METHODS AND SYSTEMS FOR SECURELY MANAGING VIRTUALIZATION PLATFORM
First Claim
1. A system, comprising a plurality of virtualization platforms and one or more management clients for said virtualization platforms, the virtualization platforms and the management clients being communicatively coupled to one another via a control layer logically disposed therebetween and configured to proxy virtualization management commands from the one or more management clients to said virtualization platforms, but only after successful authentication of users issuing said commands and privileges of those users as defined by access control information accessible to said control layer.
6 Assignments
0 Petitions
Accused Products
Abstract
Virtualization platforms and management clients therefor are communicatively coupled to one another via a control layer logically disposed therebetween. The control layer is configured to proxy virtualization management commands from the management clients to the virtualization platforms, but only after successful authentication of users (which may include automated agents and processes) issuing those commands and privileges of those users as defined by access control information accessible to the control layer. The control layer may be instantiated as an application running on a physical appliance logically interposed between the virtualization platforms and management clients, or a software package running on dedicated hardware logically interposed between the virtualization platforms and management clients, or as an application encapsulated in a virtual machine running on a compatible virtualization platform logically interposed between the virtualization platforms and management clients.
-
Citations
37 Claims
- 1. A system, comprising a plurality of virtualization platforms and one or more management clients for said virtualization platforms, the virtualization platforms and the management clients being communicatively coupled to one another via a control layer logically disposed therebetween and configured to proxy virtualization management commands from the one or more management clients to said virtualization platforms, but only after successful authentication of users issuing said commands and privileges of those users as defined by access control information accessible to said control layer.
- 21. A method of securely managing one or more virtualization platforms, comprising authenticating, at a control layer disposed between the one or more virtualization platforms and one or more management clients for said virtualization platforms and configured to proxy virtualization management commands from the one or more management clients to said virtualization platforms, users issuing said commands and privileges of those users as defined by access control information accessible to said control layer before permitting management access to said virtualization platforms.
Specification