Firewall system for protecting network elements connected to a public network
DCFirst Claim
1. A firewall system for protecting network elements comprising:
- a computing platform having a microprocessor and memory storage, wherein said computing platform provides access from a network connection to at least one network element, wherein said memory contains instructions causing said microprocessor to perform the steps of;
initializing a plurality of proxy agents, wherein each of said proxy agents is assigned a corresponding port number and protocol;
verifying that incoming connection requests are formatted in accordance with said corresponding protocol;
logging information associated with incoming connection requests; and
,processing received packets to determine the presence of executable commands nested within received packets, and if detected, discarding said received packets.
2 Assignments
Litigations
0 Petitions
Reexamination
Accused Products
Abstract
A firewall for isolating network elements from a publicly accessible network to which such network elements are attached. The firewall operates on a stand alone computer connected between the public network and the network elements to be protected such that all access to the protected network elements must go through the firewall. The firewall application running on the stand alone computer is preferably the only application running on that machine. The application includes a variety of proxy agents that are specifically assigned to an incoming request in accordance with the service protocol (i.e., port number) indicated in the incoming access request. An assigned proxy agent verifies the authority of an incoming request to access a network element indicated in the request. Once verified, the proxy agent completes the connection to the protected network element on behalf of the source of the incoming request.
444 Citations
1 Claim
-
1. A firewall system for protecting network elements comprising:
a computing platform having a microprocessor and memory storage, wherein said computing platform provides access from a network connection to at least one network element, wherein said memory contains instructions causing said microprocessor to perform the steps of; initializing a plurality of proxy agents, wherein each of said proxy agents is assigned a corresponding port number and protocol; verifying that incoming connection requests are formatted in accordance with said corresponding protocol; logging information associated with incoming connection requests; and
,processing received packets to determine the presence of executable commands nested within received packets, and if detected, discarding said received packets.
Specification