×

System for securing the flow of and selectively modifying packets in a computer network

  • US 5,835,726 A
  • Filed: 06/17/1996
  • Issued: 11/10/1998
  • Est. Priority Date: 12/15/1993
  • Status: Expired due to Term
First Claim
Patent Images

1. A method of inspecting and selectively modifying inbound and outbound data packets in a computer network, the inspection and selective modification of said data packets occurring in accordance with a security rule, the method comprising the steps of:

  • generating a definition of each aspect of the computer network inspected by said security rule;

    generating said security rule in terms of said aspect definitions, said security rule controlling at least one of said aspects;

    converting said security rule into a set of packet filter language instructions for controlling an operation of a packet filtering module which inspects and selectively modifies said data packets in accordance with said security rule;

    coupling said packet filter module to said computer network for inspecting and selectively modifying said data packets in accordance with said security rule, said packet filter module implementing a virtual packet filtering machine; and

    said packet filter module executing said packet filter language instructions for operating said virtual packet filtering machine to either accept or reject the passage of said data packets into and out of said network computer and selectively modify said data packets so accepted.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×