Dynamic Network Tunnel Endpoint Selection
First Claim
1. A computer-implemented method of selecting a network tunnel endpoint, comprising:
- dynamically selecting, from among a plurality of selectable tunnel endpoints, a particular one of the selectable tunnel endpoints for tunneling into an enterprise network, wherein the particular one has a lowest cost according to cost metric information associated with reaching a destination in the enterprise network from each of the selectable tunnel endpoints; and
establishing the network tunnel using the particular one of the selectable tunnel endpoints.
2 Assignments
0 Petitions
Accused Products
Abstract
Dynamically selecting an endpoint for a tunnel into an enterprise computing infrastructure. A client dynamically selects a gateway (which may alternatively be referred to as a boundary device or server) as a tunnel endpoint for connecting over a public network (or, more generally, an untrusted network) into an enterprise computing infrastructure. The selection is made, in preferred embodiments, according to least-cost routing metrics pertaining to paths through the enterprise network from the selected gateway to a destination host. The least-cost routing metrics may be computed using factors such as the proximity of selectable tunnel endpoints to the destination host; stability or redundancy of network resources for this gateway; monetary costs of transmitting data over a path between the selectable tunnel endpoints and destination host; congestion on that path; hop count for that path; and/or latency or transmit time for data on that path.
79 Citations
18 Claims
-
1. A computer-implemented method of selecting a network tunnel endpoint, comprising:
-
dynamically selecting, from among a plurality of selectable tunnel endpoints, a particular one of the selectable tunnel endpoints for tunneling into an enterprise network, wherein the particular one has a lowest cost according to cost metric information associated with reaching a destination in the enterprise network from each of the selectable tunnel endpoints; and establishing the network tunnel using the particular one of the selectable tunnel endpoints. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. A system for establishing a network tunnel across an untrusted network environment, comprising:
-
a plurality of selectable tunnel endpoints; a client operably connected to the untrusted network environment; a destination operably connected to an enterprise network; cost metric information associated with reaching the destination from each of the selectable tunnel endpoints; a selector for dynamically selecting a particular one of the selectable tunnel endpoints for tunneling into the enterprise network, wherein the particular one has a lowest cost according to the cost metric information associated with reaching the destination; and an establisher for establishing the network tunnel from the client to the particular one of the selectable tunnel endpoints.
-
-
18. A computer program product for establishing a network tunnel, the computer program product comprising at least one computer-usable storage media storing computer-usable program code, wherein the computer-usable program code, when executed on a computer, causes the computer to:
-
dynamically select, from among a plurality of selectable tunnel endpoints, a particular one of the selectable tunnel endpoints for tunneling into an enterprise network, wherein the particular one has a lowest cost according to cost metric information associated with reaching a destination in the enterprise network from each of the selectable tunnel endpoints; and establish the network tunnel using the particular one of the selectable tunnel endpoints.
-
Specification