Abstract: A method and apparatus that secures a dynamic virtualized network is described. In an exemplary embodiment, a device learns a current network policy of the dynamic virtualized network, where the dynamic virtualized network is a virtualized layer 2 network that is overlaid on a layer 3 physical network. In addition, the current network policy includes multiple network policy elements, where each of the multiple network policy elements identifies an authorized endpoint in the dynamic virtualized network. Furthermore, the layer 3 physical network includes multiple network access devices. The device further determines a network security policy for the dynamic virtualized network from the current network policy. The network security policy includes one or more second network policy elements that are a different network policy element than one of the multiple network policy elements of the current network policy.

Abstract: A method and apparatus that secures a dynamic virtualized network is described. In an exemplary embodiment, a device learns a current network policy of the dynamic virtualized network, where the dynamic virtualized network is a virtualized layer 2 network that is overlaid on a layer 3 physical network. In addition, the current network policy includes multiple network policy elements, where each of the multiple network policy elements identifies an authorized endpoint in the dynamic virtualized network. Furthermore, the layer 3 physical network includes multiple network access devices. The device further determines a network security policy for the dynamic virtualized network from the current network policy. The network security policy includes one or more second network policy elements that are a different network policy element than one of the multiple network policy elements of the current network policy.

Abstract: A method and apparatus of a device that dynamically changes how management data is managed in response to events detected in a network system is described. In an exemplary embodiment, the device receives an event notification from an agent associated with a managed node. The device further determines if the received event notification triggers a change in how the management data is managed on that manage node. If the event notification does trigger a change, the device determines a command for that manage node that represents that change if how the management data is managed on the managed node. In addition, the device sends the command to the managed, where the agent applies the command to the managed node and the applied command implements the change in how the management data is managed on the managed node.