Network attached device with dedicated firewall security

US 8,306,994 B2
Filed: 05/04/2010
Issued: 11/06/2012
Est. Priority Date: 09/01/1998
Status: Expired due to Fees

- Alert
- Pin

Associated Cases

Associated Defendants

First Claim

Patent Images

1. A network arrangement comprising:

an internal network;

a network client coupled to the internal network;

a network attached device (NAD) server coupled to the internal network; and

a NAD coupled to the NAD server in such a manner that the NAD server controls access to and from the NAD;

the NAD server configured to receive from the network client over the internal network a request contained in a data packet for network access to the NAD and to filter the data packet to determine, based at least on an IP address in a header of the data packet, whether the received request for network access to the NAD should be authorized, the NAD server further configured to process the data packet for communication with the NAD and to provide the network client with access to the NAD upon determining that the request for access is authorized, and to deny access to the NAD otherwise.

View all claims

7 Assignments

Timeline View

Assignment View

Litigations

0 Petitions

Accused Products

Abstract

Dedicated firewall security for a network attached device (NAD) is provided by a firewall management system integrated directly into the NAD or into a NAD server. A local area network arrangement includes a network client and the NAD and the firewall management system includes computer readable medium having computer-executable instructions that perform the steps of receiving a request for network access to the NAD from the network client, determining whether the request for network access to the NAD is authorized, and only if the request for network access is authorized, providing the network client with network access to the NAD.

Citations

22 Claims

1. A network arrangement comprising:
- an internal network;
  
  a network client coupled to the internal network;
  
  a network attached device (NAD) server coupled to the internal network; and
  
  a NAD coupled to the NAD server in such a manner that the NAD server controls access to and from the NAD;
  
  the NAD server configured to receive from the network client over the internal network a request contained in a data packet for network access to the NAD and to filter the data packet to determine, based at least on an IP address in a header of the data packet, whether the received request for network access to the NAD should be authorized, the NAD server further configured to process the data packet for communication with the NAD and to provide the network client with access to the NAD upon determining that the request for access is authorized, and to deny access to the NAD otherwise.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The network arrangement of claim 1, wherein the network arrangement further comprises a firewall coupled between the internal network and an external network, and wherein the NAD server is configured to protect the NAD from unauthorized access requests independently of an external firewall.
  - 3. The network arrangement of claim 2 further comprising an operating system configured to process an authorized data packet.
  - 4. The network arrangement of claim 3 wherein the operating system is further configured to process the authorized data packet according to a plurality of network protocols.
  - 5. The network arrangement of claim 2 comprising a data manager component comprising an interface component configured to communicate with the NAD.
  - 6. The network arrangement of claim 5 comprising one or more interface components is configured to receive the authorized data packet in a network protocol and communicate with the NAD using an interface mechanism.
  - 7. The network arrangement of claim 5 wherein the data manager is configured to establish a link with another server and send the authorized data packet to another server over the link.
  - 8. The network arrangement of claim 2 wherein the NAD server is further configured to filter the data packet based on one or more of a network interface of the client, network port, or network protocol.
  - 9. The network arrangement of claim 1 wherein the NAD is configured to determine whether the received requests for network access to the NAD should be authorized by determining whether the header includes information relating to a network source.

10. A method, comprising:
- processing, by a network attached device (NAD) server coupled to an internal network, a request for network access to a NAD device, the NAD device coupled to the NAD server and configured to receive communication from an internal network only by way of the NAD server, the request for network access including a data packet that includes at least an IP header, the NAD server comprising a NAD server firewall;
  
  determining, by the NAD server firewall, whether the request for network access to the NAD should be authorized or denied based on a filtering of at least the IP header of the data packet of the received request for network access to the NAD;
  
  processing, by the NAD server, the data packet for communication with the NAD and enabling access to the NAD upon determining that the requested network access to the NAD should be authorized, andblocking, by the NAD server, access to the NAD upon determining that the request for network access to the NAD should be denied.
- View Dependent Claims (11, 12, 13, 14, 15, 16)
- - 11. The method of claim 10 wherein the NAD server comprises an operating system, the operating system processing the packet upon authorization.
  - 12. The method of claim 11 wherein the operating system processing the data packet comprises processing the data packet according to one of a plurality of network protocols.
  - 13. The method of claim 10 wherein the NAD server comprises a data manager component, the data management component having direct access to the NAD.
  - 14. The method of claim 13 wherein the data manager establishes a link with another server and sends a data packet over the link after the data packet is authorized.
  - 15. The method of claim 10 wherein the NAD server further filters the data packet based on one or more of a network interface of the client, network port, or network protocol.
  - 16. The method of claim 10 further comprising communicating with a client over an internal network and communicating with an external network firewall that is coupled between the internal network and an external network, the external network firewall protecting the internal network from communications originating on the external network, and wherein the NAD server protecting the NAD from unauthorized access requests by the NAD server independently of the external network firewall.

17. A non-transitory computer-readable storage medium having stored thereon instructions that upon execution by a computing device, cause the acts comprising:
- processing, by a network attached device (NAD) server, a request for network access to a NAD device, the NAD device coupled to the NAD server by way of an interface such that all requests for access to the NAD device are processed by the NAD server, the request for network access including a data packet that includes at least an IP header;
  
  filtering of at least the IP header of the data packet of the received request for network access to the NAD;
  
  authorizing, by the NAD server firewall, the request for network access to the NAD based on information in the IP header indicating the source and destination of the data packet;
  
  processing the data packet for communication with the NAD and enabling access to the NAD upon authorization of the requested network access to the NAD, andblocking access to the NAD of request for network access to the NAD that are not authorized.
- View Dependent Claims (18, 19, 20, 21, 22)
- - 18. The computer-readable storage medium of claim 17 having stored thereon instructions that upon execution by a computing device, further cause instantiating an operating system on the NAD server, the operating system processing the packet upon authorization.
  - 19. The computer-readable storage medium of claim 18 wherein processing the data packet by the operating system comprises processing the data packet according to one of a plurality of network protocols.
  - 20. The computer-readable storage medium of claim 17, wherein the NAD server comprises a data manager component, the data management component having direct access to the NAD.
  - 21. The computer-readable storage medium of claim 20 having stored thereon instructions that upon execution by a computing device, further cause the data manager to establish a link with another server and sends a data packet over the link after the data packet is authorized.
  - 22. The computer-readable storage medium of claim 17 wherein the NAD server further filters the data packet based on a network interface of the client.

Specification

Resources

Litigation Campaign Assessment

Litigation Data

Current Assignee
FireNet Technologies, LLC (IP Investments Group LLC)
Original Assignee
Robust Networks LLC (Intellectual Ventures LLC)
Inventors
Kenworthy, Stacy
Primary Examiner(s)
Alam, Shahid

Application Number

US12/773,716
Publication Number

US 20100242098A1
Time in Patent Office

917 Days
Field of Search

707/781, 707/769, 709/223, 709/225, 709/238, 709/217, 711/111
US Class Current

707/769
CPC Class Codes

G06F 16/951   Indexing; Web crawling tech...

G06F 21/6218   to a system of files or obj...

H04L 63/0209   Architectural arrangements,...

H04L 63/0218   Distributed architectures, ...

H04L 63/0281   Proxies

Y10S 707/99939   Privileged access

Network attached device with dedicated firewall security

First Claim

7 Assignments

Litigations

0 Petitions

Accused Products

Abstract

Citations

22 Claims

Specification

Solutions

Use Cases

Quick Links

Network attached device with dedicated firewall security

First Claim

7 Assignments

Subscription Required

Subscription Required

Litigations

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

22 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links