×

ISOLATION AND SECURITY HARDENING AMONG WORKLOADS IN A MULTI-TENANT NETWORKED ENVIRONMENT

  • US 20130347095A1
  • Filed: 06/25/2012
  • Published: 12/26/2013
  • Est. Priority Date: 06/25/2012
  • Status: Active Grant
First Claim
Patent Images

1. A method for enhanced isolation and security hardening between workloads in a multi-tenant networked environment, said method comprising:

  • a querying networked entity generating and transmitting a broadcast or multicast query, wherein said broadcast or multicast query requests a media-access control address of a target networked entity, wherein said querying networked entity comprises a first processor of a first computer system or a first virtual machine running on a first processor of a first computer system, and wherein said target networked entity comprises a second virtual machine running on said first processor, a second processor of a second computer system, a second virtual machine running on a second processor of a second computer system, or a networked device;

    a virtual-machine agent running on said first processor receiving said broadcast or multicast query, translating said broadcast or multicast query into a unicast query, and sending said unicast query to a switch running on said first processor, wherein said switch comprises a virtual switch or a software firewall;

    said switch receiving and dropping said broadcast or multicast query, receiving and verifying said unicast query, and directly or indirectly forwarding said verified unicast query to a redirection device;

    said switch directly or indirectly receiving a response from said redirection device, wherein said response identifies a media-access control address that enables communication with said target networked entity;

    said switch verifying said response and forwarding said verified response to said querying networked entity.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×