No one likes to admit it but most of what has passed for IT security in the enterprise has historically been rudimentary at best. Most organizations physically segmented their networks behind a series of firewalls deployed at the edge of the network. The trouble is that once malware gets past the firewall it could move laterally almost anywhere in the data center.
With the rise of network virtualization, a new approach to microsegmenting networks is now possible. The new approach involves using microsegmenting to prevent malware from laterally generating East-West traffic across the data center. Instead of a physical instance of a firewall, there is now a virtual instance of a firewall that is simpler to provision and update.
Read more at SDxCentral
