CPC H04L 63/20 (2013.01) | 18 Claims |
1. A system comprising:
a server system comprising one or more processors in communication with one or more memory devices, the server system configurable to cause:
obtaining network security information comprising a set of security policies indicating permitted communications between or among computing resources,
converting the network security information to a cloud-independent representation of the network security information,
generating, from the cloud-independent representation, a plurality of policy sets, each policy set being specific to a respective one of a plurality of clouds of different cloud providers,
sending, using a policy deployer having a cloud-specific configuration tool, each cloud-specific policy set to the respective cloud, wherein a cloud-specific policy set specifies one or more of: an instance of a data center, one or more computing resources, one or more security groups of computing services, one or more subnets, one or more ingress rules, or one or more egress rules, and
monitoring deployment of a cloud-specific policy set to a respective cloud, the monitoring comprising detecting a change between the cloud-specific policy set and a different policy set deployed on the respective cloud.
|