The present invention relates to computer platform virtualization and, more particularly, a system and method for accessing operationally identical virtual computers at multiple network sites. Specifically, the method performs synchronization between the multiple network sites of all information necessary for virtualizing a client computer or client network at the multiple network sites.
Currently, the most commonly employed method of transferring data over the Internet is to employ the World Wide Web environment, also called simply “the Web”. In the Web environment, servers and clients effect data transaction using the Hypertext Transfer Protocol (HTTP), a known protocol for handling the transfer of various data files (e g, text, still graphic images, audio, motion video). Information is formatted for presentation to a user by a standard page description language, the Hypertext Markup Language (HTML). In addition to basic presentation formatting, HTML allows developers to specify “links” to other web resources identified by a Uniform Resource Locater (URL). An URL, is a special syntax identifier defining a communications path to specific information. Each logical block of information accessible to a client, called a “page” or a “Web page”, is identified by the URL. The URL provides a universal, consistent method for finding and accessing information by the Web “browser” Retrieval of information on the Web is generally accomplished with an HTML-compatible browser by submitting a request at the client machine, e.g. personal computers (PC) or workstation computers for information identified by a URL. When a user desires to retrieve a page, a request is submitted to a server connected to a client computer at which the user is located and may be handled by a series of servers to effect retrieval of the requested information. The information is provided to the client formatted according to HTML.
A virtual platform is a software emulation of a computer system installed as a software application in a host computer. The virtual platform contains the main building blocks of the computer system, one or more processors, peripherals such as Ethernet and USB, and storage such as memory and disks. When the virtual platform is configured to emulate a workstation computer, an end user runs software applications on the virtual platform installed on the host computer identically to or at least in much the same way as on the workstation computer.
An example of a commercial virtual platform is a virtual machine as offered by VMware Inc. (Palo Alto, Calif.). The VMware virtual machine is an x86-based personal computer with a number of highly standardized components, such as USB 1.1 and 2.0, Ethernet controller, ATA disk drives, and VGA graphics. Performance of the virtual system, is typically within 50%-75% of performance of the host computer hosting the virtual system.
Tunneling is the transmission of data through a public network in such a way that routing nodes in the public network are unaware that the transmission is part of a private network. Tunneling is generally done by encapsulating the private network data and protocol information within the public network protocol data so that the tunneled data is not available to anyone examining the transmitted data frames. Tunneling allows the use of public networks (e.g., the Internet), to carry data on behalf of users as though they had access to a ‘private network’, hence the name.
Transport Layer Security (TLS) and its predecessor, Secure Sockets Layer (SSL), are cryptographic protocols which provide secure communications on the Internet for such things as web browsing, e-mail, Internet faxing, and other data transfers. There are slight differences between SSL 3.0 and TLS 1.0, but the protocol remains substantially the same.
TLS runs on layers beneath application protocols such as HTTP, FTP, SMTP and NNTP, and above the TCP or UDP transport protocol, which form part of the TCP/IP protocol suite. While it can add security to any protocol that uses reliable connections (such as TCP), it is most commonly used with HTTP to form HTTPS HTTPS is used to secure World Wide Web pages for applications such as electronic commerce. SMTP is also an area in which TLS has been growing and is specified in RFC 3207. These applications use public key certificates to verify the identity of endpoints.
TLS can also be used to tunnel an entire network stack to create a VPN, as is the case with OpenVPN. Many vendors now marry TLS's encryption and authentication capabilities with authorization. There has also been substantial development since the late 1990s in creating client technology outside of the browser to enable support for client/server applications. When compared against traditional IPSec VPN technologies, TLS has some inherent advantages in firewall and NAT traversal that make it easier to administer for large remote access populations. Vendors like Arkoon, Aventail, F5 Networks, Juniper, and others have been developing in this space for some time.
Secure VPNs use cryptographic tunneling protocols to provide the intended confidentiality (blocking snooping and thus Packet sniffing), sender authentication (blocking identity spoofing), and message integrity (blocking message alteration) to achieve privacy. When properly chosen, implemented, and used, such techniques can provide secure communications over unsecured networks.
Reference is now made to FIG. 1 (prior art) illustrating conventional access to a virtual system over the Internet through a network 10. Network 10 includes access to an application server 109 in a local area network (LAN) through a firewall 111 and gateway computer 101. A virtual machine emulating workstation computer 113 is installed in virtualization server 105. The virtual machine is built by accessing and copying detailed system information and user data from workstation computer 113 and storing the virtualization information at virtualization server 105 or storage device 107 accessible by virtualization server 105. The virtual machine emulating workstation computer 113 is accessible using an HTML browser, for instance from another computer, e.g. portable computer 1010 or another application installed on computer 1010. The pages provided by virtualization server 105 to computer 1010 are an emulation or virtualization of the behavior of desktop while working with workstation computer 113.