What is East-West security?

-

     The monitoring and inspection of traffic travelling laterally within the network perimeter in order to identify and block known and new dangers as well as unlawful access is known as east-west security.

Threat actors will eventually discover a way around modern perimeter firewalls, which means that all internal network traffic is now exposed and must be safeguarded, according to East-West security.

Why is East-West security important?

The distributed nature of modern networks, as well as the increasingly permeable perimeters that surround them, means that traffic within the network can no longer be trusted simply because it is within the network. Furthermore, because East-West travel now accounts for a much bigger percentage of total network traffic than North-South traffic, disregarding its potential threats is no longer an option.

Malicious actors that breach the network perimeter without the protection of East-West security controls can move laterally at will, lingering in the network, monitoring business activities, potentially stealing data, and/or causing damage.

East-West security has a number of advantages.

Security risks have always been viewed as originating from beyond a more or less secure perimeter. Businesses have realized that safeguarding internal traffic is vital to the sometimes widely scattered business processes as they modernize their networks.

In fact, with an East-West security solution like VMware's NSX Distributed Firewall, organizations can gain greater control and visibility over their networks, thanks to granular traffic flow inspection and policy-based management that dramatically reduces operational risk — and cost — while enabling the modern distributed enterprise.

East-West security is capable of:

  • Inspect all East-West network traffic.
  • Effectively block the lateral movement of threat actors.
  • Increase network visibility down to the workload level.
  • Protect apps and data vital to the business.
  • Lower costs and risk for distributed operations.

What is the mechanism for East-West security?

East-West security uses improved visibility to analyze lateral traffic flows within the network, identifying potentially dangerous network behaviors such as known and undiscovered threats and restricting their lateral migration.

To detect and stop attacks, a complete approach to East-West security includes evaluating every packet and workload. It monitors all traffic flows by combining deep application awareness and visibility with a sophisticated grasp of application topologies. The following are some of the components of such a solution: 

Internal Firewall: Uses policy-based controls to enable network segmentation and granular inspection of all East-West traffic.

Intrusion Detection and Prevention System (IDS/IPS): Watches for malicious activity on the network, identifying lateral movement and stopping it where it occurs.

Advanced Threat Analysis: Complete sandboxing and analysis of potential malware traversing the data center, as well as accurate detection and prevention of advanced threats, such as zero-day assaults.



Comments

Post a Comment

Popular posts from this blog

What is Microsoft SharePoint ?

-
Microsoft SharePoint is a web-based collaborative platform that integrates with Microsoft Office. It's primarily used for document management and storage but also offers a wide range of capabilities such as intranet, content management, workflow management, business intelligence, and enterprise search. SharePoint allows users to create sites where they can share documents, information, and ideas within their organization. These sites can be customized to fit specific needs, such as team collaboration, project management, or departmental portals. Some key features of SharePoint include: Document Management: Users can upload, store, organize, and share documents within SharePoint sites. Version control ensures that users are always working with the latest version of a document. Collaboration: SharePoint facilitates collaboration among team members through features like document co-authoring, discussion boards, calendars, and task lists. Intranet and Portals: SharePoint can be used...
Read more

General Cybersecurity

-
What is perimeter security?  Perimeter security, in the context of cybersecurity, refers to the measures and strategies implemented to protect an organization's internal network from external threats. It establishes a boundary, or perimeter, between the organization's internal network and the external environment, such as the internet. The goal of perimeter security is to prevent unauthorized access, attacks, and breaches from reaching the internal network and its resources. Here are some key components and concepts related to perimeter security: Firewalls: Firewalls are the cornerstone of perimeter security. They inspect incoming and outgoing network traffic based on predefined rules and policies. Firewalls can block or allow traffic based on factors such as IP addresses, port numbers, and protocols. Intrusion Detection and Prevention Systems (IDPS): IDPS solutions monitor network traffic for signs of malicious activity or known attack patterns. They can detect and prevent i...
Read more

Well-Architected Framework | Solution Architect

-
The Well-Architected Framework is a set of best practices and guidelines designed to help cloud architects build secure, high-performing, resilient, and efficient infrastructure for their applications. The framework is developed by AWS (Amazon Web Services), but similar principles can be applied to other cloud platforms. The Well-Architected Framework consists of five pillars, each addressing a key aspect of building well-designed and well-operated systems. These pillars are: Operational Excellence: Focuses on operational practices that ensure efficient and effective use of cloud resources. Key considerations include monitoring, incident response, automation, and overall operational health. Security: Emphasizes the importance of implementing robust security measures to protect data, systems, and assets. Covers data protection, identity and access management, and incident response, among other security aspects. Reliability: Aims to ensure a system's ability to recover from failures ...
Read more