ShieldX, a leader in elastic security, announced today the integration of its ShieldX Elastic Security Platform (ESP) with the new Amazon Virtual Private Cloud (Amazon VPC) Ingress Routing. Amazon Web Services (AWS) customers using ShieldX can now benefit from comprehensive network security to protect North/South as well as East/West traffic flows.
Traffic in the data center generally flows in two directions. “North/South” traffic is limited to traffic that enters and exits the data center. “East/West” traffic, on the other hand, flows between DC devices, applications and workloads, and never leaves the data center.
Amazon VPC Ingress Routing is a service that helps customers simplify the integration of network and security appliances within their network topology. With Amazon VPC Ingress Routing, customers can define routing rules at the Internet Gateway (IGW) and Virtual Private Gateway (VGW) to redirect ingress traffic to third-party appliances, before it reaches the final destination. This makes it easier for customers to deploy production-grade applications with the networking and security services they require within their Amazon VPC. With this enhancement, customers can now associate route tables with the internet gateway and virtual private gateway to redirect ingress traffic through ShieldX to protect North/South traffic.
Moreover, ShieldX recently announced its ability to monitor, inspect and block malicious East/West traffic—also known as lateral movement or lateral spread. With ShieldX, enterprises can now, for the first time, monitor and prevent lateral movement inside the cloud as well as block detected threats in North/South traffic flows.
“Only ShieldX eliminates a significant management and security challenge, by providing a full range of security controls, including visibility into the movement of attacks and data between applications within the cloud, as well as in traffic coming from the outside,” said Ken Levine, ShieldX CEO. “Only ShieldX’s security capabilities provide users the ability to view traffic, identify anomalies and block attacks inside and outside of Amazon VPCs and subnets. It also vastly improves the company’s leading microsegmentation capabilities by giving the industry an option to help enterprises eliminate a flat network and perform threat prevention with deep packet inspection as organizations move to the public cloud.”
With this integration, security teams with enterprise data centers in AWS gain the following benefits:
- Continuous application discovery as the infrastructure changes
- Full traffic visibility into their cloud data centers
- Intent based grouping, application tiering and security policy generation
- Coverage across layers 3 to 7
- Agentless protection that does not change applications
Additional Protections against:
- Exploits used by attackers or worms
- Propagation of malware
- Anomalous behavior of workloads
- Sensitive data movement and anomalies