T 3.29 Lack of, or unsuitable segmentation

Local networks may be segmented physically with the help of active network components or logically with the help of a corresponding VLAN configuration. The connected IT systems of a network are thereby distributed to different segments. This improves load balancing within the network and increases the ability of the network to be administrated.

This may result in the following specific threats:

• Loss of availability
  
  Due to a high number of IT systems within a layer 2 segment, the network load in this segment is increased. This may have significant adverse effects on the availability of this network segment or even result in this segment being overloaded and failing. For CSMA/CD-based network access protocols (e.g. Ethernet), collisions occur more frequently, reducing the available bandwidth. Inappropriate segmentation may also occur if systems are separated by layer 2 or 3 active network components which communicate a lot with each other.
• Insufficient protection of the confidentiality
  
  In order to be able to protect confidential data, only the absolutely required users should be granted access to the data. Therefore, broadcast domains must be limited to the absolutely required extent. However, if the individual segments were configured inappropriately, other users may also read and possibly analyse the transmitted messages containing confidential data.

Examples:

• Two IT systems exchanging large amounts of data are separated with the help of a router. This may constitute an inappropriate segmentation, since data traffic must pass through a relatively slow router.
• Two IT systems frequently exchanging passwords or other sensitive information are separated with the help of a bridge. As a result, this data traffic can be intercepted in both segments. Limiting the data traffic between these two IT systems to one segment would increase the protection of the confidentiality.