• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

My TechDecisions

  • COVID-19 Update
  • Best of Tech Decisions
  • Topics
    • Video
    • Audio
    • Mobility
    • Unified Communications
    • IT Infrastructure
    • Network Security
    • Physical Security
    • Facility
    • Compliance
  • RFP Resources
  • Downloads
  • Podcasts
  • Subscribe
  • Project of the Week
  • About Us
    SEARCH
Network Security

Getting a Grip on the Micro-Segmentation Market to Envision Next-Gen Cybersecurity

The global micro-segmentation market is expected to reach $2 billion in the coming years. Here’s what you need to know about how it will affect cybersecurity.

March 19, 2018 Katherine Johnson Leave a Comment

Cyber Security

The global micro-segmentation market is heating up and it is expected to reach $2 billion in global revenue by 2022, up from $670 million in 2017. That marks a 25% compound annual growth rate (CAGR), according to a new forecast by Research and Markets.

Micro-segmentation serves as a foundational element of data center security in any software-defined data center (SDDC). This involves various ways of segmenting a network to isolate any problems or attacks before they can spread elsewhere to infect other parts of the system. The ongoing goal is to automate policy management steps across increasingly granular network segments, thus allowing security teams to quickly quarantine any compromised endpoints within the broader system.

Surveying the current market landscape, it comes as no surprise that many enterprises are looking beyond VMware NSX and Cisco ACI to provide segmentation for their software defined networking (SDN) platforms. This is due to the relative complexity of NSX and ACI for planning and deployment, along with certain other limitations. Lesser well-known SDN vendors such as Pluribus should be considered as viable alternatives to the inherent complexities of NSX and ACI.

Taking a step back, there are currently four main architectural models associated with micro-segmentation:

  • Native Micro-Segmentation Model – This approach uses the inherent or included capabilities nested within the virtualization platform, IaaS, operating system/hypervisor, or infrastructure. The main vendors here include some of the world’s largest tech companies such as Amazon, Cisco, Microsoft and VMware.
  • Third-Party Model – In this model, micro-segmentation is based primarily upon the virtual firewalls offered by third-party firewall vendors. These providers include many of the usual firewall suspects such as Cisco, Checkpoint, Fortinet, Juniper, Palo Alto, SonicWall, Sophos, and Huawei.
  • Overlay Model – The overlaid micro-segmentation model typically relies on some form of agent or software code within each host, rather than moderating communications as firewalls do. Some prominent overlay vendors include Cisco, CloudPassage, Drawbridge Networks, Guardicore, Illumio, Juniper, ShieldX, vArmour, and Unisys.
  • Hybrid Model – Most blended or hybrid types of micro-segmentation rely on some combination of native and third-party controls.

Network segmentation via VLANs and ACLs that control traffic between VLANs will not work to prevent a ransomware attack from gaining access to your systems, but it will be invaluable if a malware infection is able to get a foothold in your organization. Network segmentation can help ensure that a malware infection or other security issue stays isolated to just the network segment where the infected endpoint is located. The intent should be to prevent malware from spreading through the entirety of the organization. This concern is especially important for organizations that maintain aging legacy systems which are no longer able to receive security updates.

Katherine Johnson is Director of Research for Trace3, a pioneer in business transformation solutions.

Another method that continues to appear is segmentation through NAC. Network access control can be a complex undertaking because it incorporates the three elements of assessment, authentication and access. There are many working pieces that must be integrated, such as an authentication service (e.g., active directory, LDAP, token servers, etc.); a mobile device management or enterprise mobility management solution; endpoint security; and perhaps even a security incident and event management system. Segmentation through NAC should not be the go-to strategy as a way to isolate devices from resources on the network, as the sheer timing of policy implementation may render the network and its resources vulnerable.

Another alternative to NAC lies in the IoT space. New startups like Pwnie Express and ZingBox provide IoT Security solutions that supply the ability to identify, assess and respond to devices on the network based on their behavior. The response varies either through segmentation, or through using third party tools. Zingbox is targeting the medical device market and it should be given consideration to completely understand its ability to enforce behavior.

Regardless of the type of micro-segmentation deployment that your organization chooses, the following reminders are highly recommended:

  • Do Not Over-Segment. Over-segmentation is the foremost cause of failure and it is an unnecessary expense for segmentation projects.
  • Isolation Alone Isn’t Segmentation. If communication is required between zones, this requires different functionality than merely keeping them apart.
  • The Key to All Segmentation Projects is Visibility. Regardless to how segmentation is implemented, eliminating blind spots across the network is a bedrock requirement. The successful implementation of any micro-segmentation policy requires deep visibility down to the process level to identify applications, recognize relationships between them, and understand both the network and application flows.

Tagged With: Cyber Security

Related Content:

  • Supply Chain Compromises How IT Leaders Can Protect Against Supply Chain…
  • SolarWinds CEO SolarWinds CEO: Company Might Not Be the Only…
  • SolarWinds Hack affected Microsoft Source Code, The FBI warns that hackers are carrying out “swatting attacks” via compromised smart devices to make hoax calls to emergency services. ‘Swatting’ Hacks Occurring Through Smart Cameras
  • Mimecast Certificate Compromised Mimecast: Hackers Compromised A Digital Certificate

Free downloadable guide you may like:

  • Top 9 Reasons Enterprise IT Leaders Are Moving Their Video Surveillance to the Eagle Eye Cloud

    Working in IT has enough challenges without adding in the complications of surveillance video. Things like total cost of maintenance, how the VMA manages bandwidth, what cameras are supported, what level of cybersecurity is provided, and what integrations are available to use are important factors IT managers have to think about when assessing a video […]

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Get the FREE Tech Decisions eNewsletter

Sign up Today!

Latest Downloads

Top 9 Reasons Enterprise IT Leaders Are Moving Their Video Surveillance to the Eagle Eye Cloud

Working in IT has enough challenges without adding in the complications of surveillance video. Things like total cost of maintenance, how the VMA m...

Using Live Chats and Chatbots to Increase Customer Engagement

There's a lot to consider when building out a chatbot experience to ensure that it delivers a seamless experience and meet your business goals.

Finding a New Balance

The shift to a hybrid work environment is a trend that has increased in popularity over many years. The COVID-19 pandemic has spurred this trend, f...

View All Downloads

Would you like your latest project featured on TechDecisions as Project of the Week?

Apply Today!
Sharp Microsoft Collaboration HQ Logo

Learn More About the
Windows Collaboration Display

More from Our Sister Publications

Get the latest news about AV integrators and Security installers from our sister publications:

Commercial IntegratorSecurity Sales

Footer

TechDecisions

  • Home
  • Welcome to TechDecisions
  • Subscribe to the Newsletter
  • Contact Us
  • Media Solutions & Advertising
  • Comment Guidelines
  • RSS Feeds
  • Terms of Use
  • Privacy Policy
  • Twitter
  • Facebook
  • Linkedin

Free Technology Guides

FREE Downloadable resources from TechDecisions provide timely insight into the issues that IT, A/V, and Security end-users, managers, and decision makers are facing in commercial, corporate, education, institutional, and other vertical markets

View all Guides
TD Project of the Week

Get your latest project featured on TechDecisions Project of the Week. Submit your work once and it will be eligible for all upcoming weeks.

Enter Today!

© 2021 Emerald X, LLC. All rights reserved.