What is Microsegmentation

Microsegmentation is the security technique in which the network is divided or compartmentalised into specific, definable zones. Each of these zones uses different policies to specify how data, applications, and even virtual machines within it can be accessed and controlled. Microsegmentation is crucial because it allows IT administrators to create customised security policies specific to each zone or individual subnetwork (the microsegment). This reduces the risk of getting the entire network compromised in case of an attack because the threat is contained in the microsegment it infiltrates, thus preventing lateral movement attacks. This means said attack or security breach would be limited or isolated to just the subnetwork where the attack occurred and not affect the entire system.

Full and deep security visibility of converged cloud workload.

CloudArmour provides a centralised dashboard that gives organisations unified workload monitoring and real-time asset management. It also has a posture perspective function that provides deep insight into vulnerabilities, relations, and traffic connections between applications and services, which can then potentially unveil vulnerable applications, abnormal traffic and risky behaviours.

ML-powered intelligent threat detection and runtime protection.

CloudArmour features advanced threat detection and prevention capability that intelligently detect threats and mitigate risks during runtime on all cloud workloads. It relies on ML algorithms for behaviour modelling and then deploys rules to mitigate potential threats. Moreover, CloudArmour integrates cloud threat intelligence to further enhance its threat detection capability.

Unified and granular network microsegmentation.

CloudArmour’s industry-leading microsegmentation capabilities and traffic steering technology minimise the threat attack surface, automatically discover application dependencies and dynamically enforce microsegmentation policies to avoid the proliferation of potential threats. CloudArmour also features a smart policy assistant that can generate appropriate policies to best optimise the policy configuration of running systems without interrupting the cloud environment.

Complete vulnerability management across the entire application lifecycle.

CloudArmour provides deep insights and management of the vulnerabilities of images, containers, working nodes and hosts. It also integrates security as part of the Continuous Integration and Continuous Deployment workflow throughout the application lifecycle, triggering alerts if necessary to mitigate potential risks ahead of time.

Standard Security Compliance Assessments and Enforcement.

CloudArmour assesses the compliance posture of cloud workloads with recommendations based on the industry’s best practices. It leverages pre-configured compliance checks from CIS Benchmarks for Kubernetes, Docker, Linux, images and application runtime configurations, and then provides a standard list of recommendations to remediate risks.

Find Out More

Microsegmentation has become the panacea for securing cloud-based data centres. To truly protect your cloud data centre, you need a microsegmentation solution that is as virtual, flexible and elastic as the infrastructure it serves. It needs to be able to insert itself deeply into the virtual environment to protect data transfers and virtual resources as they deploy, grow, shrink and migrate within the data centre. It must also be hypervisor-aware and tightly integrated with virtual and cloud management and orchestration platforms. Visit the link below to find out how Hillstone can give you the solution that fulfils all the above requirements.

Hillstone Micro-segmentation