Security checking program for communication between networks
First Claim
1. A method for determining if a multiplicity of networks are authorized to communicate with each other and what IP protocol can be used for communication between each combination of two of said networks, said method comprising the steps of:
- for each network, storing in a computer readable data base a record of (a) IP protocol(s) permitted to be used with said each network and (b) types of other networks permitted to communicate to said each network;
for said each network, storing in a computer readable data base a record of IP protocols and destination and source networks permitted by a respective firewall or router for said each network;
for said each network, storing in a computer readable data base a record of a type of said each network;
automatically identifying multiple combinations of said networks, each of said combinations comprising a source network and a destination network;
for each of said combinations, based on said records, automatically determining if each of said networks in said each combination is permitted to communicate with the other network in said each combination and what IP protocol(s) are common to both of said networks in said each combination.
2 Assignments
0 Petitions
Accused Products
Abstract
A method for determining if a multiplicity of networks are authorized to communicate with each other and what IP protocol can be used for communication between each combination of two of the networks. For each network, a computer readable data base stores a record of (a) IP protocol(s) permitted to be used with said each network and (b) types of other networks permitted to communicate to said each network. For said each network, a computer readable data base stores a record of IP protocols and destination and source networks permitted by a respective firewall or router for said each network. For said each network, a computer readable data base stores a record of a type of said each network. Multiple combinations of the networks are automatically identified. Each of the combinations comprises a source network and a destination network. For each of the combinations, based on the records, it is automatically determined if each of the networks in the combination is permitted to communicate with the other network in the combination and what IP protocol(s) are common to both of the networks in the combination.
-
Citations
10 Claims
-
1. A method for determining if a multiplicity of networks are authorized to communicate with each other and what IP protocol can be used for communication between each combination of two of said networks, said method comprising the steps of:
-
for each network, storing in a computer readable data base a record of (a) IP protocol(s) permitted to be used with said each network and (b) types of other networks permitted to communicate to said each network;
for said each network, storing in a computer readable data base a record of IP protocols and destination and source networks permitted by a respective firewall or router for said each network;
for said each network, storing in a computer readable data base a record of a type of said each network;
automatically identifying multiple combinations of said networks, each of said combinations comprising a source network and a destination network;
for each of said combinations, based on said records, automatically determining if each of said networks in said each combination is permitted to communicate with the other network in said each combination and what IP protocol(s) are common to both of said networks in said each combination. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A system for determining if a multiplicity of networks are authorized to communicate with each other and what IP protocol can be used for communication between each combination of two of said networks, said system comprising:
-
for each network, means for storing in a computer readable data base a record of (a) IP protocol(s) permitted to be used with said each network and (b) types of other networks permitted to communicate to said each network;
for said each network, means for storing in a computer readable data base a record of IP protocols and destination and source networks permitted by a respective firewall or router for said each network;
for said each network, means for storing in a computer readable data base a record of a type of said each network;
means for automatically identifying multiple combinations of said networks, each of said combinations comprising a source network and a destination network; and
for each of said combinations, means, based on said records, for automatically determining if each of said networks in said each combination is permitted to communicate with the other network in said each combination and what IP protocol(s) are common to both of said networks in said each combination. - View Dependent Claims (8)
-
-
9. A computer program product for determining if a multiplicity of networks are authorized to communicate with each other and what IP protocol can be used for communication between each combination of two of said networks, said computer program product comprising:
-
a computer readable medium;
for each network, first program instructions to store in a computer readable data base a record of (a) IP protocol(s) permitted to be used with said each network and (b) types of other networks permitted to communicate to said each network;
for said each network, second program instructions to store in a computer readable data base a record of IP protocols and destination and source networks permitted by a respective firewall or router for said each network;
for said each network, third program instructions to store in a computer readable data base a record of a type of said each network;
fourth program instructions to automatically identify multiple combinations of said networks, each of said combinations comprising a source network and a destination network;
for each of said combinations, fifth program instructions, based on said records, to automatically determine if each of said networks in said each combination is permitted to communicate with the other network in said each combination and what IP protocol(s) are common to both of said networks in said each combination; and
whereinsaid first, second, third, fourth and fifth program instructions are recorded on said medium. - View Dependent Claims (10)
-
Specification