WO1999007094A2 - Shared high speed network access - Google Patents
Shared high speed network access Download PDFInfo
- Publication number
- WO1999007094A2 WO1999007094A2 PCT/US1998/016104 US9816104W WO9907094A2 WO 1999007094 A2 WO1999007094 A2 WO 1999007094A2 US 9816104 W US9816104 W US 9816104W WO 9907094 A2 WO9907094 A2 WO 9907094A2
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- computers
- area network
- wide area
- virtual lan
- lan switch
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/46—Interconnection of networks
- H04L12/4641—Virtual LANs, VLANs, e.g. virtual private networks [VPN]
Definitions
- the present invention relates generally to data communications and more particularly to a system for providing a plurality of computers with shared high speed access to a wide area network, such as the Internet.
- wide area networks for facilitating the interconnection of computers over large distances are well known.
- the term wide area network is defined tc include any network of widely spaced computers.
- a wide area network may extend between buildings, among cities, or even globally.
- a wide area network facilitates the transfer of files, e-mail, etc., between the computers of which it is comprised.
- Such computers also freguently define local area networks wherein the computers are typically much closer to one another.
- local area networks facilitate the easy transfer of files, e-mail, etc. between the computers, defining the local area network. It is frequently desirable to facilitate access of such computers (whether they are part of a local area network or not) to a wide area network, typically so as to provide access to remote servers and/or to other computers. For example, it is frequently desirable to facilitate the communication of files, e-mail, etc. between the computers which define a local area network for one division of a company located in one state to the computers which define another network for a different division of a company located in another state.
- the interconnection of the two remotely located local area networks thus defines a wide area network. interconnection of the two remotely located local area , networks thus defines a wide area network.
- communications among the computers of local area networks typically occur at comparatively high data rates, e.g., 10M bits/sec. or 100M bits/sec, communications between computers via a wide area network are typically at much slower data rates.
- Providing high speed access to wide area networks, such as the Internet, for computers facilitates the performance of substantially more rapid file transfers and the use of interactive graphics applications, such as those commonly encountered on the World Wide Web.
- the use of frames and Java applications on the Internet has increased the desirability of high speed connections to the Internet.
- a high speed connection such as a Tl line is commonly utilized.
- a Tl line provides data rates of up to 1.5 Mbps (bits per second, in millions).
- Tl lines typically comprise a twisted pair of copper wires which is interfaced to the computer or local area network via a router and/or a hub.
- a Tl line may alternatively comprise a co-axial cable and/or a fiber optic cable.
- the interconnection of a plurality of computers to a hub so as to provide high speed access to a wide area network via a router inherently facilitates intercommunication between the computers of the local area network. Although this may, in many instances, be desirable, in many instances such intercommunication may be highly undesirable.
- the plurality of computers are the home computers of a plurality of different residents of an apartment building, it may be very desirable to prevent access to each computer by any other computer.
- each computer owner will want to prevent access to his own computer by others, i.e., his neighbors, so as to safeguard sensitive information stored thereon.
- the residents of one apartment would not typically want the residents of other apartments to have access to their financial records, personal correspondence, etc.
- Such high speed access to the wide area network will preferably comprise hardware for segregating or isolating selected computers from one another, so as to prevent the unauthorized access of information stored thereon.
- the provision of such comparatively secure high speed access of computers to wide area networks such as the Internet would facilitate the connection of computers in condominium complexes, apartments, neighborhoods, schools, etc., wherein it is desirable to prevent unauthorized access of the computers by another user who is likewise connected to the local area network.
- the present invention specifically addresses and alleviates the above mentioned deficiencies associated with the prior art. More particularly, the present invention comprises a system for providing a plurality of computers with shared high speed access to a wide area network such as the Internet.
- the system comprises a router, a bridge, or a switch having at least one WAN (Wide Area Network) port in communication with the wide area network for routing messages communicated over the - wide area network, and also comprises a virtual LAN switch in communication with the router.
- the virtual LAN switch facilitates communication with a plurality of computers such that each computer is provided with high speed access to the wide area network via the virtual LAN switch.
- the virtual LAN defines at least one local area network comprising a plurality of computers.
- the virtual LAN switch isolates all of the computers from one another such that the isolated computers do not define a local area network among themselves.
- the virtual LAN switch isolates those computers from one another for which intercommunications therebetween is not desired and does not isolate those computers from one another for which it is desired to define a local area network therebetween.
- various combinations of isolated computers and intercommunicating computers are possible.
- the use of a virtual LAN switch thus facilitates the easy definition of networks and secure stand-alone computers connected thereto.
- at least two of the isolated computers in communication with the virtual LAN switch are secure with respect to one another such that they do not define a local area network among themselves.
- different local area networks are secure with respect to one another.
- computers define a local area network or a wide area network, then those computers are not isolated from one another. Thus, a user on one network, cannot easily gain unauthorized access to a computer on another network.
- the virtual LAN switch provides enhanced security by utilizing hardware to isolate the computers and/or local -- area networks attached thereto from one another.
- the use of hardware to isolate the computers and/or networks attached to the virtual LAN switch from another makes unauthorized access to the computers connected to the virtual LAN switch substantially more difficult to achieve .
- the virtual LAN switch and the computers preferably communicate with one another and with the relative via TCP/IP.
- TCP/IP is the communications protocol utilized by the Internet and is the communications protocol generally preferred for use with local area networks which are in communication with the Internet.
- at least one hub is in communication with the virtual LAN switch.
- Each hub in communication with the virtual LAN switch is also in communication with a plurality of computers and thus defines a local area network with respect to those computers with which it is in communication.
- the router or bridge is preferably configured for TCP/IP communications protocol, and thus readily facilitates communications between the computers and the Internet.
- the router is configured to facilitate communications with the wide area network via at least one Tl line.
- the router is preferably configured to facilitate communication with the wide area network via a plurality of Tl lines such that communications bandwidth to the router may be increased, as desired, by adding additional Tl lines thereto.
- the router may alternatively be configured to facilitate communications with the wide area network via other high speed means, e.g., T3, fiber optics, microwave etc.
- high speed -- shared access is provided for both local area networks and wide area networks.
- Figure 1 is a block diagram showing shared high speed access to a wide area network for a plurality of computers utilizing a hub according to contemporary methodology
- Figure 2 is a block diagram showing shared high speed access to the wide area network for a plurality of computers utilizing a virtual LAN switch according to the present invention.
- FIG. 1 shows a contemporary system for providing a plurality of ' computers with shared high speed access to a wide area network wherein the security of each computer is comparatively easy to compromise.
- shared high speed access is provided for a plurality of computers 14a-14e so as to facilitate communication with servers and/or other computers via a wide area network, such as the Internet.
- a Tl 10 or other high speed data line is provided to a router 11 so as to place the router in communication with the wide area network.
- the router 11 routes signals to and from the wide area network according to well known principles. Examples of routers are Model Number 2514 manufactured by Cisco
- An example of a router/bridge is the Cabletronic CSK 400.
- a hub 12 for defining a local area network 13 is in communication with the router.
- hubs include the EN 100 Ethernet Hub manufactured by Net Gear of Westfield, New Jersey and the DEH 1438 manufactured by Addtron of San Jose, California.
- the plurality of individual computers 14a-14e are in communication with the hub 12 so as to define the local area network 13, according to well known principles.
- software control is relied upon in such networks so as to provide security.
- security is typically provided by designating those computers of the local area network 13 as being within a common user group, such that communications therebetween is facilitated. Communications between computers of different user groups is not permitted. Thus, the user of a computer in one user group can not access files stored upon a computer of another user group.
- two of the computers, 14a and 14b may -- be designated as a single user group, such that file transfer, e-mail, etc., is facilitated therebetween while computers 14c-14e may be designated as a second user group such that file transfer, e-mail, etc., is likewise facilitated therebetween.
- the network may be set up such that file transfer, e-mail, or other functions are not permitted between user groups, e.g., such that computers 14a and 14b can not communicate with computers 14c, 14b, and 14e.
- such software security is comparatively easy to compromise.
- router 111 receives at least one high speed data line, preferably a Tl line 110 from the wide area network.
- One or more additional lines 110a may be connected to the router 111, so as to enhance the communications bandwidth thereof, as desired.
- Examples of a virtual LAN switch include the Pizza Switch manufactured by Xylan and the Smartswitch 2200 manufactured by Cabletronic.
- At least one Tl 110 provides high speed, e.g., 1.5Mbps, access to a wide area network.
- the Tl lines 110, 110a provide such communication to a router 111 which is in communication with virtual LAN switch 115.
- Either computers 114a-114c or hubs 112a, 112b may be electrically connected to the virtual LAN switch 115.
- the virtual LAN switch 115a may be configured such that the computers 114a-114c operate strictly as stand alone devices and do not define a local area network. Thus, no communications between any two of the stand-alone computers 114a-114c is facilitated.
- such - configuration of the virtual LAN switch 115 provides enhanced security since the isolation of each individual computer 114a-114c is controlled by the virtual LAN switch 115a, rather than by networking software which may more easily be compromised.
- High speed access is preferred so as to facilitate the use of applications such as databases over the Internet, wherein the speed of the network communication substantially affects for the performance of the application.
- the virtual LAN switch 115 may be configured such that any desired ones of the computers 114a-114c define a local area network.
- the virtual LAN switch 115 may be configured such that the computers 114a and 114b define a local area network and the computer 114c remains a stand-alone computer separate and apart from the network defined by the computers 114a and 114b, for example. In this instance, computers 114a and 114b may communicate with one another but not with the computers 114c.
- the wide area network 119 may either be isolated from the computers to which the virtual Ian switch 115 is connected, or may define a network with selected ones thereof.
- each hub 112a and 112b and the computers 116a-116c and 118a, 118b connected to their respective hubs 112a, 112b define local area networks 113a and 113b.
- computers 116a-116c may communicate v/ith one another, but not with computers 118a, 118b; while computers 118a, 118b may communicate with one another, but not with computers 116a-116c.
- the virtual LAN switch 115 defines which of the devices, i.e., computers or hubs, attached thereto may communicate with one another.
- the virtual LAN switch 115 may be configured such that a given computer, such as computer -- 114a, for example, may define a local area network along with hub 112a, for example, and the computers 116a-116c in communication therewith.
- a given computer such as computer -- 114a, for example
- hub 112a for example
- any combination of devices attached to the virtual LAN switch 115a may be configured so as to define a LAN, as desired.
- each hub 112a, 112b may be in communication with the number of computers for which that hub is designed.
- additional hubs may be connected to each hub so as to facilitate the interconnection of a larger number of computers so as to define a local area network.
- the virtual LAN switch 115 may be directly connected to computers, only hubs, or to any desired connection of the two so as to define the desired network configuration. It is understood that the exemplary system for providing a plurality of computers with shared high speed access to a wide area network, described herein and shown in the drawings represents only a presently preferred embodiment of the invention. Indeed, various modifications and additions may be made to such embodiment without departing from the spirit and scope of invention. For example, various other devices, such as repeaters, concentrators printer sharing devices, gateways, domain name servers, etc. may be utilized, as desired, without departing from the spirit and scope of the invention. Thus, these and other modifications and additions may be obvious to those skilled in the art and may be implemented to adapt the present invention for use in a variety of different applications.
Abstract
Description
Claims
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
AU87652/98A AU8765298A (en) | 1997-07-31 | 1998-07-31 | Shared high speed network access |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US90407897A | 1997-07-31 | 1997-07-31 | |
US08/904,078 | 1997-07-31 |
Publications (2)
Publication Number | Publication Date |
---|---|
WO1999007094A2 true WO1999007094A2 (en) | 1999-02-11 |
WO1999007094A3 WO1999007094A3 (en) | 1999-04-08 |
Family
ID=25418504
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/US1998/016104 WO1999007094A2 (en) | 1997-07-31 | 1998-07-31 | Shared high speed network access |
Country Status (2)
Country | Link |
---|---|
AU (1) | AU8765298A (en) |
WO (1) | WO1999007094A2 (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7560439B2 (en) | 2000-02-17 | 2009-07-14 | Sigma-Tau Industrie Farmaceutiche Riunite S.P.A. | Method for increasing the gene expression of transfected genes |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4823338A (en) * | 1987-08-03 | 1989-04-18 | American Telephone And Telegraph Company | Virtual local area network |
US5394402A (en) * | 1993-06-17 | 1995-02-28 | Ascom Timeplex Trading Ag | Hub for segmented virtual local area network with shared media access |
US5572528A (en) * | 1995-03-20 | 1996-11-05 | Novell, Inc. | Mobile networking method and apparatus |
US5684800A (en) * | 1995-11-15 | 1997-11-04 | Cabletron Systems, Inc. | Method for establishing restricted broadcast groups in a switched network |
US5734865A (en) * | 1995-06-07 | 1998-03-31 | Bull Hn Information Systems Inc. | Virtual local area network well-known port routing mechanism for mult--emulators in an open system environment |
-
1998
- 1998-07-31 AU AU87652/98A patent/AU8765298A/en not_active Abandoned
- 1998-07-31 WO PCT/US1998/016104 patent/WO1999007094A2/en active Application Filing
Patent Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4823338A (en) * | 1987-08-03 | 1989-04-18 | American Telephone And Telegraph Company | Virtual local area network |
US4823338B1 (en) * | 1987-08-03 | 1998-11-10 | At & T Information Systems Inc | Virtual local area network |
US5394402A (en) * | 1993-06-17 | 1995-02-28 | Ascom Timeplex Trading Ag | Hub for segmented virtual local area network with shared media access |
US5572528A (en) * | 1995-03-20 | 1996-11-05 | Novell, Inc. | Mobile networking method and apparatus |
US5734865A (en) * | 1995-06-07 | 1998-03-31 | Bull Hn Information Systems Inc. | Virtual local area network well-known port routing mechanism for mult--emulators in an open system environment |
US5684800A (en) * | 1995-11-15 | 1997-11-04 | Cabletron Systems, Inc. | Method for establishing restricted broadcast groups in a switched network |
US5825772A (en) * | 1995-11-15 | 1998-10-20 | Cabletron Systems, Inc. | Distributed connection-oriented services for switched communications networks |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7560439B2 (en) | 2000-02-17 | 2009-07-14 | Sigma-Tau Industrie Farmaceutiche Riunite S.P.A. | Method for increasing the gene expression of transfected genes |
Also Published As
Publication number | Publication date |
---|---|
WO1999007094A3 (en) | 1999-04-08 |
AU8765298A (en) | 1999-02-22 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US6934754B2 (en) | Methods and apparatus for processing network data transmissions | |
US7450595B1 (en) | Method and system for managing multiple networks over a set of ports | |
US20020107961A1 (en) | Secure internet communication system | |
CA2339637A1 (en) | Multi-level security network system | |
JP2002538663A (en) | Method and apparatus for providing high-speed connectivity to a hotel environment | |
Chirillo | Hack attacks revealed: A complete reference with custom security hacking toolkit | |
CN108900549A (en) | A kind of safe block chain networking technology | |
JP2001274844A (en) | Soho system | |
WO1999007094A2 (en) | Shared high speed network access | |
CN105847257A (en) | Clustered computer network system and method for resource distribution and configuration | |
US7703124B2 (en) | System and method for implementing a private virtual backbone on a common network infrastructure | |
Cisco | LAN Switching | |
Cisco | LAN Switching | |
Cisco | LAT Configuration and Management | |
Cisco | LAT Configuration Commands | |
Cisco | LAT Configuration Commands | |
Shuizhen | Planning, designing and building large-scale network at campus | |
KR100482300B1 (en) | Internet service providing system for many small subscribers through LAN and method for providing internet service, using the system | |
CN220605929U (en) | Novel network system | |
US7969966B2 (en) | System and method for port mapping in a communications network switch | |
KR20020073855A (en) | Dual ip switch hub and network system using the same | |
JP4021508B2 (en) | Computer network structure | |
McCarty | Automatic test equipment (ATE) on a network (securing access to equipment and data) | |
Kelley | GLOBAL NETWORK SYSTEM | |
JPH11284660A (en) | Sectioned building equipped with connection terminal for information equipment |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AK | Designated states |
Kind code of ref document: A2 Designated state(s): AL AM AT AU AZ BA BB BG BR BY CA CH CN CU CZ DE DK EE ES FI GB GE GH GM HU ID IL IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MD MG MK MN MW MX NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT UA UG UZ VN YU ZW |
|
AL | Designated countries for regional patents |
Kind code of ref document: A2 Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG |
|
AK | Designated states |
Kind code of ref document: A3 Designated state(s): AL AM AT AU AZ BA BB BG BR BY CA CH CN CU CZ DE DK EE ES FI GB GE GH GM HU ID IL IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MD MG MK MN MW MX NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT UA UG UZ VN YU ZW |
|
AL | Designated countries for regional patents |
Kind code of ref document: A3 Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
REG | Reference to national code |
Ref country code: DE Ref legal event code: 8642 |
|
NENP | Non-entry into the national phase in: |
Ref country code: JP Ref document number: 1999511338 Format of ref document f/p: F |
|
NENP | Non-entry into the national phase in: |
Ref country code: CA |
|
122 | Ep: pct application non-entry in european phase |