Juniper Networks, Inc.
AUTOMATIC CONFIGURATION OF PERIMETER FIREWALLS BASED ON SECURITY GROUP INFORMATION OF SDN VIRTUAL FIREWALLS

Abstract:

Techniques are described for configuring a one or more perimeter firewalls positioned on the perimeter of a data center based on security group information associated with an internal virtual firewall operating within one or more software defined networks (SDN) within the data center. For example, a Security Management System (SMS) may access a centralized network controller (CNC) for an SDN within the data center to obtain security group information for a virtual firewall of the SDN, wherein the security group information specifies a cluster of virtual machines of the software defined network that is protected by the virtual firewall; and automatically configuring, with the SMS, a perimeter firewall positioned on the edge of the data center with one or more security policies based on the security group information from the virtual firewall of the SDN.