公开(公告)号：US20210218617A1

公开(公告)日：2021-07-15

申请号：US16738341

申请日：2020-01-09

Applicant: VMware, Inc.

Inventor： Amarnath PALAVALLI ,  Rajiv MORDANI ,  Josh DORR

IPC: H04L12/24 ,  H04L29/06 ,  H04L29/08

Abstract: Certain embodiments described herein are directed to a method of receiving information associated with a service provided by a management plane for managing a remote network. The method, in one example, includes registering, at an adapter container, with a data store or an entity within a service instance of a service deployment associated with a service within a software-defined networking environment associated with the remote network, wherein the service is provided for managing a remote network, and wherein registering with the data store or the entity causes the data store or the entity to send information associated with the service instance to the adapter when information is available. The method also includes receiving, at the adapter container, information from the data store or the entity. The method also includes transforming the information from a first format to a second format. The method also includes transmitting the information to an endpoint.

公开(公告)号：US20220360563A1

公开(公告)日：2022-11-10

申请号：US17872846

申请日：2022-07-25

Applicant: VMware, Inc.

Inventor： Arnold POON ,  Sirisha MYNENI ,  Rajiv MORDANI ,  Aditi VUTUKURI

IPC: H04L9/40 ,  H04L61/103 ,  G06F9/455

Abstract: In an embodiment, a computer-implemented method for enabling enhanced firewall rules via ARP-based annotations is described. In an embodiment, a method comprises detecting, by a hypervisor implemented in a first host, that a first process is executing on the first host. The hypervisor determines first context information for the first process, generates a first request, encapsulates the first request and the first context information in a first packet, and transmits the first packet to a central controller to cause the central controller to update the controller's table to indicate that the first process is executing on the first host. In response to receiving a second packet from the central controller and determining that the second packet comprises a first response, the hypervisor extracts second context information from the second packet and, based on the second context information, determines that a second process is executing on a second host.

公开(公告)号：US20200296077A1

公开(公告)日：2020-09-17

申请号：US16351083

申请日：2019-03-12

Applicant: VMware, Inc.

Inventor： Arnold POON ,  Sirisha MYNENI ,  Rajiv MORDANI ,  Aditi VUTUKURI

IPC: H04L29/06 ,  H04L29/12 ,  G06F9/455

Abstract: In an embodiment, a computer-implemented method for enabling enhanced firewall rules via ARP-based annotations is described. In an embodiment, a method comprises detecting, by a hypervisor implemented in a first host, that a first process is executing on the first host. The hypervisor determines first context information for the first process, generates a first request, encapsulates the first request and the first context information in a first packet, and transmits the first packet to a central controller to cause the central controller to update the controller's table to indicate that the first process is executing on the first host. In response to receiving a second packet from the central controller and determining that the second packet comprises a first response, the hypervisor extracts second context information from the second packet and, based on the second context information, determines that a second process is executing on a second host.

公开(公告)号：US20200186534A1

公开(公告)日：2020-06-11

申请号：US16213545

申请日：2018-12-07

Applicant: VMware, Inc.

Inventor： Arijit CHANDA ,  Venkat RAJAGOPALAN ,  Rajiv MORDANI ,  Arnold POON ,  Rajiv KRISHNAMURTHY ,  Farzad GHANNADIAN ,  Sirisha MYNENI

IPC: H04L29/06

Abstract: Techniques for providing application-independent access control in a cloud-services computing environment are provided. In one embodiment, a method for providing application-independent access control is provided. The method includes obtaining a user identity for accessing the cloud-services computing environment and receiving a user request to perform a task using an application. The method further includes collecting process-related data for performing the task using the application and obtaining one or more network routing addresses. The method further includes determining, based on the user identity, the process-related data, and the one or more network routing addresses, whether the task is to be performed. If that the task is to be performed, the task is caused to be performed using the application; and if the task is not to be performed, the user request is denied.