Considerable advances are being made in technologies for protected, trusted, Ethernet-based communications in the presence of malware attack vectors. See, for example, the REFERENCE APPLICATIONS. While such technologies have been applied to bare metal clients and servers, there remains a further need to address security threats that can arise during hypervisor-mediated communications. In such an environment, malware may target applications in virtual machines either directly or through the hypervisor. Malware configured to exploit security shortcomings in hypervisors, for example through holes in memory management, have the potential to compromise a series of virtual machines. Given the critical role virtualization plays in modern computing and communications, there is a pressing need for approaches to immunize, or to at least limit the risks attendant to, communications between virtual machines and remote computing infrastructure.
The present disclosure relates, in certain embodiments, to methods, systems, products, communication management operations, software, middleware, computing infrastructure and/or apparatus applicable for protecting virtual machines and hypervisors through a network security layer resident in the hypervisor that authenticates and authorizes incoming communications before transmission to virtualized components.