DISTRIBUTED WAN SECURITY GATEWAY
First Claim
1. A method of establishing a virtual wide area network (WAN) for an enterprise, the method comprising:
- configuring a set of forwarding elements in first and second multi-tenant public cloud datacenters to implement the virtual WAN for the enterprise, the virtual WAN connecting a plurality of machines operating in a set of two or more locations of the enterprise that are outside of the first and second public cloud datacenters; and
configuring at least one WAN security gateway in at least one of the first and second public cloud datacenters, said WAN security gateway for controlling access to enterprise machines that are reachable through the virtual WAN.
3 Assignments
0 Petitions
Accused Products
Abstract
Some embodiments establish for an entity a virtual network over several public clouds of several public cloud providers and/or in several regions. In some embodiments, the virtual network is an overlay network that spans across several public clouds to interconnect one or more private networks (e.g., networks within branches, divisions, departments of the entity or their associated datacenters), mobile users, and SaaS (Software as a Service) provider machines, and other web applications of the entity. The virtual network in some embodiments can be configured to optimize the routing of the entity'"'"'s data messages to their destinations for best end-to-end performance, reliability and security, while trying to minimize the routing of this traffic through the Internet. Also, the virtual network in some embodiments can be configured to optimize the layer 4 processing of the data message flows passing through the network.
121 Citations
21 Claims
-
1. A method of establishing a virtual wide area network (WAN) for an enterprise, the method comprising:
-
configuring a set of forwarding elements in first and second multi-tenant public cloud datacenters to implement the virtual WAN for the enterprise, the virtual WAN connecting a plurality of machines operating in a set of two or more locations of the enterprise that are outside of the first and second public cloud datacenters; and configuring at least one WAN security gateway in at least one of the first and second public cloud datacenters, said WAN security gateway for controlling access to enterprise machines that are reachable through the virtual WAN. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
-
Specification