microsegment.io

segment all the things

Microservices and Microsegmentation

Cohabitation is a good thing

The thing to remember is that just because dev has decided to leverage microservices does not in turn mean that the network somehow magically becomes microsegmented or that if microsegmentation is used to optimize the network service architecture that suddenly apps become microservices. Microsegmentation can be used to logically isolate monolithic applications as easily as it can microservices.

Article from DZone

“Micro is big these days” - The below statement is from an article showing the similarities and differences between microservices and microsegmentation. Of course we all know the differences, but we might have never thought about the similarities between the two approaches.

Posted by     Alexander Goller on Monday, September 16, 2019

Undivided We Fall: Decoupling Network Segmentation from Micro-Segmentation

@alissaknight has published a great article on LinkedIn that talks about the history of segmentation and the use-cases and differences of network segmentation and micro-segmentation.

What i like about the article is that Alissa shows that network segmentation and micro-segmentation can be mutually exclusive, but can also co-exist. They do different things and they have different use-cases, which are also highlighted in the article.

The conclusion though is what i wouldn’t agree to, a Software Defined Perimeter does not solve a lateral movement problem nor will it implement Micro-Segmentation. The underlying problem of having no visibility into what to segment and how to structure your policy so it does not break applications is not solved by moving to another solution.

Posted by     Alexander Goller on Thursday, September 12, 2019

Demystifying the Windows Firewall

A talk by Jessica Payne

What a great talk by Jessica Payne that talks about why network segmentation is so important and how to apply these principles to your host-based Windows Firewall (that you probably never use). It is from 2016 and still true.

Posted by     Alexander Goller on Tuesday, September 10, 2019

Scaling up vs scaling out your security segmentation

Scale-up-vs-scale-out

If you follow discussion on running cloud native, monolithic or more traditional applications you may have stumbled over the terms “scale up“ and “scale out“. Don’t feel bad if you don’t know these, because they were formerly just “vertical scaling“ (scale up) and “horizontal scaling“ (scale out).

What is scale up?

Scale up means, if you have e.g. a server in your datacenter running your database, to make the database faster or have more concurrent client getting served, you would add more hardware to that server and just make it the biggest machine available.

Posted by     Alexander Goller on Monday, September 9, 2019

Segment-O-Pedia

Encyclopedia segmentata

This page is work in progress. If there is something missing feel free to comment or send me a mail.

Posted by     Alexander Goller on Friday, September 6, 2019

avatar

Sales Droid, Security Nerd, Software Developer, Biker, Skier

FEATURED TAGS
attacks containers kubernetes links metrics microsegmentation microservices mitre segmentation zero-trust