公开(公告)号：US20140317677A1

公开(公告)日：2014-10-23

申请号：US13866869

申请日：2013-04-19

Applicant: VMWARE, INC.

Inventor： Sachin Mohan Vaidya ,  Azeem Feroz ,  Anirban Sengupta ,  James Christopher Wiese

IPC: H04L29/06

CPC classification number: H04L63/20 ,  G06F21/554 ,  G06F21/56 ,  G06F21/568

Abstract: Systems and techniques are described for virtual machine security. A described technique includes operating one or more virtual machines each in accordance with a respective security container, wherein the respective security container is associated with a respective rule that specifies transfer of the virtual machine from the respective security container to a quarantine container based on one or more criteria. One or more security services are operated on the one or more virtual machines to identify one or more security threats associated with one or more of the virtual machines. One or more tags generated by the endpoint security services are obtained, where each tag is for a virtual machine that is associated with one of the identified security threats. And one of the virtual machines is identified as requiring transfer to the quarantine container based on, at least, one or more of the obtained tags and the one or more criteria.

Abstract translation: 描述了虚拟机安全性的系统和技术。 所描述的技术包括根据相应的安全容器来操作一个或多个虚拟机，其中相应的安全容器与相应的规则相关联，该相应的规则基于一个或多个虚拟机指定将虚拟机从相应的安全容器传输到检疫容器 更多的标准。 一个或多个安全服务在一个或多个虚拟机上操作以识别与一个或多个虚拟机相关联的一个或多个安全威胁。 获得由端点安全服务生成的一个或多个标签，其中每个标签用于与所识别的安全威胁之一相关联的虚拟机。 并且其中一个虚拟机被识别为基于至少一个或多个获得的标签和一个或多个标准来要求转移到隔离容器。