When you implement Zero Trust micro-segmentation, all ingress/egress traffic hitting your virtual NIC cards will be compared against a configured list of firewall policies. The packet will be dropped if there is no rule matching the specific traffic flow. A default deny rule at the end ensures that all unrecognized traffic is denied at the vNIC itself. From a security perspective this is called whitelisting or a positive security model , whereby only things that are specifically allowed are accepted—everything else is rejected. ...
© Sreejith Keeriyattil 2019
S. KeeriyattilZero Trust Networks with VMware NSXhttps://doi.org/10.1007/978-1-4842-5431-8_22. Microsegmentation and Zero Trust: Introduction
Sreejith Keeriyattil1
(1)
Bengaluru, Karnataka, India
Get Zero Trust Networks with VMware NSX: Build Highly Secure Network Architectures for Your Data Centers now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
