As businesses increasingly utilize public networks, such as the Internet, to provide site-to-site connectivity, a common need exists to secure the data traffic as it traverses the public portions of the network. In the Applicant's related co-pending patent application entitled "Method and Apparatus for a Key Management Scheme for Internet Protocols" (Ser. No. 08/258,272, filed Jun. 10, 1994) (hereinafter referred to as the "SKIP" scheme), a system was disclosed for providing a key management scheme particularly suited to connectionless datagram protocols, such as the Internet Protocol (IP). The SKIP scheme was disclosed as applied to the secure transfer of data between discrete computers coupled to private networks in communication over the Internet. Although using the teachings of SKIP the data transferred between nodes is secure, the system disclosed in the Applicant's copending Application still permitted an intruder ("a cracker") to detect the source and destination addresses of the communicating computers.
As will be described, the present invention utilizes the teachings of SKIP for securing traffic at the IP layer, which has advantages over performing security functions at the application or transport layers. The approach of the present invention is to encrypt inter-site traffic at the IP layer using the SKIP scheme, and thereby deny a would be cracker from detecting the source and destination addresses of the communicating nodes. To minimize the impact of providing key-management facilities in every node, the present invention encrypts the IP packets only from site firewall to site firewall. Thus, only the firewall servers need to participate in the SKIP scheme. When a firewall receives an IP packet from an interior site node intended for a remote firewall, it encrypts the IP packet and sends it encapsulated in another IP packet destined for the remote firewall. The remote firewall decrypts the encapsulated packet and sends it in the clear to the destination node on the interior side of the remote firewall.
Another common network security requirement is to allow remote users to access the protected network from across the Internet in a secure fashion. As will be described, the present invention accommodates this requirement on top of packet layer encryption, without requiring changes to the various client applications used for remote access across the Internet.