US 11,057,432 B2
Creation of security policies using a visual approach
Julie Ni, San Francisco, CA (US); Ken Chen, San Francisco, CA (US); Ravikanth Samprathi, San Jose, CA (US); Sridhar Joseph Devarapalli, Fremont, CA (US); Viraj Sapre, Sunnyvale, CA (US); and Rajesh P. Bhatt, San Jose, CA (US)
Assigned to Nutanix, Inc., San Jose, CA (US)
Filed by Nutanix, Inc., San Jose, CA (US)
Filed on Apr. 10, 2018, as Appl. No. 15/949,901.
Prior Publication US 2019/0342335 A1, Nov. 7, 2019
Int. Cl. H04L 29/06 (2006.01); G06F 9/455 (2018.01); H04L 12/24 (2006.01); G06F 3/0484 (2013.01)
CPC H04L 63/20 (2013.01) [G06F 9/45558 (2013.01); G06F 3/04847 (2013.01); G06F 2009/45579 (2013.01); G06F 2009/45587 (2013.01); G06F 2009/45595 (2013.01); H04L 41/22 (2013.01)] 21 Claims
OG exemplary drawing
1. A method comprising:
receiving, at a graphical user interface for creating a security policy for an application in a virtualization environment, information identifying a source virtual machine category or a destination virtual machine category, and a target virtual machine, the target virtual machine having at least a portion of the application; and
presenting a visual representation of the security policy in the graphical user interface, the security policy configured based at least in part on an inbound rule or an outbound rule, the visual representation comprising a first portion for visually representing a list of security policies including at least a policy type and a policy status and a second portion visually representing at least a whitelisted source or destination virtual machine and the target virtual machine:
wherein the inbound rule identifies an inbound category of a source virtual machine that is permitted to initiate an inbound connection to the target virtual machine, the outbound rule identifies an outbound category of a destination virtual machine to which the target virtual machine is permitted to initiate an outbound connection, and the visual representation is for displaying at least one of whether the source virtual machine category for a virtual machine matches the inbound category or whether the destination virtual machine category for the virtual machine matches the outbound category.