公开(公告)号：US20230269229A1

公开(公告)日：2023-08-24

申请号：US17679814

申请日：2022-02-24

Applicant: Google LLC

Inventor： Ujjwal Jain ,  Yuquan Jiang ,  Ines Clara Envid Lazaro ,  Rodney Chu ,  Uday Ramakrishna Naik

IPC: H04L9/40

CPC classification number: H04L63/0263 ,  H04L63/105 ,  H04L63/20

Abstract: Methods, systems, and apparatus include computer programs encoded on a computer-readable storage medium for firewall policies with improved efficiency. A policy can be defined that specifies a set of firewall rules, where the set of firewall rules provides a respective firewall rule for each layer of a plurality of layers within a hierarchical structure of a network, the network including a plurality of elements. Determining, for a first element within the network, a position within a first layer of the hierarchical structure. In response to receiving a data transmission request to or from the first element, applying the set of firewall rules in accordance with the first layer of the hierarchical structure, where applying the set of firewall rules comprises sequentially applying each respective firewall rule at each layer from an upper layer within the network to the first layer within the network.

公开(公告)号：US20230164021A1

公开(公告)日：2023-05-25

申请号：US17532207

申请日：2021-11-22

Applicant: Google LLC

Inventor： Benjamin John Benardos ,  Anshuman Gupta ,  Alok Kumar ,  Anjin Guo ,  Ujjwal Jain

IPC: H04L12/24 ,  H04L29/06

CPC classification number: H04L41/042 ,  H04L63/08

Abstract: Aspects of the disclosure are directed to a software defined network (SDN) having a sharded control plane. The SDN may include a host device and a sharded control plane. The sharded control plane may include a first controller and a second controller sharded by one or more dimensions. The first controller and the second controller may be configured to process requests received from the first host device based on their respective sharded one or more dimensions. The one or more dimensions may be networks or functions.