Scalable node for secure tunnel communications
US10498529B1 · kind B1 · utility
Assignee
Inventors
Key dates
| Filing date | Dec 5, 2016 |
| Grant date | Dec 3, 2019 |
| Priority date | — |
| Expiry date | Jan 29, 2038 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/164
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A virtual private network (VPN) endpoint node is implemented on multiple virtual machines in a provider network. One or more virtual machines execute a packet aggregator. One or more other virtual machines implement cryptographic units. The packet aggregator is configured to distribute incoming encrypted packets from a secure tunnel across the plurality of cryptographic units. Each cryptographic unit is configured to decrypt incoming encrypted packets from the packet aggregator and to encrypt outgoing plaintext packets for transmission across the secure tunnel. The packet aggregator also may assign a sequence number to an outgoing plaintext packet, create a tunneled packet including the sequence number in a header of the tunneled packet and including the plaintext packet in tunneled packet, select one of the cryptographic units, and forward the tunneled packet to the selected cryptographic unit.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.