What is microsegmentation? How getting granular improves network security

Microsegmentation is a method of creating secure zones in data centers and cloud deployments that allows companies to isolate workloads from one another and secure them individually. It’s aimed at making network security more granular. 

Microsegmentation vs. VLANs, firewalls and ACLs

Network segmentation isn’t new. Companies have relied on firewalls, virtual local area networks (VLAN) and access control lists (ACL) for network segmentation for years. With microsegmentation, policies are applied to individual workloads for greater attack resistance.

“Where VLANs let you do very coarse-grained segmentation, microsegmentation lets you do more fine-grained segmentation. So anywhere you need to get down to granular partitioning of traffic, that’s where you’ll find it,” says analyst Zeus Kerravala, founder of ZK Research and a contributor to Network World.

The rise of software-defined networks and network virtualization has paved the way for microsegmentation. “We can do things in software, in a layer that’s decoupled from the underlying hardware,” Kerravala says. “That makes segmentation much easier to deploy.”

Leave a Reply

Your email address will not be published. Required fields are marked *