Defining and implementing a network microsegmentation strategy is paramount to securing the network and protecting assets. However, it’s also a time-consuming and resource-intensive endeavor. This means it’s vital that enterprises are confident that their zone-to-zone security policy is functioning as intended.
Rapid digitization means that organizations are now more connected than ever. Most organizations now host a combination of interconnected IT, OT, IoT and sometimes IoMT devices in their networks, which has increased their attack surface. Forescout’s data shows that around 24% of connected devices in every organization are no longer traditional IT.
The last decade has seen a notable step in the evolution of network security and operations as companies move to a Software Defined Network (SDN) model, centralising control of switches, routers, VPN concentrators, load balancers and SD-WAN devices. This simplifies the management and operation of the network, driving down operational costs and reducing risk through better patch and update management.
It’s a familiar nightmare you’ve heard of and might even face as a developer or security engineer: alerts firing in all directions warning that your company’s VPN and firewall — that supposedly “safe” defensive perimeter around your infrastructure — has been breached. And the scariest part is that you find out after the fact — after access credentials and customer assets have been stolen.
Recently, Gartner® refreshed one of its foundational cybersecurity research, “The 6 Principles of Successful Network Segmentation Strategies.”1 The principles covered in the research are tried and true. Segmenting networks to improve security and performance is nothing new to security teams, yet the same challenges persist year after year.
