Adding Security Attributes to a VCN

Use Zero Trust Packet Routing with an existing virtual cloud network (VCN).

You can use Zero Trust Packet Routing (ZPR) along with or in place of network security groups to control network access to OCI resources  by applying security attributes to them and creating ZPR policies to control communication among them. For more information, see Zero Trust Packet Routing.

Caution

If an endpoint has a ZPR security attribute, traffic to the endpoint must satisfy ZPR rules as well as all NSG and security list rules. For example, if you're already using NSGs and you apply a security attribute to an endpoint, as soon as the attribute is applied, all traffic to the endpoint is blocked. From then onward, a ZPR policy must allow traffic to the endpoint.

Was this article helpful?