| CPC H04L 41/0893 (2013.01) [G06F 9/546 (2013.01); G06F 9/547 (2013.01); G06F 11/3409 (2013.01); G06F 16/2358 (2019.01); G06F 16/256 (2019.01); G06F 16/27 (2019.01); H04L 12/66 (2013.01); H04L 41/046 (2013.01); H04L 41/0654 (2013.01); H04L 41/0686 (2013.01); H04L 41/0803 (2013.01); H04L 41/12 (2013.01); H04L 43/06 (2013.01); H04L 43/0811 (2013.01); H04L 61/103 (2013.01); H04L 63/0263 (2013.01); H04L 63/104 (2013.01); H04L 67/14 (2013.01); H04L 69/22 (2013.01); H04L 41/22 (2013.01); H04L 67/1095 (2013.01)] | 24 Claims |
|
1. A method of distributing a service rule, defined in a first network domain, that (i) is to be enforced across a first set of sites based on a span of the first network domain and (ii) is defined by reference to a group identifier that identifies a group of machines defined in a second network domain, the method comprising:
at a global manager that manages a plurality of sites including the first set of sites, the plurality of sites located at a plurality of different geographic locations:
distributing the service rule to local managers at each site in the first set of sites;
identifying at least one site in the first set of sites that is not in a second set of sites that has already received a definition of the group, wherein a span of the group comprises the second set of sites based on a span of the second network domain;
extending the span of the group to include the identified sites in the first set of sites that are not in the second set of sites; and
distributing the group definition to the local managers at each identified site in the first set of sites that has not already received the definition of the group based on the expanded span of the group.
|