Microsegmentation in Huawei’s data center networks (e.g., CloudFabric with SDN) divides Endpoint

Groups (EPGs) to enforce fine-grained security policies. EPGs group endpoints (e.g., VMs) based on

attributes. Let’s evaluate each option:

A. Operating system: This is true. The OS type (e.g., Linux, Windows) can be used to segment EPGs,

enabling policy enforcement based on OS-specific security needs. TRUE.

B. VM name: This is true. VM names can be used as identifiers for microsegmentation, allowing

policies to target specific VMs. TRUE.

C. IP address: This is true. IP addresses are commonly used to define EPG boundaries, especially for

network-based segmentation. TRUE.

D. MAC address: This is true. MAC addresses can segment EPGs, particularly for Layer 2-based

policies or device-specific isolation. TRUE.

All options A, B, C, and D are valid conditions for microsegmentation to divide EPGs in Huawei’s

implementation.

Reference: Huawei CloudFabric Data Center Network Solution – Microsegmentation; HCIP-Data

Center Network Training – EPG Configuration.