Methods, circuits, apparatus, systems and associated software applications for providing security on one or more servers, including virtual servers

摘要

Disclosed are methods, circuits, apparatus, systems and associated software applications for providing security on one or more servers, including virtual servers. A server operating system may include or be otherwise functionally associated with a firewall application, which firewall application may regulate IP port access to resources on the server. A port-tending agent or application (PorTender) running on the server, or on a functionally associated computing platform, may monitor and regulate server port status (e.g. opened, closed, and conditionally opened). The PorTender may initiate and engage in communication sessions with a policy server, from which policy server the PorTender may receive port, user and security policies and/or settings.

主权项

1. A policy server configured to secure a functionally associated computing platform comprising:
a memory; and one or more processor in communication with the memory; the memory is configured to store computer executable instructions that when executed by the one or more processor, cause the one or more processor to provide: a direct secured tunnel administrator configured to establish a secure tunnel communication with said computing platform responsive to an intermittent connection request from said computing platform; a configuration manager configured to manage security settings and forward the settings along said tunnel; a secure internet-based graphical user interface (GUI) including security controls configured to control said configuration manager; a dynamic access lease manager including security controls configured-to generate an on-the-fly access lease to said computing platform, wherein the on-the-fly access lease defines provisions for accessing one or more firewall ports of said computing platform, wherein said provisions includes at least a lease duration for accessing one or more ports; a secure internet-based GUI including security controls configured to control said dynamic access lease manager; and control logic to coordinate activity between constituents of said policy server such that access to resources of said computing platform through an opening of said one or more firewall ports of said computing platform is triggered by the passing of an instruction from either said configuration manager or said dynamic access lease manager to the computing platform during a secure tunnel communication requested by said computing platform, wherein the access to resources of said computing platform is determined based on the generated on-the-fly access lease and the security settings.