发明名称 |
ISOLATION AND SECURITY HARDENING AMONG WORKLOADS IN A MULTI-TENANT NETWORKED ENVIRONMENT |
摘要 |
A method and associated systems for enhanced isolation and security hardening among multi-tenant workloads. An agent running on a processor of a networked computer system on which multicast and broadcast communications have been disabled captures an address-resolution query message from a querying tenant, converts the query message to a unicast message, and forwards the converted unicast query message to a switch. The switch forwards the converted unicast message to a redirection device and in response receives an address-resolution response message only after the redirection device verifies that the query and response messages comply with security policies. The switch forwards the address-resolution response to the querying tenant in conformance with security policies. |
申请公布号 |
US2013347095(A1) |
申请公布日期 |
2013.12.26 |
申请号 |
US201213531761 |
申请日期 |
2012.06.25 |
申请人 |
BARJATIYA SAURABH;SARIPALLI KANAKA P.;INTERNATIONAL BUSINESS MACHINES CORPORATION |
发明人 |
BARJATIYA SAURABH;SARIPALLI KANAKA P. |
分类号 |
G06F21/00;G06F15/16 |
主分类号 |
G06F21/00 |
代理机构 |
|
代理人 |
|
主权项 |
|
地址 |
|