CA2415357A1 - Audio-video telephony with firewalls and network address translation - Google Patents

Audio-video telephony with firewalls and network address translation Download PDF

Info

Publication number
CA2415357A1
CA2415357A1 CA002415357A CA2415357A CA2415357A1 CA 2415357 A1 CA2415357 A1 CA 2415357A1 CA 002415357 A CA002415357 A CA 002415357A CA 2415357 A CA2415357 A CA 2415357A CA 2415357 A1 CA2415357 A1 CA 2415357A1
Authority
CA
Canada
Prior art keywords
communication
terminal
proxy server
multimedia
ports
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CA002415357A
Other languages
French (fr)
Other versions
CA2415357C (en
Inventor
Stephen Michael Read
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Tandberg Telecom UK Ltd
Original Assignee
Ridgeway Systems And Software Limited
Stephen Michael Read
Tandberg Telecom Uk Limited
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ridgeway Systems And Software Limited, Stephen Michael Read, Tandberg Telecom Uk Limited filed Critical Ridgeway Systems And Software Limited
Publication of CA2415357A1 publication Critical patent/CA2415357A1/en
Application granted granted Critical
Publication of CA2415357C publication Critical patent/CA2415357C/en
Anticipated expiration legal-status Critical
Expired - Fee Related legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0281Proxies
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • H04L61/2514Translation of Internet protocol [IP] addresses between local and global IP addresses
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • H04L61/2517Translation of Internet protocol [IP] addresses using port numbers
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • H04L61/2521Translation architectures other than single NAT servers
    • H04L61/2535Multiple local networks, e.g. resolving potential IP address conflicts
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • H04L61/256NAT traversal
    • H04L61/2564NAT traversal for a higher-layer protocol, e.g. for session initiation protocol [SIP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • H04L61/256NAT traversal
    • H04L61/2567NAT traversal for reachability, e.g. inquiring the address of a correspondent behind a NAT server
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/029Firewall traversal, e.g. tunnelling or, creating pinholes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L65/00Network arrangements, protocols or services for supporting real-time applications in data packet communication
    • H04L65/10Architectures or entities
    • H04L65/102Gateways
    • H04L65/1023Media gateways
    • H04L65/103Media gateways in the network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L65/00Network arrangements, protocols or services for supporting real-time applications in data packet communication
    • H04L65/10Architectures or entities
    • H04L65/102Gateways
    • H04L65/1033Signalling gateways
    • H04L65/104Signalling gateways in the network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L65/00Network arrangements, protocols or services for supporting real-time applications in data packet communication
    • H04L65/10Architectures or entities
    • H04L65/102Gateways
    • H04L65/1043Gateway controllers, e.g. media gateway control protocol [MGCP] controllers
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L65/00Network arrangements, protocols or services for supporting real-time applications in data packet communication
    • H04L65/1066Session management
    • H04L65/1069Session establishment or de-establishment
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L65/00Network arrangements, protocols or services for supporting real-time applications in data packet communication
    • H04L65/1066Session management
    • H04L65/1101Session protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L65/00Network arrangements, protocols or services for supporting real-time applications in data packet communication
    • H04L65/1066Session management
    • H04L65/1101Session protocols
    • H04L65/1104Session initiation protocol [SIP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L65/00Network arrangements, protocols or services for supporting real-time applications in data packet communication
    • H04L65/1066Session management
    • H04L65/1101Session protocols
    • H04L65/1106Call signalling protocols; H.323 and related
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M7/00Arrangements for interconnection between switching centres
    • H04M7/006Networks other than PSTN/ISDN providing telephone service, e.g. Voice over Internet Protocol (VoIP), including next generation networks with a packet-switched transport layer
    • H04M7/0078Security; Fraud detection; Fraud prevention

Abstract

The present invention relates to a communications system (1) for making multimedia calls. The system comprises two multimedia terminals (10, 12) and communication means for making a multimedia call over a shared communications network (20), including a firewall (26) through which the multimedia call must pass, and which restricts certain types of communication. Each terminal (10, 12) has a number of logical communication ports for the multimedia call, including at least one dynamically assigned port. In the course of setting up the multimedia call, at least one of the terminals (10, 12) is adapted to send a request to the other of the terminals to open up one or more of the dynamic ports in the other terminal. The system includes a proxy server (40) between the terminals (10, 12) that acts for each terminal as a proxy for the other terminal during the course of the call. The proxy server (40) has logical communication ports for communication with the terminals including one or more pre-assigned ports. The firewall (26) is configured not to restrict communication between one or both terminals (10, 12) and the pre-assigned port(s) of the proxy server (40). The proxy server (40) is configured to receive and forward the request(s) to open up said dynamic port(s) via one of its pre-assigned ports.

Claims (19)

1. A communications system (1) for making a multimedia call, comprising, a first multimedia terminal (10), a second multimedia terminal (12), communication means for making a multimedia call over a shared communications network (20), said communication means including a first communication means and a second communication means associated respectively with the first multimedia terminal (10) and the second multimedia terminal (12), the first communication means including a first firewall (26) through which the multimedia call must pass, in which:
i) the first firewall (26) is configured to restrict certain types of communication between the first terminal (10) and the shared communications network (20);
ii) each terminal (10,12) has a number of logical communication ports (27,29) for transmitting and/or receiving the multimedia call, including at least one dynamically assigned port (31,35);
iii) in the course of setting up a multimedia call, at least one of the terminals (10,12) is adapted to send a request (62) to the other of the terminals to open up one or more of the dynamic ports (35) in the terminal receiving said request;
characterised in that:
iv) the system (1) includes a proxy server (40) between the first terminal (10) and the second terminal (12) that acts for each terminal (10,12) as a proxy for the other terminal during the course of a multimedia call;
v) the proxy server (40) has logical communication ports (33) for communication with the terminals (10,12) including one or more pre-assigned ports (41,55) for communication with the first terminal (10);
vi) the first firewall (26) is configured riot to restrict communication between the first terminal (10) and the pre-assigned ports) (41,55) of the proxy server (40); and vii) the proxy server (40) is configured to receive and forward (64) the requests) (62) to open up said dynamic port (s) (35) via one of its pre-assigned ports (41, 55).
2. A communication system (1) as claimed in Claim 1, in which:
viii) the second communication means includes a second firewall (28) through which the multimedia call must pass;
ix) the second firewall (28) is configured to restrict certain types of communication between the second terminal (12) and the shared communications network (20);
x) the proxy server (40) has logical communication ports (33) for communication with the terminals (10,12) including one or more pre-assigned ports (41,55) for communication with the second terminal (12); and xi) the second firewall (28) is configured not to restrict communication between the second terminal (12) and the pre-assigned ports) (41,55) of the proxy server (40).
3. A communication system (1) as claimed in Claim 1 or Claim 2, in which the number of pre-assigned ports (41,55) of the proxy server (40) is less than or equal to the total number of dynamically assigned ports (31,35) for the terminal (s) (10, 12).
4. A communication system (1) as claimed in Claim 3, in which the proxy server (40) has at least one pre-assigned port number.
5. A communication system (1) as claimed in Claim 4, in which the proxy server (40) has two pre-assigned port numbers.
6. A communication system (1) as claimed in any preceding claim, in which the terminals (10,12) are adapted to transmit and/or receive multimedia media signals together with associated multimedia control signals (59,60), the control signals being sent to one of the pre-assigned ports (41) and the media signals being sent to the other of the pre-assigned ports (55).
7. A communication system (1) as claimed in any preceding claim, in which at least one of the logical communications ports is a pre-assigned port, said request (62) being sent to the pre-assigned port (41) as an initial request to initiate communication over the communication link.
8. A communication system (1) as claimed in any preceding claim, in which the communication means is adapted for making a multimedia call at least in part via the internet, and the proxy server (40) has one or multiple public internet protocol address(es) by which the or each of the terminals (10,12) communicate with the proxy server (40), the firewall(s) (26,28) being configured not to restrict communication between the terminals) (10,12) and the internet protocol address(es) and pre-assigned logical port numbers (41,55) of the proxy server (40).
9. A communication system (1) as claimed in any preceding claim, in which there is a plurality of pairs of first terminals (10) and of second terminals (12).
10. A communication system (1) as claimed in any preceding claim, in which the system (1) is for making a multimedia call according to the H.323 standard of the International Telecommunications Union.
11. A communications system (1) as claimed in any preceding claim, in which the system (1) is for making a multimedia call according to the SIP standard of the Internet Engineering Task Force.
12. A communications system (1) as claimed in any preceding claim, in which the system (1) is for making a multimedia call according to the MGCP standard of the Internet Engineering Task Force.
13. A communications system (1) as claimed in any preceding claim, in which the system (1) is for making a multimedia call according to the H.248 standard of the ITU.
14. A communications system (1) as claimed in any preceding claim, in which the second terminal (12) is another proxy server (40) serving a remote community of terminals and endpoints.
15. A communications system (1) as claimed in any preceding claim, in which a third party deploys the proxy server (40) for the provision of communication services between enterprises.
16. A communications system (1) as claimed in any preceding claim, in which the first terminal's enterprise deploys the proxy server (40) for the provision of external communication service with other enterprises, service providers or its remote branches.
17. A communications system (1) as claimed in any preceding claim, in which the gatekeeper function is co-resident with the proxy server (40).
18. A communications system (1) as claimed in any of Clams 1 to 16, in which the gatekeeper function is a separate system from the proxy server (40).
19. A method of making a multimedia call using a communications system (1) that comprises a first multimedia terminal (10), a second multimedia terminal (12), communication means including a first communication means and a second communication means associated respectively with the first multimedia terminal (10) and the second multimedia terminal (12), wherein each terminal (10,12) has a number of logical communication ports (11,13) for transmitting and/or receiving the multimedia call, including at least one dynamically assigned port (31,35), and the first communication means includes a first firewall (26) configured to restrict certain types of communication between the first terminal (10) and the shared communications network (20), in which the method comprises the steps of:
a) setting up a multimedia call over a shared communications network (20) with the first communications means and the second communications means between the first multimedia terminal (10) and the second multimedia via the first firewall (26);
b) in the course of setting up a multimedia call, at least one of the terminals (10,12) sends a request (62) to the other of the terminals to open up one or more of the dynamic ports (35) in the terminal receiving said request;
characterised in that the method comprises the steps of:
c) including a proxy server (40) between the first terminal (10) and the second terminal (12) that acts for each terminal (10,12) as a proxy for the other terminal during the course of a multimedia call, the proxy server (40) having logical communication ports (33) for communication with the terminals (10,12) including one or more pre-assigned ports (41,55) for communication with the first terminal (10);
d) configuring the first firewall (26) not to restrict communication between the first terminal (10) and the pre-assigned ports) (41,55) of the proxy server (40); and e) configuring the proxy server (40) to receive and forward (64) the requests) (62) to open up said dynamic ports) (35) via one of its pre-assigned ports (41,55).
CA2415357A 2000-07-28 2001-07-24 Audio-video telephony with firewalls and network address translation Expired - Fee Related CA2415357C (en)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
GB0018547.0 2000-07-28
GB0018547A GB2365256A (en) 2000-07-28 2000-07-28 Audio-video telephony with port address translation
PCT/GB2001/003308 WO2002011400A1 (en) 2000-07-28 2001-07-24 Audio-video telephony with firewalls and network address translation

Publications (2)

Publication Number Publication Date
CA2415357A1 true CA2415357A1 (en) 2002-02-07
CA2415357C CA2415357C (en) 2011-08-30

Family

ID=9896517

Family Applications (1)

Application Number Title Priority Date Filing Date
CA2415357A Expired - Fee Related CA2415357C (en) 2000-07-28 2001-07-24 Audio-video telephony with firewalls and network address translation

Country Status (11)

Country Link
US (1) US8499344B2 (en)
EP (2) EP1515515A1 (en)
JP (1) JP3774191B2 (en)
CN (1) CN1198433C (en)
AT (1) ATE304773T1 (en)
AU (2) AU7569701A (en)
CA (1) CA2415357C (en)
DE (1) DE60113435T2 (en)
GB (1) GB2365256A (en)
HK (1) HK1051101A1 (en)
WO (1) WO2002011400A1 (en)

Families Citing this family (67)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FR2812991B1 (en) * 2000-08-08 2003-01-24 France Telecom TRANSLATION OF USER INSTALLATION TERMINAL IDENTIFIERS IN A PACKET NETWORK
US7003481B2 (en) 2000-08-25 2006-02-21 Flatrock Ii, Inc. Method and apparatus for providing network dependent application services
GB2369746A (en) 2000-11-30 2002-06-05 Ridgeway Systems & Software Lt Communications system with network address translation
US7050422B2 (en) * 2001-02-20 2006-05-23 Innomedia Pte, Ltd. System and method for providing real time connectionless communication of media data through a firewall
US7068655B2 (en) 2001-06-14 2006-06-27 Nortel Networks Limited Network address and/or port translation
US20030009561A1 (en) * 2001-06-14 2003-01-09 Sollee Patrick N. Providing telephony services to terminals behind a firewall and /or network address translator
US7684317B2 (en) 2001-06-14 2010-03-23 Nortel Networks Limited Protecting a network from unauthorized access
DE10147147A1 (en) * 2001-09-25 2003-04-24 Siemens Ag Method and device for implementing a firewall application for communication data
US7769865B1 (en) * 2001-10-16 2010-08-03 Sprint Communications Company L.P. Configuring computer network communications in response to detected firewalls
US7408928B2 (en) * 2001-12-21 2008-08-05 Nortel Networks Limited Methods and apparatus for setting up telephony connections between two address domains having overlapping address ranges
EP1476815B1 (en) * 2002-02-11 2014-10-15 Polycom, Inc. System and method for videoconferencing across a firewall
US7668306B2 (en) * 2002-03-08 2010-02-23 Intel Corporation Method and apparatus for connecting packet telephony calls between secure and non-secure networks
US20030177390A1 (en) * 2002-03-15 2003-09-18 Rakesh Radhakrishnan Securing applications based on application infrastructure security techniques
US20030221009A1 (en) * 2002-05-21 2003-11-27 Logitech Europe S.A. Dual mode peer-to-peer link establishment for instant message video
TW574805B (en) * 2002-07-25 2004-02-01 Leadtek Research Inc Network address translation system and method thereof
DE10245547B3 (en) * 2002-09-30 2004-05-13 Tenovis Gmbh & Co. Kg Method for establishing a VoIP telephone connection in a secure network and circuit arrangement
DE10321227A1 (en) * 2003-05-12 2004-12-09 Siemens Ag Process for data exchange between network elements
CN100440886C (en) * 2003-09-02 2008-12-03 华为技术有限公司 Method for realizing multimedia protocol passing through network address translation device
US7380011B2 (en) * 2003-10-01 2008-05-27 Santera Systems, Inc. Methods and systems for per-session network address translation (NAT) learning and firewall filtering in media gateway
US8661158B2 (en) 2003-12-10 2014-02-25 Aventail Llc Smart tunneling to resources in a network
US8590032B2 (en) * 2003-12-10 2013-11-19 Aventail Llc Rule-based routing to resources through a network
US7694127B2 (en) * 2003-12-11 2010-04-06 Tandberg Telecom As Communication systems for traversing firewalls and network address translation (NAT) installations
TWI245192B (en) * 2003-12-11 2005-12-11 Inst Information Industry Method, system and storage medium for passing through network address translation device
CN100359874C (en) * 2004-01-12 2008-01-02 华为技术有限公司 Method for obtaining private network address by multimedia business center of receiving side
US7580419B2 (en) * 2004-02-17 2009-08-25 Zyxel Communications Corp Network system integrated with SIP call server and SIP agent client
EP1613024A1 (en) * 2004-06-29 2006-01-04 Alcatel Alsthom Compagnie Generale D'electricite Method and call server for establishing a bidirectional peer-to-peer communication link
US7706401B2 (en) * 2004-08-13 2010-04-27 Verizon Business Global Llc Method and system for providing interdomain traversal in support of packetized voice transmissions
US8634537B2 (en) * 2004-08-16 2014-01-21 Aspect Software, Inc. Method of routing calls from a contact center
JP4480535B2 (en) * 2004-09-30 2010-06-16 株式会社アドイン研究所 Tunnel device, relay device, terminal device, call control system, IP telephone system, conference device, control method and program thereof
WO2006044820A2 (en) 2004-10-14 2006-04-27 Aventail Corporation Rule-based routing to resources through a network
US8149739B2 (en) 2004-10-15 2012-04-03 Lifesize Communications, Inc. Background call validation
US20060106929A1 (en) * 2004-10-15 2006-05-18 Kenoyer Michael L Network conference communications
US7545435B2 (en) 2004-10-15 2009-06-09 Lifesize Communications, Inc. Automatic backlight compensation and exposure control
CN100353721C (en) * 2004-10-20 2007-12-05 尚宏电子股份有限公司 Bidirectional signal transport unit capable of penetrating firewall
US7826602B1 (en) * 2004-10-22 2010-11-02 Juniper Networks, Inc. Enabling incoming VoIP calls behind a network firewall
FR2878346A1 (en) * 2004-11-22 2006-05-26 France Telecom METHOD AND SYSTEM FOR MEASURING THE USE OF AN APPLICATION
CN1783835A (en) * 2004-11-30 2006-06-07 西门子(中国)有限公司 Method for identifiying real time service in Internet network
US20060123473A1 (en) * 2004-12-07 2006-06-08 Cheng-Su Huang Two-way communication device capable of communicating through a firewall
JP4561983B2 (en) * 2005-01-13 2010-10-13 日本電気株式会社 Local content connection system, mobile terminal, local content connection method, and client program
US7526536B2 (en) 2005-04-12 2009-04-28 International Business Machines Corporation System and method for port assignment management across multiple nodes in a network environment
DE102005020924A1 (en) * 2005-05-04 2006-11-09 Siemens Ag Method and device for implementing Internet Protocol addresses within a communication network
AU2006333118B2 (en) * 2005-12-15 2011-06-09 Barclays Capital Inc System and method for secure remote desktop access
CN100384168C (en) * 2005-12-30 2008-04-23 四川长虹电器股份有限公司 Method for multimedium session transition NAT equipment of IL323 system
US8331263B2 (en) * 2006-01-23 2012-12-11 Microsoft Corporation Discovery of network nodes and routable addresses
US7710978B2 (en) * 2006-04-13 2010-05-04 Directpacket Research, Inc. System and method for traversing a firewall with multimedia communication
US8555371B1 (en) 2009-07-17 2013-10-08 Directpacket Research, Inc. Systems and methods for management of nodes across disparate networks
US8605730B2 (en) * 2006-04-13 2013-12-10 Directpacket Research, Inc. System and method for multimedia communication across disparate networks
US8560828B2 (en) * 2006-04-13 2013-10-15 Directpacket Research, Inc. System and method for a communication system
US7773588B2 (en) * 2006-04-13 2010-08-10 Directpacket Research, Inc. System and method for cross protocol communication
US8122492B2 (en) * 2006-04-21 2012-02-21 Microsoft Corporation Integration of social network information and network firewalls
US8079073B2 (en) * 2006-05-05 2011-12-13 Microsoft Corporation Distributed firewall implementation and control
US8176157B2 (en) * 2006-05-18 2012-05-08 Microsoft Corporation Exceptions grouping
US20080244723A1 (en) * 2007-03-27 2008-10-02 Microsoft Corporation Firewall Restriction Using Manifest
US9661267B2 (en) * 2007-09-20 2017-05-23 Lifesize, Inc. Videoconferencing system discovery
EP2394414B1 (en) * 2009-02-06 2018-10-17 XMedius Solutions Inc. Nat traversal using hole punching
US8305421B2 (en) * 2009-06-29 2012-11-06 Lifesize Communications, Inc. Automatic determination of a configuration for a conference
TW201125330A (en) * 2009-12-29 2011-07-16 Gemtek Technolog Co Ltd Network address transforming method, network address transformer and communication system for multimedia streaming.
CN101917409B (en) * 2010-07-23 2013-04-24 深圳粤和通科技有限公司 Multimedia stream transmission method and system
CN101909011B (en) * 2010-08-04 2013-01-23 华为数字技术(成都)有限公司 Message transmission method and system, client and proxy gateway
JP4802295B1 (en) * 2010-08-31 2011-10-26 株式会社スプリングソフト Network system and virtual private connection forming method
US9306903B2 (en) 2011-09-13 2016-04-05 Cable Television Laboratories, Inc. Deterministic mapping
CN102316119B (en) * 2011-10-12 2014-06-25 杭州华三通信技术有限公司 Security control method and equipment
US9014060B2 (en) 2012-06-21 2015-04-21 Level 3 Communications, Llc System and method for integrating VoIP client for audio conferencing
US8925045B2 (en) * 2012-12-28 2014-12-30 Futurewei Technologies, Inc. Electronic rendezvous-based two stage access control for private networks
US10834138B2 (en) 2018-08-13 2020-11-10 Akamai Technologies, Inc. Device discovery for cloud-based network security gateways
US10958624B2 (en) * 2018-12-06 2021-03-23 Akamai Technologies, Inc. Proxy auto-configuration for directing client traffic to a cloud proxy with cloud-based unique identifier assignment
CN112969046A (en) * 2021-02-05 2021-06-15 招联消费金融有限公司 Video surface signing system and method based on intranet agent

Family Cites Families (68)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5301320A (en) 1991-06-28 1994-04-05 Digital Equipment Corporation Workflow management and control system
EP0615198A1 (en) 1993-03-08 1994-09-14 International Business Machines Corporation Method for processing, handling, and presenting data pertaining to an enterprise in the form of a data model
US5781550A (en) 1996-02-02 1998-07-14 Digital Equipment Corporation Transparent and secure network gateway
CN1216657A (en) 1996-04-24 1999-05-12 北方电讯有限公司 Internet protocol filter
US6138162A (en) * 1997-02-11 2000-10-24 Pointcast, Inc. Method and apparatus for configuring a client to redirect requests to a caching proxy server based on a category ID with the request
US6104716A (en) * 1997-03-28 2000-08-15 International Business Machines Corporation Method and apparatus for lightweight secure communication tunneling over the internet
US6473406B1 (en) 1997-07-31 2002-10-29 Cisco Technology, Inc. Method and apparatus for transparently proxying a connection
US6377993B1 (en) 1997-09-26 2002-04-23 Mci Worldcom, Inc. Integrated proxy interface for web based data management reports
US6058431A (en) * 1998-04-23 2000-05-02 Lucent Technologies Remote Access Business Unit System and method for network address translation as an external service in the access server of a service provider
US6449260B1 (en) * 1998-05-01 2002-09-10 Siemens Information And Communication Networks, Inc. Multimedia automatic call distribution system
GB9814412D0 (en) * 1998-07-03 1998-09-02 Northern Telecom Ltd Communications method and apparatus
US6360265B1 (en) 1998-07-08 2002-03-19 Lucent Technologies Inc. Arrangement of delivering internet protocol datagrams for multimedia services to the same server
US6401128B1 (en) 1998-08-07 2002-06-04 Brocade Communiations Systems, Inc. System and method for sending and receiving frames between a public device and a private device
US6438597B1 (en) 1998-08-17 2002-08-20 Hewlett-Packard Company Method and system for managing accesses to a data service system that supports persistent connections
US6470020B1 (en) * 1998-11-03 2002-10-22 Nortel Networks Limited Integration of stimulus signalling protocol communication systems and message protocol communication systems
US6449251B1 (en) * 1999-04-02 2002-09-10 Nortel Networks Limited Packet mapper for dynamic data packet prioritization
US6925076B1 (en) * 1999-04-13 2005-08-02 3Com Corporation Method and apparatus for providing a virtual distributed gatekeeper in an H.323 system
US6885658B1 (en) * 1999-06-07 2005-04-26 Nortel Networks Limited Method and apparatus for interworking between internet protocol (IP) telephony protocols
AU5750299A (en) * 1999-08-24 2001-03-19 Leighton Hanna King On-demand connection system for internet services
GB9920834D0 (en) * 1999-09-04 1999-11-10 Hewlett Packard Co Providing secure access through network firewalls
US7120692B2 (en) 1999-12-02 2006-10-10 Senvid, Inc. Access and control system for network-enabled devices
US7069432B1 (en) * 2000-01-04 2006-06-27 Cisco Technology, Inc. System and method for providing security in a telecommunication network
US6757732B1 (en) * 2000-03-16 2004-06-29 Nortel Networks Limited Text-based communications over a data network
US6631417B1 (en) 2000-03-29 2003-10-07 Iona Technologies Plc Methods and apparatus for securing access to a computer
US7814208B2 (en) 2000-04-11 2010-10-12 Science Applications International Corporation System and method for projecting content beyond firewalls
US6631416B2 (en) 2000-04-12 2003-10-07 Openreach Inc. Methods and systems for enabling a tunnel between two computers on a network
US6996628B2 (en) 2000-04-12 2006-02-07 Corente, Inc. Methods and systems for managing virtual addresses for virtual networks
US20020042832A1 (en) 2000-08-14 2002-04-11 Fallentine Mark D. System and method for interoperability of H.323 video conferences with network address translation
US20020101859A1 (en) * 2000-09-12 2002-08-01 Maclean Ian B. Communicating between nodes in different wireless networks
US7620719B2 (en) 2002-06-06 2009-11-17 Juniper Networks, Inc. Method and system for providing secure access to private networks
GB2369746A (en) 2000-11-30 2002-06-05 Ridgeway Systems & Software Lt Communications system with network address translation
KR100360274B1 (en) 2000-12-30 2002-11-09 엘지전자 주식회사 Method for supporting general ip telephone system in nat based private network
US7155518B2 (en) 2001-01-08 2006-12-26 Interactive People Unplugged Ab Extranet workgroup formation across multiple mobile virtual private networks
US7631349B2 (en) 2001-01-11 2009-12-08 Digi International Inc. Method and apparatus for firewall traversal
AU2002234258A1 (en) 2001-01-22 2002-07-30 Sun Microsystems, Inc. Peer-to-peer network computing platform
US6928082B2 (en) 2001-03-28 2005-08-09 Innomedia Pte Ltd System and method for determining a connectionless communication path for communicating audio data through an address and port translation device
WO2002082763A2 (en) 2001-02-20 2002-10-17 Innomedia Pte Ltd. System and method for establishing channels for a real time media streaming communication
US6993012B2 (en) 2001-02-20 2006-01-31 Innomedia Pte, Ltd Method for communicating audio data in a packet switched network
US7050422B2 (en) 2001-02-20 2006-05-23 Innomedia Pte, Ltd. System and method for providing real time connectionless communication of media data through a firewall
US20020138627A1 (en) 2001-03-26 2002-09-26 Frantzen Michael T. Apparatus and method for managing persistent network connections
US8363647B2 (en) 2001-04-03 2013-01-29 Voxpath Networks, Inc. System and method for configuring an IP telephony device
US7068647B2 (en) 2001-04-03 2006-06-27 Voxpath Networks, Inc. System and method for routing IP packets
US7272650B2 (en) 2001-04-17 2007-09-18 Intel Corporation Communication protocols operable through network address translation (NAT) type devices
US20030009561A1 (en) 2001-06-14 2003-01-09 Sollee Patrick N. Providing telephony services to terminals behind a firewall and /or network address translator
US20030033418A1 (en) 2001-07-19 2003-02-13 Young Bruce Fitzgerald Method of implementing and configuring an MGCP application layer gateway
AU2002323364A1 (en) 2001-08-24 2003-03-10 Peribit Networks, Inc. Dynamic multi-point meshed overlay network
US7321925B2 (en) 2001-09-18 2008-01-22 Intel Corporation Load balancing and fault tolerance for server-based software applications
US7302700B2 (en) 2001-09-28 2007-11-27 Juniper Networks, Inc. Method and apparatus for implementing a layer 3/layer 7 firewall in an L2 device
US7274684B2 (en) 2001-10-10 2007-09-25 Bruce Fitzgerald Young Method and system for implementing and managing a multimedia access network device
US20030084162A1 (en) 2001-10-31 2003-05-01 Johnson Bruce L. Managing peer-to-peer access to a device behind a firewall
US7370353B2 (en) * 2001-11-05 2008-05-06 Cisco Technology, Inc. System and method for managing dynamic network sessions
US7379465B2 (en) 2001-12-07 2008-05-27 Nortel Networks Limited Tunneling scheme optimized for use in virtual private networks
US7013342B2 (en) 2001-12-10 2006-03-14 Packeteer, Inc. Dynamic tunnel probing in a communications network
US7227864B2 (en) 2001-12-17 2007-06-05 Microsoft Corporation Methods and systems for establishing communications through firewalls and network address translators
US7257630B2 (en) 2002-01-15 2007-08-14 Mcafee, Inc. System and method for network vulnerability detection and reporting
US7152105B2 (en) 2002-01-15 2006-12-19 Mcafee, Inc. System and method for network vulnerability detection and reporting
US7664845B2 (en) 2002-01-15 2010-02-16 Mcafee, Inc. System and method for network vulnerability detection and reporting
US20030140142A1 (en) 2002-01-18 2003-07-24 David Marples Initiating connections through firewalls and network address translators
US7133368B2 (en) 2002-02-01 2006-11-07 Microsoft Corporation Peer-to-peer method of quality of service (QoS) probing and analysis and infrastructure employing same
US20030154306A1 (en) 2002-02-11 2003-08-14 Perry Stephen Hastings System and method to proxy inbound connections to privately addressed hosts
AU2003226128A1 (en) 2002-03-27 2003-10-13 First Virtual Communications System and method for traversing firewalls with protocol communications
US7243141B2 (en) 2002-05-13 2007-07-10 Sony Computer Entertainment America, Inc. Network configuration evaluation
US7676579B2 (en) 2002-05-13 2010-03-09 Sony Computer Entertainment America Inc. Peer to peer network communication
US6674758B2 (en) 2002-06-06 2004-01-06 Clinton Watson Mechanism for implementing voice over IP telephony behind network firewalls
US7143188B2 (en) 2002-06-13 2006-11-28 Nvidia Corporation Method and apparatus for network address translation integration with internet protocol security
US20030233471A1 (en) 2002-06-17 2003-12-18 Julian Mitchell Establishing a call in a packet-based communications network
US7277963B2 (en) 2002-06-26 2007-10-02 Sandvine Incorporated TCP proxy providing application layer modifications
US7694127B2 (en) 2003-12-11 2010-04-06 Tandberg Telecom As Communication systems for traversing firewalls and network address translation (NAT) installations

Also Published As

Publication number Publication date
CA2415357C (en) 2011-08-30
AU2001275697B2 (en) 2006-11-23
GB0018547D0 (en) 2000-09-13
GB2365256A (en) 2002-02-13
US8499344B2 (en) 2013-07-30
DE60113435T2 (en) 2006-06-22
DE60113435D1 (en) 2005-10-20
EP1305927B1 (en) 2005-09-14
ATE304773T1 (en) 2005-09-15
HK1051101A1 (en) 2003-07-18
WO2002011400A1 (en) 2002-02-07
CN1444815A (en) 2003-09-24
CN1198433C (en) 2005-04-20
EP1305927A1 (en) 2003-05-02
US20040037268A1 (en) 2004-02-26
EP1515515A1 (en) 2005-03-16
AU7569701A (en) 2002-02-13
JP3774191B2 (en) 2006-05-10
JP2004505552A (en) 2004-02-19

Similar Documents

Publication Publication Date Title
CA2415357A1 (en) Audio-video telephony with firewalls and network address translation
US7092493B2 (en) Methods and systems for providing lawful intercept of a media stream in a media gateway
US6876633B2 (en) Apparatus and method for computer telephone integration in packet switched telephone networks
US7154863B2 (en) Apparatus and method for computer telephone integration in packet switched telephone networks
EP1145521B1 (en) SYSTEM AND METHOD FOR ENABLING SECURE CONNECTIONS FOR H.323 VoIP CALLS
EP1143683A2 (en) An SIP-H.323 gateway implementation to integrate SIP agents into a H.323 system
CA2531724A1 (en) In-band call association signaling for a single number destination
WO2004008729A2 (en) Combined user agent for pstn and data communications
WO2008080225A1 (en) Method and system for network address translation (nat) traversal of real time protocol (rtp) media
KR101606142B1 (en) Apparatus and method for supporting nat traversal in voice over internet protocol system
US20040133772A1 (en) Firewall apparatus and method for voice over internet protocol
US20070041357A1 (en) Interworking of hybrid protocol multimedia networks
KR100279641B1 (en) Signal exchange apparatus and method
AU2537300A (en) Security in telecommunications network gateways
CN1559133B (en) Network gateway device and communications system for real item communication connections
US20070189490A1 (en) Data redirection system and method using Internet protocol private branch exchange
US20070192844A1 (en) Network security system and the method thereof
US7865621B1 (en) Open settlement protocol bridge for multi-network voice connections
Cisco Enhancements to the Session Initiation Protocol for VoIP on Cisco Access Platforms
Cisco Session Initiation Protocol (SIP) for VoIP
KR100876238B1 (en) Access Gateway System for Multimedia Service
US20050021820A1 (en) Controlling the traffic of a communications network using a cluster of traffic flow controllers with a common registration database
JP2003274041A (en) Call control system

Legal Events

Date Code Title Description
EEER Examination request
MKLA Lapsed

Effective date: 20180724