{"id":18258,"date":"2021-03-16T05:51:10","date_gmt":"2021-03-16T05:51:10","guid":{"rendered":"https:\/\/www.esecurityplanet.com\/?p=18258"},"modified":"2023-03-29T17:01:45","modified_gmt":"2023-03-29T17:01:45","slug":"how-to-implement-microsegmentation","status":"publish","type":"post","link":"https:\/\/www.esecurityplanet.com\/networks\/how-to-implement-microsegmentation\/","title":{"rendered":"How to Implement Microsegmentation"},"content":{"rendered":"<p><span style=\"font-weight: 400;\">In an era where the network edge faces the highest traffic, organizations rush to add more robust security yet hesitate to take on the long-term endeavor known as <\/span><a href=\"https:\/\/www.esecurityplanet.com\/threats\/microsegmentation-zero-trust-security\/\"><span style=\"font-weight: 400;\">microsegmentation<\/span><\/a><span style=\"font-weight: 400;\">. Microsegmentation is about identifying your organization&#8217;s most valuable network segments, establishing strict communication policies, and becoming the master of your network flows. Unlike traditional network segmentation, which is vital to network performance and management, microsegmentation further addresses critical issues related to security and business dexterity.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">As the <\/span><a href=\"https:\/\/www.esecurityplanet.com\/products\/zero-trust-security-solutions\/\"><span style=\"font-weight: 400;\">zero trust architecture<\/span><\/a><span style=\"font-weight: 400;\">&#8216;s core technology, implementing microsegmentation isn&#8217;t about heavily restricting communication within a network. Instead, by enhancing visibility into how data flows, network administrators can work with business and security analysts to create application enabled policies. Success in implementing microsegmentation for your organization means tagging traffic, servicing regular business communications, adapting to <\/span><a href=\"https:\/\/www.esecurityplanet.com\/products\/threat-intelligence-platforms\/\"><span style=\"font-weight: 400;\">threats<\/span><\/a><span style=\"font-weight: 400;\">, and denying all other anomalies.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">This article dives into the approaches to microsegmentation, steps your organization can take to implement microsegmentation, and why you can move towards preventing lateral movement today.<\/span><\/p>\n<p><strong><em>See our picks for <a href=\"https:\/\/www.esecurityplanet.com\/networks\/microsegmentation-software\/\">Top Microsegmentation Products<\/a><\/em><\/strong><\/p>\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_68_1 ez-toc-wrap-left counter-flat ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<p class=\"ez-toc-title\">Table of Contents<\/p>\n<label for=\"ez-toc-cssicon-toggle-item-66d6f11eafbaf\" class=\"ez-toc-cssicon-toggle-label\"><span class=\"ez-toc-cssicon\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #ffffff;color:#ffffff\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #ffffff;color:#ffffff\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/label><input type=\"checkbox\"  id=\"ez-toc-cssicon-toggle-item-66d6f11eafbaf\"  aria-label=\"Toggle\" \/><nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/www.esecurityplanet.com\/networks\/how-to-implement-microsegmentation\/#Approaches-to-microsegmentation\" title=\"Approaches to microsegmentation\">Approaches to microsegmentation<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/www.esecurityplanet.com\/networks\/how-to-implement-microsegmentation\/#Environment-and-security-vs-microsegmentation\" title=\"Environment and security vs. microsegmentation\">Environment and security vs. microsegmentation<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/www.esecurityplanet.com\/networks\/how-to-implement-microsegmentation\/#Best-practices-for-microsegmentation\" title=\"Best practices for microsegmentation\">Best practices for microsegmentation<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/www.esecurityplanet.com\/networks\/how-to-implement-microsegmentation\/#Initiate-your-action-plan\" title=\"Initiate your action plan\">Initiate your action plan<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/www.esecurityplanet.com\/networks\/how-to-implement-microsegmentation\/#Why-microsegmentation\" title=\"Why microsegmentation?\">Why microsegmentation?<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/www.esecurityplanet.com\/networks\/how-to-implement-microsegmentation\/#Mastering-your-network-traffic\" title=\"Mastering your network traffic\">Mastering your network traffic<\/a><\/li><\/ul><\/nav><\/div>\n<h2><span class=\"ez-toc-section\" id=\"Approaches-to-microsegmentation\"><\/span><b>Approaches to microsegmentation<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-weight: 400;\">Ten years after the conceptual roots of zero trust, the cybersecurity industry has four methods for implementing microsegmentation: network fabric, hypervisor, agent, or NFGWs. While all four approaches can help your organization move towards microsegmentation, some are critical to comprehensive <\/span><a href=\"https:\/\/www.esecurityplanet.com\/products\/best-network-security-tools\/\"><span style=\"font-weight: 400;\">network security<\/span><\/a><span style=\"font-weight: 400;\">.\u00a0<\/span><\/p>\n<h3><b>Fabric-Based Enforcement<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">The first approach is doubling your network fabric for microsegmentation. Gartner calls <\/span><a href=\"https:\/\/www.gartner.com\/en\/information-technology\/glossary\/fabric-based-infrastructure-fbi\"><span style=\"font-weight: 400;\">fabric-based infrastructure<\/span><\/a><span style=\"font-weight: 400;\"> (FBI) the vertical integration of hardware and software, providing &#8220;real-time&#8221; management access to your infrastructure. For traditional data centers (DC) and software-defined data centers (SDDC), using the network fabric can be an essential enforcement point. However, implementing microsegmentation via the network fabric in cloud environments is a different story.\u00a0<\/span><\/p>\n<h3><b>Utilizing a Hypervisor<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">Another route is microsegmentation built-in at the <\/span><a href=\"https:\/\/www.esecurityplanet.com\/networks\/\"><span style=\"font-weight: 400;\">hypervisor<\/span><\/a><span style=\"font-weight: 400;\"> level. Like the fabric-based approach, a network hypervisor, also known as a virtual machine (VM) manager, serves as an enforcement point for traffic across your network of devices. Also, like the network fabric, the hypervisor is amenable to an SDDC environment.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Utilizing a hypervisor can eliminate the need to manage and <\/span><a href=\"https:\/\/www.esecurityplanet.com\/products\/patch-management-software\/\"><span style=\"font-weight: 400;\">patch<\/span><\/a><span style=\"font-weight: 400;\"> software for each machine. This approach also facilitates a common practice for microsegmentation&#8211;the natural collaboration between security analysts and network administrators.<\/span><\/p>\n<h3><b>Outsource Endpoint Protection<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">The third method is seeking assistance from vendors specialized in <\/span><a href=\"https:\/\/www.esecurityplanet.com\/products\/edr-solutions\/\"><span style=\"font-weight: 400;\">endpoint <\/span><\/a><span style=\"font-weight: 400;\">protection. This agent-based method translates to real-time protection of your policies. Outsourcing endpoint agents would interfere with the collaboration between network and security forces in-house but is an organizational choice. Agent solutions along with NGFWs can work across all three environments.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Major endpoint security vendors include BitDefender, Check Point, CrowdStrike, Sophos, Symantec, Trend Micro, and VMWare.\u00a0<\/span><\/p>\n<p><b>Also Read: <\/b><a href=\"https:\/\/www.esecurityplanet.com\/endpoint\/endpoint-security-its-way-more-complicated-than-you-think\/\"><span style=\"font-weight: 400;\">Endpoint Security: It&#8217;s Way More Complicated than You Think<\/span><\/a><\/p>\n<h3><b>Raise Next-Generation Firewalls\u00a0<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">Lastly, and probably the most advanced microsegmentation method is <\/span><a href=\"https:\/\/www.esecurityplanet.com\/products\/top-ngfw\/\"><span style=\"font-weight: 400;\">next-generation firewalls<\/span><\/a><span style=\"font-weight: 400;\"> (NGFWs). NGFWs work across all three environments and provide security up to Layer-7, making them a valued tool for deep-packet inspection, application controls, and <\/span><a href=\"https:\/\/www.esecurityplanet.com\/products\/intrusion-detection-and-prevention-systems\/\"><span style=\"font-weight: 400;\">IDPS<\/span><\/a><span style=\"font-weight: 400;\">. While not initially intended for the cloud, NGFW vendors are increasingly offering their security solutions in the form of <\/span><a href=\"https:\/\/www.esecurityplanet.com\/cloud\/firewalls-as-a-service-fwaas\/\"><span style=\"font-weight: 400;\">firewalls as a service<\/span><\/a><span style=\"font-weight: 400;\"> (FWaaS).\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Major NGFW vendors include Barracuda, Cisco, Fortinet, Huawei, Juniper, Palo Alto Networks, and SonicWall.\u00a0<\/span><\/p>\n<p><b>Also Read: <\/b><a href=\"https:\/\/www.esecurityplanet.com\/products\/top-ngfw\/\"><span style=\"font-weight: 400;\">Top Ten Next-Generation Firewall (NGFW) Vendors<\/span><\/a><\/p>\n<h2><span class=\"ez-toc-section\" id=\"Environment-and-security-vs-microsegmentation\"><\/span><b>Environment and security vs. microsegmentation<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-weight: 400;\">When considering different approaches to microsegmentation, the network&#8217;s environments and security requirements are handy indicators. Currently, assets are traveling from traditional DCs to SDDCs and <\/span><a href=\"https:\/\/www.esecurityplanet.com\/products\/cloud-security-companies\/\"><span style=\"font-weight: 400;\">public or multi-cloud<\/span><\/a><span style=\"font-weight: 400;\"> environments without further safeguards.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Application-level policies are quickly becoming the standard for network security, making the first three approaches lesser than without the power of NGFWs. The network fabric and vendor approaches can only offer protection for layers 2-4, while utilizing NGFWs is the only approach that identifies threats and full Layer-7 visibility and enforcement security. Organizations enabling multiple methods only add to their security posture, potentially stopping malicious traffic at the network fabric or hypervisor levels before it even reaches your inner <\/span><a href=\"https:\/\/www.esecurityplanet.com\/cloud\/firewalls-as-a-service-fwaas\/\"><span style=\"font-weight: 400;\">firewalls<\/span><\/a><span style=\"font-weight: 400;\">.<\/span><\/p>\n<p><b>Also Read:<\/b> <a href=\"https:\/\/www.esecurityplanet.com\/cloud\/firewalls-as-a-service-fwaas\/\"><span style=\"font-weight: 400;\">Firewalls as a Service (FWaaS): The Future of Network Firewalls?\u00a0<\/span><\/a><\/p>\n<h2><span class=\"ez-toc-section\" id=\"Best-practices-for-microsegmentation\"><\/span><b>Best practices for microsegmentation<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-weight: 400;\">For microsegmentation, it is as much about the process as it is the technology. Fail to follow the steps meticulously, and you&#8217;ll only prolong the project and cause unnecessary headaches.\u00a0<\/span><\/p>\n<h3><b>No Traffic Left Behind<\/b><\/h3>\n<p><a href=\"https:\/\/www.esecurityplanet.com\/threats\/microsegmentation-zero-trust-security\/\"><span style=\"font-weight: 400;\">Microsegmentation<\/span><\/a><span style=\"font-weight: 400;\"> means unblemished visibility of north-south and east-west traffic flows. During the network discovery stage, the information gathered should be on the applications, workloads, and active connections between them. Sources of additional could be configuration management databases (CMDBs), orchestration tools, system inventories, traffic add events logs, firewalls and <\/span><a href=\"https:\/\/www.esecurityplanet.com\/products\/siem-tools\/\"><span style=\"font-weight: 400;\">SIEM<\/span><\/a><span style=\"font-weight: 400;\">, and load balancers.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Depending on your IT team&#8217;s size and resources, vendors also offer third-party or configurable software for mapping transaction flows across on-prem and cloud network infrastructure. Mapping these flows is critical as you don&#8217;t want to inhibit everyday business communication while shutting down unnecessary connections.<\/span><\/p>\n<h3><b>Move Towards Zero Trust<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">Microsegmentation and the zero trust architecture go hand in hand. Your <\/span><span style=\"font-weight: 400;\">attack<\/span><span style=\"font-weight: 400;\"> surface<\/span><span style=\"font-weight: 400;\">, often seen as your network perimeter, is unmanageable in the current networking boom. By meticulously logging and identifying the &#8220;protect surface,&#8221; your most valuable segments, gives administrators clear guidelines for the steps to follow.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Your protect surfaces, or as Palo Alto Networks would say, your <\/span><a href=\"https:\/\/www.paloaltonetworks.com\/cyberpedia\/zero-trust-5-step-methodology\"><span style=\"font-weight: 400;\">data, applications, assets, and services<\/span><\/a><span style=\"font-weight: 400;\"> (DAAS), are the priorities. These segments are typically crucial to the organization&#8217;s survival, compliance-related, or exploitable. Once defined, the work of establishing segmentation gateways or NGFWs begins.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">In line with the zero trust framework, the end goal must be whitelisting. With visualization technology to assist in managing policy rules and threats, the result of microsegmentation is a network that denies any anomalies. All traffic is known, tagged, or verified, preventing any potential vulnerabilities related to trust.\u00a0<\/span><\/p>\n<h3><b>Tag Your Workloads<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">Tagging workloads is the next major upgrade for any organization. While security professionals once wrote IP and subnet-based policies and relied on network constructs such as VLAN\/IP\/VRFs, those days are becoming a thing of the past.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Identifying and labeling workload tags inside your network is an incredible value-add when considering <\/span><a href=\"https:\/\/www.esecurityplanet.com\/threats\/automated-security-risk-assessments\/\"><span style=\"font-weight: 400;\">automated solutions<\/span><\/a><span style=\"font-weight: 400;\"> for tagging existing and new application workloads. With the appeal of scalability and expansion of cloud computing, workload tagging allows for formidable security and business agility. Workload tags for organizations often include:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Role<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Application<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Classification<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Compliance<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Environment<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Location\u00a0<\/span><\/li>\n<\/ul>\n<h3><b>Create a Comprehensive Policy<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">A comprehensive policy requires strict security policies and <\/span><a href=\"https:\/\/www.esecurityplanet.com\/threats\/threat-hunting\/\"><span style=\"font-weight: 400;\">threat detection<\/span><\/a><span style=\"font-weight: 400;\">. And in the case of microsegmentation, these policies exist within the network at your micro-perimeters. Features of your entire micro-segmented network of policies must include controls like app-id, user-id, file-based restrictions, URL filtering, and threat prevention.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">There is no industry-wide standard for testing your policies before moving to enforcement. Because the nature of zero trust infrastructure and microsegmentation is custom to the network, it is an in-house question of whether it meets your requirements. Not prioritizing a comprehensive policy can leave your team struggling to segment <\/span><span style=\"font-weight: 400;\">HTTP\/2 applications<\/span><span style=\"font-weight: 400;\"> and <\/span><a href=\"https:\/\/www.esecurityplanet.com\/networks\/\"><span style=\"font-weight: 400;\">SSL<\/span><\/a><span style=\"font-weight: 400;\"> decryption or at risk of attacks like DNS tunneling.<\/span><\/p>\n<h3><b>Enforce Adaptive Policies<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">While microsegmentation can help establish a clear picture of your existing network, it also needs to be an adaptive solution. This step requires the full vision of threat prevention, malware and phishing, and firewall logs in real-time. With new IPs continually moving in and out of networks, automated tag-based systems are the future.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">With automated and machine learning technology, those logs exist with granular filtering, and your system can dynamically give tags to previously unidentified workloads. An example of this might be requiring MFA for an IP address that is labeled compromised.\u00a0<\/span><\/p>\n<p><b>Also Read<\/b><span style=\"font-weight: 400;\">: <\/span><a href=\"https:\/\/www.esecurityplanet.com\/threats\/automated-security-risk-assessments\/\"><span style=\"font-weight: 400;\">Automating Security Risk Assessments for Better Protection<\/span><\/a><\/p>\n<h2><span class=\"ez-toc-section\" id=\"Initiate-your-action-plan\"><\/span><b>Initiate your action plan<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-weight: 400;\">In John Friedman and Illumio&#8217;s &#8220;<\/span><a href=\"https:\/\/cdn2.hubspot.net\/hubfs\/407749\/Downloads\/Illumio_eBook_The_Definitive_Guide_to_Micro_Segmentation_2017_08.pdf\"><span style=\"font-weight: 400;\">The Definitive Guide to Micro-Segmentation<\/span><\/a><span style=\"font-weight: 400;\">,&#8221; you can get a deep insight into the technical details of why, what, where, when, and how to implement microsegmentation. As for steps to implementation, Mr. Friedman offers twelve that we briefly describe:\u00a0<\/span><\/p>\n<table>\n<tbody>\n<tr>\n<td colspan=\"2\"><b>Step<\/b><\/td>\n<td><b>Description\u00a0<\/b><\/td>\n<\/tr>\n<tr>\n<td><span style=\"font-weight: 400;\">1<\/span><\/td>\n<td><span style=\"font-weight: 400;\">Big Bang not required<\/span><\/td>\n<td><span style=\"font-weight: 400;\">No quick action is necessary. Approach gradually, with attention to process.<\/span><\/td>\n<\/tr>\n<tr>\n<td><span style=\"font-weight: 400;\">2<\/span><\/td>\n<td><span style=\"font-weight: 400;\">Select the project team<\/span><\/td>\n<td><span style=\"font-weight: 400;\">Typically includes: executive, security architect, tech lead, and project management (consider vendor).<\/span><\/td>\n<\/tr>\n<tr>\n<td><span style=\"font-weight: 400;\">3<\/span><\/td>\n<td><span style=\"font-weight: 400;\">Train the team<\/span><\/td>\n<td><span style=\"font-weight: 400;\">Educate all team members about the purpose and functionality of microsegmentation.<\/span><\/td>\n<\/tr>\n<tr>\n<td><span style=\"font-weight: 400;\">4<\/span><\/td>\n<td><span style=\"font-weight: 400;\">Design documents and project plan<\/span><\/td>\n<td><span style=\"font-weight: 400;\">The leap to a long-term plan for complete microsegmentation execution.<\/span><\/td>\n<\/tr>\n<tr>\n<td><span style=\"font-weight: 400;\">5<\/span><\/td>\n<td><span style=\"font-weight: 400;\">Install microsegmentation solutions<\/span><\/td>\n<td><span style=\"font-weight: 400;\">Begin testing microsegmentation on applications with feedback.<\/span><\/td>\n<\/tr>\n<tr>\n<td><span style=\"font-weight: 400;\">6<\/span><\/td>\n<td><span style=\"font-weight: 400;\">Integrate logs, events, and threats<\/span><\/td>\n<td><span style=\"font-weight: 400;\">Large scale rollout integrating log and event management tools to monitor network traffic.<\/span><\/td>\n<\/tr>\n<tr>\n<td><span style=\"font-weight: 400;\">7<\/span><\/td>\n<td><span style=\"font-weight: 400;\">Prioritize application groups<\/span><\/td>\n<td><span style=\"font-weight: 400;\">Rank and tag application groups based on security\/business priority and ease of microsegmentation.<\/span><\/td>\n<\/tr>\n<tr>\n<td><span style=\"font-weight: 400;\">8<\/span><\/td>\n<td><span style=\"font-weight: 400;\">Discovery and visibility<\/span><\/td>\n<td rowspan=\"4\"><span style=\"font-weight: 400;\">For each application group, you now repeat the following steps to better understand traffic, model potential policies, and then test policies. Once it\u2019s time to enforce those policies, the rapid response period begins for ensuring all is working as planned.\u00a0<\/span><\/td>\n<\/tr>\n<tr>\n<td><span style=\"font-weight: 400;\">9<\/span><\/td>\n<td><span style=\"font-weight: 400;\">Model policies<\/span><\/td>\n<\/tr>\n<tr>\n<td><span style=\"font-weight: 400;\">10<\/span><\/td>\n<td><span style=\"font-weight: 400;\">Test policies<\/span><\/td>\n<\/tr>\n<tr>\n<td><span style=\"font-weight: 400;\">11<\/span><\/td>\n<td><span style=\"font-weight: 400;\">Be ready to fix problems<\/span><\/td>\n<\/tr>\n<tr>\n<td><span style=\"font-weight: 400;\">12<\/span><\/td>\n<td><span style=\"font-weight: 400;\">Extend and refine\u00a0<\/span><\/td>\n<td><span style=\"font-weight: 400;\">Once implemented, don\u2019t disband the project team. A post-rollout plan must include accountability for the new system<\/span><\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&nbsp;<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Why-microsegmentation\"><\/span><b>Why microsegmentation?<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-weight: 400;\">The benefits of microsegmentation are endless<\/span> <span style=\"font-weight: 400;\">when it could prevent or buffer attacks compromising sensitive data and assets. With analysts estimating 70-80% of traffic flows east-west on a flat network, there is nearly a free-range communicate-a-thon between users, applications, and devices playing out in your network. This reality opens the window to malicious actors, who can move laterally from a vendor portal to mission-critical data and systems.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Besides preventing lateral movement in its tracks, implementing microsegmentation is also an efficient use of your organization&#8217;s time. Security professionals know the days of protecting the entire attack surface are short. By defining the protect surface, protecting what&#8217;s most important becomes palatable while ensuring your security meets all compliance standards.\u00a0<\/span><\/p>\n<p><b>Read Also: <\/b><a href=\"https:\/\/www.esecurityplanet.com\/endpoint\/antivirus-vs-epp-vs-edr\/\"><span style=\"font-weight: 400;\">Antivirus vs. EPP vs. EDR: How to Secure Your Endpoints\u00a0<\/span><\/a><\/p>\n<h2><span class=\"ez-toc-section\" id=\"Mastering-your-network-traffic\"><\/span><b>Mastering your network traffic<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-weight: 400;\">Microsegmentation is truly about mastering your network traffic. By visualizing network segments&#8217; connectivity and establishing granular policy and adaptive management around segments, preventing lateral movement is no problem. Of course, the road to complete network microsegmentation is not easy. It requires ample time, planning, and resources to conquer the challenge.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">If done right, the benefits of implementing microsegmentation are invaluable.<\/span><\/p>\n\n\n<div id=\"ta-campaign-widget-66d6f11eacd71-popup-wrapper\" class=\"ta-campaign-widget__popup-wrapper\">\n    \n<div\n    style=\"\n        --ta-campaign-plugin-primary: #3545ed;\n        --ta-campaign-plugin-button-text: #fff;\n        --ta-campaign-plugin-button-hover-background: #3231b4;\n        --ta-campaign-plugin-button-hover-text: #fff;\n        --ta-campaign-plugin-button-toggle-background: #3231b4;\n        --ta-campaign-plugin-button-toggle-text: #3231B4;\n    \"\n    data-ajax-url=\"https:\/\/www.esecurityplanet.com\/wp\/wp-admin\/admin-ajax.php\">\n    <div\n        id=\"ta-campaign-widget-66d6f11eacd71\"\n        class=\"ta-campaign-widget ta-campaign-widget--popup\"\n        data-campaign-fields='{\"properties\":{\"campaign_type\":\"popup\",\"campaign_category\":false,\"sailthru_list\":[\"cybersecurity-insider\"],\"popup_type\":\"exit_intent\",\"appearance\":{\"colors\":{\"primary_color\":\"#3545ed\",\"button\":{\"button_text_color\":\"#fff\",\"hover\":{\"button_hover_background_color\":\"#3231b4\",\"button_hover_text_color\":\"#fff\"},\"toggle\":{\"button_toggle_background_color\":\"#3231b4\",\"button_toggle_text_color\":\"#3231B4\"}}},\"custom_scss\":\"\"},\"behavior\":{\"opt_in_enabled\":true},\"language\":{\"tagline\":\"Get the Free Cybersecurity Newsletter\",\"subtagline\":\"\",\"content\":\"Strengthen your organization&#39;s IT security defenses by keeping up to date on the latest cybersecurity news, solutions, and best practices. Delivered every Monday, Tuesday and Thursday\",\"email_placeholder\":\"Work Email Address\",\"opt_in\":\"By signing up to receive our newsletter, you agree to our Terms of Use and Privacy Policy. You can unsubscribe at any time.\",\"subscribe_button\":\"Subscribe\"}},\"identifier\":\"66d6f11eacd71\",\"campaign_id\":26045,\"campaign_type\":\"popup\",\"popup_type\":\"exit_intent\",\"newsletters\":[\"cybersecurity-insider\"],\"behavior\":{\"opt_in_enabled\":true},\"appearance\":{\"colors\":{\"primary\":\"#3545ed\",\"button\":{\"text\":\"#fff\",\"hover\":{\"background\":\"#3231b4\",\"text\":\"#fff\"},\"toggle\":{\"background\":\"#3231b4\",\"text\":\"#3231B4\"}}},\"custom_css\":\"\"},\"language\":{\"tagline\":\"Get the Free Cybersecurity Newsletter\",\"subtagline\":\"\",\"content\":\"Strengthen your organization&#39;s IT security defenses by keeping up to date on the latest cybersecurity news, solutions, and best practices. Delivered every Monday, Tuesday and Thursday\",\"email_placeholder\":\"Work Email Address\",\"opt_in\":\"By signing up to receive our newsletter, you agree to our Terms of Use and Privacy Policy. You can unsubscribe at any time.\",\"subscribe_button\":\"Subscribe\"}}'>\n\n                <div class=\"ta-campaign-widget__exit\">\n            <svg class=\"w-8\" fill=\"none\" stroke=\"currentColor\" stroke-width=\"1.5\" viewBox=\"0 0 24 24\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" aria-hidden=\"true\">\n                <path stroke-linecap=\"round\" stroke-linejoin=\"round\" d=\"M6 18L18 6M6 6l12 12\"><\/path>\n            <\/svg>\n        <\/div>\n        \n        <div class=\"ta-campaign-widget__wrapper\">\n            <div class=\"ta-campaign-widget__header mb-6\">\n                                <h3 class=\"ta-campaign-widget__tagline\">\n                    Get the Free Cybersecurity Newsletter                <\/h3>\n                \n                \n                                <p class=\"ta-campaign-widget__content mt-6\">\n                    Strengthen your organization's IT security defenses by keeping up to date on the latest cybersecurity news, solutions, and best practices. Delivered every Monday, Tuesday and Thursday                <\/p>\n                            <\/div>\n\n            <form class=\"ta-campaign-widget__form\">\n                <div class=\"ta-campaign-widget__input mb-4\"  data-field=\"email\">\n                    <label\n                        class=\"sr-only\"\n                        for=\"email-66d6f11eacd71\">\n                        Email Address\n                    <\/label>\n                    <input\n                        class=\"ta-campaign-widget__input__text\"\n                        placeholder=\"Work Email Address\"\n                        id=\"email-66d6f11eacd71\"\n                        name=\"email\"\n                        type=\"email\">\n                <\/div>\n\n                                <div class=\"ta-campaign-widget__checkbox mb-4\" data-field=\"opt_in\">\n                    <div class=\"flex items-start\">\n                        <input\n                            id=\"opt-in-66d6f11eacd71\"\n                            class=\"ta-campaign-widget__checkbox__input mr-2\"\n                            name=\"opt-in\"\n                            type=\"checkbox\"\/>\n                        <label\n                            class=\"ta-campaign-widget__checkbox__label\"\n                            for=\"opt-in-66d6f11eacd71\">\n                            By signing up to receive our newsletter, you agree to our Terms of Use and Privacy Policy. You can unsubscribe at any time.                        <\/label>\n                    <\/div>\n                <\/div>\n                \n                <button class=\"ta-campaign-widget__button\" type=\"submit\" >\n                    Subscribe                <\/button>\n            <\/form>\n        <\/div>\n    <\/div>\n<\/div>\n\n<style>\n<\/style><\/div>\n","protected":false},"excerpt":{"rendered":"<p>In an era where the network edge faces the highest traffic, organizations rush to add more robust security yet hesitate to take on the long-term endeavor known as microsegmentation. Microsegmentation is about identifying your organization&#8217;s most valuable network segments, establishing strict communication policies, and becoming the master of your network flows. Unlike traditional network segmentation, [&hellip;]<\/p>\n","protected":false},"author":250,"featured_media":18259,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_gazelle_contributing_experts":"","footnotes":""},"categories":[14],"tags":[8040,7234,23887,30829],"b2b_audience":[],"b2b_industry":[],"b2b_product":[],"class_list":["post-18258","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-networks","tag-access","tag-firewalls","tag-microsegmentation","tag-zero-trust"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v22.9 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>How to Implement Microsegmentation | eSecurity Planet<\/title>\n<meta name=\"description\" content=\"Learn steps to implement microsegmentation and why you can move towards preventing lateral movement today.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.esecurityplanet.com\/networks\/how-to-implement-microsegmentation\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"How to Implement Microsegmentation | eSecurity Planet\" \/>\n<meta property=\"og:description\" content=\"Learn steps to implement microsegmentation and why you can move towards preventing lateral movement today.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.esecurityplanet.com\/networks\/how-to-implement-microsegmentation\/\" \/>\n<meta property=\"og:site_name\" content=\"eSecurity Planet\" \/>\n<meta property=\"article:published_time\" content=\"2021-03-16T05:51:10+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-03-29T17:01:45+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/03\/pexels-ryutaro-tsukata-5746107-1.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1280\" \/>\n\t<meta property=\"og:image:height\" content=\"1919\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Sam Ingalls\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@https:\/\/twitter.com\/SamIngalls\" \/>\n<meta name=\"twitter:site\" content=\"@eSecurityPlanet\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Sam Ingalls\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"8 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.esecurityplanet.com\/networks\/how-to-implement-microsegmentation\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/networks\/how-to-implement-microsegmentation\/\"},\"author\":{\"name\":\"Sam Ingalls\",\"@id\":\"https:\/\/www.esecurityplanet.com\/#\/schema\/person\/40407ef36d4a8822d7fcd993b93faba2\"},\"headline\":\"How to Implement Microsegmentation\",\"datePublished\":\"2021-03-16T05:51:10+00:00\",\"dateModified\":\"2023-03-29T17:01:45+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/networks\/how-to-implement-microsegmentation\/\"},\"wordCount\":1686,\"publisher\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/networks\/how-to-implement-microsegmentation\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/03\/pexels-ryutaro-tsukata-5746107-1.jpg\",\"keywords\":[\"access\",\"firewalls\",\"microsegmentation\",\"zero-trust\"],\"articleSection\":[\"Networks\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.esecurityplanet.com\/networks\/how-to-implement-microsegmentation\/\",\"url\":\"https:\/\/www.esecurityplanet.com\/networks\/how-to-implement-microsegmentation\/\",\"name\":\"How to Implement Microsegmentation | eSecurity Planet\",\"isPartOf\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/networks\/how-to-implement-microsegmentation\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/networks\/how-to-implement-microsegmentation\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/03\/pexels-ryutaro-tsukata-5746107-1.jpg\",\"datePublished\":\"2021-03-16T05:51:10+00:00\",\"dateModified\":\"2023-03-29T17:01:45+00:00\",\"description\":\"Learn steps to implement microsegmentation and why you can move towards preventing lateral movement today.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/networks\/how-to-implement-microsegmentation\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.esecurityplanet.com\/networks\/how-to-implement-microsegmentation\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.esecurityplanet.com\/networks\/how-to-implement-microsegmentation\/#primaryimage\",\"url\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/03\/pexels-ryutaro-tsukata-5746107-1.jpg\",\"contentUrl\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/03\/pexels-ryutaro-tsukata-5746107-1.jpg\",\"width\":1280,\"height\":1919},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.esecurityplanet.com\/networks\/how-to-implement-microsegmentation\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.esecurityplanet.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"How to Implement Microsegmentation\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.esecurityplanet.com\/#website\",\"url\":\"https:\/\/www.esecurityplanet.com\/\",\"name\":\"eSecurity Planet\",\"description\":\"Industry-leading guidance and analysis for how to keep your business secure.\",\"publisher\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.esecurityplanet.com\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.esecurityplanet.com\/#organization\",\"name\":\"eSecurityPlanet\",\"url\":\"https:\/\/www.esecurityplanet.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.esecurityplanet.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2020\/10\/eSecurity_logo_MainLogo.png\",\"contentUrl\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2020\/10\/eSecurity_logo_MainLogo.png\",\"width\":1134,\"height\":375,\"caption\":\"eSecurityPlanet\"},\"image\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/eSecurityPlanet\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.esecurityplanet.com\/#\/schema\/person\/40407ef36d4a8822d7fcd993b93faba2\",\"name\":\"Sam Ingalls\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.esecurityplanet.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2022\/08\/Sam-Ingalls-Square-150x150.jpg\",\"contentUrl\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2022\/08\/Sam-Ingalls-Square-150x150.jpg\",\"caption\":\"Sam Ingalls\"},\"description\":\"Sam Ingalls is an award-winning writer and researcher covering enterprise technology, cybersecurity, data centers, and IT trends, for eSecurity Planet, Tech Republic, ServerWatch, Webopedia, and Channel Insider.\",\"sameAs\":[\"https:\/\/www.linkedin.com\/in\/singalls\/\",\"https:\/\/x.com\/https:\/\/twitter.com\/SamIngalls\"],\"url\":\"https:\/\/www.esecurityplanet.com\/author\/singalls\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"How to Implement Microsegmentation | eSecurity Planet","description":"Learn steps to implement microsegmentation and why you can move towards preventing lateral movement today.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.esecurityplanet.com\/networks\/how-to-implement-microsegmentation\/","og_locale":"en_US","og_type":"article","og_title":"How to Implement Microsegmentation | eSecurity Planet","og_description":"Learn steps to implement microsegmentation and why you can move towards preventing lateral movement today.","og_url":"https:\/\/www.esecurityplanet.com\/networks\/how-to-implement-microsegmentation\/","og_site_name":"eSecurity Planet","article_published_time":"2021-03-16T05:51:10+00:00","article_modified_time":"2023-03-29T17:01:45+00:00","og_image":[{"width":1280,"height":1919,"url":"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/03\/pexels-ryutaro-tsukata-5746107-1.jpg","type":"image\/jpeg"}],"author":"Sam Ingalls","twitter_card":"summary_large_image","twitter_creator":"@https:\/\/twitter.com\/SamIngalls","twitter_site":"@eSecurityPlanet","twitter_misc":{"Written by":"Sam Ingalls","Est. reading time":"8 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.esecurityplanet.com\/networks\/how-to-implement-microsegmentation\/#article","isPartOf":{"@id":"https:\/\/www.esecurityplanet.com\/networks\/how-to-implement-microsegmentation\/"},"author":{"name":"Sam Ingalls","@id":"https:\/\/www.esecurityplanet.com\/#\/schema\/person\/40407ef36d4a8822d7fcd993b93faba2"},"headline":"How to Implement Microsegmentation","datePublished":"2021-03-16T05:51:10+00:00","dateModified":"2023-03-29T17:01:45+00:00","mainEntityOfPage":{"@id":"https:\/\/www.esecurityplanet.com\/networks\/how-to-implement-microsegmentation\/"},"wordCount":1686,"publisher":{"@id":"https:\/\/www.esecurityplanet.com\/#organization"},"image":{"@id":"https:\/\/www.esecurityplanet.com\/networks\/how-to-implement-microsegmentation\/#primaryimage"},"thumbnailUrl":"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/03\/pexels-ryutaro-tsukata-5746107-1.jpg","keywords":["access","firewalls","microsegmentation","zero-trust"],"articleSection":["Networks"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.esecurityplanet.com\/networks\/how-to-implement-microsegmentation\/","url":"https:\/\/www.esecurityplanet.com\/networks\/how-to-implement-microsegmentation\/","name":"How to Implement Microsegmentation | eSecurity Planet","isPartOf":{"@id":"https:\/\/www.esecurityplanet.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.esecurityplanet.com\/networks\/how-to-implement-microsegmentation\/#primaryimage"},"image":{"@id":"https:\/\/www.esecurityplanet.com\/networks\/how-to-implement-microsegmentation\/#primaryimage"},"thumbnailUrl":"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/03\/pexels-ryutaro-tsukata-5746107-1.jpg","datePublished":"2021-03-16T05:51:10+00:00","dateModified":"2023-03-29T17:01:45+00:00","description":"Learn steps to implement microsegmentation and why you can move towards preventing lateral movement today.","breadcrumb":{"@id":"https:\/\/www.esecurityplanet.com\/networks\/how-to-implement-microsegmentation\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.esecurityplanet.com\/networks\/how-to-implement-microsegmentation\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.esecurityplanet.com\/networks\/how-to-implement-microsegmentation\/#primaryimage","url":"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/03\/pexels-ryutaro-tsukata-5746107-1.jpg","contentUrl":"https:\/\/assets.esecurityplanet.com\/uploads\/2021\/03\/pexels-ryutaro-tsukata-5746107-1.jpg","width":1280,"height":1919},{"@type":"BreadcrumbList","@id":"https:\/\/www.esecurityplanet.com\/networks\/how-to-implement-microsegmentation\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.esecurityplanet.com\/"},{"@type":"ListItem","position":2,"name":"How to Implement Microsegmentation"}]},{"@type":"WebSite","@id":"https:\/\/www.esecurityplanet.com\/#website","url":"https:\/\/www.esecurityplanet.com\/","name":"eSecurity Planet","description":"Industry-leading guidance and analysis for how to keep your business secure.","publisher":{"@id":"https:\/\/www.esecurityplanet.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.esecurityplanet.com\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.esecurityplanet.com\/#organization","name":"eSecurityPlanet","url":"https:\/\/www.esecurityplanet.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.esecurityplanet.com\/#\/schema\/logo\/image\/","url":"https:\/\/assets.esecurityplanet.com\/uploads\/2020\/10\/eSecurity_logo_MainLogo.png","contentUrl":"https:\/\/assets.esecurityplanet.com\/uploads\/2020\/10\/eSecurity_logo_MainLogo.png","width":1134,"height":375,"caption":"eSecurityPlanet"},"image":{"@id":"https:\/\/www.esecurityplanet.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/eSecurityPlanet"]},{"@type":"Person","@id":"https:\/\/www.esecurityplanet.com\/#\/schema\/person\/40407ef36d4a8822d7fcd993b93faba2","name":"Sam Ingalls","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.esecurityplanet.com\/#\/schema\/person\/image\/","url":"https:\/\/assets.esecurityplanet.com\/uploads\/2022\/08\/Sam-Ingalls-Square-150x150.jpg","contentUrl":"https:\/\/assets.esecurityplanet.com\/uploads\/2022\/08\/Sam-Ingalls-Square-150x150.jpg","caption":"Sam Ingalls"},"description":"Sam Ingalls is an award-winning writer and researcher covering enterprise technology, cybersecurity, data centers, and IT trends, for eSecurity Planet, Tech Republic, ServerWatch, Webopedia, and Channel Insider.","sameAs":["https:\/\/www.linkedin.com\/in\/singalls\/","https:\/\/x.com\/https:\/\/twitter.com\/SamIngalls"],"url":"https:\/\/www.esecurityplanet.com\/author\/singalls\/"}]}},"_links":{"self":[{"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/posts\/18258"}],"collection":[{"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/users\/250"}],"replies":[{"embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/comments?post=18258"}],"version-history":[{"count":0,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/posts\/18258\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/media\/18259"}],"wp:attachment":[{"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/media?parent=18258"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/categories?post=18258"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/tags?post=18258"},{"taxonomy":"b2b_audience","embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/b2b_audience?post=18258"},{"taxonomy":"b2b_industry","embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/b2b_industry?post=18258"},{"taxonomy":"b2b_product","embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/b2b_product?post=18258"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}