System and method for traversing a firewall with multimedia communication

DC CAFC

US 7,710,978 B2
Filed: 04/13/2006
Issued: 05/04/2010
Est. Priority Date: 04/13/2006
Status: Active Grant

- Alert
- Pin

First Claim

Patent Images

1. A method for communication between two or more endpoints, said method comprising:

receiving, at a first intermediate communication device that is communicatively coupled with a first endpoint communication device, a plurality of multiport packets of data in a multiport communication protocol for communication from the first endpoint communication device;

converting, by said first intermediate communication device, said plurality of multiport packets into a plurality of single-port packets in a single-port communication protocol;

transmitting from said first intermediate communication device said plurality of single-port packets over a commonly-open port to at least a second intermediate communication device that is communicatively coupled with one or more other endpoint communication devices, said plurality of single-port packets traversing one or more firewalls using said commonly-open port;

receiving said plurality of single-port packets at said at least a second intermediate communication device;

reconverting, by said at least a second intermediate communication device, said received plurality of single-port packets into said multiport communication protocol resulting in reconverted plurality of multiport packets; and

delivering, from said at least a second intermediate communication device to said one or more other endpoint communication devices, said reconverted plurality of multiport packets using two or more ports associated with said multiport communication protocol.

View all claims

3 Assignments

Timeline View

Assignment View

Litigations

1 Petition

Accused Products

Abstract

Systems and methods are disclosed for transporting multiport protocol traffic using a single-port protocol. Multiport protocol traffic from a first endpoint is converted into a single-port protocol for transport across a network. The traffic is sent over a commonly-open port and received at a second endpoint before being dispersed to the appropriate ports of the second endpoint. By converting the traffic to a single-port protocol and choosing which commonly open port to communicate the traffic through, firewalls between each endpoint may be traversed without changing any of their settings.

77 Citations

View as Search Results

30 Claims

1. A method for communication between two or more endpoints, said method comprising:
- receiving, at a first intermediate communication device that is communicatively coupled with a first endpoint communication device, a plurality of multiport packets of data in a multiport communication protocol for communication from the first endpoint communication device;
  
  converting, by said first intermediate communication device, said plurality of multiport packets into a plurality of single-port packets in a single-port communication protocol;
  
  transmitting from said first intermediate communication device said plurality of single-port packets over a commonly-open port to at least a second intermediate communication device that is communicatively coupled with one or more other endpoint communication devices, said plurality of single-port packets traversing one or more firewalls using said commonly-open port;
  
  receiving said plurality of single-port packets at said at least a second intermediate communication device;
  
  reconverting, by said at least a second intermediate communication device, said received plurality of single-port packets into said multiport communication protocol resulting in reconverted plurality of multiport packets; and
  
  delivering, from said at least a second intermediate communication device to said one or more other endpoint communication devices, said reconverted plurality of multiport packets using two or more ports associated with said multiport communication protocol.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The method of claim 1, further comprising:
    - encrypting said plurality of single-port packets in said single-port communication protocol prior to said transmitting.
  - 3. The method of claim 2, further comprising:
    - decrypting said encrypted plurality of single-port packets prior to said reconverting.
  - 4. The method of claim 2, wherein said encrypting is according to one of:
    - an Advanced Encryption Standard (AES) 128-bit algorithm;
      
      a Triple Data Encryption Standard (TDES) algorithm;
      
      ora Skipjack algorithm.
  - 5. The method of claim 1, wherein:
    - said single-port communication protocol comprises;
      
      Secure Sockets Layer (SSL) protocol.
  - 6. The method of claim 1, wherein:
    - a portion of said plurality of multiport packets conforms to a first transmission protocol of said multiport communication protocol;
      
      another portion of said plurality of multiport packets conforms to a second transmission protocol of said multiport communication protocol; and
      
      wherein said transmitting comprises transmitting said plurality of single-port packets using said first transmission protocol in said single-port communication protocol.
  - 7. The method of claim 6, wherein said first transmission protocol comprises Transmission Control Protocol (TCP);
    - andsaid second transmission protocol comprises User Datagram Protocol (UDP).
  - 8. The method of claim 6, further comprising:
    - sending alternate data instead of requested data in response to a resend request.
  - 9. The method of claim 1, further comprising:
    - qualifying said plurality of multiport packets, wherein said qualifying comprises;
      
      registering a network device;
      
      using network ports by said registered network device;
      
      determining whether said plurality of multiport packets originated from a network port used by said registered network device; and
      
      allowing further transmission of said plurality of multiport packets based on said determining.
  - 10. The method of claim 1, wherein said commonly-open port is a well-known port.
  - 11. The method of claim 1, wherein said commonly-open port is port 443.
  - 12. The method of claim 1 wherein said single-port communication protocol is acceptable by any of a plurality of different commonly-open transmission control protocol (TCP) ports.
  - 13. The method of claim 1 wherein said single-port communication protocol is not hypertext transport protocol (HTTP).

14. A system comprising:
- a first network device that is communicatively coupled with at least a first endpoint communication device, said first network device comprising;
  
  an interface for receiving a plurality of multiport packets of data in a multiport communication protocol from two or more ports for communication from said at least a first endpoint communication device; and
  
  a conversion table for said first network device to convert said plurality of multiport packets into a plurality of single-port packets in a single-port communication protocol, wherein said single-port communication protocol is acceptable by any of a plurality of different commonly-open transmission control protocol (TCP) ports, and wherein said interface communicates said converted plurality of single-port packets over a selected one of the plurality of different commonly-open TCP ports; and
  
  a second network device that is communicatively coupled with at least a second endpoint communication device, said second network device comprising;
  
  a second interface for receiving said converted plurality of single-port packets from said selected one of the plurality of different commonly-open TCP ports;
  
  a second conversion table for reconverting said converted plurality of single-port packets into said multiport communication protocol, resulting in a reconverted plurality of multiport packets; and
  
  wherein said second interface distributes each of said reconverted plurality of multiport packets to said two or more ports for communication to said at least a second endpoint communication device; and
  
  wherein one or more firewalls are traversed between said first and second network devices using said selected one of the plurality of different commonly-open TCP ports.
- View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22)
- - 15. The system of claim 14, further comprising:
    - an encryption application in said first network device for encrypting said plurality of packets in said single-port communication protocol; and
      
      a decryption application in said second network device for decrypting said encrypted plurality of packets prior to said reconverting.
  - 16. The system of claim 15, wherein said encrypting is according to one of:
    - an Advanced Encryption Standard (AES) 128-bit algorithm;
      
      a Triple Data Encryption Standard (TDES) algorithm;
      
      ora Skipjack algorithm.
  - 17. The system of claim 14, wherein said single-port communication protocol is Secure Sockets Layer (SSL) protocol.
  - 18. The system of claim 14, wherein:
    - a portion of said plurality of packets from said two or more ports conform to Transmission Control Protocol (TCP);
      
      another portion of said plurality of packets from said two or more ports conform to User Datagram Protocol (UDP); and
      
      wherein said single-port communication protocol uses said TCP.
  - 19. The system of claim 14, wherein said first and second network devices send alternate data instead of requested data in response to a resend request.
  - 20. The system of claim 14, wherein said first network device qualifies said multiport packets, wherein said qualifying comprises:
    - registering a third network device with said first network device;
      
      using network ports by said third network device;
      
      determining whether said plurality of multiport packets originated from a network port used by said third network device; and
      
      allowing further transmission of said plurality of multiport packets based on said determining.
  - 21. The system of claim 14, wherein said selected one of the plurality of different commonly-open TCP ports is a well-known port.
  - 22. The system of claim 14, wherein said selected one of the plurality of different commonly-open TCP ports is port 443.

23. A method comprising:
- receiving, at a first intermediary network device that is communicatively coupled with a source conununication device, a plurality of multiport packets of data from two or more ports for communication from said source communication device, said plurality of multiport packets having at least one original communication protocol;
  
  encrypting the plurality of multiport packets, thereby resulting in encrypted packets;
  
  encapsulating the encrypted packets into a plurality of single-port packets in a single-port communication protocol that is acceptable by any of a plurality of different commonly-open ports, thereby resulting in encapsulated packets;
  
  transmitting from said first intermediary network device said encapsulated packets over a selected one of the plurality of different commonly-open ports, wherein said encapsulated packets traverse one or more firewalls between said first intermediary network device and a second intermediary network device using said selected one of the plurality of different commonly-open ports;
  
  receiving, at said second intermediary network device that is communicatively coupled with a destination communication device, said encapsulated packets from said selected one of the plurality of different commonly-open ports;
  
  decrypting the received encapsulated packets, thereby resulting in decrypted packets;
  
  restoring the decrypted packets to the at least one original communication protocol, thereby resulting in restored multiport packets; and
  
  distributing, from said second intermediary network device, each of said restored multiport packets to said two or more ports for communication to said destination communication device.
- View Dependent Claims (24, 25, 26, 27, 28, 29, 30)
- - 24. The method of claim 23, wherein said encrypting is according to one of:
    - an Advanced Encryption Standard (AES) 128-bit algorithm;
      
      a Triple Data Encryption Standard (TDES) algorithm;
      
      ora Skipjack algorithm.
  - 25. The method of claim 23, wherein said single-port communication protocol is Secure Sockets Layer (SSL) protocol.
  - 26. The method of claim 23, wherein:
    - a portion of said plurality of multiport packets from said two or more ports conform to Transmission Control Protocol (TCP);
      
      another portion of said plurality of multiport packets from said two or more ports conform to User Datagram Protocol (UDP); and
      
      wherein said single-port communication protocol uses said TCP.
  - 27. The method of claim 23, wherein said first and second intermediary network devices send alternate data instead of requested data in response to a resend request.
  - 28. The method of claim 23, further comprising qualifying said multiport packets, wherein said qualifying comprises:
    - registering a third network device with said first intermediary network device;
      
      determining whether said plurality of multiport packets originated from said third network device; and
      
      allowing further transmission of said plurality of multiport packets based on said determining.
  - 29. The method of claim 23, wherein said selected one of the plurality of different commonly-open ports is a well-known port.
  - 30. The method of claim 23, wherein said selected one of the plurality of different commonly-open ports is port 443.

Specification

Resources

Litigation Campaign Assessment

Litigation Data

Current Assignee
directPacket Research, Inc.
Original Assignee
directPacket Research, Inc.
Inventors
Riley, III, Edward M., Signaoff, Christopher S., Signaoff, Justin S., Opsahl, Tom W.
Primary Examiner(s)
HSU, ALPUS

Application Number

US11/403,549
Publication Number

US 20070242696A1
Time in Patent Office

1,482 Days
Field of Search

370/395.5, 370/401, 370/466, 370/469, 380/255, 713/151, 726/3
US Class Current

370/395.5
CPC Class Codes

H04L 63/0272   Virtual private networks

H04L 63/0428   wherein the data content is...

H04L 69/08   Protocols for interworking;...

H04L 69/085   specially adapted for inter...

H04L 69/18   Multiprotocol handlers, e.g...

System and method for traversing a firewall with multimedia communication

First Claim

3 Assignments

Litigations

1 Petition

Accused Products

Abstract

77 Citations

30 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for traversing a firewall with multimedia communication

First Claim

3 Assignments

Subscription Required

Subscription Required

Litigations

1 Petition

Subscription Required

Accused Products

Subscription Required

Abstract

77 Citations

30 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links