System and method for controlling interactions between networks

US 6,182,226 B1
Filed: 03/18/1998
Issued: 01/30/2001
Est. Priority Date: 03/18/1998
Status: Expired due to Term

First Claim

Patent Images

1. A method of achieving network separation within a computing system having network interfaces connected to form a plurality of physical networks, the method comprising the steps of:

defining a plurality of regions;

defining a virtual private network;

establishing a set of security policies, wherein the set of security policies defines rules for communicating between each of the plurality of regions;

assigning each physical network to one of the plurality of regions;

assigning the virtual private network to one of the plurality of regions; and

restricting communication between the plurality of regions in accordance with the set of security policies.

View all claims

13 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A firewall is used to achieve network separation within a computing system having a plurality of network interfaces. A plurality of regions is defined within the firewall and a set of policies is configured for each of the plurality of regions. The firewall restricts communication to and from each of the plurality of network interfaces in accordance with the set of policies configured for the one of the plurality of regions to which the one of the plurality of network interfaces has been assigned.

Citations

32 Claims

1. A method of achieving network separation within a computing system having network interfaces connected to form a plurality of physical networks, the method comprising the steps of:
- defining a plurality of regions;
  
  defining a virtual private network;
  
  establishing a set of security policies, wherein the set of security policies defines rules for communicating between each of the plurality of regions;
  
  assigning each physical network to one of the plurality of regions;
  
  assigning the virtual private network to one of the plurality of regions; and
  
  restricting communication between the plurality of regions in accordance with the set of security policies.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method according to claim 1, wherein establishing a set of security policies includes defining an access rule for communication between two regions.
  - 3. The method according to claim 2, wherein the access rule establishes permissions for use of a communication path between the source and destination regions.
  - 4. The method according to claim 2, wherein the access rule establishes one or more constraints on use of a communication path between the source and destination regions.
  - 5. The method according to claim 4, wherein the constraints include an encryption requirement.
  - 6. The method according to claim 4, wherein the constraints include an authentication requirement.
  - 7. The method according to claim 4, wherein the constraints include a constraint from a group of constraints including a time of day restriction, a concurrent sessions restriction, connection redirection, an address restriction, a host name restriction and a user restriction.
  - 8. The method according to claim 1, wherein restricting communication includes routing communication between different regions to an application level proxy, wherein the application level proxy applies the set of security policies.

9. A secure server, comprising:
- an operating system kernel;
  
  a plurality of network interfaces, wherein the network interfaces are connected to form a plurality of physical networks and wherein each of the plurality of network interfaces communicates with the operating system kernel;
  
  a virtual private network;
  
  a plurality of regions; and
  
  a security policy, wherein the security policy defines rules for communicating between each of the plurality of regions;
  
  wherein each of the physical networks is assigned to a region;
  
  wherein the virtual private network is assigned to a region; and
  
  wherein communication between the plurality of regions is restricted in accordance with the security policy.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 17)
- - 10. The secure server according to claim 9, wherein the security policy uses an access rule to restrict communication between two regions and wherein communication between a source and destination region is only allowed if an access rule has been defined for communication from the source region to the destination region.
  - 11. The secure server according to claim 10, wherein the access rule establishes permissions for use of a communication path between the source and destination regions.
  - 12. The secure server according to claim 10, wherein the access rule establishes one or more constraints on use of a communication path between the source and destination regions.
  - 13. The secure server according to claim 12, wherein the constraints include an encryption requirement.
  - 14. The secure server according to claim 12, wherein the constraints include an authentication requirement.
  - 15. The secure server according to claim 12, wherein the constraints include a constraint from a group of constraints including a time of day restriction, a concurrent sessions restriction, connection redirection, an address restriction, a host name restriction and a user restriction.
  - 16. The secure server according to claim 10, wherein the secure server further comprises an application level proxy and wherein communication between regions is first examined by the application level proxy.
  - 17. The secure server according to claim 10, wherein the secure server further comprises an application level proxy and wherein communication between regions is first examined by the application level proxy.

18. In a computer system having a plurality of network interfaces, including a first and a second network interface, in which the first and second network interfaces are connected to first and second networks, respectively, a method of processing a packet having a source region and a destination region, the method comprising:
- defining a plurality of regions, wherein defining includes assigning a first region identifier to the first network and a second region identifier to the second network;
  
  establishing a security policy, wherein the security policy defines rules for communicating between the plurality of regions;
  
  receiving a packet at the first network interface;
  
  assigning the first region identifier to the packet;
  
  reviewing the security policy to determine if transfer of the packet between the source region and the destination region is permitted for packets assigned the first region identifier; and
  
  if so, forwarding the packet to the destination region.
- View Dependent Claims (19)
- - 19. The method according to claim 18 wherein reviewing the security policy includes issuing a mgbind() system call to ensure that sockets receive data only from a predefined region.

20. In a computer system having a plurality of network interfaces, including a first and a second network interface, in which the first and second network interfaces are connected to first and second networks, respectively, a method of processing a packet having a source region and a destination region, the method comprising:
- providing a virtual private network;
  
  defining a plurality of regions, wherein defining includes assigning a first region identifier to the first network, a second region identifier to the second network and a third region identifier to the virtual private network;
  
  establishing a security policy, wherein the security policy defines rules for communicating between the plurality of regions;
  
  receiving a packet at the first network interface;
  
  assigning the first region identifier to the packet;
  
  determining if the packet is encrypted;
  
  if the packet is encrypted, changing the region identifier assigned to the packet, wherein changing the region identifier includes;
  
  retrieving a virtual private network security association for the packet;
  
  decrypting the packet; and
  
  replacing the first region identifier with the third region identifier;
  
  reviewing the security policy to determine if transfer of the packet between the source region and the destination region is permitted when the packet is received from the virtual private network; and
  
  if so, forwarding the packet to the destination.
- View Dependent Claims (21)
- - 21. The method according to claim 20 wherein reviewing the security policy includes issuing a mgbind() system call to ensure that sockets receive data only from a predefined region.

22. A method of achieving network separation within a computing system having a plurality of networks, including a virtual private network, the method comprising the steps of:
- defining a plurality of regions;
  
  configuring a set of security policies, wherein the set of security policies defines rules for communicating between each of the plurality of regions;
  
  assigning each of the plurality of networks to one of the plurality of regions, wherein assigning includes assigning a region identifier to the virtual private network; and
  
  restricting communication between regions in accordance with the set of security policies.
- View Dependent Claims (23, 24, 25, 26, 27)
- - 23. The method according to claim 22, wherein establishing a set of security policies includes defining an access rule for communication between two regions.
  - 24. The method according to claim 23, wherein the access rule establishes permissions for use of a communication path between the two regions.
  - 25. The method according to claim 23, wherein the access rule establishes one or more constraints on use of a communication path between the two regions.
  - 26. The method according to claim 23, wherein the constraints include a constraint from a group of constraints including an encryption requirement, an authentication requirement, a time of day restriction, a concurrent sessions restriction, connection redirection, an address restriction, a host name restriction and a user restriction.
  - 27. The method according to claim 22, wherein restricting communication includes routing communication between different regions to an application level proxy, wherein the application level proxy applies the set of security policies.

28. In a computer network system having a plurality of regions and a plurality of services, including a first service, wherein each service defines a protocol for transferring data between two of the plurality of regions, and wherein each region includes one or more networks, a method of limiting transfers between regions, comprising:
- defining a to-from set, wherein the to-from set lists a source region and a destination region;
  
  associating the to-from set with the first service;
  
  defining a path, wherein the path includes desired options for limiting transfer from the source region to the destination region via the first service;
  
  storing information regarding the to-from set, the first service and the path as an access control rule;
  
  receiving a request to set up said first service between the source region and the destination region;
  
  comparing the request to the access control rule to determine access; and
  
  if access is allowed, establishing the service between the source and destination regions.

29. A method of achieving network separation within a computing system having network interfaces connected to form a plurality of physical networks, the method comprising the steps of:
- defining a plurality of regions;
  
  establishing a set of security policies, wherein the set of security policies defines rules for communicating between each of the plurality of regions;
  
  assigning each physical network to one of the plurality of regions, wherein at least one of the regions is assigned two or more networks; and
  
  restricting communication between the plurality of regions in accordance with the set of security policies.
- View Dependent Claims (30)
- - 30. The method according to claim 29, wherein establishing a set of security policies includes defining an access rule for communication between two regions.

31. A secure server, comprising:
- an operating system kernel;
  
  a plurality of network interfaces, wherein the network interfaces are connected to form a plurality of physical networks and wherein each of the plurality of network interfaces communicates with the operating system kernel;
  
  three or more regions; and
  
  a security policy, wherein the security policy defines rules for communicating between each of the plurality of regions;
  
  wherein each of the physical networks is assigned to a region;
  
  wherein at least one of the regions has two or more networks assigned to that region; and
  
  wherein communication between the plurality of regions is restricted in accordance with the security policy.
- View Dependent Claims (32)
- - 32. The secure server according to claim 31, wherein the security policy uses an access rule to restrict communication between two regions and wherein communication between a source and destination region is only allowed if an access rule has been defined for communication from the source region to the destination region.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
McAfee, LLC
Original Assignee
Secure Computing Corporation (McAfee, LLC)
Inventors
Reid, Irving, Minear, Spencer
Primary Examiner(s)
Beausoliel, Jr., Robert W.
Assistant Examiner(s)
REVAK, CHRISTOPHER A

Application Number

US09/040,832
Time in Patent Office

1,049 Days
Field of Search

713/200, 713/201, 713/202, 707/9, 709/225, 709/229, 709/228, 709/227, 711/163
US Class Current

726/15
CPC Class Codes

H04L 63/0227   Filtering policies mail mes...

H04L 63/0263   Rule management

H04L 63/0272   Virtual private networks

H04L 9/40   Network security protocols

System and method for controlling interactions between networks

First Claim

13 Assignments

0 Petitions

Accused Products

Abstract

Citations

32 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for controlling interactions between networks

First Claim

13 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

32 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links