Networks in which a plurality of computers and other electronic devices are inter-connected by wired or wireless communications links to facilitate communications between users and/or the sharing of resources, (e.g., hardware, software, data sets, etc.) are known in the art. One well known type of network is an internet protocol or “IP” network which operates under the IP protocol that has been developed to control communications sent over the Internet. Networks operating under the IP protocol typically include large numbers of geographically dispersed devices that are interconnected by a plurality of communications links and network routing and control resources. A wide variety of different devices may be included in the network, including, for example, mainframe computers, file servers, personal computers, printers, work stations, scanners, personal data assistants, cellular telephones, etc. Data processing devices such as, for example, mainframe computers that are part of the network may often be accessed by a plurality of users in the network.
Each device in the IP network is typically assigned an IP address. Communications packets sent over the IP network typically include headers that provide various information regarding the source and intended destination of the packet. This information may include, for example, the IP addresses of the source and/or destination devices, protocol and port information, and various other information which is well known to those of skill in the art.
In many instances, access to certain devices (e.g., computers, routers, printers, etc.) in an IP network may be restricted such that certain users are not permitted to access these resources. To provide such controlled access, an IP network may include “firewalls” which use packet level filtering to control access to devices in the IP network. Firewalls may be implemented at host devices and examine the IP source address, protocol, port and/or other information included in each received packet to determine if the packet will be processed by the host device. Firewalls may also be implemented at points of entry to specific sub-networks that have different security requirements than the IP network as a whole. Thus, for example, a firewall may be placed at a local area network server to restrict the access of those outside the local area network to devices within the local area network.
Firewalls, however, may not provide an effective method of controlling access to network devices in all situations. Accordingly, there is a need for improved methods and systems of controlling user access to devices in an IP network.