Method for providing media communication across firewalls
DCFirst Claim
1. A packet-based communication network for communication through a communication network gateway comprising:
- a firewall on the communication network gateway for securing communications to and from the network;
a communication device on the communication network connected to the firewall by a communication link;
a trusted entity linked to the firewall by a communication link, said link allowing information packets to be sent to a first communication pinhole through the firewall to the communication device; and
said trusted entity replacing an address designation in the address header of one of said information packets with an address designation for the first communication pinhole so the information packet can be transmitted through said pinhole to said communication device.
8 Assignments
Litigations
0 Petitions
Accused Products
Abstract
The present invention supports a method for transmitting information packets across network firewalls. A trusted entity is provisioned with an address designation for a pinhole through the firewall during setup of a communication session between two communication devices. This pinhole address is used throughout the communication session between the two communication devices to transmit information packets onto and out of the communication network.
Information packets addressed to the communication device inside the firewall are received by the trusted entity, which replaces address header information in the information packet with the address for the pinhole. The information packet is routed to the pinhole where it passes onto the network for routing to the communication device inside the firewall. Information packets transmitted from the network are also routed to the trusted entity for routing toward the communication device outside the firewall.
-
Citations
26 Claims
-
1. A packet-based communication network for communication through a communication network gateway comprising:
-
a firewall on the communication network gateway for securing communications to and from the network; a communication device on the communication network connected to the firewall by a communication link; a trusted entity linked to the firewall by a communication link, said link allowing information packets to be sent to a first communication pinhole through the firewall to the communication device; and said trusted entity replacing an address designation in the address header of one of said information packets with an address designation for the first communication pinhole so the information packet can be transmitted through said pinhole to said communication device. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method for routing information packets across a firewall to a packet-based communication network comprising the steps of:
-
receiving a create pinhole request at a trusted entity linked to the firewall of the communication network and located outside the communication network; creating a pinhole communication port in the firewall in response to the create pinhole request; receiving a first information packet at the trusted entity to be transmitted across the firewall through said pinhole; replacing an address in the information packet address header information with a communication port address for the pinhole created in the firewall; and forwarding the information packet to a destination address across the firewall using the communication port address for the pinhole communication port. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A method for using a pinhole communication port in a packet-based communication network firewall comprising the steps of:
-
providing a trusted entity having an input and an output outside the communication network; linking said trusted entity to the pinhole communication port; transmitting a first signal from the communication network to the input of the trusted entity, wherein said first signal has an address designation for said pinhole communication port; providing a routing table on the trusted entity with the address designation for the pinhole communication port; receiving a packet transmission at the input of the trusted entity to be sent to a communication device inside the communication network; placing the address designation for the pinhole communication port as the address header of the packet transmission; and transmitting the packet transmission from the output of the trusted entity to the pinhole communication port for transmission onto the communication device. - View Dependent Claims (16, 17, 18, 19, 20)
-
-
21. A method for enabling communication through a firewall between a first device outside of a communication network and a communication device inside of the communications network comprising:
-
receiving at a trusted entity outside of the communications network an information packet transmitted by the first device to the communication device, the information packet including a first destination address designation; correlating the first destination address designation to a second destination address designation using a data element stored on the trusted entity; transmitting by the trusted entity the received information packet with the second destination address designation, the second address being the address of a pinhole in the firewall that secures communications to and from the communications network and enables communication from the trusted entity to the communication device through the firewall. - View Dependent Claims (22, 23, 24, 25, 26)
-
Specification