Network Security - Microsegmentation

Microsegmentation divides a network into very small, isolated segments.

Difference from traditional segmentation

• Traditional: VLANs, subnets (coarse control)

• Microsegmentation: Workload-level or application-level control

Benefits

• Limits lateral movement

• Contains breaches

• Each segment has its own security policy

Why it is important

Most attacks spread inside the network after the first compromise. Microsegmentation prevents this spread.

Example

Even if a hacker compromises one server, they cannot access other servers without explicit permission.