TRACKING DATA-PATH READINESS OF SECURITY SERVICES INSERTED IN MIDDLE MILE AND CLOUD GATEWAYS

• Main Authors: Sundararajan, Balaji, Kariyappa, Ramakumara, Baruah, Pritam, Raju, Nithin Bangalore, Tangirala, Srilatha
• Format: Patent
• Language: English
• Published: 03.10.2024
• Subjects: ELECTRIC COMMUNICATION TECHNIQUE; ELECTRICITY; TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION

Techniques for utilizing a network gateway provisioned in a software-defined network to verify service readiness of one or more security service(s) of a service chain prior to redirecting network traffic along a given data-path to the security service(s). The gateway may be configured to open a specific port on a network device hosting a security service to transmit network policies and/or test network traffic to the security service. The network gateway may host a virtual source and/or a virtual destination and cause the virtual source to send test network traffic through the security service via the port and to the virtual destination. The gateway may then utilize the received test network traffic to determine whether a given security service satisfies a threshold health and/or functionality measurement. Once it is determined that the security service satisfies the thresholds, the gateway may cause network traffic to be redirected to the security service.