Security system for network address translation systems
US7583668B1 · kind B1 · utility
Assignee
Inventors
Key dates
| Filing date | Aug 9, 2006 |
| Grant date | Sep 1, 2009 |
| Priority date | — |
| Expiry date | Oct 19, 2027 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/0227
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A system and method are disclosed for providing perform network address translation of network layer addresses of packets exchanged between nodes on a local network and nodes outside the local network. This allows local hosts in an enterprise network to share global IP addresses from a limited pool of such addresses available to the enterprise. The translation may be accomplished by replacing the source address in headers on packets destined for the Internet and by replacing destination address in headers on packets entering the local enterprise network from the Internet. Packets arriving from the Internet are screened by an adaptive security algorithm. According to this algorithm, packets are dropped and logged unless they are deemed nonthreatening.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.