Most medium and large organizations are digital organizations. Many of these organizations have sophisticated information technology (IT) infrastructure that has been added to over the years. The bulk of this infrastructure uses Transmission Control Protocol/Internet Protocol (TCP/IP) for its networking stack and some version of Microsoft Windows or Unix/Linux as the endpoint operating system. Unfortunately, TCP/IP was designed for openness, not security. Although some operating systems are more secure than others, most in use today were not designed for security from the ground up. Finally, applications running on operating systems have become byzantine, sometimes with millions of lines of code. As a result, security holes in the IT infrastructure abound VMware. Cybercriminals know this and are always on the lookout for their next easy target.
Back when IT infrastructure was smaller and less complex, and cybercrime was less prevalent, it was possible to insert a small number of edge firewalls between the outside world and the organization to protect the organizations’ infrastructure from external attackers — up to a point. Even then, the edge firewall would not protect an organization against a malicious insider Internal Firewalls. More workloads typically mean more physical servers, which means more processing power for the distributed engines. Thus, security teams are freed from the constraints of the inspection capacity available in a centralized firewall appliance.
Accessing the Network Layer
These days, cybercrime is big business. Many organizations are too big and juicy a target to attackers to rely solely on edge firewalls for network security. Once attackers get past the edge firewall, they can move laterally in the organization’s IT infrastructure with a great deal of freedom. Attackers use this freedom to move from low-value, lightly-defended assets that they have compromised to high-value assets such as databases of personal information or intellectual property stores. +Defenders security teams at these organizations need to prevent the lateral movement of attackers. They need to think about compartmentalizing their network to limit damage from individual intrusions. They need to think about obscuring one part of their infrastructure from another. In short, defenders need to think about internal firewalls.
Why you need an internal firewall
To read full download the whitepaper:
Internal Firewalls For Dummies®, VMware Special Edition