The National Transportation Safety Board began implementing microsegmentation tools in 2017.
“Like most modern networks, the NTSB network was segmented into smaller, compartmentalized sub-networks based on the sensitivity of the assets or services, which is a way to subdivide the network into smaller chunks,” CTO Victor Pham says. “Microsegmentation, by definition, segments our enterprise into even smaller components at the application level or the workload level.”
Microsegmentation can be designed to differentiate between endpoints, containers or other defined segments, and offers increased visibility across each, which can help administrators identify and detect threats and stop lateral movements through a network.
“It’s a granular approach that allows you to map out who was talking to whom, what and where. This is especially important for government organizations that don’t typically have a lot of visibility in their environments,” Rivera says.
Microsegmentation is increasingly essential in zero-trust environments, part of a 2021 executive order requiring all federal agencies to improve their cybersecurity postures. Zero trust deems all users, devices and workloads untrustworthy unless they are verified.
“Microsegmentation combined with user identity and endpoint security is the Holy Grail of zero trust,” Pham says. “With those three, you have a foundation and can layer any agency-specific risk management functions on top.”