| CPC H04L 49/104 (2013.01) [H04L 12/462 (2013.01); H04L 12/4633 (2013.01); H04L 41/0893 (2013.01); H04L 45/04 (2013.01); H04L 45/16 (2013.01); H04L 45/24 (2013.01); H04L 45/74 (2013.01); H04L 49/1553 (2013.01); H04L 49/203 (2013.01); H04L 61/106 (2013.01); H04L 63/20 (2013.01); H04L 69/22 (2013.01)] | 14 Claims |
|
1. A system comprising:
a first switching fabric at a first site including a first plurality of endpoints, communicatively coupled via a network to a second switching fabric at a second site including a second plurality of endpoints, wherein the first site is at a different geographic location than the second site, a multi-site controller communicably connected with the first site and the second site;
wherein the multi-site controller is configured to:
define a Virtual Routing and Forwarding (VRF) domain extending between the first and second sites enabling communication between a group of endpoints including multiple endpoints at the first site and multiple endpoints at the second site;
identify at least a subset of endpoints within the group of endpoints using one or more filtering criteria, wherein the subset of endpoints includes at least one endpoint at the first site and at least one endpoint at the second site;
apply a shared security policy to the subset of endpoints; and
define a second VRF domain extending between the first and second sites enabling communication between a second group of endpoints including at least one endpoint at the first site and at least one endpoint at the second site, wherein the system selectively allows communication between endpoints connected via the VRF domain and endpoints connected via the second VRF domain.
|