シンビオ社会研究会 原子力WEB教材


NetworkSegmentation

What is network segmentation??

Network segmentation (https://en.wikipedia.org/wiki/Network_segmentation ) includes partitioning a network into small networks; while network segregation includes creating and authorizing a ruleset for controlling the communications between specific hosts and services. Focal points of such splittings are fundamentally for boosting performance and improving security.

A large network can be separated into different parts which are called segments. Each segment can use its very own network protocol, security standards, firewalls, etc. Nodes on various segments can't directly communicate with one another.

Why do we need network segmentation??

· Network traffic can be isolated and/or separated to limit and/or prevent access between network segments. Better Access Control, Enable clients to just get to specific network resources & Improved Monitoring.

· Network access control gives IT divisions a chance to figure out which clients and devices have authorized permissions, adding another level of security to the network and its data.

· System Segmentation is known as one of the Great Network Management practices. Improve visibility and monitoring Network segmentation enables you to present more points in the network where traffic can be inspected, counted, and checked.

· Network segmentation is the way toward isolating bits or portions of a network to give improved performance and security. By isolating different segments of a network, you permit just the clients who require specific tools or applications to access to that segment of the network. This improves security.

· Network segmentation security enables you to have better control of your network because when a network issue happens, its impact is restricted to the local subnet.

For what reason do networks segregate??

Most circumstances in which you have to segregate are identified with the security of your network. The primary explanation behind segregation is to limit access to the network that a group of users or devices may have. This guarantees the data isn't shared freely and any damage done by malware or virus is restricted.

Models used in Segmentation:?

A network segment is a portion of a computer network that is isolated from the rest of the network by a device, for example, a repeater, hub, bridge, switch or router. Each segment can contain one or different computers or different hosts. The type of segmentation differs as indicated by the kind of device used.

Physical Segmentation:?

Physical segmentation includes separating a huge network into numerous littler physical segments. It typically includes investing in additional hardware, for example, switches, routers, and access points.

Logical Network Segmentation:?

Logical network boundaries are characterized by the use of devices working on OSI Layer 3 (routers, advanced switches, firewalls) to isolate a physical network into numerous address spaces. These devices give a logical boundary between each network.

What is used to interface two network segments??

Any system or device associated with a network is called a node. For instance, if a network associates a file server, five computers, and two printers, there are eight nodes on the network. It tends to be a computer or a device that is a part of a network. At least two nodes are required to form a network connection. Routers can connect two or more network portions. A layer 2 segment is proportionate to a broadcast domain.

A network bridge joins two separate computer networks. The network bridge empowers communication between the two networks and gives an approach to them to fill in as a single network. Bridges stretch out local area networks to cover a larger physical area than the LAN can reach.

The maximum segment length depends on the signal attenuation of a specific media regarding dB loss per unit length - for each meter of cable.

Learn more about redesigning security network using Micro-Segmentation networking ( https://www.fieldengineer.com/blogs/what-is-micro-segmentation )

Article Source: https://bit.ly/2kSakhW

Last-modified: 2019-09-20 (金) 00:40:16 (763d)