An expanding and fragmenting attack surface—which results from mobility and multicloud adoption—is undermining the ability of network engineering and operations leaders to maintain network performance, security, reliability, and availability.
Traditional network-based segmentation that is based on VLANs and VXLANs, in addition to even more recent microsegmentation techniques like VMware NSX and Cisco ACI, is insufficient. Constrained by the network architecture, they are tactical, rather than strategic, and focused on business logic. They are also typically static, allowing once-trusted users, devices, and applications free rein in their permitted segments. Finally, they lack comprehensive visibility across the network and into encrypted flows, detection, and enforcement by advanced Layer 7 security, which is essential to effective risk management.