Hosting a server application on multiple network tiers
First Claim
1. A method comprising:
- hosting a server application on a plurality of servers, the plurality of servers including an application server deployed in a secure tier of an enterprise network and an edge server deployed in an edge tier of the enterprise network, a first firewall isolating the secure tier from the edge tier and from a public network and a second firewall isolating the edge tier from the public network,wherein the edge server is configured to;
(a) receive requests for services provided by the server application, the requests sent by at least one client device through the public network and authenticated by the second firewall, (b) perform a first subset of the services by executing application logic of the server application stored on the edge server, and (c) relay a subset of the requests to the application server, andwherein the application server is configured to;
(a) receive the relayed subset of requests, the relayed subset of requests authenticated by the first firewall, and (b) perform a second subset of the services in response to the relayed subset of requests by executing application logic of the server application stored on the application server;
identifying latency tolerances for each of the first subset of services and for each of the second subset of services;
configuring the edge server to perform the first subset of the services based at least in part on the latency tolerances identified for the first subset of services; and
configuring the application server to perform the second subset of the services based at least in part on the latency tolerances identified for the second subset of services.
2 Assignments
0 Petitions
Accused Products
Abstract
Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for allocating server application logic across multiple tiers of a server system are described. In one aspect, a method includes hosting a server application on multiple servers. The servers include an application server deployed in a secure tier of an enterprise network and an edge server deployed in an edge tier of the enterprise network. A primary firewall isolates the secure tier from the edge tier and from a public network. A secondary firewall isolates the edge tier from the public network. The edge server is configured to receive requests for services provided by the server application, to perform a first subset of the services, and to relay a subset of the requests to the application server. The requests received by the edge server are sent from at least one client device through the public network and authenticated by the secondary firewall. The application server is configured to receive the relayed subset of requests and perform a second subset of the services in response to the relayed subset of requests. The relayed subset of requests received by the application server are authenticated by the primary firewall.
42 Citations
22 Claims
-
1. A method comprising:
-
hosting a server application on a plurality of servers, the plurality of servers including an application server deployed in a secure tier of an enterprise network and an edge server deployed in an edge tier of the enterprise network, a first firewall isolating the secure tier from the edge tier and from a public network and a second firewall isolating the edge tier from the public network, wherein the edge server is configured to;
(a) receive requests for services provided by the server application, the requests sent by at least one client device through the public network and authenticated by the second firewall, (b) perform a first subset of the services by executing application logic of the server application stored on the edge server, and (c) relay a subset of the requests to the application server, andwherein the application server is configured to;
(a) receive the relayed subset of requests, the relayed subset of requests authenticated by the first firewall, and (b) perform a second subset of the services in response to the relayed subset of requests by executing application logic of the server application stored on the application server;identifying latency tolerances for each of the first subset of services and for each of the second subset of services; configuring the edge server to perform the first subset of the services based at least in part on the latency tolerances identified for the first subset of services; and configuring the application server to perform the second subset of the services based at least in part on the latency tolerances identified for the second subset of services. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A computer storage medium encoded with a computer program, the program comprising instructions that when executed by a data processing apparatus cause the data processing apparatus to perform the following actions:
-
receiving a first request for a first service of a server application, the first request sent by a client device through a public data network and authenticated by a second firewall prior to receipt by an edge server system having a first configuration, the edge server system isolated from the public data network by the second firewall; performing the first service of the server application at the edge server system in response to the first request, wherein the edge server system is configured to perform the first service at least partially based on an identification of a latency tolerance associated with the first service; sending a first response to the client, the first response including an identification of a first result of performing the first service; receiving a second request for a second service of the server application, the second request sent by a client device through the public data network and authenticated by the second firewall prior to receipt by the edge server system; sending a third request for the second service of the server application from the edge server system through a first firewall to an application server system having a second configuration, the application server system isolated from the edge server system and from the public data network by the first firewall; performing the second service of the server application at the application server system in response to the third request, wherein the application server system is configured to perform the second service at least partially based on an identification of a latency tolerance associated with the second service; receiving at the edge server system a second response from the application server system in response to the third request, the second response comprising an identification of a second result of performing the second service of the server application system at the application server system; and sending a third response to the client, the third response comprising an identification of the second result. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
-
-
18. An enterprise network system comprising:
-
an edge server deployed in a first tier of an enterprise data network and isolated from a public data network by a second firewall, the edge server configured to; receive a plurality of requests for a corresponding plurality of services provided by a server application hosted on the enterprise network system, the plurality of requests sent by at least one client device through the public network and authenticated by the second firewall; identify a first subset of the plurality of services based on latency tolerances associated with the first subset of the plurality of services; identify a second subset of the plurality of services based on latency tolerances associated with the second subset of the plurality of services; perform the first subset of services; and relay a subset of requests corresponding to the second subset of the plurality of services to the application server; and an application server deployed in a second tier of the enterprise network and isolated from the public network and from the first tier by a first firewall, the application server configured to; receive the relayed subset of requests, the relayed subset of requests authenticated by the first firewall; and perform the second subset of services in response to the subset of requests. - View Dependent Claims (19, 20, 21, 22)
-
Specification