Cyber Security: May 2019

Background
Network Segmentation (1)
Benefits:

Improved Security: Network traffic can be isolated and/or filtered to limit and/or prevent access between network segments.
Better Access Control: Allow users to only access specific network resources.
Improved Monitoring: Provides an opportunity to log events, monitor allowed and denied internal connections, and detect suspicious behavior.
Improved Performance: With fewer hosts per subnet, local traffic is minimized. Broadcast traffic can be isolated to the local subnet.
Better Containment: When a network issue occurs, its effect is limited to the local subnet.

Cons:

The harder it can be

For an attacker to compromise your sensitive systems/data.
To ensure users can access all of the information they require access to.

The more time it takes to design/manage the internal network.

Purpose
To effectively segment the network and build efficiency through the continuous monitoring and automation.

Requirements

Automation

Configuration: the ability to remotely manage the entire fleet of firewalls using an automation tool (i.e ansible, puppet, etc).
Updating: push out updated images using an automation tool.

Integration

Monitoring: the overall health of the firewalls and the underlying hypervisor.
APIs: to effectively monitor API integration and testing will be a requirement.

Scalable

Ability to add resources to increase usability.

High Availability

Backup/Failover virtual firewall to ensure there is no lost in service.

Goal
Note: A principle of network segmentation is to group like resources together, to minimize security overhead: Build a fence around the car park, not a fence and gate around every car. (2)

To simplify the segmentation of the network by segmenting based on the following criteria (2):