| CPC H04L 45/54 (2013.01) [H04L 45/586 (2013.01); H04L 45/745 (2013.01); H04L 63/0227 (2013.01)] | 17 Claims |
|
1. A system, comprising:
a processor configured to:
generate at least two virtual routers for a cloud security service, wherein the at least two virtual routers include a first virtual router and a second virtual router, wherein a first IP address space of a cloud security service provider and a second IP address space of an enterprise subscriber have an overlapping IP address space, the overlapping IP address space corresponding to at least a first portion of the first IP address space being the same as at least a second portion of the second IP address space, the first IP address space being located in a different geographical location from the second IP address space;
route cloud security service packets using the first virtual router; and
route enterprise subscriber packets using the second virtual router, wherein Internet bound traffic originating from the overlapping IP address space of the second IP address space is routed by the first virtual router to the Internet and return traffic coming from the Internet is routed by a symmetric return returning packets via a router interface that the packets were originally received bypassing a routing table lookup; and
a memory coupled to the processor and configured to provide the processor with instructions.
|