Patent · US Active

Introspection method and apparatus for network access filtering

US10606626B2 · kind B2 · utility

16Cited by

38References

19Claims

0Family size

Assignee

Nicira, Inc. · US

Inventors

Azeem Feroz · San Jose, US
Vasantha Kumar · Viralimalai, IN
James Christopher Wiese · San Ramon, US
Amit Vasant Patil · Pune, IN

Key dates

Filing date	Jul 30, 2015
Grant date	Mar 31, 2020
Priority date	—
Expiry date	Jan 5, 2036

Classification

Technology area (CPC H)Electricity
CPC primaryH04L63/102
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

A method for performing network access filtering and/or categorization through guest introspection on a device data compute node (DCN) that executes on a host is provided. The method, through a guest introspector installed on the DCN, intercepts a data message that the DCN is preparing to send. The method identifies a category of the network resource. The method uses the category of the network resource to examine a set of network access policies that are stored on the host in order to determine whether the network access should be allowed. The method identifies a network access policy that requires the rejection of the network access when the access to the network resource causes an aggregate bandwidth for accessing the identified category of network resource to exceed a bandwidth threshold. The method rejects the network access based on the identified network access policy.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.