/
Segmentación de confianza cero

How SWACRIT and ROS\\TECH Closed the Segmentation Gap With Illumio

It wasn’t until after the migration was complete that the gap became clear.

SWACRIT Systems, a fast-growing high-tech manufacturer and member of the Swarovski Group, had just completed a complex domain migration.  

On paper, everything looked secure. But something was missing.

“We realized we had a well-structured architecture but no real network segmentation,” said Daniel Hofer, IT Systems Engineer at SWACRIT. “That left a critical hole in our security posture.”

The domain was modernized, but the network was flat. And in a world of escalating threats, that meant a breach could spread fast.

That realization kicked off a journey to close the segmentation gap and strengthen SWACRIT’s Zero Trust strategy.  

In a recent Illumio webinar, Hofer joined Robert Rostek, CEO of cybersecurity consultancy ROS\\TECH, and Illumio Director of Critical Infrastructure Solutions Trevor Dearing, to share how Illumio helped them identify the problem, implement microsegmentation, and gain visibility and control that traditional firewalls simply couldn’t offer.

From strong identity controls to a segmentation gap

SWACRIT had recently modernized its IT environment, following best practices for Active Directory (AD) hardening, tiered administrative access, and general cyber hygiene.

“We did everything right on the identity and permissions side,” Hofer said. “But there was one piece missing — network segmentation.”

Without segmentation versus with segmentation

ROS\\TECH helped lead the initial hardening effort.

“We start every project with the basics,” Rostek said. “Do you have backups? Have you removed legacy settings? Are your admin workstations secure? Once that’s done, the next priority is segmentation, both identity and network.”

They initially considered traditional VLAN-based segmentation. But Rostek was quick to point out its limitations.

“We’ve done classic VLAN segmentation for years,” he said. “It’s possible to implement, but it’s incredibly difficult to maintain over time. Networks change constantly — new servers, new software, shifting roles. VLANs can’t keep up.”

Why SWACRIT chose host-based segmentation with Illumio

Instead of traditional approaches, SWACRIT went with host-based segmentation using Illumio. The decision came down to one word: flexibility.

“Deploying the Illumio agent was straightforward,” Hofer said. “And starting in visibility-only mode gave us time to learn before making any changes.”

That observation phase lasted just over a month. In that time, the team analyzed communication patterns, identified high-risk paths, and began building granular policy sets, all without disrupting business operations.

“The key deciding factor was ease of implementation,” Hofer explained. “Illumio let us see what was happening, then build rules based on real data.”

That visibility extended beyond basic traffic. “With hardware firewalls, you might see source and destination,” said Robert. “With Illumio, you see the user, the process, and the context. That’s a game-changer.”

The key deciding factor was ease of implementation. Illumio let us see what was happening, then build rules based on real data.

Turning visibility into security

Once Illumio was fully deployed, the benefits went beyond segmentation.

Rostek highlighted two core priorities: securing administrative paths and eliminating unnecessary peer-to-peer communication.

“We were able to lock down who could RDP into jump boxes, who could access critical systems, and where management protocols like WinRM could be used,” he said.

On the client side, Illumio enabled dynamic, label-based rules that stopped lateral movement without disrupting legitimate workflows.

“We completely blocked client-to-client communication, except for what was needed,” Rostek said. “And we didn’t have to hardcode IP addresses or manually manage exceptions. Labels handled it.”

Finding the unknowns: shadow services and misconfigurations

Illumio didn’t just improve security. It also surfaced misconfigurations and shadow IT.

“My favorite example is when we saw our main firewall trying to print to a print server,” Rostek said, laughing. “That obviously made no sense. Turned out someone had misclicked an NAT setting. Without Illumio, we never would’ve caught it.”

Other discoveries included machines running music streaming platforms and forgotten monitoring agents still broadcasting on the network. “These weren’t threats,” Robert said, “but they were signs of hygiene issues we could now clean up.”

For Hofer, Illumio’s detailed traffic visualization gave him unprecedented insight into SWACRIT’s infrastructure.

“It helped us understand communication across geographic locations, internal systems, and even our ERP ecosystem,” he said. “The tag-based system made it easy to interpret complex traffic patterns even at scale.”

Illumio visibility map

Building modern security that scales

With operations spanning Austria, Germany, and the Czech Republic — and a growth trajectory that’s seen headcount quadruple since 2015 — scalability was a must.

“With traditional firewall approaches, growing means buying new hardware and increasing network capacity,” Hofer said. “With Illumio, we just install an agent and apply a label. The rules follow automatically.”

With traditional firewall approaches, growing means buying new hardware and increasing network capacity. With Illumio, we just install an agent and apply a label. The rules follow automatically.

Even SWACRIT’s OT systems — including manufacturing machines not running traditional operating systems — were covered.  

“We added them as unmanaged workloads and assigned labels,” Hofer explained. “From that point, they could only communicate using protocols we explicitly allowed. That’s Zero Trust in action.”

Illumio delivers simple segmentation at scale

For Rostek, one of the biggest roadblocks he sees is perception.

“People think host-based segmentation is too complex,” he said. “But with Illumio, it’s easy, especially compared to managing VLANs across global environments.”

And the benefits speak for themselves: visibility, scalability, faster implementation, and stronger security — all with less overhead.

Hofer agrees.

“This is the most scalable solution I’ve found on the market,” he said. “And it grows with us.”

Missed the webinar? Watch the full recording here to see how SWACRIT and ROS\\TECH brought segmentation to life with Illumio.

Temas relacionados

Artículos relacionados

Principales noticias de ciberseguridad de abril de 2024
Segmentación de confianza cero

Principales noticias de ciberseguridad de abril de 2024

Ponte al día con algunas de las principales historias de ciberseguridad de abril, incluidos los riesgos críticos de seguridad de infraestructura, cómo proteger IoT con la Segmentación de Confianza Cero y por qué la seguridad tradicional nos está fallando en la nube.

Cambio cibernético, definición de confianza cero y punto final de Illumio
Segmentación de confianza cero

Cambio cibernético, definición de confianza cero y punto final de Illumio

Google prioriza la resiliencia cibernética con la adquisición de Mandiant.

¿100% Nube? Aún necesita segmentación de confianza cero
Segmentación de confianza cero

¿100% Nube? Aún necesita segmentación de confianza cero

Descubra por qué estar 100% en la nube no niega la necesidad de contención de brechas con la Segmentación de Confianza Cero y cómo Illumio puede ayudar.

Los 4 consejos de un CISO de fabricación sobre la contención proactiva de brechas con Illumio
Ciberresiliencia

Los 4 consejos de un CISO de fabricación sobre la contención proactiva de brechas con Illumio

Aprenda los consejos del CISO de fabricación Jamie Rossato para organizaciones que buscan asegurar proactivamente contra brechas con Illumio ZTS.

5 consejos de confianza cero para minoristas y fabricantes de Brooks Running
Ciberresiliencia

5 consejos de confianza cero para minoristas y fabricantes de Brooks Running

Descubra por qué el minorista de calzado, Brooks Running, es un ejemplo brillante de un negocio que implementa controles Zero Trust de una manera práctica.

Assume Breach.
Minimize Impact.
Increase Resilience.

Ready to learn more about Zero Trust Segmentation?