Method and apparatus to control application messages between client and a server having a private network address
First Claim
1. A method to control communication traffic in a communication network, said traffic comprising application-level messages between a client and a server having a private network address, comprising the steps of:
- receiving from said client a request message sent to a first public network address associated with said private network address of said server;
processing said request message at an intermediate logic unit logically positioned between said client and said server;
receiving an alert signal indicating a malicious internet attack of said server at said intermediate logic unit; and
, upon receipt of said alert signal;
mapping said private network address of said server to a second public network address at said intermediate logic unit;
instructing said client to send said request message to said second public network address; and
routing to said server only request messages directed to said second public network address,wherein, before the step of receiving said request message, a step of hiding said private network address of said server is performed by mapping said first public network address to said private network address of said server at said intermediate logic unit.
1 Assignment
0 Petitions
Accused Products
Abstract
A method to control communication traffic in a communication network. The traffic includes application-level messages between a client and a server having a private network address. The method includes the steps of: sending by the client a request message requesting a service to the server using a first public network address associated with the server; processing the request message at an intermediate logic unit logically positioned between the client and the server; and receiving an alert signal at the intermediate unit. Upon receipt of said alert signal, the method provides for: mapping the private network address of the server to a second public network address associated with the server; and instructing the client to send the request message to the second public network address of the server, routing to the server only request messages directed to the second public network address.
-
Citations
19 Claims
-
1. A method to control communication traffic in a communication network, said traffic comprising application-level messages between a client and a server having a private network address, comprising the steps of:
-
receiving from said client a request message sent to a first public network address associated with said private network address of said server; processing said request message at an intermediate logic unit logically positioned between said client and said server; receiving an alert signal indicating a malicious internet attack of said server at said intermediate logic unit; and
, upon receipt of said alert signal;mapping said private network address of said server to a second public network address at said intermediate logic unit; instructing said client to send said request message to said second public network address; and routing to said server only request messages directed to said second public network address, wherein, before the step of receiving said request message, a step of hiding said private network address of said server is performed by mapping said first public network address to said private network address of said server at said intermediate logic unit. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. A system for controlling communication traffic in a communication network, said traffic comprising application-level messages, comprising:
-
a server having a private network address; a client configured to transmit a request message to a first public network address associated with said private network address of said server; an intermediate logic unit logically positioned between the client and the server, said intermediate logic unit configured to; before receiving said request message from said client, hide said private network address of said server by mapping said first public network address to said private network address of said server; and receive and process said request message; and an event detector capable of detecting an event and sending an alert signal indicating a malicious internet attack of said server to said intermediate logic unit, wherein said intermediate logic unit is configured so as, upon receipt of said alert signal indicating the malicious internet attack of said server, to map said private network address of said server to a second public network address, to send an instruction to said client to send said request message to said second public network address and to route to said server only request messages directed to said second public network address. - View Dependent Claims (18, 19)
-
Specification