ntopng Edge Service Micro-Segmentation
ntopng Edge lets you do a very accurate micro-segmentation to safely isolate critical hosts and services from unwanted or unexpected traffic. Traditional firewalls, intrusion prevention systems (IPS) and other security systems are designed to inspect and secure traffic coming from the Internet, but they fail at limiting potentially harmful activities coming from the inside of the network, for example when hackers gain access through a security breach. ntopng Edge micro-segmentation gives greater control and protection over such kind of activities, allowing only certain kinds of traffic to be exchanged with any controlled host. The ultimate goal is to reduce the network attack surface: by applying segmentation rules down to the single host, the risk of insider threats is greatly reduced.
Typical policies that allows you to obtain micro-segmentation with nEdge are:
- “Only allow a Web server to talk HTTP/HTTPS traffic with clients, and MySQL with backend database servers”
- “Only allow switches to talk SNMP and sFlow with a given collector”
- “Only allow a POS to communicate via HTTPS with the Bank website”