HYPERVISOR AGNOSTIC BIDIRECTIONAL SECURE CHANNEL FOR GUEST AGENT TRANSPORT

摘要

Systems, methods, and computer readable medium for virtualized computing environments. A method for providing a connection between a guest virtual machine and a service virtual machine uses driver code functions to establish a listening port on the service virtual machine without providing a listening port on the guest virtual machine. The guest virtual machine initiates a remote procedure call socket between itself and the service virtual machine over a secure, hardened port. The service virtual machine presents an authority certificate by encoding into the authority certificate identifying information received from the guest virtual machine. The service virtual machine makes available (e.g., as an ISO image) the authority certificate, which is used to establish new secure connections. Communications continue, where some communications are initiated by the service virtual machine over the hardened port, and some communications are initiated on-demand by the guest virtual machine over newly-established and authenticated secure RPC connections.