System and Method for Remotely Securing a Network from Unauthorized Access
First Claim
1. A process for remotely securing a network from unauthorized access, the network including a plurality of workstations and a device for connection to the Internet comprising:
- providing a firewall having at least two virtual routers at the network location;
connecting the firewall between the device and the workstations in a bridge-mode;
running a client application software locally on the network;
gathering data concerning the characteristics of the network and transmitting that information to a central computer;
retrieving the firewall logs to the central computer;
analyzing the data and firewall logs and transmitting firewall programming instructions to the client application software running on the network; and
programming the firewall internally from the network, thereby converting the firewall from a bridge-mode to a router mode.
7 Assignments
0 Petitions
Accused Products
Abstract
This invention is an improved system and method of efficiently deploying a large scale roll out of secure networks, including a VPN, to clients with limited or non-existent technical staff. The invention allows for a person with minimal technical skills to install, and, if necessary, uninstall the solution. Through a series of automated and/or remotely-controlled steps provided through connections established from inside the site to a centralized system over an unprotected network, the site'"'"'s network can be secured, updated, and/or reconfigured, and returned to its previous state if errors should occur. Furthermore, a virtual private network (VPN) can be established that allows multiple hosts on the VPN but on different local networks to have the same IP address. Additionally, without any additional hardware and as part of the installation process, the invention protects the site from unauthorized local network devices either by preventing them from passing traffic off the local network or by generating notification of their existence.
19 Citations
16 Claims
-
1. A process for remotely securing a network from unauthorized access, the network including a plurality of workstations and a device for connection to the Internet comprising:
-
providing a firewall having at least two virtual routers at the network location; connecting the firewall between the device and the workstations in a bridge-mode; running a client application software locally on the network; gathering data concerning the characteristics of the network and transmitting that information to a central computer; retrieving the firewall logs to the central computer; analyzing the data and firewall logs and transmitting firewall programming instructions to the client application software running on the network; and programming the firewall internally from the network, thereby converting the firewall from a bridge-mode to a router mode. - View Dependent Claims (2, 3, 4, 5, 16)
-
-
6. A secured network comprising:
-
a plurality of network connected components; a firewall having at least two virtual routers, the network components being connected to the firewall; a device for connecting to the Internet connected to the firewall; client application software loaded on one of the network'"'"'s components; and the client application software including network data gathering instructions and security programming instructions for the firewall. - View Dependent Claims (7, 8)
-
-
9. A computer product for use in a local network to protect the network from unauthorized access either remotely or from within, the network including a plurality of network devices, a firewall and an Internet access device, comprising:
-
a) a computer readable medium; b) instructions stored in said computer readable medium which when executed will cause a host computer to; 1) identify and store information concerning the identity of the network connected devices; 2) send the information to a remote computer; 3) receive programming information for a firewall to be installed in the local network; and 4) program the security information into the firewall when installed from within the firewall. - View Dependent Claims (10, 11)
-
-
12. A process for remotely establishing a virtual private network for a plurality of local networks, the local networks including a plurality of workstations, comprising:
-
a) providing a firewall having at least two virtual routers at each network location; b) connecting each of the firewalls between an Internet connection device and the local network workstations in a bridge-mode; c) running a client application software locally on each local network, said software gathering and storing information concerning the characteristics of the local network; d) transmitting the stored information to a central computer from each local network; e) retrieving firewall logs to the central computer; f) analyzing the data and firewall logs and transmitting firewall programming instructions to the each network; g) programming each firewall internally from the local network thereby converting the firewall from a bridge-mode to a firewall router mode; h) establishing a backbone network; i) assigning a network segment to each local network in the form of 1.X.Y.0/24; j) providing each firewall with a network address translation file that will recognize the local network address and direct authorized transmissions to the appropriate local workstation; and k) connecting each local network to the backbone network via a backbone firewall. - View Dependent Claims (13, 14, 15)
-
Specification