How Asimily Enables Smart Segmentation: Operationalizing Zero Trust Initiatives

Network segmentation remains a critical security control that reduces attack surface across all cyber assets and enables zero-trust architecture strategies. Part 1 of this series, “Why 80% of Segmentation Projects Fail to Operationalize,” outlined the key challenges that organizations face in implementing segmentation. While segmentation is operationally complex and networks are dynamic, organizations still rely on network access control (NAC) tools designed for static configurations. 

Asimily is purpose-built to close that gap. The platform transforms segmentation from a manual task into a continuous, intelligence-driven, risk-aware process while leveraging an organization’s existing tools. 

Asimily as the Intelligence Layer

Asimily functions as the central intelligence and orchestration layer for segmentation. It continuously builds and maintains a living model of the environment by ingesting data from various network and security tools. To ensure comprehensive visibility, Asimily gathers data to provide correlated insights by:

• Passively and, where appropriate, actively analyzing network traffic and devices to identify device parameters, baseline communications, flow data, and communication relationships 
• NetFlow or IPFIX data. 
• Ingest data from other sources like NetFlow, SFlow, vulnerability scanners, network management systems, EDR,s and others, where available, to augment the gathered data with device, vulnerability, and risk level information.
• Mapping CVEs, performing attack vector analysis, and detailed vulnerability prioritization to prioritize the most critical devices. 
• Create baselines of observed behaviour to discover deviations, compare with existing device profiles, and correlate against known, malicious IPs and domains using different threat intelligence sources (such as Cisco Talos) to discover anomalies and threats.
• Allow customers to further add rules to understand if there are any violations across devices in the network.
• Create snapshots of device configuration on the network and monitor against those snapshots to understand when the devices are deviating from their known good state and how.

By normalizing and continuously updating data from these various sources, automatically analyzing them and deriving Insights, Asimily allows organizations to create a source of truth for every device, including IT, Internet of Things (IoT), operational technology (OT), and Internet of Medical Things (IoMT), and see how things are changing. Capturing identity, behavior, risk, and communications dependencies enables organizations to base their segmentation decisions on how their networks actually operate.

Using Insights to Take Action: Automating Policy Generation 

By transforming data into actionable, least-privilege segmentation policies, organizations can use a “guided microsegmentation” process to create precise, effective, and operationally safe networks. With Asimily, this can be achieved in the following ways:

Targeted Segmentation

By combining vulnerabilities, device criticality, security capabilities, device configuration, threat intelligence, with Asimily-derived device data flows and Asimily research, organizations can use Asimily to identify where segmentation will have the greatest security impact. Since Asimily analyzes attack paths to determine which devices and connections meaningfully contribute to exposures, organizations can focus segmentation efforts on mitigating those attack vectors for true risk reduction.

Segmentation becomes a prioritized, outcome-driven strategy rather than a compliance check activity. 

Guided Policy Creation with Built-In Safety

Once the Asimily solution has generated the legitimate communication baselines and generates least-privileged segmentation policies aligned with real traffic patterns, organizations can use  Asimilys guided Segmentation policy capability to translate Asimily’s recommendations to their discretionary access control lists (DACLs) and security group ACLs (SGACLs), like those created with Cisco ISE. Network security tools enforce policies, authentication, and authorization. Asimily ensures they enforce the right policies.

Intelligent Orchestration and Enforcement

Once the administrator approves the policies, Asimily orchestrates segmentation enforcement through the network security tool by using APIs. By automating these activities, organizations ensure consistent policy deployment across the network while being able to adapt to changes like new devices, updated applications, and evolving communication patterns.

Segmentation that Works Today and in the Future

With Asimily, organizations can evolve network segmentation from a fragile configuration into an operational security capability. Asimily augments other network security tools with:

• Policies driven by risk and real behavior. 
• Safe, validated, and automated enforcement. 
• Segmentation that adapts along with the environment. 

These capabilities ensure that existing NAC investments deliver measurable value so that zero-trust architectures become enforceable in practice. 

While Asimily already enables organizations to implement network policies more effectively and with greater confidence, Asimily is working further to help organizations address common questions, such as:

1. Can we verify how the devices are behaving against the applied policies?
2. Are the policies currently present in the network security tool working as expected?
3. How do we ensure that new policies added do not conflict with current policies?

Ultimately, segmentation shouldn’t be considered a one-time project to complete – it’s a living security control that must continuously adapt to your environment’s reality. 

See how Asimily transforms segmentation from static configurations into dynamic, risk-driven protection – request a demo today.