With the world at our fingertips via a simple Google search, it can sometimes be tough to figure out what’s fact and what’s fiction. Whether you’re an expert, novice, or beginner in the tech world, time should be spent putting capabilities and terms into action – rather than trying to piece them together and understand them like a Sudoku puzzle. That’s why we’re going to debunk six major East-West security myths for you – so you can get back to the good stuff.
1. East-West security is the monitoring and inspection of traffic moving medially within the network perimeter, working to identify and block threats and enable access rights.
Busted. East-West security does all of the fancy stuff mentioned, with one very important difference: it moves laterally through the network perimeter. This is a key understanding, since East-West security operates on the premise that threat factors will eventually find a way through next-generation firewalls – which means all internal network traffic is vulnerable.
2. A traditional firewall that manages North-South traffic can handle a modern network breach by itself.
Busted. While it’s important to have North-South security in place (filtering the traffic that is exiting and entering the network), it cannot protect the network on its own, as it may have done in the 90s. Perimeter firewalls cannot see east-west traffic easily – which means that, without the proper safeguards in place, attackers can move laterally within the network once they’ve slipped past the perimeter.
3. Indicators of compromise (IoCs) in East-West traffic are always the same as those found in North-South traffic.
Busted. IoCs found in East-West traffic often vary from those found in North-South traffic, which causes many security professionals to search for a way to streamline their analytics approach. Perimeter security mostly relies on signatures and threat intelligence feeds, and, for East-West traffic, the assumption has been that analysts need to create a whole new set of policies and signatures from scratch. The answer is no, and better yet – there’s a simple solution.
4. Implementing East-West security is costly, time-consuming, and has high operational risk.
Busted. As networks continue to adopt a more modern structure, attackers will learn to adapt to a modern environment. Enabling East-West security does not have to complicated, but it is necessary. VMware’s NSX Distributed Firewall capabilities allow organizations to gain greater control and visibility across their networks – which speeds up your protection process, saves you money, and hardens your security posture.
5. The initial breach matters more than lateral movement inside of the network.
Busted. Allow us to elaborate. Of course, we don’t want any breaches. We can all agree that is something we want to be proactive about and prevent. However, breaches are inevitable as attackers and software get more sophisticated. The initial breach is going to happen – and the ensuing lateral movement is where attackers can dwell and dismantle your organization. It’s imperative that you operationalize East-West security so you’re ready for breaches and prepared to defend against lateral intrusions.
6. East-West security only contains one component: an internal firewall.
Busted. A comprehensive approach to East-West security is essential. This means analyzing every packet and workload to detect and block threats. Besides an internal firewall, East-West security also has a critical additional components: an intrusion detection and prevention system (IDS/IPS). VMware makes it easy to operationalize with a more integrated and distributed approach to security.
We busted 6 important myths, but it’s pretty jarring to think about how many others may exist out there. There’s so much more to learn about East-West security and how you can use it to maximize your organization’s security and performance. To help you get there, get our Internal Firewalls guide now.