US 11,700,236 B2
Packet steering to a host-based firewall in virtualized environments
Prasad Miriyala, San Jose, CA (US); Aniket G. Daptari, San Jose, CA (US); Fei Chen, Beijing (CN); Pranavadatta D N, Bangalore (IN); Kiran K N, Bangalore (IN); Jeffrey S. Marshall, Santa Clara, CA (US); and Prakash T. Seshadri, Fremont, CA (US)
Assigned to Juniper Networks, Inc., Sunnyvale, CA (US)
Appl. No. 16/652,643
Filed by Juniper Networks, Inc., Sunnyvale, CA (US)
PCT Filed Feb. 27, 2020, PCT No. PCT/CN2020/076930
§ 371(c)(1), (2) Date Mar. 31, 2020,
PCT Pub. No. WO2021/168727, PCT Pub. Date Sep. 2, 2021.
Prior Publication US 2022/0303246 A1, Sep. 22, 2022
Int. Cl. G06F 21/53 (2013.01); H04L 9/40 (2022.01); H04L 45/76 (2022.01); H04L 41/0894 (2022.01); G06F 9/455 (2018.01); H04L 12/46 (2006.01)
CPC H04L 63/0263 (2013.01) [G06F 9/45558 (2013.01); H04L 12/4679 (2013.01); H04L 41/0894 (2022.05); H04L 45/76 (2022.05); G06F 2009/45587 (2013.01); G06F 2009/45595 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A method comprising:
receiving, by a software defined networking (SDN) controller of a multi-tenant virtualized data center, a security policy expressed as one or more tags to redirect traffic of a virtualized application workload to a host-based firewall of the multi-tenant virtualized data center;
configuring, by the SDN controller, a virtual router to direct traffic of the virtualized application workload to the host-based firewall in accordance with the security policy;
obtaining, by a security controller that manages the host-based firewall, the one or more tags from the SDN controller;
receiving, by the security controller, one or more firewall policies expressed in terms of the one or more tags, wherein each of the one or more firewall policies specifies a function of the host-based firewall; and
configuring, by the security controller, the function of the host-based firewall in accordance with the one or more firewall policies.