Methods, systems and computer program products for providing data from network secure communications in a cluster computing environment
First Claim
1. A method for providing secure communications over a network in a distributed workload environment having target hosts which are accessed through a distribution processor by a common network address, the method comprising the steps of:
- routing both inbound and outbound communications with target hosts which are associated with a secure network communication through the distribution processor; and
processing both inbound and outbound secure network communications at the distribution processor so as to provide network security processing of communications from the target host and network security processing of communications to the target host.
1 Assignment
0 Petitions
Accused Products
Abstract
Methods, systems and computer program products provide secure communications over a network in a distributed workload environment having target hosts which are accessed through a distribution processor by a common network address. Secure communications are provided by routing both inbound and outbound communications with target hosts which are associated with a secure network communication through the distribution processor. Both inbound and outbound secure network communications are processed at the distribution processor so as to provide network security processing of communications from the target host and network security processing of communications to the target host.
-
Citations
57 Claims
-
1. A method for providing secure communications over a network in a distributed workload environment having target hosts which are accessed through a distribution processor by a common network address, the method comprising the steps of:
-
routing both inbound and outbound communications with target hosts which are associated with a secure network communication through the distribution processor; and
processing both inbound and outbound secure network communications at the distribution processor so as to provide network security processing of communications from the target host and network security processing of communications to the target host. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method providing Internet Protocol Security (IPSec) communications from a network to a plurality of application instances executing on a cluster of data processing systems utilizing virtual Internet Protocol Address (VIPA) Distributor to provide a routing communication protocol stack which distributes connections to at least one dynamically routable VIPA (DVIPA) to a plurality of target communication protocol stacks, the method comprising the steps of:
-
receiving inbound IPSec communications to the DVIPA from the network at the routing communication protocol stack;
performing IPSec processing of the received inbound IPSec communications at the routing communication protocol stack to provide non-IPSec communications to a first target communication protocol stack associated with the received inbound IPSec communications;
receiving outbound non-IPSec communications associated with the DVIPA from a second target communication protocol stack at the routing communication protocol stack; and
performing IPSec processing on the received outbound non-IPSec communications at the routing communication protocol stack to provide outbound IPSec communications to the network corresponding to the received outbound non-IPSec communications. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18, 19, 31)
-
-
20. A system for providing secure communications over a network in a distributed workload environment having target hosts which are accessed through a distribution processor by a common network address, comprising:
-
means for routing both inbound and outbound communications with target hosts which are associated with a secure network communication through the distribution processor; and
means for processing both inbound and outbound secure network communications at the distribution processor so as to provide network security processing of communications from the target host and network security processing of communications to the target host. - View Dependent Claims (21, 22, 23, 24, 25, 26, 27, 28, 30, 32, 33, 34, 35, 36, 37, 38, 40, 41, 42, 43, 44, 45, 46, 47, 49, 50, 51, 52, 53, 54, 55, 56, 57)
-
-
29. A system providing Internet Protocol Security (IPSec) communications from a network to a plurality of application instances executing on a cluster of data processing systems utilizing virtual Internet Protocol Address (VIPA) Distributor to provide a routing communication protocol stack which distributes connections to at least one dynamically routable VIPA (DVIPA) to a plurality of target communication protocol stacks, comprising:
-
means for receiving inbound IPSec communications to the DVIPA from the network at the routing communication protocol stack;
means for performing IPSec processing of the received inbound IPSec communications at the routing communication protocol stack to provide non-IPSec communications to a first target communication protocol stack associated with the received inbound IPSec communications;
means for receiving outbound non-IPSec communications from a second target communication protocol stack at the routing communication protocol stack; and
means for performing IPSec processing on the received outbound non-IPSec communications at the routing communication protocol stack to provide outbound IPSec communications to the network corresponding to the received outbound non-IPSec communications.
-
-
39. A computer program product for providing secure communications over a network in a distributed workload environment having target hosts which are accessed through a distribution processor by a common network address, comprising:
-
a computer readable medium having computer readable program code embodied therein, the computer readable program code comprising;
computer readable program code which routes both inbound and outbound communications with target hosts which are associated with a secure network communication through the distribution processor; and
computer readable program code which processes both inbound and outbound secure network communications at the distribution processor so as to provide network security processing of communications from the target host and network security processing of communications to the target host.
-
-
48. A computer program product for providing Internet Protocol Security (IPSec) communications from a network to a plurality of application instances executing on a cluster of data processing systems utilizing virtual Internet Protocol Address (VIPA) Distributor to provide a routing communication protocol stack which distributes connections to at least one dynamically routable VIPA (DVIPA) to a plurality of target communication protocol stacks, the method comprising:
-
a computer readable medium having computer readable program code embodied therein, the computer readable program code comprising;
computer readable program code which receives inbound IPSec communications to the DVIPA from the network at the routing communication protocol stack;
computer readable program code which performs IPSec processing of the received inbound IPSec communications at the routing communication protocol stack to provide non-IPSec communications to a first target communication protocol stack associated with the received inbound IPSec communications;
computer readable program code which receives outbound non-IPSec communications from a second target communication protocol stack at the routing communication protocol stack; and
computer readable program code which performs IPSec processing on the received outbound non-IPSec communications at the routing communication protocol stack to provide outbound IPSec communications to the network corresponding to the received outbound non-IPSec communications.
-
Specification