Virtual private data network session count limitation
First Claim
1. A protocol gateway for limiting access to a data communications network to a predetermined number of VPN sessions belonging to a particular group, the protocol gateway comprising:
- a local database checker configured to, in response to a user'"'"'s attempt to initiate a VPN session on the data communications network as a member of a particular group, check a local database to determine if the user'"'"'s VPN session would exceed by a first predetermined number a corresponding maximum number of VPN sessions associated with said particular group at the PoP or would exceed by a second predetermined number a corresponding maximum number of VPN sessions associated with said particular group for the data communications network, said corresponding maximum number of VPN sessions associated with said particular group at the PoP and said corresponding maximum number of VPN sessions associated with said particular group for the data communications network defined in said local database;
a VPN session rejector configured to reject said user'"'"'s attempt to initiate a VPN session if said user'"'"'s log in would exceed by a first predetermined number said corresponding maximum number of VPN sessions associated with said particular group at the PoP or would exceed by a second predetermined number a corresponding maximum number of VPN sessions associated with said particular group for the data communications network; and
a VPN session count incrementer associated with the local database and the user'"'"'s group and responsive to the user'"'"'s initiation of a VPN session.
1 Assignment
0 Petitions
Accused Products
Abstract
A data communications network with a plurality of PoPs maintains a local database associated with each PoP and a central database somewhere on the data communications network. The local database contains a group identification such as a domain identification corresponding to a group of users, a maximum number of VPN sessions to provide the group of users at the PoP and a dynamic VPN session count corresponding to active VPN sessions currently provided to the group of users at the PoP. The central database contains a maximum number of VPN sessions to provide the group of users over the entire data communications network and a dynamic network-wide VPN session count corresponding to active VPN sessions currently provided to the group of users on the entire data communications network. Actions are taken when the group attempts to exceed either the local maximum number of sessions or the network-wide maximum number of sessions by more than a predetermined number. The actions may include assessing extra charges, denying access, and sending warning messages to appropriate recipients.
82 Citations
5 Claims
-
1. A protocol gateway for limiting access to a data communications network to a predetermined number of VPN sessions belonging to a particular group, the protocol gateway comprising:
-
a local database checker configured to, in response to a user'"'"'s attempt to initiate a VPN session on the data communications network as a member of a particular group, check a local database to determine if the user'"'"'s VPN session would exceed by a first predetermined number a corresponding maximum number of VPN sessions associated with said particular group at the PoP or would exceed by a second predetermined number a corresponding maximum number of VPN sessions associated with said particular group for the data communications network, said corresponding maximum number of VPN sessions associated with said particular group at the PoP and said corresponding maximum number of VPN sessions associated with said particular group for the data communications network defined in said local database;
a VPN session rejector configured to reject said user'"'"'s attempt to initiate a VPN session if said user'"'"'s log in would exceed by a first predetermined number said corresponding maximum number of VPN sessions associated with said particular group at the PoP or would exceed by a second predetermined number a corresponding maximum number of VPN sessions associated with said particular group for the data communications network; and
a VPN session count incrementer associated with the local database and the user'"'"'s group and responsive to the user'"'"'s initiation of a VPN session. - View Dependent Claims (2)
-
-
3. A protocol gateway for limiting access to a data communications network to a predetermined number of VPN sessions belonging to a particular group, the protocol gateway comprising:
-
a central database checker configured to, in response to a user'"'"'s attempt to initiate a VPN session on the data communications network as a member of a particular group, check a central database to determine if the user'"'"'s VPN session would exceed by a first predetermined number a corresponding network-wide maximum number of VPN sessions associated with said particular group, said corresponding network-wide maximum number of VPN sessions defined in said central database;
a local database checker configured to, in response to a user'"'"'s attempt to initiate a VPN session on the data communications network as a member of a particular group at a PoP, check a local database associated with said PoP to determine if the user'"'"'s VPN session would exceed by a second predetermined number corresponding maximum number of VPN sessions associated with said particular group at said PoP, said corresponding maximum number of VPN sessions associated with said particular group defined in said local database; and
a VPN session rejector configured to reject said user'"'"'s attempt to initiate a VPN session if said user'"'"'s log in would exceed by a first predetermined number said corresponding network-wide maximum number of VPN sessions associated with the user'"'"'s group or by a second predetermined number said corresponding maximum number of VPN sessions associated with said particular group at the PoP. - View Dependent Claims (4, 5)
-
Specification