05-05-2021 12:40 AM
Hi All
We are embarking on a segmentation plan for our company and the goal was to limit lateral movement and to limit the impact of ransomeware/malware causing impact.
We are looking to do things like limit risky protocols between devices such as rdp / ssh / telnet / smb etc.
Does this sound feasible and the right approach based on our goals?
Where is everyone else starting on this journey and where would the best place to start be?
Many thanks
05-05-2021 03:05 AM
Segmentation depends on requirement and available tools . Macro or Micro depeneds on , New world with DNAC and ISE make it simple this matrix
some example :
https://community.cisco.com/t5/security-documents/segmentation-strategy/ta-p/3757424
05-05-2021 05:05 AM
Beyond what @balaji.bandi shared, take a peek at the following as well (specifically the 'Segmentation' section): Cisco ISE & NAC Resources - Cisco Community
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide