Traditional Segmentation Fails in the Face of Today’s Expanding Attack Surface

An expanding and fragmenting attack surface—which results from mobility and multicloud adoption—is undermining the ability of network engineering and operations leaders to maintain network performance, security, reliability, and availability.

Traditional network-based segmentation that is based on VLANs and VXLANs, in addition to even more recent microsegmentation techniques like VMware NSX and Cisco ACI, is insufficient. Constrained by the network architecture, they are tactical, rather than strategic, and focused on business logic. They are also typically static, allowing once-trusted users, devices, and applications free rein in their permitted segments. Finally, they lack comprehensive visibility across the network and into encrypted flows, detection, and enforcement by advanced Layer 7 security, which is essential to effective risk management. 

Previous Flipbook
State of Operational Technology and Cybersecurity, 2020
State of Operational Technology and Cybersecurity, 2020

To explore the state of cybersecurity in OT environments, Fortinet surveyed plant operations and manufactur...

Next Flipbook
Fortinet SD-Branch Secures the Network Edge at the Branch
Fortinet SD-Branch Secures the Network Edge at the Branch

Fortinet SD-Branch consolidates the network access layer within a secure platform that provides visibility ...