Segmentation is a method of creating secure zones in data centers and cloud deployments that allows companies to isolate workloads from one another and secure them individually, typically using policies. A useful way to test the effectiveness of your segmentation is to ensure that your network segments are properly separated, e,g, your Development is separated from your Production, your applications are separated from one another etc. To security test is to verify that your network segmentation is configured properly. This way you make sure that even if a certain attacker has breached your defenses, it can’t move laterally from point A to point B.
Segmentation is key to protecting your network, reducing the attack surface and minimizing the damage of a breach. The Monkey can help you test your segmentation settings with its cross-segment traffic testing feature.
Execute Monkeys on machines in different subnetworks manually, by choosing “1. Run Monkey” from the left sidebar menu and clicking on “Run on machine of your choice”. Alternatively, you could provide valid credentials and allow Monkey to propagate to relevant subnetworks by itself.
Note that if Monkey can’t communicate to the Island, it will not be able to send scan results, so make sure all machines can reach the island.
Check infection map and security report for segmentation problems. Ideally, all scanned nodes should only have edges with the Island Server.