HYBRID CLOUD NETWORK MONITORING SYSTEM FOR TENANT USE
First Claim
1. A method for monitoring network traffic in a cloud computing system, the method comprising:
- receiving a request to capture network traffic of a tenant port of a first virtual machine (VM) executing in the cloud computing system, wherein the first VM is associated with a first tenant organization different from a second organization managing the cloud computing system;
instantiating a decapsulating VM having a first network interface and a second network interface, wherein the decapsulating VM is inaccessible to the first tenant organization;
establishing an encapsulated port mirroring session from the tenant port of the first VM to the first network interface of the decapsulating VM;
decapsulating, by execution of the decapsulating VM, a plurality of packets comprising captured network traffic received via the encapsulated port mirroring session; and
forwarding the captured network traffic via the second network interface of the decapsulating VM to a sniffer VM.
2 Assignments
0 Petitions
Accused Products
Abstract
Network traffic in a cloud computing system is monitored in response to a request to capture network traffic of a tenant port of a first virtual machine (VM) executing in the cloud computing system, wherein the first VM is associated with a first tenant organization different from a second organization managing the cloud computing system. A decapsulating VM having a first network interface and a second network interface is instantiated, wherein the decapsulating VM is inaccessible to the first tenant organization. An encapsulated port mirroring session from the tenant port of the first VM to the first network interface of the decapsulating VM is then established. A plurality of packets comprising captured network traffic received via the encapsulated port mirroring session are decapsulated, and the captured network traffic is forwarded via the second network interface of the decapsulating VM to a sniffer VM.
-
Citations
20 Claims
-
1. A method for monitoring network traffic in a cloud computing system, the method comprising:
-
receiving a request to capture network traffic of a tenant port of a first virtual machine (VM) executing in the cloud computing system, wherein the first VM is associated with a first tenant organization different from a second organization managing the cloud computing system; instantiating a decapsulating VM having a first network interface and a second network interface, wherein the decapsulating VM is inaccessible to the first tenant organization; establishing an encapsulated port mirroring session from the tenant port of the first VM to the first network interface of the decapsulating VM; decapsulating, by execution of the decapsulating VM, a plurality of packets comprising captured network traffic received via the encapsulated port mirroring session; and forwarding the captured network traffic via the second network interface of the decapsulating VM to a sniffer VM. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A non-transitory computer-readable medium comprising instructions executable by a host computer in a cloud computing system, where the instructions, when executed, cause the host computer to carry out a method for monitoring network traffic in the cloud computing system, the method comprising:
-
receiving a request to capture network traffic of a tenant port of a first virtual machine (VM) executing in the cloud computing system, wherein the first VM is associated with a first tenant organization different from a second organization managing the cloud computing system; instantiating a decapsulating VM having a first network interface and a second network interface, wherein the decapsulating VM is inaccessible to the first tenant organization; establishing an encapsulated port mirroring session from the tenant port of the first VM to the first network interface of the decapsulating VM; decapsulating, by execution of the decapsulating VM, a plurality of packets comprising captured network traffic received via the encapsulated port mirroring session; and forwarding the captured network traffic via the second network interface of the decapsulating VM to a sniffer VM. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A cloud computing system, comprising:
-
a plurality of host computers, each of which is configured to execute one or more virtual machines (VMs) therein; and a management server configured to manage resources of the cloud computing system, wherein the plurality of host computers and the management server are programmed to carry out a method for monitoring network traffic in the cloud computing system, the method comprising; receiving a request to capture network traffic of a tenant port of a first VM executing in the cloud computing system, wherein the first VM is associated with a first tenant organization different from a second organization managing the cloud computing system; instantiating a decapsulating VM having a first network interface and a second network interface, wherein the decapsulating VM is inaccessible to the first tenant organization; establishing an encapsulated port mirroring session from the tenant port of the first VM to the first network interface of the decapsulating VM; decapsulating, by execution of the decapsulating VM, a plurality of packets comprising captured network traffic received via the encapsulated port mirroring session; and forwarding the captured network traffic via the second network interface of the decapsulating VM to a sniffer VM. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification