Securing management operations in a communication fabric
First Claim
1. An automated method of preventing an endnode in a communication fabric from receiving an unauthorized communication, comprising:
- establishing a first category of management communications to include;
a request from a manager node to an endnode; and
a reply from the manager node to a request from an endnode;
establishing a second category of management communications to include;
a reply from an endnode to a request from the manager node; and
a request from an endnode to the manager node; and
at a switching device coupled to a first endnode;
receiving from the communication fabric a management communication packet addressed to the first endnode;
determining whether the first endnode is a trusted endnode;
determining whether the management communication is a first category management communication; and
responsive to the first endnode not being a trusted endnode and the management communication not being a first category management communication, discarding the management communication.
2 Assignments
0 Petitions
Accused Products
Abstract
A system and method for preventing untrusted nodes from sending or receiving management communications. In an environment such as an InfiniBand communication fabric, a management packet (e.g., a packet traversing virtual lane 15) is one of four types: 1) Request from a manager node (e.g., Subnet Manager or SM) to an endnode; 2) Reply from an endnode to a request from the manager; 3) Request from an endnode to the manager; and 4) Reply from the manager to the endnode. Switches (and other routing devices) are configured to allow untrusted nodes to send management packets of types 2 and 3 only, and to receive management packets of types 1 and 4 only. Trusted nodes (e.g., manager nodes, switches) can send and receive all types. Each port of a switch or routing device has an associated indicator reflecting the level of trust afforded the node or switch coupled to the port.
-
Citations
28 Claims
-
1. An automated method of preventing an endnode in a communication fabric from receiving an unauthorized communication, comprising:
-
establishing a first category of management communications to include; a request from a manager node to an endnode; and a reply from the manager node to a request from an endnode; establishing a second category of management communications to include; a reply from an endnode to a request from the manager node; and a request from an endnode to the manager node; and at a switching device coupled to a first endnode; receiving from the communication fabric a management communication packet addressed to the first endnode; determining whether the first endnode is a trusted endnode; determining whether the management communication is a first category management communication; and responsive to the first endnode not being a trusted endnode and the management communication not being a first category management communication, discarding the management communication. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A computer readable storage medium for storing instructions that, when executed by a computer, cause the computer to perform a method of preventing an endnode in a communication fabric from receiving an unauthorized communication, comprising:
-
establishing a first category of management communications to include; a request from a manager node to an endnode; and a reply from the manager node to a request from an endnode; establishing a second category of management communications to include; a reply from an endnode to a request from the manager node; and a request from an endnode to the manager node; and at a switching device coupled to a first endnode; receiving from the communication fabric a management communication addressed to the first endnode; determining whether the first endnode is a trusted endnode; determining whether the management communication is a first category management communication; and responsive to the first endnode not being a trusted endnode and the management communication not being a first category management communication, discarding the management communication.
-
-
12. An automated method of preventing an endnode in a communication fabric from sending an unauthorized communication, comprising:
-
establishing a first category of management communications to include; a request from a manager node to an endnode; and a reply from the manager node to a request from an endnode; establishing a second category of management communications to include; a reply from an endnode to a request from the manager node; and a request from an endnode to the manager node; and at a switching device coupled to a first endnode; receiving from a first endnode a management communication addressed to a second endnode in the communication fabric; determining whether the first endnode is a trusted endnode; determining whether the management communication is a second category management communication; and responsive to the first endnode not being a trusted endnode and the management communication not being a second category management communication, discarding the management communication. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21)
-
-
22. A computer readable storage medium for storing instructions that, when executed by a computer, cause the computer to perform a method of preventing an endnode in a communication fabric from sending an unauthorized communication, comprising:
-
establishing a first category of management communications to include; a request from a manager node to an endnode; and a reply from the manager node to a request from an endnode; establishing a second category of management communications to include; a reply from an endnode to a request from the manager node; and a request from an endnode to the manager node; and at a switching device coupled to a first endnode; receiving from a first endnode a management communication addressed to a second endnode in the communication fabric; determining whether the first endnode is a trusted endnode; determining whether the management communication is a second category management communication based; and responsive to the first endnode not being a trusted endnode, discarding the management communication if the management communication is not a second category management communication.
-
-
23. An apparatus for preventing a node in a communication fabric from engaging in unauthorized communication, the apparatus comprising:
-
a switching device configured to route management communications through the communication fabric, wherein; a type one management communication comprises requests from a manager node to endnodes and replies from the manager node to requests from endnodes; and a type two management communication comprises replies from endnodes to requests from the manager node and requests from endnodes to the manager node; for each port of the switching device, an indicator configured to indicate whether an endnode coupled to the port is trusted; wherein a first management communication addressed to a first endnode coupled to a first port of the switching device is discarded responsive to the first endnode not being a trusted endnode and the first management communication not being a type one management communication; and wherein a second management communication received from the first endnode is discarded responsive to the first endnode not being a trusted endnode and the second management communication not being a type two management communication. - View Dependent Claims (24, 25, 26, 27, 28)
-
Specification