How Micro-Segmentation Reduces Your Attack Surface and Increases Network Visibility
Cyber security is a multi-layered practice. While your company may be strong in one area, weakness in another can leave you just as susceptible to a cyber attack.
While we’ve discussed the benefits of endpoint visibility via Cisco Identity Services Engine (ISE), this type of segmentation differs from server-level micro-segmentation. A combination of both Cisco ISE and server-level micro-segmentation provides the highest level of security to ensure your company is ready to defend against an attack.
What is Micro-Segmentation?
Micro-segmentation divides an organization’s infrastructure at the system or network level. This provides highly granular visibility and control over data flows within your organization’s network, enabling the implementation of a Zero Trust security strategy. This is a security strategy that centers on the concept of eliminating trust from an organization’s network architecture and is now considered the industry standard.
Micro-segmentation is often deployed using software-defined solutions, as these systems require deep visibility and control for routing purposes.
There are multiple architectural models that can be implemented:
- Native model: This model uses inherent technologies and capabilities all from within existing platforms, such as AWS, GCP, Azure, VMware’s NSX, and Cisco’s Secure Workload manager.
- Third party models: This model is based on virtual firewalls.
- Overlay model: This model uses some form of an agent or software that resides on the systems that are being segmented.
- Hybrid model: This model combines two of the above models together.
Micro-Segmentation Use Cases
Micro-segmentation provides a simple answer to protect against exploits and threats, but there are multiple use cases, including:
- Improved Security
Without proper micro-segmentation, a bad actor who breaches your firewall can move about laterally within your network. While a firewall works to keep threats out, micro-segmentation focuses on understanding what’s going on within the network and prevents threat movement.
Micro-segmentation ensures that users and devices only have access to the parts of the network that are necessary for them to do their job.
- Enhanced Visibility and Control
Micro-segmentation allows businesses to answer the following questions:
- Who or what is on the network?
- What are those on your network doing?
- Who are those on your network connecting with?
- How are the apps on your network behaving?
This type of visibility allows businesses to monitor any suspicious activity in real time.
- Regulatory Compliance
Any company or business that processes credit cards faces strict regulatory and contractual compliance standards. This requires that all network traffic be segmented and kept independent of all other network traffic when payments are being processed.
Today, you can use micro-segmentation to support this requirement. This way, even if you fall victim to a cyber attack, the attack is unable to move laterally and access private cardholder data.
- Continued Digital Transformation
When transitioning to the cloud, users can now migrate workloads into a cloud environment from their on-premises data center. However, it is important that their security posture follows that migration as well.
As the need for a Zero Trust security model becomes more important, these use cases will continue to grow.
Next Steps: Where to Start on Your Micro-Segmentation Journey
Micro-segmentation cannot be achieved overnight. This process requires thoughtful preparation.
Before beginning, you should contemplate your:
- Asset discovery: Know which apps are operating in your environment that you’re targeting for micro-segmentation.
- Business objectives: Define your end-goal so you have a benchmark to measure your success. Do you need a purpose-built network, a PCI network, or an OT network?
- Network services: Are there any specifics in your network that need to be considered before beginning the process?
- Application tiers: Is a policy of procedure necessary to maintain independent applications?
- Network traffic: Properly identify all north/south traffic and east/west traffic.
It’s important to understand that micro-segmentation must be done in stages. This process has the highest rate of success when it’s well thought out and completed at an appropriate pace.
To get the most value from your micro-segmentation, ensure you have alerts for security events enabled and you receive these notifications using multiple methods (email, syslog, or Kafka).
If you’re looking to begin the micro-segmentation process, contact an Arraya expert for an assessment. We can investigate the traffic on your network and determine how much is north/south and may be protected by your firewall versus how traffic is much is east/west and remains unprotected.
Ready to get started? Arraya can help you throughout the entire process of rolling out micro-segmentation within your environment. Whether you’re looking for assistance on a project basis, or you require on-going managed services, our team of experts are available to help you meet your business goals.
Contact an Arraya expert today to get started.
Visit https://www.arrayasolutions.com/contact-us/ to connect with our team now.
Follow us to stay up to date on our industry insights and unique IT learning opportunities.