Abstract: According to one embodiment, a network system features a first virtual private cloud (VPC) network and a second VPC network. The first VPC network includes a first plurality of gateways. Each gateway of the first plurality of gateways is in communications with other gateways of the first plurality of gateways in accordance with a first tunnel protocol. Similarly, a second VPC network includes a second plurality of gateways. Each of the second plurality of gateways is communicatively coupled to the each of the first plurality of gateways in accordance with a second security protocol to provide redundant routing.

Abstract: According to one embodiment, a computerized method conducted by logic deployed within a network device implemented within a virtual private cloud network for supporting network address translations within a public cloud network is described. Herein, after receipt of a message, based on content within the message, a network address translation (NAT) control logic unit from a plurality of NAT control logic units is selected. The selected NAT control logic unit is configured to perform address translations on information within the message to produce a translated message. Thereafter, the translated message is routed to a destination network device located on the public network.

Abstract: According to one embodiment, a network system features a first virtual private cloud (VPC) network and a second VPC network. The first VPC network includes a first plurality of gateways. Each gateway of the first plurality of gateways is in communications with other gateways. Similarly, a second VPC network includes a second plurality of gateways. Each of the second plurality of gateways is communicatively coupled to the each of the first plurality of gateways to support data exchanges between resources deployed in different public cloud networks.

Abstract: A method is described that enables communication between two disjoined networks with overlapping IP address ranges. An intermediary function in each of the networks and a unique IP address pool are deployed to facilitate the communication. This method also enables communications between one network with a group of networks with overlapping IP address ranges.

Abstract: A method for facilitating communications between client devices in geographically separated networks is described. First, message monitoring is conducted by each of a plurality of virtual appliances within a local network to detect a message of a first message type. Responsive to failing to locate a Media Access Control (MAC) address of a destination for the message within a prescribed table by a default gateway, one of the plurality of virtual appliances is selected for handling a forwarding of the message to a plurality of remote networks, and the message via the selected virtual appliance is forwarded to a plurality of gateways associated with a plurality of remote networks. Responsive to locating the MAC address of the destination within the table, the virtual appliance previously handling communications with the destination to forward the message to the destination.

Abstract: One embodiment of the invention features a system including a first gateway and a second gateway that operate in concert to support a migration of a software component from an on-premises network to a public cloud network while preserving an Internet Protocol (IP) address assigned to the software component. The first gateway deployed as part of the on-premises network, and the second gateway deployed as part of the public cloud network. The first and second gateways are in communication via a secure communication path. To support migration of the software component to the public cloud network while retaining its IP address, the second gateway is configured to resolve a media access control (MAC) address for an on-premises host connected to the on-premises network. Similarly, the first gateway is configured to resolve a MAC address for a cloud host connected to the public cloud network.

Abstract: A computerized method for increasing throughput of encapsulated data through tunnels, the computerized method including receiving data at a first network device for transmission over a network to a second network device. Then determining at the first network device the number of available processing cores on the second network device and generating a plurality of tunneling sessions between the first network device and the second device. Associating the received data with a particular tunneling session and then generating translation data unique to the associated tunneling session prior to encapsulating the received data with the translation data. Finally, transmitting the encapsulated data to the second network device and processing the transmitted encapsulated data received at the second network device with a particular processing core based on the received translation data.

Abstract: According to one embodiment, a network device may be adapted to operate within a virtual private cloud where network address translation (NAT) is performed through virtual machines and each network address translation is handled differently by a different NAT control logic unit. The network device features one or more hardware processors, and a memory that stores at least a plurality of network address translation (NAT) control logic unit and demultiplexer logic. The demuliplexer logic, when executed, receives an incoming message and, based at least in part on information within the incoming message, determines a selected NAT control logic unit to receive at least a portion of the information within the incoming message. The selected NAT control logic unit handles address translation for routing of a message based on the incoming message to a public network.

Abstract: A method for facilitating communications between client devices in geographically separated networks is described. First, message monitoring is conducted by each of a plurality of virtual appliances within a local network to detect a message of a first message type. Responsive to failing to locate a Media Access Control (MAC) address of a destination for the message within a prescribed table by a default gateway, one of the plurality of virtual appliances is selected for handling a forwarding of the message to a plurality of remote networks, and the message via the selected virtual appliance is forwarded to a plurality of gateways associated with a plurality of remote networks. Responsive to locating the MAC address of the destination within the table, the virtual appliance previously handling communications with the destination to forward the message to the destination.

Abstract: A method is described that enables communication between two disjoined networks with overlapping IP address ranges. An intermediary function in each of the networks and a unique IP address pool are deployed to facilitate the communication. This method also enables communications between one network with a group of networks with overlapping IP address ranges.

Abstract: A system with a local network and a set of remote networks is described herein. A subnet address range associated with the local network is subdivided into sub-segment address ranges. Each remote network is assigned a sub-segment address range for communicating with the local network. Each sub-segment address range is a smaller part of the original subnet range and each sub-segment range does not overlap with other sub-segment address ranges. Using an intermediate-local function device of the local network and intermediate-remote function devices of the remote networks, client stations in both the local and remote networks may seamlessly communicate using their native private addresses as destination addresses and without indirect address mapping.

Abstract: A system with a local network and a set of remote networks is described herein. A subnet address range associated with the local network is subdivided into sub-segment address ranges. Each remote network is assigned a sub-segment address range for communicating with the local network. Each sub-segment address range is a smaller part of the original subnet range and each sub-segment range does not overlap with other sub-segment address ranges. Using an intermediate-local function device of the local network and intermediate-remote function devices of the remote networks, client stations in both the local and remote networks may seamlessly communicate using their native private addresses as destination addresses and without indirect address mapping.

Abstract: A system with a local network and a set of remote networks is described herein. A subnet address range associated with the local network is subdivided into sub-segment address ranges. Each remote network is assigned a sub-segment address range for communicating with the local network. Each sub-segment address range is a smaller part of the original subnet range and each sub-segment range does not overlap with other sub-segment address ranges. Using an intermediate-local function device of the local network and intermediate-remote function devices of the remote networks, client stations in both the local and remote networks may seamlessly communicate using their native private addresses as destination addresses and without indirect address mapping.