Intelligent Data Centres Issue 16 | Page 15

LATEST INTELLIGENCE
PRESENTED BY

A NETWORK OPERATIONS

GUIDE FOR INTERNAL SEGMENTATION

E

Executive Summary
Segmentation of networks , devices , users , and applications has long been a best practice for supplementing edge security and breaking up flat internal networks . However , for network engineering and operations leaders who prioritize risk mitigation , achieving compliance and effective security posture management , current segmentation approaches fall short . Traditional approaches control access at a level that is too coarse-grained to fulfill business requirements . They rely on trust assessments that are quickly outdated and assume that threat protection exists , even when the organization has gaping holes in its growing attack surface .
This kind of environment renders network engineering and operations leaders unable to manage their security posture proactively and leaves their organization open to greater security risk . shortcomings and is applicable to a wide range of access-control scenarios .
Fundamentals of Internal Segmentation
Internal Segmentation efficiently translates the network leader ’ s business goals into the “ where ,” “ how ,” and “ what ” of security segmentation :
“ Where ” establishes the locations of segment demarcation and the logic by which the IT assets will be segmented .
“ How ” implements the business goals with finegrained access control and maintains it using continuous , adaptive trust .
“ What ” enforces the access control by applying high-performance advanced ( Layer 7 ) security across the network .
As multi-cloud , mobile-first , Internet-of-Things ( IoT ), and other digital transformation initiatives bloat attack surfaces , Internal Segmentation offers a vital new approach . It addresses segmentation ’ s current
These three elements operate within the context of an integrated fabric of security components , which connects to and communicates with other network and infrastructure devices . ◊
www . intelligentdatacentres . com Issue 16
15