Forrester's Take On The Microsegmentation Solutions Landscape In Q2 2024

Microsegmentation projects have a history of being among the most challenging, complex, and uncertain cybersecurity projects to complete, with the majority failing. Reasons include unrealistic project planning, flawed execution, analysis paralysis setting in, and organizations struggling to find nontechnical business drivers.

Adding to the challenges of completing microsegmentation projects is the move by many organizations to create flatter private networks. The flatter the network, the more it defies granular policy definitions to the level that microsegmentation needs to secure infrastructure.

Flatter networks are more challenging to protect due to the blast radius of malware, ransomware, and open-source attacks, as well as the persistent threat of attacks using stolen privileged access credentials and identities.

Forrester Sees Improvements In Microsegmentation

Forrester notes improvements are happening across the microsegmentation landscape, however. Their latest report, Microsegmentation Solutions Landscape, Q2 2024, provides insights into how advances in host-level enforcement are making microsegmentation easier or more native within digital architecture. New vendors entering the market are finding innovative ways to use underlying endpoint protection platforms (EPP), endpoint detection, and response (EDR) agents as enforcement points.

The Forrester report released this week analyzes 23 microsegmentation vendors and provides new insights into how quickly the landscape is changing in response to more severe threats.   As of today, microsegmentation's three dominant use cases are applying Zero Trust, defending against ransomware, and providing flow visibility.

Microsegmentation vendors profiled in the report include Airgap Networks (recently acquired by Zscaler), Akamai Technologies, Arista Networks, Armis, Avocado Systems, Broadcom, Cisco, Claroty, ColorTokens, Elisity, Gigamon, Hillstone Networks, HPE Aruba Networking, Illumio, Nutanix, Ordr, Sangfor Technologies, Tencent, TrueFort, Unisys, vArmour, Xage Security and Zero Networks.

Microsegmentation Has An Essential Role In Zero Trust  

The growing complexity and speed of cyberattacks show that when there's assumed or implied trust in any network security configuration, there's a good chance it's going to get breached. Zero Trust enforces least privilege access to every resource in use, defining all devices, identities, systems, and users as untrusted by default. All require authentication, authorization, and continuous validation before being granted access to applications and data.

The Zero Trust framework protects against external and internal threats by logging and inspecting all network traffic, limiting and controlling access, and verifying and securing network resources. For more on how John Kindervag invented Zero Trust Security, be sure to read the two-part interview series Kindervag granted to VentureBeat last year.

Microsegmentation has grown in importance as a core element of zero-trust Trust Security. The goal of network microsegmentation is to segregate and isolate defined segments in an enterprise network, reducing the number of attack surfaces and limiting lateral movement.

Forrester defines microsegmentation as follows in the report:

Microsegmentation is an approach to network security where access to network resources is granted by defined policy, using established relationships between identities and not simply placement within the network topology.

More Severe, Sophisticated Attacks Are Driving Zero Trust Demand

The speed, severity, and sophistication of cyberattacks are increasing the urgency organizations have to get microsegmentation right and make quick progress on their Zero Trust strategies. "While many organizations are proactive about Zero Trust, an enterprise typically seeks a microsegmentation solution after a cybersecurity incident like ransomware has already done its damage," write the report's authors. The authors continue, "Organizations are finally getting serious about Zero Trust. Some, proactively, are implementing microsegmentation as part of a Zero Trust strategy or initiative."

Forrester points out that Zero Trust has been around for approximately 15 years, with microsegmentation being a core component of its framework. The reports' authors underscore the growing importance of microsegmentation as a core part of any organization achieving its Zero Trust objectives, specifically for its ability to enforce detailed access controls and minimize lateral movement within and between networks. Microsegmentations' role in Zero Trust is defined by the National Institute of Standards and Technology (NIST) in their free, downloadable standards document, NIST SP 800-207 Zero Trust Architecture. It's considered one of several go-to resources for organizations planning their zero trust strategy and frameworks.

Three Use Cases Are Dominating Forrester's Client Inquiries  

Forrester enterprise clients most frequently seek additional insights on three core use cases: Apply Zero Trust, defend against ransomware, and provide flow visibility. Beyond these core use cases, enterprise clients investing in microsegmentation often look for vendors that focus on an extended series of use cases, too. These include secure private clouds, secure public cloud workloads, secure healthcare environments, secure OT environments, and isolating IoT devices.

Forrester advises clients to consider the IT infrastructure or environment they are trying to protect first, then select the use cases that most closely match their business requirements. Having a clear definition of those two areas helps simplify the decision of which functionalities matter most to technology evaluations and vendor selection criteria. The following table shows how microsegmentation functionality maps to the three primary use cases.

Fewer Stalled Projects Is The Goal

It's common for microsegmentation to be scheduled later in a Zero Trust project schedule because CISOs and CIOs want to get some quick wins first and quantify the value they're delivering for the investment. Scheduling microsegmentation later in a project gives them a chance to get a winning track record going and build up project credibility before the many challenges of microsegmentation start.

Forrester's latest take on microsegmentation shows that the innovation coming into the market has the potential to help improve project success rates and keep projects moving, preventing them from stalling out before being done.