Abstract: Secure network communications via a firewall device are provided between a first device and a second device, where an encryption parameter is shared by the devices. A data packet sent by the first device may then be copied within the firewall device, so that the copy of the data packet can be decrypted within a portion of the firewall device. In particular, the portion of the firewall device in which decryption takes place is defined such that contents of the portion are inaccessible to an operator of the firewall device. Thus, scanning of the decrypted copy of the data packet for compliance with a predetermined criterion may take place within the firewall device, without an operator of the firewall device having access to the contents of the data packet to be transmitted. Thereafter, the original data packet can be forwarded to its originally intended recipient.

Abstract: A method and system for implementing secure network communications between a first device and a second device, at least one of the devices communicating with the other device via a firewall device, are provided. The method and system may include obtaining an encryption parameter that is shared by the first device, second device and firewall device. A data packet sent by the first device may then be copied within the firewall device, so that decryption of the copy of the data packet within a portion of the firewall device may take place. In particular, the portion of the firewall device in which decryption takes place is defined such that contents of the portion are inaccessible to an operator of the firewall device. Thus, scanning of the decrypted copy of the data packet for compliance with a predetermined criterion may take place within the firewall device, without an operator of the firewall device having access to the contents of the data packet to be transmitted.

Abstract: Firewall system for interconnecting a first IP network (10) to a second IP network (16), these networks belonging to two different entities having each a different administration wherein any data packet transmitted/received by the first IP network is filtered by using a first firewall function and any data packet transmitted/received by the second IP network is filtered by using a second firewall function. The system comprises essentially a single firewall device (20) including filtering means (41, 43) performing both first firewall function and second firewall function, a console port (37) enabling the administrator in charge of each IP network to enter filtering rules for updating the associated firewall function and control means (39, 47, 49) interconnecting the console port and the filtering means for transmitting thereto the filtering rules so that each administrator may independently manage the system from the console port.

Abstract: A method and system for implementing secure communications between a plurality of devices are provided. The method and system generally include the provision of at least one common encryption parameter to each of the plurality of devices, as well as an identification of the plurality of devices to one another. This information can be maintained and shared by interaction of the plurality of devices with a designated server device. In this way, a secure, point-to-point connection between at least two of the plurality of devices can be established.

Abstract: Method of gaining secure access from a host (13) to Intranet resources provided by at least a content server (18) in a data transmission system wherein the host is connected to the content server through a gateway (17). Such a method consists in generating and sending at predetermined transmission instants from either the host or the gateway verification messages wherein each verification message contains a signature which depends upon the data exchanged between the host and the gateway since the preceding verification message, the host and the gateway also called peer devices having at their disposal same algorithm defining which of them sends a verification message at each of the predetermined instants.

Abstract: Data transmission system based upon the Internet protocol (IP) comprising a private transmission network (18) and a public transmission network or the like (16) interconnected by a network address translation device NAT (12) wherein at least a workstation WS (10) connected to said private transmission network has to establish a communication with a peer device (14) connected to the public transmission network, the local IP address of each data packet from the workstation WS being translated into a NAT address used to provide the route through the public transmission network. The system includes a registration server (19) connected to the public transmission network for registering the local IP address corresponding to the NAT address and providing the correspondence between the NAT address and the local IP address to the peer device in order for this one to replace in the IP header of each data packet received by the peer device, the NAT address by the local IP address.

Abstract: A method and system for implementing secure communications between a plurality of devices are provided. The method and system generally include the provision of at least one common encryption parameter to each of the plurality of devices, as well as an identification of the plurality of devices to one another. This information can be maintained and shared by interaction of the plurality of devices with a designated server device. In this way, a secure, point-to-point connection between at least two of the plurality of devices can be established.

Abstract: A method and system for implementing secure communications between a plurality of devices are provided. The method and system generally include the provision of at least one common encryption parameter to each of the plurality of devices, as well as an identification of the plurality of devices to one another. This information can be maintained and shared by interaction of the plurality of devices with a designated server device. In this way, a secure, point-to-point connection between at least two of the plurality of devices can be established.

Abstract: A method and system for implementing secure network communications between a first device and a second device, at least one of the devices communicating with the other device via a firewall device, are provided. The method and system may include obtaining an encryption parameter that is shared by the first device, second device and firewall device. A data packet sent by the first device may then be copied within the firewall device, so that decryption of the copy of the data packet within a portion of the firewall device may take place. In particular, the portion of the firewall device in which decryption takes place is defined such that contents of the portion are inaccessible to an operator of the firewall device. Thus, scanning of the decrypted copy of the data packet for compliance with a predetermined criterion may take place within the firewall device, without an operator of the firewall device having access to the contents of the data packet to be transmitted.

Abstract: A method and system for implementing secure network communications between a first device and a second device, at least one of the devices communicating with the other device via a firewall device, are provided. The method and system may include obtaining an encryption parameter that is shared by the first device, second device and firewall device. A data packet sent by the first device may then be copied within the firewall device, so that decryption of the copy of the data packet within a portion of the firewall device may take place. In particular, the portion of the firewall device in which decryption takes place is defined such that contents of the portion are inaccessible to an operator of the firewall device. Thus, scanning of the decrypted copy of the data packet for compliance with a predetermined criterion may take place within the firewall device, without an operator of the firewall device having access to the contents of the data packet to be transmitted.

Abstract: Firewall system for interconnecting a first IP network (10) to a second IP network (16), these networks belonging to two different entities having each a different administration wherein any data packet transmitted/received by the first IP network is filtered by using a first firewall function and any data packet transmitted/received by the second IP network is filtered by using a second firewall function. The system comprises essentially a single firewall device (20) including filtering means (41, 43) performing both first firewall function and second firewall function, a console port (37) enabling the administrator in charge of each IP network to enter filtering rules for updating the associated firewall function and control means (39, 47, 49) interconnecting the console port and the filtering means for transmitting thereto the filtering rules so that each administrator may independently manage the system from the console port.

Abstract: A method and system for implementing secure network communications between a first device and a second device, at least one of the devices communicating with the other device via a firewall device, are provided. The method and system may include obtaining an encryption parameter that is shared by the first device, second device and firewall device. A data packet sent by the first device may then be copied within the firewall device, so that decryption of the copy of the data packet within a portion of the firewall device may take place. In particular, the portion of the firewall device in which decryption takes place is defined such that contents of the portion are inaccessible to an operator of the firewall device. Thus. scanning of the decrypted copy of the data packet for compliance with a predetermined criterion may take place within the firewall device, without an operator of the firewall device having access to the contents of the data packet to be transmitted.

Abstract: Firewall system for interconnecting a first IP network (10) to a second IP network (16), these networks belonging to two different entities having each a different administration wherein any data packet transmitted/received by the first IP network is filtered by using a first firewall function and any data packet transmitted/received by the second IP network is filtered by using a second firewall function. The system comprises essentially a single firewall device (20) including filtering means (41, 43) performing both first firewall function and second firewall function, a console port (37) enabling the administrator in charge of each IP network to enter filtering rules for updating the associated firewall function and control means (39, 47, 49) interconnecting the console port and the filtering means for transmitting thereto the filtering rules so that each administrator may independently manage the system from the console port.

Abstract: Method of gaining secure access from a host (13) to Intranet resources provided by at least a content server (18) in a data transmission system wherein the host is connected to the content server through a gateway (17). Such a method consists in generating and sending at predetermined transmission instants from either the host or the gateway verification messages wherein each verification message contains a signature which depends upon the data exchanged between the host and the gateway since the preceding verification message, the host and the gateway also called peer devices having at their disposal same algorithm defining which of them sends a verification message at each of the predetermined instants.

Abstract: Method of gaining secure access from a host (13) to Intranet resources provided by at least a content server (18) in a data transmission system wherein the host is connected to the content server through a gateway (17). Such a method consists in generating and sending at predetermined transmission instants from either the host or the gateway verification messages wherein each verification message contains a signature which depends upon the data exchanged between the host and the gateway since the preceding verification message, the host and the gateway also called peer devices having at their disposal a same algorithm defining which of them sends a verification message at each of the predetermined instants.

Abstract: Firewall system for interconnecting a first IP network (10) to a second IP network (16), these networks belonging to two different entities having each a different administration wherein any data packet transmitted/received by the first IP network is filtered by using a first firewall function and any data packet transmitted/received by the second IP network is filtered by using a second firewall function. The system comprises essentially a single firewall device (20) including filtering means (41, 43) performing both first firewall function and second firewall function, a console port (37) enabling the administrator in charge of each IP network to enter filtering rules for updating the associated firewall function and control means (39, 47, 49) interconnecting the console port and the filtering means for transmitting thereto the filtering rules so that each administrator may independently manage the system from the console port.

Abstract: Firewall system for interconnecting a first IP network (10) to a second IP network (16), these networks belonging to two different entities having each a different administration wherein any data packet transmitted/received by the first IP network is filtered by using a first firewall function and any data packet transmitted/received by the second IP network is filtered by using a second firewall function. The system comprises essentially a single firewall device (20) including filtering means (41, 43) performing both first firewall function and second firewall function, a console port (37) enabling the administrator in charge of each IP network to enter filtering rules for updating the associated firewall function and control means (39, 47, 49) interconnecting the console port and the filtering means for transmitting thereto the filtering rules so that each administrator may independently manage the system from the console port.

Abstract: A method and system for implementing secure communications between a plurality of devices are provided. The method and system generally include the provision of at least one common encryption parameter to each of the plurality of devices, as well as an identification of the plurality of devices to one another. This information can be maintained and shared by interaction of the plurality of devices with a designated server device. In this way, a secure, point-to-point connection between at least two of the plurality of devices can be established.

Abstract: A method and system for implementing secure network communications between a first device and a second device, at least one of the devices communicating with the other device via a firewall device, are provided. The method and system may include obtaining an encryption parameter that is shared by the first device, second device and firewall device. A data packet sent by the first device may then be copied within the firewall device, so that decryption of the copy of the data packet within a portion of the firewall device may take place. In particular, the portion of the firewall device in which decryption takes place is defined such that contents of the portion are inaccessible to an operator of the firewall device. Thus, scanning of the decrypted copy of the data packet for compliance with a predetermined criterion may take place within the firewall device, without an operator of the firewall device having access to the contents of the data packet to be transmitted.

Abstract: A method and system for implementing secure communications between a plurality of devices are provided. The method and system generally include the provision of at least one common encryption parameter to each of the plurality of devices, as well as an identification of the plurality of devices to one another. This information can be maintained and shared by interaction of the plurality of devices with a designated server device. In this way, a secure, point-to-point connection between at least two of the plurality of devices can be established.