I often feel that trying to come up with a good metaphor is a bit like herding cats. I know; I’ve used a simile to describe the difficulty of creating a metaphor; but that’s kind of my point. As is the case with my latest blog requirement: Micro-segmentation. You see; VMware have already nailed it with their ‘Hotel & Castle’ metaphor for VMware NSX.
It just works…
It goes like this:
1. Think of your perimeter security as your ‘castle’. A solid wall of impenetrable protection with only one way in and out (your firewall). This is your ‘North/South’ traffic protection.
2. Think of what happens when your castle walls are breached: burning, pillaging, looting; all sorts of terrible things. That’s because your protection is facing ‘outwards’. Once in; your internal (East/West) traffic is unprotected and susceptible to pillaging. Now I’m not sure what ‘pillaging’ is, but the metaphor implies that your servers are now vulnerable.
3. Now think of a hotel. You can stroll in without being challenged (usually). But once you’re in you can only access public areas. If you need to get into staff areas, rooms, gyms or whatever; you’re going to need a keycard that grants you access to a particular subset of private areas.
That’s what micro-segmentation does – well, metaphorically at least. In theory, I now only need a short statement to align the metaphor with your data centre; so here goes: Micro-segmentation provides hypervisor level, layer 4 protection for east/west traffic within your data centre; preventing cyber threats from spreading once they’ve breached your perimeter security. Clever stuff!
I think it’s fair to say that my description above is somewhat simplistic. The good news is that our VMware NSX certified experts can explain it properly to you. Our free-of-charge security posture review will provide you an opportunity to discuss your endpoint security challenges, as well as your wider cyber security posture with regards to perimeter, data centre and cloud components.