公开(公告)号：US08578003B2

公开(公告)日：2013-11-05

申请号：US13491328

申请日：2012-06-07

申请人： Eric Jason Brandwine ,  Clarissa Loree Cook Brandwine ,  Daniel T. Cohn ,  Andrew J. Doane ,  Carl J. Moses ,  Stephen E. Schmidt

发明人： Eric Jason Brandwine ,  Clarissa Loree Cook Brandwine ,  Daniel T. Cohn ,  Andrew J. Doane ,  Carl J. Moses ,  Stephen E. Schmidt

IPC分类号： G06F15/177

CPC分类号： H04L41/0803 ,  H04L12/4641 ,  H04L45/586 ,  H04L63/0272

摘要： Techniques are described for providing users with access to computer networks, such as to enable users to interact with a remote configurable network service in order to create and configure computer networks that are provided by the configurable network service for use by the users. Computer networks provided by the configurable network service may be configured to be private computer networks that are accessible only by the users who create them, and may each be created and configured by a client of the configurable network service to be an extension to an existing computer network of the client, such as a private computer network extension to an existing private computer network of the client. If so, secure private access between an existing computer network and new computer network extension that is being provided may be enabled using one or more VPN connections or other private access mechanisms.

摘要翻译： 描述了为用户提供对计算机网络的访问的技术，例如使用户能够与远程可配置网络服务进行交互，以便创建和配置由可配置网络服务提供以供用户使用的计算机网络。 由可配置网络服务提供的计算机网络可以被配置为只能由创建它们的用户访问的专用计算机网络，并且每个可以由可配置网络服务的客户端创建和配置成为现有计算机的扩展 客户端的网络，如私有计算机网络扩展到客户端的现有专用计算机网络。 如果是这样，可以使用一个或多个VPN连接或其他私人访问机制来启用现有计算机网络和正在提供的新的计算机网络分机之间的安全私人访问。

公开(公告)号：US20120311108A1

公开(公告)日：2012-12-06

申请号：US13491328

申请日：2012-06-07

申请人： Eric Jason Brandwine ,  Clarissa Loree Cook Brandwine ,  Daniel T. Cohn ,  Andrew J. Doane ,  Carl J. Moses ,  Stephen E. Schmidt

发明人： Eric Jason Brandwine ,  Clarissa Loree Cook Brandwine ,  Daniel T. Cohn ,  Andrew J. Doane ,  Carl J. Moses ,  Stephen E. Schmidt

IPC分类号： G06F15/177

CPC分类号： H04L41/0803 ,  H04L12/4641 ,  H04L45/586 ,  H04L63/0272

摘要： Techniques are described for providing users with access to computer networks, such as to enable users to interact with a remote configurable network service in order to create and configure computer networks that are provided by the configurable network service for use by the users. Computer networks provided by the configurable network service may be configured to be private computer networks that are accessible only by the users who create them, and may each be created and configured by a client of the configurable network service to be an extension to an existing computer network of the client, such as a private computer network extension to an existing private computer network of the client. If so, secure private access between an existing computer network and new computer network extension that is being provided may be enabled using one or more VPN connections or other private access mechanisms.

摘要翻译： 描述了为用户提供对计算机网络的访问的技术，例如使用户能够与远程可配置网络服务进行交互，以便创建和配置由可配置网络服务提供以供用户使用的计算机网络。 由可配置网络服务提供的计算机网络可以被配置为只能由创建它们的用户访问的专用计算机网络，并且每个可以由可配置网络服务的客户端创建和配置成为现有计算机的扩展 客户端的网络，如私有计算机网络扩展到客户端的现有专用计算机网络。 如果是这样，可以使用一个或多个VPN连接或其他私人访问机制来启用现有计算机网络和正在提供的新的计算机网络分机之间的安全私人访问。

公开(公告)号：US08230050B1

公开(公告)日：2012-07-24

申请号：US12332214

申请日：2008-12-10

申请人： Eric Jason Brandwine ,  Clarissa Loree Cook Brandwine ,  Daniel T. Cohn ,  Andrew J. Doane ,  Carl J. Moses ,  Stephen E. Schmidt

发明人： Eric Jason Brandwine ,  Clarissa Loree Cook Brandwine ,  Daniel T. Cohn ,  Andrew J. Doane ,  Carl J. Moses ,  Stephen E. Schmidt

IPC分类号： G06F15/177

CPC分类号： H04L41/0803 ,  H04L12/4641 ,  H04L45/586 ,  H04L63/0272

摘要： Techniques are described for providing users with access to computer networks, such as to enable users to interact with a remote configurable network service in order to create and configure computer networks that are provided by the configurable network service for use by the users. Computer networks provided by the configurable network service may be configured to be private computer networks that are accessible only by the users who create them, and may each be created and configured by a client of the configurable network service to be an extension to an existing computer network of the client, such as a private computer network extension to an existing private computer network of the client. If so, secure private access between an existing computer network and new computer network extension that is being provided may be enabled using one or more VPN connections or other private access mechanisms.

摘要翻译： 描述了为用户提供对计算机网络的访问的技术，例如使用户能够与远程可配置网络服务进行交互，以便创建和配置由可配置网络服务提供以供用户使用的计算机网络。 由可配置网络服务提供的计算机网络可以被配置为只能由创建它们的用户访问的专用计算机网络，并且每个可以由可配置网络服务的客户端创建和配置成为现有计算机的扩展 客户端的网络，如私有计算机网络扩展到客户端的现有专用计算机网络。 如果是这样，可以使用一个或多个VPN连接或其他私人访问机制来启用现有计算机网络和正在提供的新的计算机网络分机之间的安全私人访问。

公开(公告)号：US20100246443A1

公开(公告)日：2010-09-30

申请号：US12414260

申请日：2009-03-30

申请人： Daniel T. Cohn ,  Eric Jason Brandwine ,  Andrew J. Doane

发明人： Daniel T. Cohn ,  Eric Jason Brandwine ,  Andrew J. Doane

IPC分类号： H04L12/28

CPC分类号： H04L41/0803 ,  G06F9/45558 ,  G06F2009/45595 ,  G06F2209/5011 ,  H04L12/4641 ,  H04L41/0213 ,  H04L41/0806 ,  H04L41/0893 ,  H04L41/12 ,  H04L45/00 ,  H04L45/02 ,  H04L67/10

摘要： Techniques are described for providing logical networking functionality for managed computer networks, such as for virtual computer networks provided on behalf of users or other entities. In some situations, a user may configure or otherwise specify a network topology for a virtual computer network, such as a logical network topology that separates multiple computing nodes of the virtual computer network into multiple logical sub-networks and/or that specifies one or more logical networking devices for the virtual computer network. After a network topology is specified for a virtual computer network, logical networking functionality corresponding to the network topology may be provided in various manners, such as without physically implementing the network topology for the virtual computer network. In some situations, the computing nodes may include virtual machine nodes hosted on one or more physical computing machines or systems, such as by or on behalf of one or more users.

摘要翻译： 描述了用于为被管理的计算机网络提供逻辑网络功能的技术，例如用于代表用户或其他实体提供的虚拟计算机网络。 在某些情况下，用户可以配置或以其他方式指定虚拟计算机网络的网络拓扑，例如将虚拟计算机网络的多个计算节点分成多个逻辑子网络的逻辑网络拓扑和/或指定一个或多个 用于虚拟计算机网络的逻辑网络设备。 在为虚拟计算机网络指定了网络拓扑之后，可以以各种方式提供与网络拓扑相对应的逻辑网络功能，例如不物理实现虚拟计算机网络的网络拓扑。 在一些情况下，计算节点可以包括托管在一个或多个物理计算机或系统上的虚拟机节点，诸如由一个或多个用户代表或代表一个或多个用户。

公开(公告)号：US09137209B1

公开(公告)日：2015-09-15

申请号：US12332216

申请日：2008-12-10

申请人： Eric Jason Brandwine ,  Daniel T. Cohn ,  Andrew J. Doane

发明人： Eric Jason Brandwine ,  Daniel T. Cohn ,  Andrew J. Doane

IPC分类号： G06F15/173 ,  G06F15/177 ,  G06F15/16 ,  H04L29/06 ,  H04L12/46

CPC分类号： H04L41/0806 ,  H04L12/4641 ,  H04L45/02 ,  H04L45/586 ,  H04L63/0272 ,  H04L67/02

摘要： Techniques are described for providing users with access to computer networks, such as to enable users to create computer networks that are provided by a remote configurable network service for use by the users. Such provided computer networks may be configured to be private computer networks accessible only by the users who create them, and may each be created and configured by a client of the configurable network service to be an extension to an existing computer network of the client, such as a private computer network extension to an existing private computer network of the client. In addition, access to remote resource services may be configured and provided from such computer networks in various manners, such as to include a local access mechanism as part of a provided computer network that is configured to forward communications sent to the access mechanism to a particular remote resource service.

摘要翻译： 描述了为用户提供对计算机网络的访问的技术，例如使得用户能够创建由远程可配置网络服务提供以供用户使用的计算机网络。 这样提供的计算机网络可以被配置为仅由创建它们的用户可访问的专用计算机网络，并且每个可以由可配置网络服务的客户端创建和配置为可扩展到客户端的现有计算机网络，例如 作为私人计算机网络扩展到客户端的现有专用计算机网络。 此外，可以以各种方式从这样的计算机网络配置和提供对远程资源服务的访问，例如包括作为所提供的计算机网络的一部分的本地访问机制，其被配置为将发送到访问机制的通信转发到特定的 远程资源服务。

公开(公告)号：US09043463B1

公开(公告)日：2015-05-26

申请号：US12414264

申请日：2009-03-30

申请人： Daniel T. Cohn ,  Eric Jason Brandwine ,  Andrew J. Doane

发明人： Daniel T. Cohn ,  Eric Jason Brandwine ,  Andrew J. Doane

IPC分类号： G06F15/173 ,  H04L29/06 ,  H04L29/12

CPC分类号： H04L41/0816 ,  H04L41/08 ,  H04L41/0806 ,  H04L61/103 ,  H04L61/2007 ,  H04L61/251 ,  H04L61/6004 ,  H04L61/6059 ,  H04L63/0272 ,  H04L67/10 ,  H04L67/16

摘要： Techniques are described for managing communications between multiple computing nodes, such as for computing nodes that are part of managed virtual computer networks provided on behalf of users or other entities. In some situations, one or more of the computing nodes of a managed virtual computer network is configured to perform actions to extend capabilities of the managed virtual computer network to other computing nodes that are not part of the managed virtual computer network, such as by forwarding communications between computing nodes of the managed virtual computer network and the other external computing nodes so as to enable the other external computing nodes to participate in the managed virtual computer network. In some situations, the computing nodes may include virtual machine nodes hosted on one or more physical computing machines or systems, such as by or on behalf of one or more users.

摘要翻译： 描述了用于管理多个计算节点之间的通信的技术，例如用于代表用户或其他实体提供的被管理的虚拟计算机网络的一部分的计算节点。 在某些情况下，被管理的虚拟计算机网络的一个或多个计算节点被配置为执行动作以将被管理的虚拟计算机网络的能力扩展到不属于被管理的虚拟计算机网络的其他计算节点，例如通过转发 管理的虚拟计算机网络的计算节点与其他外部计算节点之间的通信，以使得其他外部计算节点能够参与被管理的虚拟计算机网络。 在一些情况下，计算节点可以包括托管在一个或多个物理计算机或系统上的虚拟机节点，诸如由一个或多个用户代表或代表一个或多个用户。

公开(公告)号：US08737408B1

公开(公告)日：2014-05-27

申请号：US13472144

申请日：2012-05-15

申请人： Daniel T. Cohn ,  Eric Jason Brandwine ,  Andrew J. Doane

发明人： Daniel T. Cohn ,  Eric Jason Brandwine ,  Andrew J. Doane

IPC分类号： H04L12/28

CPC分类号： H04L41/0816 ,  G06F9/45533 ,  H04L41/50 ,  H04L61/103 ,  H04L61/251 ,  H04L69/167 ,  H04W4/02 ,  H04W80/045

摘要： Techniques are described for managing communications between multiple computing nodes, such as computing nodes that are part of a virtual computer network. In some situations, various types of modifications may be made to one or more computing nodes of an existing virtual computer network, and the described techniques include managing ongoing communications for those computing nodes so as to accommodate the modifications. Such modifications may include, for example, migrating or otherwise moving a particular computing node that is part of a virtual network to a new physical network location, or modifying other aspects of how the computing node participates in the virtual network (e.g., changing one or more virtual network addresses used by the computing node). In some situations, the computing nodes may include virtual machine nodes hosted on one or more physical computing machines or systems, such as by or on behalf of one or more users.

摘要翻译： 描述了用于管理多个计算节点（例如作为虚拟计算机网络的一部分的计算节点）之间的通信的技术。 在一些情况下，可以对现有虚拟计算机网络的一个或多个计算节点进行各种类型的修改，并且所描述的技术包括管理那些计算节点的持续通信，以便适应这些修改。 这样的修改可以包括例如将作为虚拟网络的一部分的特定计算节点迁移或以其他方式移动到新的物理网络位置，或修改计算节点如何参与虚拟网络的其他方面（例如，改变一个或多个 计算节点使用更多的虚拟网络地址）。 在一些情况下，计算节点可以包括托管在一个或多个物理计算机或系统上的虚拟机节点，诸如由一个或多个用户代表或代表一个或多个用户。

公开(公告)号：US09524167B1

公开(公告)日：2016-12-20

申请号：US12332241

申请日：2008-12-10

申请人： Daniel T. Cohn ,  Eric Jason Brandwine ,  Andrew J. Doane

发明人： Daniel T. Cohn ,  Eric Jason Brandwine ,  Andrew J. Doane

IPC分类号： G06F15/16 ,  G06F15/177 ,  G06F15/173 ,  G06F9/30 ,  G06F9/38 ,  H04L12/46 ,  H04L29/06

CPC分类号： H04L63/0272 ,  G06F9/30098 ,  G06F9/384 ,  G06F9/3842 ,  G06F9/3863 ,  G06F9/3885 ,  H04L12/4633 ,  H04L12/4641 ,  H04L12/4675 ,  H04L41/0886 ,  H04L61/2076

摘要： Techniques are described for providing users with access to computer networks, such as to enable users to create and configure computer networks that are provided by a remote configurable network service for the users' use. Computer networks provided by the configurable network service may be configured to be private computer networks that are accessible only by the users who create them, and may each be created and configured by a client of the configurable network service to be an extension to an existing computer network of the client, such as a private computer network extension to an existing private computer network of the client. In addition, access to remote resource services may be configured and provided from such computer networks in various manners, such as to automatically include access control information to limit access to particular resources to computing nodes at the location of that provided computer network.

摘要翻译： 描述了为用户提供对计算机网络的访问的技术，例如使得用户能够创建和配置由远程可配置网络服务提供以供用户使用的计算机网络。 由可配置网络服务提供的计算机网络可以被配置为专用计算机网络，其仅由创建它们的用户可访问，并且可以由可配置网络服务的客户端创建和配置，以作为现有计算机的扩展 客户端的网络，如私有计算机网络扩展到客户端的现有专用计算机网络。 此外，可以以各种方式从这样的计算机网络配置和提供对远程资源服务的访问，诸如自动包括访问控制信息，以限制对提供的计算机网络的位置处的计算节点的特定资源的访问。

公开(公告)号：US09106540B2

公开(公告)日：2015-08-11

申请号：US12414260

申请日：2009-03-30

申请人： Daniel T. Cohn ,  Eric Jason Brandwine ,  Andrew J. Doane

发明人： Daniel T. Cohn ,  Eric Jason Brandwine ,  Andrew J. Doane

IPC分类号： H04L12/24 ,  H04L12/46 ,  H04L12/701

CPC分类号： H04L41/0803 ,  G06F9/45558 ,  G06F2009/45595 ,  G06F2209/5011 ,  H04L12/4641 ,  H04L41/0213 ,  H04L41/0806 ,  H04L41/0893 ,  H04L41/12 ,  H04L45/00 ,  H04L45/02 ,  H04L67/10

摘要： Techniques are described for providing logical networking functionality for managed computer networks, such as for virtual computer networks provided on behalf of users or other entities. In some situations, a user may configure or otherwise specify a network topology for a virtual computer network, such as a logical network topology that separates multiple computing nodes of the virtual computer network into multiple logical sub-networks and/or that specifies one or more logical networking devices for the virtual computer network. After a network topology is specified for a virtual computer network, logical networking functionality corresponding to the network topology may be provided in various manners, such as without physically implementing the network topology for the virtual computer network. In some situations, the computing nodes may include virtual machine nodes hosted on one or more physical computing machines or systems, such as by or on behalf of one or more users.

摘要翻译： 描述了用于为被管理的计算机网络提供逻辑网络功能的技术，例如用于代表用户或其他实体提供的虚拟计算机网络。 在某些情况下，用户可以配置或以其他方式指定虚拟计算机网络的网络拓扑，例如将虚拟计算机网络的多个计算节点分成多个逻辑子网络的逻辑网络拓扑和/或指定一个或多个 用于虚拟计算机网络的逻辑网络设备。 在为虚拟计算机网络指定了网络拓扑之后，可以以各种方式提供与网络拓扑相对应的逻辑网络功能，例如不物理实现虚拟计算机网络的网络拓扑。 在一些情况下，计算节点可以包括托管在一个或多个物理计算机或系统上的虚拟机节点，诸如由一个或多个用户代表或代表一个或多个用户。

公开(公告)号：US09497040B1

公开(公告)日：2016-11-15

申请号：US13542441

申请日：2012-07-05

申请人： Kevin Christopher Miller ,  Eric Jason Brandwine ,  Andrew J. Doane

发明人： Kevin Christopher Miller ,  Eric Jason Brandwine ,  Andrew J. Doane

IPC分类号： G06F15/177 ,  H04L29/06 ,  H04L12/46 ,  H04L12/24

CPC分类号： H04L12/4641 ,  H04L12/66 ,  H04L41/5041 ,  H04L41/5096 ,  H04L45/586

摘要： Techniques are described for providing managed virtual computer networks that have a configured logical network topology with virtual networking devices, such as by a network-accessible configurable network service, with corresponding networking functionality provided for communications between multiple computing nodes of the virtual computer network by emulating functionality that would be provided by the virtual networking devices if they were physically present. In some situations, the networking functionality provided for a managed computer network of a client includes receiving routing communications directed to the virtual networking devices, and using included routing information to identify and initiate external actions whose effects are not related to how network communications between computing nodes of the managed computer network are configured to be routed or otherwise forwarded through the managed computer network, such as external actions that affect devices that are not part of the managed computer network, or other types of external actions.

摘要翻译： 描述了用于提供具有配置的逻辑网络拓扑的管理虚拟计算机网络的技术，其中具有虚拟网络设备，例如通过网络可访问的可配置网络服务，具有为虚拟计算机网络的多个计算节点之间的通信提供的对应网络功能， 虚拟网络设备如果物理存在的话将提供的功能。 在某些情况下，为客户端的受管计算机网络提供的网络功能包括接收定向到虚拟网络设备的路由通信，并且使用包括的路由信息​​来识别和启动其影响与计算节点之间的网络通信无关的外部动作 被管理的计算机网络被配置为被路由或以其他方式通过被管理的计算机网络转发，例如影响不属于被管理的计算机网络的设备的外部动作或其他类型的外部动作。