Virtual private data network session count limitation

US 6,910,067 B1
Filed: 06/20/2002
Issued: 06/21/2005
Est. Priority Date: 05/06/1999
Status: Expired due to Fees

First Claim

Patent Images

1. A protocol gateway for limiting access to a data communications network to a predetermined number of VPN sessions belonging to a particular group, the protocol gateway comprising:

a local database checker configured to, in response to a user'"'"'s attempt to initiate a VPN session on the data communications network as a member of a particular group, check a local database to determine if the user'"'"'s VPN session would exceed by a first predetermined number a corresponding maximum number of VPN sessions associated with said particular group at the PoP or would exceed by a second predetermined number a corresponding maximum number of VPN sessions associated with said particular group for the data communications network, said corresponding maximum number of VPN sessions associated with said particular group at the PoP and said corresponding maximum number of VPN sessions associated with said particular group for the data communications network defined in said local database;

a VPN session rejector configured to reject said user'"'"'s attempt to initiate a VPN session if said user'"'"'s log in would exceed by a first predetermined number said corresponding maximum number of VPN sessions associated with said particular group at the PoP or would exceed by a second predetermined number a corresponding maximum number of VPN sessions associated with said particular group for the data communications network; and

a VPN session count incrementer associated with the local database and the user'"'"'s group and responsive to the user'"'"'s initiation of a VPN session.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A data communications network with a plurality of PoPs maintains a local database associated with each PoP and a central database somewhere on the data communications network. The local database contains a group identification such as a domain identification corresponding to a group of users, a maximum number of VPN sessions to provide the group of users at the PoP and a dynamic VPN session count corresponding to active VPN sessions currently provided to the group of users at the PoP. The central database contains a maximum number of VPN sessions to provide the group of users over the entire data communications network and a dynamic network-wide VPN session count corresponding to active VPN sessions currently provided to the group of users on the entire data communications network. Actions are taken when the group attempts to exceed either the local maximum number of sessions or the network-wide maximum number of sessions by more than a predetermined number. The actions may include assessing extra charges, denying access, and sending warning messages to appropriate recipients.

82 Citations

View as Search Results

5 Claims

1. A protocol gateway for limiting access to a data communications network to a predetermined number of VPN sessions belonging to a particular group, the protocol gateway comprising:
- a local database checker configured to, in response to a user'"'"'s attempt to initiate a VPN session on the data communications network as a member of a particular group, check a local database to determine if the user'"'"'s VPN session would exceed by a first predetermined number a corresponding maximum number of VPN sessions associated with said particular group at the PoP or would exceed by a second predetermined number a corresponding maximum number of VPN sessions associated with said particular group for the data communications network, said corresponding maximum number of VPN sessions associated with said particular group at the PoP and said corresponding maximum number of VPN sessions associated with said particular group for the data communications network defined in said local database;
  
  a VPN session rejector configured to reject said user'"'"'s attempt to initiate a VPN session if said user'"'"'s log in would exceed by a first predetermined number said corresponding maximum number of VPN sessions associated with said particular group at the PoP or would exceed by a second predetermined number a corresponding maximum number of VPN sessions associated with said particular group for the data communications network; and
  
  a VPN session count incrementer associated with the local database and the user'"'"'s group and responsive to the user'"'"'s initiation of a VPN session.
- View Dependent Claims (2)
- - 2. The protocol gateway of claim 1, further including:
    - a VPN session count decrementer associated with the local database at a user'"'"'s group, said VPN session count responsive to the user'"'"'s log out;
      
      a VPN stop event published publishing VPN session termination events corresponding to a user'"'"'s group to other subscribing PoPs in response to said user'"'"'s termination of the VPN connection log out; and
      
      a data communications network current VPN session count decrementer at each subscribing PoP responsive to said VPN stop event publisher.

3. A protocol gateway for limiting access to a data communications network to a predetermined number of VPN sessions belonging to a particular group, the protocol gateway comprising:
- a central database checker configured to, in response to a user'"'"'s attempt to initiate a VPN session on the data communications network as a member of a particular group, check a central database to determine if the user'"'"'s VPN session would exceed by a first predetermined number a corresponding network-wide maximum number of VPN sessions associated with said particular group, said corresponding network-wide maximum number of VPN sessions defined in said central database;
  
  a local database checker configured to, in response to a user'"'"'s attempt to initiate a VPN session on the data communications network as a member of a particular group at a PoP, check a local database associated with said PoP to determine if the user'"'"'s VPN session would exceed by a second predetermined number corresponding maximum number of VPN sessions associated with said particular group at said PoP, said corresponding maximum number of VPN sessions associated with said particular group defined in said local database; and
  
  a VPN session rejector configured to reject said user'"'"'s attempt to initiate a VPN session if said user'"'"'s log in would exceed by a first predetermined number said corresponding network-wide maximum number of VPN sessions associated with the user'"'"'s group or by a second predetermined number said corresponding maximum number of VPN sessions associated with said particular group at the PoP.
- View Dependent Claims (4, 5)
- - 4. The protocol gateway of claim 3, further comprising:
    - a published associated with each PoP of the data communications network publishing VPN start events occurring at PoPs of the data communications network.
  - 5. The protocol gateway of claim 4, further comprising:
    - a VPN session count incrementer associated with the local database and the user'"'"'s group, responsive to a user'"'"'s VPN session; and
      
      a VPN session count incrementer associated with the central database and responsive to a subscriber associated with said central database, said subscriber subscribing to said VPN start events and coupled to said central database.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Original Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Inventors
Sitaraman, Aravind, Yager, Charles Troper, Alesso, Craig Michael
Primary Examiner(s)
Meky, Moustafa M.

Application Number

US10/177,395
Time in Patent Office

1,097 Days
Field of Search

709/217, 709/218, 709/219, 709/220, 709/227, 709/225, 709/229, 709/223, 709/224, 709/203, 713/201, 370/352
US Class Current

709/203
CPC Class Codes

H04L 12/4641   Virtual LANs, VLANs, e.g. v...

H04L 12/4679   Arrangements for the regist...

H04L 67/14   Session management for real...

H04L 67/535   Tracking the activity of th...

H04L 69/329   in the application layer [O...

Virtual private data network session count limitation

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

82 Citations

5 Claims

Specification

Solutions

Use Cases

Quick Links

Virtual private data network session count limitation

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

82 Citations

5 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links