The present invention relates to a control system for establishing a connection between networks in a packet communication which occurs through networks located between terminals.
In the prior art, when a user which belongs to a certain user network on an extranet tries a packet communication with a different user network which is on the same extranet or another intranet which is connected to the former extranet through an internet, a control over the connection between networks such as one called a firewall for security purpose or another in which a network address in each user network or private network address is translated into a global network address which enables an external connection takes place. A conventional control system which establishes a connection between networks is only capable of establishing a connection between a pair of networks per system, and it has been required for a number of user networks that it is provided with such a connection control system for individual one of different pairs of user networks.
FIG. 1A shows a network system which employs conventional control system for connection between networks. Specifically, a network 10 contains a network interconnection control system 301 devoted to the connection between user networks 11 and 12, and another network interconnection control system 302 devoted to the connection between user networks 13 and 14 (such user networks being denoted as USER#1, #2, #3 and #4, respectively, which are in turn connected to user terminals 21, 22, 23 and 24, again denoted as TE#1, #2, #3 and #4, respectively). In the example shown in FIG. 1A, the user network 11 is separated from the user networks 13, 14 as is the user network 12. While only one user terminal is shown to be connected to each user network, it should be understood that a plurality of user terminals are normally connected to each user network.
A typical control system 30 is illustrated in FIG. 1B to stand for the network interconnection control systems 301 and 302. As shown, it comprises interfaces IF-A, IF-B connected to the user networks 11, 12, respectively, and a network interconnection controller 31 including a connection controller 31C and a network interconnection control table 31T.
Suppose that a packet from the user network 11 is received by the interface IF-A. The connection controller 31C then makes reference to the network interconnection control table 31T in order to execute a connection control which is defined for a sender terminal address and a receiver terminal address which are contained in the packet. If the control system 301 is constructed as a firewall equipment, its control table 31T includes a record indicating whether or not a communication is permitted for the detected pair of sender and receiver terminal addresses. If the communication is permitted, the received packet is delivered through the interface IF-B, but if not permitted, the packet is discarded without being delivered through the interface IF-B.
As can be understood from FIGS. 1A and 1B, the user network 11 is connected to the user network 12 through the network interconnection control system (firewall equipment) 301, and only a communication which is permitted according to the rules set-up in the firewall equipment 301 can be executed, thus allowing the user networks 11 and 12 to communicate with each other while maintaining the security of each.
Similarly, the user network 13 is connected to the user network 14 through the network interconnection control system (firewall equipment) 302, whereby only a communication which is permitted according to the rules set up in the firewall equipment 302 can be executed, thus allowing the user networks 13 and 14 to communicate with each other while maintaining the security of each. Since the user networks 11 and 12 are separated from the user networks 13 and 14, no communication is permitted therebetween.
When the network interconnection control system 301 is constructed as an address translation system (generally referred to as a network address translator: NAT), a private address of a sender terminal contained in a packet from the user network 11 which is received by the interface IF-A is translated into a global address according to translation rules which are contained in the network interconnection control table 31T, and is then delivered through the interface IF-B. The user network 11 is connected to the user network 12 through the address translation system 301 which includes the address translation rules to implement the address translation, thus permitting a communication between the user networks 11 and 12 through the address translation. Similarly, the user networks 13 and 14 are connected together through the address translation system 302 which performs an address translation on the basis of the address translation rules set up therein. In this manner, a communication is permitted between the user networks 13 and 14 through the address translation.
It is to be understood that the network interconnection control system 302 is constructed in a similar manner as the control system 30 shown in FIG. 1B.
Thus a practice in a conventional network interconnection control system is designed to achieve a connection for only a pair of user networks, and thus one such control system is provided for each pair of user networks as illustrated in FIG. 1A. An individual network interconnection control system must be subject to a maintenance work periodically, and hence a network which may deal with hundreds of user networks requires a tremendous amount of labor and time for its maintenance.
To cope with this problem, it may be contemplated to provide an interface in a conventional single network interconnection control system which allows a connection with all of user networks while defining connection controls for all the terminals in the network interconnection control table 31T, thereby providing a single concentrated network interconnection control system. However, this yields issues to be described below.
When a user on a user network uses a private address, it is possible that a duplicate terminal address is used by users on different user networks, and if the network interconnection control system is designed as a firewall equipment, there results a likelihood that a connection other than that intended by a sender terminal may be established. Alternatively, if the network interconnection control system is designed as an address translation system, there is a possibility that a wrong translated address may be retrieved from the table 31T.
Even if no duplicate address occurs between different user networks, the fact that a communication between users on different user networks is not logically isolated may result in impacting the security as would occur if a user uses a false address in his communication, thus leading to a possible communication between users on different user networks such as the user networks 11 and 14 in FIG. 1A which are inherently to be separated from each other. A security issue also occurs when a firewall table is frequently changed and an error occurs in the set-up thereof, enabling a communication by an inherently irrelevant user.
For these technical reasons, a network interconnection control system is independently provided for each pair of user networks.
As users who utilize a network increase in number with a popular use of an extranet, the number of communications with external users or between different user networks increases also. If the network interconnection control system is individually provided for such increased number of user networks, the overall installation cost increases in addition to the need for the maintenance of such an increased number of individual control systems.