Micro segmentation is used to logically divide networked endpoints into groups. The groups created by micro segmentation allow for the application of different policies to network packet traffic being exchanged with network elements within each group. Micro segmentation is primarily implemented in virtualized computing environments where host computing systems host guests that are networked. A guest may include a guest operating system executing within a virtual machine, a containerized application, such as one implemented with Docker® technology available from Docker, Inc., or some other form of virtualizing a computing element hosted by a host computing system—including combinations thereof. Implementing micro segmentation in host computing systems allows each guest on a host computing system to be placed in a different micro segmentation group if necessary or desired. The host computing system therefore handles packets being exchanged with the respective guests in accordance with the network policies of each guest's associated micro segmentation group.
The application of network policies to different micro segmentation groups is achieved by defining attributes for packet traffic exchanged with networked endpoints in the group. The attributes may be information explicitly provided for in the packet header, such as source and/or destination network addresses, where the information can easily be read from the packet. The attributes may also be found in other data of the packet, including the packet's payload, which allows for packets to be identified based on a relatively large number of attributes. As such, when a user defines attributes for packet traffic of one micro segmentation group, some attributes that would be relevant to that group may be overlooked or unknown to the user.