In this video, Prof. Wool introduces microsegmentation: reasons for segmenting the data center, challenges, required steps when deploying a microsegmentation strategy, and how to future-proof your policies
Thank you very much, Professor. Your video is very precise and to the point. It provides the context in a very easy-to-learn language, and ways to approach the implementation of Micro-segmentation in your environment.
This is a great explanation. As a network engineer I've seen many admins and CTO's struggle with getting a handle on the same flows and data requirements you mentioned. It's a great discovery process and exciting to me as an engineer... CTO's....not so much :)
@@avishaiwool5457 what's the best way to connect with you? LinkedIn or email? I would love to share the slide deck I prepared taking a cue from your lecture too. I teach the MBA IT Business Management students who opt for Information Security Management as a specialization.
I didn't make this presentation. But I can try to explain: VLAN segmentation are for larger subnet or VLANS containing groups of host with similar functionality. Like Printers, IOT, Dev, PCI, etc... MicroSegmentation, is doing the same, but at a lower level, this is around each physical or virtual L3 Switch port (at least that is how I see it), basically doing this control on a host port basis, so that each node can't reach or be a risk for the other hosts on the same VLAN/subnet. There seldom any reason why they should be allowed to reach each other. Most often they need to be reached from other Client / server VLAN's. The "devil is in the details" of creating this policy. Doing this correctly makes it harder for adversaries to move latterly in your org.
@@stianmaurstad thank you for this explain. I gather VLAN, subnet approach doesn't extend to the hybrid environment in the modern-day application architecture and underlying infrastructure. You really need controls at Layer 7 and above. - Infrastructure - Containerized Workloads - Identity etc.
Thank you very much, Professor. Your video is very precise and to the point. It provides the context in a very easy-to-learn language, and ways to approach the implementation of Micro-segmentation in your environment.
This is a great explanation. As a network engineer I've seen many admins and CTO's struggle with getting a handle on the same flows and data requirements you mentioned. It's a great discovery process and exciting to me as an engineer... CTO's....not so much :)
Thanks for the comment, and glad you found the video valuable.
thank you professor
Thank you very much Professor Wool. The video was indeed helpful.
Thank you, happy you've found it helpful.
@@angelinagokhale6039 That's great to hear! What class do you teach?
@@avishaiwool5457 what's the best way to connect with you? LinkedIn or email? I would love to share the slide deck I prepared taking a cue from your lecture too. I teach the MBA IT Business Management students who opt for Information Security Management as a specialization.
@@avishaiwool5457 Prof. Wool, I have sent you a request on LinkedIn. Hoping to connect there.
thanks ,good video
Amazing
Thank you very much
Thanks for the video. But I still don't understand what the difference is between microsegmentation and regular segmentation using VLANs and subnets.
I didn't make this presentation. But I can try to explain: VLAN segmentation are for larger subnet or VLANS containing groups of host with similar functionality. Like Printers, IOT, Dev, PCI, etc... MicroSegmentation, is doing the same, but at a lower level, this is around each physical or virtual L3 Switch port (at least that is how I see it), basically doing this control on a host port basis, so that each node can't reach or be a risk for the other hosts on the same VLAN/subnet. There seldom any reason why they should be allowed to reach each other. Most often they need to be reached from other Client / server VLAN's. The "devil is in the details" of creating this policy. Doing this correctly makes it harder for adversaries to move latterly in your org.
@@stianmaurstad thank you for this explain. I gather VLAN, subnet approach doesn't extend to the hybrid environment in the modern-day application architecture and underlying infrastructure. You really need controls at Layer 7 and above.
- Infrastructure
- Containerized Workloads
- Identity etc.
Professor SnoopDogg !