Taos Glossary

An explanation of industry terms that is a quick read, and knowledge base.


What is an enclave?

A network enclave (also known as a security enclave) is a portion or segment of an internal network that operates separately from the rest of an organization’s digital infrastructure. It shares a singular, unified security perimeter, with access defined by common policies managed and enforced through firewalls and VPNs. The primary purpose of an enclave is to extend beyond traditional network security options to protect business-critical devices and sensitive data sets on a deeper level.

How does an enclave work?

A network enclave limits internal access to a network segment and is not visible to any public access. Internal access is usually defined and maintained by firewalls or virtual LANs (VLANs). An enclave isolates applications and data according to established permissions, providing hardware-level isolation and memory encryption on every server within the enclave, extending the encryption for storage and network data as required.

How is an enclave network important?

Organizations turn to enclaves to maintain a secure network environment under which the control of a single authority is required. Enclaves often unite multiple local area networks (LANs) with computing components overseen by a unified security policy. These policies are applied to the enclave regardless of physical location. For example, a single facility may employ multiple enclaves where one enclave can span any number of geographic locations, coordinated by communication points.

Benefits of enclave networking

When considering a network enclave implementation, organizations often seek to protect specific sections of their network infrastructure, enhance their cybersecurity posture against external threats, limit the impact of a successful breach, and shield sensitive data from bad internal actors.

Common use cases for enclave networking

Enclaves are a comprehensive data security solution, protecting applications and storage from internal and external threats. Enclaves can also operate on-premises and in public, private, and hybrid cloud environments. Organizations often establish a network enclave as a defense against Zero-Day exploits, as application code and data become entirely inaccessible to any other users outside of the enclave itself.

Recommended for You

Related Service Offerings

Cloud Cost Optimization Advisory

Save up to 30% of cloud spend by identifying areas of waste across hyperscalers

Application Modernization Advisory

A prescriptive and strategic roadmap to reduces risks on your journey into a modernized, containerized application environment

Cloud Security Assessment

Understand how secure your cloud environment is and the key vulnerabilities you need to address.