Network Segmentation as a Defense Mechanism for Securing Enterprise Networks

Article Sidebar

PDF
Published: Dec 24, 2020
DOI: https://doi.org/10.61841/turcomat.v11i3.14942
Keywords:
Network Segmentation, Cybersecurity, Enterprise Networks, Defense Mechanism, Network Security

Main Article Content

Niranjan Reddy Kotha

Abstract

Network segmentation is a critical cybersecurity strategy that involves dividing a network into smaller, isolated segments or subnetworks to enhance security and improve network performance. By limiting access to sensitive data and systems, network segmentation reduces the attack surface and prevents  lateralmovement by malicious actors within an enterprise network. This research article examines the role of network segmentation as a defense mechanism in securing enterprise networks. It explores the methodologies, benefits, and challenges associated with implementing network segmentation. The study employs a mixed-methods approach, including a comprehensive literature review and analysis of real-world case studies, to assess the effectiveness of network segmentation in mitigating cyber threats. The findings highlight that while network segmentation significantly enhances security posture by containing breaches and restricting unauthorized access, it also presents challenges such as increased complexity and management overhead. The paper concludes with recommendations for best practices in implementing network segmentation to bolster enterprise security

Downloads

Download data is not yet available.

Metrics

Metrics Loading ...

Article Details

How to Cite
Kotha, N. R. . (2020). Network Segmentation as a Defense Mechanism for Securing Enterprise Networks. Turkish Journal of Computer and Mathematics Education (TURCOMAT), 11(3), 3023–3030. https://doi.org/10.61841/turcomat.v11i3.14942
Issue
Vol. 11 No. 3 (2020)
Section
Original Article
Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

You are free to:

  1. Share — copy and redistribute the material in any medium or format for any purpose, even commercially.
  2. Adapt — remix, transform, and build upon the material for any purpose, even commercially.
  3. The licensor cannot revoke these freedoms as long as you follow the license terms.

Under the following terms:

  1. Attribution — You must give appropriate credit , provide a link to the license, and indicate if changes were made . You may do so in any reasonable manner, but not in any way that suggests the licensor endorses you or your use.
  2. No additional restrictions — You may not apply legal terms or technological measures that legally restrict others from doing anything the license permits.

Notices:

You do not have to comply with the license for elements of the material in the public domain or where your use is permitted by an applicable exception or limitation .

No warranties are given. The license may not give you all of the permissions necessary for your intended use. For example, other rights such as publicity, privacy, or moral rights may limit how you use the material.

Crossref
Scopus
Google Scholar
Europe PMC

References

J. P. Anderson, "Computer Security Technology Planning Study," Air Force Electronic Systems Division, 2018.

N. Gruschka et al., "Demystifying Network Segmentation: Planning and Operational Challenges," IEEE Security & Privacy, vol. 16, no. 2, pp. 12-20, 2018.

R. Housley and W. Ford, "Internet Security and Privacy," Proceedings of the IEEE, vol. 106, no. 5, pp. 892-910, 2018.

S. Z. Kokolaki, M. Karaliopoulos, and I. Stavrakakis, "Optimal Network Segmentation in Content-Centric Networks," IEEE Transactions on Network and Service Management, vol. 15, no. 3, pp. 1051-1065, 2018.

NIST Special Publication 800-125B, "Secure Virtual Network Configuration for Virtual Machine (VM) Protection," National Institute of Standards and Technology, 2016.

D. R. Kuhn, V. C. Hu, W. T. Polk, and S. Chang, "Introduction to Public Key Technology and the Federal PKI Infrastructure," NIST Special Publication 800-32, 2016.

J. López and J. E. Rubio, "Access Control Models for the Internet of Things: A Survey," IEEE Communications Surveys & Tutorials, vol. 20, no. 3, pp. 1777-1797, 2018.

M. Bishop, "Computer Security: Art and Science," Addison-Wesley Professional, 2018.

ISO/IEC 27033-1:2015, "Information technology — Security techniques — Network security — Part 1: Overview and concepts," International Organization for Standardization, 2015.

R. R. Sarangapani, "Cyber Security and Privacy: Bridging the Gap," IEEE Potentials, vol. 37, no. 6, pp. 6-7, 2018.

K. Scarfone and P. Mell, "Guide to Intrusion Detection and Prevention Systems (IDPS)," NIST Special Publication 800-94, 2018.

A. Shostack, "Threat Modeling: Designing for Security," Wiley, 2018.

S. Karnouskos, "Secure Network Segmentation: Lessons from Critical Infrastructures," IEEE Transactions on Industrial Informatics, vol. 14, no. 8, pp. 3524-3533, 2018.

PCI Security Standards Council, "PCI DSS Requirements and Security Assessment Procedures," Version 3.2, 2016.

R. M. Savola and H. Abie, "On-line and Off-line Security Measurement Framework for Networked Systems," International Journal on Advances in Security, vol. 10, no. 1, pp. 1-18, 2017.