Deploying group VPNS and security groups over an end-to-end enterprise network
First Claim
1. A method for providing secure communication among members in a virtual private network comprising:
- defining a security group, the security group comprising identification of two or more members to be enabled to securely communicate with one another;
upon request by a group member to communicate with other members of a security group,determining if the group member is authenticated using a virtual private network (VPN) authentication function;
if the group member is authenticated by the VPN authentication function;
then, presenting the group member with a security association to enable the member to carry out secure communication within the group.
12 Assignments
0 Petitions
Accused Products
Abstract
Group Virtual Private Networks (Group VPNS) are provided for different types of machines in a data processing network. Security groups are defined by a security policy for each member. Security policies and encryption keys are deployed to members of a security group using an IPSec network infrastructure with authentication via VPN mechanisms. The group VPNs provide a trusted IP network that can leverage and co-exist with security access control technologies, such as endpoint security that controls client network access or application security that controls user access to enterprise applications.
101 Citations
28 Claims
-
1. A method for providing secure communication among members in a virtual private network comprising:
-
defining a security group, the security group comprising identification of two or more members to be enabled to securely communicate with one another; upon request by a group member to communicate with other members of a security group, determining if the group member is authenticated using a virtual private network (VPN) authentication function; if the group member is authenticated by the VPN authentication function; then, presenting the group member with a security association to enable the member to carry out secure communication within the group. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. An apparatus for providing secure communication among members in a virtual private network (VPN) comprising:
-
a security group storage device, for storing a definition of a security group, the security group comprising an identification of two or more members of the VPN to be enabled to securely communicate with one another; a receiver, for receiving a request by a group member to communicate with other members of a security group, a virtual private network (VPN) authentication server, for determining if the group member is authenticated; a security association interface, for receiving a security association to enable an authenticated member to carry out secure communication with other group members. - View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28)
-
Specification