Svg Vector Icons : http://www.onlinewebfonts.com/icon Return to Glossary

What is East-West security?

East-West security is the monitoring and inspection of traffic moving laterally within the network perimeter in order to identify and block known and unknown threats as well as unauthorized access.

East-West security is based on the understanding that threat actors will eventually find a way through modern perimeter firewalls, which means that all internal network traffic is now vulnerable and must be protected.



Why East-West security?

In a hyper-connected world, the distribution of modern networks, and the increasingly porous perimeters that surround them, mean that traffic internal to the network can no longer be trusted just because it is within the network. Moreover, since East-West traffic now makes up a substantially larger portion of typical total network traffic than North-South traffic, ignoring its potential risks is no longer an option.

Without the protection of East-West security controls, malicious actors that manage to penetrate the network perimeter can move laterally at will, persisting in the network, surveilling business activity, potentially stealing data and/or causing damage.



How does East-West security work?

East-West security leverages advanced visibility to inspect lateral traffic flows within the network — recognizing potentially malicious network behaviors, including known and unknown threats, and blocking the lateral movement of potential threats.

A comprehensive approach to East-West security includes analyzing every packet and workload to detect and block threats. It combines deep application awareness and visibility in combination with a detailed understanding of application topologies to monitor all traffic flows. The components of such a solution would include:

  • Internal Firewall: Enables network segmentation and granular inspection of all East-West traffic with policy-based controls.
  • Intrusion Detection and Prevention System (IDS/IPS): Monitors the network for malicious activity, detecting lateral movement and blocking it where it occurs. 
  • Advanced Threat Analysis: Provides complete sandboxing and analysis of potential malware traversing the data center, with accurate detection and prevention of advanced threats, including zero-day attacks.


Benefits of East-West security

Organizations have historically tended to view security threats as coming from outside a more or less solid perimeter. In modernizing their networks, businesses have come to understand that a robust approach to securing internal traffic is critical to often widely distributed business functions.

In fact, with an East-West security solution such as VMware’s NSX Distributed Firewall, organizations can actually gain greater control and visibility over their networks, with granular inspection of traffic flows and policy-based management that dramatically lowers operational risk — and cost — while enabling the modern distributed enterprise.

East West security can:

  • Inspect all East-West network traffic
  • Effectively block the lateral movement of threat actors
  • Increase network visibility down to the workload level
  • Protect apps and data vital to the business
  • Lower costs and risk for distributed operations

 

Related Topics
Network Security
Data Center Security
Micro-Segmentation
Next-Generation Firewall
Data Center Firewall



VMware East-West Security related Products, Solutions, and Resources

NSX Network Detection & Response

NSX Network Detection and response provides the broadest set of detection capabilities spanning IDS/IPS

VMware NSX Distributed Firewall

Secure east-west traffic with a purpose-built internal firewall, built-in to the hypervisor and distributed at every host.

VMware Distributed IDS/IPS

Replace discrete appliances with a distributed software IDS/IPS solution to detect lateral threat movement on east-west traffic.

Advanced Threat Prevention

Inspect all network traffic and obtain the industry’s highest fidelity insights into advanced threats.

NSX Advanced Threat Analyzer

Included with NSX Advanced Threat Prevention, Advanced Threat Analyzer provides complete malware analysis