Did you know there are three primary layers to approach?


1. Network
2. Hypervisor
3. Host

Here are a few important tips…

It’s important to understand exactly what layers you are trying to segment and what your attack surface looks like in order to prioritise a solution.

Network and hypervisor access control solutions provide macro level segmentation, whereas host solutions provide micro level segmentation.

Before choosing a solution, you need to set time aside to understand your environment through the use of discovery tools to gain visibility on how traffic flows through your environment, and where access is required by various users, devices, and systems.

This can be a longwinded process, however choosing the right segmentation solution will allow you to hand off the heavy lifting to the discovery features within each toolset, and allow you to start mapping out profiles and policies to meet your security and operational requirements.

Visibility and knowledge is the key to successfully segmenting your environment, to promote zero-trust principles while ensuring the right systems and resource can be accessed by the right people when they need it with as little human intervention as possible.