Channel data encapsulation system and method for use with client-server data channels
First Claim
1. A method performed by a security service comprising:
- receiving, by a first security microservice, a first channel data encapsulation packet encapsulating a first encapsulation context and one or more data packets;
performing a security service on the one or more data packets using the first encapsulation context;
transmitting, by the first security microservice, a second channel data encapsulation packet comprising a request for security services to a second security microservice;
receiving, by the first security microservice, a response from the second security microservice comprising a second security microservice context, a second security microservice timestamp, and a second security microservice load;
generating, by the first security microservice, a timestamp and a load value representing, in either relative or absolute terms, the loading of the first and second microservices processing the encapsulated channel data; and
transmitting, by the first security microservice, a response to the first channel data encapsulation packet, the response including the timestamp and the load value,wherein the first and second security microservices are implemented with computer-readable instructions stored in memory on a network security server, the memory coupled to one or more hardware processors executing the first and second security microservices.
3 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods are disclosed that relate to network security to monitor and report threats in network traffic of a datacenter. For example, one embodiment discloses a method of receiving, by a first security microservice, a first channel data encapsulation packet encapsulating a first encapsulation context and a first encapsulated data, performing a security service on the first encapsulated data using the first encapsulation context, transmitting by the first security microservice a second channel data encapsulation packet to a second security microservice, wherein the second channel encapsulation packet comprises a request for security services, receiving by the first security microservice a response from the second security microservice comprising a second security microservice context, a second security microservice timestamp, and a second security microservice load. The first security microservice further generates a timestamp and a load included in a response to the first channel data encapsulation packet.
18 Citations
20 Claims
-
1. A method performed by a security service comprising:
-
receiving, by a first security microservice, a first channel data encapsulation packet encapsulating a first encapsulation context and one or more data packets; performing a security service on the one or more data packets using the first encapsulation context; transmitting, by the first security microservice, a second channel data encapsulation packet comprising a request for security services to a second security microservice; receiving, by the first security microservice, a response from the second security microservice comprising a second security microservice context, a second security microservice timestamp, and a second security microservice load; generating, by the first security microservice, a timestamp and a load value representing, in either relative or absolute terms, the loading of the first and second microservices processing the encapsulated channel data; and transmitting, by the first security microservice, a response to the first channel data encapsulation packet, the response including the timestamp and the load value, wherein the first and second security microservices are implemented with computer-readable instructions stored in memory on a network security server, the memory coupled to one or more hardware processors executing the first and second security microservices. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A system comprising a memory and a processor, performing a security microservice, to:
-
receive a first channel data encapsulation packet encapsulating a first encapsulation context and one or more data packets; perform a security service on the one or more data packets using the first encapsulation context; transmit a second channel data encapsulation packet to a second security microservice, the second channel data encapsulation packet comprising a request for security services; receive a response from the second security microservice comprising a second security microservice context, a second security microservice timestamp, and a second security microservice load; generate a timestamp and a load value representing, in either relative or absolute terms, the loading of the first and second microservices processing the encapsulated channel data, and transmit a response to the first channel data encapsulation packet, the response to include the timestamp and the load value; and wherein the first and second security microservices are implemented with computer-readable instructions stored in memory on a network security server, the memory coupled to the processors executing the first and second security microservices. - View Dependent Claims (10, 11, 12, 13)
-
-
14. A non-transitory computer-readable medium containing computer-executable instructions to which a security service is to respond by:
-
receiving, by a first security microservice, a first channel data encapsulation packet encapsulating a first encapsulation context and one or more data packets; performing a security service on the one or more data packets using the first encapsulation context; transmitting by the first security microservice a second channel data encapsulation packet to a second security microservice, wherein the second channel data encapsulation packet comprises a request for security services; receiving by the first security microservice a response from the second security microservice comprising a second security microservice context, a second security microservice timestamp, and a second security microservice load; generating, by the first security microservice, a timestamp and a load value representing, in either relative or absolute terms, the loading of the first and second microservices processing the encapsulated channel data; and transmitting, by the first security microservice, a response to the first channel data encapsulation packet, the response including the timestamp and the load value, wherein the first and second security microservices are implemented with computer-readable instructions stored in memory on a network security server, the memory coupled to one or more hardware processors executing the first and second security microservices. - View Dependent Claims (15, 16, 17, 18, 19, 20)
-
Specification