Providing server security via a security sensor application shared by multiple operating system partitions
First Claim
1. In a computer server, a method comprising:
- in response to a hypervisor receiving input/output (I/O) data traffic;
sending said I/O data traffic to a security sensor application shared by a plurality of operating system (OS) partitions within said computer server, wherein said security sensor application is not included within the plurality of OS partitions, wherein the I/O data traffic is addressed to one of;
an external destination via routing by said computer server and one of said plurality of OS partitions within said computer server;
determining if said computer server is configured as a router;
in response to a determination that said I/O data traffic meets pre-defined security standards and said I/O data traffic is addressed to one of said plurality of OS partitions, sending said I/O data traffic to said one of said plurality of OS partitions;
in response to a determination that said I/O data traffic meets said pre-defined security standards and said computer server is configured as a router and said I/O data traffic is not addressed to one of said plurality of OS partitions, dynamically routing said I/O data traffic to the external destination in a network coupled to said computer server; and
in response to a determination that said computer server is not configured as a router and said I/O data traffic is not addressed to one of said plurality of OS partitions;
identifying the I/O data traffic as malicious,logging a routing error on the I/O data traffic, andpurging the I/O data traffic.
1 Assignment
0 Petitions
Accused Products
Abstract
When a hypervisor in a computer server receives input/output (I/O) data traffic, the hypervisor sends the I/O data traffic to a security sensor application shared by multiple operating system (OS) partitions. If the security sensor application indicates that the I/O data traffic meets pre-defined security standards in the security sensor application, and the I/O data traffic is addressed to one of the OS partitions in the computer server, the hypervisor sends the I/O data traffic to the applicable OS partition. If the I/O data traffic meets the pre-defined security standards, and the I/O data traffic is not addressed to one of the OS partitions, the hypervisor sends the I/O data traffic to an external destination in a network coupled to the computer server.
118 Citations
18 Claims
-
1. In a computer server, a method comprising:
in response to a hypervisor receiving input/output (I/O) data traffic; sending said I/O data traffic to a security sensor application shared by a plurality of operating system (OS) partitions within said computer server, wherein said security sensor application is not included within the plurality of OS partitions, wherein the I/O data traffic is addressed to one of;
an external destination via routing by said computer server and one of said plurality of OS partitions within said computer server;determining if said computer server is configured as a router; in response to a determination that said I/O data traffic meets pre-defined security standards and said I/O data traffic is addressed to one of said plurality of OS partitions, sending said I/O data traffic to said one of said plurality of OS partitions; in response to a determination that said I/O data traffic meets said pre-defined security standards and said computer server is configured as a router and said I/O data traffic is not addressed to one of said plurality of OS partitions, dynamically routing said I/O data traffic to the external destination in a network coupled to said computer server; and in response to a determination that said computer server is not configured as a router and said I/O data traffic is not addressed to one of said plurality of OS partitions; identifying the I/O data traffic as malicious, logging a routing error on the I/O data traffic, and purging the I/O data traffic. - View Dependent Claims (2, 3, 4, 5, 6)
-
7. A computer server system comprising:
-
a processor; an input/output (I/O) interface coupled to an external network; a memory coupled to said I/O data interface and said processor, wherein said memory is configured to store code that is configured to provide; a hypervisor; a plurality of operating system (OS) partitions; and a security sensor application shared by said plurality of OS partitions, wherein said security sensor application is not included within the plurality of OS partitions; and program instructions executing on the processor, said program instructions comprising instructions executable by said processor and configured for; the hypervisor sending said I/O data traffic to a security sensor application shared by the plurality of operating system (OS) partitions within said computer server, wherein the I/O data traffic is addressed to one of;
an external destination via routing by said computer server and one of said plurality of OS partitions within said computer server;determining if said computer server is configured as a router; in response to a determination that said I/O data traffic meets pre-defined security standards and said I/O data traffic is addressed to one of said plurality of OS partitions, sending said I/O data traffic to said one of said plurality of OS partitions; in response to a determination that said I/O data traffic meets said pre-defined security standards and said computer server is configured as a router and said I/O data traffic is not addressed to one of said plurality of OS partitions, dynamically routing said I/O data traffic to the external destination in a network coupled to said computer server; and in response to a determination that said computer server is not configured as a router and said I/O data traffic is not addressed to one of said plurality of OS partitions; identifying the I/O data traffic as malicious, logging a routing error on the I/O data traffic, and purging the I/O data traffic. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A computer program product comprising:
-
a non-transitory computer storage medium; and program code on said computer storage medium that that when executed provides the functions of; in response to a hypervisor of a computer server receiving input/output (I/O) data traffic; sending said I/O data traffic to a security sensor application that is shared by a plurality of operating system (OS) partitions of the computer server, wherein said security sensor application is not included within the plurality of OS partitions, wherein the I/O data traffic is addressed to one of;
an external destination via routing by said computer server and one of said plurality of OS partitions within said computer server;determining if said computer server is configured as a router; in response to a determination that said I/O data traffic meets pre-defined security standards and said I/O data traffic is addressed to one of said plurality of OS partitions, sending said I/O data traffic to said one of said plurality of OS partitions; in response to a determination that said I/O data traffic meets said pre-defined security standards and said computer server is configured as a router and said I/O data traffic is not addressed to one of said plurality of OS partitions, dynamically routing said I/O data traffic to the external destination in a network coupled to said computer server; and in response to a determination that said computer server is not configured as a router and said I/O data traffic is not addressed to one of said plurality of OS partitions; identifying the I/O data traffic as malicious, logging a routing error on the I/O data traffic, and purging the I/O data traffic. - View Dependent Claims (14, 15, 16, 17, 18)
-
Specification