Network traffic rate limiting system and method

US 8,825,889 B2
Filed: 05/11/2009
Issued: 09/02/2014
Est. Priority Date: 05/11/2009
Status: Active Grant

First Claim

Patent Images

1. A system for rate limiting network traffic flow of an untrusted application, comprising:

a master module in a server environment to manage network traffic flow restrictions for a client application on a slave module,wherein the master module comprises a processor and a memory on which is stored instructions to cause the processor to set the network traffic flow restrictions on the slave module when the master module has not received from a trusted application a validation of the client application on the slave module, to receive a validation of the client application from the trusted application to unrestrict the network traffic flow restrictions for the client application on the slave module, and to disable network traffic flow restrictions to allow a user to download the client application.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method is provided for rate limiting network traffic flow of an untrusted application. A master module in a server environment manages network traffic flow restrictions. A slave module executes client applications in the server environment. A services module in the server environment executes a trusted application to validate the client application to the master module. A traffic restriction module on the master module sets network traffic restrictions when validation has not been received for the client application on the slave blade, and receives client application validations from the trusted application to unrestrict network traffic flow for the client application on the slave blade.

20 Citations

View as Search Results

18 Claims

1. A system for rate limiting network traffic flow of an untrusted application, comprising:
- a master module in a server environment to manage network traffic flow restrictions for a client application on a slave module,wherein the master module comprises a processor and a memory on which is stored instructions to cause the processor to set the network traffic flow restrictions on the slave module when the master module has not received from a trusted application a validation of the client application on the slave module, to receive a validation of the client application from the trusted application to unrestrict the network traffic flow restrictions for the client application on the slave module, and to disable network traffic flow restrictions to allow a user to download the client application.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The system in accordance with claim 1, wherein the slave module and master module are each server blades.
  - 3. The system in accordance with claim 1, further comprising a direct access module in the server environment to allow unrestricted traffic flow for client applications with a license.
  - 4. The system in accordance with claim 3, wherein the license is a Software Development Kit (SDK) license.
  - 5. The system in accordance with claim 3, wherein the license is on the slave module and the direct access module is on a services module and wherein the services module comprises flash memory for validating the license.
  - 6. The system in accordance with claim 1, wherein the instructions are further to cause the processor to execute the trusted application in the master module.
  - 7. The system in accordance with claim 6, wherein the instructions to cause the processor to execute the trusted application in the master module comprise a subsystem with an operating system.
  - 8. The system in accordance with claim 1, wherein the system comprises a network switch.
  - 9. The system in accordance with claim 1, wherein each of the master module and the slave module further comprises communication ports, and wherein the master module manages network traffic flow restrictions by managing slave module port rate limits.
  - 10. The system in accordance with claim 1, wherein the trusted application is to cause the master module to enable and disable network traffic flow restrictions dynamically.
  - 11. The system in accordance with claim 10, further comprising a proprietary network protocol to be used by the trusted application to cause the master module to enable and disable network traffic flow restrictions for the slave module.
  - 12. The system in accordance with claim 1, wherein the master module and slave module communicate via a backplane.
  - 13. The system in accordance with claim 1, wherein network traffic flow of an untrusted application is rate limited entirely by hardware.

14. A master blade for rate limiting network traffic flow of untrusted applications, comprising:
- a processor; and
  
  a memory on which is stored machine readable instructions that cause the processor to;
  
  manage network traffic flow restrictions for a client application on a slave blade, andset the network traffic flow restrictions for the client application on the slave blade when the master blade has not received from a trusted application a validation for the client application on the slave blade,receive from the trusted application a validation of the client application to unrestrict the network traffic flow restrictions for the client application on the slave blade, anddisable network traffic flow restrictions to allow a user to download the client application.

15. A method comprising:
- executing a trusted application in a blade server environment having restricted network traffic flow;
  
  validating a client application running on a slave blade using the trusted application;
  
  receiving, at a master blade, a validation of the client application from the trusted application;
  
  unrestricting, by the master blade, the restricted network traffic flow for the client application on the slave blade in response to receiving the validation of the client application; and
  
  disabling, by the master blade, network traffic flow restrictions to allow a user to download the client application.
- View Dependent Claims (16, 17, 18)
- - 16. The method in accordance with claim 15, further comprising unrestricting the network traffic flow for the client application on the slave blade when the client application uses a license.
  - 17. The method in accordance with claim 15, further comprising:
    - sending the validation of the client application from the trusted application to the master blade using a proprietary network protocol.
  - 18. The method in accordance with claim 17, further comprising reconfiguring hardware on the slave blade using the master blade to change the network traffic flow restrictions.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Hewlett Packard Enterprise Development LP (Hewlett-Packard Enterprise Company)
Original Assignee
Hewlett-Packard Development Company, L.P. (HP Inc.)
Inventors
Smith, Michael R., Humphress, Sean E., Vitale, Dante
Primary Examiner(s)
Lazaro, David
Assistant Examiner(s)
MURPHY, CHARLES C

Application Number

US12/464,021
Publication Number

US 20100287303A1
Time in Patent Office

1,940 Days
Field of Search

726/32, 726/31, 726/29, 726/28, 726/27, 726/26, 726/22, 726/21, 726/8, 726/7, 726/5, 726/4, 726/30, 726/329, 726/3, 726/2, 709/213, 709/204, 709/203, 709/223, 709/229, 709/227, 709/218, 709/208, 370/390, 370/389, 370/330, 370/316, 370/248, 370/230, 370/701, 380/30, 380/270, 380/258
US Class Current

709/232
CPC Class Codes

H04L 47/10   Flow control; Congestion co...

H04L 47/12   Avoiding congestion; Recove...

H04L 47/13   in a LAN segment, e.g. ring...

H04L 47/20   Traffic policing

H04L 47/22   Traffic shaping

H04L 47/2475   for supporting traffic char...

H04L 63/0227   Filtering policies mail mes...

Network traffic rate limiting system and method

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

20 Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Network traffic rate limiting system and method

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

20 Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links