Thursday, May 16, 2019

Network Segmentation Plan Part-1



Background
Network Segmentation (1)
Benefits:

  • Improved Security: Network traffic can be isolated and/or filtered to limit and/or prevent access between network segments.
  • Better Access Control: Allow users to only access specific network resources.
  • Improved Monitoring: Provides an opportunity to log events, monitor allowed and denied internal connections, and detect suspicious behavior.
  • Improved Performance: With fewer hosts per subnet, local traffic is minimized. Broadcast traffic can be isolated to the local subnet.
  • Better Containment: When a network issue occurs, its effect is limited to the local subnet.
Cons:
  • The harder it can be 
    • For an attacker to compromise your sensitive systems/data.
    • To ensure users can access all of the information they require access to.
  • The more time it takes to design/manage the internal network.

Purpose
To effectively segment the network and build efficiency through the continuous monitoring and automation.

Requirements

  • Automation
    • Configuration: the ability to remotely manage the entire fleet of firewalls using an automation tool (i.e ansible, puppet, etc).
    • Updating: push out updated images using an automation tool.
  • Integration
    • Monitoring: the overall health of the firewalls and the underlying hypervisor.
    • APIs: to effectively monitor API integration and testing will be a requirement.  
  • Scalable
    •  Ability to add resources to increase usability.
  • High Availability
    •  Backup/Failover virtual firewall to ensure there is no lost in service.

Goal
Note: A principle of network segmentation is to group like resources together, to minimize security overhead: Build a fence around the car park, not a fence and gate around every car. (2) 


To simplify the segmentation of the network by segmenting based on the following criteria (2):
  • Data Sensitivity:
    • Data Centers
  • Location:
    • Brand Offices
  • Criticality:
    • Databases

Potential Problems
  • Underlying failure of the hypervisor.
  • Available hardware is deficient in its ability to handle the required traffic bandwidth.

References
  1. The Security Benefits of Network Segmentation
  2. Network Segmentation
  3. Network Segmentation

31 comments:

  1. Nice information.It help us to understand Network Segmentation Part of Cyber Security.
    Best Cyber Security Course In Mumbai

    ReplyDelete
  2. Uncommon tips and clear. This will be to a great degree supportive for me when I get a chance to start my blog. Hire a legit hacker online

    ReplyDelete
  3. Thanks for sharing such good article's related to cyber security. This will be really helpful for us. Keep sharing. Visit Cyber Security Course

    ReplyDelete
  4. Wow, nice Blog. Kindly share more that kind of blogs. Visit Cyber Security Course

    ReplyDelete
  5. Thanks for sharing such a nice blog. Kindly share more. Visit Cyber Security Course

    ReplyDelete
  6. security is important part. your article is very knowledgeable ,thanks for sharing this information.keep sharing.
    Zplus Cyber Secure Technologies

    ReplyDelete
  7. It is very important to be secured. This post is really nice. I must suggest your readers to Visit Cyber Security Training Course in Ahmedabad

    ReplyDelete
  8. Hi
    I visited your blog you have shared amazing information, i really like the information provided by you, You have done a great work. I hope you will share some more information regarding Cyber Security. I appreciate your work.
    Thanks
    Have a Great Day

    ReplyDelete
  9. Nice article please do visit my website for cyber security certification training

    ReplyDelete
  10. Wonderful article, Thank you for sharing amazing blog write-ups.

    You can also check out another blog on Cryptography and Network Security

    ReplyDelete
  11. Thanks for the valuable information. Are you looking for a one-stop solution to your Information/Cybersecurity needs? IARM, one of the few companies to focus exclusively on End-End Information/Cybersecurity solutions and services providers to organizations across all verticals. Cybersecurity Audit Services
    ISO 27001 Implementation and Consulting Company in Chennai
    Cybersecurity Company in Bangalore
    VAPT service provider in India
    Penetration Testing Company In India

    ReplyDelete
  12. You actually make it appear really easy with your presentation however I in finding this topic to be really one thing which I think I would by no means understand. It sort of feels too complicated and very vast for me. I am looking forward on your next post, I’ll attempt to get the hang of it! managed detection and response charlotte

    ReplyDelete
  13. How to Check if a Website OR URL is Safe or Not? Cyber security
    🔒🔓

    http://www.urlhelp.xyz/2021/07/how-to-check-if-website-or-url-is-safe.html

    I am from internet data search help service

    https://www.urlhelp.xyz/

    ReplyDelete
  14. cyber security services in usa
    We offer a unique array of services like NERC CIP compliance, industrial Cyber security (IoT & IIoT), NIST ICS readiness, Site Assessment Testing, Critical Infrastructure Maturity Assessment, Digital Transformation Blueprint, Cloud Security Assessment, PCI-DSS Compliance, SOC Audits, and Penetration testing services and more.

    ReplyDelete
  15. Cybersecurity or data security is the state or process of protecting computers, smartphones, networks, servers, and information from external attacks. However, advanced cybercrime is increasingly getting smart and sophisticated. It lets your sensitive data at risk, as hackers employ a new approach powered by artificial intelligence to circumvent traditional security controls. Thank you for sharing nice blog. Get more about: cyber security in Melbourne autralia.

    ReplyDelete
  16. Fantastic blog!!! Thanks for sharing with us, Waiting for your upcoming data.
    why is python so popular
    why is python popular

    ReplyDelete
  17. Thanks for sharing this nice information with us. I have gone through whole article and get lots of information.

    Let's stop the bad guys before they stop you. Learn more about the benefits of using Your IT Company for Cybersecurity services and protection. Keep up with the latest laws, escape hefty penalties, and stay safe from security breaches and customer threats by working with our highly skilled IT security team.

    ReplyDelete
  18. A national salary trend report provided on the Indeed site offers impressive data, as well. As of December 22, 2013, median salaries for the job listings for people with CCNA certification are 36 percent higher than the median salary postings for all of the jobs being listed across the nation. CCNA Training in Pune

    ReplyDelete
  19. AWS DevSecOps focuses on the seamless integration of security into every phase of the Software Development Life Cycle (SDLC), from initial design and development to testing and deployment. This ensures that security is not an afterthought but a fundamental part of the development process.

    ReplyDelete
  20. Really appreciate you for this informative blog and i loved the way you explained everything. information security management services

    ReplyDelete