Providing a fast path between two entities

1 - 25 . (canceled) 26 . At least one machine readable non-transitory storage medium having instructions stored thereon for providing network security in a software defined network (SDN) environment, wherein the instructions when executed by at least one processor cause the at least one processor to perform the following operations: providing control logic by one or more SDN controllers, wherein routing of network traffic using one or more SDN switches in the SDN environment is controlled by the control logic; receiving one or more security policies for the SDN environment from a security appliance at the one or more SDN controllers, wherein the one or more security policies specify one or more of the following: security zone(s), network access right(s), data access right(s), insertion of a security appliance, and removal of a security appliance; and in response to receiving the one or more security policies, reconfiguring the control logic using the one or more SDN controllers according to the one or more security policies received from the security appliance. 27 . The at least one machine readable storage medium of claim 26 , wherein: providing the control logic comprises configuring a first route between a first node and a second node in the SDN environment for carrying network traffic of a data flow, wherein the first route traverses through the security appliance for scanning the network traffic; the one or more security policies comprises information indicating that the data flow no longer requires scanning by the security appliance; and reconfiguring the control logic for the SDN environment comprises providing, using the one or more SDN controllers, a second route between the first node and the second node, wherein the second route bypasses the security appliance. 28 . The at least one machine readable storage medium of claim 27 , wherein the second route is better than the first route according to one or more metrics. 29 . The at least one machine readable storage medium of claim 26 , wherein: the one or more security policies comprises information indicating that a data flow between a first node and a second node requires scanning by a security appliance; and reconfiguring the control logic for the SDN environment comprises providing, using the SDN controller, a route between the first node and the second node, wherein the route traverses through the security appliance for added security in response to receiving the one or more security policies. 30 . The at least one machine readable storage medium of claim 26 , wherein the security appliance is configured to packet(s) in the data flow at one or more of the following layers: (1) physical layer, (2) data link layer, (3) network layer, (4) transport layer, (5) session layer, (6) presentation layer, and (7) application layer. 31 . The at least one machine readable storage medium of claim 26 , wherein: the control logic by the one or more SDN controllers comprises logic for determining one or more flow table entries for configuring flow table(s) of the one or more SDN switches. 32 . The at least one machine readable storage medium of claim 26 , wherein: the security appliance is integrated with the one or more SDN controllers; and the SDN controller is integrated with or communicably connected to the one or more SDN switches. 33 . The at least one machine readable storage medium of claim 26 , wherein: the security appliance is communicably connected to the one or more SDN controllers remote from the security appliance; and the one or more SDN controllers is integrated with or communicably connected to the one or more SDN switches. 34 . The at least one machine readable storage medium of claim 26 , wherein at least one of the one or more SDN switches is configured to rewrite one or more fields of packets of the network traffic to indicate to the security appliance the switch port or security zone the packet was originally received and/or to direct the packets to bypass the security appliance. 35 . The at least one machine readable storage medium of claim 26 , wherein: providing the control logic comprises configuring a first route between a client and a server in the SDN environment for carrying network traffic of a data flow between the client and the server, wherein the first route traverses through the security appliance, and the security appliance comprises a proxy that terminates the data flow; the one or more security policies comprises information indicating that the data flow is allowed and/or the data flow no longer needs to traverse through the proxy; and reconfiguring the control logic for the SDN environment comprises providing, using the one or more SDN controller, a second route between the client and the server though a particular one of the one or more SDN switches in the SDN environment, wherein the second route bypasses the proxy. 36 . The at least one machine readable storage medium of claim 26 , wherein the operations further comprise: transmitting, by the one or more SDN controllers to the particular one of the one or more SDN switches, Transport Control Protocol (TCP) information for the data flow in response to receiving the information indicating that the data flow is allowed, wherein the TCP information comprises one or more of the following: (a) TCP Sequence of client flow; (b) TCP Ack of client flow; (c) TCP Sequence of server flow; and (d) TCP Ack of server flow. 37 . The at least one machine readable storage medium of claim 26 , wherein: the particular one of the one or more SDN switches, is configured to calculate an offset based on the TCP information provided by the one or more SDN controllers and to add the offset to TCP Sequence and TCP Ack numbers as packets are passed through the particular one of the one or more SDN switches. 38 . The at least one machine readable storage medium of claim 26 , wherein: the one or more security policies for the SDN environment from the security appliance indicates a particular amount of network data can bypass the security appliance or the particular amount of network traffic must traverse the security appliance; the particular amount of network data is measurable by a particular number of units of data, a particular number of bytes, or a particular number of protocol data units as measured at any one of the Open Systems Interconnection layers; and one or more SDN switches in the SDN environment is configured to (1) after the particular amount of network traffic has bypassed the security appliance, route subsequent network traffic through the security appliance, or (2) after routing the particular amount of network traffic through the security appliance, route the subsequent network traffic such that the security appliance is bypassed. 39 . The at least one machine readable storage medium of claim 26 , wherein: providing the control logic comprises configuring security zones in the SDN environment for carrying network traffic, wherein the security zones provide different levels of security for network and data access; the one or more security policies comprises information which adds, removes, and/or modifies the security zones; and reconfiguring the control logic for the SDN environment comprises reconfiguring, using the one or more SDN controllers, the security zones according to the one or more security policies. 40 . The at least one machine readable storage medium of claim 26 , wherein: the one or more security policies comprises information indicating that a host belongs to a particular security zone; and reconfi