Scalable security policy architecture with segregated forwarding and security plane and hierarchical classes

Scalable security policy architecture with segregated forwarding and security plane and hierarchical classes

Techniques for hierarchical security policies are disclosed. A first network configuration is received, where the first network configuration includes a plurality of subnets and a plurality of security zones. An updated network configuration is generated based on the first network configuration by g...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Karyampudi, Umamaheswararao, Panchalingam, Murukanandam K, Portolani, Maurizio, Venkataramanan, Gautam, Modi, Ajay K
Format: Patent
Sprache:eng
Schlagworte:
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRICITY
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Techniques for hierarchical security policies are disclosed. A first network configuration is received, where the first network configuration includes a plurality of subnets and a plurality of security zones. An updated network configuration is generated based on the first network configuration by generating, for a first security zone of the plurality of security zones, a first master class, and generating, for each respective subnet of the plurality of subnets, a respective bridge domain. For each respective bridge domain, a respective local endpoint group (EPG) corresponding to the first security zone is created, and the first master class is assigned to the respective local EPG. Finally, one or more contracts are generated for the first master class based on the first network configuration.