The present invention relates to methods for effective network-security inspection in virtualized environments.
With many computer networks moving into virtualized environments, it is becoming essential to provide security for such virtual networks. A simplistic solution is to add a firewall as a virtual machine, configuring the virtual network so that all traffic passes through, and gets inspected by, the firewall. However, such an approach requires complicated provisioning, and can be easily defeated if the network configuration is modified, either by mistake or maliciously.
It would be desirable to have methods for effective network-security inspection in virtualized environments.