Achieving Zero Trust with Cutting-Edge Micro-Segmentation
Home > Tech > Article

Achieving Zero Trust with Cutting-Edge Micro-Segmentation

Share it!
Sofía Garduño By Sofía Garduño | Journalist & Industry Analyst - Wed, 06/07/2023 - 12:01

Companies are operating in increasingly hybrid environments, making it difficult to successfully protect from cyberattacks without disrupting operations. To address this problem, Akamai introduced an approach to cybersecurity that merges zero trust and micro-segmentation to bolster security in the digital landscape. 

Zero-trust architecture prioritizes resource and information security through constant risk evaluation and limited resource access. On the other hand, micro-segmentation divides networks into sub-networks, establishing barriers against unauthorized access and preventing lateral movement in the event of cyberattacks. Although their implementation approaches may differ, both strategies aim to safeguard systems and data against increasingly sophisticated threats. 

"Zero Trust helps identify and not grant excessive permissions to those who do not need them. It is preferable to remove privileges rather than experiencing any eventualities," says Alejandro Martínez, Sales Engineer Senior, Akamai. Organizations can proactively secure assets using a zero-trust framework, especially in hybrid and cloud environments. Instead of relying solely on perimeter-based controls, zero trust extends its security measures within the network, strictly controlling east-west access and assuming risk with every network request. 

The zero-trust model brings simplicity to cybersecurity by eliminating the concept of trust. The integration of security tools and systems, along with the automation of repetitive tasks, simplifies security operations. Security teams verify and authorize every network request, minimizing the reliance on access decisions made by individuals. 

Micro-segmentation complements network segmentation by creating barriers against unauthorized access to critical data. It divides networks into subnetworks or zones and employs firewalls as gateways between them. These firewalls regulate access between subnetworks, ensuring that movement is authorized and limited. By enforcing secure micro-perimeters within the network, micro-segmentation enhances cybersecurity defenses, particularly by restricting traffic between subnetworks and servers. "In micro-segmentation, one of the most common scenarios is the ability to verify if the user accessing the application is the correct one," says Martínez.

Akamai's approach to micro segmentation is based on two key aspects. First, the company provides extensive coverage for hybrid infrastructures, allowing for a comprehensive approach. Akamai defines specific policies that enable the blocking of suspicious or unwanted communications, thereby providing robust protection. Second, through the assignment of labels, Akamai can place applications in specific segments that only select users can access. It focuses on carrying out this assignment quickly and effectively, ensuring that applications are protected at all times. Akamai is committed to delivering micro-segmentation solutions that guarantee security and control in hybrid infrastructure environments.

Clients operate in hybrid environments, making it increasingly difficult to achieve accurate segmentation while obtaining regulatory approval for the segmented information. Akamai recognizes the importance of understanding all communication flows and effectively segmenting critical applications. By thoroughly analyzing the nature of communication and assessing its necessity, Akamai ensures that the segmentation process aligns with regulatory requirements. The company’s approach allows it to provide efficient and compliant segmentation solutions tailored to the unique needs of our clients.

The combination of zero trust and micro-segmentation offers a robust cybersecurity solution. One of its key advantages is enhanced visibility, which involves creating a detailed map of application dependencies and establishing traceability. Another significant benefit is enforcement, which involves creating and implementing policies based on the traffic discovered within the network. Furthermore, a robust security framework provides precise detection of security breaches, attacks and the ability to mitigate the impact of ransomware incidents promptly.  “We strive to ensure that all our clients are not burdened with multiple alerts and are able to effectively counter cyberattacks. In the event of a cyberattack, time is of the essence. We must act swiftly and utilize a range of tools,” says Martínez.

Zero trust narrows access to the minimum level required for each task while mitigating risk, while micro-segmentation further strengthens security by restricting traffic between subnetworks and isolating compromised segments. By implementing both strategies, organizations can bridge the gap between high-level security strategy and implementation, enhancing visibility, control and protection in the face of evolving cyberthreats.

In a remarkable success story, a company lacking Akamai’s Guardicore protection fell victim to an undetected attack, explains Martínez. An infected machine scanned its network, aiming to spread ransomware throughout the organization. Akamai's swift intervention with Guardicore provided immediate visibility, detecting the infected machine's scanning activity and revealing the infection vector through multiple connections. Micro-segmentation played a pivotal role in the success, as service-level policies were created to mitigate the threat without disrupting business operations. Guardicore's visualization of the incident allowed for targeted blocking of infection-generated communication, resulting in the successful remediation of the server without any interruptions. By redirecting blocked traffic to an isolated environment and identifying malicious behavior, Akamai effectively neutralized the ransomware's propagation and significantly reduced the likelihood of future attacks.

You May Like

Most popular

Newsletter