Firewall for a virtual network and related techniques
First Claim
Patent Images
1. A system comprising:
- a first server device executing a first virtual machine and connected to a physical network;
a second server device executing a second virtual machine and connected to the physical network, wherein the first and second virtual machines are connected to a same virtual network;
a first firewall module that functions as a firewall for the first virtual machine and a second firewall module that functions as a firewall for the second virtual machine, the firewall modules configured to filter network traffic received by the physical servers and addressed to the respective virtual servers;
wherein the first firewall module is executed by a core processor of the first virtual machine and the second firewall module is executed by a core processor of the second virtual machine;
wherein the first and second firewall modules each include a superset of the same firewall rules.
1 Assignment
0 Petitions
Accused Products
Abstract
A system for filtering traffic in virtual networks includes a first virtual machine executed by a first physical server connected to a physical network and a second virtual machine executed by a second physical server connected to the physical network. The first and second virtual machines are connected to a same virtual network. A first firewall module is executed by the first physical server and a second firewall module is executed by the second physical server. The firewall modules are configured to filter network traffic received by the physical servers and addressed to the virtual servers.
35 Citations
15 Claims
-
1. A system comprising:
-
a first server device executing a first virtual machine and connected to a physical network; a second server device executing a second virtual machine and connected to the physical network, wherein the first and second virtual machines are connected to a same virtual network; a first firewall module that functions as a firewall for the first virtual machine and a second firewall module that functions as a firewall for the second virtual machine, the firewall modules configured to filter network traffic received by the physical servers and addressed to the respective virtual servers; wherein the first firewall module is executed by a core processor of the first virtual machine and the second firewall module is executed by a core processor of the second virtual machine; wherein the first and second firewall modules each include a superset of the same firewall rules. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method comprising:
-
executing, by a first server device connected to a physical network, a first virtual machine; executing, by a second server device connected to the physical network, a second virtual machine, wherein the first and second virtual machines are connected to a same virtual network; executing a first firewall module to function as a firewall for the first virtual machine and a second firewall module to function as a firewall module for the second virtual machine, the firewall modules configured to filter network traffic received by the physical servers and addressed to the virtual machines; wherein the first firewall module is executed by a core processor of the first virtual machine and the second firewall module is executed by a core processor of the second virtual machine wherein the first and second firewall modules each include a superset of the same firewall rules. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A system comprising:
-
a physical server connected to a physical network and executing a virtual machine connected to a virtual network; a firewall module executed by the virtual machine and configured to function as a firewall for the first virtual machine and to filter network traffic received by the physical server and addressed to the virtual server; wherein the firewall module includes a superset of firewall rules shared by other firewalls operating on the physical and/or virtual network.
-
Specification