DYNAROSE Micro Segmentation

With the rise and application of new technologies such as cloud computing and mobile office, enterprise network architectures and business models have undergone major changes, which poses new challenges to traditional security protection models. The popularity of cloud computing has blurred internal physical boundaries. As hacker attacks become more sophisticated, attacks such as ransomware have posed a huge challenge to external threats. DYNAROSE MSG combines micro-isolation technology with adaptive technology to control fine-grained access between workloads through software-defined methods, and can adaptively adjust security policies according to dynamic changes in business. It is suitable for cloud hosts, container environments, etc., to help users build a zero trust system within data centers. Workload tagging management: refers to asset management capabilities that identify workload entities through multi-dimensional tags (such as location, environment, application, role, etc.) based on the business attributes of the workload. Tagging is the basic ability to visualize business-based traffic exchange, business-oriented access control, and adaptive policy calculation. Visual analysis of business connections: Workload connection information is learned, collected, and statistically analyzed, and graphically presented as an easy-to-understand east-west traffic access model. This function mainly solves the problem of managers not being able to see and sense east-west traffic in data centers. It also supports establishing business access baselines and deploying access control policies. Fine-grained access control of east-west traffic: Based on a policy management model of a micro-isolation system, access control rules based on business roles are formulated for east-west traffic between workloads. The feature defines complex east-west traffic policies through descriptions closer to natural language, and enables a zero-trust control model that decouples security policies and infrastructure. Global policy adaptive calculation: Through an adaptive policy calculation engine, security policies that match their business role are automatically adjusted in real time according to changes in workload. In cloud-based data center scenarios with large workloads and frequent asset changes, this capability is mainly used to ensure the efficient update and synchronization of security policies in the face of business updates and changes.