Federated firewall management for moving workload across data centers
US9680706B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Jul 28, 2015 |
| Grant date | Jun 13, 2017 |
| Priority date | — |
| Expiry date | Jul 28, 2035 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F2212/62
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A method of providing firewall support for moving a data compute node (DCN) across data centers. The method receives a set of global firewall rules to enforce across multiple data centers. The set of global firewall rules utilize unique identifiers that are recognized by the network manager of each data center. The method distributes the specified set of global firewall rules to the network managers. The method receives an indication that a DCN operating on a first host in a first data center is migrating to a second host operating in a second data center. The method sends a set of firewall session states to the network manager of the second data center. The method receives an indication that the DCN on the second host has started and enforces firewall rules for the DCN on the second host by using the firewall session states and the global firewall rules.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.