Hybrid network
First Claim
Patent Images
1. A communications network arranged for segregation of network traffic generated by users having different security classes but carried over the same physical infrastructure, the network comprising;
- connection means for a plurality of constituent virtual networks sharing a physical infrastructure, arranged such that, in use each constituent virtual network may be connected to one or more terminals carrying network traffic having a respective security class;
encryption means for encrypting traffic on the first virtual network supporting the low-security users, a gateway connecting the constituent virtual networks to each other, the gateway having means for identifying network traffic passing from a first virtual network associated with a lower security class to a second virtual network associated with a higher security class, and access means for allowing only such network traffic from the first virtual network that is correctly so encrypted to be carried over the second virtual network supporting the high-security users.
1 Assignment
0 Petitions
Accused Products
Abstract
The 802.11b wireless LAN specification is compromised by the weaknesses of WEP. The invnetion routes wireless transmissions to the LAN via a firewall or VPN gateway and encrypts them.
-
Citations
10 Claims
-
1. A communications network arranged for segregation of network traffic generated by users having different security classes but carried over the same physical infrastructure, the network comprising;
-
connection means for a plurality of constituent virtual networks sharing a physical infrastructure, arranged such that, in use each constituent virtual network may be connected to one or more terminals carrying network traffic having a respective security class;
encryption means for encrypting traffic on the first virtual network supporting the low-security users, a gateway connecting the constituent virtual networks to each other, the gateway having means for identifying network traffic passing from a first virtual network associated with a lower security class to a second virtual network associated with a higher security class, and access means for allowing only such network traffic from the first virtual network that is correctly so encrypted to be carried over the second virtual network supporting the high-security users. - View Dependent Claims (2, 3, 4, 5)
-
- 6. A method of handling data traffic between terminals of a common physical interface, wherein the terminals are allocated to a plurality of different security classes, and wherein traffic from terminals allocated to a lower security class is encrypted when carried to terminals allocated to a higher security class
- 8. A method for the segregation of network terminals having different security levels using the same physical network infrastructure, low-security users and higher-security terminals being connected to different virtual networks carried on the same physical network, a gateway with firewall capabilities being provided for access between the virtual networks, traffic on the virtual network supporting the low-security terminals being encrypted.
Specification