| CPC H04L 63/20 (2013.01) [H04L 12/4641 (2013.01); H04L 61/5007 (2022.05); H04L 63/0245 (2013.01); H04L 63/0263 (2013.01); H04W 76/10 (2018.02); H04W 84/12 (2013.01); H04W 88/16 (2013.01)] | 8 Claims |
|
1. A container network interface managing network connectivity for a pool of containers on a gateway device coupled to a data communication network, including applying security policies to network traffic of containers, the gateway device comprising:
a processor;
a network interface communicatively coupled to the processor and to the enterprise network and to the Wi-Fi network; and
a memory, storing:
a Kubernetes configuration module to receive instructions related to configuring a pool of containers including spawning a specific container, and providing network connectivity for the specific container to a data communication network through a networking bridge,
wherein providing network connectivity includes creating a specific network connection between the specific container and the networking bridge, gathering network parameters for the specific container, configuring a container security policy with a network security module, and assigning an IP (Internet Protocol) address from a pool of IP addresses available for the pool of containers and VLANs for the pool of containers; and
a container traffic control module to receive inbound or outbound data packets concerning the specific container and forward to the security module for scanning against security policies, wherein the inbound or outbound data packets are sent over the network bridge from a kernel at layer 2,
wherein the container traffic control module forwards the inbound or outbound data packets that pass security scanning.
|