Providing consistent application aware firewall traversal
First Claim
1. At a gateway server in a computerized environment in which a client computer system accesses a resource at the gateway server through a firewall, the gateway server providing application layer connections through a firewall, a method comprising the acts of:
- receiving a connection request from a client, wherein the connection request identifies a resource with which the client would like to connect;
quarantining a connection with the client to determine if the client has installed a minimum set of one or more features;
identifying a protocol processor plug-in based on a resource type of the identified resource; and
forwarding the connection with the client to the identified protocol processor plug-in.
2 Assignments
0 Petitions
Accused Products
Abstract
Implementations of the present invention relate to a communication framework that is readily adaptable to a wide variety of resources intended to be accessible through a firewall. In general, a communication framework at a gateway server can provide a specific connection to a requested resource in accordance with a wide range of resource and/or network access policies. In one instance, a client requests a connection to a specific resource behind a firewall. The communication framework authenticates the connection, and quarantines the connection until determining, for example, that the client is using an appropriate resource features. If appropriately authenticated, the communication framework can pass control of the connection to an appropriately identified protocol plug-in processor, which facilitates a direct connection to the requested resource at an application layer of a communication stack.
-
Citations
20 Claims
-
1. At a gateway server in a computerized environment in which a client computer system accesses a resource at the gateway server through a firewall, the gateway server providing application layer connections through a firewall, a method comprising the acts of:
-
receiving a connection request from a client, wherein the connection request identifies a resource with which the client would like to connect;
quarantining a connection with the client to determine if the client has installed a minimum set of one or more features;
identifying a protocol processor plug-in based on a resource type of the identified resource; and
forwarding the connection with the client to the identified protocol processor plug-in. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. At a client computer system in a computerized environment in which the client accesses a resource through a gateway server firewall, the gateway server providing application layer connections through a firewall, a method comprising the acts of:
-
sending a request for a connection at a gateway server, wherein the request identifies a server resource to connect with a corresponding client resource;
receiving a request from the gateway server for a minimum set of one or more features supported by the client;
sending a feature response to the gateway server, the feature response indicating which of the requested set of one or more features are supported by the client; and
connecting to an application layer of a communication stack at the gateway server, such that the client resource communicates data with a protocol processor plug-in associated with the server resource. - View Dependent Claims (16, 17, 18, 19)
-
-
20. At a gateway server in a computerized environment in which a client computer system accesses a resource at the gateway server through a firewall, the gateway server having at least a remote procedure call layer and a secure hypertext transfer protocol layer in a communication framework, a computer program product having computer-executable instructions stored thereon that, when executed, cause one or more processes at the gateway server to perform a method comprising the following:
-
receiving a connection request from a client, wherein the connection request identifies a resource with which the client would like to connect;
quarantining a connection with the client to determine if the client has installed a minimum set of one or more features;
identifying a protocol processor plug-in based on a resource type of the identified resource; and
forwarding the connection with the client to the identified protocol processor plug-in.
-
Specification