PricingBlogAbout Us

Difference Between Physical Network Segmentation and Micro-Segmentation

Verified

Added on  2023/01/18

|5
|849
|84
AI Summary
This report describes the difference between physical network segmentation and micro-segmentation and how micro-segmentation supports zero trust security.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.
Document Page
Running head: CLOUD COMPUTING 1
Cloud Computing
Student’s Name
Institutional Affiliation

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
CLOUD COMPUTING 2
Abstract
This report describes the difference between physical network segmentation and micro-
segmentation. It also defines the term zero trust security and describes approached through
which micro-segmentation supports zero trust security.
Explain the difference between physical network segmentation and micro-segmentation.
Physical network segmentation is a practice of creating sub-networks inside the
general network to avoid intruders from moving laterally when inside the perimeter as well as
to hone the performance of the system. Generally, organisations develop network segments
through firewalls. In general, network segmentation is regarded as a north-south traffic,
control, which means that when users are in a designated zone of the network, it assures them
their security. However, trust models have led to breaches, which has resulted in the
advancement of micro-segmentation. On the same note, firewalls and VLANs are network-
based constructs, but to manage the network security by firewalls is no more a viable solution
in the modern cloud computing setting (Kawashima, & Matsuo, 2017). Indeed, the use of
physical network centers is diminishing because of the benefits related to clouds provisions.
However, protocols, IP addresses, and ports are easily breached into by hackers.
Klein (2019) define micro-segmentation as a practice of constructing secure zones in
data centers as well as cloud deployment, which allows companies to separate workloads
from each other and secure them separately. Micro-segmentation is a strategy that provides
fine-grained security practices assigned to data center apps across the workload level. In this
sense, this practice allows security models to be installed deep inside the data center via a
virtualised software approach. Consequently, micro-segmentation is critical because it
directly integrates security to a virtualised workload minus the need for a hardware-based
Document Page
CLOUD COMPUTING 3
firewall. Certainly, this means that security policies can be synchronised with a virtual
machine, virtual network, and operating system as well as other virtual security aspects.
Explain what it means to implement zero trust security.
Zero trust security is a security idea as well as threat model which do not assume that
systems, actors, and services that operate within the security perimeters should be trusted
automatically. Instead, zero trust security work to ensure that everything and anything that
attempt to connect to the systems is verified prior to gaining access (Mämmelä et al., 2016).
The technology behind zero trust security it its ability to ask enterprises to leverage granular
and micro-segmentation perimeter enforcement based on its location, users, and other data.
All this is done to find out if to trust machine, users, and applications that seek access to a
specific department of the organisation. Therefore, Zero Trust has based its technologies like
authentication, multifactor, encryption, system permissions.
Explain how micro-segmentation can support a zero trust network.
Micro-segmentation is a practice that allows administrators the control to come up
with granular policies as a strategy to protect the application settings. Indeed, micro-
segmentation has the ability to support a zero trust network because it stipulates the policies
and regulations regarding the way in which applications can communicate with its tier
(DeCusatis, Liengtiraphan, Sager, & Pinelli, 2016). These policies are granular so as to
restrict the communication between a host that are strictly allowed to communicate. In the
process, this declines the existing attacks by completely locking down the intentions of
intruders by legally moving into the application infrastructure.
Conclusion
Document Page
CLOUD COMPUTING 4
In conclusion, physical network segmentation is rarely used in the modern world
because its require each segment to have its internet connectivity. Consequently, micro-
segmentation has taken over because it offers fine-grained security measure.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
CLOUD COMPUTING 5
References
DeCusatis, C., Liengtiraphan, P., Sager, A., & Pinelli, M. (2016, November). Implementing
zero trust cloud networks with transport access control and first packet authentication.
In 2016 IEEE International Conference on Smart Cloud (SmartCloud) (pp. 5-10).
IEEE.
Kawashima, R., & Matsuo, H., (2017). A generic and efficient local service function chaining
framework for user VM-dedicated micro-VNFs. IEICE Transactions on
Communications, 2016NNP0009.
Klein, D., (2019). Micro-segmentation: securing complex cloud environments. Network
Security, 2019(3), 6-10.
Mämmelä, O., Hiltunen, J., Suomalainen, J., Ahola, K., Mannersalo, P., & Vehkaperä, J.
(2016, June). Towards micro-segmentation in 5G network security. In European
Conference on Networks and Communications (EuCNC 2016) Workshop on Network
Management, Quality of Service and Security for 5G Networks.
1 out of 5
circle_padding
hide_on_mobile
zoom_out_icon
[object Object]

Your All-in-One AI-Powered Toolkit for Academic Success.

  +13062052269
info@desklib.com

Available 24*7 on WhatsApp / Email

[object Object]
Unlock your academic potential

© 2024   |   Zucol Services PVT LTD   |   All rights reserved.