公开(公告)号：US20230308415A1

公开(公告)日：2023-09-28

申请号：US18326745

申请日：2023-05-31

Applicant: CLOUDFLARE, INC.

Inventor： Nicholas Alexander Wondra ,  Igor Postelnik ,  Michael John Vanderwater ,  Adam Simon Chalmers ,  Nuno Miguel Lourenço Diegues ,  Arég Harutyunyan ,  Erich Alfred Heine

IPC: H04L9/40 ,  H04L12/46 ,  H04L67/10

CPC classification number: H04L63/0236 ,  H04L12/4633 ,  H04L63/0485 ,  H04L63/029 ,  H04L63/0272 ,  H04L67/10

Abstract: A unified network service that connects multiple disparate private networks and end user client devices operating on separate networks is described. The multiple disparate private networks and end user client devices connect to a distributed cloud computing network that provides routing services, security services, and performance services, and that can be controlled consistently regardless of the connection type. The unified network service provides uniform access control at the L3 layer (e.g., at the IP layer) or at a higher layer using user identity information (e.g., a zero-trust model). The disparate private networks are run on top of the distributed cloud computing network. The virtual routing layer of the distributed cloud computing network allows customers of the service to have private resources visible only to client devices (e.g., user devices of the customer and/or server devices of the customer) of the organization while using address space that potentially overlaps with other customers of the distributed cloud computing network.

公开(公告)号：US20220303244A1

公开(公告)日：2022-09-22

申请号：US17700058

申请日：2022-03-21

Applicant: CLOUDFLARE, INC.

Inventor： Nicholas Alexander Wondra ,  Igor Postelnik ,  Michael John Vanderwater ,  Adam Simon Chalmers ,  Nuno Miguel Lourenço Diegues ,  Arég Harutyunyan ,  Erich Alfred Heine

IPC: H04L9/40 ,  H04L12/46 ,  H04L67/10

Abstract: A unified network service that connects multiple disparate private networks and end user client devices operating on separate networks is described. The multiple disparate private networks and end user client devices connect to a distributed cloud computing network that provides routing services, security services, and performance services, and that can be controlled consistently regardless of the connection type. The unified network service provides uniform access control at the L3 layer (e.g., at the IP layer) or at a higher layer using user identity information (e.g., a zero-trust model). The disparate private networks are run on top of the distributed cloud computing network. The virtual routing layer of the distributed cloud computing network allows customers of the service to have private resources visible only to client devices (e.g., user devices of the customer and/or server devices of the customer) of the organization while using address space that potentially overlaps with other customers of the distributed cloud computing network.

公开(公告)号：US20250023845A1

公开(公告)日：2025-01-16

申请号：US18902611

申请日：2024-09-30

Applicant: CLOUDFLARE, INC.

Inventor： Nicholas Alexander Wondra ,  Igor Postelnik ,  Michael John Vanderwater ,  Adam Simon Chalmers ,  Nuno Miguel Lourenço Diegues ,  Arég Harutyunyan ,  Erich Alfred Heine

IPC: H04L9/40 ,  H04L12/46 ,  H04L67/10

Abstract: A unified network service that connects multiple disparate private networks and end user client devices operating on separate networks is described. The multiple disparate private networks and end user client devices connect to a distributed cloud computing network that provides routing services, security services, and performance services, and that can be controlled consistently regardless of the connection type. The unified network service provides uniform access control at the L3 layer (e.g., at the IP layer) or at a higher layer using user identity information (e.g., a zero-trust model). The disparate private networks are run on top of the distributed cloud computing network. The virtual routing layer of the distributed cloud computing network allows customers of the service to have private resources visible only to client devices (e.g., user devices of the customer and/or server devices of the customer) of the organization while using address space that potentially overlaps with other customers of the distributed cloud computing network.

公开(公告)号：US12101295B2

公开(公告)日：2024-09-24

申请号：US17977391

申请日：2022-10-31

Applicant: CLOUDFLARE, INC.

Inventor： Michael John Vanderwater ,  Adam Simon Chalmers ,  Nuno Miguel Lourenço Diegues ,  Arég Harutyunyan ,  Erich Alfred Heine ,  Nicholas Alexander Wondra

IPC: H04L9/40 ,  H04L12/46 ,  H04L67/10

CPC classification number: H04L63/0236 ,  H04L12/4633 ,  H04L63/0272 ,  H04L63/029 ,  H04L63/0485 ,  H04L67/10

Abstract: An IPSec tunnel request for establishing an IPSec tunnel from a customer router to an anycast IP address of a distributed cloud computing network is received. The same anycast IP address is shared among compute servers of the distributed cloud computing network. A handshake is performed with the customer router from a first compute server including generating security associations for encrypting and decrypting IPSec traffic. The security associations are propagated to each compute server and are used for encrypting and decrypting traffic.

公开(公告)号：US12107827B2

公开(公告)日：2024-10-01

申请号：US18326745

申请日：2023-05-31

Applicant: CLOUDFLARE, INC.

Inventor： Nicholas Alexander Wondra ,  Igor Postelnik ,  Michael John Vanderwater ,  Adam Simon Chalmers ,  Nuno Miguel Lourenço Diegues ,  Arég Harutyunyan ,  Erich Alfred Heine

IPC: H04L9/40 ,  H04L12/46 ,  H04L67/10

CPC classification number: H04L63/0236 ,  H04L12/4633 ,  H04L63/0272 ,  H04L63/029 ,  H04L63/0485 ,  H04L67/10

Abstract: A unified network service that connects multiple disparate private networks and end user client devices operating on separate networks is described. The multiple disparate private networks and end user client devices connect to a distributed cloud computing network that provides routing services, security services, and performance services, and that can be controlled consistently regardless of the connection type. The unified network service provides uniform access control at the L3 layer (e.g., at the IP layer) or at a higher layer using user identity information (e.g., a zero-trust model). The disparate private networks are run on top of the distributed cloud computing network. The virtual routing layer of the distributed cloud computing network allows customers of the service to have private resources visible only to client devices (e.g., user devices of the customer and/or server devices of the customer) of the organization while using address space that potentially overlaps with other customers of the distributed cloud computing network.

公开(公告)号：US11677717B2

公开(公告)日：2023-06-13

申请号：US17700058

申请日：2022-03-21

Applicant: CLOUDFLARE, INC.

Inventor： Nicholas Alexander Wondra ,  Igor Postelnik ,  Michael John Vanderwater ,  Adam Simon Chalmers ,  Nuno Miguel Lourenço Diegues ,  Arég Harutyunyan ,  Erich Alfred Heine

IPC: H04L9/40 ,  H04L12/46 ,  H04L67/10

CPC classification number: H04L63/0236 ,  H04L12/4633 ,  H04L63/029 ,  H04L63/0272 ,  H04L63/0485 ,  H04L67/10

Abstract: A unified network service that connects multiple disparate private networks and end user client devices operating on separate networks is described. The multiple disparate private networks and end user client devices connect to a distributed cloud computing network that provides routing services, security services, and performance services, and that can be controlled consistently regardless of the connection type. The unified network service provides uniform access control at the L3 layer (e.g., at the IP layer) or at a higher layer using user identity information (e.g., a zero-trust model). The disparate private networks are run on top of the distributed cloud computing network. The virtual routing layer of the distributed cloud computing network allows customers of the service to have private resources visible only to client devices (e.g., user devices of the customer and/or server devices of the customer) of the organization while using address space that potentially overlaps with other customers of the distributed cloud computing network.

公开(公告)号：US20230074300A1

公开(公告)日：2023-03-09

申请号：US17977391

申请日：2022-10-31

Applicant: CLOUDFLARE, INC.

Inventor： Michael John Vanderwater ,  Adam Simon Chalmers ,  Nuno Miguel Lourenço Diegues ,  Arég Harutyunyan ,  Erich Alfred Heine ,  Nicholas Alexander Wondra

IPC: H04L9/40 ,  H04L12/46 ,  H04L67/10

Abstract: An IPsec tunnel request for establishing an IPsec tunnel from a customer router to an anycast IP address of a distributed cloud computing network is received. The same anycast IP address is shared among compute servers of the distributed cloud computing network. A handshake is performed with the customer router from a first compute server including generating security associations for encrypting and decrypting IPsec traffic. The security associations are propagated to each compute server and are used for encrypting and decrypting traffic.