What is North-South and East-West traffic security ?

One of the core principles in implementing Zero Trust security is microsegmentation. Implementing Zero Trust is critical for secure business operations, especially in data centers. Data centers consist of multiple components, like servers, network devices, storage infrastructure, and many more hardware and software components. Keeping these components within the security perimeter doesn't necessarily ensure that they are secure. That's where the concept of North-South and East-West perimeter security segmentation comes into play.

North-South and East-West refer to the concepts of network and traffic segmentation. Let's first understand these from a network perspective and then move on to the security aspect.

North-South traffic

North-South refers to the external communication of a data center. It is simply the traffic that flows into and out of a data center. The other external systems that communicate with the data center could be any client requesting access to an application. North-South traffic is usually from queries and commands requesting data and the output data generated.

Traffic entering a data center through a firewall or any other network device is southbound traffic, whereas traffic exiting the data center perimeter is northbound traffic.

East-West traffic

East-West traffic is the communication between the different components of a data center, like the communication between its different network devices and servers. Two hosts in the same subnet communicate and generate traffic.

With the adoption of technologies like virtualization, hyperconverged infrastructure, and private cloud that reduce the dependency on hardware, East-West traffic has seen a sharp rise in the last few years.

Zero Trust and network traffic security perimeters

In general, North-South traffic is considered more dangerous because it comes from outside the perimeter. For this reason, businesses often invest in security models that focus on North-South traffic security. However, there is a large amount of traffic generated within the internal security perimeter, and the entities and resources trusted within the physical boundary of a data center may not always be secure. Your biggest security loopholes could be your own APIs and applications. Insider threats are dangerous since you may not know you are under attack until you are affected. This means there is massive underinvestment in East-West segmentation.

The significance of Zero Trust

While distinctions can be made for management purposes, the same can't be said for security measures—there is no traffic that can be trusted. Malware that has entered the data center network through the North-South perimeter can infiltrate and affect the whole East-West perimeter.

Implement Zero Trust models that establish strict standards to verify and then trust. Insert these principles into all work segments so you keep your data centers secure.

Perform in-depth monitoring across perimeters to identify malicious activity, search context for every event, investigate threats, and implement preventive measures.