Deconstructing the new Xshield update

Author

Venky Raju

Read Time

2 Minutes

Last Updated

Feb 14, 2024

table of contents

In case you missed it, we recently launched a significant update to our Xshield Enterprise Microsegmentation Platform. We added new capabilities in four major areas to address key microsegmentation challenges:

Deconstructing the new Xshield update

The new capabilities in this update were primarily driven by our experiences working with businesses over several years. Some were implementing microsegmentation for the first time, while others had attempted to do so but were looking for better solutions.

Some microsegmentation challenges were technological; the business had a complex IT infrastructure with legacy operating systems and applications running side-by-side with modern container-based applications. This posed a challenge with gaining visibility of traffic flows across these environments and defining and enforcing least-privilege policies. We also had inquiries from enterprises that were adopting Industry 4.0 and needed IT-OT integration but were concerned about cybersecurity risks. Implementing microsegmentation within each environment is sufficiently complex on its own accord, and they expressed concerns of undertaking microsegmentation across the boundary without a singe, centralized management system.

Often, the microsegmentation solutions themselves introduced technical challenges. For example, microsegmentation solutions that rely solely on network elements like switches and routers (VLANs and ACLs) or cloud service provider technologies (VPCs and Security Groups) will only work within those environments.

Others were operational challenges; past attempts at microsegmentation resulted in business disruptions or other unintended consequences, primarily due to a lack of visibility and insufficient knowledge of application interactions. The latter is a particularly acute problem as tribal knowledge among system administrators and application architects is often the only source of truth.

And then there is the problem of scale. The inability to measure and track progress in large-scale microsegmentation projects often caused a lack of faith in both the project and the technology. This is frequently the cause of excellent technology solutions becoming shelfware.

In the coming days, I will write about these challenges with real-world examples, and how Xshield’s new capabilities can help your microsegmentation endeavor. In the meantime, If you have any questions or would like a personalized demo, feel free to reach out to us . We’re here to help!