-
公开(公告)号:US10701035B2
公开(公告)日:2020-06-30
申请号:US15960419
申请日:2018-04-23
Applicant: NETFLIX, INC.
Inventor: Jason Chan , Poornaprajna Udupi , Shashi Madappa
Abstract: Approaches, techniques, and mechanisms are disclosed for implementing a distributed firewall. In an embodiment, many different computer assets police incoming messages based on local policy data. This local policy data is synchronized with global policy data. The global policy data is generated by one or more separate analyzers. Each analyzer has access to message logs, or information derived therefrom, for groups of computer assets, and is thus able to generate policies based on intelligence from an entire group as opposed to an isolated asset. Among other effects, some of the approaches, techniques, and mechanisms may be effective even in computing environments with limited supervision over the attack surface, and/or computing environments in which assets may need to make independent decisions with respect to how incoming messages should be handled, on account of latency and/or unreliability in connections to other system components.
-
公开(公告)号:US20200174940A1
公开(公告)日:2020-06-04
申请号:US16561668
申请日:2019-09-05
Applicant: Netflix, Inc.
Inventor: Deva Jayaraman , Shashi Madappa , Sridhar Enugula , Ioannis Papapanagiotou
IPC: G06F12/0895 , G06F9/38 , G06F3/06 , G06F12/0891 , G06F12/0837
Abstract: The disclosed computer-implemented method includes receiving an indication that cache data is to be copied from an originating cluster having a specified number of replica nodes to a destination cluster having an arbitrary number of replica nodes. The method further includes copying the cache data to a cache dump and creating a log that identifies where the cache data is stored in the cache dump. The method further includes copying the cache data from the cache dump to the replica nodes of the destination cluster. The copying includes writing the copied data in a distributed manner, such that at least a portion of the copied data is distributed over each of the replica nodes in the destination cluster. Various other methods, systems, and computer-readable media are also disclosed.
-
公开(公告)号:US20160088020A1
公开(公告)日:2016-03-24
申请号:US14495631
申请日:2014-09-24
Applicant: Netflix, Inc.
Inventor: Jason Chan , Poornaprajna Udupi , Shashi Madappa
CPC classification number: H04L63/0245 , G06F17/30312 , H04L63/0218 , H04L63/0227 , H04L63/1408 , H04L63/20 , H04L67/10
Abstract: Approaches, techniques, and mechanisms are disclosed for implementing a distributed firewall. In an embodiment, many different computer assets police incoming messages based on local policy data. This local policy data is synchronized with global policy data. The global policy data is generated by one or more separate analyzers. Each analyzer has access to message logs, or information derived therefrom, for groups of computer assets, and is thus able to generate policies based on intelligence from an entire group as opposed to an isolated asset. Among other effects, some of the approaches, techniques, and mechanisms may be effective even in computing environments with limited supervision over the attack surface, and/or computing environments in which assets may need to make independent decisions with respect to how incoming messages should be handled, on account of latency and/or unreliability in connections to other system components.
Abstract translation: 公开了实现分布式防火墙的方法,技术和机制。 在一个实施例中,许多不同的计算机资产基于本地策略数据来警告传入消息。 此本地策略数据与全局策略数据同步。 全局策略数据由一个或多个单独的分析器生成。 每个分析器都可以访问消息日志或从其导出的信息,用于计算机资产的组,因此能够基于来自整个组而不是隔离资产的智能生成策略。 除了其他效果之外,一些方法,技术和机制可能是有效的,即使在对攻击面的监督有限的计算环境中,和/或资产可能需要就输入消息应如何进行独立决定的计算环境 由于与其他系统组件的连接的延迟和/或不可靠性而处理。
-
公开(公告)号:US11347651B2
公开(公告)日:2022-05-31
申请号:US17141217
申请日:2021-01-04
Applicant: Netflix, Inc.
Inventor: Deva Jayaraman , Shashi Madappa , Sridhar Enugula , Ioannis Papapanagiotou
IPC: G06F12/0895 , G06F12/0891 , G06F3/06 , G06F9/38 , G06F12/0837
Abstract: The disclosed computer-implemented method includes receiving an indication that cache data is to be copied from an originating cluster having a specified number of replica nodes to a destination cluster having an arbitrary number of replica nodes. The method further includes copying the cache data to a cache dump and creating a log that identifies where the cache data is stored in the cache dump. The method further includes copying the cache data from the cache dump to the replica nodes of the destination cluster. The copying includes writing the copied data in a distributed manner, such that at least a portion of the copied data is distributed over each of the replica nodes in the destination cluster. Various other methods, systems, and computer-readable media are also disclosed.
-
公开(公告)号:US20180316647A1
公开(公告)日:2018-11-01
申请号:US15960419
申请日:2018-04-23
Applicant: NETFLIX, INC.
Inventor: Jason Chan , Poornaprajna Udupi , Shashi Madappa
Abstract: Approaches, techniques, and mechanisms are disclosed for implementing a distributed firewall. In an embodiment, many different computer assets police incoming messages based on local policy data. This local policy data is synchronized with global policy data. The global policy data is generated by one or more separate analyzers. Each analyzer has access to message logs, or information derived therefrom, for groups of computer assets, and is thus able to generate policies based on intelligence from an entire group as opposed to an isolated asset. Among other effects, some of the approaches, techniques, and mechanisms may be effective even in computing environments with limited supervision over the attack surface, and/or computing environments in which assets may need to make independent decisions with respect to how incoming messages should be handled, on account of latency and/or unreliability in connections to other system components.
-
Patent Agency Ranking
公开(公告)号:US09621588B2
公开(公告)日:2017-04-11
申请号:US14495631
申请日:2014-09-24
Applicant: Netflix, Inc.
Inventor: Jason Chan , Poornaprajna Udupi , Shashi Madappa
CPC classification number: H04L63/0245 , G06F17/30312 , H04L63/0218 , H04L63/0227 , H04L63/1408 , H04L63/20 , H04L67/10
Abstract: Approaches, techniques, and mechanisms are disclosed for implementing a distributed firewall. In an embodiment, many different computer assets police incoming messages based on local policy data. This local policy data is synchronized with global policy data. The global policy data is generated by one or more separate analyzers. Each analyzer has access to message logs, or information derived therefrom, for groups of computer assets, and is thus able to generate policies based on intelligence from an entire group as opposed to an isolated asset. Among other effects, some of the approaches, techniques, and mechanisms may be effective even in computing environments with limited supervision over the attack surface, and/or computing environments in which assets may need to make independent decisions with respect to how incoming messages should be handled, on account of latency and/or unreliability in connections to other system components.
-
公开(公告)号:US20210124691A1
公开(公告)日:2021-04-29
申请号:US17141217
申请日:2021-01-04
Applicant: Netflix, Inc.
Inventor: Deva Jayaraman , Shashi Madappa , Sridhar Enugula , Ioannis Papapanagiotou
IPC: G06F12/0895 , G06F9/38 , G06F3/06 , G06F12/0837 , G06F12/0891
Abstract: The disclosed computer-implemented method includes receiving an indication that cache data is to be copied from an originating cluster having a specified number of replica nodes to a destination cluster having an arbitrary number of replica nodes. The method further includes copying the cache data to a cache dump and creating a log that identifies where the cache data is stored in the cache dump. The method further includes copying the cache data from the cache dump to the replica nodes of the destination cluster. The copying includes writing the copied data in a distributed manner, such that at least a portion of the copied data is distributed over each of the replica nodes in the destination cluster. Various other methods, systems, and computer-readable media are also disclosed.
-
公开(公告)号:US10915455B2
公开(公告)日:2021-02-09
申请号:US16561668
申请日:2019-09-05
Applicant: Netflix, Inc.
Inventor: Deva Jayaraman , Shashi Madappa , Sridhar Enugula , Ioannis Papapanagiotou
IPC: G06F12/0895 , G06F12/0891 , G06F3/06 , G06F9/38 , G06F12/0837
Abstract: The disclosed computer-implemented method includes receiving an indication that cache data is to be copied from an originating cluster having a specified number of replica nodes to a destination cluster having an arbitrary number of replica nodes. The method further includes copying the cache data to a cache dump and creating a log that identifies where the cache data is stored in the cache dump. The method further includes copying the cache data from the cache dump to the replica nodes of the destination cluster. The copying includes writing the copied data in a distributed manner, such that at least a portion of the copied data is distributed over each of the replica nodes in the destination cluster. Various other methods, systems, and computer-readable media are also disclosed.
-
公开(公告)号:US09954822B2
公开(公告)日:2018-04-24
申请号:US15471254
申请日:2017-03-28
Applicant: Netflix, Inc.
Inventor: Jason Chan , Poornaprajna Udupi , Shashi Madappa
CPC classification number: H04L63/0245 , G06F17/30312 , H04L63/0218 , H04L63/0227 , H04L63/1408 , H04L63/20 , H04L67/10
Abstract: Approaches, techniques, and mechanisms are disclosed for implementing a distributed firewall. In an embodiment, many different computer assets police incoming messages based on local policy data. This local policy data is synchronized with global policy data. The global policy data is generated by one or more separate analyzers. Each analyzer has access to message logs, or information derived therefrom, for groups of computer assets, and is thus able to generate policies based on intelligence from an entire group as opposed to an isolated asset. Among other effects, some of the approaches, techniques, and mechanisms may be effective even in computing environments with limited supervision over the attack surface, and/or computing environments in which assets may need to make independent decisions with respect to how incoming messages should be handled, on account of latency and/or unreliability in connections to other system components.
-
公开(公告)号:US20170201489A1
公开(公告)日:2017-07-13
申请号:US15471254
申请日:2017-03-28
Applicant: Netflix, Inc.
Inventor: Jason Chan , Poornaprajna Udupi , Shashi Madappa
IPC: H04L29/06
CPC classification number: H04L63/0245 , G06F17/30312 , H04L63/0218 , H04L63/0227 , H04L63/1408 , H04L63/20 , H04L67/10
Abstract: Approaches, techniques, and mechanisms are disclosed for implementing a distributed firewall. In an embodiment, many different computer assets police incoming messages based on local policy data. This local policy data is synchronized with global policy data. The global policy data is generated by one or more separate analyzers. Each analyzer has access to message logs, or information derived therefrom, for groups of computer assets, and is thus able to generate policies based on intelligence from an entire group as opposed to an isolated asset. Among other effects, some of the approaches, techniques, and mechanisms may be effective even in computing environments with limited supervision over the attack surface, and/or computing environments in which assets may need to make independent decisions with respect to how incoming messages should be handled, on account of latency and/or unreliability in connections to other system components.
-
-
-
-
-
-
-
-
-
Search Results
10
records
(took 0.022 seconds)
