High availability solutions for a secure access service edge application

Assignee

• VMware LLC · US

Inventors

• Pierluigi Rolando · Santa Clara, US
• Jayant Jain · Cupertino, US
• Raju Koganty · San Jose, US
• Shadab Shah · Sunnyvale, US
• Abhishek Goliya · Pune, IN
• Chandran Anjur Narasimhan · Milpitas, US
• Gurudutt Maiya Belur · Redwood City, US
• Vikas Kamath · Burlingame, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L69/40
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

A software-defined wide area network (SD-WAN) environment that leverages network virtualization management deployment is provided. Edge security services managed by the network virtualization management deployment are made available in the SD-WAN environment. Cloud gateways forward SD-WAN traffic to managed service nodes to apply security services. Network traffic is encapsulated with corresponding metadata to ensure that services can be performed according to the desired policy. Point-to-point tunnels are established between cloud gateways and the managed service nodes to transport the metadata to the managed service nodes using an overlay logical network. Virtual network identifiers (VNIs) in the metadata are used by the managed service nodes to identify tenants/policies. A managed service node receiving a packet uses provider service routers (T0-SR) and tenant service routers (T1-SRs) based on the VNI to apply the prescribed services for the tenant, and the resulting traffic is returned to the cloud gateway that originated the traffic.