Micro-segmentation is the art of using software-defined policies, instead of hardware network configurations, to make network security more flexible. It can only work if implemented with right tools and forethought.
There are four architectural models used in micro segmentation. They are:
- Hybrid model – it is a combination of third-party and native controls
- Overlay model – usually uses a type of software or agent within every host, instead of using moderating communications. Vendors of this model include Unisys, vArmour, Vmware NSX, ShieldX, Juniper, Illumio, Guardicore, Drawbridge Networks, CloudPassage, and Cisco.
- Third-party model – mainly based on a virtual firewall presented by third-party firewall vendors. They include Huawei, Sophos, SonicWall, Palo Alto, Juniper, Fortinet, Checkpoint, and Cisco.
- Native model – makes use of included or inherent capabilities provided within various areas such as infrastructure, operating hypervisor/system, IaaS, or virtualization platform.