Micro-Segmentation

Micro-segmentation is a network security technique that divides the network into very small, isolated segments — potentially down to individual workloads or applications — each with its own security policies. Unlike traditional segmentation that creates broad network zones, micro-segmentation provides granular control over traffic between individual systems.

Micro-segmentation is a core component of Zero Trust architecture. It limits lateral movement — even if an attacker compromises one system, they can't move freely to other systems because each connection must pass through security controls and be explicitly authorized.