IPsec connection to private networks
First Claim
1. A server hosting system comprising:
- a plurality of managed servers;
a first secure communication appliance configured to connect to a tenant appliance at a first tenant using an IPsec tunnel, the first secure communication appliance further configured to route data between a first managed server of the plurality of managed servers and the tenant appliance at the first tenant, the first managed server associated with the first tenant;
a second secure communication appliance configured to connect to a tenant appliance at a second tenant using an IPsec tunnel, the second secure communication appliance further configured to route data between a second managed server of the plurality of managed servers and the tenant appliance at the second tenant, the second managed server associated with the second tenant;
wherein the first secure communication appliance is configured to apply a first tag to data received from the tenant appliance at the first tenant identifying the first tenant, and wherein the second secure communication appliance is configured to apply a second tag to data received from the tenant appliance at the second tenant identifying the second tenant.
8 Assignments
0 Petitions
Accused Products
Abstract
A server hosting system and method of connecting to managed servers using IPsec are disclosed. The server hosting system includes a plurality of managed servers, and first and second secure communication appliances. The first secure communication appliance is configured to connect to a tenant appliance at a first tenant using an IPsec tunnel, and further configured to route data between a first managed server of the plurality of managed servers and the tenant appliance at the first tenant. The second secure communication appliance is configured to connect to a tenant appliance at a second tenant using an IPsec tunnel, and further configured to route data between a second managed server of the plurality of managed servers and the tenant appliance at the second tenant.
-
Citations
21 Claims
-
1. A server hosting system comprising:
-
a plurality of managed servers; a first secure communication appliance configured to connect to a tenant appliance at a first tenant using an IPsec tunnel, the first secure communication appliance further configured to route data between a first managed server of the plurality of managed servers and the tenant appliance at the first tenant, the first managed server associated with the first tenant; a second secure communication appliance configured to connect to a tenant appliance at a second tenant using an IPsec tunnel, the second secure communication appliance further configured to route data between a second managed server of the plurality of managed servers and the tenant appliance at the second tenant, the second managed server associated with the second tenant; wherein the first secure communication appliance is configured to apply a first tag to data received from the tenant appliance at the first tenant identifying the first tenant, and wherein the second secure communication appliance is configured to apply a second tag to data received from the tenant appliance at the second tenant identifying the second tenant. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A method of securing communications between a tenant and a server hosting system, the method comprising:
-
receiving data at a first secure communication appliance from a tenant appliance at a first tenant; applying a first tag to the data at the first secure communication appliance, the tag identifying the first tenant as the source of the data; forwarding the data including the first tag to a first managed server associated with the first tenant; receiving data at a second secure communication appliance from a tenant appliance at a second tenant separate from the first tenant; applying a second tag to the data at the first secure communication appliance, the tag identifying the second tenant as the source of the data; and forwarding the data including the second tag to a second managed server associated with the second tenant. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
-
-
21. A non-transitory computer storage medium comprising computer-executable instructions, which when executed on a computing device in a server hosting system cause the computing device to provide a first secure communication appliance configured to:
-
receive a request to access a managed server from a tenant appliance at a first tenant via an IPsec connection, the first managed server including at least one virtual machine; applying a tag to the data, the tag identifying a virtual secure gateway associated with a tenant; route the data including the tag to the managed server associated with the first tenant via a virtual local area network switch and the virtual secure gateway; receiving data at a second secure communication appliance from a tenant appliance at a second tenant separate from the first tenant; applying a second tag to the data at the first secure communication appliance, the tag identifying the second tenant as the source of the data; and forwarding the data including the second tag to a second managed server associated with the second tenant.
-
Specification