Cloud-based network tool optimizers for server cloud networks

US 10,389,642 B2
Filed: 11/14/2017
Issued: 08/20/2019
Est. Priority Date: 05/29/2014
Status: Active Grant

First Claim

Patent Images

1. A method to control packet traffic for multiple users of cloud resources within a cloud network, comprising:

allowing, through a master user interface, configuration of one or more master filters to determine how packets received from one or more packet sources are forwarded for different users of cloud resources within a cloud network;

allowing, through one or more user interfaces, configuration of a plurality of sets of one or more user filters, each set of one or more user filters being associated with a different user of cloud resources within the cloud network and determining how packets are forwarded within the cloud network for that user to one or more packet destinations;

generating filter rules based upon the one or more master filters and the plurality of sets of one or more user filters, the filter rules including master rules associated with the master filters and user rules associated the plurality of sets of one or more user filters;

prioritizing the master rules over the user rules;

receiving packets from the one or more packet sources; and

forwarding the received packets to the one or more packet destinations so that packet traffic for each user is forwarded based at least in part upon the one or more master filters and the set of one or more user filters for that user;

wherein the master user interface displays filter information only for master filters, and wherein the one or more user interfaces display filter information only for user filters; and

wherein the one or more user interfaces comprise a separate user interface for each user.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Network tool optimizers for server cloud networks and related methods are disclosed. In part, master filters are defined to segregate and control user traffic, and user filters are defined to forward the user traffic to cloud-based network tools or tool instances. A master user interface and user interfaces for each user are provided so that the master filters and user filters can be defined and managed. A filter rules compiler within the cloud-based network tool optimizer then combines the master filters with the user filters, resolves conflicts in favor of the master filters, and generates filter engine rules that are applied to filter engines within the network tool optimizer for the cloud network. The filter engines then forward packets received at input ports for the network tool optimizer to output ports for the network tool optimizer that are coupled to network tools or tool instances within the cloud network.

Citations

20 Claims

1. A method to control packet traffic for multiple users of cloud resources within a cloud network, comprising:
- allowing, through a master user interface, configuration of one or more master filters to determine how packets received from one or more packet sources are forwarded for different users of cloud resources within a cloud network;
  
  allowing, through one or more user interfaces, configuration of a plurality of sets of one or more user filters, each set of one or more user filters being associated with a different user of cloud resources within the cloud network and determining how packets are forwarded within the cloud network for that user to one or more packet destinations;
  
  generating filter rules based upon the one or more master filters and the plurality of sets of one or more user filters, the filter rules including master rules associated with the master filters and user rules associated the plurality of sets of one or more user filters;
  
  prioritizing the master rules over the user rules;
  
  receiving packets from the one or more packet sources; and
  
  forwarding the received packets to the one or more packet destinations so that packet traffic for each user is forwarded based at least in part upon the one or more master filters and the set of one or more user filters for that user;
  
  wherein the master user interface displays filter information only for master filters, and wherein the one or more user interfaces display filter information only for user filters; and
  
  wherein the one or more user interfaces comprise a separate user interface for each user.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1, further comprising displaying only information relating to each user in the user interface for that user.
  - 3. The method of claim 1, wherein the prioritizing comprises prioritizing execution of the master rules over execution of the user rules so that packet forwarding provided by the master rules overrides packet forwarding provided by the user rules.
  - 4. The method of claim 3, further comprising prioritizing execution of the master rules over execution of the user rules by processing the master rules before the user rules with respect to forwarding of the received packets.
  - 5. The method of claim 1, wherein the one or more master filters are configured to separate network traffic for the different users of the cloud resources.
  - 6. The method of claim 5, wherein the one or more master filters are configured to use one or more network identifiers for user packets to separate network traffic.
  - 7. The method of claim 6, wherein the one or more network identifiers comprises at least one of virtual local area network (VLAN) identifiers or virtual extensible local area network (VXLAN) identifiers.
  - 8. The method of claim 6, wherein the one or more network identifiers are added to the user packets and then removed from the user packets before being forwarded to the one or more packet destinations.
  - 9. The method of claim 1, wherein the one or more packet destinations comprise one or more network monitoring tools within the cloud network.
  - 10. The method of claim 9, wherein the one or more network monitoring tools comprise one or more network monitoring tool instances created within a processing system platform within the cloud network.

11. A system to control packet traffic for multiple users of cloud resources within a cloud network, comprising:
- a plurality of input ports to receive packets from one or more packet sources within a cloud network;
  
  a plurality of output ports to output packets to one or more packet destinations; and
  
  one or more integrated circuits including one or more processors configured to execute instructions embodied in one or more non-transitory computer readable mediums to;
  
  allow, through a master user interface, configuration of one or more master filters to determine how packets received from one or more packet sources are forwarded for different users of cloud resources within a cloud network;
  
  allow, through one or more user interfaces, configuration of a plurality of sets of one or more user filters, each set of one or more user filters being associated with a different user of cloud resources within the cloud network and determining how packets are forwarded within the cloud network for that user to one or more packet destinations;
  
  generate filter rules based upon the one or more master filters and the plurality of sets of one or more user filters, the filter rules including master rules associated with the master filters and user rules associated the plurality of sets of one or more user filters;
  
  prioritize the master rules over the user rules;
  
  receive packets from the one or more packet sources; and
  
  forward the received packets to the one or more packet destinations so that packet traffic for each user is forwarded based at least in part upon the one or more master filters and the set of one or more user filters for that user;
  
  wherein the master user interface displays filter information only for master filters, and wherein the one or more user interfaces display filter information only for user filters; and
  
  wherein the one or more user interfaces comprise a separate user interface for each user.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 12. The system of claim 11, wherein each user interface is configured to display only information relating to its user.
  - 13. The system of claim 11, wherein the master rules are configured to have priority in execution over of the user rules so that packet forwarding provided by the master rules overrides packet forwarding provided by the user rules.
  - 14. The system of claim 13, wherein the master rules are configured to have priority in execution over the user rules by being processed before the user rules with respect to forwarding of the received packets.
  - 15. The system of claim 11, wherein the one or more master filters are configured to separate network traffic for the different users of the cloud resources.
  - 16. The system of claim 15, wherein the one or more master filters are configured to use one or more network identifiers for user packets to separate network traffic.
  - 17. The system of claim 16, wherein the one or more network identifiers comprises at least one of virtual local area network (VLAN) identifiers or virtual extensible local area network (VXLAN) identifiers.
  - 18. The system of claim 16, wherein the one or more integrated circuits are further configured to add the one or more network identifiers to and then remove the one or more network identifiers from the user packets before being forwarded to the one or more packet destinations.
  - 19. The system of claim 11, wherein the one or more packet destinations comprise one or more network monitoring tools within the cloud network.
  - 20. The system of claim 19, wherein the one or more network monitoring tools comprise one or more network monitoring tool instances created within a processing system platform within the cloud network.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Keysight Technologies Singapore Sales Pte Ltd (Keysight Technologies, Inc.)
Original Assignee
Keysight Technologies Singapore Sales Pte Ltd (Keysight Technologies, Inc.)
Inventors
Raney, Kristopher
Primary Examiner(s)
Ndiaye, Cheikh T

Application Number

US15/812,067
Publication Number

US 20180077071A1
Time in Patent Office

644 Days
Field of Search
US Class Current
CPC Class Codes

H04L 12/4641   Virtual LANs, VLANs, e.g. v...

H04L 41/0873   Checking configuration conf...

H04L 41/0893   Assignment of logical group...

H04L 41/0894   Policy-based network config...

H04L 41/0895   Configuration of virtualise...

H04L 41/20   Network management software...

H04L 41/22   comprising specially adapte...

H04L 41/40   using virtualisation of net...

H04L 41/5096   wherein the managed service...

H04L 43/00   Arrangements for monitoring...

H04L 43/14   using software, i.e. softwa...

H04L 47/2441   relying on flow classificat...

H04L 67/10   in which an application is ...

H04L 69/22   Parsing or analysis of headers

Cloud-based network tool optimizers for server cloud networks

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Cloud-based network tool optimizers for server cloud networks

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links