Get Instant Access
to This Blueprint

Infrastructure Operations icon

Network Segmentation

Protect your network by controlling the conversations within it.

  • Many legacy networks were built for full connectivity and overlooked potential security ramifications.
  • Malware, ransomware, and bad actors are proliferating. It is not a matter of if you will be compromised but how can the damage be minimized.
  • Cyber insurance will detective control, not a preventative one. Prerequisite audits will look for appropriate segmentation.

Our Advice

Critical Insight

  • Lateral movement amplifies damage. Contain movement within the network through segmentation.
  • Good segmentation is a balance between security and manageability. If solutions are too complex, they won’t be updated or maintained.
  • Network services and users change over time, so must your segmentation strategy. Networks are not static; your segmentation must maintain pace.

Impact and Result

  • Create a common understanding of what is to be built, for whom, and why.
  • Define what services will be offered and how they will be governed.
  • Understand which assets that you already have can jump start the project.

Network Segmentation Research & Tools

1. Network Segmentation Deck – A deck to help you minimize risk by controlling traffic flows within the network.

Map out appropriate network segmentation to minimize risk in your network.

Network Segmentation

Protect your network by controlling the conversations within it.

Executive Summary

Info-Tech Insight

Lateral movement amplifies damage

From a security perspective, bad actors often use the tactic of “land and expand.” Once a network is breached, if east/west or lateral movement is not restricted, an attacker can spread quickly within a network from a small compromise.

Good segmentation is a balance between security and manageability

The ease of management in a network is usually inversely proportional to the amount of segmentation in that network. Highly segmented networks have a lot of potential complications and management overhead. In practice, this often leads to administrators being confused or implementing shortcuts that circumvent the very security that was intended with the segmentation in the first place.

Network services and users change over time, so must your segmentation strategy

Network segmentation projects should not be viewed as singular or “one and done.” Services and users on a network are constantly evolving; the network segmentation strategy must adapt with these changes. Be sure to monitor and audit segmentation deployments and change or update them as required to maintain a proper risk posture.

Executive Summary

Your Challenge

Common Obstacles

Info-Tech’s Approach

Networks are meant to facilitate communication, and when devices on a network cannot communicate, it is generally seen as an issue. The simplest answer to this is to design flat, permissive networks. With the proliferation of malware, ransomware, and advanced persistent threats (ATPs) a flat or permissive network is an invitation for bad actors to deliver more damage at an increased pace.

Cyber insurance may be viewed as a simpler mitigation than network reconfiguration or redesign, but this is not a preventative solution, and the audits done before policies are issued will flag flat networks as a concern.

Network segmentation is not a “bolt on” fix. To properly implement a minimum viable product for segmentation you must, at a minimum:

  • Understand the endpoints and their appropriate traffic flows.
  • Understand the technologies available to implement segmentation.

Implementing appropriate segmentation often involves elements of (if not a full) network redesign.

To ensure the best results in a timely fashion, Info-Tech recommends a methodology that consists of:

  • Understand the network (or subset thereof) and prioritizing segmentation based on risk.
  • Align the appropriate segmentation methodology for each surfaced segment to be addressed.
  • Monitor the segmented environment for compliance and design efficacy, adding to and modifying existing as required.

Info-Tech Insight

The aim of networking is communication, but unfettered communication can be a liability. Appropriate segmentation in networks, blocking communications where they are not required or desired, restricts lateral movement within the network, allowing for better risk mitigation and management.

Network segmentation

Compartmentalization of risk:

Segmentation is the practice of compartmentalizing network traffic for the purposes of mitigating or reducing risk. Segmentation methodologies can generally be grouped into three broad categories:

1. Physical Segmentation

The most common implementation of physical segmentation is to build parallel networks with separate hardware for each network segment. This is sometimes referred to as “air gapping.”

2. Static Virtual Segmentation

Static virtual segmentation is the configuration practice of using technologies such as virtual LANs (VLANs) to assign ports or connections statically to a network segment.

3. Dynamic Virtual Segmentation

Dynamic virtual segmentation assigns a connection to a network segment based on the device or user of the connection. This can be done through such means as software defined networking (SDN), 802.1x, or traffic inspection and profiling.

Common triggers for network segmentation projects

1. Remediate Audit Findings

Many security audits (potentially required for or affecting premiums of cyber insurance) will highlight the potential issues of non-segmented networks.

2. Protect Vulnerable Technology Assets

Whether separating IT and OT or segmenting off IoT/IIoT devices, keeping vulnerable assets separated from potential attack vectors is good practice.

3. Minimize Potential for Lateral Movement

Any organization that has experienced a cyber attack will realize the value in segmenting the network to slow a bad actor’s movement through technology assets.

How do you execute on network segmentation?

The image contains a screenshot of the network segmentation process. The process includes: identify risk, design segmentation, and operate and optimize.

Identify risks by understanding access across the network

Gain visibility

Create policy

Prioritize change

"Security, after all, is a risk business. As companies don't secure everything, everywhere, security resilience allows them to focus their security resources on the pieces of the business that add the most value to an organization, and ensure that value is protected."

– Helen Patton,

CISO, Cisco Security Business Group, qtd. In PR News, 2022

Discover the data flows within the network. This should include all users on the network and the environments they are required to access as well as access across environments.

Examine the discovered flows and define how they should be treated.

Change takes time. Use a risk assessment to prioritize changes within the network architecture.

Understand the network space

A space is made up of both services and users.

Before starting to consider segmentation solutions, define whether this exercise is aimed at addressing segmentation globally or at a local level. Not all use cases are global and many can be addressed locally.

When examining a network space for potential segmentation we must include:

  • Services offered on the network
  • Users of the network

To keep the space a consumable size, both of these areas should be approached in the abstract. To abstract, users and services should be logically grouped and generalized.

Groupings in the users and services categories may be different across organizations, but the common thread will be to contain the amount of groupings to a manageable size.

Service Groupings

  • Are the applications all components of a larger service or environment?
  • Do the applications serve data of a similar sensitivity?
  • Are there services that feed data and don’t interact with users (IoT, OT, sensors)?

User Groupings

  • Do users have similar security profiles?
  • Do users use a similar set of applications?
  • Are users in the same area of your organization chart?
  • Have you considered access by external parties?

Info-Tech Insight

The more granular you are in the definition of the network space, the more granular you can be in your segmentation. The unfortunate corollary to this is that the difficulty of managing your end solution grows with the granularity of your segmentation.

Create appropriate policy

Understand which assets to protect and how.

Context is key in your ability to create appropriate policy. Building on the definition of the network space that has been created, context in the form of the appropriateness of communications across the space and the vulnerabilities of items within the space can be layered on.

To decide where and how segmentation might be appropriate, we must first examine the needs of communication on the network and their associated risk. Once defined, we can assess how permissive or restrictive we should be with that communication.

The minimum viable product for this exercise is to define the communication channel possibilities, then designate each possibility as one of the following:

  • Permissive – we should freely allow this traffic
  • Restricted – we should allow some of the traffic and/or control it
  • Rejected – we should not allow this traffic

Appropriate Communications

  • Should a particular group of users have access to a given service?
  • Are there external users involved in any grouping?

Potential Vulnerabilities

  • Are the systems in question continually patched/updated?
  • Are the services exposed designed with the appropriate security?

Prioritize the potential segmentation

Use risk as a guide to prioritize segmentation.

For most organizations, the primary reason for network segmentation is to improve security posture. It follows that the prioritization of initiatives and/or projects to implement segmentation should be based on risk.

When examining risk, an organization needs to consider both:

  • Impact and likelihood of visibility risk in respect to any given asset, data, or user
  • The organization’s level of risk tolerance

The assets or users that are associated with risk levels higher than the tolerance of the organization should be prioritized to be addressed.

Service Risks

  • If this service was affected by an adverse event, what would the impact on the organization be?

User Risks

  • Are the users in question FTEs as opposed to contractors or outsourced resources?
  • Is a particular user group more susceptible to compromise than others?

Info-Tech Insight

Be sure to keep this exercise relative so that a clear ranking occurs. If it turns out that everything is a priority, then nothing is a priority. When ranking things relative to others in the exercise, we ensure clear “winners” and “losers.”

Assess risk and prioritize action

1-3 hours

  1. Define a list of users and services that define the network space to be addressed. If the lists are too long, use an exercise like affinity diagramming to appropriately group them into a smaller subset.
  2. Create a matrix from the lists (put users and services along the rows and columns). In the intersecting points, label how the traffic should be treated (e.g. Permissive, Restricted, Rejected).
  3. Examine the matrix and assess the intersections for risk using the lens of impact and likelihood of an adverse event. Label the intersections for risk level with one of green (low impact/likelihood), yellow (medium impact/likelihood), or red (high impact/likelihood).
  4. Find commonalities within the medium/high areas and list the users or services as priorities to be addressed.
Input Output
  • Network, application, and security documentation
  • A prioritized list of areas to address with segmentation
Materials Participants
  • Whiteboard/Flip Charts


  • Excel spreadsheet
  • Network Team
  • Application Team
  • Security Team
  • Data Team

Design segmentation

Segmentation comes in many flavors; decide which is right for the specific circumstance.


Access control

"Learning to choose is hard. Learning to choose well is harder. And learning to choose well in a world of unlimited possibilities is harder still, perhaps too hard."

― Barry Schwartz, The Paradox of Choice: Why More Is Less

What is the best method to segment the particular user group, service, or environment in question?

How can data or user access move safely and securely between network segments?

Decide on which methods work for your circumstances

You always have options…

There are multiple lenses to look through when making the decision of what the correct segmentation method might be for any given user group or service. A potential subset could include:

  • Effort to deploy
  • Cost of the solution
  • Skills required to operate
  • Granularity of the segmentation
  • Adaptability of the solution
  • Level of automation in the solution

Info-Tech Insight

Network segmentation within an organization is rarely a one-size-fits-all proposition. Be sure to look at each situation that has been identified to need segmentation and align it with an appropriate solution. The overall number of solutions deployed has to maintain a balance between that appropriateness and the effort to manage multiple environments.

Framework to examine segmentation methods

To assess we need to understand.

To assess when technologies or methodologies are appropriate for a segmentation use case, we need to understand what those options are. We will be examining potential segmentation methods and concepts within the following framework:


A description of the segmentation technology, method, or concept.


Why would this be used over other choices and/or in what circumstances?


A high-level overview of how this option could or would be deployed.

Notional assessments will be displayed in a sidebar to give an idea of Effort, Cost, Skills, Granularity, Adaptability, and Automation.


Notional level of effort to implement on a standard network


Relative cost of implementing this segmentation strategy


Notional level of time and skills needed to maintain


How granular this type of segmentation is in general


The ability of the solution to be easily modified or changed


The level of automation inherent in the solution

Air gap

… And never the twain shall meet.

– Rudyard Kipling, “The Ballad of East and West.”


Air gapping is a strategy to protect portions of a network by segmenting those portions and running them on completely separate hardware from the primary network. In an air gap scenario, the segmented network cannot have connectivity to outside networks. This difference makes air gapping a very specific implementation of parallel networks (which are still segmented and run on separate hardware but can be connected through a control point).


Air gap is a traditional choice when environments need to be very secure. Examples where air gaps exist(ed) are:

  • Operational technology (OT) networks
  • Military networks
  • Critical infrastructure


Most networks are not overprovisioned to a level that physical segmentation can be done without purchasing new equipment. The major steps required for constructing an air gap include:

  • Design segmentation
  • Purchase and install new hardware
  • Cable to new hardware

The image contains a screenshot that demonstrates pie graphs with the notional assessments: Effort, Cost, Skills, Granularity, and Automation.

Info-Tech Insight

An air gapped network is the ultimate in segmentation and security … as long as the network does not require connectivity. It is unfortunately rare in today’s world that a network will stand on its own without any need for external connectivity.


Do what you can, with what you’ve got…

– Theodore Roosevelt


Virtual local area networks (VLANs) are a standard feature on today’s firewalls, routers, and manageable switches. This configuration option allows for network traffic to be segmented into separate virtual networks (broadcast domains) on existing hardware. This segmentation is done at layer 2 of the OSI model. All traffic will share the same hardware but be partitioned based on “tags” that the local device applies to the traffic. Because of these tags, traffic is handled separately at layer 2 of the OSI model, but traffic can pass between segments at layer 3 (e.g. IP layer).


VLANs are commonly used because most existing deployments already have the technology available without extra licensing. VLANs are also potentially used as foundational components in more complex segmentation strategies such as static or dynamic overlays.


VLANs allow for segmentation of a device at the port level. VLAN strategies are generally on a location level (e.g. most VLAN deployments are local to a site, though the same structure may be used among sites). To deploy VLANs you must:

  • Define VLAN segments
  • Assign ports appropriately

The image contains a screenshot that demonstrates pie graphs with the notional assessments: Effort, Cost, Skills, Granularity, and Automation.

Info-Tech Insight

VLANs are tried and true segmentation workhorses. The fact that they are already included in modern manageable solutions means that there is very little reason to not have some level of segmentation within a network.


Everyone is against micromanaging, but macro managing means you’re working on the big picture but don’t understand the details.

– Henry Mintzberg


Micro-segmentation is used to secure and control network traffic between workloads. This is a foundational technology when implementing zero trust or least-privileged access network designs. Segmentation is done at or directly adjacent to the workload (on the system or its direct network connectivity) through firewall or similar policy controls. The controls are set to only allow the network communication required to execute the workload and is limited to appropriate endpoints. This restrictive design restricts all traffic (including east-west) and reduces the attack surface.


Micro-segmentation is primarily used:

  • In server-to-server communication.
  • When lateral movement by bad actors is identified as a concern.


Micro-segmentation can be deployed at different places within the connectivity depending on the technologies used:

  • Workload/server (e.g. server firewall)
  • VM network overlay (e.g. VMware NSX)
  • Network port (e.g. ACL, firewall, ACI)
  • Cloud native (e.g. Azure Firewall)

Info-Tech Insight

Micro-segmentation is necessary in the data center to limit lateral movement. Just be sure to be thorough in defining required communication as this technology works on allowlists, not traditional blocklists.

Static overlay

Adaptability is key.

– Marc Andreessen


Static overlays are a form of virtual segmentation that allows multiple network segments to exist on the same device. Most of these solutions will also allow for these segments to expand across multiple devices or sites, creating overlay virtual networks on top of the existing physical networks. The static nature of the solution is because the ports that participate in the overlays are statically assigned and configured. Connectivity between devices and sites is done through encapsulation and may have a dynamic component of the control plane handled through routing protocols.


Static overlays are commonly deployed when the need is to segment different use cases or areas of the organization consistently across sites while allowing easy access within the segments between sites. This could be representative of segmenting a department like Finance or extending a layer 2 segment across data centers.


Static overlays are can segment and potentially extend a layer 2 or layer 3 network. These solutions could be executed with technologies such as:

  • VXLAN (Virtual eXtensible LAN)
  • MPLS (Multi Protocol Label Switching)
  • VRF (Virtual Routing & Forwarding)

The image contains a screenshot that demonstrates pie graphs with the notional assessments: Effort, Cost, Skills, Granularity, and Automation.

Info-Tech Insight

Static overlays are commonly deployed by telecommunications providers when building out their service offerings due to the multitenancy requirements of the network.

Dynamic overlay

Never tell people how to do things. Tell them what to do and they will surprise you with their ingenuity.

– George S. Patton


A dynamic overlay segmentation solution has the ability to make security or traffic decisions based on policy. Rather than designing and hardcoding the network architecture, the policy is architected and the network makes decisions based on that policy. Differing levels of control exist in this space, but the underlying commonality is that the segmentation would be considered “software defined” (SDN).


Dynamic overlay solutions provide the most flexibility of the presented solutions. Some use cases such as BYOD or IoT devices may not be easily identified or controlled through static means. As a general rule of thumb, the less static the network is, the more dynamic your segmentation solution must be.


Policy is generally applied at the network ingress. When applying policy, which policy to be applied can be identified through different methodologies such as:

  • Authentication (e.g. 802.1x)
  • Device agents
  • Device profiling

The image contains a screenshot that demonstrates pie graphs with the notional assessments: Effort, Cost, Skills, Granularity, and Automation.

Info-Tech Insight

Dynamic overlays allow for more flexibility through its policy-based configurations. These solutions can provide the highest value when positioned where we have less control of the points within a network (e.g. BYOD scenarios).

Define how your segments will communicate

No segment is an island…

Network segmentation allows for protection of devices, users, or data through the act of separating the physical or virtual networks they are on. Counter to this protective stance, especially in today’s networks, these devices, users, or data tend to need to interact with each other outside of the neat lines we draw for them. Proper network segmentation has to allow for the transfer of assets between networks in a safe and secure manner.

Info-Tech Insight

The solutions used to facilitate the controlled communication between segments has to consider the friction to the users. If too much friction is introduced, people will try to find a way around the controls, potentially negating the security that is intended with the solution.

Potential access methods

A ship in harbor is safe, but that is not what ships are built for.

– John A. Shedd


Two-way controlled communication

Firewalls are tried and true control points used to join networks. This solution will allow, at minimum, port-level control with some potential for deeper inspection and control beyond that.

  • Traditionally firewalls are sized to handle internet-bound (North-South) traffic. When being used between segments, (East-West) loads are usually much higher, necessitating a more powerful device.

Jump Box

A place between worlds

Also sometimes referred to as a “Bastion Host,” a jump box is a special-purpose computer/server that has been hardened and resides on multiple segments of a network. Administrators or users can log into this box and use it to securely use the tools installed to act on other segments of the network.

  • Jump box security is of utmost importance. Special care should be taken in hardening, configuration, and application installed to ensure that users cannot use the box to tunnel or traverse between the segments outside of well-defined and controlled circumstances.

Protocol Gateway

Command-level control

A protocol gateway is a specific and special subset of a firewall. Whereas a firewall is a security generalist, a protocol gateway is designed to understand and have rule-level control over the commands passing through it within defined protocols. This granularity, for example, allows for control and filtering to only allow defined OT commands to be passed to a secure SCADA network.

  • Protocol gateways are generally specific feature sets of a firewall and traditionally target OT network security as their core use case.

Network Pump

One-way data extraction

A network pump is a concept designed to allow data to be transferred from a secure network to a less secure network while still protecting against covert channels such as using the ACK within a transfer to transmit data. A network pump will consist of trusted processes and schedulers that allow for data to pass but control channels to be sufficiently modified so as to not allow security concerns.

  • Network pumps would generally be deployed in the most security demanding of environments and are generally not “off the shelf” products.

Operate and optimize

Security is not static. Monitor and iterate on policies within the environment.



Two in three businesses (68%) allow more employee data access than necessary.

GetApp's 2022 Data Security Survey Report

Are the segmentation efforts resulting in the expected traffic changes? Are there any anomalies that need investigation?

Using the output from the monitoring stage, refine and optimize the design by iterating on the process.

Monitor for efficacy, compliance, and the unknown

Monitor to ensure your intended results and to identify new potential risks.

Monitoring network segments

A combination of passive and active monitoring is required to ensure that:

  • The rules that have been deployed are working as expected.
  • Appropriate proof of compliance is in place for auditing and insurance purposes.
  • Environments are being monitored for unexpected traffic.

Active monitoring goes beyond the traditional gathering of information for alerts and dashboards and moves into the space of synthetic users and anomaly detection. Using these strategies helps to ensure that security is enforced appropriately and responses to issues are timely.

"We discovered in our research that insider threats are not viewed as seriously as external threats, like a cyberattack. But when companies had an insider threat, in general, they were much more costly than external incidents. This was largely because the insider that is smart has the skills to hide the crime, for months, for years, sometimes forever."

– Dr. Larry Ponemon, Chairman Ponemon Institute, at SecureWorld Boston

Info-Tech Insight

Using solutions like network detection and response (NDR) will allow for monitoring to take advantage of advanced analytical techniques like artificial intelligence (AI) and machine learning (ML). These technologies can help identify anomalies that a human might miss.

Monitoring options

It’s not what you look at that matters, it’s what you see.

– Henry David Thoreau


Monitor cumulative change in a variable

Traditional network monitoring is a minimum viable product. With this solution variables can be monitored to give some level of validation that the segmentation solution is operating as expected. Potential areas to monitor include traffic volumes, access-list (ACL) matches, and firewall packet drops.

  • This is expected baseline monitoring. Without at least this level of visibility, it is hard to validate the solutions in place

Rules Based

Inspect traffic to find a match against a library of signatures

Rules-based systems will monitor traffic against a library of signatures and alert on any matches. These solutions are good at identifying the “known” issues on the network. Examples of these systems include security incident and event management (SIEM) and intrusion detection/prevention systems (IDS/IPS).

  • These solutions are optimally used when there are known signatures to validate traffic against.
  • They can identify known attacks and breaches.

Anomaly Detection

Use computer intelligence to compare against baseline

Anomaly detection systems are designed to baseline the network traffic then compare current traffic against that to find anomalies using technologies like Bayesian regression analysis or artificial intelligence and machine learning (AI/ML). This strategy can be useful in analyzing large volumes of traffic and identifying the “unknown unknowns.”

  • Computers can analyze large volumes of data much faster than a human. This allows these solutions to validate traffic in (near) real-time and alert on things that are out of the ordinary and would not be easily visible to a human.

Synthetic Data

Mimic potential traffic flows to monitor network reaction

Rather than wait for a bad actor to find a hole in the defenses, synthetic data can be used to mimic real-world traffic to validate configuration and segmentation. This often takes the form of real user monitoring tools, penetration testing, or red teaming.

  • Active monitoring or testing allows a proactive stance as opposed to a reactive one.

Gather feedback, assess the situation, and iterate

Take input from operating the environment and use that to optimize the process and the outcome.

Optimize through iteration

Output from monitoring must be fed back into the process of maintaining and optimizing segmentation. Network segmentation should be viewed as an ongoing process as opposed to a singular structured project.

Monitoring can and will highlight where and when the segmentation design is successful and when new traffic flows arise. If these inputs are not fed back through the process, designs will become stagnant and admins or users will attempt to find ways to circumvent solutions for ease of use.

"I think it's very important to have a feedback loop, where you're constantly thinking about what you've done and how you could be doing it better. I think that's the single best piece of advice: constantly think about how you could be doing things better and questioning yourself."

– Elon Musk, qtd. in Mashable, 2012

Info-Tech Insight

The network environment will not stay static; flows will change as often as required for the business to succeed. Take insights from monitoring the environment and integrate them into an iterative process that will maintain relevance and usability in your segmentation.


Andreessen, Marc. “Adaptability is key.” BrainyQuote, n.d.
Barry Schwartz. The Paradox of Choice: Why More Is Less. Harper Perennial, 18 Jan. 2005.
Capers, Zach. “GetApp’s 2022 Data Security Report—Seven Startling Statistics.” GetApp,
19 Sept. 2022.
Cisco Systems, Inc. “Cybersecurity resilience emerges as top priority as 62 percent of companies say security incidents impacted business operations.” PR Newswire, 6 Dec. 2022.
“Dynamic Network Segmentation: A Must-Have for Digital Businesses in the Age of Zero Trust.” Forescout Whitepaper, 2021. Accessed Nov. 2022.
Eaves, Johnothan. “Segmentation Strategy - An ISE Prescriptive Guide.” Cisco Community,
26 Oct. 2020. Accessed Nov. 2022.
Kambic, Dan, and Jason Fricke. “Network Segmentation: Concepts and Practices.” Carnegie Mellon University SEI Blog, 19 Oct. 2020. Accessed Nov. 2022.
Kang, Myong H., et al. “A Network Pump.” IEEE Transactions on Software Engineering, vol. 22 no. 5, May 1996.
Kipling, Rudyard. “The Ballad of East and West.” Ballads and Barrack-Room Ballads, 1892.
Mintzberg, Henry. “Everyone is against micro managing but macro managing means you're working at the big picture but don't know the details.” AZ Quotes, n.d.
Murphy, Greg. “A Reimagined Purdue Model For Industrial Security Is Possible.” Forbes Magazine, 18 Jan. 2022. Accessed Oct. 2022.
Patton, George S. “Never tell people how to do things. Tell them what to do and they will surprise you with their ingenuity.” BrainyQuote, n.d.
Ponemon, Larry. “We discovered in our research […].” SecureWorld Boston, n.d.
Roosevelt, Theodore. “Do what you can, with what you've got, where you are.” Theodore Roosevelt Center, n.d.
Sahoo, Narendra. “How Does Implementing Network Segmentation Benefit Businesses?” Vista Infosec Blog. April 2021. Accessed Nov. 2022.
“Security Outcomes Report Volume 3.” Cisco Secure, Dec 2022.
Shedd, John A. “A ship in harbor is safe, but that is not what ships are built for.” Salt from My Attic, 1928, via Quote Investigator, 9 Dec. 2023.
Singleton, Camille, et al. “X-Force Threat Intelligence Index 2022” IBM, 17 Feb. 2022.
Accessed Nov. 2022.
Stone, Mark. “What is network segmentation? NS best practices, requirements explained.” AT&T Cyber Security, March 2021. Accessed Nov. 2022.
“The State of Breach and Attack Simulation and the Need for Continuous Security Validation: A Study of US and UK Organizations.” Ponemon Institute, Nov. 2020. Accessed Nov. 2022.
Thoreau, Henry David. “It’s not what you look at that matters, it’s what you see.” BrainyQuote, n.d.
Ulanoff, Lance. “Elon Musk: Secrets of a Highly Effective Entrepreneur.” Mashable, 13 April 2012.
“What Is Microsegmenation?” Palo Alto, Accessed Nov. 2022.
“What is Network Segmentation? Introduction to Network Segmentation.” Sunny Valley Networks, n.d.

About Info-Tech

Info-Tech Research Group is the world’s fastest-growing information technology research and advisory company, proudly serving over 30,000 IT professionals.

We produce unbiased and highly relevant research to help CIOs and IT leaders make strategic, timely, and well-informed decisions. We partner closely with IT teams to provide everything they need, from actionable tools to analyst guidance, ensuring they deliver measurable results for their organizations.

What Is a Blueprint?

A blueprint is designed to be a roadmap, containing a methodology and the tools and templates you need to solve your IT problems.

Each blueprint can be accompanied by a Guided Implementation that provides you access to our world-class analysts to help you get through the project.

Talk to an Analyst

Our analyst calls are focused on helping our members use the research we produce, and our experts will guide you to successful project completion.

Book an Analyst Call on This Topic

You can start as early as tomorrow morning. Our analysts will explain the process during your first call.

Get Advice From a Subject Matter Expert

Each call will focus on explaining the material and helping you to plan your project, interpret and analyze the results of each project step, and set the direction for your next project step.

Unlock Sample Research


Scott Young

Search Code: 100537
Last Revised: February 13, 2023

Visit our IT Cost Optimization Center
Over 100 analysts waiting to take your call right now: 1-519-432-3550 x2019