Segmentation Fundamentals (for Cloud/Cyber Security Engineers)
As part of my journey to a container-based POC I asked myself — what is the best way to segment a container?
Then I stumbled upon the concept of “nano-segmentation”, something interesting, but here’s a write-up about the importance of segmentation and the kinds of segmentation that are brought up in discussions.
./Segmentation
Segmentation is an important concept within a Security Architecture.
There are guidelines and best practices made public by vendors and analysts.
These concepts apply to multiple layers of an environment, including on-premises and cloud-hosted. This an evolution of past segmentation concepts that applied only to the network layer of an environment.
Therefore, nowadays, there are different types of segmentation, each with different terms that were coined by vendors and analysts (discussed further below)
And the Segmentation laws that should apply to an organization are defined from a strategy perspective.
Regarding Segmentation Strategy, according to Microsoft:
An effective segmentation strategy will guide all technical teams (IT, security, applications) to consistently isolate access using networking…
