Method for communication security and apparatus therefore
First Claim
1. A communications security system to prevent transfer of selected communication transactions from an untrustworthy network to a trustworthy network, comprising:
- a server, connected to the untrustworthy network, that maintains a database of protection rules, each of which, when applied to a communication transaction, identifies that communication transaction to be a respective one of the selected communication transactions; and
a portal, connected between the untrustworthy network and the trusted network, that;
selectively transfers the database of protection rules from said server via said untrustworthy network;
receives a communication transaction from the untrustworthy network for transfer to the trustworthy network;
applies each of the protection rules to the received communication transaction; and
prevents the transfer of the received communication transaction to the trustworthy network if a protection rule identifies the received communication transaction to be a respective one of the selected communication transactions.
7 Assignments
0 Petitions
Accused Products
Abstract
A FireNet security system in which trustworthy networks, called BlackNets, each comprising One (1) or more client computers, are protected by FireBreaks against attacks from untrustworthy networks, called RedNets. All incoming transactions from the RedNet are examined by the FireBreak to determine if they violate any of a plurality of protection rules stored in a local protection rules database. Any transaction found to be in violation is discarded. Valid transactions are forwarded to the BlackNet. If an otherwise valid transaction is found to be suspicious, the FireBreak will forward to a FireNet Server relevant information relating to that transaction. If the FireNet Server verifies that the transaction is indeed part of an attack, the FireNet Server will create new protection rules suitable to defend against the newly identified source or strategy of attack. Periodically, all FireBreaks in the FireNet system will transfer, directly or indirectly, all new rules.
-
Citations
34 Claims
-
1. A communications security system to prevent transfer of selected communication transactions from an untrustworthy network to a trustworthy network, comprising:
-
a server, connected to the untrustworthy network, that maintains a database of protection rules, each of which, when applied to a communication transaction, identifies that communication transaction to be a respective one of the selected communication transactions; and a portal, connected between the untrustworthy network and the trusted network, that; selectively transfers the database of protection rules from said server via said untrustworthy network; receives a communication transaction from the untrustworthy network for transfer to the trustworthy network; applies each of the protection rules to the received communication transaction; and prevents the transfer of the received communication transaction to the trustworthy network if a protection rule identifies the received communication transaction to be a respective one of the selected communication transactions. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A communications security method to prevent transfer of selected communication transactions from an untrustworthy network to a trustworthy network, comprising:
-
at a server, connected to the untrustworthy network, maintaining a database of protection rules, each of which, when applied to a communication transaction, identifies that communication transaction to be a respective one of the selected communication transactions; and at a portal, connected between the untrustworthy network and the trusted network; selectively transferring the database of protection rules from said server via said untrustworthy network; receiving a communication transaction from the untrustworthy network for transfer to the trustworthy network; applying each of the protection rules to the received communication transaction; and preventing the transfer of the received communication transaction to the trustworthy network if a protection rule identifies the received communication transaction to be a respective one of the selected communication transactions. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A portal having a processor and a memory for use in a communications security system to prevent transfer of selected communication transactions from an untrustworthy network to a trustworthy network, the security system including a server, connected to the untrustworthy network, that maintains a database of protection rules, each of which, when applied to a communication transaction, identifies that communication transaction to be a respective one of the selected communication transactions, the portal, when connected between the untrustworthy network and the trusted network:
-
selectively transferring the database of protection rules from said server via said untrustworthy network; receiving, at the portal, a communication transaction from the untrustworthy network for transfer to the trustworthy network; applying each of the protection rules to the received communication transaction; and preventing the transfer of the received communication transaction to the trustworthy network if a protection rule identifies the received communication transaction to be a respective one of the selected communication transactions.
-
-
20. A server for use in a communications security system to prevent transfer of selected communication transactions from an untrustworthy network to a trustworthy network via a portal, the server, when connected to the untrustworthy network:
-
maintaining a database of protection rules, each of which, when applied to a communication transaction, identifies that communication transaction to be a respective one of the selected communication transactions; and selectively transferring the database of protection rules via said untrustworthy network to said portal for application by said portal to each communication transaction received by said portal to prevent the transfer of the received communication transaction to the trustworthy network by the portal if a protection rule, when applied by the portal, identifies the received communication transaction to be a respective one of the selected communication transactions.
-
-
21. A portal configured to prevent transfer of selected communication transactions from an untrustworthy network to a trustworthy network, comprising:
-
a processor and one or more memories; a component configured to cooperate with a server to transfer a plurality of protection rules from the server to the portal via the untrustworthy network, wherein the server is connected to the untrustworthy network and is configured to maintain the plurality of protection rules, each of which, if applied to a communication transaction, identifies that communication transaction to be a respective one of the selected communication transactions; a component configured to receive a communication transaction from the untrustworthy network for transfer to the trustworthy network; a component configured to apply one or more of the plurality of protection rules to the received communication transaction; and a component configured to selectively transfer to the server at least a portion of the received communication transaction via the untrustworthy network if a protection rule identifies the received communication transaction to be a respective one of the selected communication transactions. - View Dependent Claims (22, 23, 24)
-
-
25. A server configured to prevent transfer of selected communication transactions from an untrustworthy network to a trustworthy network, comprising:
-
a processor and one or more memories; a component configured to maintain a plurality of protection rules, each of which, when applied to a communication transaction, identifies that communication transaction to be a respective one of the selected communication transactions; a component configured to receive a portion of a communication transaction received by a portal and determined by the portal to be a respective one of selected communication transactions; a component configured to determine whether the communication transaction is part of an attack; and if the communication transaction is part of an attack, a component configured to create a new protection rule based on the communication transaction. - View Dependent Claims (26, 27, 28)
-
-
29. A computer-readable storage device storing computer-executable instructions that, when executed, causes a computing device to prevent transfer of selected communication transactions from an untrustworthy network to a trustworthy network, the instructions comprising:
-
selectively transferring protection rules from a server via the untrustworthy network; receiving, at a portal, a communication transaction from the untrustworthy network for transfer to the trustworthy network; applying one or more of the protection rules to the received communication transaction; and preventing the transfer of the received communication transaction to the trustworthy network if one of the applied protection rules identifies the received communication transaction to be one of the selected communication transactions. - View Dependent Claims (30, 31, 32, 33, 34)
-
Specification