What is East-West security?
East-West security is the monitoring and inspection of traffic moving laterally within the network perimeter in order to identify and block known and unknown threats as well as unauthorized access.
East-West security is based on the understanding that threat actors will eventually find a way through modern perimeter firewalls, which means that all internal network traffic is now vulnerable and must be protected.
Internal Firewalls for Dummies Guide
Internal Firewall: The Best Way to Protect East-West Traffic
Why East-West security?
In a hyper-connected world, the distribution of modern networks, and the increasingly porous perimeters that surround them, mean that traffic internal to the network can no longer be trusted just because it is within the network. Moreover, since East-West traffic now makes up a substantially larger portion of typical total network traffic than North-South traffic, ignoring its potential risks is no longer an option.
Without the protection of East-West security controls, malicious actors that manage to penetrate the network perimeter can move laterally at will, persisting in the network, surveilling business activity, potentially stealing data and/or causing damage.
Benefits of East-West security
Organizations have historically tended to view security threats as coming from outside a more or less solid perimeter. In modernizing their networks, businesses have come to understand that a robust approach to securing internal traffic is critical to often widely distributed business functions.
In fact, with an East-West security solution such as VMware’s NSX Distributed Firewall, organizations can actually gain greater control and visibility over their networks, with granular inspection of traffic flows and policy-based management that dramatically lowers operational risk — and cost — while enabling the modern distributed enterprise.
East West security can:
- Inspect all East-West network traffic
- Effectively block the lateral movement of threat actors
- Increase network visibility down to the workload level
- Protect apps and data vital to the business
- Lower costs and risk for distributed operations
How does East-West security work?
East-West security leverages advanced visibility to inspect lateral traffic flows within the network — recognizing potentially malicious network behaviors, including known and unknown threats, and blocking the lateral movement of potential threats.
A comprehensive approach to East-West security includes analyzing every packet and workload to detect and block threats. It combines deep application awareness and visibility in combination with a detailed understanding of application topologies to monitor all traffic flows. The components of such a solution would include:
- Internal Firewall: Enables network segmentation and granular inspection of all East-West traffic with policy-based controls.
- Intrusion Detection and Prevention System (IDS/IPS): Monitors the network for malicious activity, detecting lateral movement and blocking it where it occurs.
- Advanced Threat Analysis: Provides complete sandboxing and analysis of potential malware traversing the data center, with accurate detection and prevention of advanced threats, including zero-day attacks.
Related Solutions and Products
NSX Distributed Firewall
Secure your data center with a full-stack firewall distributed at each workload
NSX Advanced Threat Prevention
Network traffic analysis and intrusion prevention for NSX Distributed Firewall