Remotely configured network appliances and services
First Claim
1. A computer-implemented method for enabling access to one or more networks, comprising:
- establishing, by one or more computer systems configured with executable instructions, a network connection with at least one customer entity;
receiving, over the network connection, a provisioning request from the at least one customer entity to provision a network gateway;
provisioning, by the one or more computer systems, a virtual computer system instance as the network gateway to connect the at least one customer entity to a public network via the provisioned virtual computer system instance;
receiving, over the network connection, a service election request from the at least one customer entity to apply one or more network-related services to the network gateway the one or more network-related services performing at least one of monitoring, securing, filtering, or protecting data;
receiving, from the at least one customer entity, a request for a service of the one or more network-related services, the request including an identification of the service and a service provider of the service;
instantiating, on hardware under control of the one or more computer systems, an implementation of a virtual instance of the one or more network-related services within the virtual computer system instance in accordance with the service election request and executable code provided by the service provider, the virtual instance of the one or more network-related services extending at least one capability of the network gateway to a subset of network gateway traffic associated with the at least one customer entity; and
configuring the one or more computer systems in accordance with the service election request, such that the one or more computer systems is operable to adjust the at least one capability relating to an operation of the network gateway in response to a change to a demand of the network gateway, the at least one customer entity, or the one or more computer systems, the subset of network gateway traffic being determined based at least in part on the received service election request.
1 Assignment
0 Petitions
Accused Products
Abstract
A network gateway is implemented on behalf of a customer entity. The network gateway may be implemented using a distributed computer system and the network gateway may connect a network of the customer entity to a public communications network. The network gateway may include network-related services without the need for adding specialized hardware. The network gateway may be provisioned programmatically in response to instructions received from the customer entity. The network gateway may be provisionable and accessible over several different types of data connections. The network gateway, by virtue of being implemented on a distributed computer system, is scalable upon demand without additional input by the customer entity.
-
Citations
22 Claims
-
1. A computer-implemented method for enabling access to one or more networks, comprising:
-
establishing, by one or more computer systems configured with executable instructions, a network connection with at least one customer entity; receiving, over the network connection, a provisioning request from the at least one customer entity to provision a network gateway; provisioning, by the one or more computer systems, a virtual computer system instance as the network gateway to connect the at least one customer entity to a public network via the provisioned virtual computer system instance; receiving, over the network connection, a service election request from the at least one customer entity to apply one or more network-related services to the network gateway the one or more network-related services performing at least one of monitoring, securing, filtering, or protecting data; receiving, from the at least one customer entity, a request for a service of the one or more network-related services, the request including an identification of the service and a service provider of the service; instantiating, on hardware under control of the one or more computer systems, an implementation of a virtual instance of the one or more network-related services within the virtual computer system instance in accordance with the service election request and executable code provided by the service provider, the virtual instance of the one or more network-related services extending at least one capability of the network gateway to a subset of network gateway traffic associated with the at least one customer entity; and configuring the one or more computer systems in accordance with the service election request, such that the one or more computer systems is operable to adjust the at least one capability relating to an operation of the network gateway in response to a change to a demand of the network gateway, the at least one customer entity, or the one or more computer systems, the subset of network gateway traffic being determined based at least in part on the received service election request. - View Dependent Claims (2, 3, 4, 5, 21)
-
-
6. A computer-implemented method for enabling access to one or more networks, comprising:
-
receiving, by one or more computer systems configured with executable instructions, a provisioning request to provision a virtual computer system instance as a network gateway for at least one customer entity, the network gateway being configured to connect to a private network, and the customer entity being separate from the computing resource provider; and provisioning, by the one or more computer systems, the network gateway to connect the at least one customer entity to a public network via the provisioned virtual computer system instance; operating, on behalf of the at least one customer entity, the network gateway to serve as a public network access point for the at least one customer entity; receiving, by at least one of the one or more computer systems, a service election request from the at least one customer entity to apply one or more network-related services to the private network, the one or more network-related services performing at least one of monitoring, securing, filtering, or protecting data; and instantiating, on hardware under control of the one or more computer systems, an implementation of the one or more network-related services within the virtual computer system instance in accordance with the service election request such that at least one of the one or more network-related services extend at least one capability to network traffic of the private network, the network traffic of the private network being associated with the at least one customer entity, the one or more computer systems being operable to adjust at least one capability relating to an operation of the network gateway in response to a change in demand of at least one of the network gateway, the at least one customer entity, or the one or more computer systems. - View Dependent Claims (7, 8, 9, 22)
-
-
10. A computer system for enabling access to one or more networks, comprising:
-
one or more processors; and memory, including instructions executable by the one or more processors to cause the computer system to at least; instantiate virtual computer system instances to act as network gateways to a public communications network on behalf of customer entities that connect to the computer system through corresponding private customer entity networks; manage network traffic from the public communications network received through the virtual computer system instances in accordance with requirements specified by the corresponding customer entities, the corresponding customer entities capable of specifying at least one network-related service and a provider of the at least one network-related service, the at least one network-related services performing at least one of monitoring, securing, filtering, or protecting data; instantiate an implementation of the at least one network-related service within the virtual computer system instances in accordance with instructions provided by the provider of the at least one network-related service, the at least one network-related service extending at least one capability of the virtual computer system instances to a subset of network traffic of the private customer entity networks; and modify at least one capability relating to an operation of the virtual computer system instances in response to a change in demand of the virtual computer system instances. - View Dependent Claims (11, 12, 13, 14)
-
-
15. One or more non-transitory computer-readable storage media having collectively stored thereon executable instructions that, when executed by one or more processors of a computing resource provider'"'"'s computer system, cause the computer system to at least:
-
receive a provisioning request to provision a network gateway for at least one customer entity that is separate from the computing resource provider; instantiate a virtual computer system instance to act as the network gateway and connect the at least one customer entity to a public network, the at least one customer entity connecting to the computer system through a customer entity network; manage network traffic from the public network received through the virtual computer system instance in accordance with requirements specified by the customer entity; receive, by at least one of the computer system, a service election request from the at least one customer entity to apply the one or more network-related services to the virtual computer system instance, the received service election request identifying the at least one network-related service and a provider of the at least one network-related service, one or more network-related services performing at least one of monitoring, securing, filtering, or protecting data; instantiate an implementation of the at least one network-related service in accordance with instructions provided by the provider of the at least one network-related service, the at least one network-related service extending at least one capability of the virtual computer system instance to a subset of network traffic of the public network, the subset of network traffic associated with the at least one customer entity; and modify at least one capability relating to an operation of the virtual computer system instance in response to a change in demand of at least one of the virtual computer system instance, the at least one customer entity, the computing resource provider, or the computer system. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification