| CPC H04L 12/4675 (2013.01) [H04L 12/4633 (2013.01)] | 20 Claims |
|
1. A method of processing traffic in a virtualized environment, the virtualized environment comprising a physical underlay network; the virtualized environment implementing a first overlay network, on the physical underlay network and being associated with a first set of network addresses; the virtualized environment implementing a second overlay network, the second overlay network being an overlay of the first overlay network and associated with a second set of network addresses;
the method comprising:
receiving, by a networking component running in an execution environment of a first virtualized application running in the virtualized environment, data packets communicated from the first virtualized application to the first overlay network, the virtualized application associated with at least one network address in the first set of network addresses of the first overlay network and at least one network address in the second set of network addresses of the second overlay network;
encapsulating the received data packets with a network address in the first set of network addresses as a destination address;
forwarding, by the networking component, the encapsulated data packets to the first overlay network; and
based on a corresponding network address in the second set of network addresses for the virtualized application, applying, by a security element running in the second overlay network, security policies to the encapsulated data packets; wherein the first overlay network is different from the second overlay network.
|