• Author : Aman-Ul-Haq

 
 

Group-based Multi-domain Segmentation Services (MSS-Group)

Description The Segment security feature provides the convenience of applying policies on segments rather than interfaces or subnets. Hosts/networks are classified into segments based on prefixes. Grouping prefixes into segments allows for definition of policies between segments that govern flow of traffic between them. Policies define inter-segment or intra-segment communication rules, e.g. segment A can communicate with segment B but hosts in segment B can not communicate with each other. By default traffic destined to a given segment is dropped and explicit allow policies are required to allow communication. Policy configurations in this feature are unidirectional. To allow or drop...
Continue reading →

Follow

Get every new post on this blog delivered to your Inbox.

Join other followers: