Segmentation

Segmentation divides a network into zones so a breach in one can’t move laterally into others, shrinking the blast radius. VLANs, firewalls, and host-based policies layer together; micro-segmentation pushes the idea to per-workload rules in cloud and data-center environments and is a pillar of zero trust.