WO2002037730A3 - A router-based system for providing multi-level data filtering and security services in a broadband environment - Google Patents

A router-based system for providing multi-level data filtering and security services in a broadband environment Download PDF

Info

Publication number
WO2002037730A3
WO2002037730A3 PCT/IL2001/001012 IL0101012W WO0237730A3 WO 2002037730 A3 WO2002037730 A3 WO 2002037730A3 IL 0101012 W IL0101012 W IL 0101012W WO 0237730 A3 WO0237730 A3 WO 0237730A3
Authority
WO
WIPO (PCT)
Prior art keywords
services
network
router
based system
level data
Prior art date
Application number
PCT/IL2001/001012
Other languages
French (fr)
Other versions
WO2002037730A2 (en
Inventor
Alberto Schliserman
Eldad Gefen
Ilan Kander
Original Assignee
Firebit Ltd
Alberto Schliserman
Eldad Gefen
Ilan Kander
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Firebit Ltd, Alberto Schliserman, Eldad Gefen, Ilan Kander filed Critical Firebit Ltd
Priority to AU2002214230A priority Critical patent/AU2002214230A1/en
Publication of WO2002037730A2 publication Critical patent/WO2002037730A2/en
Publication of WO2002037730A3 publication Critical patent/WO2002037730A3/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/10Flow control; Congestion control
    • H04L47/24Traffic characterised by specific attributes, e.g. priority or QoS
    • H04L47/2425Traffic characterised by specific attributes, e.g. priority or QoS for supporting services specification, e.g. SLA
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0272Virtual private networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/16Implementing security features at a particular protocol layer

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Computer And Data Communications (AREA)

Abstract

The present invention relates to a router-based system (50) for providing multi-level data filtering, security services and content related switching services in a broadband environment (13). This system allows the operator of a network, and in particular, a Next Generation Network to provide outsourcing services to its subscribers and ensure performance of such services and Service Level Agreements. These services are executed across multiple layers of the ISO seven-layer model, within or co-operating with Edge Routers (20), at the point of entry to the Internet or network. Services offered by the present invention include security services, selective browsing services and application layer services, which can be used to substantially enhance security, content, management and control in a network.
PCT/IL2001/001012 2000-10-31 2001-10-31 A router-based system for providing multi-level data filtering and security services in a broadband environment WO2002037730A2 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
AU2002214230A AU2002214230A1 (en) 2000-10-31 2001-10-31 A router-based system for providing multi-level data filtering and security services in a broadband environment

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US69943800A 2000-10-31 2000-10-31
US09/699,438 2000-10-31

Publications (2)

Publication Number Publication Date
WO2002037730A2 WO2002037730A2 (en) 2002-05-10
WO2002037730A3 true WO2002037730A3 (en) 2002-08-22

Family

ID=24809329

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IL2001/001012 WO2002037730A2 (en) 2000-10-31 2001-10-31 A router-based system for providing multi-level data filtering and security services in a broadband environment

Country Status (2)

Country Link
AU (1) AU2002214230A1 (en)
WO (1) WO2002037730A2 (en)

Families Citing this family (33)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7260840B2 (en) 2003-06-06 2007-08-21 Microsoft Corporation Multi-layer based method for implementing network firewalls
US7509673B2 (en) * 2003-06-06 2009-03-24 Microsoft Corporation Multi-layered firewall architecture
US7308711B2 (en) * 2003-06-06 2007-12-11 Microsoft Corporation Method and framework for integrating a plurality of network policies
US7436765B2 (en) 2003-09-03 2008-10-14 Teknovus, Inc. Method and apparatus for dynamically allocating upstream bandwidth in passive optical networks
US7362704B2 (en) 2003-09-15 2008-04-22 Teknovus, Inc. Method and apparatus for dynamically allocating upstream bandwidth in passive optical networks
CN100459609C (en) * 2003-09-25 2009-02-04 华为技术有限公司 Media access control address learning method of digital user's line access multiplexer
EP1557982B1 (en) 2004-01-26 2011-05-11 STMicroelectronics Srl Method and system for admission control in communication networks
CN100531191C (en) 2004-09-06 2009-08-19 华为技术有限公司 Method and system for realizing service in transfer layer of NGN network
US8458467B2 (en) 2005-06-21 2013-06-04 Cisco Technology, Inc. Method and apparatus for adaptive application message payload content transformation in a network infrastructure element
US7664879B2 (en) 2004-11-23 2010-02-16 Cisco Technology, Inc. Caching content and state data at a network element
US7987272B2 (en) 2004-12-06 2011-07-26 Cisco Technology, Inc. Performing message payload processing functions in a network element on behalf of an application
US7725934B2 (en) * 2004-12-07 2010-05-25 Cisco Technology, Inc. Network and application attack protection based on application layer message inspection
US7496750B2 (en) 2004-12-07 2009-02-24 Cisco Technology, Inc. Performing security functions on a message payload in a network element
US8082304B2 (en) 2004-12-10 2011-12-20 Cisco Technology, Inc. Guaranteed delivery of application layer messages by a network element
US8266327B2 (en) 2005-06-21 2012-09-11 Cisco Technology, Inc. Identity brokering in a network element
CN1905517A (en) * 2005-07-30 2007-01-31 华为技术有限公司 Control system and method for selecting for warding path for media stream in NGN network
US8566928B2 (en) 2005-10-27 2013-10-22 Georgia Tech Research Corporation Method and system for detecting and responding to attacking networks
CN100384158C (en) 2006-04-04 2008-04-23 华为技术有限公司 Safety protecting method for digital user line cut-in multiplexing device
US10027688B2 (en) 2008-08-11 2018-07-17 Damballa, Inc. Method and system for detecting malicious and/or botnet-related domain names
US8578497B2 (en) 2010-01-06 2013-11-05 Damballa, Inc. Method and system for detecting malware
US8826438B2 (en) 2010-01-19 2014-09-02 Damballa, Inc. Method and system for network-based detecting of malware from behavioral clustering
US9516058B2 (en) 2010-08-10 2016-12-06 Damballa, Inc. Method and system for determining whether domain names are legitimate or malicious
CA2712542C (en) 2010-08-25 2012-09-11 Ibm Canada Limited - Ibm Canada Limitee Two-tier deep analysis of html traffic
US8631489B2 (en) 2011-02-01 2014-01-14 Damballa, Inc. Method and system for detecting malicious domain names at an upper DNS hierarchy
US10547674B2 (en) 2012-08-27 2020-01-28 Help/Systems, Llc Methods and systems for network flow analysis
US10084806B2 (en) 2012-08-31 2018-09-25 Damballa, Inc. Traffic simulation to identify malicious activity
US9894088B2 (en) 2012-08-31 2018-02-13 Damballa, Inc. Data mining to identify malicious activity
US9680861B2 (en) 2012-08-31 2017-06-13 Damballa, Inc. Historical analysis to identify malicious activity
US9166994B2 (en) 2012-08-31 2015-10-20 Damballa, Inc. Automation discovery to identify malicious activity
US9571511B2 (en) 2013-06-14 2017-02-14 Damballa, Inc. Systems and methods for traffic classification
US9930065B2 (en) 2015-03-25 2018-03-27 University Of Georgia Research Foundation, Inc. Measuring, categorizing, and/or mitigating malware distribution paths
US10771435B2 (en) 2018-11-20 2020-09-08 Netskope, Inc. Zero trust and zero knowledge application access system
CN109768935B (en) * 2019-03-14 2023-10-10 海南梯易易智能科技有限公司 Wireless router with intelligent recognition and filtering functions and safe operation method thereof

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5845267A (en) * 1996-09-06 1998-12-01 At&T Corp System and method for billing for transactions conducted over the internet from within an intranet
US5845070A (en) * 1996-12-18 1998-12-01 Auric Web Systems, Inc. Security system for internet provider transaction
US5881234A (en) * 1996-04-26 1999-03-09 Schwob; Pierre R. Method and system to provide internet access to users via non-home service providers
US6092110A (en) * 1997-10-23 2000-07-18 At&T Wireless Svcs. Inc. Apparatus for filtering packets using a dedicated processor
US6249820B1 (en) * 1995-07-12 2001-06-19 Cabletron Systems, Inc. Internet protocol (IP) work group routing
US6359886B1 (en) * 1998-08-17 2002-03-19 Compaq Computer Corporation Method and apparatus for filtering and routing communications frames

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6249820B1 (en) * 1995-07-12 2001-06-19 Cabletron Systems, Inc. Internet protocol (IP) work group routing
US5881234A (en) * 1996-04-26 1999-03-09 Schwob; Pierre R. Method and system to provide internet access to users via non-home service providers
US5845267A (en) * 1996-09-06 1998-12-01 At&T Corp System and method for billing for transactions conducted over the internet from within an intranet
US5845070A (en) * 1996-12-18 1998-12-01 Auric Web Systems, Inc. Security system for internet provider transaction
US6092110A (en) * 1997-10-23 2000-07-18 At&T Wireless Svcs. Inc. Apparatus for filtering packets using a dedicated processor
US6359886B1 (en) * 1998-08-17 2002-03-19 Compaq Computer Corporation Method and apparatus for filtering and routing communications frames

Also Published As

Publication number Publication date
WO2002037730A2 (en) 2002-05-10
AU2002214230A1 (en) 2002-05-15

Similar Documents

Publication Publication Date Title
WO2002037730A3 (en) A router-based system for providing multi-level data filtering and security services in a broadband environment
WO2007095546A3 (en) Hotspot communication limiter
WO1999013448A3 (en) Remote access-controlled communication
WO2002023812A3 (en) System and method for managing and provisioning virtual routers
WO2006031243A3 (en) Firewall permitting access to network based on accessing party identity
WO2001080488A3 (en) Methods and systems for managing virtual addresses for virtual networks
WO2006114713A3 (en) Method for managing service bindings over an access domain and nodes therefor
EP1014748A3 (en) Management system for a multi-level communication network
WO2005038555A3 (en) Communications interface for a gaming machine
WO2003038578A3 (en) User access control to distributed resources on a data communications network
WO2002054675A3 (en) System and method for configuring computer applications and devices using inheritance
WO2005114464A3 (en) System and method for providing remediation management
WO2001086380A3 (en) Systems and methods for isolating faults in computer networks
WO2003048957A8 (en) Method and system for allowing multiple service providers to serve users via a common access network
EP1484886A3 (en) Method and framework for integrating a plurality of network policies
WO2006005047A3 (en) System and method for consolidating, securing and automating out-of-band access to nodes in a data network
WO2003021838A3 (en) Multicast group management in telecommunication networks
WO2002042870A3 (en) Electronic systems and methods for dispute management
WO2009158462A3 (en) Automatic translation of contracts to policies in policy-based networks
WO2004006058A3 (en) Web service architecture and methods
DE60201716T2 (en) Method and apparatus for protecting e-commerce site against distributed denial-of-service attacks
WO2008073176A3 (en) Intelligent overlay providing secure, dynamic communication between points in a network
WO2003034207A3 (en) Policy based system management
WO2001093069A3 (en) Internet communication
NO20031868D0 (en) Server to map application names to TAG values for a distributed multi-user application

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A3

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ OM PH PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG US UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A3

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
121 Ep: the epo has been informed by wipo that ep was designated in this application
REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: COMMUNICATION PURSUANT TO RULE 69 EPC (EPO FORM 1205A OF 161003)

122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase

Ref country code: JP