| CPC H04L 63/0263 (2013.01) | 26 Claims |
|
1. A computer-implemented method, comprising:
identifying, with respect to a data center, a data center mapping structure in an electronic storage database, the data center mapping structure comprising a map of the data center, wherein the map of the data center comprises one or more of: firewalls, routers, or servers, in the data center;
receiving a request to implement a network security configuration, the request comprising a source IP address and a destination IP address; and
responsive to the request, implementing the network security configuration using automatically identified firewalls, at least by:
utilizing the data center mapping structure to determine a route from the source IP address toward the destination IP address to automatically identify one or more firewalls, along the route, that are comprised in the data center mapping structure;
in response to automatically identifying the one or more firewalls along the route from the source IP address toward the destination IP address, determining a syntax for the one or more firewalls; and
automatically generating and deploying, utilizing a computer processor, one or more access control list (ACL) rules in the syntax for the one or more firewalls to implement the network security configuration in accordance with the request.
|