Electrical computers and digital processing systems: multicomput – Computer network managing – Computer network monitoring
Patent
1997-04-02
1999-11-09
Maung, Zarni
Electrical computers and digital processing systems: multicomput
Computer network managing
Computer network monitoring
709225, 709250, G06F 1300
Patent
active
059832703
ABSTRACT:
In accordance with the present invention, a network management program (80) is provided that manages the communication of data packets between an intranetwork (44) and an internetwork (40). An operator of a computer connected to the intranetwork (44) inputs vital information regarding users of computers connected to the intranetwork (44), mapping information regarding computers connected to the intranetwork (44), and policies to be applied against those users and computers, using a graphical user interface (GUI 70). The GUI (70) communicates the vital user information, mapping information and policies to a database (72) which stores and organizes the vital user information, mapping information and policies. A filter executive (76) optimizes the policies stored in the database (72) into a set of rules for each user and passes the rules to a filter engine (78). The filter engine (78) filters all outbound data packets transmitted from the intranetwork (44) to the internetwork (40) and verifies all inbound data packets from the internetwork (40) according to the rules provided by the filter executive (76). The filter executive (76) also communicates the mapping information stored in the database (72) to a naming service manager (74) which further updates the mapping information and returns the updated mapping information to the filter executive (76). Consequently, the filter executive (78) filters the data packets according to the most recent mapping information.
REFERENCES:
patent: 5317568 (1994-05-01), Bixby et al.
patent: 5347633 (1994-09-01), Ashfield et al.
patent: 5377323 (1994-12-01), Vasudevan
patent: 5425028 (1995-06-01), Britton et al.
patent: 5522045 (1996-05-01), Sandberg
patent: 5606668 (1997-02-01), Shwed
patent: 5742769 (1998-04-01), Lee et al.
IBM Corp., "Enforced Separation of Roles In A Multi-User Operating System," IBM Technical Disclosure Bulletin, vol. 34, No. 7B, pp. 120-122 (Dec. 1991).
J. Bruce Dawson, "Intrusion Protection for Networks," BYTE (Apr. 1995).
Jim Reid, "Open Systems Security: Traps and Pitfalls," Computer & Security 14:496-517 (1995).
S.M. Bellovin and W.R. Cheswick, "Network Firewalls," IEEE Communiations Magazine, No. 9 New York, US (1994).
D. Brent Chapman, Network (In) Security Through IP Packet Filtering, USENIX Symposium Proceedings, UNIX Security III, Baltimore, Maryland, Sep. 14-16, 1992.
D. Brent Chapman and Elizabeth D. Zwicky, Building Internet Firewalls, Chapters 6 & 8 (O'Reilly & Associates, Inc., 1995).
Chris Hare and Karanjit Siyan, Internet Firewalls and Network Security, Chapter 5 (New Riders Publishing, 2d Ed. 1996).
Abraham Dalen M.
Allison Robert C.
Barnes Todd A.
Bouche Paul F.
Bougetz Thomas P.
Maung Zarni
Sequel Technology Corporation
LandOfFree
Method and apparatus for managing internetwork and intranetwork does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and apparatus for managing internetwork and intranetwork , we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and apparatus for managing internetwork and intranetwork will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-1469957