Microsegmentation is the art of using software-defined policies, instead of hardware network configurations, to make network security more flexible. It can only work if implemented with right tools and forethought.
Models Used in Microsegmentation
There are four architectural models used in microsegmentation. They are:
Hybrid model – it is a combination of third-party and native controls
Overlay model – usually uses a type of software or agent within every host, instead of using moderating communications. Vendors of this model include Unisys, vArmour, Vmware NSX, ShieldX, Juniper, Illumio, Guardicore, Drawbridge Networks, CloudPassage, and Cisco.
Third-party model – mainly based on a virtual firewall presented by third-party firewall vendors. They include Huawei, Sophos, SonicWall, Palo Alto, Juniper, Fortinet, Checkpoint, and Cisco.
Native model – makes use of included or inherent capabilities provided within various areas such as infrastructure, operating hypervisor/system, IaaS, or virtualization platform.
When considering microsegmentation solutions, even for a virtual machine, avoid thinking about technical solutions only. The solution should be inclusive of technology, process, and people. Therefore, do not go for the model of security you think is best to implement. Rather, you should select the architectural model that ensures security in the operation of your modern data center.
MOre info @ micro segmentation