公开(公告)号：US20250030737A1

公开(公告)日：2025-01-23

申请号：US18224220

申请日：2023-07-20

Applicant: Cisco Technology, Inc.

Inventor： Srilatha Tangirala ,  Venkatesh Nataraj ,  Ambika Basappa Chandrappa ,  Kartik Katti ,  Sasi Veera ,  Balaji Sundararajan

IPC: H04L9/40

Abstract: Techniques for automatically integrating SD-WAN constructs to security policies are described. The techniques may include defining, by a security cloud provider, a security policy for an entity, the entity represented by a VPN security policy label and the security policy absent source and destination CIDR IP addresses. The security cloud provider notifies an SD-WAN controller of the security policy. The SD-WAN controller maps the VPN security policy label to an IP address pool and a VPN ID. The SD-WAN controller generates an enhanced security policy by automatically adding source and destination CIDR IP addresses to the security policy. The SD-WAN controller deploys the enhanced security policy to an SD-WAN branch router and generates a VPN segment between the SD-WAN branch router and the security cloud provider to establish a common secure internet gateway tunnel for the IP address pool.