×

System and method for network virtualization and security using computer systems and software

  • US 9,531,670 B2
  • Filed: 05/13/2014
  • Issued: 12/27/2016
  • Est. Priority Date: 11/30/2009
  • Status: Active Grant
First Claim
Patent Images

1. A system for network security, comprising:

  • a protected network comprising at least one protected server, wherein the protected server is configured to provide at least one protected service; and

    a virtual network residing on an operating system within a singular machine, physical or otherwise, and configured to emulate a physical security zone network, the virtual network comprising one or more virtual servers;

    wherein each of the one or more virtual servers is configured to provide an isolated ghost service, the ghost service being separated from other isolated ghost services located in other virtual servers such that the ghost service does not directly share any resources with the other ghost services,wherein the ghost service is a partial copy of the at least one protected service, andwherein each of the one or more virtual servers is configured to provide the ghost service by;

    receiving a service request;

    running an inspection of the received service request;

    determining whether additional information from one or more of the other isolated ghost services or one or more of the at least one protected service is needed for execution of the service request;

    requesting additional information from one or more of the other isolated ghost services for the execution of the service request in response to determining that the additional information from the one or more of the other isolated ghost services is needed for execution of the service request;

    requesting additional information from one or more of the at least one protected service for the execution of the service request in response to determining that the additional information from the one or more of the at least one protected service is needed for execution of the service request;

    in response to the service request passing inspection, completing the execution of the service request based on the received service request, wherein the execution of the service request is further based on;

    (i) the additional information from the one or more of the other isolated ghost services in response to requesting the additional information from the one or more of the other isolated ghost services, and (ii) the additional information from the one or more of the at least one protected service in response to requesting the additional information from the one or more of the at least one protected service; and

    in response to detecting an error in the inspected service request, transmitting a response to the service request, the response being indicative of the detected error.

View all claims
  • 2 Assignments
Timeline View
Assignment View
    ×
    ×