Few Firms Use Segmentation, Despite Security Benefits

The move to a segmented infrastructure is not a revolutionary effort, its an evolutionary one. The slow, steady migration to segmentation is the only realistic path to success. Networking teams should take advantage of the migration to the cloud or other virtual infrastructure to move to a segmented model in a methodological way; new applications should be deployed using such a model, not spending time trying to retrofit archaic, flat network topologies.

The other thing to consider is leveraging solutions other than firewalls for segmentation.  Leveraging ACL’s and NAC’s is a cleaner solution and can manage the majority of the intra-networking controls far better than firewall rules.