System and method for data center security enhancements leveraging server SOCs or server fabrics
First Claim
Patent Images
1. A server system-on-a-chip device comprising:
- a management processor configured to transmit one or more frames;
a routing header unit connected to the management processor, wherein the routing header unit is configured to set a management domain bit in a routing header of the one or more frames, and wherein the management domain bit comprises an identifier that indicates a particular network domain for which the routing header unit belongs and indicates access to a management domain; and
a fabric switch connected to the routing header unit and to a plurality of external ports, wherein the fabric switch is configured to perform packet processing based, at least in part, on the management domain bit.
1 Assignment
0 Petitions
Accused Products
Abstract
A data center security system and method are provided that leverage server systems on a chip (SOCs) and/or server fabrics. In more detail, server interconnect fabrics may be leveraged and extended to dramatically improve security within a data center.
-
Citations
20 Claims
-
1. A server system-on-a-chip device comprising:
-
a management processor configured to transmit one or more frames; a routing header unit connected to the management processor, wherein the routing header unit is configured to set a management domain bit in a routing header of the one or more frames, and wherein the management domain bit comprises an identifier that indicates a particular network domain for which the routing header unit belongs and indicates access to a management domain; and a fabric switch connected to the routing header unit and to a plurality of external ports, wherein the fabric switch is configured to perform packet processing based, at least in part, on the management domain bit. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method comprising:
-
interconnecting a plurality of nodes with a plurality of links to form a server fabric, wherein each of the plurality of nodes includes; a management processor configured to transmit data packets; a routing header unit connected to the management processor, wherein the routing header unit is configured to set a management domain bit in a routing header for the data packets, and wherein the management domain bit comprises an identifier that indicates a particular network domain for which the routing header unit belongs and indicates access to a management domain; and a fabric switch connected to the routing header unit and to a plurality of external ports, wherein the fabric switch is configured to perform packet processing based, at least in part, on the management domain bit; generating data packets at a media access control (MAC) unit associated with the management processor; and routing, by the fabric switch, the data packets in the server fabric based, at least in part, on the management domain identifier. - View Dependent Claims (12, 13, 14, 15, 16, 17)
-
-
18. A system comprising:
-
a plurality of nodes, wherein each node in the plurality of nodes includes; a management processor configured to transmit one or more frames; a routing header unit connected to the management processor, wherein the routing header unit is configured to set a management domain bit in a routing header of the one or more frames, and wherein the management domain bit comprises an identifier that indicates a particular network domain for which the routing header unit belongs and indicates access to a management domain; and a fabric switch connected to the routing header unit and to a plurality of external ports, wherein the fabric switch is configured to perform packet processing based, at least in part, on the management domain bit; and a plurality of links that interconnect the plurality of nodes to form a server fabric. - View Dependent Claims (19, 20)
-
Specification