East-West security is the monitoring and inspection of traffic moving laterally within the network perimeter in order to identify and block known and unknown threats as well as unauthorized access.
East-West security is based on the understanding that threat actors will eventually find a way through modern perimeter firewalls, which means that all internal network traffic is now vulnerable and must be protected.
In a hyper-connected world, the distribution of modern networks, and the increasingly porous perimeters that surround them, mean that traffic internal to the network can no longer be trusted just because it is within the network. Moreover, since East-West traffic now makes up a substantially larger portion of typical total network traffic than North-South traffic, ignoring its potential risks is no longer an option.
Without the protection of East-West security controls, malicious actors that manage to penetrate the network perimeter can move laterally at will, persisting in the network, surveilling business activity, potentially stealing data and/or causing damage.
Organizations have historically tended to view security threats as coming from outside a more or less solid perimeter. In modernizing their networks, businesses have come to understand that a robust approach to securing internal traffic is critical to often widely distributed business functions.
In fact, with an East-West security solution such as VMware’s NSX Distributed Firewall, organizations can actually gain greater control and visibility over their networks, with granular inspection of traffic flows and policy-based management that dramatically lowers operational risk — and cost — while enabling the modern distributed enterprise.
East West security can:
East-West security leverages advanced visibility to inspect lateral traffic flows within the network — recognizing potentially malicious network behaviors, including known and unknown threats, and blocking the lateral movement of potential threats.
A comprehensive approach to East-West security includes analyzing every packet and workload to detect and block threats. It combines deep application awareness and visibility in combination with a detailed understanding of application topologies to monitor all traffic flows. The components of such a solution would include: