Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the easy-accordion-free domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/mother99/jacksonholdingcompany.com/wp-includes/functions.php on line 6114

Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the zoho-flow domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/mother99/jacksonholdingcompany.com/wp-includes/functions.php on line 6114

Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the wordpress-seo domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/mother99/jacksonholdingcompany.com/wp-includes/functions.php on line 6114

Warning: Cannot modify header information - headers already sent by (output started at /home/mother99/jacksonholdingcompany.com/wp-includes/functions.php:6114) in /home/mother99/jacksonholdingcompany.com/wp-includes/rest-api/class-wp-rest-server.php on line 1893

Warning: Cannot modify header information - headers already sent by (output started at /home/mother99/jacksonholdingcompany.com/wp-includes/functions.php:6114) in /home/mother99/jacksonholdingcompany.com/wp-includes/rest-api/class-wp-rest-server.php on line 1893

Warning: Cannot modify header information - headers already sent by (output started at /home/mother99/jacksonholdingcompany.com/wp-includes/functions.php:6114) in /home/mother99/jacksonholdingcompany.com/wp-includes/rest-api/class-wp-rest-server.php on line 1893

Warning: Cannot modify header information - headers already sent by (output started at /home/mother99/jacksonholdingcompany.com/wp-includes/functions.php:6114) in /home/mother99/jacksonholdingcompany.com/wp-includes/rest-api/class-wp-rest-server.php on line 1893

Warning: Cannot modify header information - headers already sent by (output started at /home/mother99/jacksonholdingcompany.com/wp-includes/functions.php:6114) in /home/mother99/jacksonholdingcompany.com/wp-includes/rest-api/class-wp-rest-server.php on line 1893

Warning: Cannot modify header information - headers already sent by (output started at /home/mother99/jacksonholdingcompany.com/wp-includes/functions.php:6114) in /home/mother99/jacksonholdingcompany.com/wp-includes/rest-api/class-wp-rest-server.php on line 1893

Warning: Cannot modify header information - headers already sent by (output started at /home/mother99/jacksonholdingcompany.com/wp-includes/functions.php:6114) in /home/mother99/jacksonholdingcompany.com/wp-includes/rest-api/class-wp-rest-server.php on line 1893

Warning: Cannot modify header information - headers already sent by (output started at /home/mother99/jacksonholdingcompany.com/wp-includes/functions.php:6114) in /home/mother99/jacksonholdingcompany.com/wp-includes/rest-api/class-wp-rest-server.php on line 1893
{"id":100128,"date":"2024-11-11T23:49:17","date_gmt":"2024-11-11T23:49:17","guid":{"rendered":"https:\/\/jacksonholdingcompany.com\/zero-trust-inside-device-segmentation-for-branch-factory-and-campus-richard-darnielle\/"},"modified":"2024-11-11T23:49:17","modified_gmt":"2024-11-11T23:49:17","slug":"zero-trust-inside-device-segmentation-for-branch-factory-and-campus-richard-darnielle","status":"publish","type":"post","link":"https:\/\/jacksonholdingcompany.com\/zero-trust-inside-device-segmentation-for-branch-factory-and-campus-richard-darnielle\/","title":{"rendered":"Zero Trust Inside: Device Segmentation for Branch, Factory, and Campus Richard Darnielle"},"content":{"rendered":"

Legacy Network and Security ArchitecturesIn today\u2019s complex digital landscape, lateral threat movement inside the branch, factory, and campus \u2014where malware or attackers pivot across a network\u2014remains a major cybersecurity challenge. Traditional solutions, relying on expensive firewalls or complex network access controls (NAC), often fall short, as they either depend on severely outdated methods or require endpoint agents that aren\u2019t always feasible to deploy. Zscaler\u2019s Zero Trust Device Segmentation offers a streamlined, scalable answer to these security obstacles without the complexity of traditional networks segmentation. With a zero trust architecture inspired by telco networks, it provides an effective strategy to isolate and protect every device inside enterprise networks.<\/p>\n

The Big Problem: Lateral Threat Movement1. Unsegmented Devices Inside the Branch and Factory: Despite years of adding point security solutions, traditional network segmentation methods still allow lateral movement. Attackers can compromise one device and then spread laterally, exposing sensitive data or disrupting operations. This \u201ceast-west\u201d threat movement is particularly problematic in industries where uptime is crucial, like healthcare, manufacturing, and critical infrastructure, and networks are often relatively \u201cflat\u201d.<\/p>\n

2. Shortcomings of Legacy Segmentation Solutions Many existing segmentation solutions rely on access control lists (ACLs) or NAC policies, which require ongoing manual management and do not scale well for modern networks. Additionally, many solutions rely on deploying agents across devices, which can be unfeasible in environments with legacy systems, IoT devices, and operational technology (OT) assets that cannot support agent-based security.<\/p>\n

3. Lack of Enterprise-wide Device Isolation The principle of zero trust asserts that no device, user, or network segment should be trusted by default. However, conventional enterprise networks often lack true device isolation, leaving gaps where threats can spread. This is particularly true of coarse segmentation achieved by deploying east-west firewalls and legacy perimeter security. Zscaler\u2019s approach, by segmenting each device individually into its own network of one, minimizes this risk by ensuring devices can communicate only where explicitly allowed.<\/p>\n

A Telco-Inspired Approach Despite millions of users, telco subscriber networks never pass malware from one phone to another. How? In these systems, each subscriber device operates in isolation, preventing lateral movement. For example, a compromised mobile device on one subscription doesn\u2019t impact other devices. Zscaler has adopted a similar strategy with its Zero Trust Device Segmentation: each device is effectively placed in its own isolated \u201cnetwork,\u201d restricting its ability to connect laterally.<\/p>\n

How Device Segmentation WorksZscaler\u2019s Zero Trust Device Segmentation aims to simplify segmentation by embedding zero trust security directly within the network infrastructure. Here\u2019s a breakdown of the core deployment and operational mechanics:<\/p>\n

1. Simple Deployment<\/p>\n

Placement: The Zscaler Edge appliance is deployed next to the core switch on a trunk port, creating a seamless gateway to intercept and manage device connections.
\n High Availability Configuration: Typically, two appliances are installed as an active and standby pair, ensuring uninterrupted service and resilience against single points of failure.<\/p>\n

2. Automatic Device Segmentation<\/p>\n

SVI Deactivation: Once deployed, the switch\u2019s Switch Virtual Interface (SVI) for the VLAN is deactivated, and the Zscaler Edge appliance assumes the role of the default gateway.
\n Netmask Adjustment for Isolation: As devices renew their IP leases, the appliance modifies their netmask to a \/32, effectively isolating each device with a unique subnet mask.
\n Handling Static IP Devices: For static devices, Zscaler offers automated scripts that update their netmask configurations without requiring downtime or session drops, allowing seamless integration in high-availability environments like hospitals and corporate campuses.<\/p>\n

Inventory Everything, Enforce EverywhereOnce Zscaler\u2019s Zero Trust Device Segmentation is deployed, it enables granular control and visibility across the network:<\/p>\n

1. Device Classification and Dynamic Grouping<\/p>\n

Zscaler\u2019s platform autonomously discovers, classifies, and groups devices by type (e.g., printers, IoT devices, Android devices). As new devices are added or removed, group memberships dynamically update, providing continuous, real-time visibility.
\n Grouping Flexibility: Device groupings can be configured based on type, OS, or custom attributes, allowing for targeted policy enforcement and simplified management.<\/p>\n

2. Policy Enforcement with Role-Based Control<\/p>\n

Policies can be crafted to limit communication between specific device types, regions, or organizational units. For instance, administrators might restrict cameras from communicating with printers or block internal Remote Desktop Protocol (RDP) access organization-wide to greatly reduce attack surface.
\n Scope Customization: Policies can be applied globally, regionally, or locally, providing flexibility for organizations with complex, distributed networks.
\n Centralized Management Portal: Zscaler\u2019s platform includes a management portal with role-based access control, enabling administrators to set policies, view network activity, and make adjustments in real-time.<\/p>\n

3. Full East-West Visibility<\/p>\n

The platform provides a visual map of network activity, capturing all traffic flows across the network. This visibility includes both north-south (external) and east-west (internal) traffic patterns, allowing for quick diagnosis of network issues.
\n Color-coded Flow Indicators: Network events are represented with intuitive color codes: red for blocked traffic, green for allowed connections, and black for default policies. Administrators can simply input a device\u2019s MAC address, hostname, or IP to view its interactions in real time, enabling faster troubleshooting.<\/p>\n

Why Zscaler?The unique architecture of Zscaler\u2019s Zero Trust Device Segmentation offers substantial advantages over traditional methods:<\/p>\n

1. Reduction of Complexity and Cost<\/p>\n

By eliminating the need for east-west firewalls and intricate access control mechanisms, Zscaler significantly reduces network complexity and refresh costs. Administrators no longer need to manage sprawling ACLs or rely on firewall rule updates to maintain segmentation.<\/p>\n

2. Agentless Segmentation for Legacy and IoT Devices<\/p>\n

Many legacy and IoT devices cannot support agents, making them difficult to secure with conventional solutions. Zscaler\u2019s approach, which does not require agents, makes it an ideal solution for industrial environments, smart facilities, and other settings with diverse device types.<\/p>\n

3. Enhanced Compliance and Detection<\/p>\n

Zscaler\u2019s automatic device discovery and classification streamline compliance with industry regulations by ensuring all devices are accounted for and protected. Additionally, the centralized view of network flows helps quickly identify potential security incidents or policy violations.<\/p>\n

4. Rapid Deployment and Flexibility<\/p>\n

Zscaler\u2019s solution can be deployed quickly\u2014often within a day\u2014enabling rapid time-to-value. Its configuration options offer flexibility, allowing organizations to tailor segmentation to their operational needs without requiring downtime or lengthy project timelines.<\/p>\n

Common Device Segmentation Use CasesAutomatic Device Discovery and Classification<\/p>\n

Ideal for environments with a mix of known and unknown devices, such as healthcare or manufacturing. By automating the discovery process, Zscaler allows administrators to keep track of both managed and rogue devices, ensuring network integrity.<\/p>\n

Agentless Segmentation for Legacy, IoT, and OT Devices<\/p>\n

Industries with operational technology assets, like energy and manufacturing, benefit from Zscaler\u2019s agentless segmentation, which provides robust security without disrupting production or requiring retrofitting of any IP endpoint.<\/p>\n

Eliminating East-West Firewalls<\/p>\n

By removing the need for traditional internal firewalls, Zscaler minimizes the attack surface and reduces infrastructure costs. This is especially useful for organizations with a need to isolate IT from OT or separate major production lines that would otherwise require extensive firewall management.<\/p>\n

The End of Lateral Threat Inside the Branch, Factory, and CampusZscaler Zero Trust Device Segmentation introduces a modern, efficient approach to zero trust segmentation for devices inside the branch, factory, and campus. With the ability to isolate every device individually, eliminate traditional firewalls, and manage policy centrally, Zscaler simplifies the complex task of segmentation. Inspired by the inherently isolated telco model, it brings zero trust to all devices, supporting both security and operational continuity.<\/p>\n

For organizations grappling with segmentation challenges, Zscaler\u2019s solution offers the opportunity to achieve true device-level security and resilience\u2014within a day. With Zscaler, segmentation is no longer a lengthy, resource-intensive project but a streamlined, manageable solution that aligns with today\u2019s zero trust principles. And as part of Zscaler Zero Trust for Branch and Cloud, you can now extend zero trust principles everywhere in your enterprise.\u00a0\u00a0<\/p>\n

\u200b[#item_full_content]\u00a0[[{“value”:”Legacy Network and Security ArchitecturesIn today\u2019s complex digital landscape, lateral threat movement inside the branch, factory, and campus \u2014where malware or attackers pivot across a network\u2014remains a major cybersecurity challenge. Traditional solutions, relying on expensive firewalls or complex network access controls (NAC), often fall short, as they either depend on severely outdated methods or require endpoint agents that aren\u2019t always feasible to deploy. Zscaler\u2019s Zero Trust Device Segmentation offers a streamlined, scalable answer to these security obstacles without the complexity of traditional networks segmentation. With a zero trust architecture inspired by telco networks, it provides an effective strategy to isolate and protect every device inside enterprise networks.<\/p>\n

The Big Problem: Lateral Threat Movement1. Unsegmented Devices Inside the Branch and Factory: Despite years of adding point security solutions, traditional network segmentation methods still allow lateral movement. Attackers can compromise one device and then spread laterally, exposing sensitive data or disrupting operations. This \u201ceast-west\u201d threat movement is particularly problematic in industries where uptime is crucial, like healthcare, manufacturing, and critical infrastructure, and networks are often relatively \u201cflat\u201d.<\/p>\n

2. Shortcomings of Legacy Segmentation Solutions Many existing segmentation solutions rely on access control lists (ACLs) or NAC policies, which require ongoing manual management and do not scale well for modern networks. Additionally, many solutions rely on deploying agents across devices, which can be unfeasible in environments with legacy systems, IoT devices, and operational technology (OT) assets that cannot support agent-based security.<\/p>\n

3. Lack of Enterprise-wide Device Isolation The principle of zero trust asserts that no device, user, or network segment should be trusted by default. However, conventional enterprise networks often lack true device isolation, leaving gaps where threats can spread. This is particularly true of coarse segmentation achieved by deploying east-west firewalls and legacy perimeter security. Zscaler\u2019s approach, by segmenting each device individually into its own network of one, minimizes this risk by ensuring devices can communicate only where explicitly allowed.<\/p>\n

A Telco-Inspired Approach Despite millions of users, telco subscriber networks never pass malware from one phone to another. How? In these systems, each subscriber device operates in isolation, preventing lateral movement. For example, a compromised mobile device on one subscription doesn\u2019t impact other devices. Zscaler has adopted a similar strategy with its Zero Trust Device Segmentation: each device is effectively placed in its own isolated \u201cnetwork,\u201d restricting its ability to connect laterally.<\/p>\n

How Device Segmentation WorksZscaler\u2019s Zero Trust Device Segmentation aims to simplify segmentation by embedding zero trust security directly within the network infrastructure. Here\u2019s a breakdown of the core deployment and operational mechanics:<\/p>\n

1. Simple Deployment<\/p>\n

Placement: The Zscaler Edge appliance is deployed next to the core switch on a trunk port, creating a seamless gateway to intercept and manage device connections.
\n High Availability Configuration: Typically, two appliances are installed as an active and standby pair, ensuring uninterrupted service and resilience against single points of failure.<\/p>\n

2. Automatic Device Segmentation<\/p>\n

SVI Deactivation: Once deployed, the switch\u2019s Switch Virtual Interface (SVI) for the VLAN is deactivated, and the Zscaler Edge appliance assumes the role of the default gateway.
\n Netmask Adjustment for Isolation: As devices renew their IP leases, the appliance modifies their netmask to a \/32, effectively isolating each device with a unique subnet mask.
\n Handling Static IP Devices: For static devices, Zscaler offers automated scripts that update their netmask configurations without requiring downtime or session drops, allowing seamless integration in high-availability environments like hospitals and corporate campuses.<\/p>\n

Inventory Everything, Enforce EverywhereOnce Zscaler\u2019s Zero Trust Device Segmentation is deployed, it enables granular control and visibility across the network:<\/p>\n

1. Device Classification and Dynamic Grouping<\/p>\n

Zscaler\u2019s platform autonomously discovers, classifies, and groups devices by type (e.g., printers, IoT devices, Android devices). As new devices are added or removed, group memberships dynamically update, providing continuous, real-time visibility.
\n Grouping Flexibility: Device groupings can be configured based on type, OS, or custom attributes, allowing for targeted policy enforcement and simplified management.<\/p>\n

2. Policy Enforcement with Role-Based Control<\/p>\n

Policies can be crafted to limit communication between specific device types, regions, or organizational units. For instance, administrators might restrict cameras from communicating with printers or block internal Remote Desktop Protocol (RDP) access organization-wide to greatly reduce attack surface.
\n Scope Customization: Policies can be applied globally, regionally, or locally, providing flexibility for organizations with complex, distributed networks.
\n Centralized Management Portal: Zscaler\u2019s platform includes a management portal with role-based access control, enabling administrators to set policies, view network activity, and make adjustments in real-time.<\/p>\n

3. Full East-West Visibility<\/p>\n

The platform provides a visual map of network activity, capturing all traffic flows across the network. This visibility includes both north-south (external) and east-west (internal) traffic patterns, allowing for quick diagnosis of network issues.
\n Color-coded Flow Indicators: Network events are represented with intuitive color codes: red for blocked traffic, green for allowed connections, and black for default policies. Administrators can simply input a device\u2019s MAC address, hostname, or IP to view its interactions in real time, enabling faster troubleshooting.<\/p>\n

Why Zscaler?The unique architecture of Zscaler\u2019s Zero Trust Device Segmentation offers substantial advantages over traditional methods:<\/p>\n

1. Reduction of Complexity and Cost<\/p>\n

By eliminating the need for east-west firewalls and intricate access control mechanisms, Zscaler significantly reduces network complexity and refresh costs. Administrators no longer need to manage sprawling ACLs or rely on firewall rule updates to maintain segmentation.<\/p>\n

2. Agentless Segmentation for Legacy and IoT Devices<\/p>\n

Many legacy and IoT devices cannot support agents, making them difficult to secure with conventional solutions. Zscaler\u2019s approach, which does not require agents, makes it an ideal solution for industrial environments, smart facilities, and other settings with diverse device types.<\/p>\n

3. Enhanced Compliance and Detection<\/p>\n

Zscaler\u2019s automatic device discovery and classification streamline compliance with industry regulations by ensuring all devices are accounted for and protected. Additionally, the centralized view of network flows helps quickly identify potential security incidents or policy violations.<\/p>\n

4. Rapid Deployment and Flexibility<\/p>\n

Zscaler\u2019s solution can be deployed quickly\u2014often within a day\u2014enabling rapid time-to-value. Its configuration options offer flexibility, allowing organizations to tailor segmentation to their operational needs without requiring downtime or lengthy project timelines.<\/p>\n

Common Device Segmentation Use CasesAutomatic Device Discovery and Classification<\/p>\n

Ideal for environments with a mix of known and unknown devices, such as healthcare or manufacturing. By automating the discovery process, Zscaler allows administrators to keep track of both managed and rogue devices, ensuring network integrity.<\/p>\n

Agentless Segmentation for Legacy, IoT, and OT Devices<\/p>\n

Industries with operational technology assets, like energy and manufacturing, benefit from Zscaler\u2019s agentless segmentation, which provides robust security without disrupting production or requiring retrofitting of any IP endpoint.<\/p>\n

Eliminating East-West Firewalls<\/p>\n

By removing the need for traditional internal firewalls, Zscaler minimizes the attack surface and reduces infrastructure costs. This is especially useful for organizations with a need to isolate IT from OT or separate major production lines that would otherwise require extensive firewall management.<\/p>\n

The End of Lateral Threat Inside the Branch, Factory, and CampusZscaler Zero Trust Device Segmentation introduces a modern, efficient approach to zero trust segmentation for devices inside the branch, factory, and campus. With the ability to isolate every device individually, eliminate traditional firewalls, and manage policy centrally, Zscaler simplifies the complex task of segmentation. Inspired by the inherently isolated telco model, it brings zero trust to all devices, supporting both security and operational continuity.<\/p>\n

For organizations grappling with segmentation challenges, Zscaler\u2019s solution offers the opportunity to achieve true device-level security and resilience\u2014within a day. With Zscaler, segmentation is no longer a lengthy, resource-intensive project but a streamlined, manageable solution that aligns with today\u2019s zero trust principles. And as part of Zscaler Zero Trust for Branch and Cloud, you can now extend zero trust principles everywhere in your enterprise.”}]]\u00a0<\/p>","protected":false},"excerpt":{"rendered":"

Legacy Network and Security ArchitecturesIn today\u2019s complex digital landscape, lateral […]<\/p>\n","protected":false},"author":0,"featured_media":0,"comment_status":"","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[11],"tags":[],"class_list":["post-100128","post","type-post","status-publish","format-standard","hentry","category-zenith-zscaler"],"yoast_head":"\nZero Trust Inside: Device Segmentation for Branch, Factory, and Campus Richard Darnielle - JHC<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/jacksonholdingcompany.com\/zero-trust-inside-device-segmentation-for-branch-factory-and-campus-richard-darnielle\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Zero Trust Inside: Device Segmentation for Branch, Factory, and Campus Richard Darnielle\" \/>\n<meta property=\"og:description\" content=\"Legacy Network and Security ArchitecturesIn today\u2019s complex digital landscape, lateral […]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/jacksonholdingcompany.com\/zero-trust-inside-device-segmentation-for-branch-factory-and-campus-richard-darnielle\/\" \/>\n<meta property=\"og:site_name\" content=\"JHC\" \/>\n<meta property=\"article:published_time\" content=\"2024-11-11T23:49:17+00:00\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"13 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/jacksonholdingcompany.com\/zero-trust-inside-device-segmentation-for-branch-factory-and-campus-richard-darnielle\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/jacksonholdingcompany.com\/zero-trust-inside-device-segmentation-for-branch-factory-and-campus-richard-darnielle\/\"},\"author\":{\"name\":\"\",\"@id\":\"\"},\"headline\":\"Zero Trust Inside: Device Segmentation for Branch, Factory, and Campus Richard Darnielle\",\"datePublished\":\"2024-11-11T23:49:17+00:00\",\"dateModified\":\"2024-11-11T23:49:17+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/jacksonholdingcompany.com\/zero-trust-inside-device-segmentation-for-branch-factory-and-campus-richard-darnielle\/\"},\"wordCount\":2574,\"publisher\":{\"@id\":\"https:\/\/jacksonholdingcompany.com\/#organization\"},\"articleSection\":[\"Zenith: Zscaler\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/jacksonholdingcompany.com\/zero-trust-inside-device-segmentation-for-branch-factory-and-campus-richard-darnielle\/\",\"url\":\"https:\/\/jacksonholdingcompany.com\/zero-trust-inside-device-segmentation-for-branch-factory-and-campus-richard-darnielle\/\",\"name\":\"Zero Trust Inside: Device Segmentation for Branch, Factory, and Campus Richard Darnielle - JHC\",\"isPartOf\":{\"@id\":\"https:\/\/jacksonholdingcompany.com\/#website\"},\"datePublished\":\"2024-11-11T23:49:17+00:00\",\"dateModified\":\"2024-11-11T23:49:17+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/jacksonholdingcompany.com\/zero-trust-inside-device-segmentation-for-branch-factory-and-campus-richard-darnielle\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/jacksonholdingcompany.com\/zero-trust-inside-device-segmentation-for-branch-factory-and-campus-richard-darnielle\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/jacksonholdingcompany.com\/zero-trust-inside-device-segmentation-for-branch-factory-and-campus-richard-darnielle\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/jacksonholdingcompany.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Zero Trust Inside: Device Segmentation for Branch, Factory, and Campus Richard Darnielle\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/jacksonholdingcompany.com\/#website\",\"url\":\"https:\/\/jacksonholdingcompany.com\/\",\"name\":\"JHC\",\"description\":\"Your Business Is Our Business\",\"publisher\":{\"@id\":\"https:\/\/jacksonholdingcompany.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/jacksonholdingcompany.com\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/jacksonholdingcompany.com\/#organization\",\"name\":\"JHC\",\"url\":\"https:\/\/jacksonholdingcompany.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/jacksonholdingcompany.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/jacksonholdingcompany.com\/wp-content\/uploads\/2023\/07\/cropped-cropped-jHC-white-500-\u00d7-200-px-1-1.png\",\"contentUrl\":\"https:\/\/jacksonholdingcompany.com\/wp-content\/uploads\/2023\/07\/cropped-cropped-jHC-white-500-\u00d7-200-px-1-1.png\",\"width\":452,\"height\":149,\"caption\":\"JHC\"},\"image\":{\"@id\":\"https:\/\/jacksonholdingcompany.com\/#\/schema\/logo\/image\/\"}}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Zero Trust Inside: Device Segmentation for Branch, Factory, and Campus Richard Darnielle - JHC","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/jacksonholdingcompany.com\/zero-trust-inside-device-segmentation-for-branch-factory-and-campus-richard-darnielle\/","og_locale":"en_US","og_type":"article","og_title":"Zero Trust Inside: Device Segmentation for Branch, Factory, and Campus Richard Darnielle","og_description":"Legacy Network and Security ArchitecturesIn today\u2019s complex digital landscape, lateral […]","og_url":"https:\/\/jacksonholdingcompany.com\/zero-trust-inside-device-segmentation-for-branch-factory-and-campus-richard-darnielle\/","og_site_name":"JHC","article_published_time":"2024-11-11T23:49:17+00:00","twitter_card":"summary_large_image","twitter_misc":{"Est. reading time":"13 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/jacksonholdingcompany.com\/zero-trust-inside-device-segmentation-for-branch-factory-and-campus-richard-darnielle\/#article","isPartOf":{"@id":"https:\/\/jacksonholdingcompany.com\/zero-trust-inside-device-segmentation-for-branch-factory-and-campus-richard-darnielle\/"},"author":{"name":"","@id":""},"headline":"Zero Trust Inside: Device Segmentation for Branch, Factory, and Campus Richard Darnielle","datePublished":"2024-11-11T23:49:17+00:00","dateModified":"2024-11-11T23:49:17+00:00","mainEntityOfPage":{"@id":"https:\/\/jacksonholdingcompany.com\/zero-trust-inside-device-segmentation-for-branch-factory-and-campus-richard-darnielle\/"},"wordCount":2574,"publisher":{"@id":"https:\/\/jacksonholdingcompany.com\/#organization"},"articleSection":["Zenith: Zscaler"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/jacksonholdingcompany.com\/zero-trust-inside-device-segmentation-for-branch-factory-and-campus-richard-darnielle\/","url":"https:\/\/jacksonholdingcompany.com\/zero-trust-inside-device-segmentation-for-branch-factory-and-campus-richard-darnielle\/","name":"Zero Trust Inside: Device Segmentation for Branch, Factory, and Campus Richard Darnielle - JHC","isPartOf":{"@id":"https:\/\/jacksonholdingcompany.com\/#website"},"datePublished":"2024-11-11T23:49:17+00:00","dateModified":"2024-11-11T23:49:17+00:00","breadcrumb":{"@id":"https:\/\/jacksonholdingcompany.com\/zero-trust-inside-device-segmentation-for-branch-factory-and-campus-richard-darnielle\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/jacksonholdingcompany.com\/zero-trust-inside-device-segmentation-for-branch-factory-and-campus-richard-darnielle\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/jacksonholdingcompany.com\/zero-trust-inside-device-segmentation-for-branch-factory-and-campus-richard-darnielle\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/jacksonholdingcompany.com\/"},{"@type":"ListItem","position":2,"name":"Zero Trust Inside: Device Segmentation for Branch, Factory, and Campus Richard Darnielle"}]},{"@type":"WebSite","@id":"https:\/\/jacksonholdingcompany.com\/#website","url":"https:\/\/jacksonholdingcompany.com\/","name":"JHC","description":"Your Business Is Our Business","publisher":{"@id":"https:\/\/jacksonholdingcompany.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/jacksonholdingcompany.com\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/jacksonholdingcompany.com\/#organization","name":"JHC","url":"https:\/\/jacksonholdingcompany.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/jacksonholdingcompany.com\/#\/schema\/logo\/image\/","url":"https:\/\/jacksonholdingcompany.com\/wp-content\/uploads\/2023\/07\/cropped-cropped-jHC-white-500-\u00d7-200-px-1-1.png","contentUrl":"https:\/\/jacksonholdingcompany.com\/wp-content\/uploads\/2023\/07\/cropped-cropped-jHC-white-500-\u00d7-200-px-1-1.png","width":452,"height":149,"caption":"JHC"},"image":{"@id":"https:\/\/jacksonholdingcompany.com\/#\/schema\/logo\/image\/"}}]}},"_links":{"self":[{"href":"https:\/\/jacksonholdingcompany.com\/wp-json\/wp\/v2\/posts\/100128","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/jacksonholdingcompany.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/jacksonholdingcompany.com\/wp-json\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/jacksonholdingcompany.com\/wp-json\/wp\/v2\/comments?post=100128"}],"version-history":[{"count":0,"href":"https:\/\/jacksonholdingcompany.com\/wp-json\/wp\/v2\/posts\/100128\/revisions"}],"wp:attachment":[{"href":"https:\/\/jacksonholdingcompany.com\/wp-json\/wp\/v2\/media?parent=100128"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/jacksonholdingcompany.com\/wp-json\/wp\/v2\/categories?post=100128"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/jacksonholdingcompany.com\/wp-json\/wp\/v2\/tags?post=100128"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}