Dynamic firewall capabilities for wireless access gateways
First Claim
1. A method for dynamic filtering of data packets at an access gateway in a network, the method comprising the steps of:
- a. receiving a registration request on behalf of a network node for access to a network;
b. answering the registration request; and
c. filtering data packets associated with the network node.
1 Assignment
0 Petitions
Accused Products
Abstract
The present invention provides a method and system for dynamic filtering of data packets at an access gateway in a communication network. According to the method, a policy server receives a request for registration with the network from a network node. The server verifies the network node identity and selects the corresponding security policy for the network node. The selected security policy is indicated by the server to a network access gateway. The network access gateway selects the indicted security policy. The selected security policy is applied for the communication between the network node and the network.
62 Citations
45 Claims
-
1. A method for dynamic filtering of data packets at an access gateway in a network, the method comprising the steps of:
-
a. receiving a registration request on behalf of a network node for access to a network;
b. answering the registration request; and
c. filtering data packets associated with the network node. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A method for dynamic filtering of data packets at an access gateway in a foreign network, the method comprising the steps of:
-
a. receiving a registration request on behalf of a network node for access to a network, the registration request comprising an identifier wherein the identifier identifies the network node;
b. answering the registration request; and
c. filtering data packets associated with the network node at the access gateway. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22)
-
-
23. A method for dynamic filtering of data packets at an access gateway in a home network, the method comprising the steps of:
-
a. receiving a registration request on behalf of a network node for access to a network, the registration request comprising an identifier wherein the identifier identifies the network node;
b. answering the registration request; and
c. filtering data packets associated with the network node at the access gateway. - View Dependent Claims (24, 25, 26, 27, 28, 29, 30, 31, 32, 33)
-
-
34. A system for dynamic filtering of data packets in a network, the system comprising:
-
a. at least one server for receiving a registration request made by a network node for access to the network resources, the server sending a reply to the network node in response to the registration request; and
b. an access gateway, embedded on the server, for performing filtering of data packets associated with the network node. - View Dependent Claims (35, 36, 37, 38)
-
-
39. A system for dynamic filtering of data packets in a network, the system comprising:
-
a. at least one server for receiving registration request made by a network node for access to the network, the server sending a reply to the network node in response to the registration request; and
b. a packet data serving node in a foreign network, for performing filtering of data packets associated with the network node. - View Dependent Claims (40, 41)
-
-
42. A system for dynamic filtering of data packets in a network, the system comprising:
-
a. at least one server for receiving registration request made by a network node for access to the network, the server sending a reply to the network node in response to the registration request; and
b. a home agent in a home network, for performing filtering of data packets associated with the network node. - View Dependent Claims (43, 44)
-
-
45. A computer program product for use with a computer, for dynamic filtering of data packets at an access gateway in a communication network, the computer program product performing the steps of:
-
a. receiving a registration request on behalf of a network node for access to the network, the registration request comprising an identifier wherein the identifier identifies the location of the network node;
b. answering the registration request; and
c. filtering data packets associated with the network node, wherein the location of filtering being decided on the basis of the identifier.
-
Specification