Methods and apparatus to provide network traffic support and physical security support
First Claim
Patent Images
1. A method to provide network traffic support and physical security support comprising:
- initializing a plurality of virtual machines, wherein each of the plurality of virtual machines operates like a complete physical machine that can run its own operating system;
initializing a virtual machine monitor in a processor system during a pre-boot phase, wherein the virtual machine monitor is configured to manage the operation of the plurality of virtual machines;
identifying at least one of a network traffic intrusion event and a physical security intrusion event with the virtual machine monitor,wherein identifying the network traffic intrusion event includes;
detecting an incoming network packet;
determining whether the incoming network packet is attempting to access a restricted port;
discarding the network packet if the network packet is attempting to access a restricted port;
performing packet level virus scanning on the network packet to determine if the network packet is associated with a virus;
discarding the network packet if the network packet if the network packet is associated with a virus;
determining whether the incoming network packet is a denial of service attack;
discarding the incoming network packet if the incoming network packet is a denial of service attack;
determining whether the incoming network packet is an alert standard format packet; and
invoking a system manageability agent and performing a task if the incoming network packet is an alert standard format packet; and
wherein identifying the physical security intrusion event includes;
detecting a physical intrusion;
determining whether a user has authorization to initiate the physical intrusion;
determining which components of the processor system are vulnerable to the physical intrusion; and
disabling the components of the processor system that are vulnerable to the physical intrusion if the user does not have authorization to initiate the physical intrusion.
1 Assignment
0 Petitions
Accused Products
Abstract
Methods and apparatus to provide network traffic support and physical security support are described herein. In an example method, a virtual machine monitor (VMM) in a processor system is initialized. At least one of a network traffic intrusion event and a physical security intrusion event is identified by the VMM. At least one of a network traffic support and a physical security support is implemented in response to at least one of the network traffic intrusion event and the physical security intrusion event.
319 Citations
11 Claims
-
1. A method to provide network traffic support and physical security support comprising:
-
initializing a plurality of virtual machines, wherein each of the plurality of virtual machines operates like a complete physical machine that can run its own operating system; initializing a virtual machine monitor in a processor system during a pre-boot phase, wherein the virtual machine monitor is configured to manage the operation of the plurality of virtual machines; identifying at least one of a network traffic intrusion event and a physical security intrusion event with the virtual machine monitor, wherein identifying the network traffic intrusion event includes; detecting an incoming network packet; determining whether the incoming network packet is attempting to access a restricted port; discarding the network packet if the network packet is attempting to access a restricted port; performing packet level virus scanning on the network packet to determine if the network packet is associated with a virus; discarding the network packet if the network packet if the network packet is associated with a virus; determining whether the incoming network packet is a denial of service attack; discarding the incoming network packet if the incoming network packet is a denial of service attack; determining whether the incoming network packet is an alert standard format packet; and invoking a system manageability agent and performing a task if the incoming network packet is an alert standard format packet; and wherein identifying the physical security intrusion event includes; detecting a physical intrusion; determining whether a user has authorization to initiate the physical intrusion; determining which components of the processor system are vulnerable to the physical intrusion; and disabling the components of the processor system that are vulnerable to the physical intrusion if the user does not have authorization to initiate the physical intrusion. - View Dependent Claims (2, 3, 4)
-
-
5. A machine readable medium storing instructions, which when executed, cause a machine to:
-
initialize a plurality of virtual machines, wherein each of the plurality of virtual machines operates like a complete physical machine that can run its own operating system; initialize a virtual machine monitor in a processor system during a pre-boot phase, wherein the virtual machine monitor is configured to manage the operation of the plurality of virtual machines; identify at least one of a network traffic intrusion event and a physical security intrusion event with the VMM virtual machine monitor, wherein the instructions cause the machine to identify the at least one of the network traffic intrusion event within the virtual machine monitor by; detecting an incoming network packet; determining whether the incoming network packet is attempting to access a restricted port; discarding the network packet if the network packet is attempting to access a restricted port; performing packet level virus scanning on the network packet to determine if the network packet is associated with a virus; discarding the network packet if the network packet if the network packet is associated with a virus; determining whether the incoming network packet is a denial of service attack; discarding the incoming network packet if the incoming network packet is a denial of service attack; determining whether the incoming network packet is an alert standard format packet; and invoking a system manageability agent and performing a task if the incoming network packet is an alert standard format packet; and wherein the instructions cause the machine to identify the at least one of the physical security intrusion event within the virtual machine monitor by; detecting a physical intrusion; determining whether a user has authorization to initiate the physical intrusion; determining which components of the processor system are vulnerable to the physical intrusion; and disabling the components of the processor system that are vulnerable to the physical intrusion if the user does not have authorization to initiate the physical intrusion. - View Dependent Claims (6, 7, 8)
-
-
9. An apparatus to provide network traffic support and physical security support comprising:
-
a machine readable medium configured to store firmware of a processor system; a plurality of virtual machines initialized from the firmware during a pre-boot phase to operate like a complete physical machine that can run its own operating system; a virtual machine monitor initialized from the firmware during a pre-boot phase to identify at least one of a network traffic intrusion event and a physical security intrusion event, wherein the identifying the network traffic intrusion event includes; detecting an incoming network packet; determining whether the incoming network packet is attempting to access a restricted port; discarding the network packet if the network packet is attempting to access a restricted port; performing packet level virus scanning on the network packet to determine if the network packet is associated with a virus; discarding the network packet if the network packet if the network packet is associated with a virus; determining whether the incoming network packet is a denial of service attack; discarding the incoming network packet if the incoming network packet is a denial of service attack; determining whether the incoming network packet is an alert standard format packet; and invoking a system manageability agent and performing a task if the incoming network packet is an alert standard format packet; and wherein identifying the physical security intrusion event includes; detecting a physical intrusion; determining whether a user has authorization to initiate the physical intrusion; determining which components of the processor system are vulnerable to the physical intrusion; and disabling the components of the processor system that are vulnerable to the physical intrusion if the user does not have authorization to initiate the physical intrusion. - View Dependent Claims (10, 11)
-
Specification