• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

My TechDecisions

  • Best of Tech Decisions
  • Topics
    • Video
    • Audio
    • Mobility
    • Unified Communications
    • IT Infrastructure
    • Network Security
    • Physical Security
    • Facility
    • Compliance
  • RFP Resources
  • Resources
  • Podcasts
  • Project of the Week
  • About Us
    SEARCH
Network Security

Getting a Grip on the Micro-Segmentation Market to Envision Next-Gen Cybersecurity

The global micro-segmentation market is expected to reach $2 billion in the coming years. Here’s what you need to know about how it will affect cybersecurity.

March 19, 2018 Katherine Johnson Leave a Comment

Cyber Security

The global micro-segmentation market is heating up and it is expected to reach $2 billion in global revenue by 2022, up from $670 million in 2017. That marks a 25% compound annual growth rate (CAGR), according to a new forecast by Research and Markets.

Micro-segmentation serves as a foundational element of data center security in any software-defined data center (SDDC). This involves various ways of segmenting a network to isolate any problems or attacks before they can spread elsewhere to infect other parts of the system. The ongoing goal is to automate policy management steps across increasingly granular network segments, thus allowing security teams to quickly quarantine any compromised endpoints within the broader system.

Surveying the current market landscape, it comes as no surprise that many enterprises are looking beyond VMware NSX and Cisco ACI to provide segmentation for their software defined networking (SDN) platforms. This is due to the relative complexity of NSX and ACI for planning and deployment, along with certain other limitations. Lesser well-known SDN vendors such as Pluribus should be considered as viable alternatives to the inherent complexities of NSX and ACI.

Taking a step back, there are currently four main architectural models associated with micro-segmentation:

  • Native Micro-Segmentation Model – This approach uses the inherent or included capabilities nested within the virtualization platform, IaaS, operating system/hypervisor, or infrastructure. The main vendors here include some of the world’s largest tech companies such as Amazon, Cisco, Microsoft and VMware.
  • Third-Party Model – In this model, micro-segmentation is based primarily upon the virtual firewalls offered by third-party firewall vendors. These providers include many of the usual firewall suspects such as Cisco, Checkpoint, Fortinet, Juniper, Palo Alto, SonicWall, Sophos, and Huawei.
  • Overlay Model – The overlaid micro-segmentation model typically relies on some form of agent or software code within each host, rather than moderating communications as firewalls do. Some prominent overlay vendors include Cisco, CloudPassage, Drawbridge Networks, Guardicore, Illumio, Juniper, ShieldX, vArmour, and Unisys.
  • Hybrid Model – Most blended or hybrid types of micro-segmentation rely on some combination of native and third-party controls.

Network segmentation via VLANs and ACLs that control traffic between VLANs will not work to prevent a ransomware attack from gaining access to your systems, but it will be invaluable if a malware infection is able to get a foothold in your organization. Network segmentation can help ensure that a malware infection or other security issue stays isolated to just the network segment where the infected endpoint is located. The intent should be to prevent malware from spreading through the entirety of the organization. This concern is especially important for organizations that maintain aging legacy systems which are no longer able to receive security updates.

Katherine Johnson is Director of Research for Trace3, a pioneer in business transformation solutions.

Another method that continues to appear is segmentation through NAC. Network access control can be a complex undertaking because it incorporates the three elements of assessment, authentication and access. There are many working pieces that must be integrated, such as an authentication service (e.g., active directory, LDAP, token servers, etc.); a mobile device management or enterprise mobility management solution; endpoint security; and perhaps even a security incident and event management system. Segmentation through NAC should not be the go-to strategy as a way to isolate devices from resources on the network, as the sheer timing of policy implementation may render the network and its resources vulnerable.

Another alternative to NAC lies in the IoT space. New startups like Pwnie Express and ZingBox provide IoT Security solutions that supply the ability to identify, assess and respond to devices on the network based on their behavior. The response varies either through segmentation, or through using third party tools. Zingbox is targeting the medical device market and it should be given consideration to completely understand its ability to enforce behavior.

Regardless of the type of micro-segmentation deployment that your organization chooses, the following reminders are highly recommended:

  • Do Not Over-Segment. Over-segmentation is the foremost cause of failure and it is an unnecessary expense for segmentation projects.
  • Isolation Alone Isn’t Segmentation. If communication is required between zones, this requires different functionality than merely keeping them apart.
  • The Key to All Segmentation Projects is Visibility. Regardless to how segmentation is implemented, eliminating blind spots across the network is a bedrock requirement. The successful implementation of any micro-segmentation policy requires deep visibility down to the process level to identify applications, recognize relationships between them, and understand both the network and application flows.

If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our digital newsletters!

Tagged With: Cyber Security

Related Content:

  • Cybersecurity and information or network protection. Future technology web services for business and internet project CrowdStrike Cyber Armageddon: How Do Firms Now Build…
  • DDoS, NETSCOUT Arbor Insight 7 Layers of DDoS Attacks and How To…
  • cisco webex-rooms-modern-space AVI-SPL Receives Cisco 2023 Reimagine Workspaces Partner of…
  • data breach Nearly 900 Schools Impacted by National Student Clearinghouse…

Free downloadable guide you may like:

  • Download TechDecisions' Blueprint Series report on Security Awareness now!Blueprint Series: Why Your Security Awareness Program is Probably Falling Short

    Learn about the evolution of phishing attacks and best practices for security awareness programs to ensure your organization is properly prepared to defend against them in this report from TechDecisions' Blueprint Series.

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Latest Downloads

Practical Design Guide for Office Spaces
Practical Design Guide for Office Spaces

Recent Gartner research shows that workers prefer to return to the office for in-person meetings for relevant milestones, as well as for face-to-fa...

New Camera Can Transform Your Live Production Workflow
New Camera System Can Transform Your Live Production Workflow

Sony's HXC-FZ90 studio camera system combines flexibility and exceptional image quality with entry-level pricing.

Creating Great User Experience and Ultimate Flexibility with Clickshare

Working and collaborating in any office environment today should be meaningful, as workers today go to office for very specific reasons. When desig...

View All Downloads

Would you like your latest project featured on TechDecisions as Project of the Week?

Apply Today!

More from Our Sister Publications

Get the latest news about AV integrators and Security installers from our sister publications:

Commercial IntegratorSecurity Sales

AV-iQ

Footer

TechDecisions

  • Home
  • Welcome to TechDecisions
  • Contact Us
  • Comment Guidelines
  • RSS Feeds
  • Twitter
  • Facebook
  • Linkedin

Free Technology Guides

FREE Downloadable resources from TechDecisions provide timely insight into the issues that IT, A/V, and Security end-users, managers, and decision makers are facing in commercial, corporate, education, institutional, and other vertical markets

View all Guides
TD Project of the Week

Get your latest project featured on TechDecisions Project of the Week. Submit your work once and it will be eligible for all upcoming weeks.

Enter Today!
Emerald Logo
ABOUTCAREERSAUTHORIZED SERVICE PROVIDERSYour Privacy ChoicesTERMS OF USEPRIVACY POLICY

© 2025 Emerald X, LLC. All rights reserved.