As automation and orchestration solutions become more commonplace, do you think it’s feasible to see a Hyper Segmentation solution emerging? Here’s how I’d envision it works.
Every single host endpoint on the network gets place in its own VRF, dynamically created on the spot when they plug in. Each VRF would have overlapping IP space, and “intent” based flows would be routed with automatically generate source nat configs on the VRF firewall.
I know this sounds incredibly cumbersome and not like a good design, but I’m thinking 25-50 years from now.. like the distant future of SD-Access.
No comments:
Post a Comment