Unless otherwise indicated herein, the approaches described in this section are not admitted to be prior art by inclusion in this section.
Virtualization allows the abstraction and pooling of hardware resources to support virtual machines in a virtualized computing environment, such as a Software-Defined Datacenter (SDDC). For example, through server virtualization, virtual machines running different operating systems may be supported by the same physical machine (e.g., referred to as a “host”). Each virtual machine is generally provisioned with virtual resources to run an operating system and applications. The virtual resources may include central processing unit (CPU) resources, memory resources, storage resources, network resources, etc.
In order to meet new requirements of granularity and scalability in the virtualized computing environment, a firewall engine may be deployed on each hypervisor to protect the virtual machines. A central controller is used to control, and distribute firewall rules to, firewall engines that are distributed over different hosts. However, conventional firewall rule creation approach may not be optimal for data center security.