USRE50745EActiveUtility

Reverse access method for securing front-end applications and others

Assignee: NETNUT LTDPriority: Feb 19, 2012Filed: Feb 13, 2013Granted: Jan 6, 2026
Est. expiryFeb 19, 2032(~5.6 yrs left)· nominal 20-yr term from priority
Inventors:MIZHAR AMIR
G06F 21/60H04L 63/029H04L 63/0209H04L 63/10
44
PatentIndex Score
0
Cited by
34
References
24
Claims

Abstract

A System that provides a secured connection between servers on the LAN and clients on the WAN comprises the LAN (which includes LAN Server and LAN Controller) and the DMZ (which includes DMZ Server and DMZ Stack Pool Service). Wherein the Client Request reaches the DMZ Server it stores it in the DMZ Stack Pool Service and the LAN Controller establishes outbound TCP based connection to the DMZ Stack Pool Service that passes the Client Connection Information to the LAN Server via the LAN Controller. Then the LAN Server then generates a connection between the Service and DMZ Server.

Claims

exact text as granted — not AI-modified
What is claimed: 
     
         1 . A system for reverse access, said system comprising:
 a De-Militarized Zone (DMZ) Stack Pool Service located in a De-Militarized Zone, the DMZ Stack Pool Service being arranged to store requests received from a client, wherein said requests are stored at the TCP/IP level;   a local area network (LAN) Controller configured to check for existence in said DMZ Stack Pool Service of said requests, wherein said checking is performed at the TCP/IP level and said LAN Controller is located in a LAN; and   a DMZ server configured to receive said requests from a LAN server of said LAN, and to route said requests to said client, wherein receiving and routing by said DMZ server occurs at the TCP/IP level;   wherein said DMZ Stack Pool Service, said LAN Controller, and said DMZ server do not change the data of said requests and the system requires no administrative management after initial installation and configuration.   
     
     
         2 . The system of  claim 1 , wherein computer programs and sensitive data of said LAN server reside only in the LAN. 
     
     
         3 . A method for reverse access, said method comprising:
 storing requests received from a client, wherein said requests are stored in a De-Militarized zone (DMZ) Stack Pool Service at the TCP/IP level, wherein said DMZ Stack Pool Service is located in a De-Militarized Zone;   checking at the TCP/IP level, said DMZ Stack Pool Service for existence of said requests, wherein said checking is performed by a local area network (LAN) Controller located in a LAN; and   receiving said requests from a LAN server of said LAN and routing said requests to said client;   wherein said storing and routing occurs at the TCP/IP level and said storing and routing does not change data of said requests; and   wherein said method requires no administrative management of the LAN server after initial installation and configuration.   
     
     
         4 . The method of  claim 3 , wherein computer programs and sensitive data of said LAN server, reside only in the LAN. 
     
     
       5. A system for reverse access, the system comprising:
 a De-Militarized Zone (DMZ) Stack Pool Service executing on a device in a DMZ, the DMZ Stack Pool Service being configured to store a request received from a client, wherein the request is stored at a TCP/IP level using a TCP/IP protocol;   a network Controller located in a network, the network Controller being configured to check for existence of the request in the DMZ Stack Pool Service, wherein the checking is performed at the TCP/IP level; and   a DMZ server configured to provide data responsive to the request to the client, wherein the providing by the DMZ server occurs at the TCP/IP level using the TCP/IP protocol;   wherein the DMZ server does not change the data of the request and the   system requires no administrative management after initial installation and configuration to perform the storing, checking, and providing.   
     
     
       6. The system of  claim 5 , wherein a computer program and certain data of the system reside only in the network. 
     
     
       7. The system of  claim 5 , wherein the network Controller passes client connection information to a server of the network. 
     
     
       8. The system of  claim 7 , wherein the client connection information includes an Internet Protocol (IP) address associated with a service on the network. 
     
     
       9. The system of  claim 7 , wherein the client connection information includes a port number associated with a service on the network. 
     
     
       10. The system of  claim 5 , wherein the DMZ is a subnetwork of the network. 
     
     
       11. The system of  claim 10 , wherein the subnetwork is configured to interface with computers outside of the network and with computers inside the network. 
     
     
       12. The system of  claim 5 , wherein the network is a web server network. 
     
     
       13. The system of  claim 5 , wherein the network is an email network. 
     
     
       14. The system of  claim 5 , wherein the network is a file storage network. 
     
     
       15. The system of  claim 5 , wherein the network is an Internet Protocol-based telephone network. 
     
     
       16. A method for reverse access, the method comprising:
 storing a request received from a client in a De-Militarized Zone (DMZ) Stack Pool Service, in a DMZ, at a TCP/IP level using a TCP/IP protocol;   checking, at the TCP/IP level, the DMZ Stack Pool Service for existence of the request, wherein the checking is performed by a network Controller located in a network;   establishing an outbound connection from a network server of the network and routing data responsive to the request to the client; and   wherein the storing and routing occurs at the TCP/IP level using the TCP/IP protocol and a DMZ server does not change data of the request; and   wherein the method requires no administrative management of a server of the network after initial installation and configuration to perform the storing, checking, and providing.   
     
     
       17. The method of  claim 16 , wherein a computer program and certain data of the network server reside only in the network. 
     
     
       18. The method of  claim 16 , wherein the checking for existence of the request is performed continuously. 
     
     
       19. The method of  claim 16 , wherein the checking for existence of the request is performed periodically. 
     
     
       20. The method of  claim 16 , further comprising, in response to the checking, passing client connection information to the network server. 
     
     
       21. The method of  claim 20 , wherein the client connection information is passed to the network server via the network Controller. 
     
     
       22. The method of  claim 16 , further comprising creating a connection binder between at least one of the requests and the outbound connection.  
     
     
       23. The method of  claim 22 , further comprising, after creating the connection binder, routing the data responsive to the request to the client. 
     
     
       24. The method of  claim 23 , wherein routing the data comprises streaming the data.

Join the waitlist — get patent alerts

Track USRE50745E — get alerts on status changes and closely related new filings.

We store only your email — no account needed. See our privacy policy.