INTERFACE-BASED ACLS IN A LAYER-2 NETWORK

Organization Name

Oracle International Corporation

Inventor(s)

Lucas Michael Kreger-stickles of Seattle WA (US)

Shane Baker of Bellevue WA (US)

Bryce Eugene Bockman of Seattle WA (US)

Peter Croft Jones of Lexington MA (US)

Jagwinder Singh Brar of Bellevue WA (US)

INTERFACE-BASED ACLS IN A LAYER-2 NETWORK - A simplified explanation of the abstract

This abstract first appeared for US patent application 18412012 titled 'INTERFACE-BASED ACLS IN A LAYER-2 NETWORK

The abstract describes systems and methods for interface-based ACLs in a virtual Layer-2 network. This involves sending packets between source and destination compute instances through virtual network interfaces and evaluating access control lists embedded in the packets.

• Sending packets between source and destination compute instances in a virtual Layer-2 network.
• Evaluating access control lists embedded in the packets with source virtual network interfaces.
• Accessing ACL information from the packets and applying it to the packets.
• Identifying destination virtual network interfaces for packet delivery based on mapping information.
• Utilizing a mapping table to determine the destination virtual network interfaces.

Potential Applications: - Secure communication within virtual networks. - Network traffic management in virtual environments. - Enhancing network security in cloud computing.

Problems Solved: - Ensuring secure communication between compute instances. - Efficiently managing network traffic in virtual environments. - Enhancing network security and access control in cloud computing.

Benefits: - Improved network security and access control. - Efficient packet delivery within virtual networks. - Enhanced management of network traffic in virtual environments.

Commercial Applications: Title: "Enhancing Network Security in Virtual Environments with Interface-Based ACLs" This technology can be utilized by cloud service providers, data centers, and virtual network operators to enhance security and access control within their networks. It can also be integrated into network security solutions for enterprises to secure their virtual environments effectively.

Questions about Interface-Based ACLs: 1. How do interface-based ACLs improve network security in virtual environments?

  - Interface-based ACLs enhance network security by allowing for granular control over packet transmission and access within virtual networks.

2. What are the key advantages of using ACL information embedded in packets for access control?

  - Using ACL information embedded in packets enables efficient and effective access control without the need for additional network configurations.

Original Abstract Submitted

Systems and methods of interface-based ACLs in a virtual Layer-2 network. The method can include sending a packet from source compute instance in a virtual network to a destination compute instance via a destination virtual network interface card (destination VNIC) within a first virtual layer 2 network and evaluating an access control list (ACL) for the packet with a source virtual network interface card (source VNIC). ACL information relevant to the packet can be embedded in the packet. The VSRS can receive the packet and can identify the destination VNIC within the first virtual layer 2 network for delivery of the packet based on information received with the packet and mapping information contained within a mapping table. The VSRS can access ACL information from the packet and can apply the ACL information to the packet.