{"id":349,"date":"2019-06-05T06:00:44","date_gmt":"2019-06-05T12:00:44","guid":{"rendered":"http:\/\/access-solutions.com\/?p=349"},"modified":"2019-06-07T14:07:08","modified_gmt":"2019-06-07T20:07:08","slug":"securing-your-network-through-segmentation","status":"publish","type":"post","link":"http:\/\/access-solutions.com\/index.php\/2019\/06\/05\/securing-your-network-through-segmentation\/","title":{"rendered":"Securing Your Network Through Segmentation"},"content":{"rendered":"\n
The concept of segmenting networks to enhance security is\nnot new, but with the increase in cyberattacks and the scope of data breaches\ngrowing with every new disclosure, making it harder for the adversaries to\nsucceed should be considered a priority by all organizations. While segmenting\na network can be a major effort and often competing with other priorities, if\nproperly planned and designed, it will not only help secure the infrastructure,\nbut also simplify operations and maintenance in the long run.<\/p>\n\n\n\n
What is Network Segmentation?<\/strong><\/h4>\n\n\n\n
Segmenting a network\nmeans splitting it into smaller network segments, creating zones or enclaves\nand separating users, computers, applications and data based on access needs or\nspecific security requirements.<\/p>\n\n\n\n
In the past, a traditional network would be considered \u201cflat\u201d\nand all users, workstations, printers and servers would be on the same network,\nmaking it easier to \u201ctalk\u201d to one and another and access all the system\nresources. However, this \u201ctrust\u201d and ability to communicate without challenge is\na dangerous vulnerability, as was demonstrated several years ago in the Target\nbreach, where the HVAC system was compromised, and the adversary was able to\nmove laterally across the Target network.<\/p>\n\n\n\n
Why Segment?<\/strong><\/h4>\n\n\n\n
Traditional networks are designed with a strong perimeter to\nkeep adversaries and attackers out. Using firewalls, Intrusion Detection System\n(IDS), Intrusion Prevention Systems (IPS) and other security measures allow\nsenior management to sleep at night. However, if an attacker does manage to get\nthrough the perimeter, they would find a nice flat network and have free reign\nto initiate a malicious attack or worse begin exfiltrating sensitive data and\ninformation.<\/p>\n\n\n\n
Network segmentation makes it harder for an attacker to move\nlaterally throughout your network, it also secures sensitive data and\ninformation by limiting access to only those users who need that access. In\naddition, if a portion of the network is compromised, the damage can be\ncontained to the smaller area. <\/p>\n\n\n\n
Advantages of Network Segmentation<\/strong><\/h4>\n\n\n\n
Tighter Access Control \u2013 Allow users to access\nonly specific network resources, based on their need to know.<\/li>
Improved Security \u2013 Network traffic can be\nisolated, limiting the type of traffic and where it can flow.<\/li>
Improved Containment \u2013 If a system is\ncompromised, damage can be contained to the smaller area, minimizing the \u201cblast\nradius\u201d<\/li>
Improved Performance \u2013 Smaller zones or subnets\nhelp minimize traffic and contain any broadcast traffic<\/li>
Improved Monitoring and Troubleshooting \u2013\nProblems can be quickly isolated and troubleshot more effectively<\/li><\/ul>\n\n\n\n
In Conclusion<\/strong> <\/h4>\n\n\n\n
Segmenting a network and managing it effectively introduces a different way of thinking, however it also presents the ability to more effectively secure the critical assets, data, users and systems of an organization. If the concept of segmentation is embraced, properly designed and documented, it can be a great benefit for any organization. <\/p>\n\n\n\n<\/a>Subscribe to Our Blog<\/a><\/figcaption><\/figure>\n","protected":false},"excerpt":{"rendered":"
![\"\"](\"http:\/\/access-solutions.com\/wp-content\/uploads\/2019\/06\/rss-logo.png\")
<\/a>