How SWACRIT and ROS\\TECH Closed the Segmentation Gap With Illumio

It wasn’t until after the migration was complete that the gap became clear.

SWACRIT Systems, a fast-growing high-tech manufacturer and member of the Swarovski Group, had just completed a complex domain migration.  

On paper, everything looked secure. But something was missing.

“We realized we had a well-structured architecture but no real network segmentation,” said Daniel Hofer, IT Systems Engineer at SWACRIT. “That left a critical hole in our security posture.”

The domain was modernized, but the network was flat. And in a world of escalating threats, that meant a breach could spread fast.

That realization kicked off a journey to close the segmentation gap and strengthen SWACRIT’s Zero Trust strategy.  

In a recent Illumio webinar, Hofer joined Robert Rostek, CEO of cybersecurity consultancy ROS\\TECH, and Illumio Director of Critical Infrastructure Solutions Trevor Dearing, to share how Illumio helped them identify the problem, implement microsegmentation, and gain visibility and control that traditional firewalls simply couldn’t offer.

From strong identity controls to a segmentation gap

SWACRIT had recently modernized its IT environment, following best practices for Active Directory (AD) hardening, tiered administrative access, and general cyber hygiene.

“We did everything right on the identity and permissions side,” Hofer said. “But there was one piece missing — network segmentation.”

ROS\\TECH helped lead the initial hardening effort.

“We start every project with the basics,” Rostek said. “Do you have backups? Have you removed legacy settings? Are your admin workstations secure? Once that’s done, the next priority is segmentation, both identity and network.”

They initially considered traditional VLAN-based segmentation. But Rostek was quick to point out its limitations.

“We’ve done classic VLAN segmentation for years,” he said. “It’s possible to implement, but it’s incredibly difficult to maintain over time. Networks change constantly — new servers, new software, shifting roles. VLANs can’t keep up.”

Why SWACRIT chose host-based segmentation with Illumio

Instead of traditional approaches, SWACRIT went with host-based segmentation using Illumio. The decision came down to one word: flexibility.

“Deploying the Illumio agent was straightforward,” Hofer said. “And starting in visibility-only mode gave us time to learn before making any changes.”

That observation phase lasted just over a month. In that time, the team analyzed communication patterns, identified high-risk paths, and began building granular policy sets, all without disrupting business operations.

“The key deciding factor was ease of implementation,” Hofer explained. “Illumio let us see what was happening, then build rules based on real data.”

That visibility extended beyond basic traffic. “With hardware firewalls, you might see source and destination,” said Robert. “With Illumio, you see the user, the process, and the context. That’s a game-changer.”

The key deciding factor was ease of implementation. Illumio let us see what was happening, then build rules based on real data.

Turning visibility into security

Once Illumio was fully deployed, the benefits went beyond segmentation.

Rostek highlighted two core priorities: securing administrative paths and eliminating unnecessary peer-to-peer communication.

“We were able to lock down who could RDP into jump boxes, who could access critical systems, and where management protocols like WinRM could be used,” he said.

On the client side, Illumio enabled dynamic, label-based rules that stopped lateral movement without disrupting legitimate workflows.

“We completely blocked client-to-client communication, except for what was needed,” Rostek said. “And we didn’t have to hardcode IP addresses or manually manage exceptions. Labels handled it.”

Finding the unknowns: shadow services and misconfigurations

Illumio didn’t just improve security. It also surfaced misconfigurations and shadow IT.

“My favorite example is when we saw our main firewall trying to print to a print server,” Rostek said, laughing. “That obviously made no sense. Turned out someone had misclicked an NAT setting. Without Illumio, we never would’ve caught it.”

Other discoveries included machines running music streaming platforms and forgotten monitoring agents still broadcasting on the network. “These weren’t threats,” Robert said, “but they were signs of hygiene issues we could now clean up.”

For Hofer, Illumio’s detailed traffic visualization gave him unprecedented insight into SWACRIT’s infrastructure.

“It helped us understand communication across geographic locations, internal systems, and even our ERP ecosystem,” he said. “The tag-based system made it easy to interpret complex traffic patterns even at scale.”

Building modern security that scales

With operations spanning Austria, Germany, and the Czech Republic — and a growth trajectory that’s seen headcount quadruple since 2015 — scalability was a must.

“With traditional firewall approaches, growing means buying new hardware and increasing network capacity,” Hofer said. “With Illumio, we just install an agent and apply a label. The rules follow automatically.”

With traditional firewall approaches, growing means buying new hardware and increasing network capacity. With Illumio, we just install an agent and apply a label. The rules follow automatically.

Even SWACRIT’s OT systems — including manufacturing machines not running traditional operating systems — were covered.  

“We added them as unmanaged workloads and assigned labels,” Hofer explained. “From that point, they could only communicate using protocols we explicitly allowed. That’s Zero Trust in action.”

Illumio delivers simple segmentation at scale

For Rostek, one of the biggest roadblocks he sees is perception.

“People think host-based segmentation is too complex,” he said. “But with Illumio, it’s easy, especially compared to managing VLANs across global environments.”

And the benefits speak for themselves: visibility, scalability, faster implementation, and stronger security — all with less overhead.

Hofer agrees.

“This is the most scalable solution I’ve found on the market,” he said. “And it grows with us.”

Missed the webinar? Watch the full recording here to see how SWACRIT and ROS\\TECH brought segmentation to life with Illumio.