US 12,244,648 B2
Distributed evaluation of networking security rules
Dheerendra Talur, Sammamish, WA (US); Venkat Maithreya Paritala, Seattle, WA (US); Abhishek Chhajer, Seattle, WA (US); Charlie Jahchan, Seattle, WA (US); and Yogeshkumar Kuite, Milpitas, CA (US)
Assigned to Amazon Technologies, Inc., Seattle, WA (US)
Filed by Amazon Technologies, Inc., Seattle, WA (US)
Filed on May 12, 2023, as Appl. No. 18/316,908.
Application 18/316,908 is a division of application No. 16/584,858, filed on Sep. 26, 2019, granted, now 11,652,848.
Prior Publication US 2023/0291769 A1, Sep. 14, 2023
Int. Cl. H04L 29/00 (2006.01); H04L 9/40 (2022.01)
CPC H04L 63/20 (2013.01) [H04L 63/0272 (2013.01); H04L 63/1433 (2013.01)] 20 Claims
OG exemplary drawing
 
1. One or more non-transitory computer-accessible storage media storing program instructions that when executed on or across one or more processors cause one or more computer systems to:
configure a plurality of security rule processing nodes for network traffic associated with a plurality of traffic sources and destinations;
transmit respective subsets of network configuration information associated with the plurality of traffic sources and destinations to individual ones of the security rule processing nodes, wherein the network configuration information includes a plurality of security rules; and
transmit respective addresses of at least a subset of the plurality of security rule processing nodes to a packet processing intermediary, wherein the packet processing intermediary is configured to request, with respect to individual packet flows, evaluation of applicable security rules by selected security rule processing nodes prior to initiating one or more routing actions for packets of the individual packet flows.