Network security system and the method thereof
First Claim
1. A network security method of realizing secure communication between the internal network and the external network by utilizing a network security system, said network security system comprises a firewall arranged between the internal network and the external network, a first port and a second port configured at the both sides of the firewall, and a trusted node arranged between the firewall and the external network;
- wherein the trusted node comprises;
a media-stream receiving port;
a data forward unit, which is used to forward the data transported between the internal network and the external network;
a signaling channel selection unit, which is used to select signaling transmission channel for transmitting the data so as to implement the convergence of signaling;
a call channel selection unit, which is used to select a media-stream receiving port in the trusted node for communicating with the internal network; and
a control unit, which is used to control the operations of all the other units;
wherein the network security method comprises;
A. establishing a call connection between the internal network and the external network by means of the trusted node;
B. selecting a media-stream receiving port for communicating with the internal network in the trusted node; and
C. the trusted node forwarding the data transported between the internal network and the external network, and at the same time, converging the data from the second port by the selected media-stream receiving port;
wherein Step B comprises;
B1. transmitting an Open Logical Channel signaling, by the internal network, to the trusted node;
B2. the trusted node informing the internal network of the selected media-stream receiving port; and
B3. the trusted node transmitting the Open Logical Channel signaling to the external network to establish a corresponding channel.
2 Assignments
0 Petitions
Accused Products
Abstract
The present invention discloses a network security system including a firewall arranged between the internal network and the external network, and a trusted node arranged between the firewall and the external network, which is used to provide a data channel between the internal network and the external network, and forward the data transported between the internal network and the external network; the firewall includes a first port configured at the internal network oriented side of the firewall and a second port configured at the external network oriented side of the firewall; and the trusted node includes a media-stream receiving port used to converge the data from the second port. The present invention also discloses a network security method.
-
Citations
6 Claims
-
1. A network security method of realizing secure communication between the internal network and the external network by utilizing a network security system, said network security system comprises a firewall arranged between the internal network and the external network, a first port and a second port configured at the both sides of the firewall, and a trusted node arranged between the firewall and the external network;
-
wherein the trusted node comprises; a media-stream receiving port; a data forward unit, which is used to forward the data transported between the internal network and the external network; a signaling channel selection unit, which is used to select signaling transmission channel for transmitting the data so as to implement the convergence of signaling; a call channel selection unit, which is used to select a media-stream receiving port in the trusted node for communicating with the internal network; and a control unit, which is used to control the operations of all the other units; wherein the network security method comprises; A. establishing a call connection between the internal network and the external network by means of the trusted node; B. selecting a media-stream receiving port for communicating with the internal network in the trusted node; and C. the trusted node forwarding the data transported between the internal network and the external network, and at the same time, converging the data from the second port by the selected media-stream receiving port; wherein Step B comprises; B1. transmitting an Open Logical Channel signaling, by the internal network, to the trusted node; B2. the trusted node informing the internal network of the selected media-stream receiving port; and B3. the trusted node transmitting the Open Logical Channel signaling to the external network to establish a corresponding channel. - View Dependent Claims (2, 3, 4, 5, 6)
-
Specification