3-line summary

• Akamai Guardicore Segmentation (AGS), provided by Akamai, provides effective "micro-segmentation" as a measure against ransomware.
• Our engineers have obtained vendor qualifications (GCSA/GCSE) and are holding regular seminars based on the knowledge they gained.
• An easy-to-understand explanation of microsegmentation using familiar examples, and the appeal of AGS

Introduction

Although measures against ransomware have improved, the damage caused by it continues and the situation remains serious.
"Microsegmentation" is gaining attention as a solution to this problem.

We have started handling Akamai's microsegmentation product "AGS", and several of our engineers have obtained vendor qualifications.

In this article, we share our findings.

The Challenges of Ransomware: Why are the Damages So Constant and So Large-Scale?

One reason why the damage caused by ransomware is so constant and large-scale is that many of the current ransomware countermeasures are aimed at preventing attackers from "infiltrating" a system, and do not take into consideration preventing the "spread" of damage after infiltration.

To put it in perspective, many of the current ransomware countermeasures are like a resident of an apartment building with an autolock system who relies on the autolock to not lock the front door to his or her home.

Auto-locking systems cannot completely prevent suspicious people from entering an apartment, and if the front door to your home is left unlocked, suspicious people can enter your room and steal or damage things.

It is difficult to completely prevent attackers from infiltrating a network, and once an attacker has infiltrated, they will explore the network and repeatedly move laterally, ultimately encrypting, destroying, or stealing data, causing large-scale damage.

Prevent the damage from spreading! - That's micro-segmentation "Akamai Guardicore Segmentation"

For example, if you live in an apartment building with an automatic lock, you can prevent the damage from spreading by locking each room.

The concept of "microsegmentation" is the same.
As shown in the diagram below, the network is segmented (divided into rooms) by application, etc., to limit unnecessary communication.

Akamai's AGS is a solution that realizes the microsegmentation introduced here.
In the next chapter, we will take a closer look at this topic based on what we learned at Akamai's seminars and vendor qualification exams.
Come and experience the world of AGS together!

Visualizing it is fun! - Understanding the world of networks with AGS

The first thing that surprised me about AGS was how it was able to visualize communications in a very easy-to-understand way.
I found it very interesting because it clearly visualizes the entire network, including how many devices are in the network, what kind of communication the devices are having with each other, and what process that communication is taking place.

In addition, the 2-3 hours of hands-on training gave me a good grasp of how to operate the AGS.
AGS operation mainly consists of the following three steps.

• Check the network
  Check the network status from the management screen.
• Mapping (Labeling)
  Map devices by role, such as application. There is also a convenient function to set them all at once using IP address (CIDR) information.
• Create a policy
  Create policies to control communications. There is also a convenient function that allows you to create policies based on actual communications data using templates.

The hands-on training is conducted in Akamai's test environment, and participants are given the opportunity to freely try out various functions based on practical tasks, deepening their understanding of AGS.

This content is ideal for anyone who has the opportunity to operate the management screen during operations or construction, as well as for anyone who wants to deepen their understanding of AGS (microsegmentation).

At Macnica Solutions, we also hold hands-on training sessions on a regular basis, so if you're even slightly interested, please feel free to join us!
Please see here for the specific schedule.

The journey to AGS Master - GCSA/GCSE

Akamai also provides content to help you learn more about AGS.

GCSA/GCSE is a vendor qualification provided by Akamai, and in addition to learning how to use AGS, you can learn a wide range of content from the introduction to operation of AGS, including the mechanisms for achieving microsegmentation, the components that make up AGS, and how to introduce them.

In fact, I first took online lectures and hands-on sessions for a total of about a week.

It may seem like a lot of work, but I was able to gain knowledge about various architectures, and I now find it useful when setting up environments and troubleshooting.

And GCSA/GCSE are qualifications, and of course qualifications come with exams.
I suppose people who like exams are in the minority, but the exam questions were based on practical situations, which I felt was perfect for solidifying what I had learned so far.
Our understanding has now deepened to the point where terms like microsegmentation and lateral movement are even used in everyday conversation.

We have also acquired members of our engineering team, so if you have any questions, please feel free to contact us! We would be happy to help you in any way.

Conclusion - Why not start with network visualization?

Akamai provides content that provides in-depth knowledge about AGS, which is useful for building and using it.
Our company, Macnica Solutions, is also working to deepen our knowledge of AGS from the content provided by Akamai and to disseminate the knowledge gained from that.

Why not start by visualizing your network communications with AGS?
AGS not only prevents lateral movement, but also helps eliminate the black Box nature of the network and reduces the burden of complicated network management.

Macnica Solutions will support you in building and operating AGS, so if you are even slightly interested, please contact us.