CREATING NETWORK ISOLATION BETWEEN VIRTUAL MACHINES

CREATING NETWORK ISOLATION BETWEEN VIRTUAL MACHINES

A method, system, and program product for creating network isolation between virtual machines is provided, including receiving, by a security virtual machine (SVM), an outgoing network packet from a virtual machine (VM). The source internet protocol (IP) address and a source media access control (MA...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Lemay Monica J, Patgar Yogesh G, Krishnamurthy Vijayalakshmi, Itskin Randall C
Format: Patent
Sprache:eng
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRIC DIGITAL DATA PROCESSING
ELECTRICITY
PHYSICS
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:A method, system, and program product for creating network isolation between virtual machines is provided, including receiving, by a security virtual machine (SVM), an outgoing network packet from a virtual machine (VM). The source internet protocol (IP) address and a source media access control (MAC) address is extracted from the outgoing network packet. A zone identifier table is searched for a zone id, whereby the zone identifier table includes the source IP address and the source MAC address. The outgoing network packet is sent to a physical Ethernet adapter connected to an external network switch whereby the external network switch is connected to an external network, based on the zone id not being found in the zone identifier table. The outgoing network packet is sent to a physical Ethernet adapter that is connected to an internal switch, based on the zone id being found in the zone identifier table.