System and method for interlocking a host and a gateway

摘要

A method is provided in one example embodiment and includes exchanging a session descriptor associated with a network connection and an application on a host, correlating the session descriptor with a network policy, and applying the network policy to the network connection. In alternative embodiments, the session descriptor may be exchanged through an out-of-band communication channel or an in-band communication channel.

主权项

1. A method, comprising:
receiving a session descriptor by a processor at a network gateway, the session descriptor received from a host with a process attempting to establish a network connection via the network gateway, wherein the process is running on the host with a particular set of one or more user credentials, wherein the session descriptor includes a universally unique identifier (UUID) associated with the host and the particular set of one or more user credentials, wherein the host is configured to permit user authentication by any one of a plurality of sets of one or more user credentials, and wherein each set of the plurality of sets of one or more user credentials is associated with a different UUID; pairing the network connection with the particular set of one or more user credentials, wherein the pairing is based on the session descriptor; correlating the session descriptor with a network policy; and applying the network policy to the network connection, wherein the network policy is implemented based, at least in part, on the particular set of one or more user credentials paired with the network connection.