A glimpse of how three microsegmentation products work, key features, and differentiators. Credit: Getty Images Interest in microsegmentation is growing rapidly. Vendors are stepping forward to help enterprises update their infrastructure security to prevent catastrophic intrusions and data thefts. Here’s a look at three microsegmentation market players, showing what they offer, how they work and the ways they differ. Edgewise Networks zero-trust environment Product name: Edgewise Zero Trust Segmentation What it does: Edgewise takes the position that address-based controls aren’t sufficient to protect enterprise assets, particularly in cloud environments where security teams have only limited control over the network. The company says it’s the only vendor to offer a zero-trust platform that microsegments data and applications via a cryptographic identity fingerprint instead of with traditional address-based controls. Key features: Edgewise promises to eliminate unnecessary communication paths and shrink attack surfaces by more than 90%. The product automatically creates a compressed set of policies that enable organizations to build zero trust security. Users can review policies created by machine learning and simulate their effects prior to enforcement. As a network overlay, there’s no need for major architectural changes. Differentiation: Promises to place protection as close to data as possible. Application-aware policies travel with all applications and services to limit potential compromises to the affected asset, not the entire network. The product automatically identifies all communicating software and suggests zero-trust policies, which can be applied with a single click. VMware takes agentless approach Product name: VMware NSX What it does: VMware NSX is a networking and security platform that’s designed to deliver infrastructure microsegmentation across the entire data center. Adopters can prevent unauthorized lateral movements by using VMware NSX’s microsegmentation capabilities to define and enforce network security policies consistently on any workload hosted anywhere within their environment. Security policies are applied whenever a virtual machine spins up, can be moved when a VM is migrated, and removed when a VM is deprovisioned. NSX secures communication within a virtual network with flexible security policies that are designed to reflect business logic and workflows. Beyond using IP addresses, NSX policies incorporate identifiers such as virtual machine name, virtual network and OS. Key features: An agentless approach that supports layer 7 security policies. A single management pane. The ability to lock down critical apps. Users can create a logical DMZ in software. Flexible security policies are aligned to virtual network, VM, OS type and dynamic security tags for granularity of security down to the virtual NIC. Differentiation: Microsegmentation is provided as part of an integrated networking and security platform; agentless technology. ShieldX Networks emphasizes automation Product name: ShieldX Elastic Security Platform What it does: ShieldX’s microservices platform combines network-based security with application and infrastructure technologies. The product’s automated approach is designed to ensure that microservices are inserted only when and where they are needed. Microservices are inserted directly into infrastructures, allowing for automated intent-based security policies. Security features and microsegmentation can be scaled on demand to support business innovation, meet compliance requirements and protect organizations against the latest cyberattack methods. The product is also designed to ensure that no workloads in hybrid or multi-cloud environments are more vulnerable than others. Key features: Offers the ability to create policies using a machine-learning algorithm. Microservices can be upgraded without disrupting network traffic. A Global Threat Configuration display presents the total number of threats along with detailed information. An Event Explorer feature lets users deny connections and build zero trust policies. Visualization maps provide the ability to tie applications to view specific vulnerabilities and suggested protections. Differentiation: An automated infrastructure with security features and applications is designed to ensure that agents are inserted when and where they are needed. Microsegmentation scaling on demand. Related content news Networking among tech roles forecast for growth in 2024 In the U.S., tech occupation employment is projected to increase by 203,125 jobs, or 3.5%, in 2024, according to CompTIA. By Denise Dubie Apr 23, 2024 3 mins Certifications IT Jobs IT Skills news European trade body lashes out at Broadcom’s VMware licensing changes CISPE said the economic viability of many cloud services utilized by customers in Europe is threatened by “the massive and unjustifiable hikes in prices, the re-bundling of products, the altered basis of billing.” By Prasanth Aby Thomas Apr 23, 2024 5 mins Technology Industry Cloud Computing news Network jobs watch: Hiring, skills and certification trends What IT leaders need to know about expanding responsibilities, new titles and hot skills for network professionals and I&O teams. By Denise Dubie Apr 22, 2024 5 mins Careers Data Center Networking opinion Altnets and neutral hosts: Are options widening for enterprise network services? Independent broadband and telecom-infrastructure providers could provide connectivity options in areas where service is thin, if enterprise concerns about business viability and technology operations are addressed. By Tom Nolle Apr 22, 2024 7 mins Managed Service Providers Network Virtualization Networking PODCASTS VIDEOS RESOURCES EVENTS NEWSLETTERS Newsletter Promo Module Test Description for newsletter promo module. Please enter a valid email address Subscribe