Policy Based Management Network Security Zoning Network Security Zoning Network Security Zoning Security Zoning for Virtualized Environments Payment Card Industry Data Security Network Segmentation Policy Based Management


Technology
Home arrow Technology arrow Logical Security Zones

Logical Security Zones Based on Identity

Logical-Isolation-Zones_tn.jpgLogical security zones offer a superior, software-based alternative to traditional network segmentation accomplished through network firewalls, VLANs and NAC. They enable large, flat organizational networks to be separated into separate security communities without reconfiguring the network and without regard to physical location of systems. End users and systems are assigned membership into one or more logical security zones, creating a flexible, layered security approach within the network.  

Logical security zones can be based on end users, end user groups, IP addresses or ports - almost any factor.


An Alternative to Traditional Network Segmentation
EpiForce® Security software enables logical security zones to be created, moved or modified without any need to physically reconfigure the network. It controls access to logical security zones and dictates which users and systems can communicate with each other – at the machine or port level. EpiForce lets security administrators implement, enforce and centrally manage security policy for every user, server and client on a network – regardless of their physical location.

With EpiForce, logical security zones can span physical and geographic boundaries. Users and systems can belong to one or many zones. Membership in a logical security zone is persistent and does not cease when a user or system is physically relocated, providing organizations the flexibility to meet their needs.

Convenient Central Administration
Logical security zones are centrally managed through one or more administration consoles, enabling zones and security policies for the entire EpiForce deployment to be modified with only a few mouse clicks.

Some use cases include:

  • A technology company has offshore developers from multiple countries that work alongside local employees. To enable teamwork while protecting servers outside of development, a logical security zone is created to include the offshore developers, local employees and applicable development servers. The development team is now fully isolated from the rest of the internal network regardless of where the work actually takes place.

  • A manufacturing company has invested heavily to ensure its production environment meets legal regulations, but production servers reside on the same network as other unregulated machines. A logical security zone could be created to include all production users and servers, isolating the production environment from the rest of network without reconfiguring a single device on the physical network.

  • A retailer processes millions of credit card transactions through its stores, and knows it will be under increased scrutiny to comply with regulations protecting credit card information (PCI-DSS). To narrow the scope of their compliance audit, the retailer could place all servers with credit card information in a logical security zone. The systems touching credit card data are now completely isolated from the rest of the network, regardless of where the credit cards are scanned.

 


 



 
What is EpiForce? | Who Needs EpiForce? | Technology | Resources | Partners | About Us | Free Trial | Sitemap   Privacy Policy   ©2010 Apani, All rights reserved.