Systems and methods that provide external network access from a protected network
First Claim
Patent Images
1. A browser interface system for protecting a computer network, comprising:
- a browser module that provides communications access to an unprotected network from a protected network, wherein said browser module is separate and physically distinct from protected computers;
a browser client module that communicates with the browser module, wherein said browser client module provides control of video and audio output of a browser operating remotely on said browser module; and
a browser isolator module that analyzes communications between the browser module and the browser client module,wherein said browser isolator module prevents unauthorized communications between the browser module and the browser client module, andsaid browser isolator module prevents the transfer of permanently stored data between the protected computers and the browser module, and between the protected computers and the unprotected network.
1 Assignment
0 Petitions
Accused Products
Abstract
A user who is connected to an unprotected network via a protected network is able to browse the Internet without concern that unauthorized code will execute within their local workstation as the result of a vulnerability within the browser executing on a special virtual machine or a browser module. Any unauthorized code will only affect one of a special virtual machine or a browser module.
24 Citations
24 Claims
-
1. A browser interface system for protecting a computer network, comprising:
-
a browser module that provides communications access to an unprotected network from a protected network, wherein said browser module is separate and physically distinct from protected computers; a browser client module that communicates with the browser module, wherein said browser client module provides control of video and audio output of a browser operating remotely on said browser module; and a browser isolator module that analyzes communications between the browser module and the browser client module, wherein said browser isolator module prevents unauthorized communications between the browser module and the browser client module, and said browser isolator module prevents the transfer of permanently stored data between the protected computers and the browser module, and between the protected computers and the unprotected network. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method for providing a browser interface system for protecting a computer network, said method comprising:
-
providing communications access to an unprotected network from a protected network via a browser module, wherein the browser module is separate and physically distinct from protected computers; communicating with the browser module through a browser client module, wherein said browser client module provides control of video and audio output of a browser operating remotely on said browser module; analyzing communications between the browser module and the browser client module via a browser isolator module; preventing unauthorized communications between the browser module and the browser client module via the browser isolator module; and said browser isolator module preventing the transfer of permanently stored data between the protected computers and the browser module and between the protected computers and the unprotected network. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
-
17. A computer program product for providing a browser interface system for protecting a computer network, and including one or more computer-readable instructions embedded on a computer readable storage medium and configured to cause one or more computer processors to perform the steps of:
-
providing communications access to an unprotected network from a protected network via a browser module, wherein the browser module is separate and physically distinct from protected computers; communicating with the browser module through a browser client module, wherein said browser client module provides control of video and audio output of a browser operating remotely on said browser module; analyzing communications between the browser module and the browser client module via a browser isolator module; preventing unauthorized communications between the browser module and the browser client module via the browser isolator module; and preventing the transfer of permanently stored data between the protected computers and the browser module, and between the protected computers and the unprotected network. - View Dependent Claims (18, 19, 20, 21, 22, 23, 24)
-
Specification