Zero Trust Segmentation

2022 Gartner Hype Cycle for Workload and Network Security: Why Microsegmentation is a High-Benefit Technology

Your security team is expected to secure more environments and resources than ever before.

Can the security technologies your organization is using keep up? And do they provide the business benefits your organization demands?

Many organizations are facing a growing hybrid workforce, increased cloud use, and more diverse workloads. Their security teams are also managing serverless workloads, containers, managed databases, virtual machines, and a plethora of other managed services – both in the cloud and in data centers.

Traditional workload and network security tools can’t maintain the pace of today’s digital transformation.

According to Gartner, “It is no longer where the workload or the workforce is located (or necessarily how they are connected) that is driving the type of security used. Instead, product selection must be shaped by how the technologies enable and support increasingly diverse corporate environments.”

In this year’s Gartner® Hype Cycle™ for Workload and Network Security, Gartner has upgraded microsegmentation, also called Zero Trust Segmentation (ZTS), from a ‘moderate’ to a ‘high’ benefit technology. This shows how microsegmentation “enables new ways of performing horizontal or vertical processes that will result in significantly increased revenue or cost savings for an enterprise.”

Gartner chose Illumio as a Sample Vendor for microsegmentation in the report.

2022 Gartner® report recommends ZTS to stop the spread of breaches and ransomware

As Gartner recognizes, organizations are increasingly adopting Zero Trust because it can handle the security needs of today’s hyper-connected, hybrid networks.

“Zero trust is shaping the architectural approach for many organizations in the wake of government guidance and the constant onslaught and effectiveness of attacks. Zero trust is built upon a foundation of strong and unified identity, and is supported by several technologies identified in this Hype Cycle, including the new identity-first security category, zero trust network access (ZTNA) and microsegmentation.” says Gartner.

And a foundational pillar of any Zero Trust strategy is Zero Trust Segmentation.

“Why this is important: Once a system is breached, most attackers move laterally (including ransomware attacks), which can cause serious damage. Microsegmentation seeks to limit the propagation of such attacks,” Gartner explains.

ZTS stops breaches from moving throughout a network by allowing security teams to “create more granular and dynamic policies” than traditional network segmentation approaches.

This is vital for today's networks which have “a bewildering array of workloads” to secure.

“As servers are being virtualized, containerized, or moved to infrastructure as a service (IaaS), existing safeguards such as traditional firewall, intrusion prevention, and antivirus are rarely able to follow the fast pace of deployment for new assets. This leaves the enterprise vulnerable to attackers gaining a foothold and then moving laterally within enterprise networks. This has created increased interest in visibility and granular segmentation for east-west traffic between applications, servers and services in modern data centers,” explains Gartner.

Security at the perimeter is no longer enough. The dynamic nature of today’s workloads means that “traditional network-centric segmentation strategies” are difficult to apply and manage at scale.

In particular, Gartner notes that “the shift to microservices container architectures for applications has also increased the amount of east-west traffic and further restricted the ability of network-centric firewalls to provide this segmentation.”

Gartner also highlights the value of “rich application communication mapping” that some ZTS solutions like Illumio offer as part of a comprehensive ZTS platform. According to Gartner, these maps allow “data center teams to identify which communication paths are valid and secure.” These maps are essential to seeing vulnerabilities, understanding a network’s attack surface, and setting granular segmentation policies.

The bottom line for your business according to Gartner: “Microsegmentation can reduce the risk and impact of cyberattacks...if and when an attacker breaches the enterprise network.”

This is why Gartner classifies microsegmentation as a High Benefit Technology, and one that is climbing up the “Slope of Enlightenment.”

Source: Gartner, Hype Cycle for Workload and Network Security, 2022, Charlie Winckless, 18 July 2022.*

If your organization still hasn’t adopted microsegmentation, NOW is the time.

Complete prevention of breaches is impossible. When a breach does happen, ZTS stops its spread.

Why choose Illumio for Zero Trust Segmentation

Illumio stops breaches and ransomware from spreading across the hybrid attack surface.

Illumio ZTS is the industry’s first platform for breach containment. Scalable yet easy to use, Illumio ZTS provides a consistent approach to microsegmentation across the hybrid attack surface.

With Illumio ZTS, you can quickly and easily:

  • See risk: See risk by visualizing all communication and traffic, both known and unknown, between workflows, devices, and the internet.
  • Set policy: With every change, automatically set granular segmentation policies to control unnecessary and unwanted communications.
  • Stop the spread: Automatically isolate compromised systems and high-value assets in minutes to proactively stop the spread of a breach or reactively during an active attack.

Start with Illumio’s real-time application dependency map to visualize communication and traffic between workloads and applications. Because Illumio is agnostic to the underlying network infrastructure, you get maximum visibility. This is the “rich application communication mapping” that Gartner references in their report.

You can then use this insight to detect and proactively lock down risky or legacy pathways and ports – and isolate your critical assets – that a breach or ransomware would use to move laterally throughout the network. This follows the Gartner recommendation to “target the most critical assets and segment them first.”

Illumio allows you to set basic policies and scale to granular policies at your own pace. It’s an approach Gartner includes in its recommendations: “Start small and iterate with basic policies.”

Creating granular segmentation policies doesn’t have to be confusing or labor intensive. Illumio’s Policy Generator simplifies the whole process by automatically suggesting optimized segmentation policies for any kind of workload, including containers, virtual machines, and bare metal.

Illumio’s segmentation policies are based on an easy-to-understand label system rather than IP addresses or network location. This aligns with Gartner recommendation to “use the identities of applications, workloads, and services” as the foundation for segmentation policies. Illumio’s policies will follow workloads wherever they go – across different hybrid and multi-cloud environments.

Download the Gartner Hype Cycle for Workload and Network Security 2022 report for more insight into the value of microsegmentation and recommendations for successful projects.

Want to learn more about Illumio, the Zero Trust Segmentation company?

Gartner Disclaimer: Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

Gartner and Hype Cycle are registered trademarks of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved

* This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from Illumio.

Related topics

No items found.

Related articles

What’s Important in a Policy Model for Microsegmentation?
Zero Trust Segmentation

What’s Important in a Policy Model for Microsegmentation?

Of all the features to discuss in a micro-segmentation solution, most vendors wouldn’t start with the policy model.

What You Need to Distribute a Zero Trust Policy
Zero Trust Segmentation

What You Need to Distribute a Zero Trust Policy

In this series, we have discussed Policy Discovery and Policy Authoring so far. Once you have a policy to implement, you need to get it calculated, turned into rules and distributed to enforcement points.

Join Illumio at RSA Conference 2022
Zero Trust Segmentation

Join Illumio at RSA Conference 2022

Live events are back, and that means we can expect a big and exciting RSA Conference with our colleagues in the cybersecurity solutions industry.

No items found.

Assume Breach.
Minimize Impact.
Increase Resilience.

Ready to learn more about Zero Trust Segmentation?