| CPC H04L 63/20 (2013.01) [H04L 63/0428 (2013.01)] | 21 Claims |
|
1. A method for providing network security services, the method comprising:
receiving, by a virtual machine network security appliance implemented in a container server, a request to transfer data to a container application implemented in the container server, wherein the request indicates a source device;
provisioning an internal communication path between the source device and a destination device, if a source container and a destination container are within a single container group;
performing an internal communication between the source device and the destination device, if the source device and the destination device are not within a single container group and the source device and the destination device are within a single container server;
performing an external communication between the source device and the destination device, if the source device and the destination device are not within a single container group and the source device and the destination device are not within a single container server;
allowing data transfer between the source device and the destination device via one of the internal communication path, the internal communication and the external communication, without intervention by a virtual machine network security appliance;
performing, by the virtual machine network security appliance after the allowed data transfer between the source device and the destination device, a security process on the data to yield security processed data; and
providing, by the virtual machine network security appliance, the security processed data to the container application via a communication path internal to the container server.
|