CN108141456A - 混合云安全组 - Google Patents
混合云安全组 Download PDFInfo
- Publication number
- CN108141456A CN108141456A CN201680059738.2A CN201680059738A CN108141456A CN 108141456 A CN108141456 A CN 108141456A CN 201680059738 A CN201680059738 A CN 201680059738A CN 108141456 A CN108141456 A CN 108141456A
- Authority
- CN
- China
- Prior art keywords
- cloud
- network
- cloud network
- data
- access
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/102—Entity profiles
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/104—Grouping of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
在一个实施例中,可以从混合云环境的第一云网络接收向混合云环境的第二云网络发送数据的请求,其中,该请求可以包括与该数据相关的安全配置文件。安全配置文件可被自动分析以确定与该数据相关的访问权限。至少部分地基于该访问权限,数据可被允许访问第二云网络。
Description
技术领域
本技术涉及基于计算机的联网,并且更具体地,涉及混合云环境中的安全组。
背景技术
近来全行业向基于云的服务交付和数据消费的转变对服务提供商在路由和交付数据的同时保障存储在私有云数据库中的数据的安全性提出了新的挑战。例如,基于云的提供商可能会采用各种实时调整模式以基于不断变化的安全需求来有效地调整和分配网络资源。此外,由于混合云计算和存储环境的一些部分可以被公共论坛访问且混合云的其他部分可以被指定用于私人论坛,所以混合云计算和存储环境对网络安全性提出了额外的挑战。
混合云计算环境可能是对存储在混合云中的数据的未授权访问的目标,因为潜在安全威胁会试图攻破可能与混合云计算和存储环境相关联的漏洞。新兴的基于计算机的威胁加速对日益灵活且安全的网络运营的需求。随着数据、软件、服务、应用和数据库逐渐地与基于云的网络紧密相连,需要在基于云的计算环境(包括混合云计算和存储环境)中增加安全功能和灵活性。
附图说明
为了描述可以获得本公开上面列举的特征和其他优点的方式,将通过参考附图中示出的特定实施例来呈现对上面简要描述的原理的更为具体的描述。应当理解的是,这些附图仅仅示出了本公开的示例性实施例,并且因此不被视为是对本公开范围的限制,通过使用附图并用附加的特征和细节来描述和解释本文的原理,其中:
图1示出了示例混合云环境;
图2示出了在混合云环境中迁移虚拟机的示例;
图3示出了具有多个云网络的示例混合云环境;
图4示出了采用云安全组的示例混合云环境;
图5示出了采用云安全组的示例混合云环境;
图6示出了采用云安全组的示例混合云环境;
图7示出了采用云安全组的示例混合云环境;
图8示出了采用云安全组的示例混合云环境;
图9示出了本技术的示例过程;以及
图10示出了本技术的示例架构。
多于一个附图共有的组件或特征在每个附图中都以相同的附图标记指示。
具体实施方式
下面详细讨论本公开的各种实施例。虽然讨论了具体的实施方式,但应该理解的是,这仅仅是出于说明的目的而进行的。相关领域的技术人员将认识到,在不脱离本公开的精神和范围的情况下可使用其他组件和配置。
概述
在一些实施例中,本技术可以从混合云环境的第一云网络接收向混合云环境的第二云网络发送数据的请求,其中,该请求可以包括与数据相关的安全配置文件。安全配置文件可被自动分析以确定与数据相关的访问权限。此外,至少部分地基于访问权限,数据可被允许访问第二云网络。
描述
通信网络可以包括共同允许单独的设备进行通信、共享数据和访问资源(例如,软件应用)的硬件、软件、协议、和传输组件的系统。更具体地,计算机网络可以是通过通信链路和网段互连的地理上分布的节点的集合,其中,通信链路和网段在诸如个人计算机和工作站之类的末端节点之间传输数据。许多类型的网络是可用的,其类型范围从局域网(LAN)和广域网(WAN)到覆盖和软件定义的网络(例如,虚拟可扩展局域网(VXLAN))以及虚拟网络(例如,虚拟局域网(VLAN))和虚拟专用网络(VPN)。
LAN—般通过位于同一总的物理位置(例如,建筑物或校园)中的专用私有通信链路来连接节点。另一方面,WAN可通过长距离通信链路(例如,是公共载波电话线、光路径、同步光网络(SONET)或同步数字体系(SDH)链路)连接地理上分散的节点。LAN和WAN可以包括层2(L2)和/或层3(L3)网络和设备。
互联网是连接全世界的不同网络的WAN的示例,其提供了各种网络上的节点之间的全球通信。这些节点通过根据预定义协议(例如,传输控制协议/互联网协议(TCP/IP))交换离散帧或数据分组来经由网络进行通信。在这种上下文中,协议可指定义节点如何彼此交互的一组规则。计算机网络还可通过中间网络节点(例如,路由器、交换机、集线器、或接入点)进一步互连)互连,这可以有效地扩展网络的大小或占用空间。
网络可以被分割成子网络以提供层级式、多级路由结构。例如,可以使用子网编址将网络划分为VLAN子网络以创建网段。这样,网络可以将各种IP地址组分配给特定的网段,并将网络划分为多个逻辑网络。在混合云环境中,不同的子网可以被分配给混合云环境的不同部分。例如,可以基于与一个或多个VLAN子网络相关联的安全许可,将该一个或多个VLAN子网分配给混合云环境的私有云网络和混合云环境的公共云网络。
其他网络(例如,虚拟网络(比如,VLAN))也是可用的。例如,一个或多个局域网可以进行逻辑分段以形成VLAN,并允许一组机器如同在同一物理网络中一样进行通信,而不管其实际物理位置。因此,位于不同物理局域网上的机器可如同位于同一物理局域网上一样进行通信。如本领域技术人员所理解的,网络和设备之间的互连也可以使用诸如VPN隧道之类的路由器和隧道来创建。在混合云计算环境中,这样的隧道可以在其任一端包括加密和/或防火墙,用以充当在私有数据中心(DC)/私有云网络和公共云网络(例如,由商业实体提供的云网络)之间发送的数据的网守。示例公共云网络是Microsoft云、AmazonWeb 云等。
各种网络可以包括用以支持数据通信、安全性和提供服务的各种硬件或软件设备或节点。例如,网络可以包括路由器、集线器、交换机、AP(访问接入点)、防火墙、中继器、入侵检测器、服务器、VM、负载平衡器、应用交付控制器(ADC)、以及其他硬件或软件设备。这些设备可以分布或部署在一个或多个物理、覆盖、或逻辑网络上。此外,设备可以作为可以使用层2(L2)和层3(L3)技术形成的集群来部署。集群可以为与特定设备或节点相关的流提供高可用性、冗余和负载平衡。流可以包含具有相同源和目的地信息的分组。因此,源自设备A到服务节点B的分组全部可以是相同流的一部分。
设备或节点以及集群可以在云部署中实现。可以在一个或多个网络中提供云部署,以使用共享资源来调配计算服务。云计算通常可以包括基于互联网的计算,其中,计算资源从可用的资源集合经由网络(例如,“云”)被动态地按需调配和分配给客户或用户计算机或其他设备。例如,云计算资源可以包括任何类型的资源(例如,计算、存储、网络设备、应用程序、虚拟机(VM)、服务等)。例如,资源可以包括服务设备(防火墙、深度分组检测器、流量监控器、负载平衡器等)、计算/处理设备(服务器、CPU、存储器、暴力处理能力)、存储设备(例如,网络附属存储、存储区域网络设备)等。此外,这些资源可以用于支持虚拟网络、虚拟机(VM)、数据库、应用程序(应用)等。另外,服务可以包括各种类型的服务,例如,监控服务、管理服务、通信服务、数据服务、带宽服务、路由服务、配置服务、无线服务、架构服务等。
云控制器和/或其他云设备可以被配置用于云管理。这些设备可以利用集中管理、第7层(L7)设备和应用程序可视性、实时基于Web的诊断、监控、报告、管理等进行预配置(即“开箱即用”)。这样,在一些实施例中,云可以提供集中管理、可视性、监控、诊断、报告、配置(例如,无线、网络、设备、或协议配置)、业务分配或再分配、备份、灾难恢复、控制、和任何其他服务。在某些情况下,这可以在没有特定设备或覆盖管理软件的高昂成本和复杂度的情况下完成。
本技术可以解决本领域对混合云计算和存储环境(“混合云”)中的提高的安全性的需求。混合云可以指由进行通信和/或共享数据的两个或更多个云网络组成的云网络架构。混合云可以是私有云和公有云之间的交互,其中,私有云以安全和可扩展的方式连接到公共云并利用公共云资源。混合云模型可以提供优于其他云模型的优势。例如,混合云模型允许企业保护其现有资产,保持对敏感数据和应用程序的控制,并维持对其网络、处理和存储资源的控制。此外,混合云可能允许企业按照他们对处理资源和存储的需求增加或减少而扩展其环境。这种向上或向下扩展可以在对现有物理网络资源(例如,现场物理服务器)影响最小或无影响的情况下发生。
尽管一些应用程序适用于传统的物理企业数据中心/专用网络,但是还是有一些应用程序的动态计算需求使其成为基于云的部署的理想选择。对于此类应用程序,目标是利用云计算的计算弹性和经济性,而不牺牲数据资产(例如,数据库、目录、存储库)在企业数据中心内的原位处所获得的安全性。要成为可行的混合云解决方案,数据应该保持安全性、应用程序不需要进行重新设计、并且云网络应很容易移动。
图1示出示意性地包括多个云网络或“云”的示例混合云计算和存储网络,其中,多个云网络或“云”包括私有云105(例如,企业数据中心)和可用于公共可访问的网络(例如,互联网(未示出))的公共云110。虽然当前术语是指包括私有云和公共云的混合云,但应该理解的是,本公开的许多方面可以在各种多云配置(例如,由第三方提供商托管的两个云或在不同地点的两个企业云)中被实践。私有数据中心/私有云105和公共云110可以经由私有云网关125和公共云网关135之间的通信链路170连接。可以使用预定义网络通信在混合云网络的设备之间交换数据分组和流量,如本领域技术人员将理解的那样。
如图1所示,每个云网络都可具有诸如私有云网关125和公共云网关135之类的云网关。每个云网络还可以包含至少一个虚拟机(VM)和/或嵌套的VM容器。例如,图1示出了私有云105中的VM1 150和VM2 152以及公共云110中的VM3 154。私有云网关125可以被配置为在私有云105中运行的基于VM的网关,其可以负责建立用于在私有云105和公共云110之间进行通信和数据传输的通信链路170。此外,公共云网关135可以被配置为在公共云110中运行的基于VM的网关,其可以负责建立用于在私有云105和公共云110之间进行通信和数据传输的通信链路170。
此外,与私有云网关125和公共云网关135相关联的安全组标签可以通过阻止数据到达混合云的未授权区域或阻止数据离开其所局限于的混合云来增强混合云网络安全性。在一些实施例中,私有云网关125可以通过利用例如与来自公共云110的子网VLAN相关联的安全组标签来筛选(screen)针对存储在私有云105中的数据去往公共云110的请求,所述来自公共云的子网VLAN被授权籍由与其相关联的访问权限接收来自私有云105的数据。这样例如在作出请求的来自公共云110的子网VLAN不具有对所请求的私有云105中的数据具有访问权限的安全标签的情况下可以通过拒绝针对私有云105中的数据的请求来阻止未授权数据离开私有云105。
类似地,在一些实施例中,公共云网关135可以通过利用与例如来自公共云110的子网VLAN相关联的安全组标签来筛选针对存储在公共云110中的数据去往私有云105的请求,所述来自公共云的子网VLAN被授权籍由与其相关联的访问权限接收来自私有云105的数据。这可以,例如在来自公共云110的子网VLAN不具有对所请求的私有云105中的数据具有访问权限的安全标签的情况下,通过不允许所请求的公共云110的数据离开公共云110来阻止未授权数据离开公共云110。
在一些实施例中,一个或多个防火墙可以与私有云网关125和公共云网关135结合使用,以便于筛选进入私有云105和公共云110及从中外出的请求。例如,私有云网关125和公共云网关135可以通过阻止未经授权的数据进入它们各自的云网络以及还阻止数据(若该数据因对计划目的地(例如,混合云环境的不同云网络)的访问权限不足而未被授权离开云网络)离开它们各自的云网络而进行互补。在一些实施例中,私有云网关125和公共云网关135可以仅阻止未经授权的数据进入它们的云网络。在其他实施例中,私有云网关125和公共云网关135可仅阻止未经授权的数据离开它们各自的云网络。
图1还示出了私有云105内的混合云管理器175,该混合云管理器可以是用于在混合云环境内自动调配资源的管理平面VM。具体而言,混合云管理器175可以是在私有云105或公共云110(未在其中示出)中操作的管理平台(其可以是VM),并且可以一般负责提供混合云环境操作、在私有云网络和公共云网络接口之间进行转换、云资源的管理、例如通过私有虚拟化平台和公共云提供者API进行的云网关和云VM组件(例如,公共云110中的VM3154)的动态实例化。该混合云管理器还可以健康监控混合云环境的组件(例如,云网关、一个或多个私有应用VM、和通信链路170),并且提供这些组件的高可用性。
图1还示出了虚拟管理员模块130(例如,思科系统公司的Nexus1000V交换机)、超管理器140(也被称为虚拟机管理器)以及一个或多个VM 150、152。私有云中的虚拟管理程序模块130 105可被用于在公共云110或私有云105(例如,VM1 150、VM2 152、和VM3 154)中创建VM。每个VM可以托管私有应用,甚至公共云110中的VM3 154可以托管私有应用,这样公共云110中的VM3 154的运行就如同它在私有云105内一样。超管理器140可以由虚拟管理员模块130进行配置并且可以为一个或多个VM提供操作系统。
图1还示出了通信链路170。通信链路170可以采用包括虚拟专用网络(VPN)或隧道类型的几种形式。具体而言,一些实施例可以利用开放VPN覆盖(overlay)或者基于IP安全(IPSec)VPN的L3网络扩展来提供通信链路170。虽然在云环境中提供了安全传输连接,但是VPN可能不会提供用于提供诸如在云端本地交换网络流量之类的功能、提供一致的企业网络策略、允许插入各种网络服务(例如,负载均衡器、防火墙等)、以及构建复杂的网络拓扑结构(例如,当前系统通过路由器和多个VLAN被连接)的基础设施(infrastructure)。尽管基于IPsec-VPN的技术可以为客户提供了数据中心之间的网络连接和相对复杂的网络拓扑,但它只能在网络层(示例性以及熟知的OSI模型的层3或“L3”)上扩展企业网络。这意味着在云数据中心(公共云110)处创建的覆盖网络可以是一组新的子网,其中公共云中的VM分配有新的网络标识(例如,IP和MAC地址)。因此,可以修改许多企业基础设施(例如,访问控制列表、防火墙策略、域名服务等),以便使新连接的VM系统能够与其余企业系统一起工作。例如,IPSec VPN隧道可以防止企业级防火墙和企业数据中心(例如,私有云105)内深处的网络地址转换(NAT)设备被攻破。
诸如当前描述的技术的实施例之类的一些混合云技术可以利用安全传输层(例如,第4层或“L4”)隧道作为私有云105中的第一云网关125和公共云110中的第二云网关135之间的通信链路170,其中安全传输层隧道被配置为在私有云和公共云之间提供链路层170(例如,层2或“L2”)网络扩展。通过在公共云网络110上建立安全传输层(L4)隧道170(例如,传输层安全性(TLS)、数据报TLS(DTLS)、安全套接层(SSL)等),本文的技术可以建立将云资源(公共云110)与私有云105(例如,企业网络骨干)互连的安全L2交换覆盖。换句话说,安全传输层隧道170可以提供私有云105和公共云110之间的链路层网络扩展。
如上所述,部署在私有云105处的云网关125可以使用L4安全隧道来连接到在公共云110处分配的云资源。由于传输层协议(例如,UDP/TCP)的性质以及传输层端口为防火墙中的HTTP/HTTPS而开,L4安全隧道非常适合与企业级防火墙和NAT设备一起使用。L2网络可以通过部署在公共云110处的云网关135扩展并连接到每个云VM(例如,VM1 150、VM2152、VM3 154)。利用L2网络覆盖,特定私有应用VM(例如,VM3 154)的所有实例可以无缝地迁移到在公共云中动态创建的覆盖网络,而不会对现有企业基础架构产生任何影响。
作为一般惯例,公共云服务提供商仅为每个云VM(例如,VM3 154)提供有限数量的网络附件和网络广播能力。这可以阻止企业客户将他们的多VLAN网络架构环境迁移到公有云数据中心。然而,在如本文所述的L4隧道之上构建L2网络覆盖降低了云VM的网络附件需求并且可以向云VM提供网络广播能力。本文的技术可以允许企业客户部署一致的企业范围的网络架构,即使在混合云网络环境中也是如此。
图2示出了如图1所示的被用于将VM从私有云105迁移到公共云110的混合云环境。在一些实施例中,私有云上的VM可能需要进行缩放以超过私有云的当前资源,或者私有云可能需要脱机一段时间。在一些实施例中,可能需要将私有云105上的应用迁移到公共云110或从公共云110迁移到私有云105(未示出)。图2示出了正被迁移到公共云110的私有云105上的VM1 150。迁移可以使用虚拟管理员模块130来进行管理以使VM1 150脱机,并且可以使用混合云管理器175来迁移VM1 150以将VM1150的磁盘映像复制到公共云110,并将其在公共云110中实例化。
图3示出了示例混合云环境。在图3中,公共云114可以例如运行VM4 156中的应用或服务。应用或服务可以由企业私有云105和合作伙伴私有云112共享。在一些实施例中,私有云114可以充当提供到企业和合作伙伴的有限访问的中介。应该理解的是,除了图3的示例性架构之外,还可以使用许多其他混合云网络架构。在一些实施例中,混合云网络可以包括一个或多个企业私有云、一个或多个物理企业服务器、一个或多个公共云、一个或多个物理公共网络服务器、或这些云和服务器的任何组合。另外,本技术的实施例可以提供数据、虚拟机等在混合云计算环境中的所有不同云网络(公共和私有)和物理服务器之间的安全迁移。例如,VM4156可以被迁移到企业私有云105和/或合作伙伴私有云112。类似地,一些实施例可以提供例如VM3到企业私有云105和/或公共云114的迁移。
图4示出了示例混合云环境。数据中心(DC)/私有云402可以经由安全通信链路418连接到提供商/公共云412。私有云402可以是指定用于特定企业的基于云的网络。私有云402可以包含在没有授权访问的情况下不打算在私有云402之外被共享的敏感数据。提供商云412可以是由诸如Oracle(甲骨文)、Amazon(亚马逊)、Microsoft(微软)之类的第三方商业供应商提供的公众可访问的基于云的网络。项目404表示许多子网、VLAN子网、虚拟机、或可被存储在数据中心/私有云402中的其他数据中的一者。类似地,项目414表示许多子网、VLAN子网、虚拟机、或可以是可被存储在提供商云412中的其他数据中的一者。项目406和项目416可以表示针对安全策略/混合云安全组的强制点,其可以规定来自私有云402和提供商/公共云412的数据/应用/VM的进入和退出。
例如,项目406和项目416可以是用于强制执行混合云安全组/安全策略的网关。混合云安全组可被自动应用于混合云网络中出现的数据/应用/虚拟机,以便根据授权的混合云访问位置对数据/应用/虚拟机进行分组。例如,由项目404表示的应用可被请求迁移到提供商云412。如果VM 404不具有退出私有云402以及进入提供者云412的适当的安全组标签,则网关406可以阻止VM 404离开私人云402。
如果VM 404确实具有退出私有云402以及进入提供商云412的适当的安全组标签,则网关406可以允许VM 404经由安全链路/隧道418离开私有云402。在一些实施例中,VM404还可以使其数据在提供商/公共云412中被复制和实例化。网关416可以充当网守,在一些实施例中,仅允许来自授权安全组的数据进入提供商/公共云412。安全链路418可以用密码术来保护,使得私有云402和公共云412之间的通信不可由外方检测到。此外,在一些实施例中,安全链路/安全隧道418可能不允许访问互联网或从互联网进行访问,以便通过仅经由安全链路418发送所有敏感数据/应用/VM来增强安全性。
混合云安全组可以由私有云402和/或公共云412的管理员进行人工配置。例如,私有云402的管理员可以配置本技术以自动基于例如原始IP地址、类型、作者、创建日期等将安全组标签应用于数据/应用/VM。在本技术的实施例被实例化时,将全部或部分数据/应用/VM可被分配给一个或多个云安全组。例如,某些数据/应用/VM可以被授权供仅私有云、仅公共云或私有云和公共云二者使用。这可以允许在保持安全性的同时在特定的云环境内数据移动的更大灵活性,因为所有具有云安全组标签的数据只应被准许于与其各自的(一个或多个)云安全组相关联的授权区域中。
图5示出了示例混合云环境。如图4所示,图5的示例实施例可以包括数据中心/私有云402、提供商/公共云412、以及安全链路/隧道418。图5示出了混合云安全组的示例应用,其中数据/应用/VM(未示出)请求从私有云402退出以便进入提供商/公共云412。如关于图4所讨论的,私有云网关406可以验证试图退出私有云402的任何数据、应用、VM等被授权离开私有云402。
例如,编程代码520可以向私有云网关406提供用于授权进入私有云402/从私有云退出的参数。应当理解的是,除了图2所示的编程代码520之外,编程代码520还可以以许多其他形式实现。此外,本技术的实施例可以利用一种或多种编程语言来确定用于不同混合云安全组的参数。在一些实施例中,编程代码520可以提供私有云402的进入参数和/或退出参数。图5示出了在一些实施例中:如果基于可由管理员定义的参数与数据相关联的混合云安全组标签没有授权从私有云402退出,则该数据可能不被允许离开私有云402。例如,如果来自私有云402的应用不是具有允许从私有云402退出的安全组标记的选定子网的一部分,则该应用将被拒绝从私有云402退出,如在私有云网关406处所示。
在其他实施例中,如果基于所允许的子网从私有云402请求的数据具有授权从私有云402退出的安全组标签,则所述数据可以经由安全隧道418被发送到提供商公共云412。一些实施例可以在提供商公共网关416处提供对所发送的数据的类似的筛选,以便确保该数据是用于访问提供商公共云412的授权安全组的一部分。应当理解的是,针对私有云402的数据的请求可以来自私人云402内、提供商公共云412内、或来自第三方/多方。
图6示出了示例混合云环境。如图4所示,图6可以包括数据中心/私有云402、提供商/公共云412、以及安全链路/隧道418。图6示出了混合云安全组的示例应用,其中数据/应用/VM(未示出)正请求从提供商公共云412退出以便进入私有云402。如图4所示,公共云网关416可以验证试图退出公共云412的任何数据、应用、VM等被授权离开公共云412。
例如,编程代码620可以向公共云网关416提供用于授权进入公共云412/从公共云退出的参数。应当理解的是,除了图4中所示的编程代码620之外,编程代码620还可以以许多其他形式来实现。此外,本技术的实施例可以利用一种或多种编程语言来确定用于不同混合云安全组的参数。在一些实施例中,编程代码620可以提供公共云412的进入参数和/或退出参数。图6示出了在一些实施例中:如果基于可由管理员定义的参数的与数据相关联的混合云安全组标签没有授权从公共云412退出,则该数据可能不被允许数据离开公共云412。例如,如果来自公共云412的应用不是具有允许从公共云412进入私有云402的安全组标签的扩展VLAN的一部分,则该应用将被拒绝从公共云412退出,如公共云网关416处所示。
在其他实施例中,如果基于所允许的扩展VLAN,从公共云412请求的数据具有授权从公共云412退出的安全组标签,则所述数据可以经由安全隧道418被发送到私有云402。一些实施例可以在私有网关406处提供对所发送数据的类似筛选,以便确保该数据是用于访问私有云402的授权安全组的一部分。应理解的是,针对提供商公共云412的数据的请求可以来自提供商公共云412内、私有云402内、或来自第三方/多方。
图7示出了示例混合云环境。如图4所示,图7的示例实施例可以包括数据中心/私有云402、提供商/公共云412、以及安全链路/隧道418。图7示出了混合云安全组的示例应用,其中混合云环境的实例(未示出)基于与该实例相关联的安全组被筛选以进行授权。例如,图7示出了实例702尝试访问提供商公共云412。实例702没有被授权进入提供商公共云412的安全组标签。因此,公共云网关416拒绝实例702的访问,这样实例702不被允许到达混合VM712,。另一方面,如果来自私有云402的实例具有被授权从私有云402退出并进入公共云412的安全组标签,则该实例可以经由安全隧道418被发送到提供商公共云412。
在一些实施例中,本技术可以利用提供商公共云的安全结构以增强安全性。例如,如果提供商公共云具有其自己的用于数据进入公共云(例如,亚马逊安全组)的安全参数/安全组,则本技术的实施例可以将这些安全参数用于替代或补充涉及与请求进入公共云的数据相关联的混合云安全组的安全参数。
例如,图8示出了利用提供商公共云412的安全参数/安全组设置的示例混合云环境。如图4所示,图8可以包括数据中心/私有云402、提供商/公共云412、安全链路/隧道418、以及网关406和416。图8示出了示例安全参数/安全组设置802。例如,安全组设置802可以由亚马逊提供,并且可以通过提供对实体请求访问提供商公共云412的附加安全性要求来补充私有云402安全组设置提供的安全性特征。应该理解的是,除了图8中示出的之外,还可以使用许多其他安全设置。
图9示出了本技术的示例过程900。过程900在902处开始,其中,从混合云环境的第一云网络接收请求以将数据发送到混合云环境的第二云网络。过程900在904处继续,其中,该请求的安全配置文件被自动分析以确定访问许可。示例过程900在906处结束,其中,至少部分地基于访问许可,数据被允许访问混合云环境的第二云网络。应该理解的是,本技术的实施例可以包括比过程900更少或更多的步骤。
图10示出了具有可用于执行本技术的实施例并生成和显示图形用户界面(GUI)的芯片组架构的示例计算机系统1050。计算机系统1050是可用于实现所公开的技术的实施例的计算机硬件、软件、和固件的示例。系统1050可以包括处理器1055,该处理器表示能够运行软件和/或固件并且利用被配置为执行所标识的计算的硬件的任何数目的物理和/或逻辑上不同的资源。处理器1055可以与芯片组1060进行通信,该芯片组可以控制到处理器1055的输入以及从处理器1055输出。在一些实施例中,芯片组1060将信息输出到输出1065(例如,显示器)并且可以读取信息并将其写入存储设备1070(例如,磁性介质和固态介质)。芯片组1060还可以从RAM1075读取数据并将数据写入其中。在一些实施例中,芯片组1060可以利用桥接器1080来与各种用户接口组件1085接口连接。这种用户接口组件1085可以包括键盘、麦克风、触控检测和处理电路、诸如鼠标之类的定点设备等。通常,到系统1050的输入可以来自机器生成和/或人工生成的各种来源中的任何一者或多者。
芯片组1060还可以与可具有不同物理接口的一个或多个通信接口1090接口连接。这种通信接口可以包括用于有线和无线局域网、用于宽带无线网络以及个人局域网的接口。用于生成、显示并使用本文公开的GUI的方法的一些应用可以包括接收通过物理接口接收的、或由系统本身通过处理器1055分析存储在存储装置1070或1075中的数据而生成的有序数据集。此外,系统可以通过用户接口组件1085从用户接收输入并执行适当的功能,例如,通过使用处理器1055解译这些输入而进行的浏览功能。
可以理解的是,示例系统1050可以具有多于一个处理器1055,或者可以是联网在一起以提供更强的处理和/或存储能力的计算设备组或集群的一部分。
为了解释清楚,在一些情况下,本技术可以被呈现为包括单独的功能块,其包括包含设备、设备组件、以软件或硬件和软件的组合体现的方法中的步骤或例程的功能块。
在一些实施例中,计算机可读存储设备、介质、和存储器可以包括包含比特流等的有线或无线信号。然而,当被提及时,非暂态计算机可读存储介质本身明确排除诸如能量、载波信号、电磁波、和信号之类的介质。
根据上述示例的方法可以使用存储的、或以其他方式从计算机可读介质获得的计算机可执行指令来实现。这样的指令可以例如包括使通用计算机、专用计算机、或专用处理设备执行某一功能或一组功能的指令和数据。所使用的计算机资源的部分可以通过网络来访问。计算机可运行指令可以例如是二进制的、中间格式指令(例如,汇编语言、固件、或源代码)。可以用于存储指令、所使用的信息、和/或在根据所描述的示例的方法期间创建的信息的计算机可读介质的示例包括磁盘或光盘、闪存、配备有非易失性存储器的USB设备、联网的存储设备等等。
实现根据这些公开的方法的设备可以包括硬件、固件、和/或软件,并且可以使用各种布置或规格。这种规格的典型示例包括膝上型计算机、智能电话、小型个人计算机、个人数字助理、机架式设备、独立设备等。本文描述的功能还可以体现在外围设备或插入卡中。举例来说,这样的功能还可以在不同芯片中的电路板上实现或者在单个设备中执行的不同过程中实现。
指令、用于传送这样的指令的介质、用于运行它们的计算资源、以及用于支持这样的计算资源的其他结构是用于提供这些公开中所描述的功能的装置。
尽管使用了各种示例和其他信息来解释在所附权利要求的范围内的各个方面,但是基于这些示例中的特定特征或布置,没有暗示对权利要求的限制,如普通技术人员将能够使用这些示例而推出的各种各样的实施方式。此外,尽管一些主题可能已经用特定于结构特征和/或方法步骤的示例的语言进行了描述,但是应当理解的是,所附权利要求中限定的主题不一定限于这些描述的特征或动作。例如,这样的功能可以不同地分布或者在除了本文标识的组件之外的组件中执行。相反,所描述的特征和步骤作为所附权利要求范围内的系统和方法的组件的示例被公开。此外,叙述“一组中的至少一个”的权利要求语言指示该组中的一个成员或该组中的多个成员满足该权利要求。
本文公开的技术可以关于混合云环境中的网络资源和数据提供更高的安全性。本技术的实施例可以阻止危害性的和/或未授权的实体进入混合云网络环境,这可以实现更高效的网络路由和网络应用和系统的高可用性,继而又可以实现所需用来路由信号的更短的处理器周期,从而实现了用于实现本技术的一些实施例的网络处理器的更高的效率和更长的服务寿命。因此,本技术可以改进其实施方式中使用的相关硬件。
此外,虽然前面的描述是针对具体实施例的,但是显而易见的是,可以对所描述的实施例做出其他变型和修改,同时实现这些实施例的一些或全部优点。例如,明确预期到,本文描述的组件和/或元件可以被实现为存储在具有在计算机上运行的程序指令、硬件、固件或、其组合的有形(非暂态)计算机可读介质、设备、和存储器(例如,盘片/CD/RAM/EEPROM等)上的软件。此外,描述本文描述的各种功能和技术的方法可以使用存储的、或以其他方式从计算机可读介质获得的计算机可运行指令来实现。这样的指令可以包括例如使通用计算机、专用计算机、或专用处理设备执行某一功能或一组功能的指令和数据。所使用的计算机资源的部分可以通过网络来访问。计算机可运行指令可以例如是二进制的、中间格式指令(例如,汇编语言、固件、或源代码)。可以用于存储指令、所使用的信息、和/或在根据所描述的示例的方法期间创建的信息的计算机可读介质的示例包括磁盘或光盘、闪存、配备有非易失性存储器的USB设备、联网的存储设备等等。另外,实现根据这些公开的方法的设备可以包括硬件、固件、和/或软件,并且可以采取各种规格中的任何一者或多者。这种规格的典型示例包括膝上型计算机、智能电话、平板电脑、可穿戴设备、小型个人计算机、个人数字助理等。本文描述的功能还可以体现在外围设备或插入卡中。举例来说,这样的功能还可以在不同芯片中的电路板上实现或者在单个设备中执行的不同过程中实现。指令、用于传送这样的指令的介质、用于运行它们的计算资源、以及用于支持这样的计算资源的其他结构是用于提供这些公开中所描述的功能的装置。因此,该描述仅通过示例的方式进行,而不是另外地限制本文实施例的范围。因此,所附权利要求的目的是涵盖落入本文实施例的真实精神和范围内的所有这些变化和修改。
Claims (14)
1.一种方法,包括:
从混合云环境的第一云网络接收向所述混合云环境的第二云网络发送数据的请求,所述请求包括与所述数据相关的安全配置文件;
自动分析所述安全配置文件以确定与所述数据相关的访问许可;以及
至少部分地基于访问权限,允许所述数据访问所述第二云网络。
2.如权利要求1所述的方法,还包括:
至少部分地基于所述访问许可,拒绝对不被准许访问所述第二云网络的数据进行访问。
3.如权利要求1所述的方法,还包括:
经由混合链路将所述数据发送到所述第二云网络,所述混合链路用于所述第一云网络与所述第二云网络之间的安全通信,其中,所述混合链路不允许到互联网的连接。
4.如权利要求1所述的方法,其中,所述安全配置文件被自动应用于在所述混合云环境中初始化的应用。
5.如权利要求1所述的方法,还包括:
接收针对所述混合云环境中的虚拟机的请求;
确定所述请求源自所述混合云环境的私有云网络的互联网协议(IP)地址;以及
提供所述混合云环境中的所述虚拟机。
6.如权利要求1所述的方法,还包括:
从所述混合云环境的公共云网络接收针对访问所述混合云环境的私有云网络的请求;
自动确定针对访问所述私有云网络的所述请求是来自具有在所述私有云网络中进行操作的访问许可的实体;以及
至少部分地基于所述访问权限,允许访问所述私有云网络。
7.如权利要求1所述的方法,还包括:
从所述混合云环境的私有云网络接收针对访问所述混合云环境的公共云网络的请求;
自动确定访问针对访问所述公共云网络的所述请求是来自具有在所述公共云网络中进行操作的访问权限的实体;以及
至少部分地基于所述访问权限,允许访问所述公共云网络。
8.一种网络设备,包括:
一个或多个服务器,该一个或多个服务器促成混合云环境的第一云网络;
一个或多个服务器,该一个或多个服务器促成所述混合云环境的第二云网络;
一个或多个处理器;以及
存储器,该存储器被配置为存储过程,所述过程在由所述一个或多个处理器运行时能操作以:
从所述混合云环境的所述第一云网络接收向所述混合云环境的所述第二云网络发送数据的请求,所述请求包括与所述数据相关的安全配置文件;
自动分析所述安全配置文件以确定与所述数据相关的访问许可;以及
至少部分地基于所述访问权限,允许所述数据访问所述第二云网络。
9.如权利要求8所述的网络设备,所述过程还能操作以:
至少部分地基于所述访问许可,拒绝对不被准许访问所述第二云网络的数据进行访问。
10.如权利要求8所述的网络设备,所述过程还能操作以:
经由混合链路将所述数据发送到所述第二云网络,所述混合链路用于所述第一云网络和所述第二云网络之间的安全通信,其中,所述混合链路不允许到互联网的连接。
11.如权利要求8所述的网络设备,所述过程还能操作以:
接收针对所述混合云环境中的虚拟机的请求;
确定所述请求源自所述混合云环境的私有云网络的互联网协议(IP)地址;以及
提供所述混合云环境中的虚拟机。
12.如权利要求8所述的网络设备,所述过程还能操作以:
从所述混合云环境的公共云网络接收针对访问所述混合云环境的私有云网络的请求;
自动确定针对访问所述私有云网络的所述请求是来自具有在所述私有云网络中进行操作的访问许可的实体;以及
至少部分地基于所述访问权限,允许访问所述私有云网络。
13.如权利要求8所述的网络设备,所述过程还能操作以:
从所述混合云环境的私有云网络接收针对访问所述混合云环境的公共云网络的请求;
自动确定访问针对访问所述公共云网络的所述请求是来自具有在所述公共云网络中进行操作的访问权限的实体;以及
至少部分地基于所述访问权限,允许访问所述公共云网络。
14.一种其上编码有指令的非暂态计算机可读介质,这些指令在由处理器运行时能操作以执行如权利要求1至7中任一项所述的方法。
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US14/881,649 | 2015-10-13 | ||
US14/881,649 US10462136B2 (en) | 2015-10-13 | 2015-10-13 | Hybrid cloud security groups |
PCT/US2016/056648 WO2017066327A1 (en) | 2015-10-13 | 2016-10-12 | Hybrid cloud security groups |
Publications (2)
Publication Number | Publication Date |
---|---|
CN108141456A true CN108141456A (zh) | 2018-06-08 |
CN108141456B CN108141456B (zh) | 2021-07-20 |
Family
ID=57209886
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201680059738.2A Active CN108141456B (zh) | 2015-10-13 | 2016-10-12 | 混合云安全组 |
Country Status (4)
Country | Link |
---|---|
US (3) | US10462136B2 (zh) |
EP (2) | EP3890268A1 (zh) |
CN (1) | CN108141456B (zh) |
WO (1) | WO2017066327A1 (zh) |
Cited By (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108989456A (zh) * | 2018-08-11 | 2018-12-11 | 广州知弘科技有限公司 | 一种基于大数据的网络实现方法 |
CN109495469A (zh) * | 2018-11-09 | 2019-03-19 | 南京医渡云医学技术有限公司 | 流量分析安全管控系统、方法及装置 |
CN110875889A (zh) * | 2018-09-03 | 2020-03-10 | 阿里巴巴集团控股有限公司 | 一种用于获取路径的方法及其装置 |
CN111225071A (zh) * | 2018-11-23 | 2020-06-02 | 深信服科技股份有限公司 | 一种云平台及跨云平台网络互通系统、方法 |
CN111432024A (zh) * | 2020-04-09 | 2020-07-17 | 兰州聚源信息科技有限公司 | 基于scorm技术的复合云培训平台的搭建方法 |
CN113271362A (zh) * | 2021-06-08 | 2021-08-17 | 天闻数媒科技(湖南)有限公司 | 基于混合云的教育资源的处理方法、装置、系统及介质 |
CN113595846A (zh) * | 2021-07-20 | 2021-11-02 | 重庆长安汽车股份有限公司 | 云对云环境中gre隧道实现通信的方法 |
CN115695045A (zh) * | 2022-12-14 | 2023-02-03 | 深圳富联富桂精密工业有限公司 | 安全组动态配置方法、装置及计算机可读存储介质 |
Families Citing this family (123)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9736065B2 (en) | 2011-06-24 | 2017-08-15 | Cisco Technology, Inc. | Level of hierarchy in MST for traffic localization and load balancing |
US8908698B2 (en) | 2012-01-13 | 2014-12-09 | Cisco Technology, Inc. | System and method for managing site-to-site VPNs of a cloud managed network |
US9043439B2 (en) | 2013-03-14 | 2015-05-26 | Cisco Technology, Inc. | Method for streaming packet captures from network access devices to a cloud server over HTTP |
US10454714B2 (en) | 2013-07-10 | 2019-10-22 | Nicira, Inc. | Method and system of overlay flow control |
US10749711B2 (en) | 2013-07-10 | 2020-08-18 | Nicira, Inc. | Network-link method useful for a last-mile connectivity in an edge-gateway multipath system |
US9755858B2 (en) | 2014-04-15 | 2017-09-05 | Cisco Technology, Inc. | Programmable infrastructure gateway for enabling hybrid cloud services in a network environment |
US9473365B2 (en) | 2014-05-08 | 2016-10-18 | Cisco Technology, Inc. | Collaborative inter-service scheduling of logical resources in cloud platforms |
US10122605B2 (en) | 2014-07-09 | 2018-11-06 | Cisco Technology, Inc | Annotation of network activity through different phases of execution |
US9825878B2 (en) | 2014-09-26 | 2017-11-21 | Cisco Technology, Inc. | Distributed application framework for prioritizing network traffic using application priority awareness |
US10050862B2 (en) | 2015-02-09 | 2018-08-14 | Cisco Technology, Inc. | Distributed application framework that uses network and application awareness for placing data |
US10037617B2 (en) | 2015-02-27 | 2018-07-31 | Cisco Technology, Inc. | Enhanced user interface systems including dynamic context selection for cloud-based networks |
US10708342B2 (en) | 2015-02-27 | 2020-07-07 | Cisco Technology, Inc. | Dynamic troubleshooting workspaces for cloud and network management systems |
US10382534B1 (en) | 2015-04-04 | 2019-08-13 | Cisco Technology, Inc. | Selective load balancing of network traffic |
US10425382B2 (en) | 2015-04-13 | 2019-09-24 | Nicira, Inc. | Method and system of a cloud-based multipath routing protocol |
US10135789B2 (en) | 2015-04-13 | 2018-11-20 | Nicira, Inc. | Method and system of establishing a virtual private network in a cloud service for branch networking |
US10498652B2 (en) | 2015-04-13 | 2019-12-03 | Nicira, Inc. | Method and system of application-aware routing with crowdsourcing |
US10476982B2 (en) | 2015-05-15 | 2019-11-12 | Cisco Technology, Inc. | Multi-datacenter message queue |
US10034201B2 (en) | 2015-07-09 | 2018-07-24 | Cisco Technology, Inc. | Stateless load-balancing across multiple tunnels |
US11005682B2 (en) | 2015-10-06 | 2021-05-11 | Cisco Technology, Inc. | Policy-driven switch overlay bypass in a hybrid cloud network environment |
US10067780B2 (en) | 2015-10-06 | 2018-09-04 | Cisco Technology, Inc. | Performance-based public cloud selection for a hybrid cloud environment |
US10523657B2 (en) | 2015-11-16 | 2019-12-31 | Cisco Technology, Inc. | Endpoint privacy preservation with cloud conferencing |
US10205677B2 (en) | 2015-11-24 | 2019-02-12 | Cisco Technology, Inc. | Cloud resource placement optimization and migration execution in federated clouds |
US10084703B2 (en) | 2015-12-04 | 2018-09-25 | Cisco Technology, Inc. | Infrastructure-exclusive service forwarding |
US10367914B2 (en) | 2016-01-12 | 2019-07-30 | Cisco Technology, Inc. | Attaching service level agreements to application containers and enabling service assurance |
US11290425B2 (en) * | 2016-02-01 | 2022-03-29 | Airwatch Llc | Configuring network security based on device management characteristics |
US10819630B1 (en) | 2016-04-20 | 2020-10-27 | Equinix, Inc. | Layer three instances for a cloud-based services exchange |
US10129177B2 (en) | 2016-05-23 | 2018-11-13 | Cisco Technology, Inc. | Inter-cloud broker for hybrid cloud networks |
US10659283B2 (en) | 2016-07-08 | 2020-05-19 | Cisco Technology, Inc. | Reducing ARP/ND flooding in cloud environment |
US10432532B2 (en) | 2016-07-12 | 2019-10-01 | Cisco Technology, Inc. | Dynamically pinning micro-service to uplink port |
US10263898B2 (en) | 2016-07-20 | 2019-04-16 | Cisco Technology, Inc. | System and method for implementing universal cloud classification (UCC) as a service (UCCaaS) |
US10382597B2 (en) | 2016-07-20 | 2019-08-13 | Cisco Technology, Inc. | System and method for transport-layer level identification and isolation of container traffic |
US10142346B2 (en) | 2016-07-28 | 2018-11-27 | Cisco Technology, Inc. | Extension of a private cloud end-point group to a public cloud |
US10567344B2 (en) | 2016-08-23 | 2020-02-18 | Cisco Technology, Inc. | Automatic firewall configuration based on aggregated cloud managed information |
US10523592B2 (en) | 2016-10-10 | 2019-12-31 | Cisco Technology, Inc. | Orchestration system for migrating user data and services based on user information |
US11044162B2 (en) | 2016-12-06 | 2021-06-22 | Cisco Technology, Inc. | Orchestration of cloud and fog interactions |
US10326817B2 (en) | 2016-12-20 | 2019-06-18 | Cisco Technology, Inc. | System and method for quality-aware recording in large scale collaborate clouds |
US10334029B2 (en) | 2017-01-10 | 2019-06-25 | Cisco Technology, Inc. | Forming neighborhood groups from disperse cloud providers |
US10552191B2 (en) * | 2017-01-26 | 2020-02-04 | Cisco Technology, Inc. | Distributed hybrid cloud orchestration model |
US10320683B2 (en) | 2017-01-30 | 2019-06-11 | Cisco Technology, Inc. | Reliable load-balancer using segment routing and real-time application monitoring |
US20180219765A1 (en) | 2017-01-31 | 2018-08-02 | Waltz Networks | Method and Apparatus for Network Traffic Control Optimization |
US10992568B2 (en) | 2017-01-31 | 2021-04-27 | Vmware, Inc. | High performance software-defined core network |
US20200036624A1 (en) | 2017-01-31 | 2020-01-30 | The Mode Group | High performance software-defined core network |
US11706127B2 (en) | 2017-01-31 | 2023-07-18 | Vmware, Inc. | High performance software-defined core network |
US10671571B2 (en) | 2017-01-31 | 2020-06-02 | Cisco Technology, Inc. | Fast network performance in containerized environments for network function virtualization |
US10992558B1 (en) | 2017-11-06 | 2021-04-27 | Vmware, Inc. | Method and apparatus for distributed data network traffic optimization |
US11121962B2 (en) | 2017-01-31 | 2021-09-14 | Vmware, Inc. | High performance software-defined core network |
US11252079B2 (en) | 2017-01-31 | 2022-02-15 | Vmware, Inc. | High performance software-defined core network |
US10778528B2 (en) | 2017-02-11 | 2020-09-15 | Nicira, Inc. | Method and system of connecting to a multipath hub in a cluster |
US11005731B2 (en) | 2017-04-05 | 2021-05-11 | Cisco Technology, Inc. | Estimating model parameters for automatic deployment of scalable micro services |
US10938586B2 (en) * | 2017-05-06 | 2021-03-02 | Servicenow, Inc. | Systems for peer-to-peer knowledge sharing platform |
US10868836B1 (en) * | 2017-06-07 | 2020-12-15 | Amazon Technologies, Inc. | Dynamic security policy management |
US10523539B2 (en) | 2017-06-22 | 2019-12-31 | Nicira, Inc. | Method and system of resiliency in cloud-delivered SD-WAN |
US10382274B2 (en) | 2017-06-26 | 2019-08-13 | Cisco Technology, Inc. | System and method for wide area zero-configuration network auto configuration |
US10439877B2 (en) | 2017-06-26 | 2019-10-08 | Cisco Technology, Inc. | Systems and methods for enabling wide area multicast domain name system |
US10425288B2 (en) | 2017-07-21 | 2019-09-24 | Cisco Technology, Inc. | Container telemetry in data center environments with blade servers and switches |
US10892940B2 (en) | 2017-07-21 | 2021-01-12 | Cisco Technology, Inc. | Scalable statistics and analytics mechanisms in cloud networking |
US10601693B2 (en) | 2017-07-24 | 2020-03-24 | Cisco Technology, Inc. | System and method for providing scalable flow monitoring in a data center fabric |
US10541866B2 (en) | 2017-07-25 | 2020-01-21 | Cisco Technology, Inc. | Detecting and resolving multicast traffic performance issues |
US11477280B1 (en) * | 2017-07-26 | 2022-10-18 | Pure Storage, Inc. | Integrating cloud storage services |
US10673831B2 (en) | 2017-08-11 | 2020-06-02 | Mastercard International Incorporated | Systems and methods for automating security controls between computer networks |
US10999100B2 (en) | 2017-10-02 | 2021-05-04 | Vmware, Inc. | Identifying multiple nodes in a virtual network defined over a set of public clouds to connect to an external SAAS provider |
US10999165B2 (en) | 2017-10-02 | 2021-05-04 | Vmware, Inc. | Three tiers of SaaS providers for deploying compute and network infrastructure in the public cloud |
US11102032B2 (en) | 2017-10-02 | 2021-08-24 | Vmware, Inc. | Routing data message flow through multiple public clouds |
US10959098B2 (en) | 2017-10-02 | 2021-03-23 | Vmware, Inc. | Dynamically specifying multiple public cloud edge nodes to connect to an external multi-computer node |
US11115480B2 (en) | 2017-10-02 | 2021-09-07 | Vmware, Inc. | Layer four optimization for a virtual network defined over public cloud |
US11089111B2 (en) | 2017-10-02 | 2021-08-10 | Vmware, Inc. | Layer four optimization for a virtual network defined over public cloud |
US10353800B2 (en) | 2017-10-18 | 2019-07-16 | Cisco Technology, Inc. | System and method for graph based monitoring and management of distributed systems |
US11223514B2 (en) | 2017-11-09 | 2022-01-11 | Nicira, Inc. | Method and system of a dynamic high-availability mode based on current wide area network connectivity |
US11481362B2 (en) | 2017-11-13 | 2022-10-25 | Cisco Technology, Inc. | Using persistent memory to enable restartability of bulk load transactions in cloud databases |
US10705882B2 (en) | 2017-12-21 | 2020-07-07 | Cisco Technology, Inc. | System and method for resource placement across clouds for data intensive workloads |
US11595474B2 (en) | 2017-12-28 | 2023-02-28 | Cisco Technology, Inc. | Accelerating data replication using multicast and non-volatile memory enabled nodes |
US11038923B2 (en) * | 2018-02-16 | 2021-06-15 | Nokia Technologies Oy | Security management in communication systems with security-based architecture using application layer security |
US10860359B2 (en) | 2018-02-28 | 2020-12-08 | Red Hat, Inc. | Key management for encrypted virtual machines |
US10979416B2 (en) * | 2018-03-26 | 2021-04-13 | Nicira, Inc. | System and method for authentication in a public cloud |
US10511534B2 (en) | 2018-04-06 | 2019-12-17 | Cisco Technology, Inc. | Stateless distributed load-balancing |
US10887350B2 (en) * | 2018-04-09 | 2021-01-05 | Nicira, Inc. | Method and system for applying compliance policies on private and public cloud |
US11256548B2 (en) | 2018-05-03 | 2022-02-22 | LGS Innovations LLC | Systems and methods for cloud computing data processing |
USD960177S1 (en) | 2018-05-03 | 2022-08-09 | CACI, Inc.—Federal | Display screen or portion thereof with graphical user interface |
US10728361B2 (en) | 2018-05-29 | 2020-07-28 | Cisco Technology, Inc. | System for association of customer information across subscribers |
US10904322B2 (en) | 2018-06-15 | 2021-01-26 | Cisco Technology, Inc. | Systems and methods for scaling down cloud-based servers handling secure connections |
US10764266B2 (en) | 2018-06-19 | 2020-09-01 | Cisco Technology, Inc. | Distributed authentication and authorization for rapid scaling of containerized services |
US11019083B2 (en) | 2018-06-20 | 2021-05-25 | Cisco Technology, Inc. | System for coordinating distributed website analysis |
US10819571B2 (en) | 2018-06-29 | 2020-10-27 | Cisco Technology, Inc. | Network traffic optimization using in-situ notification system |
US10904342B2 (en) | 2018-07-30 | 2021-01-26 | Cisco Technology, Inc. | Container networking using communication tunnels |
US11070613B2 (en) * | 2018-08-16 | 2021-07-20 | Microsoft Technology Licensing, Llc | Automatic application scaling between private and public cloud platforms |
US11159569B2 (en) * | 2018-08-20 | 2021-10-26 | Cisco Technology, Inc. | Elastic policy scaling in multi-cloud fabrics |
CN109218099A (zh) * | 2018-09-20 | 2019-01-15 | 犀思云(苏州)云计算有限公司 | 一种基于sdn/nfv的云交换网络平台 |
US11632355B2 (en) * | 2019-01-15 | 2023-04-18 | Hewlett Packard Enterprise Development Lp | Compliance management across multiple cloud environments |
US11438381B2 (en) * | 2019-01-22 | 2022-09-06 | International Business Machines Corporation | Identifying security profiles associated with access protocols of secondary storage |
US10491613B1 (en) * | 2019-01-22 | 2019-11-26 | Capital One Services, Llc | Systems and methods for secure communication in cloud computing environments |
US11323552B2 (en) * | 2019-04-19 | 2022-05-03 | EMC IP Holding Company LLC | Automatic security configurations in disaster recovery |
US11902382B2 (en) * | 2019-05-31 | 2024-02-13 | Hewlett Packard Enterprise Development Lp | Cloud migration between cloud management platforms |
US11018995B2 (en) | 2019-08-27 | 2021-05-25 | Vmware, Inc. | Alleviating congestion in a virtual network deployed over public clouds for an entity |
US11611507B2 (en) | 2019-10-28 | 2023-03-21 | Vmware, Inc. | Managing forwarding elements at edge nodes connected to a virtual network |
US11394640B2 (en) | 2019-12-12 | 2022-07-19 | Vmware, Inc. | Collecting and analyzing data regarding flows associated with DPI parameters |
US11489783B2 (en) | 2019-12-12 | 2022-11-01 | Vmware, Inc. | Performing deep packet inspection in a software defined wide area network |
US11588731B1 (en) * | 2020-01-17 | 2023-02-21 | Equinix, Inc. | Cloud-to-cloud interface |
US11438789B2 (en) | 2020-01-24 | 2022-09-06 | Vmware, Inc. | Computing and using different path quality metrics for different service classes |
US11558459B2 (en) * | 2020-03-27 | 2023-01-17 | International Business Machines Corporation | User-defined custom storage classes for hybrid-cloud and multicloud data management |
US11831610B2 (en) * | 2020-06-04 | 2023-11-28 | Vmware, Inc. | System and method for using private native security groups and private native firewall policy rules in a public cloud |
US11245641B2 (en) | 2020-07-02 | 2022-02-08 | Vmware, Inc. | Methods and apparatus for application aware hub clustering techniques for a hyper scale SD-WAN |
US11363124B2 (en) | 2020-07-30 | 2022-06-14 | Vmware, Inc. | Zero copy socket splicing |
US11444865B2 (en) | 2020-11-17 | 2022-09-13 | Vmware, Inc. | Autonomous distributed forwarding plane traceability based anomaly detection in application traffic for hyper-scale SD-WAN |
US11575600B2 (en) | 2020-11-24 | 2023-02-07 | Vmware, Inc. | Tunnel-less SD-WAN |
US11601356B2 (en) | 2020-12-29 | 2023-03-07 | Vmware, Inc. | Emulating packet flows to assess network links for SD-WAN |
US11792127B2 (en) | 2021-01-18 | 2023-10-17 | Vmware, Inc. | Network-aware load balancing |
US11979325B2 (en) | 2021-01-28 | 2024-05-07 | VMware LLC | Dynamic SD-WAN hub cluster scaling with machine learning |
US11582144B2 (en) | 2021-05-03 | 2023-02-14 | Vmware, Inc. | Routing mesh to provide alternate routes through SD-WAN edge forwarding nodes based on degraded operational states of SD-WAN hubs |
US12009987B2 (en) | 2021-05-03 | 2024-06-11 | VMware LLC | Methods to support dynamic transit paths through hub clustering across branches in SD-WAN |
US11729065B2 (en) | 2021-05-06 | 2023-08-15 | Vmware, Inc. | Methods for application defined virtual network service among multiple transport in SD-WAN |
US11968210B2 (en) * | 2021-05-19 | 2024-04-23 | International Business Machines Corporation | Management of access control in multi-cloud environments |
US11489720B1 (en) | 2021-06-18 | 2022-11-01 | Vmware, Inc. | Method and apparatus to evaluate resource elements and public clouds for deploying tenant deployable elements based on harvested performance metrics |
US12015536B2 (en) | 2021-06-18 | 2024-06-18 | VMware LLC | Method and apparatus for deploying tenant deployable elements across public clouds based on harvested performance metrics of types of resource elements in the public clouds |
US11375005B1 (en) | 2021-07-24 | 2022-06-28 | Vmware, Inc. | High availability solutions for a secure access service edge application |
US11943146B2 (en) | 2021-10-01 | 2024-03-26 | VMware LLC | Traffic prioritization in SD-WAN |
US20230336554A1 (en) * | 2022-04-13 | 2023-10-19 | Wiz, Inc. | Techniques for analyzing external exposure in cloud environments |
US20230336578A1 (en) * | 2022-04-13 | 2023-10-19 | Wiz, Inc. | Techniques for active inspection of vulnerability exploitation using exposure analysis |
US20230336550A1 (en) * | 2022-04-13 | 2023-10-19 | Wiz, Inc. | Techniques for detecting resources without authentication using exposure analysis |
US11601496B1 (en) * | 2022-04-25 | 2023-03-07 | Cisco Technology, Inc. | Hybrid cloud services for enterprise fabric |
US20230362170A1 (en) * | 2022-05-06 | 2023-11-09 | International Business Machines Corporation | Access configuration in hybrid network environments |
US11909815B2 (en) | 2022-06-06 | 2024-02-20 | VMware LLC | Routing based on geolocation costs |
US11929986B1 (en) * | 2022-10-31 | 2024-03-12 | Snowflake Inc. | Two-way data sharing between private and public clouds |
CN117097568B (zh) * | 2023-10-19 | 2024-01-26 | 睿至科技集团有限公司 | 一种云平台及其数据管理方法 |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20110213719A1 (en) * | 2010-02-26 | 2011-09-01 | James Michael Ferris | Methods and systems for converting standard software licenses for use in cloud computing environments |
CN103067406A (zh) * | 2013-01-14 | 2013-04-24 | 暨南大学 | 一种公有云与私有云之间的访问控制系统及方法 |
CN104113595A (zh) * | 2014-07-09 | 2014-10-22 | 武汉邮电科学研究院 | 一种基于安全等级划分的混合云存储系统及方法 |
CN104205757A (zh) * | 2012-04-24 | 2014-12-10 | 思科技术公司 | 用于混合云的分布式虚拟交换机架构 |
CN104270467A (zh) * | 2014-10-24 | 2015-01-07 | 冯斌 | 一种用于混合云的虚拟机管控方法 |
US8938775B1 (en) * | 2012-06-27 | 2015-01-20 | Amazon Technologies, Inc. | Dynamic data loss prevention in a multi-tenant environment |
Family Cites Families (353)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5889896A (en) | 1994-02-09 | 1999-03-30 | Meshinsky; John | System for performing multiple processes on images of scanned documents |
US5812773A (en) | 1996-07-12 | 1998-09-22 | Microsoft Corporation | System and method for the distribution of hierarchically structured data |
US6108782A (en) | 1996-12-13 | 2000-08-22 | 3Com Corporation | Distributed remote monitoring (dRMON) for networks |
US6178453B1 (en) | 1997-02-18 | 2001-01-23 | Netspeak Corporation | Virtual circuit switching architecture |
US6298153B1 (en) | 1998-01-16 | 2001-10-02 | Canon Kabushiki Kaisha | Digital signature method and information communication system and apparatus using such method |
US6735631B1 (en) | 1998-02-10 | 2004-05-11 | Sprint Communications Company, L.P. | Method and system for networking redirecting |
US6643260B1 (en) | 1998-12-18 | 2003-11-04 | Cisco Technology, Inc. | Method and apparatus for implementing a quality of service policy in a data communications network |
US20040095237A1 (en) | 1999-01-09 | 2004-05-20 | Chen Kimball C. | Electronic message delivery system utilizable in the monitoring and control of remote equipment and method of same |
ATE277378T1 (de) | 1999-10-25 | 2004-10-15 | Texas Instruments Inc | Intelligente leistungssteuerung in verteilten verarbeitungssystemen |
US6707794B1 (en) | 1999-11-15 | 2004-03-16 | Networks Associates Technology, Inc. | Method, system and computer program product for physical link layer handshake protocol analysis |
US6343290B1 (en) | 1999-12-22 | 2002-01-29 | Celeritas Technologies, L.L.C. | Geographic network management system |
US6683873B1 (en) | 1999-12-27 | 2004-01-27 | Cisco Technology, Inc. | Methods and apparatus for redirecting network traffic |
JP4162347B2 (ja) | 2000-01-31 | 2008-10-08 | 富士通株式会社 | ネットワークシステム |
US7058706B1 (en) | 2000-03-31 | 2006-06-06 | Akamai Technologies, Inc. | Method and apparatus for determining latency between multiple servers and a client |
US6721804B1 (en) | 2000-04-07 | 2004-04-13 | Danger, Inc. | Portal system for converting requested data into a bytecode format based on portal device's graphical capabilities |
EP1291440A1 (en) | 2000-06-01 | 2003-03-12 | Nisshinbo Industries, Inc. | Kit and method for determining hla type |
US7917647B2 (en) | 2000-06-16 | 2011-03-29 | Mcafee, Inc. | Method and apparatus for rate limiting |
US7062571B1 (en) | 2000-06-30 | 2006-06-13 | Cisco Technology, Inc. | Efficient IP load-balancing traffic distribution using ternary CAMs |
US7051078B1 (en) | 2000-07-10 | 2006-05-23 | Cisco Technology, Inc. | Hierarchical associative memory-based classification system |
AU2001288463A1 (en) * | 2000-08-30 | 2002-03-13 | Citibank, N.A. | Method and system for internet hosting and security |
US7596784B2 (en) | 2000-09-12 | 2009-09-29 | Symantec Operating Corporation | Method system and apparatus for providing pay-per-use distributed computing resources |
US6996615B1 (en) | 2000-09-29 | 2006-02-07 | Cisco Technology, Inc. | Highly scalable least connections load balancing |
US7054930B1 (en) | 2000-10-26 | 2006-05-30 | Cisco Technology, Inc. | System and method for propagating filters |
US20020143928A1 (en) | 2000-12-07 | 2002-10-03 | Maltz David A. | Method and system for collection and storage of traffic data in a computer network |
US7065482B2 (en) | 2001-05-17 | 2006-06-20 | International Business Machines Corporation | Internet traffic analysis tool |
US7002965B1 (en) | 2001-05-21 | 2006-02-21 | Cisco Technology, Inc. | Method and apparatus for using ternary and binary content-addressable memory stages to classify packets |
WO2002101968A2 (en) | 2001-06-11 | 2002-12-19 | Bluefire Security Technology | Packet filtering system and methods |
US7212490B1 (en) | 2001-07-06 | 2007-05-01 | Cisco Technology, Inc. | Dynamic load balancing for dual ring topology networks |
US7028098B2 (en) | 2001-07-20 | 2006-04-11 | Nokia, Inc. | Selective routing of data flows using a TCAM |
JP2003345612A (ja) | 2002-05-28 | 2003-12-05 | Sony Corp | 演算処理システム、コンピュータ・システム上でのタスク制御方法、並びにコンピュータ・プログラム |
US9565275B2 (en) * | 2012-02-09 | 2017-02-07 | Rockwell Automation Technologies, Inc. | Transformation of industrial data into useful cloud information |
US8103755B2 (en) | 2002-07-02 | 2012-01-24 | Arbor Networks, Inc. | Apparatus and method for managing a provider network |
US7313667B1 (en) | 2002-08-05 | 2007-12-25 | Cisco Technology, Inc. | Methods and apparatus for mapping fields of entries into new values and combining these mapped values into mapped entries for use in lookup operations such as for packet processing |
US20040131059A1 (en) | 2002-09-19 | 2004-07-08 | Ram Ayyakad | Single-pass packet scan |
US7536476B1 (en) | 2002-12-20 | 2009-05-19 | Cisco Technology, Inc. | Method for performing tree based ACL lookups |
US6733449B1 (en) | 2003-03-20 | 2004-05-11 | Siemens Medical Solutions Usa, Inc. | System and method for real-time streaming of ultrasound data to a diagnostic medical ultrasound streaming application |
US7567504B2 (en) | 2003-06-30 | 2009-07-28 | Microsoft Corporation | Network load balancing with traffic routing |
US20050060418A1 (en) | 2003-09-17 | 2005-03-17 | Gennady Sorokopud | Packet classification |
US7474653B2 (en) | 2003-12-05 | 2009-01-06 | Hewlett-Packard Development Company, L.P. | Decision cache using multi-key lookup |
US7496661B1 (en) | 2004-03-29 | 2009-02-24 | Packeteer, Inc. | Adaptive, application-aware selection of differentiated network services |
EP1762076A2 (en) | 2004-06-25 | 2007-03-14 | Koninklijke Philips Electronics N.V. | Anonymous certificates with anonymous certificate show |
US7379846B1 (en) | 2004-06-29 | 2008-05-27 | Sun Microsystems, Inc. | System and method for automated problem diagnosis |
US7881957B1 (en) | 2004-11-16 | 2011-02-01 | Amazon Technologies, Inc. | Identifying tasks for task performers based on task subscriptions |
US20060168338A1 (en) | 2004-11-23 | 2006-07-27 | Bruegl Aaron R | Methods and systems for providing data across a network |
US7548562B2 (en) | 2004-12-14 | 2009-06-16 | Agilent Technologies, Inc. | High speed acquisition system that allows capture from a packet network and streams the data to a storage medium |
US20060146825A1 (en) | 2004-12-30 | 2006-07-06 | Padcom, Inc. | Network based quality of service |
US7808897B1 (en) | 2005-03-01 | 2010-10-05 | International Business Machines Corporation | Fast network security utilizing intrusion prevention systems |
EP2362310B1 (en) | 2005-03-16 | 2017-10-04 | III Holdings 12, LLC | Automatic workload transfer to an on-demand center |
US9015324B2 (en) | 2005-03-16 | 2015-04-21 | Adaptive Computing Enterprises, Inc. | System and method of brokering cloud computing resources |
US20110016214A1 (en) | 2009-07-15 | 2011-01-20 | Cluster Resources, Inc. | System and method of brokering cloud computing resources |
US7480672B2 (en) | 2005-03-31 | 2009-01-20 | Sap Ag | Multiple log queues in a database management system |
US7606147B2 (en) | 2005-04-13 | 2009-10-20 | Zeugma Systems Inc. | Application aware traffic shaping service node positioned between the access and core networks |
US9065727B1 (en) | 2012-08-31 | 2015-06-23 | Google Inc. | Device identifier similarity models derived from online event signals |
US7607043B2 (en) | 2006-01-04 | 2009-10-20 | International Business Machines Corporation | Analysis of mutually exclusive conflicts among redundant devices |
US7613955B2 (en) | 2006-01-06 | 2009-11-03 | Microsoft Corporation | Collecting debug data from a wireless device |
US8028071B1 (en) | 2006-02-15 | 2011-09-27 | Vmware, Inc. | TCP/IP offload engine virtualization system and methods |
US8040895B2 (en) | 2006-03-22 | 2011-10-18 | Cisco Technology, Inc. | Method and system for removing dead access control entries (ACEs) |
US7778183B2 (en) | 2006-03-31 | 2010-08-17 | International Business Machines Corporation | Data replica selector |
US20090019367A1 (en) | 2006-05-12 | 2009-01-15 | Convenos, Llc | Apparatus, system, method, and computer program product for collaboration via one or more networks |
US7761596B2 (en) | 2006-06-30 | 2010-07-20 | Telefonaktiebolaget L M Ericsson (Publ) | Router and method for server load balancing |
US8533687B1 (en) | 2009-11-30 | 2013-09-10 | dynaTrade Software GmbH | Methods and system for global real-time transaction tracing |
US8194664B2 (en) | 2006-10-10 | 2012-06-05 | Cisco Technology, Inc. | Two-level load-balancing of network traffic over an MPLS network |
JP4333736B2 (ja) | 2006-12-19 | 2009-09-16 | 村田機械株式会社 | 中継サーバおよびクライアント端末 |
US7653063B2 (en) | 2007-01-05 | 2010-01-26 | Cisco Technology, Inc. | Source address binding check |
US8103773B2 (en) | 2007-01-19 | 2012-01-24 | Cisco Technology, Inc. | Transactional application processing in a distributed environment |
US20080201455A1 (en) | 2007-02-15 | 2008-08-21 | Husain Syed M Amir | Moving Execution of a Virtual Machine Across Different Virtualization Platforms |
US8406141B1 (en) | 2007-03-12 | 2013-03-26 | Cybertap, Llc | Network search methods and systems |
US7853998B2 (en) | 2007-03-22 | 2010-12-14 | Mocana Corporation | Firewall propagation |
US7773510B2 (en) | 2007-05-25 | 2010-08-10 | Zeugma Systems Inc. | Application routing in a distributed compute environment |
US9495152B2 (en) | 2007-06-22 | 2016-11-15 | Red Hat, Inc. | Automatic baselining of business application service groups comprised of virtual machines |
US9678803B2 (en) | 2007-06-22 | 2017-06-13 | Red Hat, Inc. | Migration of network entities to a cloud infrastructure |
US8301740B2 (en) | 2007-06-27 | 2012-10-30 | Ca, Inc. | Autonomic control of a distributed computing system using dynamically assembled resource chains |
US8205208B2 (en) | 2007-07-24 | 2012-06-19 | Internaitonal Business Machines Corporation | Scheduling grid jobs using dynamic grid scheduling policy |
US8423470B2 (en) | 2007-09-21 | 2013-04-16 | Microsoft Corporation | Distributed secure anonymous conferencing |
US8284664B1 (en) | 2007-09-28 | 2012-10-09 | Juniper Networks, Inc. | Redirecting data units to service modules based on service tags and a redirection table |
US8121117B1 (en) | 2007-10-01 | 2012-02-21 | F5 Networks, Inc. | Application layer network traffic prioritization |
US8862765B2 (en) | 2007-10-18 | 2014-10-14 | Arris Solutions, Inc. | Fair bandwidth redistribution algorithm |
US8583797B2 (en) | 2008-01-07 | 2013-11-12 | Ca, Inc. | Interdependent capacity levels of resources in a distributed computing system |
US20090178058A1 (en) | 2008-01-09 | 2009-07-09 | Microsoft Corporation | Application Aware Networking |
US8291474B2 (en) | 2008-04-16 | 2012-10-16 | Oracle America, Inc. | Using opaque groups in a federated identity management environment |
US8700891B2 (en) * | 2008-05-09 | 2014-04-15 | Broadcom Corporation | Preserving security association in MACsec protected network through VLAN mapping |
US8935692B2 (en) | 2008-05-22 | 2015-01-13 | Red Hat, Inc. | Self-management of virtual machines in cloud-based networks |
US8943497B2 (en) | 2008-05-29 | 2015-01-27 | Red Hat, Inc. | Managing subscriptions for cloud-based virtual machines |
US8171415B2 (en) | 2008-06-11 | 2012-05-01 | International Business Machines Corporation | Outage management portal leveraging back-end resources to create a role and user tailored front-end interface for coordinating outage responses |
US8429675B1 (en) | 2008-06-13 | 2013-04-23 | Netapp, Inc. | Virtual machine communication |
US9069599B2 (en) | 2008-06-19 | 2015-06-30 | Servicemesh, Inc. | System and method for a cloud computing abstraction layer with security zone facilities |
AU2009259876A1 (en) | 2008-06-19 | 2009-12-23 | Servicemesh, Inc. | Cloud computing gateway, cloud computing hypervisor, and methods for implementing same |
US8175103B2 (en) | 2008-06-26 | 2012-05-08 | Rockstar Bidco, LP | Dynamic networking of virtual machines |
US8479192B2 (en) | 2008-06-27 | 2013-07-02 | Xerox Corporation | Dynamic XPS filter |
US8250215B2 (en) | 2008-08-12 | 2012-08-21 | Sap Ag | Method and system for intelligently leveraging cloud computing resources |
US8706878B1 (en) | 2008-08-21 | 2014-04-22 | United Services Automobile Association | Preferential loading in data centers |
WO2010062435A1 (en) | 2008-09-04 | 2010-06-03 | Telcordia Technologies, Inc. | Computing diagnostic explanations of network faults from monitoring data |
US8238256B2 (en) | 2008-09-08 | 2012-08-07 | Nugent Raymond M | System and method for cloud computing |
US8041714B2 (en) | 2008-09-15 | 2011-10-18 | Palantir Technologies, Inc. | Filter chains with associated views for exploring large data sets |
CN101394360B (zh) | 2008-11-10 | 2011-07-20 | 北京星网锐捷网络技术有限公司 | 地址解析协议报文的处理方法、接入设备和通信系统 |
US9621341B2 (en) | 2008-11-26 | 2017-04-11 | Microsoft Technology Licensing, Llc | Anonymous verifiable public key certificates |
EP2211502A1 (en) | 2009-01-22 | 2010-07-28 | IBBT vzw | Management system and method for configuring a network for transferring media data |
US8566362B2 (en) | 2009-01-23 | 2013-10-22 | Nasuni Corporation | Method and system for versioned file system using structured data representations |
US20120005724A1 (en) | 2009-02-09 | 2012-01-05 | Imera Systems, Inc. | Method and system for protecting private enterprise resources in a cloud computing environment |
US8510735B2 (en) | 2009-02-11 | 2013-08-13 | International Business Machines Corporation | Runtime environment for virtualizing information technology appliances |
US8341427B2 (en) | 2009-02-16 | 2012-12-25 | Microsoft Corporation | Trusted cloud computing and services framework |
US9473555B2 (en) | 2012-12-31 | 2016-10-18 | The Nielsen Company (Us), Llc | Apparatus, system and methods for portable device tracking using temporary privileged access |
EP2228719A1 (en) | 2009-03-11 | 2010-09-15 | Zimory GmbH | Method of executing a virtual machine, computing system and computer program |
US8271615B2 (en) | 2009-03-31 | 2012-09-18 | Cloud Connex, Llc | Centrally managing and monitoring software as a service (SaaS) applications |
US8560639B2 (en) | 2009-04-24 | 2013-10-15 | Microsoft Corporation | Dynamic placement of replica data |
US8516106B2 (en) | 2009-05-18 | 2013-08-20 | International Business Machines Corporation | Use tag clouds to visualize components related to an event |
TW201112006A (en) | 2009-05-29 | 2011-04-01 | Ibm | Computer system, method and program product |
US8639787B2 (en) | 2009-06-01 | 2014-01-28 | Oracle International Corporation | System and method for creating or reconfiguring a virtual server image for cloud deployment |
US20100318609A1 (en) | 2009-06-15 | 2010-12-16 | Microsoft Corporation | Bridging enterprise networks into cloud |
KR101626117B1 (ko) | 2009-06-22 | 2016-05-31 | 삼성전자주식회사 | 클라우드 스토리지를 제공하는 클라이언트, 중개 서버 및 방법 |
US8281149B2 (en) | 2009-06-23 | 2012-10-02 | Google Inc. | Privacy-preserving flexible anonymous-pseudonymous access |
US8244559B2 (en) | 2009-06-26 | 2012-08-14 | Microsoft Corporation | Cloud computing resource broker |
US20100333116A1 (en) | 2009-06-30 | 2010-12-30 | Anand Prahlad | Cloud gateway system for managing data storage to cloud storage sites |
US8234377B2 (en) | 2009-07-22 | 2012-07-31 | Amazon Technologies, Inc. | Dynamically migrating computer networks |
US8966475B2 (en) | 2009-08-10 | 2015-02-24 | Novell, Inc. | Workload management for heterogeneous hosts in a computing system environment |
US8510469B2 (en) | 2009-08-31 | 2013-08-13 | Cisco Technology, Inc. | Measuring attributes of client-server applications |
US8862720B2 (en) | 2009-08-31 | 2014-10-14 | Red Hat, Inc. | Flexible cloud management including external clouds |
US8271653B2 (en) | 2009-08-31 | 2012-09-18 | Red Hat, Inc. | Methods and systems for cloud management using multiple cloud management schemes to allow communication between independently controlled clouds |
US20110072489A1 (en) | 2009-09-23 | 2011-03-24 | Gilad Parann-Nissany | Methods, devices, and media for securely utilizing a non-secured, distributed, virtualized network resource with applications to cloud-computing security and management |
US8532108B2 (en) | 2009-09-30 | 2013-09-10 | Alcatel Lucent | Layer 2 seamless site extension of enterprises in cloud computing |
JP2011076292A (ja) | 2009-09-30 | 2011-04-14 | Hitachi Ltd | 取得可能な機器情報に応じた障害原因解析ルールの設計方法及び計算機 |
US8880682B2 (en) | 2009-10-06 | 2014-11-04 | Emc Corporation | Integrated forensics platform for analyzing IT resources consumed to derive operational and architectural recommendations |
US20110110382A1 (en) | 2009-11-10 | 2011-05-12 | Cisco Technology, Inc., A Corporation Of California | Distribution of Packets Among PortChannel Groups of PortChannel Links |
US8611356B2 (en) | 2009-11-13 | 2013-12-17 | Exalt Communications Incorporated | Apparatus for ethernet traffic aggregation of radio links |
US20110126197A1 (en) | 2009-11-25 | 2011-05-26 | Novell, Inc. | System and method for controlling cloud and virtualized data centers in an intelligent workload management system |
CN101719930A (zh) | 2009-11-27 | 2010-06-02 | 南京邮电大学 | 一种基于云币的层次式云端计算系统激励方法 |
GB2475897A (en) | 2009-12-04 | 2011-06-08 | Creme Software Ltd | Resource allocation using estimated time to complete jobs in a grid or cloud computing environment |
US8037187B2 (en) | 2009-12-11 | 2011-10-11 | International Business Machines Corporation | Resource exchange management within a cloud computing environment |
US20130117337A1 (en) | 2009-12-23 | 2013-05-09 | Gary M. Dunham | Locally Connected Cloud Storage Device |
US9959147B2 (en) | 2010-01-13 | 2018-05-01 | Vmware, Inc. | Cluster configuration through host ranking |
US9883008B2 (en) | 2010-01-15 | 2018-01-30 | Endurance International Group, Inc. | Virtualization of multiple distinct website hosting architectures |
WO2011091056A1 (en) | 2010-01-19 | 2011-07-28 | Servicemesh, Inc. | System and method for a cloud computing abstraction layer |
US8301746B2 (en) | 2010-01-26 | 2012-10-30 | International Business Machines Corporation | Method and system for abstracting non-functional requirements based deployment of virtual machines |
US8898457B2 (en) | 2010-02-26 | 2014-11-25 | Red Hat, Inc. | Automatically generating a certificate operation request |
US9129086B2 (en) | 2010-03-04 | 2015-09-08 | International Business Machines Corporation | Providing security services within a cloud computing environment |
US20110252327A1 (en) | 2010-03-26 | 2011-10-13 | Actiance, Inc. | Methods, systems, and user interfaces for graphical summaries of network activities |
US20110239039A1 (en) | 2010-03-26 | 2011-09-29 | Dieffenbach Devon C | Cloud computing enabled robust initialization and recovery of it services |
US8886806B2 (en) | 2010-04-07 | 2014-11-11 | Accenture Global Services Limited | Generic control layer in a cloud environment |
US8243598B2 (en) | 2010-04-26 | 2012-08-14 | International Business Machines Corporation | Load-balancing via modulus distribution and TCP flow redirection due to server overload |
US8345692B2 (en) | 2010-04-27 | 2013-01-01 | Cisco Technology, Inc. | Virtual switching overlay for cloud computing |
US8719804B2 (en) | 2010-05-05 | 2014-05-06 | Microsoft Corporation | Managing runtime execution of applications on cloud computing systems |
US8547974B1 (en) | 2010-05-05 | 2013-10-01 | Mu Dynamics | Generating communication protocol test cases based on network traffic |
US9223617B2 (en) | 2010-05-06 | 2015-12-29 | Nec Laboratories America, Inc. | Methods and systems for migrating networked systems across administrative domains |
US8910278B2 (en) | 2010-05-18 | 2014-12-09 | Cloudnexa | Managing services in a cloud computing environment |
CN102255933B (zh) | 2010-05-20 | 2016-03-30 | 中兴通讯股份有限公司 | 云服务中介、云计算方法及云系统 |
US8954564B2 (en) | 2010-05-28 | 2015-02-10 | Red Hat, Inc. | Cross-cloud vendor mapping service in cloud marketplace |
US8477610B2 (en) | 2010-05-31 | 2013-07-02 | Microsoft Corporation | Applying policies to schedule network bandwidth among virtual machines |
EP2577539B1 (en) | 2010-06-02 | 2018-12-19 | VMware, Inc. | Securing customer virtual machines in a multi-tenant cloud |
US8705395B2 (en) | 2010-06-15 | 2014-04-22 | Jds Uniphase Corporation | Method for time aware inline remote mirroring |
US8352415B2 (en) | 2010-06-15 | 2013-01-08 | International Business Machines Corporation | Converting images in virtual environments |
US8135979B2 (en) | 2010-06-24 | 2012-03-13 | Hewlett-Packard Development Company, L.P. | Collecting network-level packets into a data structure in response to an abnormal condition |
US9201701B2 (en) | 2010-07-16 | 2015-12-01 | Nokia Technologies Oy | Method and apparatus for distributing computation closures |
TWM394537U (en) | 2010-08-17 | 2010-12-11 | Chunghwa Telecom Co Ltd | A system for providing web cloud integrated services |
US8473557B2 (en) | 2010-08-24 | 2013-06-25 | At&T Intellectual Property I, L.P. | Methods and apparatus to migrate virtual machines between distributive computing networks across a wide area network |
US8656023B1 (en) | 2010-08-26 | 2014-02-18 | Adobe Systems Incorporated | Optimization scheduler for deploying applications on a cloud |
US9311158B2 (en) | 2010-09-03 | 2016-04-12 | Adobe Systems Incorporated | Determining a work distribution model between a client device and a cloud for an application deployed on the cloud |
US8539597B2 (en) | 2010-09-16 | 2013-09-17 | International Business Machines Corporation | Securing sensitive data for cloud computing |
US8572241B2 (en) | 2010-09-17 | 2013-10-29 | Microsoft Corporation | Integrating external and cluster heat map data |
US8413145B2 (en) | 2010-09-30 | 2013-04-02 | Avaya Inc. | Method and apparatus for efficient memory replication for high availability (HA) protection of a virtual machine (VM) |
WO2012042509A1 (en) | 2010-10-01 | 2012-04-05 | Peter Chacko | A distributed virtual storage cloud architecture and a method thereof |
US20120084445A1 (en) | 2010-10-05 | 2012-04-05 | Brock Scott L | Automatic replication and migration of live virtual machines |
EP2439637A1 (en) | 2010-10-07 | 2012-04-11 | Deutsche Telekom AG | Method and system of providing access to a virtual machine distributed in a hybrid cloud network |
US8797867B1 (en) | 2010-10-18 | 2014-08-05 | Juniper Networks, Inc. | Generating and enforcing a holistic quality of service policy in a network |
US9075661B2 (en) | 2010-10-20 | 2015-07-07 | Microsoft Technology Licensing, Llc | Placing objects on hosts using hard and soft constraints |
US8909744B2 (en) | 2010-10-20 | 2014-12-09 | Hcl Technologies Limited | System and method for transitioning to cloud computing environment |
US8407413B1 (en) | 2010-11-05 | 2013-03-26 | Netapp, Inc | Hardware flow classification for data storage services |
US8612615B2 (en) | 2010-11-23 | 2013-12-17 | Red Hat, Inc. | Systems and methods for identifying usage histories for producing optimized cloud utilization |
JP5725812B2 (ja) | 2010-11-25 | 2015-05-27 | キヤノン株式会社 | 文書処理装置、文書処理方法、及びプログラム |
US8560792B2 (en) | 2010-12-16 | 2013-10-15 | International Business Machines Corporation | Synchronous extent migration protocol for paired storage |
US10176018B2 (en) | 2010-12-21 | 2019-01-08 | Intel Corporation | Virtual core abstraction for cloud computing |
US8935383B2 (en) | 2010-12-31 | 2015-01-13 | Verisign, Inc. | Systems, apparatus, and methods for network data analysis |
US8495356B2 (en) | 2010-12-31 | 2013-07-23 | International Business Machines Corporation | System for securing virtual machine disks on a remote shared storage subsystem |
US20120179909A1 (en) | 2011-01-06 | 2012-07-12 | Pitney Bowes Inc. | Systems and methods for providing individual electronic document secure storage, retrieval and use |
US8448171B2 (en) | 2011-01-07 | 2013-05-21 | International Business Machines Corporation | Communications between virtual machines that have been migrated |
US20120182891A1 (en) | 2011-01-19 | 2012-07-19 | Youngseok Lee | Packet analysis system and method using hadoop based parallel computation |
US9225554B2 (en) | 2011-01-26 | 2015-12-29 | Cisco Technology, Inc. | Device-health-based dynamic configuration of network management systems suited for network operations |
US8619568B2 (en) | 2011-02-04 | 2013-12-31 | Cisco Technology, Inc. | Reassignment of distributed packet flows |
US9063789B2 (en) * | 2011-02-08 | 2015-06-23 | International Business Machines Corporation | Hybrid cloud integrator plug-in components |
US8805951B1 (en) | 2011-02-08 | 2014-08-12 | Emc Corporation | Virtual machines and cloud storage caching for cloud computing applications |
US9009697B2 (en) | 2011-02-08 | 2015-04-14 | International Business Machines Corporation | Hybrid cloud integrator |
EP2678996B1 (en) | 2011-02-22 | 2016-06-29 | Fedex Corporate Services, Inc. | System and method for geo-staging of sensor data through a distributed global (cloud) architecture |
US9104672B2 (en) * | 2011-02-25 | 2015-08-11 | International Business Machines Corporation | Virtual security zones for data processing environments |
US8832818B2 (en) | 2011-02-28 | 2014-09-09 | Rackspace Us, Inc. | Automated hybrid connections between multiple environments in a data center |
US20120236716A1 (en) | 2011-03-14 | 2012-09-20 | Atheros Communications, Inc. | Profile-based quality of service for wireless communication systems |
KR101544482B1 (ko) | 2011-03-15 | 2015-08-21 | 주식회사 케이티 | 클라우드센터제어장치 및 그의 클라우드센터선택방법 |
US9100188B2 (en) | 2011-04-18 | 2015-08-04 | Bank Of America Corporation | Hardware-based root of trust for cloud environments |
KR101544485B1 (ko) | 2011-04-25 | 2015-08-17 | 주식회사 케이티 | 클라우드 스토리지 시스템에서 복수개의 복제본을 분산 저장하는 방법 및 장치 |
US8869244B1 (en) | 2011-05-03 | 2014-10-21 | Symantec Corporation | Techniques for providing role-based access control using dynamic shared accounts |
US8806015B2 (en) | 2011-05-04 | 2014-08-12 | International Business Machines Corporation | Workload-aware placement in private heterogeneous clouds |
CN103650426B (zh) | 2011-05-06 | 2016-10-05 | 思杰系统有限公司 | 用于在公共云与私有云之间进行云桥接的系统和方法 |
US9253252B2 (en) | 2011-05-06 | 2016-02-02 | Citrix Systems, Inc. | Systems and methods for cloud bridging between intranet resources and cloud resources |
US8977754B2 (en) | 2011-05-09 | 2015-03-10 | Metacloud Inc. | Composite public cloud, method and system |
US8590050B2 (en) * | 2011-05-11 | 2013-11-19 | International Business Machines Corporation | Security compliant data storage management |
CN102164091B (zh) | 2011-05-13 | 2015-01-21 | 北京星网锐捷网络技术有限公司 | 一种mac地址表建立方法及运营商边缘设备 |
US8719627B2 (en) | 2011-05-20 | 2014-05-06 | Microsoft Corporation | Cross-cloud computing for capacity management and disaster recovery |
US8984104B2 (en) | 2011-05-31 | 2015-03-17 | Red Hat, Inc. | Self-moving operating system installation in cloud-based network |
US9244751B2 (en) | 2011-05-31 | 2016-01-26 | Hewlett Packard Enterprise Development Lp | Estimating a performance parameter of a job having map and reduce tasks after a failure |
US9104460B2 (en) | 2011-05-31 | 2015-08-11 | Red Hat, Inc. | Inter-cloud live migration of virtualization systems |
US8959526B2 (en) | 2011-06-09 | 2015-02-17 | Microsoft Corporation | Scheduling execution of complementary jobs based on resource usage |
US8806003B2 (en) | 2011-06-14 | 2014-08-12 | International Business Machines Corporation | Forecasting capacity available for processing workloads in a networked computing environment |
US8547975B2 (en) | 2011-06-28 | 2013-10-01 | Verisign, Inc. | Parallel processing for multiple instance real-time monitoring |
US8589543B2 (en) | 2011-07-01 | 2013-11-19 | Cisco Technology, Inc. | Virtual data center monitoring |
US8959003B2 (en) | 2011-07-07 | 2015-02-17 | International Business Machines Corporation | Interactive data visualization for trend analysis |
US20130036213A1 (en) | 2011-08-02 | 2013-02-07 | Masum Hasan | Virtual private clouds |
EP3605969B1 (en) | 2011-08-17 | 2021-05-26 | Nicira Inc. | Distributed logical l3 routing |
US20140156557A1 (en) | 2011-08-19 | 2014-06-05 | Jun Zeng | Providing a Simulation Service by a Cloud-Based Infrastructure |
US8630291B2 (en) | 2011-08-22 | 2014-01-14 | Cisco Technology, Inc. | Dynamic multi-path forwarding for shared-media communication networks |
US8789157B2 (en) * | 2011-09-06 | 2014-07-22 | Ebay Inc. | Hybrid cloud identity mapping infrastructure |
JP5745077B2 (ja) | 2011-09-26 | 2015-07-08 | 株式会社日立製作所 | 根本原因を解析する管理計算機及び方法 |
CN103023762A (zh) | 2011-09-27 | 2013-04-03 | 阿尔卡特朗讯公司 | 云计算接入网关及用于提供用户终端接入云提供商的方法 |
US8560663B2 (en) | 2011-09-30 | 2013-10-15 | Telefonaktiebolaget L M Ericsson (Publ) | Using MPLS for virtual private cloud network isolation in openflow-enabled cloud computing |
US9250941B2 (en) | 2011-09-30 | 2016-02-02 | Telefonaktiebolaget L M Ericsson (Publ) | Apparatus and method for segregating tenant specific data when using MPLS in openflow-enabled cloud computing |
US20130091557A1 (en) | 2011-10-11 | 2013-04-11 | Wheel Innovationz, Inc. | System and method for providing cloud-based cross-platform application stores for mobile computing devices |
DE102012217202B4 (de) | 2011-10-12 | 2020-06-18 | International Business Machines Corporation | Verfahren und System zum Optimieren des Platzierens virtueller Maschinen in Cloud-Computing-Umgebungen |
US9201690B2 (en) | 2011-10-21 | 2015-12-01 | International Business Machines Corporation | Resource aware scheduling in a distributed computing environment |
US8789179B2 (en) | 2011-10-28 | 2014-07-22 | Novell, Inc. | Cloud protection techniques |
US9311160B2 (en) | 2011-11-10 | 2016-04-12 | Verizon Patent And Licensing Inc. | Elastic cloud networking |
US8832249B2 (en) | 2011-11-30 | 2014-09-09 | At&T Intellectual Property I, L.P. | Methods and apparatus to adjust resource allocation in a distributive computing network |
US9916184B2 (en) | 2011-12-02 | 2018-03-13 | International Business Machines Corporation | Data relocation in global storage cloud environments |
US20130152076A1 (en) | 2011-12-07 | 2013-06-13 | Cisco Technology, Inc. | Network Access Control Policy for Virtual Machine Migration |
US9113376B2 (en) | 2011-12-09 | 2015-08-18 | Cisco Technology, Inc. | Multi-interface mobility |
US8694995B2 (en) | 2011-12-14 | 2014-04-08 | International Business Machines Corporation | Application initiated negotiations for resources meeting a performance parameter in a virtualized computing environment |
US8832262B2 (en) | 2011-12-15 | 2014-09-09 | Cisco Technology, Inc. | Normalizing network performance indexes |
US10134056B2 (en) | 2011-12-16 | 2018-11-20 | Ebay Inc. | Systems and methods for providing information based on location |
US8860777B2 (en) | 2011-12-22 | 2014-10-14 | Verizon Patent And Licensing Inc. | Multi-enterprise video conference service |
US8547379B2 (en) | 2011-12-29 | 2013-10-01 | Joyent, Inc. | Systems, methods, and media for generating multidimensional heat maps |
US8555339B2 (en) | 2012-01-06 | 2013-10-08 | International Business Machines Corporation | Identifying guests in web meetings |
US8908698B2 (en) | 2012-01-13 | 2014-12-09 | Cisco Technology, Inc. | System and method for managing site-to-site VPNs of a cloud managed network |
US8732291B2 (en) | 2012-01-13 | 2014-05-20 | Accenture Global Services Limited | Performance interference model for managing consolidated workloads in QOS-aware clouds |
US9529348B2 (en) | 2012-01-24 | 2016-12-27 | Emerson Process Management Power & Water Solutions, Inc. | Method and apparatus for deploying industrial plant simulators using cloud computing technologies |
US9049589B2 (en) | 2012-01-27 | 2015-06-02 | Microsoft Technology Licensing, Llc | Dynamically adjusting a data usage plan based on data usage statistics |
US8660129B1 (en) | 2012-02-02 | 2014-02-25 | Cisco Technology, Inc. | Fully distributed routing over a user-configured on-demand virtual network for infrastructure-as-a-service (IaaS) on hybrid cloud networks |
US9451303B2 (en) | 2012-02-27 | 2016-09-20 | The Nielsen Company (Us), Llc | Method and system for gathering and computing an audience's neurologically-based reactions in a distributed framework involving remote storage and computing |
US10097406B2 (en) | 2012-03-19 | 2018-10-09 | Level 3 Communications, Llc | Systems and methods for data mobility with a cloud architecture |
US9350671B2 (en) | 2012-03-22 | 2016-05-24 | Futurewei Technologies, Inc. | Supporting software defined networking with application layer traffic optimization |
US20130254415A1 (en) | 2012-03-26 | 2013-09-26 | F. Brian Fullen | Routing requests over a network |
FR2988943A1 (fr) | 2012-03-29 | 2013-10-04 | France Telecom | Systeme de supervision de la securite d'une architecture |
EP2645257A3 (en) | 2012-03-29 | 2014-06-18 | Prelert Ltd. | System and method for visualisation of behaviour within computer infrastructure |
US9164795B1 (en) | 2012-03-30 | 2015-10-20 | Amazon Technologies, Inc. | Secure tunnel infrastructure between hosts in a hybrid network environment |
US8930747B2 (en) | 2012-03-30 | 2015-01-06 | Sungard Availability Services, Lp | Private cloud replication and recovery |
US9313048B2 (en) | 2012-04-04 | 2016-04-12 | Cisco Technology, Inc. | Location aware virtual service provisioning in a hybrid cloud environment |
US8856339B2 (en) | 2012-04-04 | 2014-10-07 | Cisco Technology, Inc. | Automatically scaled network overlay with heuristic monitoring in a hybrid cloud environment |
US9201704B2 (en) | 2012-04-05 | 2015-12-01 | Cisco Technology, Inc. | System and method for migrating application virtual machines in a network environment |
US8775576B2 (en) | 2012-04-17 | 2014-07-08 | Nimbix, Inc. | Reconfigurable cloud computing |
US8918510B2 (en) | 2012-04-27 | 2014-12-23 | Hewlett-Packard Development Company, L. P. | Evaluation of cloud computing services |
US9223634B2 (en) | 2012-05-02 | 2015-12-29 | Cisco Technology, Inc. | System and method for simulating virtual machine migration in a network environment |
US20150120914A1 (en) | 2012-06-13 | 2015-04-30 | Hitachi, Ltd. | Service monitoring system and service monitoring method |
US9183031B2 (en) | 2012-06-19 | 2015-11-10 | Bank Of America Corporation | Provisioning of a virtual machine by using a secured zone of a cloud environment |
US8909857B2 (en) | 2012-06-29 | 2014-12-09 | Broadcom Corporation | Efficient storage of ACL frequent ranges in a ternary memory |
US20140006585A1 (en) | 2012-06-29 | 2014-01-02 | Futurewei Technologies, Inc. | Providing Mobility in Overlay Networks |
US9215131B2 (en) | 2012-06-29 | 2015-12-15 | Cisco Technology, Inc. | Methods for exchanging network management messages using UDP over HTTP protocol |
US20140052877A1 (en) | 2012-08-16 | 2014-02-20 | Wenbo Mao | Method and apparatus for tenant programmable logical network for multi-tenancy cloud datacenters |
US9167050B2 (en) | 2012-08-16 | 2015-10-20 | Futurewei Technologies, Inc. | Control pool based enterprise policy enabler for controlled cloud access |
US9582221B2 (en) | 2012-08-24 | 2017-02-28 | Vmware, Inc. | Virtualization-aware data locality in distributed data processing |
US9069979B2 (en) | 2012-09-07 | 2015-06-30 | Oracle International Corporation | LDAP-based multi-tenant in-cloud identity management system |
US10097378B2 (en) | 2012-09-07 | 2018-10-09 | Cisco Technology, Inc. | Efficient TCAM resource sharing |
US9047181B2 (en) | 2012-09-07 | 2015-06-02 | Splunk Inc. | Visualization of data from clusters |
US9634922B2 (en) | 2012-09-11 | 2017-04-25 | Board Of Regents Of The Nevada System Of Higher Education, On Behalf Of The University Of Nevada, Reno | Apparatus, system, and method for cloud-assisted routing |
US9383900B2 (en) | 2012-09-12 | 2016-07-05 | International Business Machines Corporation | Enabling real-time operational environment conformity to an enterprise model |
US8924720B2 (en) | 2012-09-27 | 2014-12-30 | Intel Corporation | Method and system to securely migrate and provision virtual machine images and content |
US8850182B1 (en) | 2012-09-28 | 2014-09-30 | Shoretel, Inc. | Data capture for secure protocols |
US9301205B2 (en) | 2012-10-04 | 2016-03-29 | Benu Networks, Inc. | Application and content awareness for self optimizing networks |
GB2578840B (en) | 2012-10-08 | 2020-09-02 | Fisher Rosemount Systems Inc | Dynamically reusable classes |
US9251114B1 (en) | 2012-10-12 | 2016-02-02 | Egnyte, Inc. | Systems and methods for facilitating access to private files using a cloud storage system |
US9361192B2 (en) | 2012-10-19 | 2016-06-07 | Oracle International Corporation | Method and apparatus for restoring an instance of a storage server |
US9264478B2 (en) | 2012-10-30 | 2016-02-16 | Microsoft Technology Licensing, Llc | Home cloud with virtualized input and output roaming over network |
US9424228B2 (en) | 2012-11-01 | 2016-08-23 | Ezchip Technologies Ltd. | High performance, scalable multi chip interconnect |
US9442954B2 (en) | 2012-11-12 | 2016-09-13 | Datawise Systems | Method and apparatus for achieving optimal resource allocation dynamically in a distributed computing environment |
US20140140211A1 (en) | 2012-11-16 | 2014-05-22 | Cisco Technology, Inc. | Classification of traffic for application aware policies in a wireless network |
US9398436B2 (en) | 2012-11-21 | 2016-07-19 | Acer Incorporated | Cloud service for making social connections |
US9049115B2 (en) | 2012-12-13 | 2015-06-02 | Cisco Technology, Inc. | Enabling virtual workloads using overlay technologies to interoperate with physical network services |
US9268808B2 (en) | 2012-12-31 | 2016-02-23 | Facebook, Inc. | Placement policy |
US9122510B2 (en) | 2013-01-02 | 2015-09-01 | International Business Machines Corporation | Querying and managing computing resources in a networked computing environment |
US20150326524A1 (en) | 2013-01-24 | 2015-11-12 | Krishna Mouli TANKALA | Address resolution in software-defined networks |
US20140215471A1 (en) | 2013-01-28 | 2014-07-31 | Hewlett-Packard Development Company, L.P. | Creating a model relating to execution of a job on platforms |
US9274818B2 (en) | 2013-02-06 | 2016-03-01 | International Business Machines Corporation | Reliable and scalable image transfer for data centers with low connectivity using redundancy detection |
US9525564B2 (en) | 2013-02-26 | 2016-12-20 | Zentera Systems, Inc. | Secure virtual network platform for enterprise hybrid cloud computing environments |
US9699034B2 (en) * | 2013-02-26 | 2017-07-04 | Zentera Systems, Inc. | Secure cloud fabric to connect subnets in different network domains |
US9183016B2 (en) | 2013-02-27 | 2015-11-10 | Vmware, Inc. | Adaptive task scheduling of Hadoop in a virtualized environment |
US9251115B2 (en) | 2013-03-07 | 2016-02-02 | Citrix Systems, Inc. | Dynamic configuration in cloud computing environments |
US9043439B2 (en) | 2013-03-14 | 2015-05-26 | Cisco Technology, Inc. | Method for streaming packet captures from network access devices to a cloud server over HTTP |
US9027087B2 (en) | 2013-03-14 | 2015-05-05 | Rackspace Us, Inc. | Method and system for identity-based authentication of virtual machines |
US9244775B2 (en) | 2013-03-14 | 2016-01-26 | International Business Machines Corporation | Reducing reading of database logs by persisting long-running transaction data |
US9454294B2 (en) | 2013-03-15 | 2016-09-27 | International Business Machines Corporation | Creating, provisioning and managing virtual data centers |
US8954992B2 (en) | 2013-03-15 | 2015-02-10 | Lenovo Enterprise Solutions (Singapore) Pte. Ltd. | Distributed and scaled-out network switch and packet processing |
JP5983484B2 (ja) | 2013-03-21 | 2016-08-31 | 富士通株式会社 | 情報処理システム、情報処理装置を制御する制御プログラム及び情報処理システムの制御方法 |
US9438495B2 (en) | 2013-04-02 | 2016-09-06 | Amazon Technologies, Inc. | Visualization of resources in a data center |
WO2014165601A1 (en) | 2013-04-02 | 2014-10-09 | Orbis Technologies, Inc. | Data center analytics and dashboard |
US9397929B2 (en) | 2013-04-22 | 2016-07-19 | Ciena Corporation | Forwarding multicast packets over different layer-2 segments |
US9973375B2 (en) | 2013-04-22 | 2018-05-15 | Cisco Technology, Inc. | App store portal providing point-and-click deployment of third-party virtualized network functions |
US9407540B2 (en) | 2013-09-06 | 2016-08-02 | Cisco Technology, Inc. | Distributed service chaining in a network environment |
US20140366155A1 (en) | 2013-06-11 | 2014-12-11 | Cisco Technology, Inc. | Method and system of providing storage services in multiple public clouds |
US9621642B2 (en) | 2013-06-17 | 2017-04-11 | Telefonaktiebolaget Lm Ericsson (Publ) | Methods of forwarding data packets using transient tables and related load balancers |
US9632858B2 (en) | 2013-07-28 | 2017-04-25 | OpsClarity Inc. | Organizing network performance metrics into historical anomaly dependency data |
US9426060B2 (en) | 2013-08-07 | 2016-08-23 | International Business Machines Corporation | Software defined network (SDN) switch clusters having layer-3 distributed router functionality |
US9311140B2 (en) | 2013-08-13 | 2016-04-12 | Vmware, Inc. | Method and apparatus for extending local area networks between clouds and migrating virtual machines using static network addresses |
US9338223B2 (en) | 2013-08-14 | 2016-05-10 | Verizon Patent And Licensing Inc. | Private cloud topology management system |
US9043576B2 (en) | 2013-08-21 | 2015-05-26 | Simplivity Corporation | System and method for virtual machine conversion |
US9686154B2 (en) | 2013-08-21 | 2017-06-20 | International Business Machines Corporation | Generating a service-catalog entry from discovered attributes of provisioned virtual machines |
US9304804B2 (en) | 2013-10-14 | 2016-04-05 | Vmware, Inc. | Replicating virtual machines across different virtualization platforms |
US20150106805A1 (en) | 2013-10-15 | 2015-04-16 | Cisco Technology, Inc. | Accelerated instantiation of cloud resource |
US9634944B2 (en) | 2013-10-24 | 2017-04-25 | Dell Products, Lp | Multi-level iSCSI QoS for target differentiated data in DCB networks |
WO2015061706A1 (en) | 2013-10-24 | 2015-04-30 | University Of Houston System | Location-based network routing |
KR20150070676A (ko) | 2013-12-17 | 2015-06-25 | 소프팅스 주식회사 | 퍼스널 홈 클라우드 컴퓨터 시스템 |
US10915449B2 (en) | 2013-12-19 | 2021-02-09 | Hewlett Packard Enterprise Development Lp | Prioritizing data requests based on quality of service |
WO2015100656A1 (zh) | 2013-12-31 | 2015-07-09 | 华为技术有限公司 | 一种实现虚拟机通信的方法和装置 |
US9992103B2 (en) | 2014-01-24 | 2018-06-05 | Cisco Technology, Inc. | Method for providing sticky load balancing |
US9529657B2 (en) | 2014-02-07 | 2016-12-27 | Oracle International Corporation | Techniques for generating diagnostic identifiers to trace events and identifying related diagnostic information |
US9678731B2 (en) | 2014-02-26 | 2017-06-13 | Vmware, Inc. | Methods and apparatus to generate a customized application blueprint |
US20150249709A1 (en) | 2014-02-28 | 2015-09-03 | Vmware, Inc. | Extending cloud storage with private devices |
US9722945B2 (en) | 2014-03-31 | 2017-08-01 | Microsoft Technology Licensing, Llc | Dynamically identifying target capacity when scaling cloud resources |
US9591064B2 (en) | 2014-03-31 | 2017-03-07 | Verizon Patent And Licensing Inc. | Method and apparatus for dynamic provisioning of communication services |
US9755858B2 (en) | 2014-04-15 | 2017-09-05 | Cisco Technology, Inc. | Programmable infrastructure gateway for enabling hybrid cloud services in a network environment |
US20150309908A1 (en) | 2014-04-29 | 2015-10-29 | Hewlett-Packard Development Company, L.P. | Generating an interactive visualization of metrics collected for functional entities |
US20150319063A1 (en) | 2014-04-30 | 2015-11-05 | Jive Communications, Inc. | Dynamically associating a datacenter with a network device |
US9473365B2 (en) | 2014-05-08 | 2016-10-18 | Cisco Technology, Inc. | Collaborative inter-service scheduling of logical resources in cloud platforms |
US9483378B2 (en) | 2014-05-21 | 2016-11-01 | Dynatrace Llc | Method and system for resource monitoring of large-scale, orchestrated, multi process job execution environments |
US9582254B2 (en) | 2014-05-22 | 2017-02-28 | Oracle International Corporation | Generating runtime components |
CN103986837B (zh) * | 2014-05-28 | 2017-11-10 | 天地融科技股份有限公司 | 信息处理方法及装置 |
US9426221B2 (en) | 2014-06-18 | 2016-08-23 | International Business Machines Corporation | Dynamic proximity based networked storage |
US10375024B2 (en) | 2014-06-20 | 2019-08-06 | Zscaler, Inc. | Cloud-based virtual private access systems and methods |
US9613078B2 (en) | 2014-06-26 | 2017-04-04 | Amazon Technologies, Inc. | Multi-database log with multi-item transaction support |
US10122605B2 (en) | 2014-07-09 | 2018-11-06 | Cisco Technology, Inc | Annotation of network activity through different phases of execution |
US20160013990A1 (en) | 2014-07-09 | 2016-01-14 | Cisco Technology, Inc. | Network traffic management using heat maps with actual and planned /estimated metrics |
US9729506B2 (en) * | 2014-08-22 | 2017-08-08 | Shape Security, Inc. | Application programming interface wall |
CN105446793B (zh) | 2014-08-28 | 2018-08-28 | 国际商业机器公司 | 迁移虚拟资产的方法和设备 |
US9825878B2 (en) | 2014-09-26 | 2017-11-21 | Cisco Technology, Inc. | Distributed application framework for prioritizing network traffic using application priority awareness |
US9634928B2 (en) | 2014-09-29 | 2017-04-25 | Juniper Networks, Inc. | Mesh network of simple nodes with centralized control |
US9774537B2 (en) | 2014-09-30 | 2017-09-26 | Nicira, Inc. | Dynamically adjusting load balancing |
US20160099847A1 (en) | 2014-10-02 | 2016-04-07 | Cisco Technology, Inc. | Method for non-disruptive cloud infrastructure software component deployment |
US10757170B2 (en) | 2014-10-13 | 2020-08-25 | Vmware, Inc. | Cross-cloud namespace management for multi-tenant environments |
US9558078B2 (en) | 2014-10-28 | 2017-01-31 | Microsoft Technology Licensing, Llc | Point in time database restore from storage snapshots |
CN104320342B (zh) | 2014-10-29 | 2017-10-27 | 新华三技术有限公司 | 一种多链路透明互联网络中报文转发方法和装置 |
US9871745B2 (en) | 2014-11-12 | 2018-01-16 | International Business Machines Corporation | Automatic scaling of at least one user application to external clouds |
US9602544B2 (en) | 2014-12-05 | 2017-03-21 | Viasat, Inc. | Methods and apparatus for providing a secure overlay network between clouds |
US9747249B2 (en) | 2014-12-29 | 2017-08-29 | Nicira, Inc. | Methods and systems to achieve multi-tenancy in RDMA over converged Ethernet |
US9075649B1 (en) | 2015-01-26 | 2015-07-07 | Storagecraft Technology Corporation | Exposing a proprietary image backup to a hypervisor as a disk file that is bootable by the hypervisor |
US10050862B2 (en) | 2015-02-09 | 2018-08-14 | Cisco Technology, Inc. | Distributed application framework that uses network and application awareness for placing data |
US9983973B2 (en) | 2015-02-18 | 2018-05-29 | Unravel Data Systems, Inc. | System and method for analyzing big data activities |
US10708342B2 (en) | 2015-02-27 | 2020-07-07 | Cisco Technology, Inc. | Dynamic troubleshooting workspaces for cloud and network management systems |
US10037617B2 (en) | 2015-02-27 | 2018-07-31 | Cisco Technology, Inc. | Enhanced user interface systems including dynamic context selection for cloud-based networks |
US10114966B2 (en) | 2015-03-19 | 2018-10-30 | Netskope, Inc. | Systems and methods of per-document encryption of enterprise information stored on a cloud computing service (CCS) |
US9432294B1 (en) | 2015-03-21 | 2016-08-30 | Cisco Technology, Inc. | Utilizing user-specified access control lists in conjunction with redirection and load-balancing on a port |
US9444744B1 (en) | 2015-04-04 | 2016-09-13 | Cisco Technology, Inc. | Line-rate selective load balancing of permitted network traffic |
US20170024260A1 (en) | 2015-07-21 | 2017-01-26 | Cisco Technology, Inc. | Workload migration across cloud providers and data centers |
US20170026470A1 (en) | 2015-07-22 | 2017-01-26 | Cisco Technology, Inc. | Intercloud audience and content analytics |
US9667657B2 (en) | 2015-08-04 | 2017-05-30 | AO Kaspersky Lab | System and method of utilizing a dedicated computer security service |
US9781209B2 (en) | 2015-08-20 | 2017-10-03 | Intel Corporation | Techniques for routing packets between virtual machines |
US10067780B2 (en) | 2015-10-06 | 2018-09-04 | Cisco Technology, Inc. | Performance-based public cloud selection for a hybrid cloud environment |
US11005682B2 (en) | 2015-10-06 | 2021-05-11 | Cisco Technology, Inc. | Policy-driven switch overlay bypass in a hybrid cloud network environment |
US10142293B2 (en) | 2015-12-15 | 2018-11-27 | International Business Machines Corporation | Dynamically defined virtual private network tunnels in hybrid cloud environments |
CN105740084B (zh) | 2016-01-27 | 2018-08-24 | 北京航空航天大学 | 考虑共因故障的云计算系统可靠性建模方法 |
US10129177B2 (en) | 2016-05-23 | 2018-11-13 | Cisco Technology, Inc. | Inter-cloud broker for hybrid cloud networks |
-
2015
- 2015-10-13 US US14/881,649 patent/US10462136B2/en active Active
-
2016
- 2016-10-12 EP EP21162173.5A patent/EP3890268A1/en active Pending
- 2016-10-12 WO PCT/US2016/056648 patent/WO2017066327A1/en active Application Filing
- 2016-10-12 CN CN201680059738.2A patent/CN108141456B/zh active Active
- 2016-10-12 EP EP16788322.2A patent/EP3363176B1/en active Active
-
2019
- 2019-09-24 US US16/581,601 patent/US11218483B2/en active Active
-
2021
- 2021-12-20 US US17/556,468 patent/US20220360583A1/en active Pending
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20110213719A1 (en) * | 2010-02-26 | 2011-09-01 | James Michael Ferris | Methods and systems for converting standard software licenses for use in cloud computing environments |
CN104205757A (zh) * | 2012-04-24 | 2014-12-10 | 思科技术公司 | 用于混合云的分布式虚拟交换机架构 |
US8938775B1 (en) * | 2012-06-27 | 2015-01-20 | Amazon Technologies, Inc. | Dynamic data loss prevention in a multi-tenant environment |
CN103067406A (zh) * | 2013-01-14 | 2013-04-24 | 暨南大学 | 一种公有云与私有云之间的访问控制系统及方法 |
CN104113595A (zh) * | 2014-07-09 | 2014-10-22 | 武汉邮电科学研究院 | 一种基于安全等级划分的混合云存储系统及方法 |
CN104270467A (zh) * | 2014-10-24 | 2015-01-07 | 冯斌 | 一种用于混合云的虚拟机管控方法 |
Cited By (13)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108989456B (zh) * | 2018-08-11 | 2019-06-25 | 广东易积网络股份有限公司 | 一种基于大数据的网络实现方法 |
CN108989456A (zh) * | 2018-08-11 | 2018-12-11 | 广州知弘科技有限公司 | 一种基于大数据的网络实现方法 |
CN110875889B (zh) * | 2018-09-03 | 2022-09-27 | 阿里巴巴集团控股有限公司 | 一种用于获取路径的方法及其装置 |
CN110875889A (zh) * | 2018-09-03 | 2020-03-10 | 阿里巴巴集团控股有限公司 | 一种用于获取路径的方法及其装置 |
CN109495469B (zh) * | 2018-11-09 | 2021-05-11 | 南京医渡云医学技术有限公司 | 流量分析安全管控系统、方法及装置 |
CN109495469A (zh) * | 2018-11-09 | 2019-03-19 | 南京医渡云医学技术有限公司 | 流量分析安全管控系统、方法及装置 |
CN111225071A (zh) * | 2018-11-23 | 2020-06-02 | 深信服科技股份有限公司 | 一种云平台及跨云平台网络互通系统、方法 |
CN111432024A (zh) * | 2020-04-09 | 2020-07-17 | 兰州聚源信息科技有限公司 | 基于scorm技术的复合云培训平台的搭建方法 |
CN111432024B (zh) * | 2020-04-09 | 2022-11-04 | 兰州聚源信息科技有限公司 | 基于scorm技术的复合云培训平台的搭建方法 |
CN113271362A (zh) * | 2021-06-08 | 2021-08-17 | 天闻数媒科技(湖南)有限公司 | 基于混合云的教育资源的处理方法、装置、系统及介质 |
CN113595846A (zh) * | 2021-07-20 | 2021-11-02 | 重庆长安汽车股份有限公司 | 云对云环境中gre隧道实现通信的方法 |
CN115695045A (zh) * | 2022-12-14 | 2023-02-03 | 深圳富联富桂精密工业有限公司 | 安全组动态配置方法、装置及计算机可读存储介质 |
CN115695045B (zh) * | 2022-12-14 | 2023-06-06 | 深圳富联富桂精密工业有限公司 | 安全组动态配置方法、装置及计算机可读存储介质 |
Also Published As
Publication number | Publication date |
---|---|
US20200021594A1 (en) | 2020-01-16 |
WO2017066327A1 (en) | 2017-04-20 |
US20220360583A1 (en) | 2022-11-10 |
EP3363176B1 (en) | 2021-04-28 |
US11218483B2 (en) | 2022-01-04 |
US10462136B2 (en) | 2019-10-29 |
EP3890268A1 (en) | 2021-10-06 |
CN108141456B (zh) | 2021-07-20 |
US20170104755A1 (en) | 2017-04-13 |
EP3363176A1 (en) | 2018-08-22 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN108141456A (zh) | 混合云安全组 | |
CA3143107C (en) | Systems and methods providing a multi-cloud microservices gateway using a sidecar proxy | |
US10938787B2 (en) | Cloud services management system and method | |
US11562176B2 (en) | IoT fog as distributed machine learning structure search platform | |
US20180219762A1 (en) | Seamless service function chaining across domains | |
CA2943250C (en) | Method and system for ensuring an application conforms with security and regulatory controls prior to deployment | |
US20180027009A1 (en) | Automated container security | |
JP2020503784A (ja) | モノのインターネット | |
CN110830389A (zh) | 包括路由传播、安全性和应用部署的多云环境的单点管理 | |
US20170017907A1 (en) | Supply chain excellence as a service | |
US20230047880A1 (en) | Sidecar proxy as a service | |
US20240187424A1 (en) | Intelligent quarantine on switch fabric for physical and virtualized infrastructure | |
Neto et al. | Seamless mano of multi-vendor sdn controllers across federated multi-domains | |
Ermolenko et al. | Internet of Things services orchestration framework based on Kubernetes and edge computing | |
US11088915B1 (en) | Live network sandboxing on a centralized management system | |
Toumi et al. | On cross-domain Service Function Chain orchestration: An architectural framework | |
Paolino et al. | Compute and network virtualization at the edge for 5G smart cities neutral host infrastructures | |
Rahman et al. | Blockchain-enabled SLA compliance for crowdsourced edge-based network function virtualization | |
Grabatin et al. | Policy-based network and security management in federated service infrastructures with permissioned blockchains | |
US20240129306A1 (en) | Service to service communication and authentication via a central network mesh | |
Balaji | Fog computing and its challenges | |
Mir | AI-Assisted Edge Computing for Multi-Tenant Management of Edge Devices in 6G Networks | |
Hoogendoorn | NSX-T Federation | |
Rani et al. | Network Slicing for Zero-Touch Networks: A Top-Notch Technology | |
CN117675559A (zh) | 多数据中心跨域互通多云业务编排方法、装置和设备 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |