Segmentation is a method of creating secure zones in data centers and cloud deployments that allows companies to isolate workloads from one another and secure them individually, typically using policies. A useful way to test the effectiveness of your segmentation is to ensure that your network segments are properly separated, e,g, your Development is separated from your Production, your applications are separated from one another etc. Use the Infection Monkey to verify that your network segmentation is configured properly. This way you make sure that even if a certain attacker has breached your defenses, it can’t move laterally between segments.
Segmentation is key to protecting your network, reducing the attack surface and minimizing the damage of a breach. The Monkey can help you test your segmentation settings with its cross-segment traffic testing feature.
Execute Monkeys on machines in different subnetworks using the “Manual” run option.
Note that if Monkey can’t communicate to the Island, it will not be able to send scan results, so make sure all machines can reach the island.
Check infection map and security report for segmentation problems. Ideally, all scanned nodes should only have edges with the Island Server.