CPC H04L 12/4633 (2013.01) [H04L 69/22 (2013.01); H04L 2212/00 (2013.01)] | 20 Claims |
1. A method comprising:
determining, by a network controller of a first network, that a first user has been associated with an Internet Protocol (IP) address of the first network, wherein the first network is an overlay network;
identifying a first site of the first network to which the first user corresponds based on the IP address associated with the first user;
determining identity information of the user and a first index of the first user based on at least one of the IP address associated with the first user and an identifier of the first user;
filtering a plurality of identity-based policies maintained by the network controller with the identity information of the first user to determine a subset of the plurality of identity-based policies that are applicable to the first user, wherein each of the subset of identity-based policies that is applicable to the first user indicates at least a subset of the identity information; and
communicating, by the network controller, the IP address and identity information of the first user, the subset of identity-based policies, and the first index to a first network device located at the first site of the first network.
|