A network can have the most sophisticated security mechanisms implemented, but without network segmentation, their value will be greatly undermined, if not invalidated. Internal segmentation is often overlooked, because focus is on the external threat. Unfortunately, the external threat is counting on weak internal network segmentation to spread malware throughout the enterprise and gain a foothold for exfiltration of critical enterprise data.

Significant investment has been made in network access control (NAC) and perimeter technologies, meanwhile the latest threat introduced to the network through a trusted host is wreaking havoc on internal client systems and the most critical systems in the enterprise. The need to segment ...