-
公开(公告)号:US20240422195A1
公开(公告)日:2024-12-19
申请号:US18230695
申请日:2023-08-07
Applicant: VMWARE, INC.
Inventor: VASANTHA KUMAR DHANASEKAR , DIMITRIOS SIKERIDIS , SHIRISH VIJAYVARGIYA , SRIRAM GOPALAKRISHNAN
Abstract: Example methods and systems for policy configuration using a data-plane approach are described. In one example, a first computer system may detect first data- plane packet(s) for establishing a connection between (a) a first virtualized computing instance and (b) a second computer system from which a resource is accessible. The first computer system may extract, from the first data-plane packet(s), parameter information associated with the connection; and configure a policy that is applicable for access control of the resource based on the parameter information. In response to detecting second data-plane packet(s) to access the resource, the computer system may apply the policy to allow or block forwarding of the second data-plane packet towards the second computer system. The second data-plane packet may originate from (a) the first virtualized computing instance or (b) a second virtualized computing instance supported by the first computer system.
Search Results
1
records
(took 0.009 seconds)
