Browse Prior Art Database

A Method of Providing Security Zones Within Web Hosting Sites

IP.com Disclosure Number: IPCOM000015620D
Original Publication Date: 2002-Mar-13
Included in the Prior Art Database: 2003-Jun-20
Document File: 1 page(s) / 49K

Publishing Venue

IBM

Abstract

We describe a method to extend security zones into Web Hosting sites. In the environment that we have today where exploitation through the internet is a daily affair, security is vital at all levels. Customers are requiring levels of security be introduced at all levels, even inside cages owned by them in Web Hosting sites. The method introduces the Virtual Local Area Networks (VLANS) concept to provide zones of security within the infrastructure. The advantage of our approach is that it extends a VLAN concept which has been applied in the security area in other development applications, to a service provider to isolate layers of the infrastructure. Firewalls are shared between customers in this approach, as are other devices, but the use of VLANs allows layered security to be provided a lower cost. Virtual Local Area Networks (or VLANS) allow a switch to support multiple Ethernet LANs that are logically distinct from each other. Two devices on different VLANs cannot communicate with each other any more than if they were on separate LANs. A router is required to forward the traffic between the VLANs. VLANS have been developed and deployed around the world in enterprise networks. The properties of VLANS are put to use in ISP and or Web Hosting applications for the purpose of not simply isolating a few devices or enterprises but of separating layers of devices based on function. This concept is illustrated in the following diagram

This text was extracted from a PDF file.
At least one non-text object (such as an image or picture) has been suppressed.
This is the abbreviated version, containing approximately 72% of the total text.

Page 1 of 1

A Method of Providing Security Zones Within Web Hosting Sites

   We describe a method to extend security zones into Web Hosting sites. In the environment that we have today where exploitation through the internet is a daily affair, security is vital at all levels. Customers are requiring levels of security be introduced at all levels, even inside cages owned by them in Web Hosting sites. The method introduces the Virtual Local Area Networks (VLANS) concept to provide zones of security within the infrastructure. The advantage of our approach is that it extends a VLAN concept which has been applied in the security area in other development applications, to a service provider to isolate layers of the infrastructure. Firewalls are shared between customers in this approach, as are other devices, but the use of VLANs allows layered security to be provided a lower cost. Virtual Local Area Networks (or VLANS) allow a switch to support multiple Ethernet LANs that are logically distinct from each other. Two devices on different VLANs cannot communicate with each other any more than if they were on separate LANs. A router is required to forward the traffic between the VLANs. VLANS have been developed and deployed around the world in enterprise networks. The properties of VLANS are put to use in ISP and or Web Hosting applications for the purpose of not simply isolating a few devices or enterprises but of separating layers of devices based on function. This concept is illustrat...