Selective enforcement of a segmentation policy

Selective enforcement of a segmentation policy

A policy management server enables selective enforcement of a segmentation policy. The policy management server manages a segmentation policy that specifies a set of segmentation rules specifying permitted communications between workloads. The policy management server separately manages an enforceme...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Goodwin, Russell Stuart, Nakashima, Roy Nobuo, Fandli, Juraj George, Isaacson, Ronald, Harel, Yair, Iversen, Nathanael John
Format: Patent
Sprache:eng
Schlagworte:
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRICITY
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:A policy management server enables selective enforcement of a segmentation policy. The policy management server manages a segmentation policy that specifies a set of segmentation rules specifying permitted communications between workloads. The policy management server separately manages an enforcement policy that controls whether or not the segmentation policy is enforced for different services provided by the workloads. For services that are enforced, the policy management server distributes instructions to distributed enforcement modules that configure traffic filters to block traffic pertaining to enforced services that does not meet the segmentation rules. For non-enforced services, the policy management server obtains traffic data from the distributed enforcement modules without enforcing the segmentation policy to enable an administrator to build and/or test the segmentation policy.