The present invention, generally speaking, provides a firewall that
achieves maximum network security and maximum user convenience. The
firewall employs "envoys" that exhibit the security robustness of
prior-art proxies and the transparency and ease-of-use of prior-art packet
filters, combining the best of both worlds. No traffic can pass through
the firewall unless the firewall has established an envoy for that
traffic. Both connection-oriented (e.g., TCP) and connectionless (e.g.,
UDP-based) services may be handled using envoys. Establishment of an envoy
may be subjected to a myriad of tests to "qualify" the user, the requested
communication, or both. Therefore, a high level of security may be
achieved. The usual added burden of prior-art proxy systems is avoided in
such a way as to achieve full transparency--the user can use standard
applications and need not even know of the existence of the firewall. To
achieve full transparency, the firewall is configured as two or more sets
of virtual hosts. The firewall is, therefore, "multi-homed," each home
being independently configurable. One set of hosts responds to addresses
on a first network interface of the firewall. Another set of hosts
responds to addresses on a second network interface of the firewall. In
one aspect, programmable transparency is achieved by establishing DNS
mappings between remote hosts to be accessed through one of the network
interfaces and respective virtual hosts on that interface. In another
aspect, automatic transparency may be achieved using code for dynamically
mapping remote hosts to virtual hosts in accordance with a technique
referred to herein as dynamic DNS, or DDNS.
