Week 10 Network Management and Infrastructure Cantwell
Network segmentation is one of those security practices that seems simple at first, but the more I think about it, the more important it becomes. To me, the most important reason for dividing a network is to limit how far a threat can spread if something goes wrong. No network is perfect, and no organization can guarantee that an attacker, infected device, or careless mistake will never get past the first layer of defense. Because of that, segmentation works like a set of internal barriers. If one part of the network is compromised, the attacker should not automatically have access to everything else. This is especially important when thinking about ransomware and other modern attacks. If a company has one flat network where every system can communicate freely, then one infected workstation could possibly reach file servers, databases, printers, point-of-sale systems, security cameras, or administrative systems. That creates a much bigger problem than just one infected computer. ...