Security policy enforcement for additional instances of an application

Abstract

The disclosure provides an approach for firewall policy management. Embodiments include receiving, at a firewall from a first virtual computing instance (VCI), a registration request comprising a first identifier of the first VCI and a second identifier of a second VCI. Embodiments include determining, at the firewall, based on the second identifier included in the registration request, that the second VCI is associated with a network security policy at the firewall. Embodiments include applying, at the firewall, based on the first identifier included in the registration request, the network policy associated with the second VCI to the first VCI. Additionally, embodiments include allowing or disallowing network activity for the first VCI based on the applied network security policy.

CPC Classifications