SECURITY AWARE LOAD BALANCING FOR A GLOBAL SERVER LOAD BALANCING SYSTEM
The method of some embodiments protects multiple datacenters that implement an application. The datacenter include multiple DNS clusters for assigning clients to the datacenters. The method is performed at a first datacenter. The method receives, from a second datacenter, a security notification ide...
Gespeichert in:
| Hauptverfasser: | , , |
|---|---|
| Format: | Patent |
| Sprache: | eng |
| Online-Zugang: | Volltext bestellen |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| Zusammenfassung: | The method of some embodiments protects multiple datacenters that implement an application. The datacenter include multiple DNS clusters for assigning clients to the datacenters. The method is performed at a first datacenter. The method receives, from a second datacenter, a security notification identifying a set of clients that pose a security threat. The method stores a set of identifiers associated with the set of clients on a deny-list. Prior to responding to a DNS request from a particular client, the method determines whether the particular client is on the deny-list. The method rejects the DNS request when the particular client is on the deny-list. The method processes the DNS request when the particular client is not on the deny-list. |
|---|