Technical Field
The present disclosure relates to computer implemented systems and methods that facilitate management of data packets across a computer network. Particularly, the present disclosure relates to computer-implemented systems and methods that manage the way the data packets are routed between a source computer and a destination computer of the computer network.
Description of the Related Art
Typically, data processing applications process and transmit highly confidential and business critical information. Computer resource security necessitating utmost importance in such scenarios prompt network administrators to look beyond the conventional network security phenomenon such as password locks, firewalls, authorisation controls, authentication techniques and cryptographic techniques.
However, when multitude of computer terminals are interconnected in a distributed computer network, with each of the computer terminals requesting incessant data access from storage devices and data files, employing effective security across the entirety of the distributed computer network becomes a challenge. One of the common techniques employed by network administrators to ensure that the computer network remains secured is to prevent un-trusted computer devices from accessing the computer network, by introducing any of the well-known access control mechanisms into the computer network.
Firewalls, which are one of the most widely used access control mechanisms are configured to block communications, both inbound and outbound based on the configuration, in the event that such communications are determined, by the firewalls to be un-trustful. For instance, a communication incorporating a data packet whose size exceeds the maximum prescribed size may be regarded as malware. Similarly, a communication emanating from an un-authenticated source computer terminal or directed to an un-authenticated destination terminal could be regarded as incorporating malicious content/malware.
Typically, malware and the associated hazardous after-effects caused by the presence of malware are prevalent in communication networks that allow peer computers to communicate with one another using corresponding public IP addresses and pre-defined public ports. Further, communication platforms such as Skype® utilize an overlay peer-to-peer network to transmit video and voice calls, with the objective of routing User Datagram Protocol (UDP) traffic directly between peer computers. Though firewalls are installed across a peer-to-peer communication network with the intention of ensuring maximized data security, and with the intention of identifying and preventing malware from being circulated through the communication network, they (firewalls) tend to inadvertently block legitimate communications (data packets), if such legitimate communications are not an exact match to the operational policies prescribed by the firewalls to differentiate a legitimate communication from malware.
Therefore, while firewalls are regarded as extremely important when it comes to securing a computer network and preventing malwares from accessing and infecting the computer network, and stealing confidential, sensitive data therefrom. However, it is equally important to ensure that the firewall does not block any legitimate, trustful communication that should have been transmitted from a first computer to a second computer via the computer network. It is equally important to configure the firewall such that it (firewall) is enabled to thoroughly differentiate between malware and legitimate communications (data packets), to block only the malware while allowing the legitimate communications to pass there through.
In view of the disadvantages said to be associated with conventional firewalls, there has been felt a need for an improved network architecture that provides for legitimate communications (data packets) to effectively bypass the firewalls while traversing a path from a source computer to a destination computer. There was also felt a need for an improved network architecture that provides for a thorough inspection of the credentials of the data packets before branding them as being legitimate and enabling them to bypass the firewalls while traversing a data path.