Firewall for real-time internet applications
DC CAFCFirst Claim
1. A firewall for Internet protocol packets carrying data for a real-time Internet application, each of said Internet protocol packets being associated with any one of a signaling channel, a control channel, or a bearer channel of said real-time Internet application, the firewall comprising:
- an application proxy and a packet filter,the firewall applying the Internet protocol packets associated with the signaling channel and the control channel to the application proxy, and the firewall applying the Internet protocol packets associated with the bearer channel to the packet filter.
15 Assignments
Litigations
0 Petitions
Accused Products
Abstract
The present invention relates to a firewall for use in association with real-time Internet applications such as Voice over Internet Protocol (VoIP). The firewall applies an application proxy to the signaling and control channels and a packet filter to the bearer channels. One of the features of hybrid firewall is that the application proxy can instruct the packet filter as to which bearer channels to enable and disable for the duration of a real-time Internet application session. The hybrid firewall can also intelligently perform network address translation (NAT) on Internet protocol packets incoming and outgoing to the firewall.
-
Citations
21 Claims
-
1. A firewall for Internet protocol packets carrying data for a real-time Internet application, each of said Internet protocol packets being associated with any one of a signaling channel, a control channel, or a bearer channel of said real-time Internet application, the firewall comprising:
-
an application proxy and a packet filter, the firewall applying the Internet protocol packets associated with the signaling channel and the control channel to the application proxy, and the firewall applying the Internet protocol packets associated with the bearer channel to the packet filter. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A method of protecting a computer network transmitting and receiving Internet protocol packets formatted in accordance with a real-time Internet protocol, each of said Internet protocol packets being associated with any one of a signaling channel, a control channel, or a bearer channel, the method comprising the steps of:
-
i. receiving a stream of Internet protocol packets, ii. applying the Internet protocol packets associated with the signaling channel and the control channel to an application proxy, and iii. applying the Internet protocol packets associated with the bearer channel to a packet filter. - View Dependent Claims (13, 14, 15, 16)
-
-
17. A computer readable medium containing computer instructions for protecting an Internet Protocol network transmitting and receiving Internet protocol packets foxed in accordance with a real-time Internet protocol, each of said Internet protocol packets being associated with any one of a signaling channel, a control channel, or a bearer channel, said computer readable medium comprising computer program code, executable by a computer, for:
-
i. receiving a stream of Internet protocol packets, ii. applying the Internet protocol packets associated with the signaling channel and the control channel to an application proxy, and iii. applying the Internet protocol packets associated with the bearer channel to a packet filter. - View Dependent Claims (18, 19, 20, 21)
-
Specification