IPset Network Segmentation Virtual Tunnel Interface (VTI) Encapsulating Security Payload (ESP) Network Address Translation (NAT) Source/Destination Check Subnet TLS Cipher Suite VPC 3DES Advanced Encryption Standard Autonomous System Border Gateway Protocol CIDR Clientpack Destination NAT Diffie-Helman Encryption Internet Key Exchange (IKE) IP Forwarding Maximum Transmission Unit (MTU) Network Sniffer OpenVPN Overlay Network Perfect Forward Secrecy (PFS) Security Association (SA) SHA SNMP Transmission Control Protocol (TCP) Transport Layer Security (TLS) User Datagram Protocol (UDP) VNS3 Peer VNS3 Routing Agent Wireguard Workforce Service Edge x509 Certificate Ipsec

Network Segmentation

Network segmentation is a secure partitioning of networks such that network segments have tightly controlled access to eachother. For instance, a network can be segmented such that traffic from network partition A can’t reach network partition B.

Modern network design requires network segmentation to properly secure network environments. For instance, application A should only have network access to those services it relies on, say service B and C. This can be accomplished by segmenting your production network such that service’s B and C maintain a whitelist for applications using them. Network segmentation can be implemented in a number of ways. One way is with IPsets.