System having filtering/monitoring of secure connections
First Claim
Patent Images
1. A method of filtering a secure channel, comprising:
- establishing a secure tunnel between first and second devices over at least a first network; and
filtering packets at the first network to block packets that do not meet specified requirements for packets over the secure tunnel.
1 Assignment
0 Petitions
Accused Products
Abstract
Traffic over a secure link or tunnel is filtered to block packets that do not conform to specified requirements for the tunnel. In one embodiment, a private network, such as an ISP network, includes a filter for blocking packets not associated with an IPSec VPN tunnel. The ISP network and/or one or both of the tunnel endpoints can include monitoring modules for detecting the presence of packets that should have been blocked by the filter.
-
Citations
23 Claims
-
1. A method of filtering a secure channel, comprising:
-
establishing a secure tunnel between first and second devices over at least a first network; and
filtering packets at the first network to block packets that do not meet specified requirements for packets over the secure tunnel. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method of monitoring a secure link, comprising:
-
recognizing a Virtual Private Network (VPN) tunnel between a first device and a second device; and
filtering traffic within an Internet Service Provider (ISP) network through which the tunnel passes to block packets that are not encrypted packets addressed to or from one of the first and second devices. - View Dependent Claims (10, 11, 12, 13)
-
-
14. A network, comprising:
-
a plurality of switching devices for providing connection paths through the network including secure tunnels; and
a filter module for filtering packets in a first secure tunnel through the network between first and second devices external to the network. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23)
-
Specification