Network Segmentation and Microsegmentation.

Software Defined Microsegmentation with Hardware Acceleration for Operationally Scalable Zero Trust Environments

Segmentation and Microsegmentation

Segmentation and Microsegmentation provide tools to create zones in cloud data center environments to isolate east-west traffic workloads and tenants based on defined rules. Because cyber-attackers have become more sophisticated and often penetrate perimeter firewalls, segmentation puts up barriers to slow or prevent lateral attacks once the bad actor is inside. With segmentation and microsegmentation, Cloud operations teams can deploy a Zero Trust network to reduce or eliminate cyber attacks.

Features and Benefits

Segmentation

In switch only environments the Unified Cloud Fabric provides robust network segmentation that leverages the VXLAN overlay and network constructs such as VLANs, Bridge Domains and especially distributed VRFs to create segments based on certain rules. All routing between segments can be disallowed or whitelist rules can be set up using the Pluribus Virtual Service Group (vSG) functionality which allows route leaking for authorized traffic between segments.

Microsegmentation

With microsegmentation, system administrators can tag applications that should be part of a microsegment and enable a Zero Trust environment at the workload level for all east-west traffic inside a server, between servers, between racks or between clouds. While microsegmentation can be implemented with traditional networking protocols and methods, it is cost prohibitive from an operational perspective. Leveraging the power of the SDN-automated Unified Cloud Fabric extended to DPUs installed in the host servers, microsegmentation can be easily software defined and hardware accelerated. This dramatically reduces the attack surface and improves breach containment.

Cost Effective, Operational Simple and Hardware Acceleration Microsegmentation

Unlike standard solutions that run microsegmentation on the host in the hypervisor which both consumes revenue generating CPU cycles and often delivers underperformance, the Unified CLoud Fabric leverages industry-leading DPUs enabling the definition of microsegmentation policies in software, distribution of those policies to all DPU-enabled hosts via the SDN fabric, and hardware-accelerated performance without compromise.

Pervasive Visibility

With the ability to see DDoS and APDoS and many other attacks, east/west networking solutions supported by Pluribus’ Unified Cloud Fabric helps to optimize all facets of your company’s operations by providing multilayered security. With our FlowTracker telemetry functionality built into the Unified Cloud Fabric, you see every flow that traverses the fabric.

Resources

Ready to improve your Data Center Network security?