Systems and Methods for Providing Network Access Control in Virtual Environments
First Claim
1. A computer-implemented method for providing network access control in virtual environments, at least a portion of the method being performed by a computing device comprising at least one processor, the method comprising:
- injecting a transient security agent into a virtual machine that is running on a host machine;
receiving, from the transient security agent, an indication of whether the virtual machine complies with one or more network access control policies;
controlling network access of the virtual machine based on the indication of whether the virtual machine complies with the one or more network access control policies.
2 Assignments
0 Petitions
Accused Products
Abstract
A computer-implemented method for providing network access control in virtual environments. The method may include: 1) injecting a transient security agent into a virtual machine that is running on a host machine; 2) receiving, from the transient security agent, an indication of whether the virtual machine complies with one or more network access control policies; and 3) controlling network access of the virtual machine based on the indication of whether the virtual machine complies with the one or more network access control policies. Various other methods, systems, and computer-readable media are also disclosed herein.
-
Citations
20 Claims
-
1. A computer-implemented method for providing network access control in virtual environments, at least a portion of the method being performed by a computing device comprising at least one processor, the method comprising:
-
injecting a transient security agent into a virtual machine that is running on a host machine; receiving, from the transient security agent, an indication of whether the virtual machine complies with one or more network access control policies; controlling network access of the virtual machine based on the indication of whether the virtual machine complies with the one or more network access control policies. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A computer-implemented method for providing network access control in virtual environments, at least a portion of the method being performed by a computing device comprising at least one processor, the method comprising:
-
providing a security agent in a virtual machine that is running on a host machine; providing a network communication filter that resides on the host machine but is external to the virtual machine; receiving, at an access-control module that controls the network communication filter, an indication of whether the virtual machine complies with one or more network access control policies, the indication being sent from the security agent to the access control module via an inter-process communication; using the network communication filter to control network access of the virtual machine based on the indication of whether the virtual machine complies with the one or more network access control policies. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
-
17. A computer-implemented method for providing network access control in virtual environments, at least a portion of the method being performed by a computing device comprising at least one processor, the method comprising:
-
identifying a virtual machine running on a host machine; providing a network communication filter that resides on the host machine and is external to the virtual machine; inspecting, using a process executing on the host machine and external to the virtual machine, one or more resources of the virtual machine to determine whether the virtual machine complies with one or more network access control policies; receiving, at an access control module that controls the network communication filter, an indication of whether the virtual machine complies with the one or more network access control policies; using the network communication filter to control network access of the virtual machine based on the indication of whether the virtual machine complies with the one or more network access control policies. - View Dependent Claims (18, 19, 20)
-
Specification