Network gateway services and extensions
First Claim
1. A computer-implemented method for implementing network-related services, comprising:
- establishing, by a computer system of a computing resource provider, a direct physical connection with at least one customer entity by which the computing resource provider is configured to provide the customer entity with access to at least one network, the direct physical connection comprising a communication link between the at least one customer entity and the computing resource provider;
receiving, by the computer system of the computing resource provider, over a second network connection, instructions from at least one third-party entity for implementing at least one network-related service to operate on network traffic received through at least one network gateway on behalf of a customer entity, the network gateway controlling access to the at least one network, the at least one third-party entity being a separate entity from the computing resource provider, the customer entity distinct from the third-party entity, the at least one network-related service including at least one of a distributed denial of service (DDoS) mitigation service, an unsolicited message control service, a data firewalling service, or a data encryption service;
providing an interface that enables the customer entity to select the at least one network-related service corresponding to the received instructions;
provisioning, by the computer system of the computing resource provider, the at least one network-related service in a separate virtual computer system instance that is accessible by the at least one customer entity via the direct physical connection; and
configuring the at least one network gateway to route the network traffic between the customer entity and a public communications network through the separate virtual computer system instance, the network traffic of the direct physical connection being subjected to the at least one network-related service, and the computing resource provider controlling network traffic over the direct physical connection such that the computer system is operable to adjust at least one capability relating to an operation of the at least one network gateway in response to a change to a demand of the at least one of the network gateway.
1 Assignment
0 Petitions
Accused Products
Abstract
A network gateway is implemented on behalf of a customer entity. The network gateway may be implemented using a distributed computer system and the network gateway may connect a network of the customer entity to a public communications network. The network gateway may include network-related services without the need for adding specialized hardware. The network gateway may be provisioned programmatically in response to instructions received from the customer entity. The network gateway may be provisionable and accessible over several different types of data connections. The network gateway, by virtue of being implemented on a distributed computer system, is scalable upon demand without additional input by the customer entity.
-
Citations
16 Claims
-
1. A computer-implemented method for implementing network-related services, comprising:
-
establishing, by a computer system of a computing resource provider, a direct physical connection with at least one customer entity by which the computing resource provider is configured to provide the customer entity with access to at least one network, the direct physical connection comprising a communication link between the at least one customer entity and the computing resource provider; receiving, by the computer system of the computing resource provider, over a second network connection, instructions from at least one third-party entity for implementing at least one network-related service to operate on network traffic received through at least one network gateway on behalf of a customer entity, the network gateway controlling access to the at least one network, the at least one third-party entity being a separate entity from the computing resource provider, the customer entity distinct from the third-party entity, the at least one network-related service including at least one of a distributed denial of service (DDoS) mitigation service, an unsolicited message control service, a data firewalling service, or a data encryption service; providing an interface that enables the customer entity to select the at least one network-related service corresponding to the received instructions; provisioning, by the computer system of the computing resource provider, the at least one network-related service in a separate virtual computer system instance that is accessible by the at least one customer entity via the direct physical connection; and configuring the at least one network gateway to route the network traffic between the customer entity and a public communications network through the separate virtual computer system instance, the network traffic of the direct physical connection being subjected to the at least one network-related service, and the computing resource provider controlling network traffic over the direct physical connection such that the computer system is operable to adjust at least one capability relating to an operation of the at least one network gateway in response to a change to a demand of the at least one of the network gateway. - View Dependent Claims (2, 3, 4, 15, 16)
-
-
5. A computer-implemented method for implementing network-related services, comprising:
-
establishing, by a computer system of a computing resource provider, a direct physical connection between computing resources of at least one customer entity and a computer system, the direct physical connection comprising a communication link between the computer system and the computing resources by which the computing resources are configured to provide the computer system with access to at least one network; receiving, by a computer system of a computing resource provider, instructions for implementing at least one network-related service provided by an entity external to the computing resource provider to operate on network traffic of the direct physical connection, the network traffic passing through one or more computing resources of the computing resource provider, the at least one network-related service including at least one of a distributed denial of service (DDoS) mitigation service, an unsolicited message control service, a data firewalling service, or a data encryption service; in response to a request of the at least one customer entity, configuring, using the computing resource provider, the one or more computer systems to implement the at least one network-related service to operate on the network traffic of the direct physical connection in accordance with the instructions, the at least one network-related service being implemented in an individual virtual computer system instance accessible via the direct physical connection; and modify at least one capability of the at least one network-related service in response to a change in demand of the at least one network-related service. - View Dependent Claims (6, 7)
-
-
8. A computer system for implementing network-related services, comprising:
-
one or more processors; and memory, including instructions executable by the one or more processors to cause the computer system to at least; establish, by a web service provider, a direct physical connection between computing resources of corresponding customer entities and the web service provider comprising a communication link between the customer entities and the computing resources by which the computing resources are configured to provide the customer entities with access to at least one network; receive, by the web service provider, service implementation data to implement corresponding network-related services to operate on network traffic of the direct physical connection, the network-related services provided by a third-party and the network traffic passing through one or more computing resources of the web service provider, the network-related service including at least one of a distributed denial of service (DDoS) mitigation service, an unsolicited message control service, a data firewalling service, or a data encryption service; in response to requests from the customer entities, implement, in a separate virtual computer system instance on the web service provider accessible via the direct physical connection, the corresponding network-related services to operate on the network traffic of the direct physical connection in accordance with the received service implementation data; and modify at least one capability of the network-related services in response to a change in demand of at least one of the customer entities, the network-related service, or the web service provider. - View Dependent Claims (9, 10)
-
-
11. One or more non-transitory computer-readable storage media having collectively stored thereon executable instructions that, when executed by one or more processors of a computer system, cause the computer system to at least:
-
establish a direct physical connection between at least one customer entity and the computer system by which the computer system is configured to provide the customer entity with access to at least one network, the direct physical connection comprising a communication link between the at least one customer entity and the computer system; establish a second network connection between the computer system and a public communications network; provide an interface that allows the at least one customer entity to specify a configuration of computing resources of a computing resource provider such that network traffic of the direct physical connection is subjected to the computing resources, the provided interface allowing selection of one or more network-related services to operate on at least a portion of the network traffic in accordance with instructions received from at least one external third-party for implementing at least one network-related service, the one or more network-related service including at least one of a distributed denial of service (DDoS) mitigation service, an unsolicited message control service, a data firewalling service, or a data encryption service; configure, in a separate virtual computer system of the computing resource provider accessible by the customer entity via the direct physical connection, a set of computing resources according to the specified configuration such that, when the customer entity selects one or more of the network-related services, the computing resources operate on the network traffic of the direct physical connection according to corresponding instructions received from a corresponding external third-party; and modify at least one capability related to at least one operation of at least one of the one or more network-related services in response to a change in demand of at least one of the customer entity, the one or more network-related services, or the computer system. - View Dependent Claims (12, 13, 14)
-
Specification