×

Combined firewalls

  • US 8,146,147 B2
  • Filed: 01/05/2009
  • Issued: 03/27/2012
  • Est. Priority Date: 03/27/2008
  • Status: Active Grant
First Claim
Patent Images

1. For a system that hosts a plurality of virtual machines on a plurality of host nodes, a method of providing a firewall to protect a set of virtual machines on a first host node, the method comprising:

  • a) storing a connection table of records of allowed connections for each virtual machine of said set of virtual machines, wherein each record in the connection table comprises;

    a first IP address of a source of a connection, a second IP address of a destination of the connection, a source port address;

    a destination port address, and a protocol of the connection; and

    b) upon a particular virtual machine moving from the first host node to a second host node;

    i) deleting records of a first set of allowed connections that each identify the particular virtual machine and do not identify any other virtual machine in the set of virtual machines; and

    ii) editing records of a second set of allowed connections, each identifying the particular machine and one other virtual machine in the set of virtual machines on the first host node, to remove an identifier of the particular virtual machine.

View all claims
  • 2 Assignments
Timeline View
Assignment View
    ×
    ×