Questions related to network or other resource segmentation, i.e. creating a separate IP networks to isolate and control network traffic.
Questions tagged [segmentation]
8 questions
2
votes
2 answers
AWS serverless architecture compliance with PCI DSS 11.3 penetration testing segmentation
I am wondering how to comply with PCI DSS requirements (11.3) to test segmentation controls using penetration testing in AWS serverless architecture.
We are using components such as AWS Lambda, AWS API Gateway, AWS Cloudfront, etc., which are…
user1563721
- 1,099
- 11
- 22
1
vote
0 answers
Is it safe to use conntrack on Linux bridge devices?
I have a server with a number of Linux bridge devices for use with groups of virtual machines - some internet-routed, some intentionally unrouted. I have stateful firewalling in place for traffic traversing across and between those bridges.…
anx
- 178
- 4
1
vote
2 answers
Is it reasonable to make mandatory inside an organization (in the internal network) that all traffic were encrypted?
Is it reasonable to make mandatory that all traffic were encrypted inside an organization (in the internal network)?
Usually, in the LAN of an organization some protocols are plain text, for example, Telnet or FTP but also other like LDAP. The risk…
Eloy Roldán Paredes
- 1,507
- 12
- 25
0
votes
0 answers
Network Segmentation - Single Firewall VM vs Multiple
I am currently implementing a new network with different segments. The separation of those segments is achieved using VLANs. To enable some segments to communicate with each other and to be reached from the internet, a firewall is planned.
I am…
valkyrie
- 1
0
votes
1 answer
What are the security issues can be exploited to VLAN switches to compromise network?
While VLAN switches can be used to provide security between network segments using VLAN filtering rules. Is there any possibility to have an security issue which is exploited to VLAN switches?
Sivaram Rasathurai
- 390
- 2
- 4
- 15
0
votes
1 answer
Debating between architecture options for offline updating of Linux machines in a vertically segregated network
My coworker and I are discussing the pros/cons between two potential architecture options, and I would like to gather feedback on which option is better and why.
First, a description of the environment: We have a vertically segmented network into…
Peter Adamson
- 3
- 1
0
votes
1 answer
Segmenting Network: Zone location of a multipurpose NAS
I am currently segmenting my home network into several networks and zones due to the fact that my cheap router keeps all devices (private, smart home, entertainment) in one network (without a guest network feature and client isolation).
The network…
Samuel
- 708
- 5
- 13
-3
votes
2 answers
What are the risks of having a server with 2 interfaces each one in a different security zone?
In an organization usually have production and preproduction environments segregated in different physical or virtual machines. However, this new appliance is very expensive and the organization is not able to have two different elements.
The…
Eloy Roldán Paredes
- 1,507
- 12
- 25