Method for transparently managing outbound traffic from an internal user of a private network destined for a public network

US 7,383,573 B2
Filed: 03/03/2005
Issued: 06/03/2008
Est. Priority Date: 02/06/1996
Status: Expired due to Fees

First Claim

Patent Images

1. A method for transparently managing outbound traffic from an internal user of a private network destined for a public network comprising:

receiving a request by a firewall from an internal user of a private network to access a public network element over an IP-compliant network;

assigning a proxy agent operable within said firewall to process said request;

determining, by said proxy agent, whether said internal user is authorized to access said public network element;

if said user is authorized to access said public network element, then forming, by said proxy agent, a connection to said IP-compliant network element on behalf of said internal user; and

wherein a proxy agent is assigned to each request received by said firewall.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods and apparatus for transparently managing outbound traffic from an internal user of a private network destined for a public network are disclosed. Embodiments include a firewall device operable between an internal user of a private network and an IP-compliant network. The firewall device being configured to assign a proxy agent to process a request by the internal user to form a connection with a public network element through the IP-compliant network. Disclosed embodiments include the proxy agent forming a connection only if the internal user is authorized to access the public requested network element.

50 Citations

View as Search Results

20 Claims

1. A method for transparently managing outbound traffic from an internal user of a private network destined for a public network comprising:
- receiving a request by a firewall from an internal user of a private network to access a public network element over an IP-compliant network;
  
  assigning a proxy agent operable within said firewall to process said request;
  
  determining, by said proxy agent, whether said internal user is authorized to access said public network element;
  
  if said user is authorized to access said public network element, then forming, by said proxy agent, a connection to said IP-compliant network element on behalf of said internal user; and
  
  wherein a proxy agent is assigned to each request received by said firewall.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method of claim 1, wherein said act of determining whether said user is authorized to access said public network element occurs according to a set of predetermined rules.
  - 3. The method of claim 2, wherein said set of predetermined rules includes comparing the source address of said access request against a list of addresses.
  - 4. The method of claim 3, further comprising the act of performing additional verification based on the request'"'"'s port designation.
  - 5. The method of claim 2, wherein said proxy agent is operable within a firewall, and said firewall appears as the source of the connection to said internal user.

6. A firewall device for transparently managing outbound traffic from an internal user of a private network destined for a public network comprising:
- a firewall device operable between an internal user of a private network and an IP-compliant network;
  
  the firewall device being configured to;
  
  assign a proxy agent to process a request by said internal user to form a connection with a public network element through said IP-compliant network;
  
  wherein the proxy agent forms a connection to said public network element if said internal user is authorized to access said public network element; and
  
  wherein a proxy agent is assigned to each request received by said firewall.
- View Dependent Claims (7, 8, 9, 10)
- - 7. The method of claim 6, wherein said user is determined to be authorized to access said public network element occurs according to a set of predetermined rules.
  - 8. The method of claim 7, wherein said set of predetermined rules includes comparing the source address of said access request against a list of addresses.
  - 9. The method of claim 8, wherein said proxy agent is further configured to perform additional verification based on the request'"'"'s port designation.
  - 10. The method of claim 7, wherein said proxy agent is operable within said firewall device, and said firewall appears as the source of the connection to said internal user.

11. An apparatus for transparently managing outbound traffic from an internal user of a private network destined for a public network comprising:
- means for receiving a request by a firewall from an internal user of a private network to access a public network element over an IP-compliant network;
  
  means for assigning a proxy agent operable within said firewall to process said request;
  
  means for determining whether said internal user is authorized to access said public network element;
  
  means for forming a connection to said IP-compliant network element on behalf of said internal user if said user is authorized to access said public network element; and
  
  means for assigning a proxy agent to each request received by said firewall.
- View Dependent Claims (12, 13, 14, 15)
- - 12. The apparatus of claim 11, further comprising means for determining whether said user is authorized to access said public network element occurs according to a set of predetermined rules.
  - 13. The apparatus of claim 12, wherein said set of predetermined rules includes comparing the source address of said access request against a list of addresses.
  - 14. The apparatus of claim 13, further comprising means for performing additional verification based on the request'"'"'s port designation.
  - 15. The apparatus of claim 12, wherein said proxy agent is operable within a firewall, and said firewall appears as the source of the connection to said internal user.

16. A computer-readable device containing a set of instructions for causing a computer to perform a method for transparently managing outbound traffic from an internal user of a private network destined for a public network, the method comprising:
- receiving a request by a firewall from an internal user of a private network to access a public network element over an IP-compliant network;
  
  assigning a proxy agent operable within said firewall to process said request;
  
  determining, by said proxy agent, whether said internal user is authorized to access said public network element;
  
  if said user is authorized to access said public network element, then forming, by said proxy agent, a connection to said IP-compliant network element on behalf of said internal user; and
  
  wherein a proxy agent is assigned to each request received by said firewall.
- View Dependent Claims (17, 18, 19, 20)
- - 17. The device of claim 16, wherein said act of determining whether said user is authorized to access said public network element occurs according to a set of predetermined rules.
  - 18. The device of claim 17, wherein said set of predetermined rules includes comparing the source address of said access request against a list of addresses.
  - 19. The device of claim 18, said method further comprising the act of performing additional verification based on the request'"'"'s port designation.
  - 20. The device of claim 17, wherein said proxy agent is operable within a firewall, and said firewall appears as the source of the connection to said internal user.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
GraphOn Corporation
Original Assignee
GraphOn Corporation
Inventors
Coley, Christopher D., Wesinger, Jr., Ralph E.
Primary Examiner(s)
ZIA, SYED

Application Number

US11/073,355
Publication Number

US 20050229248A1
Time in Patent Office

1,188 Days
Field of Search

None
US Class Current

726/12
CPC Class Codes

G06Q 20/027   involving a payment switch ...

H04L 63/02   for separating internal fro...

H04L 63/0227   Filtering policies mail mes...

H04L 63/0263   Rule management

H04L 63/0281   Proxies

H04L 63/0807   using tickets, e.g. Kerbero...

H04L 63/083   using passwords cryptograph...

H04L 63/1458   Denial of Service

H04L 63/18   using different networks or...

H04L 69/16   Implementation or adaptatio...

H04L 9/40   Network security protocols

Method for transparently managing outbound traffic from an internal user of a private network destined for a public network

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

50 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Method for transparently managing outbound traffic from an internal user of a private network destined for a public network

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

50 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links