DOI: 10.17587/prin.12.443-449

High-Granular Micro-Segmentation in Campus Networks based on Downloadable Access Control Lists

D. S. Khleborodov , dkhleborodov@gmail.com, Business Ecosystems, Skolkovo, Russia Territory of the Skolkovo innovation center, Moscow, 143026, Russian Federation

Corresponding author: Khleborodov Denis S., PhD in Physics and Mathematics, CEO, Business Ecosystems, Skolkovo, Russia Territory of the Skolkovo innovation center, Moscow, 143026, Russian Federation, E-mail: dkhleborodov@gmail.com

Micro-segmentation of local networks is an important element of network security. The main goal of micro-segmentation of network is to reduce a risk of compromising hosts during a cyber-attack. In micro-segmented networks, if one of the hosts has been compromised, the malicious code or attacker will be limited in the "horizontal" actions by the micro-segment to which the compromised host belongs. Existing methods of micro-segmentation of networks have operational drawbacks that impede their effective practical application. This article presents a new method of micro-segmentation of local wired and wireless networks based on downloadable and wireless access control lists, which allows to achieve a high level of granularity of network access policies by minimizing the microsegment, along with high operational characteristics.

Keywords: network segmentation, network micro-segmentation, ACL, wireless ACL, dACL, wACL, downloadable access control lists, wireless access control lists

pp. 443–449

For citation:
Khleborodov D. S High-Granular Micro-Segmentation in Campus Networks based on Downloadable Access Control Lists, Programmnaya Ingeneria, 2021, vol. 12, no. 9, pp. 443– 449.