Abstract: The present invention includes a method, a system, and a computer readable medium for establishing a connection between hosts in a computer network with the connection configured for symmetrical forward and reverse routing. The method uses the following steps. First, a first host local routing table to route a packet from a first host to a first gateway according to a routing protocol. Next, the first gateway local routing table routes the packet from the first gateway to a first access router. After that, a first access router local routing table routes the packet from the first access router to a second access router. Then, a second access router local routing table routes the packet from the second access router to a second gateway. Finally, a second gateway local routing table routes the packet from the second gateway router to a second host.

Abstract: A method and apparatus for flow based load balancing are disclosed. For example, the present method receives at least one packet from a flow. If the flow has not being previously classified, then the flow is classified based on the characteristics of the flow. Once classified, the present method matches the flow to at least one matched path from a plurality of available paths in accordance with the characteristics of the flow and characteristics of the at least one matched path. Once matched, the present method forwards the packet from the flow to the at least one matched path for processing.

Abstract: Described is a system and method for receiving an electronic mail including an attachment file and separating the attachment file from the electronic mail. The attachment is then sent to a remote source and the attachment file is replaced with a substitute file including identifying data for retrieving the attachment file from the remote source. The electronic mail with the substitute file is then forwarded to a receiver.

Abstract: Firewall system for interconnecting a first IP network (10) to a second IP network (16), these networks belonging to two different entities having each a different administration wherein any data packet transmitted/received by the first IP network is filtered by using a first firewall function and any data packet transmitted/received by the second IP network is filtered by using a second firewall function. The system comprises essentially a single firewall device (20) including filtering means (41, 43) performing both first firewall function and second firewall function, a console port (37) enabling the administrator in charge of each IP network to enter filtering rules for updating the associated firewall function and control means (39, 47, 49) interconnecting the console port and the filtering means for transmitting thereto the filtering rules so that each administrator may independently manage the system from the console port.

Abstract: Provided are an ICMP proxy device, system and method of proxying. The ICMP proxy device includes a receive module, a protection determination module and a response module. The receive module is configured to receive a direct availability request addressed to a server from a host. The protection determination module is configured to determine whether the server is available. The response module configured to respond to the host with an availability response based the determination, such that the availability response is addressed from the server to the host.

Abstract: The present invention includes a method, a system, and a computer readable medium for establishing a connection between hosts in a computer network with the connection configured for symmetrical forward and reverse routing. The method uses the following steps. First, a first host local routing table to route a packet from a first host to a first gateway according to a routing protocol. Next, the first gateway local routing table routes the packet from the first gateway to a first access router. After that, a first access router local routing table routes the packet from the first access router to a second access router. Then, a second access router local routing table routes the packet from the second access router to a second gateway. Finally, a second gateway local routing table routes the packet from the second gateway router to a second host.

Abstract: Data transmission system based upon the Internet protocol (IP) comprising a private transmission network (18) and a public transmission network or the like (16) interconnected by a network address translation device NAT (12) wherein at least a workstation WS (10) connected to said private transmission network has to establish a communication with a peer device (14) connected to the public transmission network, the local IP address of each data packet from the workstation WS being translated into a NAT address used to provide the route through the public transmission network. The system includes a registration server (19) connected to the public transmission network for registering the local IP address corresponding to the NAT address and providing the correspondence between the NAT address and the local IP address to the peer device in order for this one to replace in the IP header of each data packet received by the peer device, the NAT address by the local IP address.

Abstract: Method of gaining secure access from a host (13) to Intranet resources provided by at least a content server (18) in a data transmission system wherein the host is connected to the content server through a gateway (17). Such a method consists in generating and sending at predetermined transmission instants from either the host or the gateway verification messages wherein each verification message contains a signature which depends upon the data exchanged between the host and the gateway since the preceding verification message, the host and the gateway also called peer devices having at their disposal same algorithm defining which of them sends a verification message at each of the predetermined instants.

Abstract: Firewall system for interconnecting a first IP network (10) to a second IP network (16), these networks belonging to two different entities having each a different administration wherein any data packet transmitted/received by the first IP network is filtered by using a first firewall function and any data packet transmitted/received by the second IP network is filtered by using a second firewall function. The system comprises essentially a single firewall device (20) including filtering means (41, 43) performing both first firewall function and second firewall function, a console port (37) enabling the administrator in charge of each IP network to enter filtering rules for updating the associated firewall function and control means (39, 47, 49) interconnecting the console port and the filtering means for transmitting thereto the filtering rules so that each administrator may independently manage the system from the console port.

Abstract: Firewall system for interconnecting a first IP network (10) to a second IP network (16), these networks belonging to two different entities having each a different administration wherein any data packet transmitted/received by the first IP network is filtered by using a first firewall function and any data packet transmitted/received by the second IP network is filtered by using a second firewall function. The system comprises essentially a single firewall device (20) including filtering means (41, 43) performing both first firewall function and second firewall function, a console port (37) enabling the administrator in charge of each IP network to enter filtering rules for updating the associated firewall function and control means (39, 47, 49) interconnecting the console port and the filtering means for transmitting thereto the filtering rules so that each administrator may independently manage the system from the console port.

Abstract: Method of gaining secure access from a host (13) to Intranet resources provided by at least a content server (18) in a data transmission system wherein the host is connected to the content server through a gateway (17). Such a method consists in generating and sending at predetermined transmission instants from either the host or the gateway verification messages wherein each verification message contains a signature which depends upon the data exchanged between the host and the gateway since the preceding verification message, the host and the gateway also called peer devices having at their disposal same algorithm defining which of them sends a verification message at each of the predetermined instants.

Abstract: A method and apparatus for flow based load balancing are disclosed. For example, the present method receives at least one packet from a flow. If the flow has not being previously classified, then the flow is classified based on the characteristics of the flow. Once classified, the present method matches the flow to at least one matched path from a plurality of available paths in accordance with the characteristics of the flow and characteristics of the at least one matched path. Once matched, the present method forwards the packet from the flow to the at least one matched path for processing.

Abstract: Method of gaining secure access from a host (13) to Intranet resources provided by at least a content server (18) in a data transmission system wherein the host is connected to the content server through a gateway (17). Such a method consists in generating and sending at predetermined transmission instants from either the host or the gateway verification messages wherein each verification message contains a signature which depends upon the data exchanged between the host and the gateway since the preceding verification message, the host and the gateway also called peer devices having at their disposal a same algorithm defining which of them sends a verification message at each of the predetermined instants.

Abstract: Firewall system for interconnecting a first IP network (10) to a second IP network (16), these networks belonging to two different entities having each a different administration wherein any data packet transmitted/received by the first IP network is filtered by using a first firewall function and any data packet transmitted/received by the second IP network is filtered by using a second firewall function. The system comprises essentially a single firewall device (20) including filtering means (41, 43) performing both first firewall function and second firewall function, a console port (37) enabling the administrator in charge of each IP network to enter filtering rules for updating the associated firewall function and control means (39, 47, 49) interconnecting the console port and the filtering means for transmitting thereto the filtering rules so that each administrator may independently manage the system from the console port.

Abstract: Firewall system for interconnecting a first IP network (10) to a second IP network (16), these networks belonging to two different entities having each a different administration wherein any data packet transmitted/received by the first IP network is filtered by using a first firewall function and any data packet transmitted/received by the second IP network is filtered by using a second firewall function. The system comprises essentially a single firewall device (20) including filtering means (41, 43) performing both first firewall function and second firewall function, a console port (37) enabling the administrator in charge of each IP network to enter filtering rules for updating the associated firewall function and control means (39, 47, 49) interconnecting the console port and the filtering means for transmitting thereto the filtering rules so that each administrator may independently manage the system from the console port.

Abstract: Method for performing the analysis of the characteristics of a data path from a first data processing device to a second data processing device through a network comprising at least an autonomous system consisting in defining a scenario file the scenario to be used, such a scenario including the actions to be used, building a parameter file defining the parameters to be used in the actions, running at least one analysis module based upon the actions of the scenario file and the parameters of the parameter file, the analysis module calling at least a predefined information requesting procedure, and storing in at least an output file the data resulting from the running of the analysis modules

Abstract: Data transmission system based upon the Internet protocol (IP) comprising a private transmission network (18) and a public transmission network or the like (16) interconnected by a network address translation device NAT (12) wherein at least a workstation WS (10) connected to said private transmission network has to establish a communication with a peer device (14) connected to the public transmission network, the local IP address of each data packet from the workstation WS being translated into a NAT address used to provide the route through the public transmission network. The system includes a registration server (19) connected to the public transmission network for registering the local IP address corresponding to the NAT address and providing the correspondence between the NAT address and the local IP address to the peer device in order for this one to replace in the IP header of each data packet received by the peer device, the NAT address by the local IP address.

Abstract: Method of gaining secure access from a host (13) to Intranet resources provided by at least a content server (18) in a data transmission system wherein the host is connected to the content server through a gateway (17). Such a method consists in generating and sending at predetermined transmission instants from either the host or the gateway verification messages wherein each verification message contains a signature which depends upon the data exchanged between the host and the gateway since the preceding verification message, the host and the gateway also called peer devices having at their disposal a same algorithm defining which of them sends a verification message at each of the predetermined instants.

Abstract: Firewall system for interconnecting a first IP network (10) to a second IP network (16), these networks belonging to two different entities having each a different administration wherein any data packet transmitted/received by the first IP network is filtered by using a first firewall function and any data packet transmitted/received by the second IP network is filtered by using a second firewall function. The system comprises essentially a single firewall device (20) including filtering means (41, 43) performing both first firewall function and second firewall function, a console port (37) enabling the administrator in charge of each IP network to enter filtering rules for updating the associated firewall function and control means (39, 47, 49) interconnecting the console port and the filtering means for transmitting thereto the filtering rules so that each administrator may independently manage the system from the console port.

Abstract: Data transmission system comprising a help desk workstation (100) provided with the Telnet client function and connected to a Wide Area Network WAN (115) and to the Public Switched Telephone Network PSTN (130), and a Telnet manageable device (120) not provided with a modem and to which the help desk workstation may gain access by using the Telnet protocol. The system comprises a data processing device (110) provided with the proxy function and being connected to the PSTN and to the Telnet manageable device by the intermediary of a Local Area Network LAN (125), the data processing device including proxy means for completing a first Telnet connection with the help desk workstation through the PSTN and for establishing a second Telnet connection with the Telnet manageable device upon receiving a request from the help desk workstation to gain the Telnet access to the Telnet manageable device.