BG105087A - Устройство за контролиран достъп и метод за управление на трафика на пакет от мрежови данни между вътрешни и външни мрежи - Google Patents
Устройство за контролиран достъп и метод за управление на трафика на пакет от мрежови данни между вътрешни и външни мрежи Download PDFInfo
- Publication number
- BG105087A BG105087A BG105087A BG10508700A BG105087A BG 105087 A BG105087 A BG 105087A BG 105087 A BG105087 A BG 105087A BG 10508700 A BG10508700 A BG 10508700A BG 105087 A BG105087 A BG 105087A
- Authority
- BG
- Bulgaria
- Prior art keywords
- packet
- address
- rule
- access device
- internal
- Prior art date
Links
- 238000000034 method Methods 0.000 title claims description 24
- 238000001914 filtration Methods 0.000 claims abstract description 20
- 239000012634 fragment Substances 0.000 claims description 42
- 230000005540 biological transmission Effects 0.000 claims description 12
- 230000000903 blocking effect Effects 0.000 claims description 8
- 238000013467 fragmentation Methods 0.000 claims description 7
- 238000006062 fragmentation reaction Methods 0.000 claims description 7
- 238000012545 processing Methods 0.000 claims description 4
- 230000007717 exclusion Effects 0.000 claims description 2
- 230000015572 biosynthetic process Effects 0.000 claims 1
- 241000712062 Patricia Species 0.000 description 16
- 230000006870 function Effects 0.000 description 7
- 230000009471 action Effects 0.000 description 5
- 230000008520 organization Effects 0.000 description 5
- 230000008901 benefit Effects 0.000 description 4
- 238000010586 diagram Methods 0.000 description 4
- 239000011159 matrix material Substances 0.000 description 3
- 238000004080 punching Methods 0.000 description 3
- 238000013459 approach Methods 0.000 description 2
- 230000000052 comparative effect Effects 0.000 description 2
- 238000005553 drilling Methods 0.000 description 2
- 230000008569 process Effects 0.000 description 2
- 239000007787 solid Substances 0.000 description 2
- 238000012546 transfer Methods 0.000 description 2
- PQVHMOLNSYFXIJ-UHFFFAOYSA-N 4-[2-(2,3-dihydro-1H-inden-2-ylamino)pyrimidin-5-yl]-1-[2-oxo-2-(2,4,6,7-tetrahydrotriazolo[4,5-c]pyridin-5-yl)ethyl]pyrazole-3-carboxylic acid Chemical compound C1C(CC2=CC=CC=C12)NC1=NC=C(C=N1)C=1C(=NN(C=1)CC(N1CC2=C(CC1)NN=N2)=O)C(=O)O PQVHMOLNSYFXIJ-UHFFFAOYSA-N 0.000 description 1
- 241000276420 Lophius piscatorius Species 0.000 description 1
- 101100205847 Mus musculus Srst gene Proteins 0.000 description 1
- 241000700605 Viruses Species 0.000 description 1
- 125000002015 acyclic group Chemical group 0.000 description 1
- 238000003491 array Methods 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000007635 classification algorithm Methods 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 238000006073 displacement reaction Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000003780 insertion Methods 0.000 description 1
- 230000037431 insertion Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012552 review Methods 0.000 description 1
- 238000000926 separation method Methods 0.000 description 1
- 238000013519 translation Methods 0.000 description 1
- 239000013598 vector Substances 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0263—Rule management
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/46—Multiprogramming arrangements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
Landscapes
- Engineering & Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- General Business, Economics & Management (AREA)
- Business, Economics & Management (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Computer And Data Communications (AREA)
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
SE9802415A SE513828C2 (sv) | 1998-07-02 | 1998-07-02 | Brandväggsapparat och metod för att kontrollera nätverksdatapakettrafik mellan interna och externa nätverk |
PCT/SE1999/001202 WO2000002114A2 (en) | 1998-07-02 | 1999-07-02 | Firewall apparatus and method of controlling network data packet traffic between internal and external networks |
Publications (1)
Publication Number | Publication Date |
---|---|
BG105087A true BG105087A (bg) | 2001-08-31 |
Family
ID=20411974
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
BG105087A BG105087A (bg) | 1998-07-02 | 2000-12-22 | Устройство за контролиран достъп и метод за управление на трафика на пакет от мрежови данни между вътрешни и външни мрежи |
Country Status (18)
Country | Link |
---|---|
US (1) | US20020016826A1 (zh) |
EP (1) | EP1127302A2 (zh) |
JP (1) | JP2002520892A (zh) |
KR (1) | KR20010072661A (zh) |
CN (1) | CN1317119A (zh) |
AU (1) | AU4948499A (zh) |
BG (1) | BG105087A (zh) |
CA (1) | CA2336113A1 (zh) |
EA (1) | EA200100099A1 (zh) |
EE (1) | EE200000783A (zh) |
HU (1) | HUP0103814A2 (zh) |
ID (1) | ID29386A (zh) |
IL (1) | IL140481A0 (zh) |
NO (1) | NO20006668L (zh) |
PL (1) | PL345701A1 (zh) |
SE (1) | SE513828C2 (zh) |
SK (1) | SK20232000A3 (zh) |
WO (1) | WO2000002114A2 (zh) |
Families Citing this family (61)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2001065806A2 (en) * | 2000-03-01 | 2001-09-07 | Sun Microsystems, Inc. | System and method for avoiding re-routing in a computer network during secure remote access |
US20040073617A1 (en) | 2000-06-19 | 2004-04-15 | Milliken Walter Clark | Hash-based systems and methods for detecting and preventing transmission of unwanted e-mail |
US6950947B1 (en) | 2000-06-20 | 2005-09-27 | Networks Associates Technology, Inc. | System for sharing network state to enhance network throughput |
US7013482B1 (en) | 2000-07-07 | 2006-03-14 | 802 Systems Llc | Methods for packet filtering including packet invalidation if packet validity determination not timely made |
US7031267B2 (en) | 2000-12-21 | 2006-04-18 | 802 Systems Llc | PLD-based packet filtering methods with PLD configuration data update of filtering rules |
GB2371186A (en) * | 2001-01-11 | 2002-07-17 | Marconi Comm Ltd | Checking packets |
JP3963690B2 (ja) * | 2001-03-27 | 2007-08-22 | 富士通株式会社 | パケット中継処理装置 |
US7640434B2 (en) * | 2001-05-31 | 2009-12-29 | Trend Micro, Inc. | Identification of undesirable content in responses sent in reply to a user request for content |
US7117533B1 (en) * | 2001-08-03 | 2006-10-03 | Mcafee, Inc. | System and method for providing dynamic screening of transient messages in a distributed computing environment |
US6993660B1 (en) | 2001-08-03 | 2006-01-31 | Mcafee, Inc. | System and method for performing efficient computer virus scanning of transient messages using checksums in a distributed computing environment |
JP3864743B2 (ja) * | 2001-10-04 | 2007-01-10 | 株式会社日立製作所 | ファイアウォール装置、情報機器および情報機器の通信方法 |
US7298745B2 (en) * | 2001-11-01 | 2007-11-20 | Intel Corporation | Method and apparatus to manage packet fragmentation with address translation |
US7761605B1 (en) | 2001-12-20 | 2010-07-20 | Mcafee, Inc. | Embedded anti-virus scanner for a network adapter |
US8185943B1 (en) * | 2001-12-20 | 2012-05-22 | Mcafee, Inc. | Network adapter firewall system and method |
KR20030080412A (ko) * | 2002-04-08 | 2003-10-17 | (주)이카디아 | 외부네트워크 및 내부네트워크로부터의 침입방지방법 |
AU2003227123B2 (en) * | 2002-05-01 | 2007-01-25 | Firebridge Systems Pty Ltd | Firewall with stateful inspection |
AUPS214802A0 (en) | 2002-05-01 | 2002-06-06 | Firebridge Systems Pty Ltd | Firewall with stateful inspection |
US7243141B2 (en) * | 2002-05-13 | 2007-07-10 | Sony Computer Entertainment America, Inc. | Network configuration evaluation |
US7676579B2 (en) * | 2002-05-13 | 2010-03-09 | Sony Computer Entertainment America Inc. | Peer to peer network communication |
US8224985B2 (en) * | 2005-10-04 | 2012-07-17 | Sony Computer Entertainment Inc. | Peer-to-peer communication traversing symmetric network address translators |
US8060626B2 (en) | 2008-09-22 | 2011-11-15 | Sony Computer Entertainment America Llc. | Method for host selection based on discovered NAT type |
US8234358B2 (en) * | 2002-08-30 | 2012-07-31 | Inpro Network Facility, Llc | Communicating with an entity inside a private network using an existing connection to initiate communication |
FR2844949B1 (fr) * | 2002-09-24 | 2006-05-26 | Radiotelephone Sfr | Procede de gestion d'une configuration d'une passerelle par un utilisateur de la passerelle |
WO2004108180A1 (en) * | 2003-06-04 | 2004-12-16 | Inion Ltd | Biodegradable implant and method for manufacturing one |
CN100345118C (zh) * | 2003-11-07 | 2007-10-24 | 趋势株式会社 | 数据包内容过滤装置及方法 |
US7669240B2 (en) * | 2004-07-22 | 2010-02-23 | International Business Machines Corporation | Apparatus, method and program to detect and control deleterious code (virus) in computer network |
JP4405360B2 (ja) * | 2004-10-12 | 2010-01-27 | パナソニック株式会社 | ファイアウォールシステム及びファイアウォール制御方法 |
KR100582555B1 (ko) * | 2004-11-10 | 2006-05-23 | 한국전자통신연구원 | 네트워크 트래픽 이상 상태 검출/표시 장치 및 그 방법 |
US7769858B2 (en) * | 2005-02-23 | 2010-08-03 | International Business Machines Corporation | Method for efficiently hashing packet keys into a firewall connection table |
US20060268852A1 (en) * | 2005-05-12 | 2006-11-30 | David Rosenbluth | Lens-based apparatus and method for filtering network traffic data |
US20070174207A1 (en) * | 2006-01-26 | 2007-07-26 | Ibm Corporation | Method and apparatus for information management and collaborative design |
US8903763B2 (en) | 2006-02-21 | 2014-12-02 | International Business Machines Corporation | Method, system, and program product for transferring document attributes |
CN101014048B (zh) * | 2007-02-12 | 2010-05-19 | 杭州华三通信技术有限公司 | 分布式防火墙系统及实现防火墙内容检测的方法 |
US8392981B2 (en) * | 2007-05-09 | 2013-03-05 | Microsoft Corporation | Software firewall control |
US7995478B2 (en) * | 2007-05-30 | 2011-08-09 | Sony Computer Entertainment Inc. | Network communication with path MTU size discovery |
US20080298354A1 (en) * | 2007-05-31 | 2008-12-04 | Sonus Networks, Inc. | Packet Signaling Content Control on a Network |
ES2383462T3 (es) * | 2007-06-25 | 2012-06-21 | Siemens Aktiengesellschaft | Procedimiento para retransmitir datos en una red de datos descentralizada |
US7933273B2 (en) * | 2007-07-27 | 2011-04-26 | Sony Computer Entertainment Inc. | Cooperative NAT behavior discovery |
CN101110830A (zh) * | 2007-08-24 | 2008-01-23 | 张建中 | 创建多维地址协议的方法、装置和系统 |
US20100262684A1 (en) * | 2007-11-16 | 2010-10-14 | France Telecom | Method and device for packet classification |
US8171123B2 (en) | 2007-12-04 | 2012-05-01 | Sony Computer Entertainment Inc. | Network bandwidth detection and distribution |
US7856506B2 (en) | 2008-03-05 | 2010-12-21 | Sony Computer Entertainment Inc. | Traversal of symmetric network address translator for multiple simultaneous connections |
CN101827070A (zh) * | 2009-03-06 | 2010-09-08 | 英华达股份有限公司 | 可携式通讯装置 |
US9407602B2 (en) * | 2013-11-07 | 2016-08-02 | Attivo Networks, Inc. | Methods and apparatus for redirecting attacks on a network |
US9710648B2 (en) | 2014-08-11 | 2017-07-18 | Sentinel Labs Israel Ltd. | Method of malware detection and system thereof |
US11507663B2 (en) | 2014-08-11 | 2022-11-22 | Sentinel Labs Israel Ltd. | Method of remediating operations performed by a program and system thereof |
US20160094659A1 (en) * | 2014-09-25 | 2016-03-31 | Ricoh Company, Ltd. | Information processing system and information processing method |
US9692727B2 (en) | 2014-12-02 | 2017-06-27 | Nicira, Inc. | Context-aware distributed firewall |
WO2017108816A1 (de) * | 2015-12-22 | 2017-06-29 | Hirschmann Automation And Control Gmbh | Netzwerk mit teilweiser unidirektionaler datenübertragung |
US11115385B1 (en) | 2016-07-27 | 2021-09-07 | Cisco Technology, Inc. | Selective offloading of packet flows with flow state management |
US10193862B2 (en) | 2016-11-29 | 2019-01-29 | Vmware, Inc. | Security policy analysis based on detecting new network port connections |
US11695800B2 (en) | 2016-12-19 | 2023-07-04 | SentinelOne, Inc. | Deceiving attackers accessing network data |
US11616812B2 (en) | 2016-12-19 | 2023-03-28 | Attivo Networks Inc. | Deceiving attackers accessing active directory data |
US10462171B2 (en) | 2017-08-08 | 2019-10-29 | Sentinel Labs Israel Ltd. | Methods, systems, and devices for dynamically modeling and grouping endpoints for edge networking |
US11470115B2 (en) | 2018-02-09 | 2022-10-11 | Attivo Networks, Inc. | Implementing decoys in a network environment |
EP3973427A4 (en) | 2019-05-20 | 2023-06-21 | Sentinel Labs Israel Ltd. | SYSTEMS AND METHODS FOR EXECUTABLE CODE DETECTION, AUTOMATIC FEATURE EXTRACTION, AND POSITION-INDEPENDENT CODE DETECTION |
US11190489B2 (en) | 2019-06-04 | 2021-11-30 | OPSWAT, Inc. | Methods and systems for establishing a connection between a first device and a second device across a software-defined perimeter |
CN112364360B (zh) * | 2020-11-11 | 2022-02-11 | 南京信息职业技术学院 | 一种财务数据安全管理系统 |
US11579857B2 (en) | 2020-12-16 | 2023-02-14 | Sentinel Labs Israel Ltd. | Systems, methods and devices for device fingerprinting and automatic deployment of software in a computing network using a peer-to-peer approach |
US11899782B1 (en) | 2021-07-13 | 2024-02-13 | SentinelOne, Inc. | Preserving DLL hooks |
CN113783974B (zh) * | 2021-09-09 | 2023-06-13 | 烽火通信科技股份有限公司 | 一种动态下发map域规则的方法及装置 |
Family Cites Families (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP0594196B1 (en) * | 1992-10-22 | 1999-03-31 | Cabletron Systems, Inc. | Address lookup in packet data communications link, using hashing and content-addressable memory |
WO1997000471A2 (en) * | 1993-12-15 | 1997-01-03 | Check Point Software Technologies Ltd. | A system for securing the flow of and selectively modifying packets in a computer network |
US5606668A (en) * | 1993-12-15 | 1997-02-25 | Checkpoint Software Technologies Ltd. | System for securing inbound and outbound data packet flow in a computer network |
US5757924A (en) * | 1995-09-18 | 1998-05-26 | Digital Secured Networks Techolognies, Inc. | Network security device which performs MAC address translation without affecting the IP address |
US5918018A (en) * | 1996-02-09 | 1999-06-29 | Secure Computing Corporation | System and method for achieving network separation |
US5889958A (en) * | 1996-12-20 | 1999-03-30 | Livingston Enterprises, Inc. | Network access control system and process |
-
1998
- 1998-07-02 SE SE9802415A patent/SE513828C2/sv not_active IP Right Cessation
-
1999
- 1999-07-02 KR KR1020007015107A patent/KR20010072661A/ko not_active Application Discontinuation
- 1999-07-02 CN CN99810588A patent/CN1317119A/zh active Pending
- 1999-07-02 EA EA200100099A patent/EA200100099A1/ru unknown
- 1999-07-02 EP EP99933426A patent/EP1127302A2/en not_active Withdrawn
- 1999-07-02 AU AU49484/99A patent/AU4948499A/en not_active Abandoned
- 1999-07-02 CA CA002336113A patent/CA2336113A1/en not_active Abandoned
- 1999-07-02 ID IDW20002747A patent/ID29386A/id unknown
- 1999-07-02 HU HU0103814A patent/HUP0103814A2/hu unknown
- 1999-07-02 WO PCT/SE1999/001202 patent/WO2000002114A2/en not_active Application Discontinuation
- 1999-07-02 SK SK2023-2000A patent/SK20232000A3/sk unknown
- 1999-07-02 IL IL14048199A patent/IL140481A0/xx unknown
- 1999-07-02 EE EEP200000783A patent/EE200000783A/xx unknown
- 1999-07-02 JP JP2000558448A patent/JP2002520892A/ja active Pending
- 1999-07-02 PL PL99345701A patent/PL345701A1/xx unknown
-
2000
- 2000-12-22 BG BG105087A patent/BG105087A/bg unknown
- 2000-12-27 NO NO20006668A patent/NO20006668L/no not_active Application Discontinuation
-
2001
- 2001-07-16 US US09/904,837 patent/US20020016826A1/en not_active Abandoned
Also Published As
Publication number | Publication date |
---|---|
SE513828C2 (sv) | 2000-11-13 |
CA2336113A1 (en) | 2000-01-13 |
WO2000002114A3 (en) | 2000-02-17 |
NO20006668D0 (no) | 2000-12-27 |
IL140481A0 (en) | 2002-02-10 |
EP1127302A2 (en) | 2001-08-29 |
SE9802415D0 (sv) | 1998-07-02 |
SE9802415L (sv) | 2000-01-03 |
WO2000002114A2 (en) | 2000-01-13 |
PL345701A1 (en) | 2002-01-02 |
JP2002520892A (ja) | 2002-07-09 |
EE200000783A (et) | 2001-10-15 |
NO20006668L (no) | 2001-03-01 |
SK20232000A3 (sk) | 2001-09-11 |
KR20010072661A (ko) | 2001-07-31 |
ID29386A (id) | 2001-08-30 |
CN1317119A (zh) | 2001-10-10 |
AU4948499A (en) | 2000-01-24 |
HUP0103814A2 (hu) | 2002-03-28 |
US20020016826A1 (en) | 2002-02-07 |
EA200100099A1 (ru) | 2001-06-25 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
BG105087A (bg) | Устройство за контролиран достъп и метод за управление на трафика на пакет от мрежови данни между вътрешни и външни мрежи | |
US7143438B1 (en) | Methods and apparatus for a computer network firewall with multiple domain support | |
US6141749A (en) | Methods and apparatus for a computer network firewall with stateful packet filtering | |
US6170012B1 (en) | Methods and apparatus for a computer network firewall with cache query processing | |
US6098172A (en) | Methods and apparatus for a computer network firewall with proxy reflection | |
JP3443529B2 (ja) | ファイアウォールサービスを提供する方法と、ファイアウォールサービスを提供するコンピュータシステム | |
US7127739B2 (en) | Handling information about packet data connections in a security gateway element | |
KR100333250B1 (ko) | 패킷 중계 장치 | |
DE69125756T2 (de) | Verfahren und Einrichtung zur Entschlüsselung eines Informationspakets mit einem modifizierbaren Format | |
US7072933B1 (en) | Network access control using network address translation | |
US20080133774A1 (en) | Method for implementing transparent gateway or proxy in a network | |
CN1575462A (zh) | 在第2层装置中实现第3层/第7层防火墙的方法和设备 | |
KR20010068051A (ko) | 패킷 차단방식 방화벽 시스템에서의 고속 정책 판별 방법 | |
US11997203B2 (en) | Systems and methods for privacy preserving accurate analysis of network paths | |
US6615358B1 (en) | Firewall for processing connection-oriented and connectionless datagrams over a connection-oriented network | |
CN106254152A (zh) | 一种流量控制策略处理方法和装置 | |
US20080104688A1 (en) | System and method for blocking anonymous proxy traffic | |
US6795816B2 (en) | Method and device for translating telecommunication network IP addresses by a leaky-controlled memory | |
US8873555B1 (en) | Privilege-based access admission table | |
CN1210919C (zh) | 一种数据接入设备中的数据流量控制方法 | |
EP1973275A1 (en) | Data communications method and apparatus | |
JP2007104472A (ja) | 統計データ取得装置及び統計データ取得方法 | |
KR100615851B1 (ko) | 다양한 서비스에 대한 아이피 패킷 포워딩을 위한 병렬룩업제어방법 및 포워딩 엔진장치 | |
Li et al. | Trie-based observations on the routing tables | |
Boshoff et al. | Increasing firewall reliability by recording routes |