What Is a Data Center Best Practice Security Policy?
Protect all north-south and east-west traffic flows and
prevent attackers from getting into your data center and executing
malware or exfiltrating data.
A data center best practice security policy protects
your own company’s valuable data, protects the confidentiality of
your customers, partners, and vendors, protects the integrity of
your network and business operations as a whole, and helps ensure
the constant availability of the network. It protects against attacks
that originate outside or inside the network, along all attack vectors.
A data center best practice security policy protects four traffic
flows (areas from which connections are initiated):
- Local user traffic flowing into the data center.
- Traffic flowing from the internet to the data center.
- Traffic flowing from the data center to the internet.
- Intra data center traffic flowing between servers or VMs, also
known as east-west traffic.
A data center best practice security policy prevents attackers
from gaining a foothold in your data center and prevents any attacker
who manages to breach the data center from exfiltrating data or
moving laterally within the network to compromise critical servers.
It prevents both known and unknown threats by implementing security policy
rules to achieve best-practice goals that are aligned with your
business requirements. It:
- Identifies applications regardless of port, protocol, or
evasive technique, including by decrypting encrypted traffic.
- Identifies and controls users regardless of IP address, location,
or device.
- Protects against known and unknown application-borne threats
and vulnerabilities.
- Detects abnormal behavior that may indicate an attack is in
progress.
A data center best practice security policy also catches intruders
when they violate a policy rule. Violating a rule stops the attack
because the violation causes the next-generation firewall to deny
access and logs the violation so you can investigate the issue and
take appropriate action.
