主权项 |
1. A method comprising:
determining, at a network connected device, a network policy to be verified, wherein the network policy is applied to network packets sent to an endpoint within a network, wherein application of the policy to network traffic can result in at least two outcomes; determining, at the network connected device, a switch that is provisionable to host the endpoint; provisioning, via the network connected device, a simulated endpoint version of the endpoint at the switch; sending, over the network via the network connected device, at least one packet for each of the at least two outcomes of the policy to the simulated endpoint; and receiving, via the network at the network connected device, at least one response from the simulated endpoint indicating how the policy was applied to each of the packets. |