February 26, 2024
April 2, 2024
 —  
Blog

From the Front Lines: Microsegmenting your network doesn’t have to be hard

From the Front Lines: Microsegmenting your network doesn’t have to be hard

I have been following the discussions around network segmentation that were kicked off with the issuance of the new NSA guidance on Zero Trust Maturity, where they highly recommended implementing microsegmentation. It echoed the Akamai State of Segmentation Report, which concluded:

Segmentation is good. Microsegmentation is better.

When surveyed about why companies had not implemented microsegmentation, the report results matched the customer sentiment I heard when we presented the BlastWave solution.

Lack of skills and resources is a very legitimate issue for OT organizations. Many OT customers view cybersecurity as an additional duty, not a full-time role (which differs greatly from IT).

Complexity, cost, and performance are also legitimate complaints. However, in the scheme of a business or critical infrastructure facility, the cost of NOT doing it is very high. The Akamai report also showed that segmentation has significant benefits. After a breach, recovery happens 11 hours faster with segmentation, and attacks can be stopped in less than 4 hours rather than 15 hours.

That is the bad news. The good news is that almost all of the challenges above can be solved with the proper application of OT cybersecurity technology, say, with someone like BlastWave ;-)

What if I told you that you can microsegment your network simply by switching your layer 2 switch to port isolation mode?

I talked about BlastWave being easy to use in my previous blog, and the ease of use extends to microsegmentation. Our concept of a software-defined perimeter (SDP) includes the ability to slowly microsegment a network by importing lists of the devices on the network, creating groups of devices and users, and setting access policies down to the device level (if desired).

That sounds daunting and complicated, but configuring “Let Tom access all cameras and sensors” is way better than typing in long lists of IP addresses, protocols, and port numbers in an ACL or firewall rule configuration. 

Many BlastWave customers have microsegmented down to the device level, all with a single OT network administrator simply adding segmentation configurations over time. No rearchitecting of the network, no re-IP addressing, and no complex configurations.

At BlastWave, we simply protect OT networks.

Want to try it in your network? Schedule a demo.

Download Infographic (PDF)
Vince Zappula
Vince Zappula
Head of Sales
view All Posts
Latest Posts
Network Cloaking
Industry Snapshot: Defending the Water Supply
Network Segmentation
Maybe Don’t Ping that Port Again
OT Secure Remote Access
The OT Cybersecurity Dilemma: Selecting your new vault door
OT Secure Remote Access
Make it Easy to Do Right and Hard to Go Wrong: BlastWave’s Product Strategy
Authors
No items found.
Tags
No items found.
Follow Us
Subscribe

Our Privacy Policy applies.

<< Previous article in
Network Segmentation
OT Secure Remote Access
Network Cloaking
Network Segmentation
Next article in
Network Segmentation
>>

Experience the simplicity of BlastShield to secure your OT network and legacy infrastructure.

Schedule a Demo
Tackling OT Security in a ZTNA Era
In The News
Tackling OT Security in a ZTNA Era
Tackling OT Security in a ZTNA Era
In The News
Tackling OT Security in a ZTNA Era
Tackling OT Security in a ZTNA Era
Press Release
Tackling OT Security in a ZTNA Era
Industry Snapshot: Defending the Water Supply
Blog
Industry Snapshot: Defending the Water Supply
eBook
AI-Resistant OT Cybersecurity Simplified
AI-Resistant OT Cybersecurity Simplified
eBook
AI-Resistant OT Cybersecurity Simplified
Company

Our Privacy Policy applies.

Privacy Policy | Cookie Policy | © 2024 BlastWave, Inc. All Rights Reserved