nokLINK™ is the secure, firewall friendly communication tunnel which all nok Applications rely on. nokLINK™ is an "integration-free" communication broker used to dynamically link applications and services through discrete networks. The nokLINK™ layer provides any user the ability to create a seamless tunnel from one device to another regardless of firewall configuration or IP address. This dynamic, communication system provides user and applications the following.

• Secure Virtual and Dynamic Linking control between any devices running any Windows® based TCP/IP applications.
• Infrastructure to provide remote access to services, ports, sockets and applications. Operates in most network configurations regardless of firewalls or other network configurations.
• Central Management Platform to manage groups, networks and devices through a web based interface.
• The Master brokers, authenticates and ensures security is maintained.
• Virtual naming and network addressing schema provides easy management of devices and communication.

nokLINK™ is a communication protocol carrier which transports data with greater efficiency and vastly greater secu-rity by encrypting, compressing and routing information between end-points. nokLINK™ creates a virtual, "dark" application [port] specific network which ensures protection of end-points by removing their exposure to the Internet. It is a DNS-like topology-less architecture. nokLINK provides communication to systems without those systems being visible to the Internet, which essentially removes the threat of being compromised.

nokLINK™ includes a software firewall with equivalent to or better security than that of a hardware-based firewall to protect each machine from any other device, even one that is on the same LAN. nokLINK™ removes the dependency on Internet Protocol (to date IP is still utilized, but simply for convenience). In fact, nokLINK™ allows for the elimination of virtually all of the complex private communications lines, IP router configuration, and management. Given that it is protocol-independent, it means that any IP-based communication can benefit from the secure tunneling that nokLINK™ provides.

Unlike traditional network connection whereby a client make a connection request to a server and the server accepts the connection, then determines the worthiness of the connection. With nokLINK™ the server makes a single constant connection with the nokLINK™ master broker which it knows is always worthy and waits for connections to come in. The nokLINK™ Masters ONLY job is to pre-authenticate requests and bind (broker) connections between client requests and available servers.

nokLINK™ establishes, without any configuration of the firewalls, gateways or routers, what looks like an outbound connection between two PC's behind firewalls on two different networks, both of which have invalid IP addresses, e.g. 10.x.x.x, 127.x.x.x, 192.x.x.x. This connection is ultra secure and is authenticated to User and machine.

Though nokLINK™ uses proprietary protocols end-to-end, the tunnel created can be layered with Public authentication and/or encryption - e.g. 3DES, RSA, IPSEC, etc. Once the connection is established any TCP/IP application can be run across it, e.g. VNC, Remotely Anywhere, MS Project, Outlook, etc. This makes the connection a true application to application connection as opposed to a network centric connection typical of VPNs.

This topology is far more efficient in dealing with unauthorized access requests, server redundancy concerns and most importantly security enforcement policies. Implementing nokLINK™ for your network not only improves security but actually eases access for authorized users. nokLINK™ is the only software capable of making such a claim. Here is how it works!

VPN is a technology that, using the internet cloud as its primary physical communication layer, TCP/IP as a logical layer, adds on top of this another logical layer that tunnels all data exchange among machines belonging to a given VPN structure, simulating an isolated virtual channel that delivers a dedicated private network, i.e. LAN to LAN or Client to LAN and with SSL Client to LAN/Application

Typically connections are set up and broken down without dedicated connections assuming that all machines, (e.g., network devices and/or client workstations) belonging to a VPN can be easily reached thru the internet cloud.

Current network infrastructures primarily rely on firewall appliances to provide network security and a single point of network access. Accordingly the requisite network set-ups are broad and complex procedures. As a general rule these set-up procedures are not configuration friendly. IT managers are reluctant to deploy systems that require configuration changes once a safe network operation environment has been established.

The usefulness of VPNs is closely related to this. While LAN to LAN connections set-up with a VPN infrastructure pose fewer management problems, mobile client to LAN connections are problematic for IT managers because by definition they do not have fixed set-up configurations - they connect to the internet cloud from wherever they are. Clients attempting to connect via their established VPN from foreign networks (firewall protected) to the home LAN only compound the problem as the client must contend with the local (unfriendly) firewall configuration.

Even companies that install equipment as a third party inside other companies' networks must deal with painful network set-ups to allow their equipment to talk with VPN's through other networks' firewalls.

nokLINK™ addresses this 'state of the technology' with a very specific technical solution that allows machines to sit on foreign networks and maintain an application-to-application or VPN-like (network access) connection to the home LAN or even to other clients also located in other foreign LANs. This is accomplished without requiring any changes to a foreign network's firewall set-up. In this context nokLINK™ is a 'VPN' firewall-friendly solution.

Put another way, using nokLINK™ allows 'mobile' devices to go anywhere and maintain their VPN-like connection. Users can actually link machines in other companies' network and keep them communicating through their VPN's without any need for set-up changes on the foreign network(s).

The nokLINK™ solution as a technology is not a VPN implementation in any true sense. nokLINK™ solution technology is more closely related to an alternate TCP/IP public addressing scheme or structure. nokLINK™, while implementing - albeit with very different technology - many of the same VPN connection functions e.g. Internet utilization, security gateways, security policy servers, and certificate authorities, brings a different perspective by locating machines through the internet cloud, using a proprietary virtual addressing technology.

The technology behind nokLINK™ goes further than just brokering secure connections. Because it is built on top of the nokLINK™ kernel (see the Spin Networks White Paper), the entire nokLINK™ platform is secure from any form of tampering or disabling process. With all inbound ports securely locked down by the embedded nokLINK™ firewall can not be disabled (without powering the workstation down and then only when it is powered down), the workstation itself goes dark with respect to outside (unauthorized) communication.

Workstations with nokLINK™ can then be organized into logical networks without any of the physical boundaries imposed by local area architecture and environment. all the while being completely dark with respect to anyone else, whether friend or foe, unauthorized to be a member. The promise of nokLINK™ then is to remove the artificial restrictions of local area networks and raise the workstation to a level where it is a self-sustaining and self-securing network; itself able to connect to other workstations solely from the rules administered by the Enterprise.