公开(公告)号：US11991211B1

公开(公告)日：2024-05-21

申请号：US17643781

申请日：2021-12-10

Applicant: Amazon Technologies, Inc.

Inventor： Hrushikesh Jaibheem Gangur ,  Tomasz Jozef Adamski ,  Christian Elsen ,  Baihu Qian ,  Nick Matthews ,  Omer Hashmi ,  Bashuman Deb ,  Thomas Nguyen Spendley

IPC: H04L9/40 ,  H04L12/46

CPC classification number: H04L63/20 ,  H04L12/4675 ,  H04L63/0263 ,  H04L63/0272

Abstract: Systems and methods are provided for enforcing symmetric flows of cross-region network traffic through firewalls in multi-region network environments. Enforcement may be configured automatically by analyzing network policy data to identify cross-region traffic that is to be firewalled, and configuring gateway nodes in the various regions to implement symmetric bidirectional flows through any firewalls in the communication path. Beneficially, by enforcing symmetric bi-directional flows of traffic through any firewalls in a communication path, the firewalls may maintain the state of a given communication session even when the communication session is between endpoints in different regions that have different architectures.