Forrester simply printed the second version of The Forrester Wave™: Microsegmentation Options. Simply over two years separates this analysis from the earlier report, and the technological advances over that quick time are beautiful.
The earlier analysis, The Forrester New Wave™: Microsegmentation, Q1 2022, was all about layer 3 microsegmentation in an information middle (or non-public cloud) setting. Again then, you solely had two approaches to select from:
Software program (brokers).
Infrastructure (switches and hypervisors).
Microsegment All the pieces, In all places, By Community, Workload, And Identification
However as we speak, enterprises are microsegmenting these completely different environments in a way more subtle trend:
Public cloud workloads (in 4 or extra hyperscalers)
Microservices, in each public cloud and on-premises
Operational expertise (OT) and IoT
Healthcare
Information middle/non-public cloud (nonetheless major use circumstances)
As an alternative of simply static, layer 3 community guidelines, distributors have added all ports and protocols (layer 4), person and machine identities (layer 7), process-level metadata, and even endpoint detection and response (EDR) threat scores to microsegmentation coverage.
These new, responsive, and dynamic safety insurance policies assist bangin’ options like auto-quarantine, emergency button (mass quarantine), and stay restoration throughout an lively ransomware assault. None of that was potential two years in the past, however now these options are discovered throughout a number of vendor options.
We’re At The Daybreak Of The Golden Age Of Microsegmentation
What a time to be alive! The goodness doesn’t cease there. This Wave analysis included 4 distributors that weren’t within the final analysis that every deliver a recent method and, we predict, will rapidly problem the market leaders.
Two of those distributors, Ordr and Elisity, work to reach microsegmentation on the community change, the place earlier networking options faltered. Their method is effectively suited to device-heavy environments like OT and healthcare.
TrueFort integrates with present EDR brokers for telemetry gathering and coverage enforcement.
Zero Networks comes on the area with a wholly new method constructed on remotely programming host firewalls and letting the specific coverage develop organically by means of multifactor authentication approvals. Zero Networks even has insurance policies particular to area controllers.
Microsegmentation Leaders Are Nonetheless Main
The distributors from the earlier Wave haven’t been standing nonetheless. Illumio and Akamai Guardicore have been busy, the previous including layer 7 assist and tons of options round incident response and the latter integrating Zero Belief community entry with microsegmentation. ColorTokens is concentrated on making its prospects “breach-ready.”
In the meantime, groups at Cisco try to leapfrog the entire trade with bleeding-edge expertise like eBPF and information processing unit assist to appreciate the imaginative and prescient that it calls Hypershield.
Different Distributors Ship Microsegmentation With Their Personal Approaches
Broadcom delivers microsegmentation for virtualized environments primarily based on its acquisition of VMware. Hewlett Packard Enterprise supplies network-based microsegmentation primarily based on its Aruba acquisition. Hillstone Networks has two microsegmentation product choices, one for private-cloud digital environments and one other for container, bare-metal servers, and cloud hosts.
Learn The Analysis; Microsegment The Issues
Microsegmentation patrons have extra selections than ever and may have some confidence that these once-failure-prone tasks may very well work this time. That’s nice information, as a result of the demand for microsegmentation, a frequent inquiry subject for Forrester purchasers, has by no means been greater.
Forrester purchasers can learn The Forrester Wave™: Microsegmentation Options, Q3 2024, to seek out the answer that works for his or her setting.
This weblog was written by former Forrester Principal Analyst David Holmes.