Internet isolation for avoiding internet security threats
First Claim
1. A networked system comprising:
- a local area network; and
a connection on the local area network communicating with an Internet; and
a plurality of computer systems coupled to the local area network;
each computer system of the plurality of computer systems operating as a host system according to stored data corresponding to an operating system and one or more program applications;
each computer system supporting operation of a respective virtual computer system that is separated and isolated from the host system by an internal firewall, wherein a local host-based firewall is configured to implement a first policy when the computer system is connected to the local area network and a second policy when the computer system is not connected to the local area network, wherein the first policy permits at least one or more communications between the host system of the computer system and one or more resources on the local area network using a second browser program running on the host system outside of the virtual computer system, and the second policy blocks at least communications egressing from the second browser program running on the host system of the computer system but allows communications egressing from a first browser program of the virtual computer system;
the local area network having a respective virtual conduit connection between each of said virtual computer systems and a virtual private network termination point on the local area network, and each virtual conduit connection is associated with a respective Internet Protocol (IP) address;
each virtual computer system comprising the first browser program that communicates via the respective virtual conduit connection over the local area network with the connection to the Internet such that said virtual computer system is enabled to access sites on the Internet through said virtual conduit connection without exposing the host system;
wherein each virtual computer system is isolated against any other communication with or over the local area network except for the communication through the respective virtual conduit connection; and
wherein each virtual computer system is isolated so as to prevent any communication of data to the respective host system from the virtual computer system operating thereon, except for a predetermined set of types of permitted data transfers therebetween; and
wherein the predetermined set of types of permitted data transfers from the virtual computer system to the host computer system is limited to transfers of data that are initiated by receiving an input from a user.
3 Assignments
0 Petitions
Accused Products
Abstract
A host computer supports a virtual guest system running thereon. The host system has a firewall that prevents it from communicating directly with the Internet, except with predetermined trusted sites. The virtual guest runs on a hypervisor, and the virtual guest comprises primarily a browser program that is allowed to contact the Internet freely via an Internet access connection that is completely separate from the host computer connection, such as a dedicated network termination point with its specific Internet IP address, or by tunneling through the host machine architecture to reach the Internet without exposing the host system. The virtual guest system is separated and completely isolated by an internal firewall from the host, and the guest cannot access any of the resources of the host computer, except that the guest can initiate cut, copy and paste operations that reach the host, and the guest can also request print of documents. The host can transfer files to and from a virtual data storage area accessible by the guest by manual operator action. No other transfer of data except these user initiated actions is permitted.
-
Citations
23 Claims
-
1. A networked system comprising:
-
a local area network; and a connection on the local area network communicating with an Internet; and a plurality of computer systems coupled to the local area network; each computer system of the plurality of computer systems operating as a host system according to stored data corresponding to an operating system and one or more program applications; each computer system supporting operation of a respective virtual computer system that is separated and isolated from the host system by an internal firewall, wherein a local host-based firewall is configured to implement a first policy when the computer system is connected to the local area network and a second policy when the computer system is not connected to the local area network, wherein the first policy permits at least one or more communications between the host system of the computer system and one or more resources on the local area network using a second browser program running on the host system outside of the virtual computer system, and the second policy blocks at least communications egressing from the second browser program running on the host system of the computer system but allows communications egressing from a first browser program of the virtual computer system; the local area network having a respective virtual conduit connection between each of said virtual computer systems and a virtual private network termination point on the local area network, and each virtual conduit connection is associated with a respective Internet Protocol (IP) address; each virtual computer system comprising the first browser program that communicates via the respective virtual conduit connection over the local area network with the connection to the Internet such that said virtual computer system is enabled to access sites on the Internet through said virtual conduit connection without exposing the host system; wherein each virtual computer system is isolated against any other communication with or over the local area network except for the communication through the respective virtual conduit connection; and wherein each virtual computer system is isolated so as to prevent any communication of data to the respective host system from the virtual computer system operating thereon, except for a predetermined set of types of permitted data transfers therebetween; and wherein the predetermined set of types of permitted data transfers from the virtual computer system to the host computer system is limited to transfers of data that are initiated by receiving an input from a user. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method for a user to browse the Internet, said method comprising:
-
providing a local area network; providing a connection on the local area network communicating with the Internet; and providing a plurality of computer systems coupled to the local area network, each computer system of the plurality of computer systems operating as a host system according to stored data corresponding to an operating system and one or more program applications, each computer system supporting operation of a respective virtual computer system that is separated and isolated from the host system by an internal firewall, wherein a local host-based firewall is configured to implement a first policy when the computer system is connected to the local area network and a second policy when the computer system is not connected to the local area network, wherein the first policy permits one or more communications between the host system of the computer system and one or more resources on the local area network using at least a second browser program running on the host system outside of the virtual computer system, and the second policy blocks at least communications egressing from the second browser program of the host system of the computer system but allows communications egressing from at least a first browser program of the virtual computer system, the local area network having a respective virtual conduit connection between each of said virtual computer systems and a virtual private network termination point on the local area network, and each virtual conduit connection is associated with a respective Internet Protocol (IP) address, each virtual computer system comprising the first internet browser program that communicates via the respective virtual conduit connection over the local area network with the connection to the Internet such that said virtual computer system is enabled to access sites on the Internet through said virtual conduit connection without exposing the host system; accessing the Internet using the first browser program running on the virtual computer system via a virtual private network conduit through the local area network to an Internet connection; providing restricted communication of data from the virtual computer system to the host system that is limited to transfers of data that are initiated by receiving an input initiated by the user; providing the second browser program running on the host system outside of the virtual computer system, wherein communications associated with the second browser program running on the host system are processed using a local host-based firewall; responsive to an input by the user to access a site, determining whether or not the site is a predetermined trusted site; accessing the site using the first browser program on condition that the site is determined not to be a predetermined trusted site; displaying the site using the first browser program on condition that the site is determined not to be a predetermined trusted site; accessing the site using the second browser program on condition that the site is determined to be a predetermined trusted site, wherein a request to access the site from the second browser program is allowed by the local host-based firewall on condition that the site is determined to be a predetermined trusted site; and displaying the site using the second browser program on condition that the site is determined to be a predetermined trusted site. - View Dependent Claims (11, 12, 13, 14)
-
-
15. A computerized work station comprising:
-
a computer operatively connected to one or more user input devices, a display device, and computer-accessible data storage configured to store computer-readable instructions for an operating system and one or more applications programs that run on said operating system; an interface configured to connect to a local area network (LAN) having a connection to an Internet, wherein the computer comprises a virtual computer system and a host system, and the virtual computer system is separated and isolated from the host system by an internal firewall; a local host-based firewall configured implement a first policy when connected to the local area network and a second policy when not connected to the local area network, wherein the first policy permits at least one or more communications between the host system of the computer system and one or more resources on the local area network using a second browser program running on the host system outside of the virtual computer system, and the second policy blocks at least communications egressing a host system of the computer system but allows communications egressing from a first browser program of the virtual computer system, wherein the virtual computer system and the first browser program access untrusted destinations through a virtual private network (VPN) conduit and the second browser program running on the host system accesses one or more trusted resources on the local area network that are associated with a predetermined set of trusted locations, wherein the host-based firewall is configured to block the second browser program running on the host system from accessing any resources other than the predetermined set of trusted locations, wherein the computer is configured to access any websites not on the predetermined set of trusted location using the first browser program running on the virtual computer system via the VPN conduit without exposing the host system, the VPN conduit being associated with an Internet Protocol (IP) address, wherein the virtual computer system is configured such that the virtual computer system and the first browser program running thereon are restricted from accessing at least a portion of computing resources of the computer, wherein the virtual computer system and the first browser program are restricted from communicating except through the VPN conduit, wherein data transfers from the virtual computer system to the host system are blocked except for a limited set of types of transfers initiated by a input received via at least one of the one or more user-input devices. - View Dependent Claims (16, 17, 18, 19, 20)
-
-
21. A computer system comprising:
-
a computer having a computer-accessible data storage, an input device connected therewith and a display, said computer having stored thereon software causing the computer to operate as a host system executing application programs; an interface configured to connect to a local area network having a connection that communicates with an Internet; a virtual computer system of the computer that is separated and isolated from the host system via an internal firewall, wherein communication of data from the virtual computer system to the host system is limited to transfers of data that are initiated by receiving an input via the input device; and a local host-based firewall configured to implement a first policy when the computer system is connected to the local area network and a second policy when the computer system is not connected to the local area network, wherein the first policy permits at least one or more communications between the host computer system of the computer system and one or more resources on the local area network using a second browser program running on the host system outside of the virtual computer system, and the second policy blocks at least communications egressing from the second browser program of the host system of the computer system but allows communication egressing from a first browser program of the virtual computer system, wherein the first browser program is configured to communicate via a virtual conduit connection between the virtual computer system and a virtual private network termination point on the local area network, the virtual conduit connection being associated with an Internet Protocol (IP) address, wherein the virtual computer system is isolated against any other communication with or over the local area network except for the communication through the virtual conduit connection such that said virtual computer system is enabled to access sites on the Internet through said virtual conduit connection without exposing the host system. - View Dependent Claims (22, 23)
-
Specification