Methods and apparatus for providing a secure overlay network between clouds
First Claim
1. A method of interconnecting nodes in different clouds, the method comprising:
- receiving at an orchestrator a request for a secure overlay network (SON) from a first internal node inside a first cloud to a second internal node inside a second cloud, wherein;
the first internal node being connected by a first pre-existing connection path in the first cloud to a first port of the first cloud,the second internal node being connected by a second pre-existing connection path in the second cloud to a second port of the second cloud, andthe first port of the first cloud being connected to the second port of the second cloud by a pre-existing network; and
creating by the orchestrator the requested SON as an overlay on the pre-existing network, the SON being a point-to-point logically direct connection from the first internal node in the first cloud to the second internal node in the second cloud.
6 Assignments
0 Petitions
Accused Products
Abstract
A process capable of automatically establishing a secure overlay network (“SON”) across different clouds is disclosed. The process, in one aspect, receives a first request from a first node in a first cloud for establishing a SON. After receiving a second request for connecting to the SON from a second node in a second cloud, a first connection is established connecting between the first node and the second node utilizing a network security protocol such as Internet Protocol Security (“IPSec”). After receiving a third request for connecting to the SON from a third node in a third cloud, a second connection is used to connect between the first node and the third node. A third connection is used to connect between the second node and the third node. Each subsequent request for connecting to the SON from a new node results in new connections between the new node and each existing node in the SON forming a full-mesh.
19 Citations
25 Claims
-
1. A method of interconnecting nodes in different clouds, the method comprising:
-
receiving at an orchestrator a request for a secure overlay network (SON) from a first internal node inside a first cloud to a second internal node inside a second cloud, wherein; the first internal node being connected by a first pre-existing connection path in the first cloud to a first port of the first cloud, the second internal node being connected by a second pre-existing connection path in the second cloud to a second port of the second cloud, and the first port of the first cloud being connected to the second port of the second cloud by a pre-existing network; and creating by the orchestrator the requested SON as an overlay on the pre-existing network, the SON being a point-to-point logically direct connection from the first internal node in the first cloud to the second internal node in the second cloud. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. An orchestrator device comprising:
-
a web server containing at least one computing device configured to receive a request for a secure overlay network (SON) from a first internal node inside a first cloud to a second internal node inside a second cloud, wherein; the first internal node is connected by a first pre-existing connection path in the first cloud to a first port of the first cloud, the second internal node is connected by a second pre-existing connection path in the second cloud to a second port of the second cloud, and the first port of the first cloud is connected to the second port of the second cloud by a pre-existing network; and a SON manager coupling with an application server configured to facilitate creating the requested SON as an overlay on the pre-existing network, the SON being a point-to-point logically direct connection from the first internal node in the first cloud to the second internal node in the second cloud. - View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24, 25)
-
Specification