WHAT IS MICRO-SEGMENTATION?
Micro-segmentation is the art of using software-defined policies, instead of hardware network configurations, to make network security more flexible. It can only work if implemented with right tools and forethought.
Models used in micro-segmentation There are four architectural models used in micro segmentation. They are:
Hybrid model – it is a combination of third-party and native controls Overlay model – usually uses a type of software or agent within every host, instead of using moderating communications. Vendors of this model include Unisys, vArmour, Vmware NSX, ShieldX, Juniper, Illumio, Guardicore, Drawbridge Networks, CloudPassage, and Cisco. Third-party model – mainly based on a virtual firewall presented by third-party firewall vendors. They include Huawei, Sophos, SonicWall, Palo Alto, Juniper, Fortinet, Checkpoint, and Cisco. Native model – makes use of included or inherent capabilities provided within various areas such as infrastructure, operating hypervisor/system, IaaS, or virtualization platform. When considering micro segmentation solutions, even for a virtual machine, avoid thinking about technical solutions only. The solution should be inclusive of technology, process, and people. Therefore, do not go for the model of security you think is best to implement. Rather, you should select the architectural model that ensures security in the operation of your modern data center.