Firewall control for secure private networks with public VoIP access
First Claim
1. A method of remotely controlling a firewall from a firewall controller in order to permit the flow of packet data through said firewall, the method comprising:
- sending a request message from a firewall controller to a firewall requesting that a pinhole be opened;
opening a pinhole in said firewall;
sending a request message from a firewall controller to said firewall requesting that a pinhole be closed; and
closing said pinhole.
15 Assignments
0 Petitions
Accused Products
Abstract
A private network firewall 225 is treated as if it were a media gateway network entity. Doing so allows a media gateway controller 205 to exchange messages with the firewall 225 for purposes of securely setting up and tearing down pinholes in the firewall. With this ability comes the ability to provide secure VoIP calls between public 250 and private 220 networks. A call server or media gateway controller 205, that is approving the VoIP communication stream in a private packet data network requests, via a secure tunnel 230, that the firewall 225 open a pinhole filter for a specific source and destination address pair corresponding to media gateway endpoints, 210 and 260 respectively, using either MGCP (H.248) or COPS messages, for instance. The pinhole filter is then disabled when the session is complete.
-
Citations
29 Claims
-
1. A method of remotely controlling a firewall from a firewall controller in order to permit the flow of packet data through said firewall, the method comprising:
-
sending a request message from a firewall controller to a firewall requesting that a pinhole be opened; opening a pinhole in said firewall; sending a request message from a firewall controller to said firewall requesting that a pinhole be closed; and closing said pinhole. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A firewall controller for permitting the flow of packet data, said firewall controller comprising:
-
means for determining a need for a pinhole in a firewall; means for sending a request message to said firewall requesting that a pinhole be opened in said firewall; and means for sending a request message to said firewall requesting that said pinhole be closed in said firewall. - View Dependent Claims (9, 10, 11)
-
-
12. A firewall responsive to a firewall controller for permitting the flow of packet data, said firewall comprising:
-
means for receiving a request message from said firewall controller requesting that a pinhole be opened in said firewall; means for opening a pinhole in said firewall; means for receiving a request message from said firewall controller requesting that said pinhole be closed in said firewall; and means for closing said pinhole in said firewall. - View Dependent Claims (13, 14)
-
-
15. A firewall responsive to a media gateway controller for permitting the flow of packet data, said firewall comprising:
-
means for receiving a request message from said media gateway controller requesting that a pinhole be opened in said firewall; means for opening a pinhole in said firewall; means for receiving a request message from said media gateway controller requesting that said pinhole be closed in said firewall; and means for closing said pinhole in said firewall.
-
-
16. A computer program product for remotely controlling a firewall from a firewall controller in order to permit the flow of packet data through said firewall, the computer program product having a medium with a computer program embodied thereon, the computer program product comprising:
-
computer program code in said firewall controller for sending a request message to said firewall requesting that a pinhole be opened; and computer program code in said firewall for opening a pinhole; computer program code in said firewall controller for sending a request message to said firewall requesting that said pinhole be closed; and computer program code for in said firewall for closing said pin hole. - View Dependent Claims (17, 18, 19, 20)
-
-
21. A computer program product in a firewall controller, said firewall controller operative with a firewall, the computer program product having a medium with a computer program embodied thereon, the computer program product comprising:
-
computer program code for determining the need for a pinhole in said firewall; computer program code for sending a request message to said firewall requesting that a pinhole be opened in said firewall; and computer program code for sending a request message to said firewall requesting that said pinhole be closed in said firewall. - View Dependent Claims (22, 23, 24)
-
-
25. A computer program product in a firewall, said firewall responsive to a firewall controller, the computer program product having a medium with a computer program embodied thereon, the computer program product comprising:
-
computer program code for receiving a request message from said firewall controller requesting that a pinhole be opened in said firewall; computer program code for opening a pinhole in said firewall; computer program code for receiving a request message from said firewall controller requesting that said pinhole be closed in said firewall; and computer program code for closing said pinhole in said firewall.
-
-
26. A computer program product in a firewall, said firewall responsive to a media gateway controller, the computer program product having a medium with a computer program embodied thereon, the computer program product comprising:
-
computer program code for receiving a request message from said media gateway controller requesting that a pinhole be opened in said firewall; computer program code for opening a pinhole in said firewall; computer program code for receiving a request message from said media gateway controller requesting that said pinhole be closed in said firewall; and computer program code for closing said pinhole in said firewall.
-
-
27. A computer system for remotely controlling a firewall from a firewall controller comprising:
-
a firewall operatively connected to a private computer network and at least one external computer network; a firewall controller operatively connected to said firewall for remotely instructing said firewall to open and close pinholes in said firewall. - View Dependent Claims (28, 29)
-
Specification