	US 12,355,769 B2
	System and method for restricting communications between virtual private cloud networks through security domains
Xiaobo Sherry Wei, Santa Clara, CA (US); and Shanshan Xu, Santa Clara, CA (US)
Assigned to Aviatrix Systems, Inc., Santa Clara, CA (US)
Filed by Aviatrix Systems, Inc., Santa Clara, CA (US)
Filed on Mar. 25, 2024, as Appl. No. 18/616,156.
Application 18/616,156 is a continuation of application No. 17/368,689, filed on Jul. 6, 2021, granted, now 11,943,223.
Claims priority of provisional application 63/150,504, filed on Feb. 17, 2021.
Prior Publication US 2024/0236095 A1, Jul. 11, 2024
This patent is subject to a terminal disclaimer.
Int. Cl. H04L 9/40 (2022.01); G06F 3/0482 (2013.01); H04L 12/46 (2006.01); H04L 12/66 (2006.01)

CPC H04L 63/10 (2013.01) [G06F 3/0482 (2013.01); H04L 12/4641 (2013.01); H04L 12/66 (2013.01); H04L 63/0272 (2013.01); H04L 63/20 (2013.01)]

12 Claims

1. A computerized method for restricting communications between virtual private cloud networks, comprising:

creating a plurality of security domains, each of the plurality of security domains identifies gateways associated with one or more virtual private cloud networks;

generating transit routing data stores in accordance with each of the plurality of security domains;

altering routing information maintained within the transit routing data stores for each security domain of the plurality of security domains; and

monitoring for changes to the plurality of security domains and generating an additional transit routing data store associated an added security domain

determining whether a connection policy exists between at least a first security domain and a second security domain of the plurality of security domains; and

precluding communications between gateways associated with the first security domain and gateways associated with the second security domain in response to determining that no connection policy exists between the first security domain and the second security domain.