System and method for providing an integrated firewall for secure network communication in a multi-tenant environment

摘要

An integrated firewall provides security in a multi-tenant environment having a connection-based switched fabric directly connecting database servers which provide a plurality of database services with application servers hosting database service consumers each having a different database service consumer identity. The firewall functionality integrated into each database server provides access control by discarding communication packets which do not include a database service consumer identity and using the database service consumer identity in combination with an access control list to control access from the database service consumers to the database services. The access control includes address resolution access control, connection establishment access control, and data exchange access control based on said access control list. The integrated firewall enables direct connection of database servers and application servers via an InfiniBand network providing without requiring a separate intermediary firewall appliance or security node.