CPC H04L 63/0263 (2013.01) [G06F 9/45558 (2013.01); H04L 12/4679 (2013.01); H04L 41/0894 (2022.05); H04L 45/76 (2022.05); G06F 2009/45587 (2013.01); G06F 2009/45595 (2013.01)] | 20 Claims |
1. A method comprising:
receiving, by a software defined networking (SDN) controller of a multi-tenant virtualized data center, a security policy expressed as one or more tags to redirect traffic of a virtualized application workload to a host-based firewall of the multi-tenant virtualized data center;
configuring, by the SDN controller, a virtual router to direct traffic of the virtualized application workload to the host-based firewall in accordance with the security policy;
obtaining, by a security controller that manages the host-based firewall, the one or more tags from the SDN controller;
receiving, by the security controller, one or more firewall policies expressed in terms of the one or more tags, wherein each of the one or more firewall policies specifies a function of the host-based firewall; and
configuring, by the security controller, the function of the host-based firewall in accordance with the one or more firewall policies.
|