A security architect at a large enterprise is reviewing the network traffic patterns in their newly deployed private cloud environment. They notice that most of the traffic is occurring between application servers in the same data center. Which type of traffic flow is being observed, and what security approach would be most appropriate for protecting this traffic pattern?
North-South traffic; strengthen perimeter firewalls at the data center edge
The scenario describes East-West traffic, which refers to lateral movement between servers within the same data center. Unlike North-South traffic (which flows between the data center and external networks), East-West traffic requires different security approaches.
Micro-segmentation is most appropriate because it provides fine-grained security controls between workloads within the data center, limiting lateral movement if a server is compromised. Traditional perimeter defenses primarily protect North-South traffic but don't adequately secure server-to-server communications. Micro-segmentation creates security zones around workloads and controls communication between them, aligning with zero-trust principles.
Perimeter firewalls focus on North-South traffic, VPN concentrators secure remote access connections, and NAC systems control endpoint authentication rather than server-to-server communications.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is East-West traffic?
Open an interactive chat with Bash
What is micro-segmentation and why is it important?
Open an interactive chat with Bash
How does micro-segmentation align with zero-trust principles?
Open an interactive chat with Bash
ISC2 CISSP
Communication and Network Security
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
IT & Cybersecurity Package Join Premium for Full Access