Approved for 1 CompTIA CEU: A+, Network+, Security+, and CASP; 1 GIAC CPE
In today’s complex networked world, where the edge of the enterprise is in the hands of the mobile user and ever-changing, threats are both known and unknown, as well as inside and out. The use of micro-segmentation, particularly focused on resource-saving software-defined deployments, presents an extremely dynamic, scalable, and versatile tool in the hands of the security community.
Micro-segmentation, as defined for this talk, is the ability to harden the network by utilizing a “zero” or “earned trust” process model, whereby network security is substantially increased, and gains the ability to dynamically adapt and scale in near real time as mission parameters change.
Micro-segmentation thus presents a valuable tool in the ongoing battle for securing critical infrastructure and assuring the confidentiality, integrity, and availability (C. I. A.) of networked resources. By using advanced encryption techniques and software defined perimeters, we now have an ability to create a dynamic, scalable, and repeatable “earned trust” operational environment which significantly increases information C.I.A., as well as reduce operating costs on the organization.
The harsh realities of today’s global networked operational environment are one with ever-changing information and data flows (to include knowledge flows) coupled with an amorphous perimeter. The ability to protect organizational assets and ensure network surety from both insider and outside threats is critical. Organizational IP (e.g. intellectual property) and critical data repositories must therefore incorporate not just an ability to withstand constant threat of assault (i.e., network reconnaissance and attack), but adapt to operational needs of the extended enterprise. Micro-segmentation is a powerful tool in enabling this requirement.