The computer system 100 illustrated in FIG. 1 represents a typical hardware setup for executing software that allows a user to perform tasks such as communicating with other computer users, accessing various computer resources, and viewing, creating, or otherwise manipulating electronic content—that is, any combination of text, images, movies, music or other sounds, animations, 3D virtual worlds, and links to other objects. The system includes various input/output (I/O) devices (mouse 103, keyboard 105, display 107) and a general purpose computer 100 having a central processor unit (CPU) 121, an I/O unit 117 and a memory 109 that stores data and various programs such as an operating system 111, and one or more application programs 113. The computer system 100 also typically includes some sort of communications card or device 123 (e.g., a modem or network adapter) for exchanging data with a network 127 via a communications link 125 (e.g., a telephone line).
As shown in FIG. 2, a user of a computer system 129 can access a public network 131 (e.g., the Internet) via an access server 133 (such as an Internet service provider or “ISP”). Among other things, this enables computer system 129 to send and receive data from other computers (not shown in FIG. 2) that are connected to the public network 131 (referred to as “outside” computers). For example, one of the outside computers can act as a host of a web site from which the computer system 129 can view web pages using a “browser” program (e.g., an Internet browser such as Netscape Communicator version 4.7, which is commercially available from Netscape Communications Corporation of Mountain View, Calif.) running on the computer system 129.
By connecting to a public network 131 such as the Internet, however, the computer system 129 can become vulnerable to attacks from outsiders (sometimes referred to as “hackers” or “crackers”) who use the public network 131 to attempt to gain unauthorized access to computers connected thereto. After gaining unauthorized access to a computer system 129, such outsiders often view, copy, alter, delete, and/or redistribute data and programs that reside on the computer system 129.
The threat to users who access the Internet using dial-up modem connections (referred to as “dial-up connections”) over conventional plain old telephone service (POTS) lines typically has been relatively low. A user employing such a dial-up connection typically is assigned a temporary “IP address.” An IP (Internet Protocol) address is a worldwide unique identifier that identifies a particular computer or other network device on the Internet. For example, as shown in FIG. 3, a user can access the Internet 141 via a modem 143 connected to a computer 145 by dialing into an access server 147 using a POTS line. The access server 147 includes a terminal server 149 having multiple “ports.” Several dial-up modems (not shown in FIG. 3) are connected to the ports of the terminal server 149 in order to receive data transmitted by the user's modem 143. The terminal server 149 is connected to a dial-up host computer 151 (e.g., a computer workstation running a variant of the UNIX operating system). The dial-up host computer 151 is connected to the Internet 141, typically via a high-speed connection 153 (e.g., a T1 connection). The access server 147 and the high-speed connection 153 typically are maintained by an ISP.
A different temporary IP address is typically assigned to the user's computer 145 each time the user dials into the access server 147. The IP address that is assigned to the user's computer 145 is temporary since the user typically disconnects the computer 145 from the access server 147 when the user is not accessing the Internet. This allows the ISP to re-use the IP address previously assigned to the user's computer 145 as the temporary IP address of another computer that subsequently dials into the access server 147.
Because the IP address of the user's computer 145 may change each time the user dials into the access server 147, it is difficult for an outsider successfully to use hacking techniques that require knowledge of the IP address of the user's computer. For example, one cannot telnet into a user's computer 145 without knowing the computer's IP address.
Recently, high-speed alternatives to conventional dial-up Internet connections have become increasingly popular. These high-speed alternatives include digital subscriber lines (“DSL”) and cable modem connections, which typically allow users to use their telephone lines for voice transmissions simultaneously with data connections. As a result, many users of these new high-speed connections do not disconnect their computers from the Internet when they are not actively accessing the Internet. Remaining persistently connected in this manner enables users to avoid the overhead (delay and effort) associated with reconnecting to the Internet that they otherwise would encounter each time they accessed the Internet. As a result, many Internet service providers are assigning fixed (i.e., non-temporary) IP addresses to computers that make use of such high-speed “always connected” Internet connections. However, because the use of permanent IP addresses facilitates certain hacking techniques, the security advantages associated with the use of temporary IP addresses are lost when fixed IP addresses are used.
One way in which enterprises such as businesses and educational institutions have protected their networks and computers (which typically are assigned fixed IP addresses) is to employ a “firewall.” A firewall is a system for controlling access to the enterprise's network and/or computers (referred to as the “internal” network and computers) by other computers (referred to as “outside” computers) that attempt to access the internal networks and computers through a public network. The purpose of a firewall is to allow network elements to be attached to, and thereby access, a public network without rendering the network elements susceptible to unauthorized access from the public network. A successful firewall allows the network elements (e.g., routers, computers, servers, etc.) to communicate with the public network elements without rendering the network elements susceptible to attack or unauthorized inquiry over the public network. Such firewalls use known techniques such as “packet filtering” and “application gateways” for determining which data packets to forward to the inside networks and computers.
Firewalls that are employed to protect networks and computers used in business and educational settings typically implement a security policy that determines how each internal user of the firewall-protected network can access the public network. Typically, these security policies implement a “one-size-fits-all” approach in which all users of a certain type are assigned the same access rights to the public network. A one-size-fits-all approach often is desirable in such institutional settings since such an approach is generally simpler to implement, maintain, and audit and such institutions are generally in a position to impose such an approach on users of their networks and computers.
Most Internet service providers, however, traditionally have not employed firewalls to protect their users' computers from attacks originating from the Internet. Users who access the Internet via dial-up connections typically do not need such security measures due to the security advantages associated with the use of temporary IP addresses. Moreover, most ISPs do not wish to, and/or are not in a position to, impose on their users a one-size-fits-all security policy of the type conventionally associated with the use of firewalls. Instead, ISPs have typically left it up to their users to implement some type of firewall on their computers if they wish (referred to as “client-based firewalls”).
Client-based firewalls typically require a certain amount of technical sophistication on the part of the user. For example, users requiring additional protection from attacks may be unaware either of the threat or the potential protection that can be provided by client-based firewalls. Even if the user is aware of the threat and the potential protection that can be provided by client-based firewalls, the user may be unable or unwilling to install a client-based firewall properly, e.g., because the user does not have the required technical expertise. Also, the user may fail to maintain the client-based firewall. For example, the user may fail to install updated software that addresses a newly discovered potential security weakness in the client-based firewall in a timely manner. Indeed, another shortcoming of client-based firewalls is that each user of a client-based firewall must separately update that user's firewall.
The present inventors recognized the need for a server-based firewall solution that does not impose a one-size-fits-all solution on the users of an access server.