From the course: AWS Certified Security - Specialty (SCS-C02) Cert Prep

Unlock this course with a free trial

Join today to access over 24,900 courses taught by industry experts.

Network segmentation

Network segmentation - Amazon Web Services (AWS) Tutorial

From the course: AWS Certified Security - Specialty (SCS-C02) Cert Prep

Start my 1-month free trial Buy for my team

Network segmentation

- [Instructor] Let's take a look at a castle for a network segmentation example. A castle would divide its grounds into separate zones. There would be an armory, royal chambers; those would be heavily guarded because of the importance of those particular parts of the castle. A kitchen doesn't need as much protection. And there are the gates between the control of the flow of people. And in terms of segmentation, it increases security and would reduce the risk. So an intruder getting into the kitchen can't readily access more sensitive zones, so the damage is contained. So computer networks are very similar, because you can divide the network into segments isolated by the firewalls. Public-facing web servers go in an outer zone called a DMZ, and inner zones hold the sensitive data, like customer records, and segmentation controls access between those zones. So this would limit an attacker's ability to move laterally and cause wider damage. And the users and devices would only interact…

Contents