/
제로 트러스트 세그멘테이션

How SWACRIT and ROS\\TECH Closed the Segmentation Gap With Illumio

It wasn’t until after the migration was complete that the gap became clear.

SWACRIT Systems, a fast-growing high-tech manufacturer and member of the Swarovski Group, had just completed a complex domain migration.  

On paper, everything looked secure. But something was missing.

“We realized we had a well-structured architecture but no real network segmentation,” said Daniel Hofer, IT Systems Engineer at SWACRIT. “That left a critical hole in our security posture.”

The domain was modernized, but the network was flat. And in a world of escalating threats, that meant a breach could spread fast.

That realization kicked off a journey to close the segmentation gap and strengthen SWACRIT’s Zero Trust strategy.  

In a recent Illumio webinar, Hofer joined Robert Rostek, CEO of cybersecurity consultancy ROS\\TECH, and Illumio Director of Critical Infrastructure Solutions Trevor Dearing, to share how Illumio helped them identify the problem, implement microsegmentation, and gain visibility and control that traditional firewalls simply couldn’t offer.

From strong identity controls to a segmentation gap

SWACRIT had recently modernized its IT environment, following best practices for Active Directory (AD) hardening, tiered administrative access, and general cyber hygiene.

“We did everything right on the identity and permissions side,” Hofer said. “But there was one piece missing — network segmentation.”

Without segmentation versus with segmentation

ROS\\TECH helped lead the initial hardening effort.

“We start every project with the basics,” Rostek said. “Do you have backups? Have you removed legacy settings? Are your admin workstations secure? Once that’s done, the next priority is segmentation, both identity and network.”

They initially considered traditional VLAN-based segmentation. But Rostek was quick to point out its limitations.

“We’ve done classic VLAN segmentation for years,” he said. “It’s possible to implement, but it’s incredibly difficult to maintain over time. Networks change constantly — new servers, new software, shifting roles. VLANs can’t keep up.”

Why SWACRIT chose host-based segmentation with Illumio

Instead of traditional approaches, SWACRIT went with host-based segmentation using Illumio. The decision came down to one word: flexibility.

“Deploying the Illumio agent was straightforward,” Hofer said. “And starting in visibility-only mode gave us time to learn before making any changes.”

That observation phase lasted just over a month. In that time, the team analyzed communication patterns, identified high-risk paths, and began building granular policy sets, all without disrupting business operations.

“The key deciding factor was ease of implementation,” Hofer explained. “Illumio let us see what was happening, then build rules based on real data.”

That visibility extended beyond basic traffic. “With hardware firewalls, you might see source and destination,” said Robert. “With Illumio, you see the user, the process, and the context. That’s a game-changer.”

The key deciding factor was ease of implementation. Illumio let us see what was happening, then build rules based on real data.

Turning visibility into security

Once Illumio was fully deployed, the benefits went beyond segmentation.

Rostek highlighted two core priorities: securing administrative paths and eliminating unnecessary peer-to-peer communication.

“We were able to lock down who could RDP into jump boxes, who could access critical systems, and where management protocols like WinRM could be used,” he said.

On the client side, Illumio enabled dynamic, label-based rules that stopped lateral movement without disrupting legitimate workflows.

“We completely blocked client-to-client communication, except for what was needed,” Rostek said. “And we didn’t have to hardcode IP addresses or manually manage exceptions. Labels handled it.”

Finding the unknowns: shadow services and misconfigurations

Illumio didn’t just improve security. It also surfaced misconfigurations and shadow IT.

“My favorite example is when we saw our main firewall trying to print to a print server,” Rostek said, laughing. “That obviously made no sense. Turned out someone had misclicked an NAT setting. Without Illumio, we never would’ve caught it.”

Other discoveries included machines running music streaming platforms and forgotten monitoring agents still broadcasting on the network. “These weren’t threats,” Robert said, “but they were signs of hygiene issues we could now clean up.”

For Hofer, Illumio’s detailed traffic visualization gave him unprecedented insight into SWACRIT’s infrastructure.

“It helped us understand communication across geographic locations, internal systems, and even our ERP ecosystem,” he said. “The tag-based system made it easy to interpret complex traffic patterns even at scale.”

Illumio visibility map

Building modern security that scales

With operations spanning Austria, Germany, and the Czech Republic — and a growth trajectory that’s seen headcount quadruple since 2015 — scalability was a must.

“With traditional firewall approaches, growing means buying new hardware and increasing network capacity,” Hofer said. “With Illumio, we just install an agent and apply a label. The rules follow automatically.”

With traditional firewall approaches, growing means buying new hardware and increasing network capacity. With Illumio, we just install an agent and apply a label. The rules follow automatically.

Even SWACRIT’s OT systems — including manufacturing machines not running traditional operating systems — were covered.  

“We added them as unmanaged workloads and assigned labels,” Hofer explained. “From that point, they could only communicate using protocols we explicitly allowed. That’s Zero Trust in action.”

Illumio delivers simple segmentation at scale

For Rostek, one of the biggest roadblocks he sees is perception.

“People think host-based segmentation is too complex,” he said. “But with Illumio, it’s easy, especially compared to managing VLANs across global environments.”

And the benefits speak for themselves: visibility, scalability, faster implementation, and stronger security — all with less overhead.

Hofer agrees.

“This is the most scalable solution I’ve found on the market,” he said. “And it grows with us.”

Missed the webinar? Watch the full recording here to see how SWACRIT and ROS\\TECH brought segmentation to life with Illumio.

관련 주제

관련 기사

제로 트러스트에 정책이 중요한 이유
제로 트러스트 세그멘테이션

제로 트러스트에 정책이 중요한 이유

최소 권한이라는 개념은 새로운 것이 아니며 최소 권한 서비스를 위해 네트워크에서 장치를 분리한다는 아이디어도 마찬가지입니다.

Illumio는 FedRAMP 마켓플레이스에서 “진행 중”입니다.
제로 트러스트 세그멘테이션

Illumio는 FedRAMP 마켓플레이스에서 “진행 중”입니다.

Illumio의 새로운 FedRAMP 프로세스 내 지정이 FedRAMP 시장에 미치는 영향

마이크로 세분화를 자동화하려면 무엇이 필요할까요?
제로 트러스트 세그멘테이션

마이크로 세분화를 자동화하려면 무엇이 필요할까요?

이 게시물에서는 고려 중인 마이크로 세분화 공급업체와 함께 살펴봐야 할 다섯 가지 영역을 제공합니다.벤더에게 이러한 점을 강력히 강조하세요. 벤더의 상대적 성숙도 수준과 API 준비 상태를 확인하고 품질 결정을 더 효과적으로 내릴 수 있습니다.

Illumio를 통한 사전 예방적 보안 침해 방지를 위한 제조 CISO의 4가지 팁
사이버 레질리언스

Illumio를 통한 사전 예방적 보안 침해 방지를 위한 제조 CISO의 4가지 팁

Illumio ZTS를 사용하여 보안 침해를 사전에 방지하려는 조직을 위한 제조 CISO Jamie Rossato의 팁을 알아보십시오.

Brooks Running이 제공하는 소매업체 및 제조업체를 위한 5가지 제로 트러스트 팁
사이버 레질리언스

Brooks Running이 제공하는 소매업체 및 제조업체를 위한 5가지 제로 트러스트 팁

신발 소매업체인 Brooks Running이 제로 트러스트 제어를 실용적인 방식으로 구현한 훌륭한 기업인 이유를 알아보십시오.

Assume Breach.
Minimize Impact.
Increase Resilience.

Ready to learn more about Zero Trust Segmentation?