/
ゼロトラストセグメンテーション

How SWACRIT and ROS\\TECH Closed the Segmentation Gap With Illumio

It wasn’t until after the migration was complete that the gap became clear.

SWACRIT Systems, a fast-growing high-tech manufacturer and member of the Swarovski Group, had just completed a complex domain migration.  

On paper, everything looked secure. But something was missing.

“We realized we had a well-structured architecture but no real network segmentation,” said Daniel Hofer, IT Systems Engineer at SWACRIT. “That left a critical hole in our security posture.”

The domain was modernized, but the network was flat. And in a world of escalating threats, that meant a breach could spread fast.

That realization kicked off a journey to close the segmentation gap and strengthen SWACRIT’s Zero Trust strategy.  

In a recent Illumio webinar, Hofer joined Robert Rostek, CEO of cybersecurity consultancy ROS\\TECH, and Illumio Director of Critical Infrastructure Solutions Trevor Dearing, to share how Illumio helped them identify the problem, implement microsegmentation, and gain visibility and control that traditional firewalls simply couldn’t offer.

From strong identity controls to a segmentation gap

SWACRIT had recently modernized its IT environment, following best practices for Active Directory (AD) hardening, tiered administrative access, and general cyber hygiene.

“We did everything right on the identity and permissions side,” Hofer said. “But there was one piece missing — network segmentation.”

Without segmentation versus with segmentation

ROS\\TECH helped lead the initial hardening effort.

“We start every project with the basics,” Rostek said. “Do you have backups? Have you removed legacy settings? Are your admin workstations secure? Once that’s done, the next priority is segmentation, both identity and network.”

They initially considered traditional VLAN-based segmentation. But Rostek was quick to point out its limitations.

“We’ve done classic VLAN segmentation for years,” he said. “It’s possible to implement, but it’s incredibly difficult to maintain over time. Networks change constantly — new servers, new software, shifting roles. VLANs can’t keep up.”

Why SWACRIT chose host-based segmentation with Illumio

Instead of traditional approaches, SWACRIT went with host-based segmentation using Illumio. The decision came down to one word: flexibility.

“Deploying the Illumio agent was straightforward,” Hofer said. “And starting in visibility-only mode gave us time to learn before making any changes.”

That observation phase lasted just over a month. In that time, the team analyzed communication patterns, identified high-risk paths, and began building granular policy sets, all without disrupting business operations.

“The key deciding factor was ease of implementation,” Hofer explained. “Illumio let us see what was happening, then build rules based on real data.”

That visibility extended beyond basic traffic. “With hardware firewalls, you might see source and destination,” said Robert. “With Illumio, you see the user, the process, and the context. That’s a game-changer.”

The key deciding factor was ease of implementation. Illumio let us see what was happening, then build rules based on real data.

Turning visibility into security

Once Illumio was fully deployed, the benefits went beyond segmentation.

Rostek highlighted two core priorities: securing administrative paths and eliminating unnecessary peer-to-peer communication.

“We were able to lock down who could RDP into jump boxes, who could access critical systems, and where management protocols like WinRM could be used,” he said.

On the client side, Illumio enabled dynamic, label-based rules that stopped lateral movement without disrupting legitimate workflows.

“We completely blocked client-to-client communication, except for what was needed,” Rostek said. “And we didn’t have to hardcode IP addresses or manually manage exceptions. Labels handled it.”

Finding the unknowns: shadow services and misconfigurations

Illumio didn’t just improve security. It also surfaced misconfigurations and shadow IT.

“My favorite example is when we saw our main firewall trying to print to a print server,” Rostek said, laughing. “That obviously made no sense. Turned out someone had misclicked an NAT setting. Without Illumio, we never would’ve caught it.”

Other discoveries included machines running music streaming platforms and forgotten monitoring agents still broadcasting on the network. “These weren’t threats,” Robert said, “but they were signs of hygiene issues we could now clean up.”

For Hofer, Illumio’s detailed traffic visualization gave him unprecedented insight into SWACRIT’s infrastructure.

“It helped us understand communication across geographic locations, internal systems, and even our ERP ecosystem,” he said. “The tag-based system made it easy to interpret complex traffic patterns even at scale.”

Illumio visibility map

Building modern security that scales

With operations spanning Austria, Germany, and the Czech Republic — and a growth trajectory that’s seen headcount quadruple since 2015 — scalability was a must.

“With traditional firewall approaches, growing means buying new hardware and increasing network capacity,” Hofer said. “With Illumio, we just install an agent and apply a label. The rules follow automatically.”

With traditional firewall approaches, growing means buying new hardware and increasing network capacity. With Illumio, we just install an agent and apply a label. The rules follow automatically.

Even SWACRIT’s OT systems — including manufacturing machines not running traditional operating systems — were covered.  

“We added them as unmanaged workloads and assigned labels,” Hofer explained. “From that point, they could only communicate using protocols we explicitly allowed. That’s Zero Trust in action.”

Illumio delivers simple segmentation at scale

For Rostek, one of the biggest roadblocks he sees is perception.

“People think host-based segmentation is too complex,” he said. “But with Illumio, it’s easy, especially compared to managing VLANs across global environments.”

And the benefits speak for themselves: visibility, scalability, faster implementation, and stronger security — all with less overhead.

Hofer agrees.

“This is the most scalable solution I’ve found on the market,” he said. “And it grows with us.”

Missed the webinar? Watch the full recording here to see how SWACRIT and ROS\\TECH brought segmentation to life with Illumio.

関連トピック

関連記事

マイクロセグメンテーションに基づいて構築されたゼロトラスト戦略がクラウドリスクを解決する方法
ゼロトラストセグメンテーション

マイクロセグメンテーションに基づいて構築されたゼロトラスト戦略がクラウドリスクを解決する方法

動的なクラウド環境全体を可視化、制御、保護して、データやアプリケーションをbreaches から守る方法をご覧ください。

米国のサイバーセキュリティ戦略、医療侵害、イルミオ市場の勢い
ゼロトラストセグメンテーション

米国のサイバーセキュリティ戦略、医療侵害、イルミオ市場の勢い

2023年3月からのイルミオのニュース報道の概要をご覧ください。

構造化されたポリシー制御による適切なセグメンテーションの実現
ゼロトラストセグメンテーション

構造化されたポリシー制御による適切なセグメンテーションの実現

Ultimately, Zero Trust Segmentation controls are about making and enforcing security rules to prevent the spread of breaches across systems and environments.

Illumioによる積極的な侵害封じ込めに関する製造CISOの4つのヒント
サイバー・レジリエンス

Illumioによる積極的な侵害封じ込めに関する製造CISOの4つのヒント

Illumio ZTS による侵害に対する積極的な保護を検討している組織向けに、製造業界の CISO Jamie Rossato が語るヒントをご紹介します。

Brooks Runningが教える小売業者と製造業者向けの5つのゼロトラストのヒント
サイバー・レジリエンス

Brooks Runningが教える小売業者と製造業者向けの5つのゼロトラストのヒント

靴小売業者のBrooks Runningが、ゼロトラストコントロールを実用的な方法で導入している企業の好例である理由をご覧ください。

Assume Breach.
影響を最小限に抑えます。
レジリエンスを高めます。

ゼロトラストセグメンテーションについて詳しく知る準備はできていますか?