{"id":16213,"date":"2019-04-11T12:27:11","date_gmt":"2019-04-11T12:27:11","guid":{"rendered":"https:\/\/lavellenetworks.com\/?p=16213"},"modified":"2021-04-14T05:49:58","modified_gmt":"2021-04-14T05:49:58","slug":"network-segmentation-securing-traffic-in-the-dying-age-of-traditional-perimeter","status":"publish","type":"post","link":"https:\/\/lavellenetworks.com\/blog\/network-segmentation-securing-traffic-in-the-dying-age-of-traditional-perimeter\/","title":{"rendered":"Network Segmentation: Securing Traffic in the dying age of traditional perimeter"},"content":{"rendered":"

As traditional perimeter defences become easy to crack automated and policy based network segmentation solves two biggest challenges for CIOs –\u00a0security and complexity.<\/em><\/p>\n

 <\/p>\n

Enterprise Networks are subjected to meet sudden business changes and requirements. In doing so, networks become vulnerable. In worst cases<\/a>,<\/strong> it turns out to be the next WannaCry, Petya, or NotPetya. Evolving traffic patterns of the cloud era have increased the focus on network security. Not so surprisingly, Gartner highlights a rise in security investments for cyber\/information security by 55%. And as security measures proliferate, network segmentation hits a new radar in the IT security tech stacks.<\/p>\n

 <\/p>\n

Network Segmentation continues to be a\u00a0crucial<\/span>\u00a0technique for IT teams in today\u2019s dynamic IT ecosystem. So what is Network Segmentation? Implemented in a variety of ways the benefits of network segmentation are numerous. The most basic function and advantage of network segmentation is that it allows network administrators to isolate traffic. In the age of SD-WAN, evolving further into advance techniques like micro-segmentation, network segmentation is allowing IT teams to segmen<\/span>t traffic at the granular level.<\/p>\n

 <\/p>\n

Network Segmentation with the Perimeter<\/strong><\/h2>\n

 <\/p>\n

In most enterprises, n<\/span>etwork segmentation is used with a perimeter firewall. In addition, Intrusion<\/span>\u00a0Prevention System (IPS), Advanced Threat Prevention (ATP) is applied to guard the network perimeter. vLANs and vRFs are the two most common types of network segmentation methods used by networking teams. VLANs provide only site-specific segmentation and on the other hand, VRFs are used for complex wider deployments.<\/p>\n

 <\/p>\n

In the perimeter firewall approach, the enterprise network is divided into many smaller networks to reduce the impact radius in the advent of an attack. Further, to cont<\/span>rol the communications between hosts and services, specific rulesets are developed and applied to each (host and services). Each host and network seg<\/span>mented and segregated at the lowest manageable level. Routers divided the network into separate smaller networks using Virtual LAN (VLAN) or Access Control Lists (ACLs). Network firewalls are then put into action to filter network traffic between segments, and host-based firewalls filter traffic from the local network adding additional security.<\/p>\n

 <\/p>\n

However, segmenting today\u2019s traffic using this method \u2013 using firewalls and routing- firstly is technically cumbersome and secondly raises security concerns. Enterprise networks\u00a0become<\/span>\u00a0easily hackable for intruders to gain widespread access to the entire network. The lack of a comprehensive network segmentation methodology makes attacks easily pass through the perimeter.<\/p>\n

 <\/p>\n

\"\"<\/a><\/p>\n

<\/h2>\n

Network Segmentation via SD-WAN<\/strong><\/h2>\n

 <\/p>\n

The surge of cloud, distributed network architecture, and the internet has compelled enterprises to augment end to end network segmentation beefing up security with the network infrastructure. The need of the hour for enterprise IT teams is to able to separate different types of traffic using segmentation that can scale i.e allow IT teams to create multiple segments across the enterprise network, creating a new set of standard protocols.<\/p>\n

 <\/p>\n

Today\u2019s dynamic IT teams segment new age traffic intelligently and automatically with an intent driven approach. Using software-defined WAN, IT teams are able to manage and configure necessary activity proactively and continuously to reach the desired outcome. No more manual configuration is required. IT teams can simply define segments and assign policies to each. For example, rules are applied as per VPN and firewall segments, and security policies are applied to each individual segment. These policies are automatically applied across edges and cloud. Via intent based segmentation such as ScaleAOn, each segment is automatically isolated with respective policies carried across the WAN.<\/p>\n

 <\/p>\n

Further, as WANs become more App friendly, ad<\/span>vance segmentation techniques like micro-segmentation is emerging\u00a0as a be<\/span>neficial way to enforce security with a nicety \u2013 allowing networking teams to breakdown segments further at the level of application and users. Hence today when networking teams are expected to keep WAN always ON, automated policy-based network segmentation is critical to ensure defences are also ON. The end result is an enterprise network that is agile and easy to control, and that provides secure segmentation of traffic as per enterprise business demands.<\/p>\n

 <\/p>\n

At Lavelle Networks, our solution ScaleAON allows networking teams to create network segments with Zero errors. Assisted visual aids in the user interface, which allows to create VPN or WAN topology without a single line of actual network interface configuration. ScaleAOn simplifies the configuration and management of network segregation making segmenting of network traffic seamless and scalable.<\/p>\n","protected":false},"excerpt":{"rendered":"

As traditional perimeter defences become easy to crack automated and policy based network segmentation solves two biggest challenges for CIOs –\u00a0security and complexity.   Enterprise Networks are subjected to meet sudden business changes and requirements. In doing so, networks become vulnerable. In worst cases, it turns out to be the [\u2026]<\/span><\/p>\n","protected":false},"author":10,"featured_media":20638,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[10],"tags":[82],"yoast_head":"\nNetwork Segmentation: Securing Traffic in the dying age of traditional perimeter - Lavellenetworks<\/title>\n<meta name=\"description\" content=\"Read all about what is network segmentation, how was it implemented traditionally and how to do it in the digital age of SD-WAN.\" \/>\n<link rel=\"canonical\" href=\"https:\/\/lavellenetworks.com\/blog\/network-segmentation-securing-traffic-in-the-dying-age-of-traditional-perimeter\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Network Segmentation: Securing Traffic in the dying age of traditional perimeter - Lavellenetworks\" \/>\n<meta property=\"og:description\" content=\"Read all about what is network segmentation, how was it implemented traditionally and how to do it in the digital age of SD-WAN.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/lavellenetworks.com\/blog\/network-segmentation-securing-traffic-in-the-dying-age-of-traditional-perimeter\/\" \/>\n<meta property=\"og:site_name\" content=\"Lavellenetworks\" \/>\n<meta property=\"article:published_time\" content=\"2019-04-11T12:27:11+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-04-14T05:49:58+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/lavellenetworks.com\/blog\/wp-content\/uploads\/2019\/04\/Network-Segmentation-Securing-Traffic-in-the-dying-age-of-perimeter-Blog-Image-1024x512-1.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1024\" \/>\n\t<meta property=\"og:image:height\" content=\"512\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\">\n\t<meta name=\"twitter:data1\" content=\"4 minutes\">\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebSite\",\"@id\":\"https:\/\/lavellenetworks.com\/blog\/#website\",\"url\":\"https:\/\/lavellenetworks.com\/blog\/\",\"name\":\"Lavellenetworks\",\"description\":\"\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":\"https:\/\/lavellenetworks.com\/blog\/?s={search_term_string}\",\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/lavellenetworks.com\/blog\/network-segmentation-securing-traffic-in-the-dying-age-of-traditional-perimeter\/#primaryimage\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/lavellenetworks.com\/blog\/wp-content\/uploads\/2019\/04\/Network-Segmentation-Securing-Traffic-in-the-dying-age-of-perimeter-Blog-Image-1024x512-1.jpg\",\"width\":1024,\"height\":512},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/lavellenetworks.com\/blog\/network-segmentation-securing-traffic-in-the-dying-age-of-traditional-perimeter\/#webpage\",\"url\":\"https:\/\/lavellenetworks.com\/blog\/network-segmentation-securing-traffic-in-the-dying-age-of-traditional-perimeter\/\",\"name\":\"Network Segmentation: Securing Traffic in the dying age of traditional perimeter - Lavellenetworks\",\"isPartOf\":{\"@id\":\"https:\/\/lavellenetworks.com\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/lavellenetworks.com\/blog\/network-segmentation-securing-traffic-in-the-dying-age-of-traditional-perimeter\/#primaryimage\"},\"datePublished\":\"2019-04-11T12:27:11+00:00\",\"dateModified\":\"2021-04-14T05:49:58+00:00\",\"author\":{\"@id\":\"https:\/\/lavellenetworks.com\/blog\/#\/schema\/person\/b1a8ff9ffe087e7ab52713b8452b0d3a\"},\"description\":\"Read all about what is network segmentation, how was it implemented traditionally and how to do it in the digital age of SD-WAN.\",\"breadcrumb\":{\"@id\":\"https:\/\/lavellenetworks.com\/blog\/network-segmentation-securing-traffic-in-the-dying-age-of-traditional-perimeter\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/lavellenetworks.com\/blog\/network-segmentation-securing-traffic-in-the-dying-age-of-traditional-perimeter\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/lavellenetworks.com\/blog\/network-segmentation-securing-traffic-in-the-dying-age-of-traditional-perimeter\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"item\":{\"@type\":\"WebPage\",\"@id\":\"https:\/\/lavellenetworks.com\/blog\/\",\"url\":\"https:\/\/lavellenetworks.com\/blog\/\",\"name\":\"Blog\"}},{\"@type\":\"ListItem\",\"position\":2,\"item\":{\"@type\":\"WebPage\",\"@id\":\"https:\/\/lavellenetworks.com\/blog\/network-segmentation-securing-traffic-in-the-dying-age-of-traditional-perimeter\/\",\"url\":\"https:\/\/lavellenetworks.com\/blog\/network-segmentation-securing-traffic-in-the-dying-age-of-traditional-perimeter\/\",\"name\":\"Network Segmentation: Securing Traffic in the dying age of traditional perimeter\"}}]},{\"@type\":\"Person\",\"@id\":\"https:\/\/lavellenetworks.com\/blog\/#\/schema\/person\/b1a8ff9ffe087e7ab52713b8452b0d3a\",\"name\":\"Samuel Natarajan\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/lavellenetworks.com\/blog\/#personlogo\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/lavellenetworks.com\/blog\/wp-content\/uploads\/2021\/04\/sam-146x146.jpg\",\"caption\":\"Samuel Natarajan\"},\"sameAs\":[\"https:\/\/lavellenetworks.com\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","_links":{"self":[{"href":"https:\/\/lavellenetworks.com\/blog\/wp-json\/wp\/v2\/posts\/16213"}],"collection":[{"href":"https:\/\/lavellenetworks.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lavellenetworks.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lavellenetworks.com\/blog\/wp-json\/wp\/v2\/users\/10"}],"replies":[{"embeddable":true,"href":"https:\/\/lavellenetworks.com\/blog\/wp-json\/wp\/v2\/comments?post=16213"}],"version-history":[{"count":1,"href":"https:\/\/lavellenetworks.com\/blog\/wp-json\/wp\/v2\/posts\/16213\/revisions"}],"predecessor-version":[{"id":20637,"href":"https:\/\/lavellenetworks.com\/blog\/wp-json\/wp\/v2\/posts\/16213\/revisions\/20637"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/lavellenetworks.com\/blog\/wp-json\/wp\/v2\/media\/20638"}],"wp:attachment":[{"href":"https:\/\/lavellenetworks.com\/blog\/wp-json\/wp\/v2\/media?parent=16213"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lavellenetworks.com\/blog\/wp-json\/wp\/v2\/categories?post=16213"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lavellenetworks.com\/blog\/wp-json\/wp\/v2\/tags?post=16213"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}