Overview of Secure Workload

Traditionally, network security is aimed at keeping malicious activities out of network with firewalls around the edge of your network. However, you also need to protect your organization from threats that have breached your network or originated within it. Segmentation or microsegmentation of the network helps to protect your workloads through controlling traffic between workloads and other hosts on your network; therefore, allowing only traffic that your organization would require for business purposes, and deny all other traffic.

Cisco Secure Workload uses the organization’s flow data to suggest policies that you can evaluate and approve before enforcing them. Alternatively, you can also manually create these policies for segmenting your network.

For example, you can use policies to prevent all communication between the workloads that host your public-facing web application from communicating with the research and development database in your data center, or to prevent non-production workloads from contacting the production workloads.