Forrester simply revealed the second version of The Forrester Wave™: Microsegmentation Options. Simply over two years separates this analysis from the earlier report, and the technological advances over that brief time are gorgeous.
The earlier analysis, The Forrester New Wave™: Microsegmentation, Q1 2022, was all about layer 3 microsegmentation in an information heart (or personal cloud) atmosphere. Again then, you solely had two approaches to select from:
- Software program (brokers).
- Infrastructure (switches and hypervisors).
Microsegment Every little thing, All over the place, By Community, Workload, And Id
However right this moment, enterprises are microsegmenting these completely different environments in a way more refined trend:
- Public cloud workloads (in 4 or extra hyperscalers)
- Microservices, in each public cloud and on-premises
- Operational know-how (OT) and IoT
- Healthcare
- Information heart/personal cloud (nonetheless major use instances)
As an alternative of simply static, layer 3 community guidelines, distributors have added all ports and protocols (layer 4), person and machine identities (layer 7), process-level metadata, and even endpoint detection and response (EDR) threat scores to microsegmentation coverage.
These new, responsive, and dynamic safety insurance policies help bangin’ options like auto-quarantine, emergency button (mass quarantine), and stay restoration throughout an energetic ransomware assault. None of that was attainable two years in the past, however now these options are discovered throughout a number of vendor options.
We’re At The Daybreak Of The Golden Age Of Microsegmentation
What a time to be alive! The goodness doesn’t cease there. This Wave analysis included 4 distributors that weren’t within the final analysis that every carry a recent strategy and, we predict, will shortly problem the market leaders.
Two of those distributors, Ordr and Elisity, work to reach microsegmentation on the community swap, the place earlier networking options faltered. Their strategy is effectively suited to device-heavy environments like OT and healthcare.
TrueFort integrates with present EDR brokers for telemetry gathering and coverage enforcement.
Zero Networks comes on the area with a wholly new strategy constructed on remotely programming host firewalls and letting the specific coverage develop organically by multifactor authentication approvals. Zero Networks even has insurance policies particular to area controllers.
Microsegmentation Leaders Are Nonetheless Main
The distributors from the earlier Wave haven’t been standing nonetheless. Illumio and Akamai Guardicore have been busy, the previous including layer 7 help and tons of options round incident response and the latter integrating Zero Belief community entry with microsegmentation. ColorTokens is targeted on making its prospects “breach-ready.”
In the meantime, groups at Cisco are trying to leapfrog the entire trade with bleeding-edge know-how like eBPF and knowledge processing unit help to comprehend the imaginative and prescient that it calls Hypershield.
Different Distributors Ship Microsegmentation With Their Personal Approaches
Broadcom delivers microsegmentation for virtualized environments primarily based on its acquisition of VMware. Hewlett Packard Enterprise supplies network-based microsegmentation primarily based on its Aruba acquisition. Hillstone Networks has two microsegmentation product choices, one for private-cloud digital environments and one other for container, bare-metal servers, and cloud hosts.
Learn The Analysis; Microsegment The Issues
Microsegmentation consumers have extra decisions than ever and may have some confidence that these once-failure-prone initiatives may very well work this time. That’s nice information, as a result of the demand for microsegmentation, a frequent inquiry subject for Forrester shoppers, has by no means been larger.
Forrester shoppers can learn The Forrester Wave™: Microsegmentation Options, Q3 2024, to seek out the answer that works for his or her atmosphere.
This weblog was written by former Forrester Principal Analyst David Holmes.