication network;
creating a pinhole communication port in the firewall in response to the create pinhole request;
receiving a first information packet at the trusted entity to be transmitted across the firewall through said pinhole;
replacing an address in the information packet address header information with a communication port address for a pinhole created in the firewall; and
forwarding the information packet to a destination address across the firewall using the communication port address for the pinhole communication port. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A method for using a pinhole communication port in a packet-based communication network firewall comprising the steps of:
-
providing a trusted entity having an input and an output outside the communication network;
linking said trusted entity to the pinhole communication port;
transmitting a first signal from the communication network to the input of the trusted entity, wherein said signal has an address designation for said pinhole communication port;
providing a routing table on the trusted entity with the address designations for the pinhole communication port;
receiving a packet transmission at the input of the trusted entity to be sent to a communication device inside the communication network;
placing the address designation for the pinhole communication port as the address header of the packet transmission; and
transmitting the packet transmission from the output of the trusted entity to the pinhole communication port for transmission onto the communication device. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification