Zen and The Art of Network Segmentation

  • Wednesday, 29 Oct 2014 11:00AM EDT (29 Oct 2014 15:00 UTC)
  • Speakers: John Pescatore, Reuven Harrison

Recent high profile breaches have shown that perimeter firewalls need to be augmented by internal firewalls that implement security zones on internal networks. Efforts such as the Critical Security Controls (Control 19 - Secure Network Engineering) have demonstrated that such internal segmentation has been key to avoiding or minimizing business impact due to advanced targeted attacks. Internal network segmentation is now an accepted best-practice for network security - it secures sensitive data, contains attacks and generates richer data for security event management. However, many organizations struggle to enforce network segmentation because:

  • the more granular your network segmentation is, the more security policies you will need to manage and update each time business requires a change.
  • the complexity of the changes creates a bottleneck for the business, and as a result, policies are often suboptimal.

In this session, you will learn how to strike a peaceful balance by enforcing tight network segmentation without compromising business efficiency and agility.