Securing internal services in a distributed environment
First Claim
Patent Images
1. A computer-implemented method comprising:
- intercepting a service packet comprising a service call from a source appliance at a server;
determining that the service call is for an internal service provided by the source appliance;
determining that the service packet comprises client information with one or more client process properties;
demultiplexing the service packet;
determining that one or more rule attributes associated with the internal service match the one or more client process properties;
removing the client information from the service packet; and
forwarding the service call to the server.
4 Assignments
0 Petitions
Accused Products
Abstract
Disclosed herein are methods, systems, and processes to secure internal services in a distributed computing environment. A service packet that includes a service call from a source appliance is intercepted at a server. A determination is made that the service call is for an internal service provided by the source appliance and includes client information with client process properties. The service packet is demultiplexed. A determination is made that rule attributes associated with the internal service match the client process properties. The client information is removed from the service packet and the service call is forwarded to the server.
-
Citations
20 Claims
-
1. A computer-implemented method comprising:
-
intercepting a service packet comprising a service call from a source appliance at a server; determining that the service call is for an internal service provided by the source appliance; determining that the service packet comprises client information with one or more client process properties; demultiplexing the service packet; determining that one or more rule attributes associated with the internal service match the one or more client process properties; removing the client information from the service packet; and forwarding the service call to the server. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A non-transitory computer readable storage medium storing program instructions executable to:
-
intercept a service packet comprising a service call from a source appliance at a server; determine that the service call is for an internal service provided by the source appliance; determine that the service packet comprises client information with one or more client process properties; demultiplex the service packet; determine that one or more rule attributes associated with the internal service match the one or more client process properties; remove the client information from the service packet; and forward the service call to the server. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A system comprising:
-
one or more processors; and a memory coupled to the one or more processors, wherein the memory stores program instructions executable by the one or more processors to; intercept a service packet comprising a service call from a source appliance at a server; determine that the service call is for an internal service provided by the source appliance; determine that the service packet comprises client information with one or more client process properties; demultiplex the service packet; determine that one or more rule attributes associated with the internal service match the one or more client process properties; remove the client information from the service packet; and forward the service call to the server. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification