SYSTEM, VIRTUAL SWITCH AND METHOD FOR ESTABLISHING SECURED COMMUNICATION WITHIN NETWORK SEGMENT IN VIRTUALIZED ENVIRONMENT

摘要

The present invention discloses a system, a virtual switch and a method for establishing secured communication within a network segment in virtualized environment. The system comprises a controller (100) and a virtual switch (200). The virtual switch (200) comprises a virtual encrypted port (201) comprising a packet decision maker (201a) for receiving packets associated with the virtual encrypted port (201), a security information unit (202) comprising a packet extractor (202a) and a packet comparator (202b), and a security unit (203) comprising an encryption and decryption module for encrypting and decrypting the packets based on an encryption and decryption algorithm provisioned by a tenant of the network segment thereof. The packets encrypted and decrypted thereof are routed to a virtual machine via a packet processing path.