The practice of microsegmentation takes the principles of least privilege to their logical conclusion by atomizing the isolating techniques of network segmentation. Security architects use microsegmentation to create security boundaries that can extend all the way into individual workloads by controlling East-West, or server-to-server, traffic flows between applications. The bulkheads put up through microsegmentation make it possible to better limit lateral movement of attackers, even in a cloudy world with no perimeter.
But the practice can be tricky to get right, and many experts warn that the journey to effective microsegmentation is fraught with pitfalls. Here are a few suggestions about how to avoid the mistakes en route to effective microsegmentation.