1. Technical Field
Embodiments of the present invention relate generally to the field of securing computer systems from network communication attacks, and more particularly to methods, systems, and computer program products for securing logical partitions or virtual machines from network communication attacks.
2. Description of Related Art
In the age of pervasive Internet availability, computer systems are under almost constant attack from a variety of sources, such as probes, scans, account compromises, root compromises, packet sniffers, denial of service attacks, exploitations of trust, malicious code, and Internet infrastructure attacks. Successful attacks may lead to serious consequences, such as loss of data, money, or confidential information, system downtime, and the like. Enterprises have strong desires to provide non-stop networking and protect their users and customers from attack.
There are a variety of systems designed to protect computer systems and networks from attacks. In addition to firewalls and the like, recently there have been developed intrusion prevention systems. An intrusion prevention system intercepts and analyzes every packet arriving at or departing from a computer connected to a network. If the intrusion prevention system deems a packet not to present an attack, the intrusion prevention system allows the packet to proceed. However, if the packet does represent an attack, the intrusion prevention system may either drop or modify the packet.
There is a trend in computing toward virtualized systems in which multiple virtual machines or logical partitions run on a single physical host system. Virtualized systems can provide many benefits, including consolidation to reduce hardware cost, optimization of workloads, and increased flexibility and responsiveness. Virtual machines or logical partitions share physical resources such as the physical network adapter of the host system. The architectures involved in the sharing of the physical network adapter among the virtual machines or logical partitions present challenges to the application of intrusion prevention systems to virtualized systems.