Professional Documents
Culture Documents
The patent-at-issue, U.S. Patent 7,739,302 (“Firenet”), which was filed on Sep. 11, 2001
and claims a Sep. 1, 1998 priority date, is directed to a dedicated firewall security for a network
attached device (NAD) provided by a firewall management system integrated directly into the
NAD or into a NAD server. A local area network arrangement includes a network client and the
NAD and the firewall management system includes computer readable medium having
computer-executable instructions that perform the steps of receiving a request for network access
to the NAD from the network client, determining whether the request for network access to the
NAD is authorized, and only if the request for network access is authorized, providing the
network client with network access to the NAD.
U.S. Patent 6,272,127 (“Ehron”), which was filed on Nov. 10, 1997 without any claim to
an earlier priority date, is directed to a system that provides broadband multimedia
communication over the standard circuit-switched public switched telephone network
infrastructure (PSTN) and other physical or virtual circuit-switched infrastructures while
simultaneously and transparently interoperating with the public Internet packet-switched
infrastructure to effectively merge the capabilities of the two types of infrastructures. The
invention allows users to establish both packet-switched connections for sending or receiving
content for which low-latency and unpredictable response times are not a problem (i.e. text,
small graphics, e-mail, small file transfers); and circuit-switched connections for sending or
receiving content that benefits from streaming data at fixed data rates, without contention for
bandwidth from other users during a communication session, (i.e. video, voice, complex graphics
and animations, or large file transfers).
A sample claim chart comparing Firenet to Firewalls and Ehron is provided below.
B. US6272127
“Network control system server 40 handles routing and
billing of connections between network users. Signaling
network 30 consists of packet-switched links and routers
that are secured from intrusion by users outside the
broadband network.” Ehron at 5:47-52.
B. US6272127
“When a circuit-switched connection is being set up,
B. US6272127
“When a new connection is to be made within the
broadband network, the originating workstation
interface 140 sends a connection setup request to
network control system server 40 over signaling network
30, preferably via TCP.” Ehron at 51:4-7.
(ii) an IP address of a network “IP packet filtering is performed at the network level use a
destination, screening router. The router parses the network packet
headers for the following information
B. US6272127
“However, the table assignments for circuit-switched
connections are determined and transmitted by
network control system server 40 to premises switch
110 when a connection is being set up, and the
assignments last only as long as the connection lasts.”
Ehron at 33:10-16.
B. US6272127
“Since the IP address of the premises switch is included
in the broadband network user's routable phone
number, this number can be used to readily determine
the route between any two users in the network with
any intermediate number of city nodes when a connection
is requested between the two users, or by precalculating a
list of routes, as will now be explained in more detail.”
Ehron at 47:1-7.
US6272127
“Routing function 113 is shown separately for clarity, but
may be implemented as software running on CPU 116 or
other processor. It is responsible for screening data packets
received via packet switch 112 and directing them to the
appropriate output port of bonder 114. It also performs
security functions that provide additional safeguards
against unauthorized use of the broadband network by, for
example, further screening the destination and source
addresses of the packets.“ Ehron at 26:14-21.
US6272127
“Routing function 113 is shown separately for clarity, but
may be implemented as software running on CPU 116 or
other processor. It is responsible for screening data
packets received via packet switch 112 and directing them
to the appropriate output port of bonder 114. It also
performs security functions that provide additional
safeguards against unauthorized use of the broadband
network by, for example, further screening the destination
and source addresses of the packets.” Ehron at 26:14-21.
Accordingly, there remains a need for a NAD “The premises switch can thus insure that only the parties
server having an integrated firewall, which involved in the particular connection are allowed to use
provides an additional layer of security for a
the switched bandwidth provided for that connection.”
NAD beyond that provided by a bastion
Id. at 37:10-13.