CSW Microsegmentation

Microsegmentation has quickly become a key component of most security processes. The process of CSW microsegmentation may seem complicated at first, but it is quite simple; it is a pivotal part of keeping your network and company secure. An attack surface is defined as the number of all possible/potential points and locations where an unauthorized user can gain access to a system, allowing the unauthorized user to extract and steal data and information. Microsegmentation allows security policies to exist much closer to each individual application. In practice, this will proactively reduce the attack surface, making it much more difficult for unauthorized users to gain control and access to your private data.

Microsegmentation is often considered the first step in establishing a Zero Trust Network. Using a Zero Trust take on network security, there is a necessary assumption that no network segment is secure/without breach. Zero Trust network security also switches the user authentication from user to application, rather than user to network. After completing both of these steps, the perimeter of the workloads (applications) themselves is effectively shortened. However, in order to place said perimeters as close as possible to each workload, you will need to implement microsegmentation. With this in mind, it is evident that both microsegmentation and a Zero Trust security approach go hand in hand.

Cisco Secure Workload (CSW) deployment is able to use machine learning to learn, understand, and monitor your applications' typical behavior. In doing this, CSW can identify when the said application's behavior does not fall in line with the previously learned typical behavior. CSW is then able to specially procure certain security policies throughout any and all applicable workloads. Because these security policies are procured specifically for your company's workloads, they are rendered to be extremely simple, efficient, and most of all effective. CSW is able to constantly monitor applications. In doing this, CSW can identify vulnerabilities and any potential exposures. To remedy this, CSW will offer specially procured security policies to fix these said vulnerabilities, effectively shrinking your application's attack surface. The smaller the segments, the less invasive a potential attack can be. CSW is also able to flag certain anomalies for your review. All of these processes are completed extremely quickly, as we value how precious time is in dealing with network security.

Management Control Lockdown: Restricting server management control protocols to a known set of management workstations or jump servers.
Vulnerability Mitigation Policy Example: Blocking pings from hosts vulnerable to a particular CVSS Severity Rating (e.g. quarantine all "critical" severities).
Restricting Services: Restricting DNS, NTP, etc. to particular servers in your data center.
DMZ Workload Protection: Filtering incoming public Internet traffic to approved DMZ environments.
Internal Workload Protection: For hosts that should NOT connect with the internet, deploy policy that only allow them to communicate with known internal addresses.

In working with our BTA experts, we will select up to 50 different nearby servers in a production environment.

After selecting the servers, we will deploy software agents to collect the traffic coming to and from those selected servers. This process will take approximately two weeks.

BTA will host ADM (Application Dependency Mapping) sessions with your team to analyze the data. Using CSW's deep flow analysis and BTA's expertise, we'll define the two applications in your environment and model the required segmentation.

After an iterative series of non-impactful testing and analyses, we'll follow your processes to enable segmentation and you'll experience, first-hand, the security advantages of application segmentation.