Flexibly configurable remote network identities
First Claim
1. A computer-implemented method, comprising:
- establishing, by one or more computer systems, a network connection with at least one customer device associated with a customer that is located in a separate facility from the one or more computer systems, the at least one customer device having connectivity with at least one host via the network connection;
assigning one or more virtual machines to a virtual network for the at least one customer device, the virtual network overlaid on a substrate network operated by a service provider;
providing, to a first customer device and over the network connection, at least one Internet Protocol (IP) address representing the first customer device to serve as an identifier for use over a public network by the first customer device;
receiving, through an application programming interface (API), a remapping request from a second customer device, the remapping request identifying at least one of the one or more virtual machines;
assigning, to the first customer device, the specified virtual machine of the one or more virtual machines identified in the received remapping request;
reassigning the identifier of the first customer device to the specified virtual machine within the virtual network, the reassigning used to cause network traffic addressed to the IP address representing the first customer device to be sent to the specified virtual machine;
processing, at the specified virtual machine, the network traffic using one or more network-related services comprising at least one network-related service configured to manage network traffic for the at least one host represented by the identifier; and
forwarding at least a portion of the processed network traffic from the specified virtual machine to the first customer device via the network connection.
1 Assignment
0 Petitions
Accused Products
Abstract
A network gateway is implemented on behalf of a customer entity. The network gateway may be implemented using a distributed computer system and the network gateway may connect a network of the customer entity to a public communications network. The network gateway may include network-related services without the need for adding specialized hardware. The network gateway may be provisioned programmatically in response to instructions received from the customer entity. The network gateway may be provisionable and accessible over several different types of data connections. The network gateway, by virtue of being implemented on a distributed computer system, is scalable upon demand without additional input by the customer entity.
-
Citations
25 Claims
-
1. A computer-implemented method, comprising:
-
establishing, by one or more computer systems, a network connection with at least one customer device associated with a customer that is located in a separate facility from the one or more computer systems, the at least one customer device having connectivity with at least one host via the network connection; assigning one or more virtual machines to a virtual network for the at least one customer device, the virtual network overlaid on a substrate network operated by a service provider; providing, to a first customer device and over the network connection, at least one Internet Protocol (IP) address representing the first customer device to serve as an identifier for use over a public network by the first customer device; receiving, through an application programming interface (API), a remapping request from a second customer device, the remapping request identifying at least one of the one or more virtual machines; assigning, to the first customer device, the specified virtual machine of the one or more virtual machines identified in the received remapping request; reassigning the identifier of the first customer device to the specified virtual machine within the virtual network, the reassigning used to cause network traffic addressed to the IP address representing the first customer device to be sent to the specified virtual machine; processing, at the specified virtual machine, the network traffic using one or more network-related services comprising at least one network-related service configured to manage network traffic for the at least one host represented by the identifier; and forwarding at least a portion of the processed network traffic from the specified virtual machine to the first customer device via the network connection. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A computer-implemented method, comprising:
-
establishing, by one or more computer systems, a network connection with at least one customer device associated with a customer that is separate from the one or more computer systems, the at least one customer device including at least one networked device via the network connection; providing, to a first customer device of the at least one customer device, at least one network identity to serve as an identifier of the first customer device for use on a public network with which the one or more computer systems are in communication; receiving, through an application programming interface (API), a remapping request from a second customer device of the at least one customer device, the remapping request identifying one or more virtual machines specified by the customer; upon receipt of the remapping request, remapping the identifier of the first customer device to the one or more specified virtual machines within a virtual network, the remapping causing traffic addressed to the identifier representing the first customer device to be sent to at least one of the one or more virtual machines; and applying one or more network-related services, using at least one device of the one or more computer systems, to the traffic addressed to the identifier to generate processed network traffic; forwarding the processed network traffic to the first networked device represented by the at least one networked identity via the established network connection. - View Dependent Claims (9, 10, 11, 12, 13)
-
-
14. A computer system, comprising:
-
one or more processors; and memory, including instructions executable by the one or more processors to cause the computer system to at least; provide, on a public communications network, network identities on behalf of customer devices that are; separate from the computer system; and connected to the computer system through at least one customer network; for the customer devices associated with the network identities, manage network traffic from the public communications network and the at least one customer network in accordance with requirements specified for corresponding customer devices associated with the network identities, the network identities representing virtual machines assigned to the customer devices; and upon receiving programmatic remapping requests from other customer devices, remap the network identities on the public communication network to different customer devices on the at least one customer network based at least in part on device remapping information included in the remapping request such that network traffic addressed to the different customer devices is routed to the virtual machines at the network identities, wherein the virtual machines are configured to apply the specified requirements to the network traffic and reroute the network traffic to the different customer devices via the at least one customer network. - View Dependent Claims (15, 16, 17, 18, 19)
-
-
20. One or more non-transitory computer-readable storage media having collectively stored thereon executable instructions that, when executed by one or more processors of a computing resource provider'"'"'s computer system, cause the computer system to at least:
-
associate, to customer devices that are separate from the computer system, network identities that identify one or more virtual machines on a virtual network corresponding to customer devices on a public network; manage, for customer devices identified by the network identities, network traffic from a public network and from the virtual network in accordance with requirements specified for the customer devices, the network traffic managed such that network traffic between public network and the customer devices is routed through the one or more virtual machines; and upon receiving programmatic remapping requests from other customer devices, reassociating the network identities that identify the one or more virtual machines on the virtual network to different customer devices on the public network based at least in part on device remapping information included in the remapping request. - View Dependent Claims (21, 22, 23, 24, 25)
-
Specification