While It\u2019s great for automating networks, it doesn\u2019t readily address the security gap.\u00a0\nSecurity and networking professionals are getting excited by vendor promises that software defined networks and network virtualization enable micro-segmentation of network resources to block unwanted traffic from transiting sensitive enterprise assets.\u00a0\nA crucial failure of traditional enterprise networking is that once an intruder gains access at any point, they are able to move laterally to other hosts within that network. IT and data security architects attempt to limit the potential damage by splitting the network into logical segments \u2013 IP subnets \u2013 and limiting access through use of firewalls and virtual LANs.\u00a0\nSegmentation can be complex to manage, however, particularly as enterprises increase the number of virtual machines in their environment, resulting in gaps that patient hackers can exploit.\u00a0\n\u201cAs server virtualization has increased in popularity, the amount of traffic moving laterally across the data center (east-west) has dwarfed traditional client\/server traffic, which moves in and out (north-south),\u201d writes Zeus Kerravala, founder and principal analyst of ZK Research. \u201cThis is playing havoc with data center managers as they attempt to meet the demands of this era of IT.\u201d\u00a0\u00a0\nTraditional segmentation is not scalable and is prone to human error. This type of defense strategy also breaks down at the network edge, where a patchwork of VLANs, Access Control Lists, routing rules, firewall policies, and other technologies are complex and tedious to maintain. Meanwhile, the number of IoT devices tying into networks is growing by leaps and bounds, with some 24 billion devices projected to be installed by 2020.\u00a0\nSound strategy, but complex\nMicro-segmentation is scalable, because it leverages software-defined networking (SDN) and software-defined data center (SDDC) technologies that can segment every single host within a subnet, and ensures that security persists as guest systems move within the data center or to other data centers.\u00a0\nBut implementing this sound strategy can add additional complexity. Furthermore, when micro-segmentation still relies on IP address identification it is fundamentally flawed. IP addresses can be impersonated through spoofing all too easily.\u00a0\nWhile it moves us forward leap years with regard to automating the networks, micro-segmentation doesn\u2019t readily address the security gap. According to IDC analysts, \u201cIncreasingly, networking and security will have to become seamlessly interconnected rather than deployed and managed separately, including WANs that are software defined. The \u2018secure SDN\u2019 might be achieved through different means, but one emerging alternative involves bringing seamless trust through cryptographic identities (CIDs) to SDN.\u201d\u00a0\nCIDs are at the heart of Tempered Networks\u2019 Identity Defined Networking (IDN) products. With IDN, each device or network is assigned a unique cryptographic identity, which enables the creation and application of granular rules and policies.\u00a0\n\u00a0\u201cThe primary advantage is the ability to hide white listed devices from anything (and anybody) that doesn\u2019t need to see them,\u201d writes Tempered Networks CEO Jeff Hussy. \u201cFor example, a policy can dictate that medical devices can only talk to other medical devices. A policy can apply to all physical, software, embedded, virtual, and cloud form factors. You have the flexibility to create networks across its hybrid network. You effectively create a secure [SDN], and go a step further by supporting east-west and north-south traffic.\u201d\u00a0\nThis approach makes it easier and simpler to implement micro-segmentation. IDN provides encrypted host-to-host communications, which makes it simple to securely connect and segment thousands of devices or a single device, reducing attack surfaces by as much as 90%, according to Tempered Networks.\u00a0\nFor more information, go to Simple Micro-Segmentation.