North South network traffic vs East West


The data center, whether on-premises, in the cloud, or as a hybrid mix of both, is a network of computing and storage resources that enable the delivery of shared applications and data critical to the survival of your business. For that reason, protecting the data center from cyber-threats is of paramount importance to every enterprise. 

Secure Your Data Flow from Bad Actors 

Data center protection begins with securing network traffic, a common entry point for bad actors. At its simplest, network traffic is the movement of data across a network performed by components (application server, database, etc.) inside a data center to fulfill a request for content by a client (a user or another server). When we talk about network traffic, whether that data flows inside your network or outside of your network, it is the data flow that matters.   

Data center network traffic moves in two directions: North South network traffic and East West. North South network traffic refers to traffic flowing into (south) and out of the datacenter (north).  East West traffic, also known as lateral traffic, is the traffic from one server to another inside your network.   

Historically, organizations focused on perimeter protection to secure against North South network traffic. By default, external North South traffic was deemed untrustworthy. For internal East West traffic, organizations used the “trust but verify” model. 

What is the Zero Trust Security Model? 

In 2009, John Kindervag,i a former Forrester analyst, introduced the Zero Trust security model.  The Zero Trust security model is based on the premise that neither North/South nor East/West traffic can be trusted. While the Zero Trust model was applauded as an ideal security concept, many CIOs feared that the complexity of implementing it would outweigh the benefits. However, with East/West network traffic growing exponentially due to application modernization, and as alarming new statistics for insider threats continue to surface, East/West has become the new North/South. Finding an easy way to implement Zero Trust is now a critical strategy for most CIOs and CSOs. 

Just the Stats 

The size, frequency and cost of East/West threats are steadily increasing: 

  • 66% of organizations consider malicious insider attacks or accidental breaches more likely than external attacks 
  • Over the last two years, the number of insider incidents has increased by 47% 
  • The cost of insider threats (related to credential theft) for organizations in 2020 is $2.79 million 
  • Insider threat stats reveal that more than 70% of attacks are not reported externally 
  • The percentage of insider incidents perpetrated by trusted business partners has typically ranged between 15% and 25%ii 

Modernization Drives New Security Needs  

If you are like most enterprises today, you are actively replacing monolithic, inflexible applications with many smaller, nimbler microservices. Each microservice is essentially a micro-application that needs to communicate with other micro-applications. Your data center is now more complex so that it can flex and growth as your company grows. It is no longer a set of on-premises servers in the same physical location. It is spread out across multiple data centers, the edge, and private and public clouds. 

Your company’s application modernization and digital transformation efforts, while necessary to make your business more agile and competitive in your market, exponentially increase the amount and complexity of lateral (East West) application-to-application traffic inside your data center. The unfortunate by-product of progress is more opportunities for insider attacks and accidental breaches.