When the Security Segmentation Report is generated or Security Segmentation Score is calculated, only the flows prior to one hour are considered. If a Virtual Machine is created within one hour, even though the flows of such VMs are ignored, but VM is counted in workload.

SSP 5.1

In Security Services Platform (SSP) 5.1, the Security Segmentation Report and Security Segmentation Score process network flows from up to one hour prior to the time the report or score is generated. If a VM is created within one hour of report generation, its flows are not included in the Security Segmentation Report or Score calculations. Since SSP does not maintain an exact VM creation timestamp, all non-deleted VMs present in the SSP inventory are considered for processing.

As a result, newly created VMs may appear in the Security Segmentation Report and Score as part of the total VM workload count, but their corresponding flows will not be included. This can lead to lower workload coverage in the overall Security Segmentation Score.

When the Security Segmentation Report or Security Segmentation Score will be generated after one hour of creation time of Virtual Machines, then flows of such Virtual Machines will be counted along with such Virtual Machines being counted in VM workloads as well.