Providing firewall rules for workload spread across multiple data centers
US9806948B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Jul 28, 2015 |
| Grant date | Oct 31, 2017 |
| Priority date | — |
| Expiry date | Mar 30, 2036 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F2212/62
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A method of replicating firewall rules for a tenant that has several data compute nodes across a group of data centers. The method receives a first set of firewall rules that references first and second sets of objects in a first data center. The first set of objects includes identifiers that are recognized by the network manager of the first data center. The second set of objects includes identifiers that are not recognized by the first network manager. The first set of objects is translated into a set of global objects by searching a local inventory of objects. The second set of objects is translated into a set of global objects by searching a global inventory of objects. The first set of firewall rules is translated into a second set of firewall rules by using the translated objects and is replicated to the network managers of every data center.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.