Routing application calls
US-11196665-B1 · Dec 7, 2021 · US
Network system architecture using a virtual private network (VPN) as a sidecar for containerized devices supporting containers
US12047351B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-12047351-B2 |
| Application number | US-202117209328-A |
| Country | US |
| Kind code | B2 |
| Filing date | Mar 23, 2021 |
| Priority date | Feb 3, 2021 |
| Publication date | Jul 23, 2024 |
| Grant date | Jul 23, 2024 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A host computing device for use in a network architecture having at least one client computing device or network, at least one server computing device or network and a gateway coupled between the at least one client computing device or network and the at least one server computing device or network. The host computing device includes at least one application container and at least one sidecar container coupled to the application container. The sidecar container provides supporting features to the application container. The sidecar container is a virtual private network (VPN) sidecar that performs at least one sidecar function on behalf of the application container.
First claim
Opening claim text (preview).
The invention claimed is: 1. A host computing device for use in a network architecture having at least one client computing device or network, at least one server computing device or network and a gateway coupled between the at least one client computing device or network and the at least one server computing device or network, comprising: at least one application container; and at least one sidecar container coupled to the at least one application container, wherein the at least one sidecar container provides supporting features to the at least one application container, wherein the at least one sidecar container is a virtual private network (VPN) sidecar that performs at least one sidecar function on behalf of the at least one application container, wherein the VPN sidecar is assigned a Virtual Stealth Endpoint (VSE), and wherein the VSE translates and routes data traffic as secure communications between the at least one client computing device and the at least one server computing device via the network gateway. 2. The host computing device as recited in claim 1 , wherein the VPN sidecar allows the maintenance of the at least one application container to be managed by the host computing device, and wherein the VPN sidecar allows the configuration and management of the VPN sidecar to be managed by the gateway. 3. The host computing device as recited in claim 1 , wherein the VPN sidecar is configured in such a way that the features provided by the VPN sidecar can be accessed and modified only by authorized users of the gateway. 4. The host computing device as recited in claim 1 , wherein the at least one application container has a network layer, wherein the VPN sidecar has a network layer, and wherein the VPN sidecar allows the network layer of the application container to attach to the network layer of the VPN sidecar. 5. The host computing device as recited in claim 1 , wherein the VPN sidecar is platform agnostic. 6. The host computing device as recited in claim 1 , wherein the VPN sidecar is an IPSec compliant VPN sidecar. 7. The host computing device as recited in claim 1 , wherein the supporting features provided by the sidecar container include at least one of monitoring services, logging services, configuration services, networking services, platform abstraction and virtual agent services. 8. A network architecture, comprising: at least one client computing device, wherein the at least one client computing device includes: at least one application container, and at least one sidecar container coupled to the at least one application container, wherein the at least one sidecar container provides supporting features to the at least one application container, wherein the at least one sidecar container is a virtual private network (VPN) sidecar that performs at least one sidecar function on behalf of the at least one application container; at least one server computing device; and a network gateway coupled between the at least one client computing device and the at least one server computing device, wherein the VPN sidecar is assigned a Virtual Stealth Endpoint (VSE), and wherein the VSE translates and routes data traffic as secure communications between the at least one client computing device and the at least one server computing device via the network gateway. 9. The network architecture as recited in claim 8 , wherein the VPN sidecar allows the maintenance of the at least one application container to be managed by the host computing device, and wherein the VPN sidecar allows the configuration and management of the VPN sidecar to be managed by the gateway. 10. The network architecture as recited in claim 8 , wherein the VPN sidecar is configured in such a way that the features provided by the VPN sidecar can be accessed and modified only by authorized users of the gateway. 11. The network architecture as recited in claim 8 , wherein the at least one application container is a cleartext container having a network layer, and wherein the VPN sidecar allows the cleartext container to attach its network layer to the VPN sidecar. 12. The network architecture as recited in claim 8 , wherein the at least one client computing device is an Internet of Things (IOT) edge device. 13. The network architecture as recited in claim 8 , wherein the VPN sidecar is an IPSec compliant VPN sidecar. 14. The network architecture as recited in claim 8 , wherein the at least one host computing device hosts a macvlan network. 15. The network architecture as recited in claim 8 , wherein the gateway is a Unisys Stealth Secure Virtual Gateway (SVG). 16. The network architecture as recited in claim 8 , wherein the gateway is coupled to the at least one host computing device via a cleartext interface and wherein the gateway is coupled to the at least one server computing device via a Unisys Stealth interface. 17. The network architecture as recited in claim 8 , wherein the at least one server computing device is a Unisys Stealth network. 18. The network architecture as recited in claim 8 , wherein the at least one server computing device includes a Unisys Stealth server. 19. A method for configuring a network architecture, the network architecture having at least one client computing device, at least one server computing device and at least one network gateway coupled between the at least one client computing device and the at least one server computing device; loading at least one application or service container within the at least one client computing device; executing at least one application or service within the at least one application or service container; attaching at least one sidecar container to the at least one application or service container, wherein the at least one sidecar container is a virtual private network (VPN) sidecar that performs at least one sidecar function on behalf of the at least one application or service container; and assigning the VPN sidecar a Virtual Stealth Endpoint (VSE), wherein the VSE translates and routes data traffic as secure communications between the at least one client computing device and the at least one server computing device via the network gateway. 20. The method as recited in claim 19 , wherein assigning the VPN sidecar a Virtual Stealth Endpoint (VSE) comprises a Stealth Virtual Agent (SVA) assigning the VPN sidecar a Virtual Stealth Endpoint (VSE).
Assignees
Inventors
Classifications
at the network layer · CPC title
Replication or mirroring of data, e.g. scheduling or transport for data synchronisation between network nodes · CPC title
Network integration; Enabling network access in virtual machine instances · CPC title
Hypervisor-specific management and integration aspects · CPC title
Network management architectures or arrangements · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US12047351B2 cover?
- A host computing device for use in a network architecture having at least one client computing device or network, at least one server computing device or network and a gateway coupled between the at least one client computing device or network and the at least one server computing device or network. The host computing device includes at least one application container and at least one sidecar c…
- Who is the assignee on this patent?
- Panchamia Sanket, K K Amith, Pranaav H P, and 2 more
- What technology area does this patent fall under?
- Primary CPC classification H04L63/0272. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Jul 23 2024 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 2 related publications on this page (citations in our corpus or others sharing the same primary CPC).