Architecture for virtual private networks
First Claim
Patent Images
1. A method for sending a data packet from a first member of a virtual private network to a second member of said virtual private network comprising the steps of:
- receiving said data packet enroute to said second member;
determining that said data packet is being sent between members of said virtual private network;
determining the packet manipulation rules for packets sent between members of said virtual private network;
forming a secure data packet by executing said packet manipulation rules on said data packet; and
forwarding said secure data packet to said second member of said virtual private network;
wherein said step of determining the packet manipulation rules comprises the step of accessing a lookup table that maintains information identifying compression, encryption and authentication algorithms to be utilized for data packets sent between members of the virtual private network;
wherein said step of forming a secure data packet comprises the steps of encrypting at least a payload portion of the data packet according to the identified encryption algorithm; and
providing authentication information for the data packet according to the identified authentication algorithm; and
wherein said step of forming a secure data packet further comprises the step of compressing said payload portion of the data packet according to the compression algorithm identified.
16 Assignments
0 Petitions
Accused Products
Abstract
Protocols and architecture for secure virtual private networks. Intraenterprise data communications are supported in a secure manner over the Internet or other public network space with the implementation of secure virtual private networks. Members of a virtual private network group exchange data that may be compressed, encrypted and authenticated, if the exchange is between members of the group.
-
Citations
5 Claims
-
1. A method for sending a data packet from a first member of a virtual private network to a second member of said virtual private network comprising the steps of:
-
receiving said data packet enroute to said second member;
determining that said data packet is being sent between members of said virtual private network;
determining the packet manipulation rules for packets sent between members of said virtual private network;
forming a secure data packet by executing said packet manipulation rules on said data packet; and
forwarding said secure data packet to said second member of said virtual private network;
wherein said step of determining the packet manipulation rules comprises the step of accessing a lookup table that maintains information identifying compression, encryption and authentication algorithms to be utilized for data packets sent between members of the virtual private network;
wherein said step of forming a secure data packet comprises the steps of encrypting at least a payload portion of the data packet according to the identified encryption algorithm; and
providing authentication information for the data packet according to the identified authentication algorithm; and
wherein said step of forming a secure data packet further comprises the step of compressing said payload portion of the data packet according to the compression algorithm identified. - View Dependent Claims (2)
-
-
3. A method for securely exchanging data packets by members of a virtual private network comprising the steps of:
-
generating a first data packet which includes a source address, a destination address and a data payload portion;
transmitting said first data packet toward the destination address;
intercepting said first data packet enroute to said destination address;
verifying that said first data packet is being sent between members of a virtual private network group;
determining the packet manipulation rules for packets sent between members of said virtual private network group;
generating a second data packet by performing said packet manipulation rules on said first data packet;
forwarding said second data packet toward said destination address;
receiving said second data packet;
verifying that said second data packet is being sent between members of said virtual private network group;
determining the packet manipulation rules for packets sent between members of said virtual private network group;
generating a third packet by reversing the identified packet manipulation rules, said third packet including said data payload portion; and
delivering said third data packet to said destination address. - View Dependent Claims (4, 5)
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeAvaya Incorporated
-
Original AssigneeVPNet Technologies, Inc. (Avaya Incorporated)
-
InventorsLawler, John, Palma, Derek, Hunt, William E., Bots, Henk J.
-
Primary Examiner(s)Beausoleil, Robert
-
Assistant Examiner(s)Baderman, Scott T.
-
Application NumberUS08/874,090Time in Patent Office1,419 DaysField of Search713/201, 713/153-154, 713/160-161, 709/225, 709/229, 709/204, 709/218, 709/238US Class Current726/15CPC Class CodesH04L 12/46 Interconnection of networksH04L 12/4641 Virtual LANs, VLANs, e.g. v...H04L 2212/00 Encapsulation of packetsH04L 61/00 Network arrangements, proto...H04L 61/45 Network directories; Name-t...H04L 63/0272 Virtual private networksH04L 63/04 for providing a confidentia...H04L 63/0428 wherein the data content is...H04L 63/08 for authentication of entit...H04L 69/04 Protocols for data compress...H04L 9/40 Network security protocols
