North-South Traffic

North-south traffic is the movement of data packets that are initially entering a network from the outside. These packets may have exited a different network, such as the public Internet or a data center, before entering the current one. North-south network traffic is typically monitored by a firewall, the traditional method of accessing a network. Firewalls are installed within a network perimeter the outer border that transmissions must pass to enter the network to filter packet requests and allow or block requests. Certain configurations placed by IT teams or the network service provider control what traffic is permitted to pass.

Either hardware, installed at the network gateway, or software, installed on one computer or server, are considered standard protection to process north-south traffic for a network or device. But cyber attacks have become much more sophisticated over the past decade, and hackers have found ways to bypass the firewall or perimeter entirely.

Viewing network traffic as only north-south makes your network vulnerable

Social engineering is one of the most popular methods that attackers use to breach a network. If they convince an employee to download a malicious link in an email, the malware that then embeds itself in the device gives the attacker a pathway into the company network. Or victims may unwarily enter their username and password into a spoofed site, resulting in stolen credentials. Smart devices are another path to bypass the firewall; the Internet of Things includes items such as sensors, lights or refrigerators that aren’t protected in the same way as computers and phones. If an attacker is able to access an IoT device on a private network, they can then continue moving through the network. Even small businesses, not just high-revenue corporations with sensitive data, are being targeted by international government-supported cyber attackers from other countries.

Simply put, viewing network traffic monitoring as only a north-south (or in-and-out) pattern is outdated and dangerous. As attacks become more sophisticated, so must network security. Many organizations are realizing this and paying closer attention to east-west traffic (also known as internal traffic or lateral movement). Attackers that bypass the initial network gateway and move within the network, or laterally, will be able to access sensitive data and cost an organization money and reputation if those segments of the network (such as applications or servers) aren’t also secured.






Jenna Phipps
Jenna Phipps
Jenna Phipps is a writer for Webopedia.com, Enterprise Storage Forum, and CIO Insight. She covers data storage systems and data management, information technology security, and enterprise software solutions.

Top Articles

List of Windows Operating System Versions & History [In Order]

The Windows operating system (Windows OS) refers to a family of operating systems developed by Microsoft Corporation. We look at the history of Windows...

How to Create a Website Shortcut on Your Desktop

Website Shortcut on Your Desktop reviewed by Web Webster   This Webopedia guide will show you how to create a website shortcut on your desktop using...

What are the Five Generations of Computers? (1st to 5th)

Reviewed by Web Webster Each generation of computer has brought significant advances in speed and power to computing tasks. Learn about each of the...

Hotmail [Outlook] Email Accounts

Launched in 1996, Hotmail was one of the first public webmail services that could be accessed from any web browser. At its peak in...

Ryuk Ransomware

The Ryuk ransomware is a strain of malware that attempts to infect and...

Snowflake Certification

Snowflake is a data management platform that offers data management and data warehouse...

RIA Software

RIA software helps Registered Investment Advisers (RIAs) and financial advisory firms track client...