In computing, a firewall is a network security system that monitors and controls the incoming and outgoing network traffic (e.g., packets) based on predetermined security rules. A firewall often establishes a barrier between a trusted, secure network and external networks that are assumed not to be secure or trusted. Firewalls may be programmed with many rules specifying which packets to allow or drop, such as based on a network address associated with the packet (e.g., Internet protocol (IP) address of a source or destination of the packet).
A tenant in a software defined data center with virtualized networking may also want firewall services, which could be implemented in a distributed manner. Doing so may require the implementation of many firewall rules throughout the logical network in an efficient manner. As such, various optimizations are desirable to provide such firewall rules efficiently.