NETWORK ABSTRACTION AND ISOLATION LAYER FOR MASQUERADING MACHINE IDENTITY OF A COMPUTER
First Claim
1. A non-transitory computer-readable storage medium encoded with a virtual network abstraction and isolation layer which instructs a processor to masquerade the machine identity of a computer in a local network to enable the computer to communicate in the local network with a different machine identity, comprising:
- a first set of interface instructions, encoded on the computer-readable storage medium, which instructs the processor to configure a virtual isolated network interface for communicating with the computer;
a second set of interface instructions, encoded on the computer-readable storage medium, which instructs the processor to configure an abstraction network interface for communicating with a network device coupled to the local network; and
control instructions, encoded on the computer-readable storage medium, which instruct the processor to translate an IP address and a Media Access Control (MAC) address to a different IP address and a different MAC address, respectively, in a packet header of a communication packet transmitted between said virtual isolated and abstraction network interfaces, and to instruct the processor to translate at least one of a machine name and a system identifier to a different machine name and a different system identifier, respectively, in a packet payload of the communication packet.
26 Assignments
0 Petitions
Accused Products
Abstract
A network abstraction and isolation layer (NAIL) for masquerading the machine identity of a computer in a network to enable the computer to communicate in the network with a different machine identity including an isolated network interface for communicating with the computer, an abstraction network interface for communicating with a network device coupled to the network, and control instructions or device. The control instructions or device performs machine identity translation to masquerade machine identity of the computer relative to the network. Machine identity masquerading includes selectively translating any one or more of an IP address, a MAC address, a machine name, a system identifier, and a DNS Name in the header or payload of communication packets.
124 Citations
12 Claims
-
1. A non-transitory computer-readable storage medium encoded with a virtual network abstraction and isolation layer which instructs a processor to masquerade the machine identity of a computer in a local network to enable the computer to communicate in the local network with a different machine identity, comprising:
-
a first set of interface instructions, encoded on the computer-readable storage medium, which instructs the processor to configure a virtual isolated network interface for communicating with the computer; a second set of interface instructions, encoded on the computer-readable storage medium, which instructs the processor to configure an abstraction network interface for communicating with a network device coupled to the local network; and control instructions, encoded on the computer-readable storage medium, which instruct the processor to translate an IP address and a Media Access Control (MAC) address to a different IP address and a different MAC address, respectively, in a packet header of a communication packet transmitted between said virtual isolated and abstraction network interfaces, and to instruct the processor to translate at least one of a machine name and a system identifier to a different machine name and a different system identifier, respectively, in a packet payload of the communication packet. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A network abstraction and isolation layer (NAIL) apparatus for masquerading the machine identity of a computer in a local network to enable the computer to communicate in the local network with a different machine identity, comprising:
-
a physical isolated network interface port which is configured to communicate with the computer; a physical abstraction network interface port which is configured to communicate with a network device coupled to the local network; and a control device, coupled between said isolated and abstraction network ports, which is configured to perform machine identity translation to masquerade machine identity of the computer within the local network; wherein said control device is configured to translate an IP address and a Media Access Control (MAC) address to a different IP address and a different MAC address, respectively, in a packet header of a communication packet transmitted between said isolated and abstraction network ports, and wherein said control logic is further configured to translate at least one of a machine name and a system identifier to a different machine name and a different system identifier, respectively, in a packet payload of the communication packet. - View Dependent Claims (8, 9, 10, 11, 12)
-
Specification
-
- Resources
-
Current AssigneeQuest Software, Inc.
-
Original AssigneeSurgient, Inc. (Quest Software, Inc.)
-
InventorsMcCrory, Dave D., Johnson, Scott C.
-
Granted Patent
-
Time in Patent OfficeDays
-
Field of Search
-
US Class Current709/245
-
CPC Class CodesH04L 63/0407 wherein the identity of one...H04L 63/16 Implementing security featu...
