What Does East-West Mean in an Atomized Network?
By Matt Wilson, VP Product Management
In traditional computing environments we used compass points to describe network traffic. We had what was outside the firewall and what was inside the firewall and a handful of defined ingress and egress points. What was passing across those points we referred to as north-south traffic. Everything that was happening behind the firewall, we referred to as east-west traffic. But now, in the new reality of corporate networks, there is no longer such a clearly defined perimeter, so those compass points don’t apply in a clean-cut way anymore.
A couple of things have happened that make this approach outdated.
- The number of north-south delineation points or edge points has significantly increased and what constitutes the Internet versus an organization’s network is starting to blur. Think about SD-WAN networks where any number of transport services, including the Internet, can be used to extend the enterprise network and connect users—wherever they are—to applications and data. The world has become fuzzier because what’s not ours is being used to transfer what is ours.
- East-west traffic, what is happening behind the “defined edge”, is in an even fuzzier state because what is ours is no longer only inside our protected network. Data and applications are scattered across a highly distributed environment, not just geographically from office to office and data center to data center. With the cloud, we may also have hundreds of cloud instances on one cloud or hundreds of instances across multiple clouds. And in the SaaS world, someone else is hosting and managing an implementation that contains our data on someone else’s infrastructure. People are also working from home using personal devices. Depending on policies, those devices could be accessing a lot of things that aren’t ours, and when they connect to our SaaS applications or the backend infrastructure of our internal applications, then they become internal and ours to manage and secure.
Changing how we look at the world
The traditional view of east-west doesn’t really exist anymore. It is significantly more ethereal. We can no longer point to a location and say that something exists in this physical space. We’re now dealing with a dynamic environment that is spread out across clouds, instances within clouds, untethered endpoints, and physical spaces. Welcome to the Atomized Network and understanding what is in our domain and what we control, versus what is general Internet connectivity, has become much more nebulous.
Making sense of the chaos so that we can visualize, manage access, and secure ever-expanding networks and thousands of points spread everywhere is extremely complex. We need a new way of thinking about and approaching this new reality, which means new tools. That’s where Netography comes in.
Our SaaS-based, universal platform provides complete network visibility for real-time and retrospective attack detection across your entire footprint. A single portal provides a unified view of data from all the devices in your on-premise, hybrid, and cloud environments, including Amazon Web Services, Google Cloud, IBM Cloud, Microsoft Azure, and Oracle Cloud. With visualizations you can see who is talking to whom and identify traffic moving between your on-prem, cloud, and multi-cloud networks, and to SaaS apps and internal apps. Visibility into lateral movement across your entire estate, allows you to identify anomalous behavior within your domain. And threat detection models make it easy to detect once and protect everywhere in minutes. You can also customize responses and remediation to automate protection of your environment regardless of infrastructure.
Visibility is dangerously low in today’s cloudy environment and traditional compass points can only get us so far. Netography is providing a new way of looking at the world as it exists today and bringing clarity to chart a path forward.