You are viewing a free preview of this lesson.
Subscribe to unlock all 10 lessons in this course and every other course on LearningBro.
Traditional network security assumes that everything inside the perimeter is trusted. This assumption has proven catastrophically wrong. Network segmentation and Zero Trust architecture address this by dividing networks into controlled zones and verifying every access request, regardless of source.
A flat network has no internal boundaries — once an attacker gains access to any device, they can move freely to any other:
Flat Network:
┌─────────────────────────────────────────────┐
│ Server A ←──── Attacker ────→ Server B │
│ │ │
│ Database Server │
│ (no barriers) │
└─────────────────────────────────────────────┘
Lateral movement — the ability to move from one compromised system to another — is how attackers escalate from initial access to full compromise. Segmentation is the primary defence.
Network segmentation divides a network into smaller, isolated zones. Traffic between zones must pass through a security control point (firewall, router ACL, or policy engine).
Subscribe to continue reading
Get full access to this lesson and all 10 lessons in this course.