Systems and methods for enforcing secure network segmentation for sensitive workloads
US9300691B1 · kind B1 · utility
Assignee
Inventor
Key dates
| Filing date | Jul 18, 2013 |
| Grant date | Mar 29, 2016 |
| Priority date | — |
| Expiry date | Jan 16, 2034 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L41/5096
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A computer-implemented method for enforcing secure network segmentation for sensitive workloads may include (1) identifying a sensitive workload that is deployed within a subnet of a segmented network on a remote workload hosting platform, (2) identifying a security policy that applies to the sensitive workload, wherein a deployment of the sensitive workload within the subnet of the segmented network complies with the security policy, (3) intercepting, at a proxy, an attempt to reconfigure the deployment of the sensitive workload within the segmented network on the remote workload hosting platform, (4) determining that the attempt to reconfigure the deployment of the sensitive workload could result in a violation of the security policy, and (5) enforcing, on the proxy, the security policy on the attempt to reconfigure the deployment of the sensitive workload. Various other methods, systems, and computer-readable media are also disclosed.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.