4 Key Insights From the 2023 Gartner® Market Guide for Microsegmentation
Growing hybrid environments, building Zero Trust initiatives, and increasing risk of lateral movement – if these sound like your organization’s cybersecurity concerns, you’re not alone.
And you’re likely finding that the traditional detection and prevention tools you’ve been using aren’t enough to secure against today’s complex threat landscape. Ransomware and breaches are inevitable, and it’s vital that your organization has a way to stop and contain the spread of breaches.
The first-ever Gartner® Market Guide for Microsegmentation recommends implementing microsegmentation, also called Zero Trust Segmentation (ZTS), to secure hybrid environments, stop lateral movement, and build Zero Trust. Illumio has been named as a Representative Vendor for microsegmentation in the report.
Read the full Market Guide here.
4 takeaways from the Gartner Market Guide
Here are the top insights that we believe stood out from the report:
1. By 2026, 60% of enterprises working toward zero trust architecture will use more than one deployment form of microsegmentation, which is up from less than 5% in 2023.
In the report, Gartner explains that traditional perimeter-based security can enforce policies between network sites but can’t segment traffic between workloads. Network firewalls simply can’t keep up with the scale and pace of today’s infrastructure.
That’s why cybersecurity leaders are turning to ZTS, says Gartner. They’re looking for ways to enable security policies at the workload level to enforce Zero Trust principles, stop lateral movement, and limit the blast radius of breaches.
In fact, according to Gartner, “By 2026, 60% of enterprises working toward Zero Trust architecture will use more than one deployment form of microsegmentation, which is up from less than 5% in 2023.”
This reflects a growing realization that it simply doesn’t make sense to use yesterday’s security to protect today’s and tomorrow’s complex environments from breaches.
2. Gartner sees interest across all verticals and geographies.
It’s no longer acceptable to assume that certain organizations can be excluded from cybersecurity concerns based on their size, industry, or location. Over the last few years, we have seen organizations from every industry targeted by ransomware gangs as they seek to cause maximum disruptions.
Ransomware and breaches are everyone’s concern – making ZTS an essential, high-value technology.
The new guide says that “Gartner sees interest across all verticals and geographies. Midsize organizations are evaluating microsegmentation solutions, which is a relatively new development.”
It’s important for organizations to look for vendors that offer scalable, flexible ZTS implementation that can grow and adapt with their organization. ZTS vendors should also be able to prove their return on investment (ROI) while offering ways for organizations to see and secure their vulnerabilities.
3. Perimeter-based security technologies, which are deployed at the edge of on-premises and hosted (“in the cloud”) data centers, enforce policies between sites but cannot segment traffic between workloads or processes.
The last few years saw a wave of digital transformation as organizations worked overnight, in many instances, to manage remote work and migration to the cloud. This has introduced a more complex environment and, most importantly, an increase in fragmented perimeters.
Gartner sees cybersecurity leaders turning to Zero Trust security strategies to deal with these risks. This has led organizations to “Implement fine-grained zoning and microsegmentation technologies as a practical way of enforcing Zero Trust principles for public, private, and hybrid cloud infrastructures,” says Gartner.
By building granular security policies at the workload level, security teams can protect the risks associated with today’s fragmented network perimeters without needing to rely on inconsistent IP addresses.
4. Test the tools' capability extensively
Gartner recommends that cybersecurity leaders prioritize testing the capabilities of ZTS solutions before committing to a vendor.
This includes ensuring the solution can:
- Create rules based on application – identity, tags, labels, and characteristics
- Collect contextual data from various cloud sources, asset inventory, CMDBs, etc.
- Scale seamlessly when implementing these features
We believe, not all ZTS vendors offer all these features, especially in a way that can scale seamlessly, easily integrate with other security tools and platforms, and provide quick, provable ROI.
How Illumio delivers ZTS core capabilities
We believe the core capabilities of ZTS as outlined by Gartner in the report align not only with Illumio’s founding purpose but also with the problems we’re solving for our customers and the approach we recommend in taking to adopt ZTS in a way that scales and delivers real value.
Find out how we believe Illumio aligns with these core capabilities:
- Flow mapping, which is the ability to gather and show North/South and East/West traffic flows and use them in the policy definition (it can present this data in a visual manner): Illumio’s application dependency mapping allows organizations to gain easy-to-understand visibility into traffic across all workloads, including containers, IoT, and virtual machines, in a single console. This allows security teams to pinpoint network risks and create security policies that block unnecessary connections between ports.
- Workload isolation, which is isolation from other workloads based on security policy: Illumio enables microsegmentation between workloads and uses context (i.e., tags or labels) to define policy between those workloads.
- Policy enforcement, including the definition of rules based on different factors: With Illumio, teams can specify security policy without relying on IP addresses, ensuring that policy is flexible and adaptable to network changes.
- The ability to deploy in the virtualized and infrastructure-as-a-service environments: Illumio delivers one comprehensive ZTS solution for all on-premises, cloud, and hybrid environments, enabling visibility and policy deployment at scale.
Longer-term, Gartner expects ZTS vendors to offer additional capabilities, including extending ZTS to endpoint devices. Illumio Endpoint already meets this need by dynamically limiting what ports are open and what IP addresses the endpoint can communicate with to stop ransomware and breaches from spreading.
Read the full Market Guide here.
Contact Illumio today for a free consultation and demo.
Gartner, Market Guide for Microsegmentation, Adam Hils, Rajpreet Kaur, Jeremy D'Hoinne, June 2023
GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.