Traffic Flows Flashcards
4.1.8
East-West Traffic
Where traffic moves laterally between servers within a datacenter within a data, control, and management plane or between geo dispersed locations. In other words, trusted nodes and networks. Access controls, micro segmentation and isolation policies raise security here.
North-South Traffic
Where traffic moves to/from endpoints on internal network to nodes on the public cloud/internet. Data flows up and down the stack of data/control/management planes. Data flows from the organization to external destinations (northbound) or into the org from external sources (southbound). Includes untrusted networks. Brings security concerns like data compromise, DDoS attacks, and inadequate authentication.
Reasons for Network Segmentation
1 Boosting Performance through on orgs scheme in which systems that often communication are located on the same segment
2 Reducing Communication Problems by reducing congestion and contains communication problems such as broadcast storms, to individual subsections of the network
3 Providing Security by isolating traffic and user access to those segments where they are authorized
Intranet
a private network that is designed to host the same information services found on the internet
Extranet
a section of an organization’s network that has been sectioned off to act as an intranet for the private network but also serves information to the public internet. A cross between internet and intranet
Demilitarized Zone (DMZ)
An extranet for public consumption is typically labeled a perimeter network.
Network Segmentation
Used to control traffic and isolate static/sensitive environments.