Decoupling hardware and software components of network security devices to provide security software as a service in a distributed computing environment
First Claim
1. A method comprising:
- receiving, by a security software service platform executing on a first portion of a plurality of computing resources provided by a distributed computing system, a plurality of network security software components that have been decoupled from hardware components of a plurality of network security devices, wherein the plurality of network security software components provide, at least in part, a plurality of security services capable of protecting a plurality of assets associated with a customer platform;
extending, by the security software service platform, a virtual machine creation template to incorporate access to the plurality of network security software components;
receiving, by the security software service platform, a virtual machine configuration from the customer platform, wherein the virtual machine configuration specifiesa first asset associated with the customer platform and having a first set of security requirements,a second asset associated with the customer platform and having a second set of security requirements,a first security service of the plurality of security services to protect the first asset in accordance with the first set of security requirements, anda second security service of the plurality of security services to protect the second asset in accordance with the second set of security requirements; and
deploying, by the security software service platform, a virtual machine on a second portion of the plurality of computing resources provided by the distributed computing system, wherein the virtual machine is configured in accordance with the virtual machine configuration to provide the first security service of the plurality of security services for the first asset associated with the customer platform and to provide the second security service of the plurality of security services for the second asset associated with the customer platform.
2 Assignments
0 Petitions
Accused Products
Abstract
Concepts and technologies are disclosed herein for decoupling hardware and software components of network security devices to provide security software as a service in a distributed computing environment. A computer system includes a processor that can execute computer-executable instructions to perform various operations. The processor can perform operations to provide security services to one or more customer platforms. The operations can include receiving a network security software component from a security service provider, and deploying the network security software component within a distributed computing environment so that the network security software component can be executed by a computing resource of the distributed computing environment to provide a security service to the customer platform(s). The network security software component includes a software component that has been decoupled from a hardware component of a network security device by the security service provider.
-
Citations
20 Claims
-
1. A method comprising:
-
receiving, by a security software service platform executing on a first portion of a plurality of computing resources provided by a distributed computing system, a plurality of network security software components that have been decoupled from hardware components of a plurality of network security devices, wherein the plurality of network security software components provide, at least in part, a plurality of security services capable of protecting a plurality of assets associated with a customer platform; extending, by the security software service platform, a virtual machine creation template to incorporate access to the plurality of network security software components; receiving, by the security software service platform, a virtual machine configuration from the customer platform, wherein the virtual machine configuration specifies a first asset associated with the customer platform and having a first set of security requirements, a second asset associated with the customer platform and having a second set of security requirements, a first security service of the plurality of security services to protect the first asset in accordance with the first set of security requirements, and a second security service of the plurality of security services to protect the second asset in accordance with the second set of security requirements; and deploying, by the security software service platform, a virtual machine on a second portion of the plurality of computing resources provided by the distributed computing system, wherein the virtual machine is configured in accordance with the virtual machine configuration to provide the first security service of the plurality of security services for the first asset associated with the customer platform and to provide the second security service of the plurality of security services for the second asset associated with the customer platform. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A distributed computing system comprising:
-
a plurality of computing resources; and a security software service platform comprising instructions that, when executed by a first portion of the plurality of computing resources, performs operations comprising receiving a plurality of network security software components that have been decoupled from hardware components of a plurality of network security devices, wherein the plurality of network security software components provide, at least in part, a plurality of security services capable of protecting a plurality of assets associated with a customer platform, extending a virtual machine creation template to incorporate access to the plurality of network security software components, receiving a virtual machine configuration from the customer platform, wherein the virtual machine configuration specifies a first asset associated with the customer platform and having a first set of security requirements, a second asset associated with the customer platform and having a second set of security requirements, a first security service of the plurality of security services to protect the first asset in accordance with the first set of security requirements, and a second security service of the plurality of security services to protect the second asset in accordance with the second set of security requirements, and deploying a virtual machine on a second portion of the plurality of computing resources, wherein the virtual machine is configured in accordance with the virtual machine configuration to provide the first security service of the plurality of security services for the first asset associated with the customer platform and to provide the second security service of the plurality of security services for the second asset associated with the customer platform. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A computer-readable storage medium comprising instructions that, when executed by at least a portion of a plurality of computing resources of a distributed computing system, cause the portion of the plurality of computing resources of the distributed computing system to perform operations comprising:
-
receiving a plurality of network security software components that have been decoupled from hardware components of a plurality of network security devices, wherein the plurality of network security software components provide, at least in part, a plurality of security services capable of protecting a plurality of assets associated with a customer platform; extending a virtual machine creation template to incorporate access to the plurality of network security software components; receiving a virtual machine configuration from the customer platform, wherein the virtual machine configuration specifies a first asset associated with the customer platform and having a first set of security requirements, a second asset associated with the customer platform and having a second set of security requirements, a first security service of the plurality of security services to protect the first asset in accordance with the first set of security requirements, and a second security service of the plurality of security services to protect the second asset in accordance with the second set of security requirements; and deploying a virtual machine on a second portion of the plurality of computing resources, wherein the virtual machine is configured in accordance with the virtual machine configuration to provide the first security service of the plurality of security services for the first asset associated with the customer platform and to provide the second security service of the plurality of security services for the second asset associated with the customer platform. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification