What COVID-19 Teaches Us About Micro-Segmentation and Run-Time Cloud Workload Protection

What COVID-19 Teaches Us About Micro-Segmentation and Run-Time Cloud Workload Protection

This article outlines the similarities and differences between the COVID-19 travel ban, micro-segmentation, and run-time cloud workload protection. What COVID-19 Teaches us about Micro-Segmentation and run-time Cloud Workload protection.

This article outlines the similarities and differences between the COVID-19 travel ban, micro-segmentation, and run-time Cloud Workload Protection.

What COVID-19 Has to Do With Network Security

The Coronavirus has been the top celebrity of the year 2020. The world was and is fighting this pandemic and travel limitations are widely used in order to control the spread of the disease. While some say these restrictions are critical, others claim them to be ineffective and redundant. I am not an epidemiologist and will leave that analysis to the experts. I am, however, a software architect and cannot resist comparing travel restrictions to one of the most common ways of securing network architectures – Micro-segmentation.

In many ways, software malware and biological viruses are similar (that is why they are called computer viruses) - both try to spread in a network and infect as many subjects as they can. If we accept this simple analogy, micro-segmentation can make a lot of sense; it is the equivalent of banning incoming flights from China, and it is aimed at making sure that if some part of the organization is affected, the infection cannot spread to other parts of the organization.

The Similarities and Differences Between the Travel Ban and Micro-Segmentation

Just like travel restrictions, micro-segmentation has its pros and cons. It can be efficient in avoiding propagation of an attack throughout the network, but it comes at a price – it is hard to maintain and control, it needs to be constantly updated based on changes in the environment, and it reduces the environment flexibility significantly (think about the travel ban economic impact).

Micro-segmentation also has a major difference from travel bans – we cannot deploy it AFTER we know about infection, it is configured on a healthy network to prevent FUTURE infections. Think about it this way – what travel limitation would you put permanently, even if COVID-19 never existed, just to avoid a potential outbreak of a future virus? What ends up happening is that we use micro-segmentation to enforce service behavior, rather than to control proportion, and the question is whether that is the right tool for the task.

As we dig deeper into the analogy and examine some limitations we have in confronting the Coronavirus, we must ask ourselves whether the same limitations apply to cloud workloads and whether we can take better actions in our cloud environments than what is available for our governments in the Coronavirus case.

These are the key reasons governments must resort to travel bans:

  • It is impossible to check each person before they enter the country – detection is not scalable
  • Someone may show symptoms of Coronavirus without really being infected - detection is not deterministic
  • There is a lag in time between infection and detection - detection is not immediate

kubernates devop cloudsecurity microservice

Bootstrap 5 Complete Course with Examples

Bootstrap 5 Tutorial - Bootstrap 5 Crash Course for Beginners

Nest.JS Tutorial for Beginners

Hello Vue 3: A First Look at Vue 3 and the Composition API

Building a simple Applications with Vue 3

Deno Crash Course: Explore Deno and Create a full REST API with Deno

How to Build a Real-time Chat App with Deno and WebSockets

Convert HTML to Markdown Online

HTML entity encoder decoder Online

How to Extend your DevOps Strategy For Success in the Cloud?

DevOps and Cloud computing are joined at the hip, now that fact is well appreciated by the organizations that engaged in SaaS cloud and developed applications in the Cloud. During the COVID crisis period, most of the organizations have started using cloud computing services and implementing a cloud-first strategy to establish their remote operations. Similarly, the extended DevOps strategy will make the development process more agile with automated test cases.

What Is DevOps and Is Enterprise DevOps Any Good?

What is DevOps? How are organizations transitioning to DevOps? Is it possible for organizations to shift to enterprise DevOps? Read more to find out!

DevOps Basics: What You Should Know

What is DevOps? What are the goals it helps achieves? What are its benefits? This article has answers!

Why You Should Be Adopting a DevOps Culture in 2020 - DZone DevOps

The year 2020 has arrived, and its arrival brings a lot of innovations and transformations in the Information and Technology (IT) sector to DevOps technologies.

Measuring DevOps Metrics: A How-To Guide

DevOps is supposed to help streamline the process of taking code changes and getting them to production for users to enjoy. But what exactly does it mean for the process to be "streamlined"? One way to answer this is to start measuring metrics.