We are looking at various methods of network segmentation. We initially implemented DACLs. My security guy is somewhat suspect of this as the DACL seems to only allow limits on traffic leaving the interface, not on traffic entering the interface. So now we are looking into SGTs and SGACLs as a remedy for this situation. The long term goal here is SDA, but we have some work to do before we are ready for that. We are working on TrustSec / SGTs as an intermediate step. My question is this, using TrustSec (and SDA for that matter) do I still only have limits on traffic leaving the interface?
Not sure I understand correctly?
Traffic Leaving the interface vs traffic entering the interface (is this a server? or end devices like desktop or PC)
again depends on the requirement and use case. ( so add a bit more information will be much useful)
there is a good explanation in this thread for help :
good white paper for medical device