首页>
外国专利>
Micro and macro segmentation in enterprise networks without a per segment layer-3 domain
Micro and macro segmentation in enterprise networks without a per segment layer-3 domain
展开▼
机译:企业网络中的微观和宏观细分,没有每段第3层域
展开▼
页面导航
摘要
著录项
相似文献
摘要
Secure network segmentation using logical subnet segments is described. A single network segment or subnet provided by a third party is mapped into multiple layer-3 virtual or logical segments without requiring separate subnets. This mapping is accomplished by using virtual routing functions (VRFs) per logical subnet segment while retaining a single subnet across the segments. The logical subnet segments interact with the single network segment provided by the third party (ISP). The layer-3 VRF instances are created without the need for separate IP subnet pools per layer-3 segment. Each VRF instance for the various logical subnet segments is mapped to a Virtual Network Identifier (VNI) and Scalable Group Tag (SGT).
展开▼