Ryan S. Menezes - Woodinville WA, US Taroon Mandhana - Seattle WA, US Shankar Seal - Bothell WA, US Dhiraj P. Gandhi - Bellevue WA, US Aaron Wesley Cunningham - Redmond WA, US
Assignee:
MICROSOFT CORPORATION - Redmond WA
International Classification:
G06F 15/16 G06F 17/30
US Classification:
726 5
Abstract:
In embodiments of registration and network access control, an initially unconfigured network interface device can be registered and configured as an interface to a public network for a client device. In another embodiment, a network interface device can receive a network access request from a client device to access a secure network utilizing extensible authentication protocol (EAP), and the request is communicated to an authentication service to authenticate a user of the client device based on user credentials. In another embodiment, a network interface device can receive a network access request from a client device to access a Web site in a public network utilizing a universal access method (UAM), and the request is redirected to the authentication service to authenticate a user of the client device based on user credentials.
Jonathan M. Au - Redmond WA, US Peter Seraphim Ponomarev - Seattle WA, US Sharif S. Farag - Bothell WA, US Kevin Michael Woley - Seattle WA, US Sharad Kylasam - Seattle WA, US Mark Yalovsky - Seattle WA, US Krishna Venkatesh - Seattle WA, US Shankar Seal - Bothell WA, US Srinivas Raghu Gatta - Redmond WA, US Rajeev Agrawal - Bothell WA, US Vijay Prakash - Seattle WA, US
Assignee:
Microsoft Corporation - Redmond WA
International Classification:
G06F 3/048
US Classification:
715771
Abstract:
Various embodiments provide a user interface that displays a history of resource usage of a computing device's applications over time. Historical resource usage data can be presented in a manner which informs the user, on an application-by-application basis, of each application's resource usage across a plurality of resources. In at least some embodiments, the user interface can provide one or more instrumentalities that enable the user to interact with and/or modify operational characteristics of various applications based upon the presented historical resource usage data.
Arindam Chatterjee - Issaquah WA, US Bashar Kachachi - Kirkland WA, US Bruce Leban - Redmond WA, US Calvin Choe - Redmond WA, US Charles Jeffries - Sammamish WA, US Jeffrey Shipman - Redmond WA, US Lakshmanan Venkitaraman - Redmond WA, US Marc Shepard - Bellevue WA, US Sachin Sheth - Bothell WA, US Shankar Seal - Bellevue WA, US Yang Gao - Issaquah WA, US Patrick Stratton - Redmond WA, US Michael Lee - Bellevue WA, US
Assignee:
Microsoft Corporation - Redmond WA
International Classification:
G06F 17/30
US Classification:
707010000
Abstract:
A managed network with a quarantine enforcement policy based on the status of installed updates for software on each client seeking access to the managed network. To determine whether a client requesting access has up-to-date software, an access server may communicate directly with an update server to determine the update status of the client requesting access. Information from the update server allows the update server to determine which update the client requesting access is missing. The access server may also receive an indication of the severity of the updates missing from the client requesting access. The access server may use the severity information to apply a quarantine enforcement policy, thereby avoiding the need for either the client or access server to be programmed to identify specific software updates that must be installed for a client to comply with a quarantine enforcement policy. To reduce network congestion and delays seeking access to the network, the quarantine enforcement policy includes a deadline by which updates must be installed. Establishing a deadline allows a grace period during which clients may download new updates and avoids network congestion from multiple clients downloading updates simultaneously.
- Redmond WA, US Poornananda Gaddehosur Ramachandra - Redmond WA, US Osman Nuri Ertugay - Bellevue WA, US Keith Edgar Horton - North Bend WA, US Omar Cardona - Bellevue WA, US Nicholas David Wood - Woodinville WA, US Shankar Seal - Bothell WA, US Dinesh Kumar Govindasamy - Redmond WA, US
International Classification:
G06F 9/455 H04L 29/12
Abstract:
Embodiments relate to hypervisors that provide hardware isolated virtualization environments (HIVEs) such as containers and virtual machines (VMs). A first HIVE includes a first virtual network interface card (NIC) and a second HIVE includes a second virtual NIC. Both virtual NICs are backed by the same physical NIC. The physical NIC has an Internet Protocol (IP) address. The virtual NICs are assigned the same IP address as the physical NIC. A networking stack of the hypervisor receives inbound packets addressed to the IP address. The networking stack steers the inbound packets to the virtual NICs according to tuples of the inbound packets. Packets emitted by the virtual NICs comprise the IP address, pass through the network stack, and are transmitted by the physical NIC with headers comprising the IP address.
Seamless Network Characteristics For Hardware Isolated Virtualized Environments
- Redmond WA, US Poornananda Gaddehosur Ramachandra - Redmond WA, US Osman Nuri Ertugay - Bellevue WA, US Keith Edgar Horton - North Bend WA, US Omar Cardona - Bellevue WA, US Nicholas David Wood - Woodinville WA, US Shankar Seal - Bothell WA, US Dinesh Kumar Govindasamy - Redmond WA, US
International Classification:
H04L 29/12 H04L 12/46 G06F 9/455
Abstract:
Embodiments described herein relate to providing hardware isolated virtualized environments (HIVEs) with network information. The HIVEs are managed by a hypervisor that virtualizes access to one or more physical network interface cards (NICs) of the host. Each HIVE has a virtual NIC backed by the physical NIC. Network traffic of the HIVEs flows through the physical NIC to a physical network. Traits of the physical NIC may be projected to the virtual NICs. For example, a media-type property of the virtual NICs (exposed to guest software in the HIVEs) may be set to mirror the media type of the physical NIC. A private subnet connects the virtual NICs with the physical NICs, possibly through a network address translation (NAT) component and virtual NICs of the host.
- Redmond WA, US Poornananda Gaddehosur Ramachandra - Redmond WA, US Shankar Seal - Bothell WA, US Anurag Saxena - Bellevue WA, US Arun Venkatachalam - Redmond WA, US Sai Krishna Goutham Bachu - Seattle WA, US
International Classification:
H04L 29/06
Abstract:
Embodiments relate to enabling clouds to multiplex their public network addresses among private addresses of IPSec gateways while making sure that IPSec tunnel packets are delivered to the private addresses of the IPSec tunnels that they are associated with. When IPSec packets egress from a cloud, the cloud may determine which IPSec tunnel or gateway the IPSec packets are associated with and modify the IPSec packets to identify the associated tunnel or gateway. When IPSec packets ingress to the cloud, the cloud may find identity information in the IPSec packets that identifies the associated tunnel or gateway. The identity information is used to direct the IPSec packets to the associated tunnel or gateway.
- Redmond WA, US Taroon Mandhana - Seattle WA, US Shankar Seal - Bothell WA, US Dhiraj P. Gandhi - Bellevue WA, US Aaron Wesley Cunningham - Redmond WA, US
International Classification:
H04L 29/06 H04L 29/08
Abstract:
In embodiments of registration and network access control, an initially unconfigured network interface device can be registered and configured as an interface to a public network for a client device. In another embodiment, a network interface device can receive a network access request from a client device to access a secure network utilizing extensible authentication protocol (EAP), and the request is communicated to an authentication service to authenticate a user of the client device based on user credentials. In another embodiment, a network interface device can receive a network access request from a client device to access a Web site in a public network utilizing a universal access method (UAM), and the request is redirected to the authentication service to authenticate a user of the client device based on user credentials.
- Redmond WA, US Taroon Mandhana - Seattle WA, US Shankar Seal - Bothell WA, US Dhiraj P. Gandhi - Bellevue WA, US Aaron Wesley Cunningham - Redmond WA, US
International Classification:
H04L 29/06
US Classification:
713172
Abstract:
In embodiments of registration and network access control, an initially unconfigured network interface device can be registered and configured as an interface to a public network for a client device. In another embodiment, a network interface device can receive a network access request from a client device to access a secure network utilizing extensible authentication protocol (EAP), and the request is communicated to an authentication service to authenticate a user of the client device based on user credentials. In another embodiment, a network interface device can receive a network access request from a client device to access a Web site in a public network utilizing a universal access method (UAM), and the request is redirected to the authentication service to authenticate a user of the client device based on user credentials.