公开(公告)号：US20220360563A1

公开(公告)日：2022-11-10

申请号：US17872846

申请日：2022-07-25

Applicant: VMware, Inc.

Inventor： Arnold POON ,  Sirisha MYNENI ,  Rajiv MORDANI ,  Aditi VUTUKURI

IPC: H04L9/40 ,  H04L61/103 ,  G06F9/455

Abstract: In an embodiment, a computer-implemented method for enabling enhanced firewall rules via ARP-based annotations is described. In an embodiment, a method comprises detecting, by a hypervisor implemented in a first host, that a first process is executing on the first host. The hypervisor determines first context information for the first process, generates a first request, encapsulates the first request and the first context information in a first packet, and transmits the first packet to a central controller to cause the central controller to update the controller's table to indicate that the first process is executing on the first host. In response to receiving a second packet from the central controller and determining that the second packet comprises a first response, the hypervisor extracts second context information from the second packet and, based on the second context information, determines that a second process is executing on a second host.

公开(公告)号：US20200296077A1

公开(公告)日：2020-09-17

申请号：US16351083

申请日：2019-03-12

Applicant: VMware, Inc.

Inventor： Arnold POON ,  Sirisha MYNENI ,  Rajiv MORDANI ,  Aditi VUTUKURI

IPC: H04L29/06 ,  H04L29/12 ,  G06F9/455

Abstract: In an embodiment, a computer-implemented method for enabling enhanced firewall rules via ARP-based annotations is described. In an embodiment, a method comprises detecting, by a hypervisor implemented in a first host, that a first process is executing on the first host. The hypervisor determines first context information for the first process, generates a first request, encapsulates the first request and the first context information in a first packet, and transmits the first packet to a central controller to cause the central controller to update the controller's table to indicate that the first process is executing on the first host. In response to receiving a second packet from the central controller and determining that the second packet comprises a first response, the hypervisor extracts second context information from the second packet and, based on the second context information, determines that a second process is executing on a second host.