| CPC H04L 63/20 (2013.01) [G06F 9/45558 (2013.01); H04L 61/5007 (2022.05); H04L 61/5014 (2022.05)] | 20 Claims |
|
7. A method comprising:
analyzing one or more first Dynamic Host Configuration Protocol (DHCP) packets communicated between a host device associated with a network fabric and a DHCP server;
identifying, from the one or more first DHCP packets, a first internet protocol (IP) address associated with the host device and a first Media Access Control (MAC) address associated with the host device;
assigning, based at least in part on the first MAC address, the first IP address to a first security group associated with a first security policy;
analyzing one or more second DHCP packets communicated between the host device and the DHCP server;
identifying, from the one or more second DHCP packets, a second IP address associated with a virtual machine (VM) executing on the host device and a second Media Access Control (MAC) address associated with the VM;
assigning, based at least in part on the second MAC address, the second IP address to a second security group associated with a second security policy;
applying, by an edge device associated with the network fabric, the first security policy on first traffic associated with the host device; and
applying, by the edge device, the second security policy on second traffic associated with the VM;
wherein the first traffic and the second traffic have a same MAC address associated with a network interface of the host device.
|