East-west traffic describes network communication between two or more machines across the same datacenter. That includes server-to-server communication or chatter between individual devices — no matter how complex or layered the underlying networking structure is. East-west traffic therefore originates within an organization and flows internally between systems and subnetworks. It never leaves that specific datacenter environment.
Since individual networking environments often support numerous devices, organizations can generate massive amounts of east-west at any given time. Implementing load balancing and routing solutions help keep these datacenters from drowning in latency or bottlenecking issues. Continued virtualization and liberal (but necessary) use of network controllers have only boosted east-west activity, as well.
What are some examples of east-west traffic?
When two servers communicate across a datacenter, they're generating east-west (or horizontal) traffic. The same goes for two communicative devices sharing the same networking environment — such as computers, tablets, mobile devices, and others.
Certain types of data flows and operations are hallmarks of east-west networking. For example, file transfers, inter-process communication, database replication, and other application-based activity contribute often to internal traffic growth.
What are some unique considerations around east-west traffic?
East-west traffic typically flows within a microsegmented, trusted environment. Because these data packets don't typically pass through a firewall or gateway. DevSecOps teams must establish their own security policies and topologies (either virtual or physical) to guard against cyberattacks and unintended permissions escalations.
Protecting data in transit is important, as is making sure those routes are defined intentionally to avoid issues. While internal teams don't have to maintain the famed castle-and-moat approach in this instance, limiting lateral movement across networks or subnetworks is generally recommended. This limits bad actors from causing too much damage or leaking privileged information, should they gain some degree of access.
Managing east-west traffic can also be challenging due to the mix of clouds and datacenters. With so many technologies and vendors arranged in a patchwork quilt, teams must be mindful of where their data lives, how it travels, and where any potential weaknesses may lie.
Does HAProxy support east-west traffic?
Yes! HAProxy One — the world's fastest application delivery and security platform — is built to handle east-west traffic from internal applications, APIs, and AI services. You can deploy HAProxy in any multi-cloud, hybrid-cloud, or on-premises environment, while HAProxy Fusion helps you easily manage traffic flowing through your HAProxy Enterprise clusters.
HAProxy One also excels at processing numerous service-to-service calls within a greater service mesh environment. No matter how your services are built or deployed, HAProxy has you covered.