Virtual security interface
First Claim
1. A network security method for hiding and securing a network comprising:
- establishing at a first security interface a first secured network connection between a first secured network and a second secured network, the first secured network connection established for a first packet which is addressed to a virtual security interface and which is destined for the second secured network; and
responding to a network condition by establishing at a second security interface at least one second secured network connection between the first secured network and the second secured network, the at least one second secured network connection established for a second packet which is addressed to the virtual security interface and which is destined for the second secured network.
12 Assignments
0 Petitions
Accused Products
Abstract
In some networking situations, securing an inner packet of a tunnel packet requires an intermediary networking device knowing a destination address of the secured inner packet. Consequently, an identity of a secured network is known to others and presents a security risk. The provided technique addresses this risk by: i) establishing at a first security interface a first secured network connection between a first and second secured network, the connection established for a first packet addressed to a virtual security interface and destined for the second secured network; and ii) responding to a network condition by establishing at a second security interface at least one second secured network connection between the first and second secured network, the connection established for a second packet addressed to the virtual security interface and destined for the second secured network.
82 Citations
14 Claims
-
1. A network security method for hiding and securing a network comprising:
-
establishing at a first security interface a first secured network connection between a first secured network and a second secured network, the first secured network connection established for a first packet which is addressed to a virtual security interface and which is destined for the second secured network; and responding to a network condition by establishing at a second security interface at least one second secured network connection between the first secured network and the second secured network, the at least one second secured network connection established for a second packet which is addressed to the virtual security interface and which is destined for the second secured network. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
- 11. A network security apparatus for hiding and securing a network comprising at least one security interface configured for establishing a secured network connection between a first secured network and a second secured network, the secured network connection established for a packet which is addressed to a virtual security interface and which is destined for the second secured network.
-
14. A computer program product comprising:
a computer usable medium embodying computer usable code for hiding and securing a network, the computer program product including;
computer usable program code for establishing at a first security interface a first secured network connection between a first secured network and a second secured network, the first secured network connection established for a first packet which is addressed to a virtual security interface and which is destined for the second secured network; and
computer usable code for responding to a network condition by establishing at a second security interface at least one second secured network connection between the first secured network and the second secured network, the at least one second secured network connection established for a second packet which is addressed to the virtual security interface and which is destined for the second secured network.
Specification