Back to Details

d3fend-isolate

Compare original and translation side by side

🇺🇸

Original

English
🇨🇳

Translation

Chinese

D3FEND — Isolate

D3FEND — 隔离

When to Use

适用场景

  • Implementing access mediation (network, file, web session, physical)
  • Configuring content filtering and validation (format, metadata, magic bytes)
  • Isolating execution (process sandboxing, allowlisting, denylisting)
  • Segmenting networks (VLANs, micro-segmentation, broadcast isolation)
  • Managing DNS/IP allowlists and denylists
  • Setting system call filtering and I/O port restrictions
  • 实施访问调解(网络、文件、Web会话、物理层面)
  • 配置内容过滤与验证(格式、元数据、魔术字节)
  • 执行隔离(进程沙箱、白名单、黑名单)
  • 网络分段(VLAN、微分段、广播隔离)
  • 管理DNS/IP白名单与黑名单
  • 设置系统调用过滤与I/O端口限制

When NOT to Use

不适用场景

  • Building detection rules or monitoring → 
    d3fend-detect
  • System hardening or encryption → 
    d3fend-harden
  • Honeypots or deception → 
    d3fend-deceive
  • Network architecture design → 
    infrastructure-engineer
  • Zero-trust implementation → 
    cybersecurity
  • 构建检测规则或监控 → 
    d3fend-detect
  • 系统加固或加密 → 
    d3fend-harden
  • 蜜罐或欺骗技术 → 
    d3fend-deceive
  • 网络架构设计 → 
    infrastructure-engineer
  • 零信任实施 → 
    cybersecurity

Core Workflows

核心工作流

1. Access Mediation

1. 访问调解

TypeControls
NetworkVLANs, ACLs, routing mediation, remote file access
Web SessionProxy-based, endpoint-based mediation
FileLocal permissions, access policy administration
PhysicalLocks, badges, physical access mediation
SystemSystem call filtering, I/O port restrictions
See 
references/access_mediation.md
类型控制措施
网络VLAN、ACL、路由调解、远程文件访问
Web会话基于代理、基于端点的调解
文件本地权限、访问策略管理
物理锁具、门禁卡、物理访问调解
系统系统调用过滤、I/O端口限制
请参阅 
references/access_mediation.md

2. Content Filtering & Validation

2. 内容过滤与验证

  • Content filtering (email, web, DLP)
  • Content modification, excision, rebuild, substitution
  • Format verification (magic bytes, metadata, internal structure)
  • Decompression checking and quarantine
See 
references/content_filtering.md
  • 内容过滤(邮件、Web、数据丢失防护DLP)
  • 内容修改、移除、重建、替换
  • 格式验证(魔术字节、元数据、内部结构)
  • 解压检查与隔离
请参阅 
references/content_filtering.md

3. Execution Isolation

3. 执行隔离

  • Application-based process isolation (containers, app sandbox)
  • Kernel-based isolation (seccomp, namespaces, cgroups)
  • Hardware-based isolation (TEE, TPM, enclaves)
  • Executable allowlisting and denylisting
See 
references/execution_isolation.md
  • 基于应用的进程隔离(容器、应用沙箱)
  • 基于内核的隔离(seccomp、命名空间namespaces、控制组cgroups)
  • 基于硬件的隔离(TEE、TPM、安全飞地enclaves)
  • 可执行文件白名单与黑名单
请参阅 
references/execution_isolation.md

4. Network Isolation

4. 网络隔离

  • Broadcast domain isolation (VLANs, private VLANs)
  • Directional network links (one-way gateways)
  • DNS/IP allowlisting and denylisting
  • Encrypted tunnels (VPN, TLS, IPsec)
  • Traffic filtering (inbound, outbound, email)
See 
references/network_isolation.md
  • 广播域隔离(VLAN、私有VLAN)
  • 定向网络链路(单向网关)
  • DNS/IP白名单与黑名单
  • 加密隧道(VPN、TLS、IPsec)
  • 流量过滤(入站、出站、邮件)
请参阅 
references/network_isolation.md

When to load references

何时加载参考文档

  • Access mediation
    references/access_mediation.md
  • Content filtering
    references/content_filtering.md
  • Execution isolation
    references/execution_isolation.md
  • Network isolation
    references/network_isolation.md
  • 访问调解
    references/access_mediation.md
  • 内容过滤
    references/content_filtering.md
  • 执行隔离
    references/execution_isolation.md
  • 网络隔离
    references/network_isolation.md